Posted: Fri Nov 10, 2006 20:05 Post subject: Which device for Multi-WAN?
Hello,
I am looking into getting a Linsys/Buffalo WRouter and flashing it with DD-WRT. I was intrigued by DD-WRT because it seems to have a pretty good support for QoS which I need for VoIP traffic here in the office.
What I was unable to clearly understand is whether or not DD-WRT supports multi-WAN (a.k.a. multiNAT, SNAT etc). We are leasing a small subnet of Public Addresses from our ISP and I would like to be able to configure them. We are talking about a single WAN interface, no problem, but will it handle full Multi-NAT configuration?
QoS and Multi-NAT options on the Netgear FVS338 Router we are currently using are a joke, plus the device is quite unstable, so I really look forward implementing this firmware and share my findings with this community.
Thank you in advance!
-Walter _________________ There are two types of people, those who do backups and those who have never had a HDD fail.
Joined: 08 Jun 2006 Posts: 27 Location: Diemen (NL)
Posted: Fri Nov 10, 2006 23:09 Post subject:
I think you can use ddwrt for your multi-wan. It depend how you want to have it working.
I have a /48 subnet from my provider, and forwarded the 6 usable ip adresses to my wrt which is 1:1 NATing them to internal ip-adresses.
If this is what you are looking for I will post the iptables commands how to do this.
I don't know about the best device. I have a wrt54g which is up for 60 days now without a problem.
Just avoid any of the WZR series router if you're looking for multi wan. Apparently the switch inside this series router does not support reasigning the ports.
Thanks Guido - this is exactly what I was looking for. Very thankful I stumbled upon this thread.
Question for you:
Is there any way to view a log of the changes that are active? I notice that the SSH terminal prompt gives no feedback after I enter the info. I have confirmed that it is working by successfully reaching a web server (port 80) on the secondary static IP from my DSL provider. So that's GREAT, but still would be nice to know what I have done or failed to do...
I tried IPTables -l, but did not see either of my static public IPs anywhere in that readout.
ALSO - how would I remove these options if some day I wanted to change or revoke the mappings? I'm particularly curious if I could set DMZ for testing and then revoke it at a later time...
Joined: 08 Jun 2006 Posts: 27 Location: Diemen (NL)
Posted: Thu Jun 21, 2007 13:18 Post subject:
drcomp wrote:
Is there any way to view a log of the changes that are active? I notice that the SSH terminal prompt gives no feedback after I enter the info. I have confirmed that it is working by successfully reaching a web server (port 80) on the secondary static IP from my DSL provider. So that's GREAT, but still would be nice to know what I have done or failed to do...
I tried IPTables -l, but did not see either of my static public IPs anywhere in that readout.
With iptables -L you can see the forwarded ports. But when the router doesn't return a failure mesage you may expect that it works. (ifconfig gives some information, but not what you want)
drcomp wrote:
ALSO - how would I remove these options if some day I wanted to change or revoke the mappings? I'm particularly curious if I could set DMZ for testing and then revoke it at a later time...
To remove the extra IP's just clear those commands from your startupscript and reboot the router.
For the port forwardings you have to copy the exact rule you entered, and replace "-I" or "-A" for "-D".
But it is also possible to remove those rules from your startupscript and reboot the router.
Is there any way to view a log of the changes that are active? I notice that the SSH terminal prompt gives no feedback after I enter the info. I have confirmed that it is working by successfully reaching a web server (port 80) on the secondary static IP from my DSL provider. So that's GREAT, but still would be nice to know what I have done or failed to do...
I tried IPTables -l, but did not see either of my static public IPs anywhere in that readout.
With iptables -L you can see the forwarded ports. But when the router doesn't return a failure mesage you may expect that it works. (ifconfig gives some information, but not what you want)
drcomp wrote:
ALSO - how would I remove these options if some day I wanted to change or revoke the mappings? I'm particularly curious if I could set DMZ for testing and then revoke it at a later time...
To remove the extra IP's just clear those commands from your startupscript and reboot the router.
For the port forwardings you have to copy the exact rule you entered, and replace "-I" or "-A" for "-D".
But it is also possible to remove those rules from your startupscript and reboot the router.
Good luck!
You really know your way in there... Bravo my friend! Is the coding in the shell similar to that of cisco routers? If so maybe I can practice with my router and gain some much needed experience.