LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Running Second Router in Router Mode: DD-WRT (https://www.linuxquestions.org/questions/linux-networking-3/running-second-router-in-router-mode-dd-wrt-4175627289/)

des_a 04-14-2018 02:32 PM

Hopefully this will help too:

https://www.linuxquestions.org/quest...-design-37719/

des_a 04-14-2018 04:48 PM

I just read my original question again. Looks like where I restated it, was better. I just didn't know the terminology to explain what I was trying to do, until more troubleshooting.

I'll try to do better next time.

des_a 04-14-2018 09:20 PM

Now, I get to go home, and try things. I will restore my router, if need be, and then try the routing table again.

des_a 04-14-2018 11:19 PM

OK. I'm home. Internet restored, and basic network functions restored. Unfortunately, because of the lack of the routing table entry, nothing will work yet.

I don't have permission to connect to the router from the LAN side, so what I'm doing is using my mobile hotspot on my phone to connect to Internet. Then, I can get to it from the WAN side.

Now, I read the information about routing tables closely, and try to put in the "right" entry. Then, I plug things back into their proper spots, and I try it from the LAN side.

des_a 04-15-2018 01:40 AM

Done playing around now, with my new knowledge. OK. Here's what I found:

It's still impossible for me for now to get what I was trying to do in router mode done, in router mode. The reason for trying so hard, was that the DD-WRT docs (and sometimes other docs), says that if you have more than one router on the network, you should try for router mode, instead of gateway mode for your router. As I thought, enabling router mode, disables NAT. However, that seems to lead to issues in itself.

I'd added the static route and everything, and got everything working, except for Internet. It seems, that what I'd have had to do, to get Internet working, is to put everything from every routing table on the Internet, in my little router, or something like that. That's the impression I got.

HOWEVER, I did, get to figure out what I was trying to do with router mode in gateway mode, which unless someone has more input, I will settle for this answer about things.

First, I have to set the route in the first router, like I did with router mode. Then, I add a firewall rule as follows:

Code:

iptables -I FORWARD -j ACCEPT
Important! I do this on the second router, NOT the first router!!! Not that I tried, but I can see why this would be dangerous on the first router.

Doing all of this, gives the desired effect, it would seem.

However, for the larger problem, I checked it. I tried airprint from this setup on clientrouter, and it fails to work. So I will NOT be using this setup for clientrouter. It DOES work, the other way that I had it last night, however. So I restored the setup from last night, and everything there is good to go.

That answers the second small question I had, about design. If it works one way, but not the other, then the way it works is the better design.

I DID want the NAT type setup on guestrouter, as I decided that I don't want airprint to work, for safety reasons, on my guest network. If they really need to print, they will have to download the app, which works just fine. But then, I can control who will figure it out and who won't, a little bit better. Unless they are of my level, they probably won't figure it out, without some hints.

Windows printing works just fine, but you still have to make sure you add the printer properly for it to work. This adds some protection against misuse of the printer. I want them to be able to use most of my servers, and it seems to work okay, as is.

I think I have a good enough answer to what I was looking for, and I was right, I solved the larger problem, from solving the smaller problem(s). I will go post there next. If anybody has any more to add, post before it won't let you anymore. Check out the thread about the iPad printing, for the larger picture. A link is in the first post.

Check out my LQ blog, as I will be posting my findings there too. Thanks! Even though you have given me minor hints, it helped with the troubleshooting so that I could solve this the rest of the way. I like when things simply get me "unstuck".


All times are GMT -5. The time now is 11:49 AM.