Going crazy with this config...

[Carlos M.]

Hi,

I'm trying to bridge my DSL modem to my main router with Asuswrt Merlin. I come from Tomato and everything worked fine but... with the new firmware I'm getting a lot of problems and I'm almost sure that is a cabling problem.

I have the modem/router with the RJ11 connector and 4 100Mb LAN ports.
I go from the modem/router to my main router through a Dlink switch with 8 LAN ports of 1Gb.

I connect my modem LAN port 1 with the LAN port 1 of my switch and from the LAN port 8 of my swith I go to the WAN port of my main router (30m far in other room).

With Tomato I putted an ethernet cable in the main router to the WAN port to the LAN port 2 in the same router and the cable comming from the swicth with the "WAN signal" connected to the LAN port 2 in the main router.

Is it correct??

I need to run up the PPPoE from the 2nd room but I have just one cable from the modem/router.

Here you can see the whole schema:

Edit adding more info:
- Just 0ne subnet 192.168.1.x
- No DMZ or firewall rules
- I need internet in all ports wired and wireless.
- The first white box is the DSL modem/router to be bridged

Thanks in advance

 

[coxhaus]

The pictures are good but you cannot read things on the pictures. I assume you are trying to run multiple networks on one physical cable but there is no IP addressing. A couple of things is I would not want to run outside internet traffic on the same wire as inside firewalled traffic. You mention bridging your DSL modem to the ASUS router but there is a white box at the top of the picture. Is it running as a router or not. This is very hard decipher what you are trying to do.

And to top this off I assume you mean PPPOE not PPOE. But you need fix this stuff so we can understand your network.

 

[Carlos M.]

The pictures are good but you cannot read things on the pictures. I assume you are trying to run multiple networks on one physical cable but there is no IP addressing. A couple of things is I would not want to run outside internet traffic on the same wire as inside firewalled traffic. You mention bridging your DSL modem to the ASUS router but there is a white box at the top of the picture. Is it running as a router or not. This is very hard decipher what you are trying to do.

And to top this off I assume you mean PPPOE not PPOE. But you need fix this stuff so we can understand your network.

I 'll edit my post.

Thanks!!!

 

[Carlos M.]

I found this old thread looking for same configuration...

http://www.tomshardware.co.uk/answers/id-2358527/lan-port-wan-lan.html

 

[coxhaus]

This picture is easier to understand. It looks like you are passing your modem traffic on the same wire as your local LAN. Your local LAN wired computers are not getting internet access.
I guess DHCP is working and your workstations have IP addresses with the ASUS router as the default gateway. Are wireless devices getting internet access? Can you ping out to the internet on a device? Sometimes there is a DNS problem and you think it is a internet problem when in reality it is a DNS problem.
Is your switch a dumb switch or a managed switch? I assume layer 2? Do you have VLANs?
I wonder if it could be a spanning tree problem.

 

[abailey]

It looks like you want to bridge your DSL modem so that it does not do any routing and just passes your internet IP address to the Asus router and let the Asus be your firewall with all your clients behind it, is that correct? If so then you don't need to use any of the DSL Modem Ethernet ports to connect devices to (as it appears you are doing in your drawing). You will use one of them to go to the switch.
Now I admit I don't know much about the Merlin software but I don't think it can mix WAN and Network VLANS on the same port. If my assumption is correct then the only way I can see your design working is if you have two managed switches. One switch would be connected to the DSL modem ethernet port and located in room-1 (lets call that switch switch#1). Then from that switch it would connect to a managed switch (lets call this switch switch#2) near your Asus router in room-2. That connection between your switches could run multiple VLANs. You would connect both the WAN port and one of the LAN ports from the Asus to switch #2, in separate VLANs. An example is below.
It would be easier in your scenario to just let your DSL modem be your main router (I assume it can be a router) and just put your Asus in AP mode. Then you would not have to worry with all this mess, lol.

 

[Carlos M.]

This picture is easier to understand. It looks like you are passing your modem traffic on the same wire as your local LAN. Your local LAN wired computers are not getting internet access.
I guess DHCP is working and your workstations have IP addresses with the ASUS router as the default gateway. Are wireless devices getting internet access? Can you ping out to the internet on a device? Sometimes there is a DNS problem and you think it is a internet problem when in reality it is a DNS problem.
Is your switch a dumb switch or a managed switch? I assume layer 2? Do you have VLANs?
I wonder if it could be a spanning tree problem.

Yes... you are on the way coxhaus i'm passing my modem trafic onthe same wire and... my wired devices connected to my dumb layer 2 switch have problems with dns but my wireless devices connected to the asus router have problems, sometimes, aswell.
I don't have vlans and found the spanning tree option switched on. Suspecting about this... I switched off but still not working.

My real headache is that same configuraton with Tomato was working perfectly...

 

[Carlos M.]

It looks like you want to bridge your DSL modem so that it does not do any routing and just passes your internet IP address to the Asus router and let the Asus be your firewall with all your clients behind it, is that correct? If so then you don't need to use any of the DSL Modem Ethernet ports to connect devices to (as it appears you are doing in your drawing). You will use one of them to go to the switch.
Now I admit I don't know much about the Merlin software but I don't think it can mix WAN and Network VLANS on the same port. If my assumption is correct then the only way I can see your design working is if you have two managed switches. One switch would be connected to the DSL modem ethernet port and located in room-1 (lets call that switch switch#1). Then from that switch it would connect to a managed switch (lets call this switch switch#2) near your Asus router in room-2. That connection between your switches could run multiple VLANs. You would connect both the WAN port and one of the LAN ports from the Asus to switch #2, in separate VLANs. An example is below.
It would be easier in your scenario to just let your DSL modem be your main router (I assume it can be a router) and just put your Asus in AP mode. Then you would not have to worry with all this mess, lol.

Thanks abailey, your solution looks perfect but I try to avoid buying more network devices, at least 2 managed switches. A better DSL modem/router could be, my actual one is a piece of xxxx and I want give the hard work to my Asus router.
The other problem is that I cant bring two ethernet wires to my room number 2 and my Asus in this room will be the router (PPPoE manager) my switch (4 1Gb ports) and my dual band n wireless AP.

Just say that my "crossover" from the lan port to the wan port in the Asus works perfectly with Tomato firmware... so... something is going bad with the Merlin/DNS/WAN configuration.
With this "crossover/passtrough" I'm arriving with the modem trafic from one switch to an other one (Asus) and then, I pass this trafic wiring one lan port the the wan port.

The problem is... can I use this crosover as a "two ways" trafic, I mean, LAN and WAN.

Thanks a lot to both!!

 

[abailey]

Ok if you load something like Tomato where you can create VLAN's I can see it working like the image below, but this would still require one managed switch.
Now that does not mean you can't get it working with all dumb switches, but I would strongly suggest you do not try that as it is a real security risk.

 

[Carlos M.]

Ok if you load something like Tomato where you can create VLAN's I can see it working like the image below, but this would still require one managed switch.
Now that does not mean you can't get it working with all dumb switches, but I would strongly suggest you do not try that as it is a real security risk.

But... I never used vlans with my last Tomato config. Whole trafic in same subnet and layer 2. Simple and unsafe. Now, the purple crossover at the router side won't work...

 

[coxhaus]

You can run multiple networks on one wire. Since the bridged modem traffic is PPPOE and is encapsulated it should work as it is just layer 2 traffic. A cable modem would probably be more difficult since they do not use PPPOE and DHCP comes across as a native broadcast. Whether this will work with a ASUS router who knows.

So what I am hearing now is there is a DNS problem and the wired PCs can ping out on the internet. Is this correct?

What do you mean the purple crossover will not work? Do you get link lights? Spanning tree is turned off on the ASUS still? I would leave it off until it works. Does the router get a WAN IP?

I would start with basics. Disconnect all devices but the ASUS router, switch, and modem and see if the router gets an WAN IP address. Reboot modem first and then ASUS router. Check for IP address. I assume the modem is in bridge modem and the router is set for PPPOE on the WAN port. If this does not work then plug the one cable into the WAN port and see if you get an IP address. Maybe if it learns the MAC address it will work better when you switch back to the LAN port.

 

[abailey]

You can run multiple networks on one wire. Since the bridged modem traffic is PPPOE and is encapsulated it should work as it is just layer 2 traffic. A cable modem would probably be more difficult since they do not use PPPOE and DHCP comes across as a native broadcast. Whether this will work with a ASUS router who knows.

So what I am hearing now is there is a DNS problem and the wired PCs can ping out on the internet. Is this correct?

What do you mean the purple crossover will not work? Do you get link lights? Spanning tree is turned off on the ASUS still? I would leave it off until it works. Does the router get a WAN IP?

I would start with basics. Disconnect all devices but the ASUS router, switch, and modem and see if the router gets an WAN IP address. Reboot modem first and then ASUS router. Check for IP address. I assume the modem is in bridge modem and the router is set for PPPOE on the WAN port. If this does not work then plug the one cable into the WAN port and see if you get an IP address. Maybe if it learns the MAC address it will work better when you switch back to the LAN port.

This is correct. I completely missed the PPPOE part and wasted a lot of time because of it (sorry to waste your time Carlos M.). This configuration should work. Not sure why the Asus is balking with your Merlin build.

 

[Carlos M.]

You can run multiple networks on one wire. Since the bridged modem traffic is PPPOE and is encapsulated it should work as it is just layer 2 traffic. A cable modem would probably be more difficult since they do not use PPPOE and DHCP comes across as a native broadcast. Whether this will work with a ASUS router who knows.

So what I am hearing now is there is a DNS problem and the wired PCs can ping out on the internet. Is this correct? I'm not sure if the wired PC can ping out. The connection problem no make sense... working with no problem, resolving www names and the router reach DDNS and get a WAN IP and... suddenly, I loose the DNS gateway, cant't resolve from PC and the router can't connect tu DDNS but get WAN IP. Sometimes can't get WAN IP aswell. To start crying.

What do you mean the purple crossover will not work? Do you get link lights? Spanning tree is turned off on the ASUS still? I would leave it off until it works. Does the router get a WAN IP? I get link light, not checked the ports but I see trafic lights blinking for this ports on the router front. Spanning tree is disabled still. WAN IP is, normally, it's ok but... no DDNS and DNS. Some people from a DSL forum suggest, from the PPPoE setup in the router side, ask to the ISP for the WAN IP but don't ask for the DNS and write manually the ISP DNS instead of otther DNS servers like 8.8.8.8. I will try to do this in a couple of days. I've not remote access to the router...

I would start with basics. Disconnect all devices but the ASUS router, switch, and modem and see if the router gets an WAN IP address. Reboot modem first and then ASUS router. Check for IP address. I assume the modem is in bridge modem and the router is set for PPPOE on the WAN port. If this does not work then plug the one cable into the WAN port and see if you get an IP address. Maybe if it learns the MAC address it will work better when you switch back to the LAN port.
Yes, of course, I did everything like a bomb deactivator... I'm not sure to understand your last sentence. I must check with the "crossover/lan2wan" if I get IP and if not... plug directly the WAN cord to the WAN port and If I get it, again, try the crossover?

MAC address could be a problem, who knows, at the PPPoE config my ISP just want the user/pass and config VCI/VPI values but not MAC or host name are requested.

Thanks!!

 

[coxhaus]

So where do we stand? What are the results of the tests?

I only mentioned MAC address because the layer 2 traffic uses it. I did not mean your ISP required it

 

[Carlos M.]

So where do we stand? What are the results of the tests?

I only mentioned MAC address because the layer 2 traffic uses it. I did not mean your ISP required it

coxhaus, thanks for your support. I can't make tests until tomorrow. This network are in a remote place and I need to be onsite because I can't reach my router under a DDNS access.
I hope can give you an update tomorrow night. Some ISPs ask for the MAC in order to bind the router with the PPPoE connection but is not my case. Just to inform.

Thanks a lot for your interest.

 

[coxhaus]

I assume you still have your Tomato router in case ASUS does not work? If it's that remote it would be a good plan.

PS
I was thinking about your DNS problem across the board on both wired and wireless. If you push a lot of data from your wired workstations connected through the switch it could be causing your DNS problem. Multiple machines using a NAS or BlueRay would cause your router grief as you could saturate the line for a moment and DNS packets would not get through. DNS is UDP so the router does not know if the UDP DNS packet arrived safely. The PC probably keeps transmitting but there may be something here. At least a delay.

You might want to think about a different design for your network.

 

[Carlos M.]

Is the same router... I migrated from Tomato to Merlin

I am alone doing the tests. No devices using the network [emoji849]

I ordered a DSL-N14u modem/router and I have a B plan with a WDS bridge for LAN traffic