Networking complication

I’m in over my head with this wireless ethernet bridge thing. Story isn’t complete, but collecting my notes. There are further writeups of this question in forum posts I’ve made: on OpenWRT forums and on Ubiquiti forums.

The real problem is I don’t understand Linux networking any more. Ethernet address aliases are new to me, and I’m confusing routing and bridging, and my knowledge feels too outdated to diagnose this properly. Honestly if it hadn’t all Just Worked on my old Tomato box I’d never have believed this was possible.

I have three subnets:

  1. My home LAN, managed by my OpenWRT box, running 192.168.0.1/24.
  2. My ISP’s network, managed by their gear, running at 10.33.1.1/24.
  3. My management IP addresses for the Ubiquiti wireless bridge, mostly invisible, but running at 192.168.1.110/24 and 192.168.1.111/24.

The challenge is getting my OpenWRT router to be able to talk to the boxes at 192.168.1.*. With Tomato I just added a static route and all was done. I tried that with OpenWRT and no luck.

A lightbulb went off thanks to an answer on the Ubiquiti forums. The WAN port on my OpenWRT boxes now has two addresses: 10.33.1.50/24, assigned by the ISP via DHCP. And also 192.168.1.1/24, assigned manually by me to talk to the Ubiquiti gear. I managed to make that actually work by manually running “ip addr add 192.168.1.1/24 dev eth0”. And now I can talk to the Ubiquiti boxes!

BTW, this whole “ip addr” thing is new to me. In my day we used ifconfig and every interface had one address, thankyouverymuch. Kids these days with their multihoming and aliases and VLAN tagging and stuff. Just don’t understand it.

Update: I added this IP address alias permanently to the routers config by following these docs, which led me to add this block at the end of /etc/config/network

config interface 'ubiqnet'
    option 'ifname' 'eth0'
    option 'proto' 'static'
    option 'ipaddr' '192.168.1.1'
    option 'netmask' '255.255.255.0'

Those same docs have a worrying warning “On openwrt 12.09, a lan interface that is first defined as dhcp interface and then has aliases with static ip address could cause problems in routing the lan traffic through the wan zone”. I think that’s exactly what I’m doing but I’m running 15.05; maybe it’s no longer a problem?

4 thoughts on “Networking complication

  1. I have a few ideas for you:

    1. Maybe your firewall or dhcp settings produce a conflict in your zone(s)
    2. Are your secondery routers configured as “dumb” switches? So only your main router is handling dhcp, routing, firewall etc.?
    3. Tryed to work with a different ip pool for every switch/router? (for example: fixed ip 192.168.2.1 for router nr.2, 192.168.3.1 on nr.3 and so on). Just use a pool outside the one used by your dhcp. After this, you should find your routers on your network. If the “managed switches” need internet and dont get it, a route from your main router should be enough. This one should work, i used a similar configuration at some friends home to expend their network without using ethernet cable.

    Sorry for my bad english, i hope you understand what i mean….

  2. ‘Client isolation’ is off on the Ubiquiti bridge right? Is there a way to reduce this down to just two subnets? And/or I wonder if the Ubiquitis might be able to do DHCP and then use the TP-Link/Asus in bridge mode.

    1. To be clear, still use the Ubiquitis as P2P bridges but have them also do DHCP (If this is possible with AirOS) and then have the TP-Link/Asus in bridge mode at the final node.

      1. Yeah, that configuration would work, but then it would have me using the ISP’s NAT/DCHP device for more stuff. I prefer to use it for as little as possible. This setup I have now is working so I’m done tinkering, but I’m realizing how little I understand this stuff now. Thanks for the suggestions!

Comments are closed.