Posted: Mon Aug 19, 2019 0:32 Post subject: DHCP Fowarding from VAP Guest Network
Ok, I am trying to set up a separate guest wireless network on my DD-WRT router. It’s acting as a Gateway router (not a WAP) but it is NOT doing DHCP. I have a DHCP server for that on my internal network. I seem to have gotten most of the way there. I set up a VAP with a guest SSID, created a new bridge (br1), gave br1 an IP address different from my internal network and moved the VAP interface, ath0.1 to the br1. I was mostly following the documentation for setting up Multiple WLANs. However, I deviated from setting up multiple dhcp and instead set DHCP Forwarding pointed at the DHCP server in my internal network. Everything looks ok. If I connect to the guest SSID with a static IP and DNS info, I can reach the internet but can’t reach the internal network...just how I want it. But DHCP doesn’t seem to work...at all. My understanding (which may be flawed) is that the DD-WRT router should see the DHCP Discovery packets from my client, forward them on to the DHCP server, and the DHCP server then recognizes the subnet it’s coming from (it is configured with a scope that covers the guest wireless IP space) and send DHCP into back to the DD-WRT router which forwards it on to the client. But that doesn’t seem to be happening at all. What am I missing?
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Mon Aug 19, 2019 0:37 Post subject:
Quote:
gave br1 an IP address different from my internal network
^ Different subnet or different IP in the same subnet? Anyway, you will have to use the dhcp server in dd-wrt, because I don't think it will forward dhcp to a vap from another dhcp server that is on the LAN. You might as well add it to the same bridge as your LAN if you want that to work AFAIK. Only other thing I can think of is some voodoo magical iptables or ebtables rules to pass packets across the AP/network isolation.
gave br1 an IP address different from my internal network
^ Different subnet or different IP in the same subnet? Anyway, you will have to use the dhcp server in dd-wrt, because I don't think it will forward dhcp to a vap from another dhcp server that is on the LAN. You might as well add it to the same bridge as your LAN if you want that to work AFAIK. Only other thing I can think of is some voodoo magical iptables or ebtables rules to pass packets across the AP/network isolation.
Different subnet. The internal network is 192.168.69.0/24 and i gave br1 the IP of 192.168.70.1/24. The DHCP server is in 192.168.69.0. I was thinking that giving br1 an IP would essentially make it a different interface on the router but maybe that is a mistaken assumption.
I would try having them on the same subnet first, but still no guarantee it will work. Definitely a mistaken assumption.
Having them on the same subnet defeats the purpose of a guest network . Meh, this was a “that would be neat” level project, but it doesn’t look like dd-wrt is going to be able to handle it so i think ill just let it be.
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Mon Aug 19, 2019 1:13 Post subject:
Well, I don't think you can have a single dhcp server serving out two different subnets over the same network link without a whole lot of tricky voodoo configuration, anyway.
Well, I don't think you can have a single dhcp server serving out two different subnets over the same network link without a whole lot of tricky voodoo configuration, anyway.
You can do it if the networking equipment supports it properly. Cisco switches and routers, for example, have DHCP relays that work this way. I was assuming dd-wrt’s dhcp forwarding was similar but i guess it isn’t. No biggie, i’ll stick with what i got now.
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Mon Aug 19, 2019 15:14 Post subject:
Per Yngve Berg wrote:
Have you enabled the forwarder?
Is there a way for it to act like a relay? Also, the version in DD-WRT is one version behind the last release. Big shocker.
EDIT: Answered my own question...
BrainSlayer wrote:
the lan network must be configured within the dhcp forwarding network. everything else will result in a invalid configuration. a router with 192.168.1.1/24 cannot provide ip's in other networks
Joined: 08 May 2018 Posts: 14246 Location: Texas, USA
Posted: Mon Aug 19, 2019 17:30 Post subject:
Per Yngve Berg wrote:
Setup->Basic Setup
Under Network Address Server Settings (DHCP), you set DHCP server or DHCP Forwarder and apply the IP of the DHCP Server.
MinisterOfPropaganda wrote:
However, I deviated from setting up multiple dhcp and instead set DHCP Forwarding pointed at the DHCP server in my internal network.
MinisterOfPropaganda wrote:
Different subnet. The internal network is 192.168.69.0/24 and i gave br1 the IP of 192.168.70.1/24. The DHCP server is in 192.168.69.0.
BrainSlayer wrote:
the lan network must be configured within the dhcp forwarding network. everything else will result in a invalid configuration. a router with 192.168.1.1/24 cannot provide ip's in other networks
I guess I must be stupid and can't read. Or something has changed since Brainslayer said that in another thread about dhcp forwarding.
. Meh, this was a “that would be neat” level project, but it doesn’t look like dd-wrt is going to be able to handle it so i think ill just let it be.