[WiseGuy101]

Hi everyone,

Not 100% sure if this falls under the advance routing category, but it's advanced to me, I'd appreciate any help on the matter.
So I recently discovered this link regarding a dual wan fail-over for my cable and dsl modems.
http://www.dd-wrt.com/wiki/index.php/Dual_WAN_with_failover
I was able to get this up and running after some trial and error and some small changes to the failover.startup script. Anyways, everything was working great for a week or so, and then I decided to add two additional routers to the main router that had the fail-over scripts working on it. These are for two adjacent building hardwired with CAT5. So I have Router1 (main router with fail-over on the 10.50.0.0/16 network), Router2 (secondary router in adjacent building on the 10.51.0.0/16 network) and Router3 (another secondary router in an adjacent building on the 10.52.0.0/16 network). In order to get all three WRT54GLs communicating I connected the WAN ports on Router2 and Router3 to the LAN ports on Router1. I disabled the SPI Firewall on Router2 and Router3 and created static routes on both Router 2 and 3 back to 1, and also a route on both to each other. See my routing table below when connected to WAN1, the cable modem:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xx.xx.48.208 * 255.255.255.240 U 0 0 0 vlan1
192.168.1.0 * 255.255.255.0 U 0 0 0 vlan2
10.51.0.0 * 255.255.0.0 U 1 0 0 br0
10.50.0.0 * 255.255.0.0 U 0 0 0 br0
10.52.0.0 * 255.255.0.0 U 1 0 0 br0
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default xx-xx-48-222-pa 0.0.0.0 UG 0 0 0 vlan1


So all of this works fine until I switch over to WAN2, the DSL Modem. Then this is what my routing table looks like:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xx.xx.48.208 * 255.255.255.240 U 0 0 0 vlan1
192.168.1.0 * 255.255.255.0 U 0 0 0 vlan2
10.51.0.0 * 255.255.0.0 U 1 0 0 br0
10.50.0.0 * 255.255.0.0 U 0 0 0 br0
10.52.0.0 * 255.255.0.0 U 1 0 0 br0
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.1.254 0.0.0.0 UG 0 0 0 vlan2

Please not that I have added some "xx" to parts of the address to hide them from you.
So basically, I figure that since everything was fine before I added these static routes that they have to be the problem. Another big key to this is that when I am on WAN2 (the DSL modem), when I Telnet into the router, the router can ping an Internet Address, the only problem is that a client PC connected to the router can not get ping the Internet. So I know the WAN fail-over is still working in a sense, it is just that Router1 can not pass the data from a client PC out to the Internet. Also, all of this testing was performed while connected to Router1, not Router2 or 3, so that should help to isolate the problem additionally. Can anyone enlighten me as to what is wrong with my routing table here?

In case you cant read the formatting, I have added both tables in an attachments and my changes for the failover.startup script, which I must say is an improvement over the original.

Thanks

[tedm]

I think that there is some bug or problem in dd-wrt where when you change the router type from "gateway" to "router" it doesen't actually route, it still is in nat mode. I have run into a similar problem (although not involving the failover business) when attempting to use a dd-wrt router as a "real" router routing between subnets. if you search the forums you may find a thread where people are talking about this, apparently iptables is like stuck in NAT mode and even putting stuff in the firewall script doesen't shut off NAT. I doubt the problem is on router 1 it is probably on 2 or 3 so I doubt the failover thing has anything to do with it.