Posted: Fri Sep 25, 2020 2:16 Post subject: Bridging 2 subnets behind same DD-WRT
I have been racking my head how to do this with new DDWRT - worked find on my old linksys boxes 10 years ago...
I have upgraded my home router - like it or hate it - I have the Netgear R8000 Nighthawk. I managed to finally get DDWRT installed. Currently on v3.0-r44406 std
At home I have ATT Fiber --> ATT Modem (192.168.1.x DHCP) ---> multiple home devices and then to my office ---> DD-WRT (r8000) with 2 sets of devices behind it. I want to use 10.0.0.x subnet range under the DDWRT managed dhcp range but I have several servers I am playing with I want on 10.0.1.x subnet for playing with a bunch of servers I got really cheap... setting up a proxmox cluster at home and having some fun..
These work just fine on the 10.0.0.x subnet using dhcp but I want to put them on 10.0.1.1-255 for my own learning.
I have DDWRT(r8000) WAN port connect to the ATT side. I have personal computers and office equipment happy in dhcp on 10.0.0.2-255 range.
I have a switch connected on port 2 of router - connected to several servers (4 right now but I have 40 more).
I want all the servers to be static at 10.0.1.1-40 for easy addressing long term.
What do I need to do to DDWRT settings to let 10.0.0.x subnet talk to 10.0.1.x subnet?
Joined: 18 Mar 2014 Posts: 12882 Location: Netherlands
Posted: Fri Sep 25, 2020 6:32 Post subject:
Welcome to the forum
To get the best possible support follow the forum guide lines, link in my signature at the bottom of this post.
The forum guide lines tell you what information you need to post and in what forums to post to get the best possible support (and other very useful information).
So as I understand it, you have the R8000 daisy-chained to the primary router (WAN to LAN, respectively), and now want to establish a second local network behind the R8000.
I *assume* you mean both wired and wireless. This would require establishing a new bridge (e.g., br1), perhaps a VAP (if you were NOT willing to move either the 2.4GHz or 5GHz radio from the default bridge (br0) to the new bridge), creating a new VLAN (e.g., vlan3) and moving one or more ports from the default VLAN to the new VLAN, then adding the AP/VAP and new VLAN to the new bridge. Finally configuring the new bridge w/ DHCP, DNS, etc.
Problem is, VLANs are hardware dependent, and as such, should be asked in the appropriate hardware forum for your router's chipset (in this case, Broadcom) since only the folks there know enough to configure VLANs properly (can't be done using the GUI, only the CLI).
That said, another option is to use FreshTomato, which has the advantage of being able to configure all of this in the GUI. I just helped another dd-wrt user accomplish the same thing, only it was an ASUS RT-N12D1. But the process is identical, and relatively easy, at least when using tomato. It's dd-wrt that makes it difficult.
So as I understand it, you have the R8000 daisy-chained to the primary router (WAN to LAN, respectively), and now want to establish a second local network behind the R8000.
Correct
eibgrad wrote:
I *assume* you mean both wired and wireless. This would require establishing a new bridge (e.g., br1), perhaps a VAP (if you were NOT willing to move either the 2.4GHz or 5GHz radio from the default bridge (br0) to the new bridge), creating a new VLAN (e.g., vlan3) and moving one or more ports from the default VLAN to the new VLAN, then adding the AP/VAP and new VLAN to the new bridge. Finally configuring the new bridge w/ DHCP, DNS, etc.
No - I am connecting office pc and printer and such on the LAN port 1 and each receives IP via dhcp in the range the DDWRT router is set for - 10.0.0.100+ so I am getting for instance 10.0.0.20 for the pc and the printer pulls 10.0.0.21 but these change from time to time... I can see and talk to anything over the 10.0.0.x subnet as expected.
I have my proxmox stack of servers to play with on my desk for fun - and I would like them on a separate subnet. These are connected by a gigE switch connected PHYSICALLY to port 2 for instance on the r8000 DDWRT enabled device.
I want them on 10.0.1.1-40 static to correspond to the node number in the stack I assign manually.
I have played with a dozen settings and still cannot get the computers on 10.0.0.x range to see or talk to any on the 10.0.1.x sub.
I assume 10.0.0.x is actually 10.0.0.0/24 and 10.0.1.x is actually 10.0.1.0/24. And if so, each is its own unique network. And by definition, needs to have its own VLAN. And then you would route between them. But it sounds like you're trying to somehow have these two different networks be distinguishable while part of the *same* VLAN, which makes no sense. The only way they could be part of the same VLAN is if each was actually a part of the same network (e.g., 10.0.0.0/16). Then they would be bridged, and there would be no reason they couldn't communicate.
I assume 10.0.0.x is actually 10.0.0.0/24 and 10.0.1.x is actually 10.0.1.0/24. And if so, each is its own unique network. And by definition, needs to have its own VLAN. And then you would route between them. But it sounds like you're trying to somehow have these two different networks be distinguishable while part of the *same* VLAN, which makes no sense. The only way they could be part of the same VLAN is if each was actually a part of the same network (e.g., 10.0.0.0/16). Then they would be bridged, and there would be no reason they couldn't communicate.
I'm getting the impression you've configured something offbeat there when it comes to these networks, making it difficult for me to understand. You're going to have to do a better job of explaining exactly what you did to configure these networks.
Brother - typical engineer - overthinking it...
I want to simply use the address space for the subnet 10.0.1.0-255 as static I manually assign, and the 10.0.0.1-255 space subnet for my dhcp devices. I want both vlans to see each other and route appropriately between static devices on 10.0.1.1 thu 10.0.1.40 and the devices connected on dhcp served up by DDWRT also with the defined range 10.0.0.1-255 --> so yes /16 space is what I am looking for wherein I let ddwrt assign 10.0.0.1 (local assigned to ddwrt device) 10.0.0.1-255 on dhcp (I have it currently starting at 100) and let those devices look and see everything all 40 devices I static assign from 10.0.1.1 thru 10.0.0.40
When I set subnet mask to 255.255.0.0 or 255.255.255.0 and play with vlan and bridge settings I cannot seem to get them to see eachother behind the ddwrt device. Again - no dmz, no port forwarding issues, stock ddwrt installed a few days ago to the r8000. LAN1 I is connected to my switch with pc and other things I dont care are dhcp assigned ip... my 40 servers (4 right now on my desk) I want on the 10.10.1.1 thru 40 so technically it could be 255.255.254.0 but I want ability to add more stacks... so stack one would be 10.10.1.x and stack two 10.10.2.x
clear as mud? and thanks for the help... just trying to sort this so I can have these servers on static but not under the dhcp range or above it in that x/24 space...
Joined: 18 Mar 2014 Posts: 12882 Location: Netherlands
Posted: Sun Sep 27, 2020 10:30 Post subject:
Either use one large subnet (/16) and then you do not need to "play with vlan and bridge settings" as you have one subnet, or create different subnets and then you have to use VLAN's https://wiki.dd-wrt.com/wiki/index.php/Switched_Ports
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Tue Dec 15, 2020 16:27 Post subject:
MuzzleVelocity wrote:
eibgrad wrote:
to configure VLANs properly (can't be done using the GUI, only the CLI).
are you sure that's still an accurate statement?
i just configured vlans strictly from the GUI on a router running v3.0-r40559 from august 2019 and it worked...
The GUI's VLAN page is for routers (mostly or all old ones... not sure) with Broadcom hardware. Routers with Atheros hardware end up needing swconfig and related commands in Startup instead. (A link detailing it for the modern Linksys WRTblah routers is in my signature below.) _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Tue Dec 15, 2020 19:43 Post subject:
blkt wrote:
That signature link is specifically for Marvell WRT hardware.
For example, if you need help with R9000 vlan search specifically for that model in Atheros subforum.
Exactly! It was meant to be only an example. To get the specifics right, you have to search out a discussion that applies to your particular hardware. Sorry about being vague. (Like my mind sometimes. What?) _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
