Posted: Thu Sep 21, 2006 21:23 Post subject: Answer: VPN is on different subnet. Broadcasting issue.
Hi all!
Since I'm a big fan of dd-wrt, I would like to make a small contribution. Keep ut the good work Brainslayer.
Assuming you have a working VPN connection to the PPTP server implemented in dd-wrt.
Issue: How to get broadcast IP belonging one subnet to additionally broadcast on an another subnet? The answer is routing.
For example, say you're hosting a multiplayer game like Warcraft 3 that utilieses the broadcast IP of the underlying subnetmask the host computer is running on. When you do a cmd -> ipconfig on the hosting computer, you'd most likely see that the subnetmask on your local area connection is 255.255.255.0. If you do the same on a client computer connected to the PPTP server, you'd see that the subnetmask of the VPN connection differs from the local area connection. Local area connection at subnetmask 255.255.255.0 and VPN connection at 255.255.255.255. This means that the VPN connection is on a different subnet.
So the PPTP server uses subnetmask 255.255.255.255 and your game is hosting on subnet 255.255.255.0. Because of this, the VPN connection will never receive the messages broadcasted from the broadcasting IP on the other subnet. Thats why the clients can't find the host on games that uses broadcast IP to announce their presents.
Let's say your router IP is 10.0.0.1. You have setup PPTP server to accept 10 VPN connections in the range of 10.0.0.50-59 (Use outside DHCP range!). In a subnet with subnetmask 255.255.255.0 you have a total of 254 IP-addresses available. (10.0.0.1 - 10.0.0.254). 255 is reserved for broadcasting on the respective subnet. Only difference is that as mentioned, the IP addresses that is reserved for the PPTP server are on a different subnetmask, thus another subnet.
Ok, how to get around this issue, the answer is pretty simple. The only thing you will have to do is to add a static route, under Basic Setup -> Advanced Routing.
In Dest. LAN IP: 10.0.0.1
Subnetmask : 255.255.255.255
Gateway : 0.0.0.0
Interface : LAN/WLAN
Now we have created a static route that routes a connection between those subnets.
What it basically does is routing all traffic on the subnet with subnetmask 255.255.255.255 to the subnet with subnetmask 255.255.255.0.
Now clients can see the host, and you're ready to play.
Hope this helps solve someones problem.
Frank T.
Last edited by deluxe79 on Fri Sep 22, 2006 16:26; edited 2 times in total
Router IP is 192.168.0.122 Subnet 255.255.255.0
DHCP 192.168.0.20-50 Subnet 255.255.255.0
VPN Client IPs 192.168.0.100-110 Subnet 255.255.255.255
My Routing Table is:
Code:
192.168.0.122 255.255.255.255 0.0.0.0 LAN & WLAN
217.0.116.88 255.255.255.255 0.0.0.0 ppp1
192.168.0.0 255.255.255.0 0.0.0.0 LAN & WLAN
169.254.0.0 255.255.0.0 0.0.0.0 LAN & WLAN
0.0.0.0 0.0.0.0 217.0.116.88 ppp1
But: I've no Device in a 169.254.0.0-net... And the ppp1 adress isn't showing my public IP adress... is this the remote IP adress?
I'm still not able to find Warcraft 3 Games over VPN as you mentioned in your post above. What IPs do I have to assign for "Destination LAN IP" in the "Advanced Routing" tab? Is this my Routers IP? The subnet is the one from VPN? Should I fill in something in "Gateway" or "Metric"? And the Operation Mode is still Gateway, I guess? Should I turn off Loopback (v24 RC5)? Or activate Routing? Other things important? Isnt it possible to just assign the remote VPN Clients a subnetmask matching with the one from the LAN (In my case 255.255.255.0)?... Would be much more simpler... I guess
Posted: Fri Nov 14, 2008 18:42 Post subject: UDP broadcasting over PPTP is not working
I flashed my linksys router with dd-wrt and setup the PPTP server exactly as described in the tutorial, as well as added the static route as specified here. Clients can connect to my VPN and pinging works all around. But Starcraft and Warcraft still do not advertise the games across the VPN.
Here is my routing table:
Routing Table Entry List
Destination LAN NET Subnet Mask Gateway Interface
192.168.2.1 255.255.255.255 0.0.0.0 LAN & WLAN
192.168.2.0 255.255.255.0 0.0.0.0 LAN & WLAN
24.10.171.0 255.255.255.0 0.0.0.0 WAN
169.254.0.0 255.255.0.0 0.0.0.0 LAN & WLAN
0.0.0.0 0.0.0.0 24.10.171.1 WAN
Routing, by definition, segments broadcast domains. Simple routing won't work here. I have gotten this to work using the pre-sp2 builds of DD-WRT. I am using a WRT54Gv4 with DD-WRT v24-sp2 (01/10/09) vpn. The secret here is bcrelay. In v24-sp1 pptpd was not compiled with bcrelay support.
You should not have to add any routes into the routing table for this to work as long as you have a dd-wrt firmware that supports bcrelay. You can tell if bcrelay is supported by simply typing bcrelay from a telnet/ssh session with your router. If it fusses at you it is not installed (if it doesn't fuss at you manually kill the second instance of bcrelay you probably just started). It is also a good idea to turn on ip forwarding with this command: "echo 1 > /proc/sys/net/ipv4/ip_forward". If you still can't get it to work, pm me or reply to post.
If anyone out there is trying to get netbios name shares to work, I am pretty sure you need a WINS server. If you have a big enough flash, you can install samba on your router. If not you can run a separate linux box with samba, and inject the pptp interface on the remote side with the address of the linux box for the wins server: "ms-wins #.#.#.#" in the options.pptpd file. If you are really desperate, you can install it in Windows XP with cygwin. Obviously if you are running Windows Server you can set this up pretty simply as well. Your local machines will also have to use this WINS server.
Routing, by definition, segments broadcast domains. Simple routing won't work here. I have gotten this to work using the pre-sp2 builds of DD-WRT. I am using a WRT54Gv4 with DD-WRT v24-sp2 (01/10/09) vpn. The secret here is bcrelay. In v24-sp1 pptpd was not compiled with bcrelay support.
Where do I download SP2? Or how can I get bcrelay working with DD-WRT? Quite exasperated because I need to set up a virtual network within a school network to play WC3.
Joined: 25 Feb 2009 Posts: 104 Location: Peoria Illinois
Posted: Tue Mar 10, 2009 17:20 Post subject:
Interesting.. I had tried a few months back to do something fimilar on extrenal networks.. Two Remote Locations, but being able to access each other with internal addresses.. 192.168.1.x would be able to access say a webserver at an Remote location by using 192.168.0.x I was able to get ping through the tunnel to the vpn server/list but I couldn't acces any other machines on the network.. broadcasts didn't work either as I wasn't able to play LAN games with the other network
I hope this isn't to far off topic, but I wonder if such a thing is possible with the dd-wrt firmware and if so, has anyone done it? _________________ 2x WRT54G2 v1
1x Asus WL-500w
To think, after all this time, all our chats together you still don't trust me. There's hope for you yet, doctor.
Where do I download SP2? Or how can I get bcrelay working with DD-WRT? Quite exasperated because I need to set up a virtual network within a school network to play WC3.
My apologies for the late reply. I am using the Jan 10 build of the v24 sp2 pre-release. You can get it here:
When you configure pptp there is a check box for bcrelay in the web gui.
@pock
When you create the VPN connection a route should be injected into the routing table that tells your router to go over the VPN to get to 192.168.0.x from 192.168.1.x (assuming your subnet masks are 255.255.255.0 at both sites). So even if you can't connect to a network share or a webserver using netbios or a remote private dns server you should be able to access those IP addresses.
You should be able to accomplish this without bcrelay, but then you would have to rely on DNS, IP addresses, or static entries to your hosts file. You also wouldn't be able to play most LAN games since they advertise available matches using broadcasts. Try unchecking this box on the advanced TCP/IP settings on the VPN connection you created (assuming you are using windows):
