[MLB-WIRELESS] File sharing over 2 x WRT with WEP

David Ashburner d_ashburner at hotmail.com
Thu May 5 09:57:33 EST 2005 

Short answer:
Try connect the existing LAN into one of the LAN ports of WRT (main), then 
you don't have any issue with routing and NAT. Don't run DHCP on the Wrt 
(main) and make sure your DHCP servers serve different subsets of the 
available address range.

long explanation follows...

>im pretty sure u ither use the 4 ports or the wan and not both?
>

As Ric says, you can connect to either the WAN port or one of the LAN ports 
but don't connect both to the same segment.  I'm not sure exactly what you 
are trying to do with this set up  but you have two basic choices, either 
bridging  or routing.  Bridging means you have one big LAN that is 
physically segmented but your wireless devices are bridging the segments 
together.  Routeing means that each physical locatio is it's own address 
space and the wireless devices are routing between the segments - only 
packets specifically addressed will be forwarded across a link.

It sounds like you want a bridged network, something like this?

existing LAN  192.168.2.0  WRT (main) ---< bridge >--- WRT (second) --- new 
LAN  192.168.2.0

All machines are sharing an address space. The WRT's are both in WDS mode 
and create a lbridge between the two physical segments. The added advantage 
of WDS here is that it allows wireless clients at either location to connect 
up to your LAN, but with the side effect that messages from one of those 
wireless clients go through the radio twice.

** in this case the existing LAN should be connected to one of the LAN ports 
on the WTR (main) - effectively you would not be needing or using the 
routing part of the wrt.

Routed would look like this:

existing LAN 192.268.2.0 --- (WAN port) WRT (main) ---< link >-- WRT 
(second) --- new LAN

The new LAN would have a different address range. WRT(main) would be in AP 
mode and WRT (second ) in client mode. WRT (second) would need to run 
OpenWRT because you don't want it bridging between the Wlan and the LAN, you 
want it to Route between the two.

if you are routing you can choose to connect the WRT (main) to the existing 
LAN via either the WAN or LAN port depending on how you want to split the 
segments and if yu are trying to create a firewall between the existing LAN 
and the wireless  LAN.

Here you are saying WTF? this is too hard. and you would be right!!
Routing is more complicated and requires custom firmware. This is why these 
units are consumer grade not Telco grade. A telco grade device allows you to 
frig with these things in a well defined management framework - but the cost 
10x the price.


>>>
>>
>>I don't quite get that, but what's the alternative?
>>
as above :)

The wrt is a combination device. It is a router, switch and wireless all in 
one.  How it is connected  with standard firmware ( including sveasoft) is 
that the LAN ports and the Wlan are bridges together and the bridge is 
routed to the WAN port.

Bridging means the LAN and the Wlan all sharer a common address space. The 
routing to the WAN means that the Wrt and all the bridged devices behind it 
appear as a single device to anything else on the WAN.  As far as your ISP 
is concerned it looks like a single machine.  Part of the routing set-up is 
NAT, NAT performs address translation on the packets sent from the LAN and 
Wlan to make it look like they came from the WRT (hence anything else on the 
WAN  thinks it is a single device).  When return messages come back the NAT 
software keeps track of where the requests cane from and re-translates the 
address and forwards the packets onto the correct device.



>>>You could have DHCP on at both ends and serve different address ranges (
>>>like 50-100 at main and 101-150 at second)
>>>
>>>
>>
>>Well I could but any workstations will connect to the "Main" Linksys via
>>wireless or one of the 4 ports, but ultimately get an IP from the existing
>>DHCP server on the existing network (which is connected to the WAN port on
>>the "Main" linksys). So why would I want DHCP on the Linksys as well?
>>
Depends on how the WRT is connected to the existing LAN.

If your WRT (main) is connected to the existing network via the WAN port I 
don't think anything on the LAN or Wlan would be able to get any messages 
back from the DHCP server on the existing network. By using the WAN port you 
are using NAT and to the DHCP server it thinks it has already served an 
address. Also any reply coming back would stop at the WRT unless you have 
port forwarding for that port and then you can only forward to one device - 
not going to work!!

But, if you have  the existing LAN connected to the LAN port it will be OK. 
( make sure the DNS servers in each location only serve a subset of the 
address range for that segment to avoid duplicate addresses).


>>Yeh, file sharing works fine without security. But with WEP or WPA, if I
>>connect directly to the "Main" linksys or via the existing network which 
>>is
>>connected to the "Main linksys, I can't file share with a workstation
>>wirelessly or directly connected to the "Second" linksys.
>>
WEP and WPA are always probematic. I think what a lot of people end up doing 
is using some sort of encrypted tunned between locations. I use SSH tunnels 
across the internet ( between UNIX/Linux machines). The problem with these 
is that you either need support for them (VPN support) in the router 
firmware or need to run the tunnel endpoints on other machines.



>>Yeh, I've tested that and it does work. It's not really a big issue 
>>because
>>if I connect to the existing network, I get the right IP and default 
>>gateway
>>and I don't really intend on connecting any workstations directly into the
>>"Main" linksys anyway... It's just a problem if you want to connect 
>>directly
>>to administer the router and while you're there reference something on the
>>internet - you can't. So, I guess DHCP on both routers would solve this.
>>
Again, you won't need it if you connect the Wrt (main) via the LAN port.


>>I can't get it to work without WDS. How can I set it up without using WDS?

Without WDS you need cusom firmware on the wrt's at the remote locations. 
The Main is acting as an AP and the remotes run in client mode.  They need 
to be configured to route between their Wireless interfaces and their LAn 
interfaces (not bridge) and would not be able to support local wireless 
clinets (as they would not be in AP mode).

gee, it should be easy right??



To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message

More information about the Melbwireless mailing list