From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 2FB8121F31F for ; Wed, 13 May 2015 07:49:34 -0700 (PDT) Received: by oiko83 with SMTP id o83so32980432oik.1 for ; Wed, 13 May 2015 07:49:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=i3MXyUhLXuSXhSkjh1rGl/Umulr9XALp9oo8MU6cFW0=; b=rOMRWmk1s8mt+610H1zV4ITvWEXVhwVPYXlOQXiQFlWv5evtqXtCxyZnCjGEABku+Z zxPEFrAAJCddE0LYtbzMmBT0i9UzCjQjlki37/Lv1Vuy0uJOBWu3hN8ANTTYH0R6q1p+ 2Jhc2OO09FfH7yOKx5mHjJNlslRFiUicTjLkazLuLXoyV0qVMrHlY1S3YdyxlTMa5wcN 0HNAFD/i45pQhU6hnYIgrkSWVlTFFUsV0ENUSCwaAWBWTQY8walmH43npedH1npwPZfi eqNyM93GLaJ0W5tKB1ZivWBdyZsSFCqeI2pLr916SvBZleP3ukZGytICGljZGnVFbK4K fwEg== MIME-Version: 1.0 X-Received: by 10.60.147.194 with SMTP id tm2mr16397380oeb.75.1431528564651; Wed, 13 May 2015 07:49:24 -0700 (PDT) Received: by 10.202.71.139 with HTTP; Wed, 13 May 2015 07:49:24 -0700 (PDT) In-Reply-To: References: <5553062B.1090204@gmail.com> Date: Wed, 13 May 2015 07:49:24 -0700 Message-ID: From: Dave Taht To: Rich Brown Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: cerowrt-devel Subject: Re: [Cerowrt-devel] Replacing CeroWrt with OpenWrt - Routing X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 May 2015 14:50:10 -0000 On Wed, May 13, 2015 at 6:36 AM, Rich Brown wrote= : > I was close. I had the proper subnetting (CeroWrt router different from t= he OpenWrt...). I had tried turning off NAT, and accepting forwarded packet= s in the ge00 firewall, but that wasn't enough. > > Alan was right. The missing piece was: > - set a static IP for ge00 on CeroWrt (secondary router) > - add static routes in the OpenWrt (primary) router for the CeroW= rt subnet(s) using that static IP for ge00 What I typically do was simpler for ethernet connectivity. kill the firewall on the sub router (ACCEPT 3 times) renumber the sub router use dhcp on the sub router's wan interface. Turn off fetching the default route. (option defaultroute '0') Enable babel on all interfaces (including wan) on the sub router enable babel on the main router. done. No need for static routes. can do same for wifi either adhoc or as a wifi client > One other setting needed a tweak. I was not able to access the CeroWrt we= b GUI when connected to the OpenWrt (primary) router's wifi. I needed to tu= rn off the 'blockconfig' rule in the Network -> Firewall -> TrafficRules to= allow configuration traffic in through the "wan" link that connects the se= condary router to the primary. > > Thanks all! > > Rich > > PS My next quest is subnetting/routing in OpenWrt instead of bridging eve= rything on the LAN side... > > On May 13, 2015, at 4:07 AM, Alan Jenkins wrote: > >> On 13/05/15 02:19, Rich Brown wrote: >>> I am working to restore the functionality of my CeroWrt 3.10.50-1 >>> router with an OpenWrt BB image. >>> >>> Things are going pretty well, but I have run into a problem. In the >>> past, I frequently used two CeroWrt routers at my home: one was my >>> primary, and connected via PPPoE to my DSL link; the other was the >>> secondary, and used DHCP on ge00 to get an address from the LAN side >>> of the primary router. >>> >>> My memory is that everything worked fine - I could connect to either >>> router's wifi, and get to things that were on the other router's >>> Wifi. (Bonjour/mDNS naming for example). >>> >>> With OpenWrt as my primary router and CeroWrt as the secondary, I am >>> able to connect to the CeroWrt wifi and get anywhere - either the >>> OpenWrt subnets or to the Internet. >>> >>> But connecting to the OpenWrt wifi, I cannot ping or telnet to any >>> addresses on the CeroWrt... What am I missing? (This is probably not >>> a deep question: I really don't understand linux routing >>> configuration...) >> >> I can start with really basic :). >> >> AIUI CeroWrt can do this using the babel mesh routing daemon. That migh= t be what you had working. >> >> I don't know routing daemons, but I'm quite familiar with static routing= , so in your shoes that's probably what I'd attempt first. It at least giv= es you an idea what's going on at the IP level. This would require... as a= vague checklist, and being unhelpfully vague about wireless... >> >> Second router: >> >> 1) Make sure the LAN subnet (and IP address) doesn't conflict with the f= irst. I think CeroWrt already uses different addresses to OpenWrt. But for= this example I use 192.168.16.0, netmask 255.255.255.0, and 192.168.16.1. >> >> Wiki explanation of netmask: >> https://en.wikipedia.org/wiki/Subnetwork#Determining_the_network_prefix >> >> >> 2) a) Configure it with a WAN IP address that belongs to the first LAN. = Usually a static address, which is outside the DHCP pool. Keep a note of = all the static addresses you configure, to avoid conflicts. b) Set default= route to the first router. OR make it a DHCP client which picks up the ad= dress and default route automatically. >> >> You seem to have this part working, or CeroWrt wouldn't access the inter= net. >> >> >> 3) First router: set a static route for the subnet belonging to LAN2, wh= ich points at the LAN1 IP address of the second router. >> >> You don't have this bit. >> >> To add a separate routed wireless network on the second AP (as opposed t= o a more seamless one which allows roaming between the two APs): try config= uring the wireless subnet adjacent to the wired one & use a single aggregat= ed route for simplicity. >> >> wireless lan: 192.168.17.0, 255.255.255.0 >> >> aggregated route for wlan + lan: 192.168.16.0/23, i.e. netmask 255.255.2= 54.0 >> >> It could be extended to guest wireless as well. Widen the route by anot= her bit, and don't worry if you're not actually using the fourth subnet (19= 2.168.19.0/24) >> >> >> 4) *** Make sure NAT is disabled on the second router. *** >> >> I think you have NAT enabled on CeroWrt, because otherwise, without doin= g part 3), computers on CeroWrt network wouldn't get any packets _back_ fro= m the internet. >> >> >> 5) Configure the firewall on the second router to accept all packets fro= m the WAN interface / unknown networks. You rely on the first router to do= that instead. >> >> >> Alan > > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel --=20 Dave T=C3=A4ht Open Networking needs **Open Source Hardware** https://plus.google.com/u/0/+EricRaymond/posts/JqxCe2pFr67