Replace OpenVPN TAP with WireGuard & 3378 tunnel

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
joecoolio
DD-WRT Novice


Joined: 03 Aug 2020
Posts: 13

PostPosted: Wed Oct 06, 2021 15:51    Post subject: Replace OpenVPN TAP with WireGuard & 3378 tunnel Reply with quote
I am trying to switch from OpenVPN to WireGuard for my links between two networks. I have a normal WireGuard tunnel setup between the main dd-wrt routers on these two networks and it works fine.
Code:
[home_router] <--wg--> [remote_router]
  10.1.1.20                   10.10.10.1


This gives me:

Code:
  [home]    <--wg-->   [remote]
10.1.1.0/24             10.10.10.0/24



Then, I have a 2nd router on the remote network setup as a client over wifi:

Code:
 [router]   <--wifi-->  [remote2]
10.10.10.1                10.10.98.1


This router currently has a TAP bridge setup over OpenVPN back to the [home] server. Then, he's setup to give out a non-overlapping set of IPs (.50-.60) After bridging, that ends up looking like this:

Code:
 [home]    <--tap-->  [remote2]  <--eth0-->   [client]
10.1.1.20                 10.1.1.30                   10.10.1.50


On the [remote2] router, all of the wired connections are on the 10.1.1.0/24 network and broadcast works which is what I need.

Now to my question that I need some advice on - can I replace OpenVPN with WG/3378?. I think I can setup a RFC3378 tunnel piped through the WireGuard tunnel and achieve the same thing. I think it would look like this:

Server:
* Tunnel: oet2
* Type: RFC3378
* Local: 10.4.0.1 <- wireguard address
* Remote: 10.10.98.1
* Bridging: enabled

Remote2:
* Tunnel: oet2
* Type: RFC3378
* Local: ???? <- I don't know what goes there
* Remote: 10.1.1.20
* Bridging: enabled

Would this even work to get an equivalent to a TAP bridge and meet my "clients are on the same subnet as home and broadcast works" goal? Am I completely off base?
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Wed Oct 06, 2021 16:14    Post subject: Reply with quote
I have never done it myself but there is a paragraph about it in the WG documentation.

See link in my signature (it is a sticky in this forum) you need the Advanced setup guide.

But the Server setup guide might also come handy to check if your site-to-site setup is according to specs Smile

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
joecoolio
DD-WRT Novice


Joined: 03 Aug 2020
Posts: 13

PostPosted: Wed Oct 06, 2021 16:20    Post subject: Reply with quote
Yeah, I have the advanced setup instructions in front of me. However, that appears to be the bridge on the same 2 machines where the WG client & server live. I think I'll just try it and see what happens Smile
oddwrt
DD-WRT Novice


Joined: 10 Jan 2022
Posts: 1

PostPosted: Wed May 25, 2022 22:06    Post subject: Reply with quote
hey @joecoolio...did you get this working? I'm trying to create a broadcast bridge using RFC3378 tunnel over Wireguard and am almost (but not quite) there.

I've got the Wireguard and RFC3378 tunnels working and the routing between remote subnets works fine. (Thanks @egc!! Your guides made this possible!)

I've also got Avahi reflection enabled and can find devices on the other subnets.

However my project requires all devices on both sides be in a broadcast domain so that is my last challenge.

If you did (or didn't get it working) I'd love to know.

Thanks

Using 2 XR500s running r48886
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum