Wireless Bridge

From DD-WRT Wiki

Revision as of 13:30, 20 August 2006 by Fatelvis (Talk | contribs)
Jump to: navigation, search

Contents

Introduction

Wireless Bridging is used to connect 2 LAN segments via a wireless link. The 2 segments will be in the same subnet and looks like 2 ethernet switches connected by a cable, to all computers on the subnet. Since the computers are on the same subnet, broadcasts will reach all machines allowing DHCP clients in one segment to get their addresses from a DHCP server in a different segment. You could use a Wireless Bridge to transparently connect computer(s) in one room to computer(s) in a different room when you could not, or did not want to run an ethernet cable between the rooms. Contrast this with Client Mode Wireless, where the local wireless device running DD-WRT connects to the remote router as a client, creating 2 separate subnets. Since the computers within the different subnets cannot see each other directly, this requires the enabling of NAT between the wireless and the wired ports, and setting up port forwarding for the computers behind the local wireless device. Segments connected via Client Mode Wireless cannot share a DHCP server.

In the case in which we are interested, a wireless device running DD-WRT such as a WRT54G is configured as a Wireless Bridge between a remote wireless router (of any make/brand) and the ethernet ports on the WRT54G.


Instructions

(Editorial Note: These instructions are incomplete and misleading. Please see A Practical Example further down this page for a better working, better documented procedure.)

A very simple step-by-step description to connect a WRT54G running DD-WRTV23:

To enable Brige-Mode between 2 WRT54G, one WRT54G has to be in AP-Mode in Wireless/Basic Setup. The other one is joining the first WRT54G as "Client-Bridged"

1. Add WAN MAC-Address of WRT54G to your mac filter list on your base station. (This ASSUMES you ARE using Wireless MAC Address Filtering on your base station! If you are NOT using, skip this step!)

2. Connect to your non-base-station WRT54G (normally 192.168.1.1) by wire which should act as client bridge.

3. Enable Wireless Security (in Wireless/Wireless Security) as used, eg. WEP and configure it as used in your local network.

4. In Wireless/Basic Settings choose "Client-Bridged" as Wireless Mode and set SSID, Wireless channel and Network Mode can be set to same values as your Base Station, normally Auto / Mixed.

Thats all. On next wired connect to your wrt54g you should get an IP Adress from your network.

If you want to configure your new wrt54g bridge again, set a static ip adress of 192.168.1.x network to your client and you can reach the wrt54g as 192.168.1.1. by wire.

Important: If you want to use WPA encryption on your client bridge, make sure your key is no longer than 63 characters even if you are using a HEX key. (Not sure if this is a bug or not 05/08/2006)

A Practical Example

I personally found all of these instructions confusing, so I've compiled an exact list of what I did to get the "Client Bridge" working with the "V23 SP1" version of the firmware.

My motivation: I wanted to get my XBox online (and on-LAN) from another room - without running Ethernet to it. WDS was out of the question unfortunatly because one of my routers was a late-model WRT54G and as such is not easily modifiable. I had an extra WRT54G lying around that could run DD-WRT. Alternatively I could have bought a proper Linksys or Microsoft solution to connect the XBox to the existing WiFi - but what's the fun in that?

My network is as such:

  • Primary Router (Internet Connection): WRT54G V5 - Stock Linksys Firmware - 192.168.1.1
  • Secondary Router (For the Bridge): WRT54G V3 - DD-WRT V23 SP1 Firmware - 192.168.1.1 - which I changed to 192.18.1.2 in my setup

(I'm guessing that the Primary Router could be any make and model of wireless router as we're not doing anything to it!)

My Primary Router has 128bit WEP Encryption enabled. It does NOT have Wireless MAC Address Filtering enabled. We will assume you want your Secondary Router to become 192.168.1.2.

I have my Secondary Router in another room - connected only to my laptop via an Enternet cable to Port 1. The laptop has an IP from the Secondary Router's DHCP to begin with. Neither the laptop nor the Secondary Router are connected to anything but each other. I will be doing all of my setup from this laptop. If you have problems with DHCP or losing your IP address in the midst of these instructions, you may need to statically assign an IP to your Ethernet card. (I was running Knoppix Linux on the laptop and I didn't have to do that, but YMMV!)

My Setup

  1. Log into the Secondary Router. (We will only be altering the Secondary Router!)
  2. Administration Tab - Factory Defaults Subtab
    1. Restore Factory Defaults: Yes
    2. Click "Save Settings" - triggers reboot.
    3. Router's IP will now be 192.168.1.1 if it wasn't already.
      This was a very important step - I have run this process 3 times now as a trial, and the instructions are written assuming you have a "clean" router.
  3. Setup Tab - Basic Setup Subtab
    1. Connection Type: Disable
    2. STP: Disable
    3. Local IP: 192.168.1.2 (it was initially 192.168.1.1)
    4. Assign WAN Port To Switch: Checked
    5. DHCP Server: Disable
    6. Click "Save Settings" - triggers reboot.
      I had an error along the lines of "Can't connect to 192.168.1.1" - This is because it's now 192.168.1.2 - so connect to the new IP address.
  4. Security Tab - Firewall Subtab
    1. SPI Firewall: Disable
    2. Click "Save Settings"
  5. Wireless Tab - Basic Settings Subtab
    1. Wireless Mode: Client Bridge
    2. Wireless Network Name (SSID): Match your primary router.
    3. Wireless Channel: Match your primary router.
    4. Wireless SSID Broadcast: Disable
    5. Click "Save Settings"
  6. Wireless Tab - Wireless Security Subtab
    1. Security Mode: WEP (I have not tried anything but 128bit WEP!)
    2. Encryption: Match your primary router.
    3. Key 1: Match your primary router.
    4. Click "Save Settings"
  7. Wireless Tab - Advanced Settings Subtab
    1. Authentication Type: Shared Key
    2. Click "Save Settings"
      This seems like a VERY important step - it DID NOT work until I did this!
  8. Status Tab - Wireless Subtab
    1. Access Point table should show the MAC address of your Primary Router, along with signal strength. At this point it was working 100% for me.
      If that worked, then:
  9. Administration Tab - Backup Subtab
    1. Click "Backup"
      (SAVE this config before doing anything else to your router, just in case!)

I've done this procedure 3 times to test it - and I've reset the router to Factory Defaults every time. It may not be the optimal way of accomplishing the task - but it did work for me and I was able to repeat it with the same results each time!

Accessing Both Routers?

With this setup, I have full access to both routers - which runs contrary to a lot of the notes concerning Client Bridge mode. One router is http://192.168.1.1 - and the other is http://192.168.1.2 - and I can access both from either side of the bridge. There is no need to change any settings or IP addresses or the like with this setup in order to do so!

Unmatched Routers?

If you don't have a matched pair of routers like I did, I would recommend changing step 3.3 from 192.168.1.2 to an unused IP that matches your Primary Router. For example, if your primary router was set to 10.0.0.1, set this to 10.0.0.2 (assuming 10.0.0.2 is not already in use!). This way everything should be on the same subnet with unique IP addresses - and both routers should be accessible for configuration from anywhere on your network.

V23 Firmware

In the V23 firmware, you can set up the bridge from the Wireless->Wireless Mode menu. Just select "Client Bridged". This will automatically turn off DHCP. Note that only the Network Mode (b/g) and SSID settings are used in Client Bridged mode.

See notes on a 2.3 attempt at Client Bridged with a Belkin A/G AP in Bridge Install

I am also linking these in Client Bridged

New to Client Bridging?

Here's some extra information about client bridging and some, perhaps unexpected, side effects. (If you're a wireless networking wizard, you'll know this already.)

When you've switched to Client Bridge mode you won't be accessing the remote AP until your IP changes unless your box and the remote network are on the same subnet. For example, say you have:

linksys box IP:         192.168.1.1
your computer:          192.168.1.100
remote network gateway: 10.0.0.1

Once you've made the configuration changes in your router, you'll need to get a new address to access the remote network. A simple way to do this with most computers is to unplug the network cable, count to 10, and plug it in again. When the cable is plugged in again, it will get a new lease, but this time from the remote computer. For example, it will get an address in the 10.0.0.x range, e.g. 10.0.0.100. Now you'll be able to use the internet over the wireless link as you expect.

However, you won't be able to access your Linksys to administer it. The solution is to turn off DHCP and use a static IP (e.g. 192.168.1.99), or, alternatively, assign an address for your Linksys from the remote subnet (e.g. 10.0.0.2). Be careful, however, not to pick an address already in use.

(Editorial Note: According to the introduction, "Wireless Bridging is used to connect 2 LAN segments via a wireless link. The 2 segments will be in the same subnet and looks like 2 ethernet switches connected by a cable, to all computers on the subnet." From this info we can gather that you should be assigning an unused, unique IP address to your bridge router from your remote subnet - otherwise your bridging router will become unaccessable - and that's not optimal! Please see A Practical Example for a fully documented example of making this work.)

Future

This page should eventually contain the information in the link above with the original link sited, along with any DD-WRT specific updates to the instructions.

External References

Wireless Bridging Forum Post by kkennedy070790