Routing 2 subnets (for dummies)

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

ThePCHacker

New Around Here
Hello!
I am happy that I have found that forum. Lately I was annoyed too much with the StackExchange sites. I really don't understand why people there are so unfriendly. Especially the ones with high ranking, they tend to have authority issues.

I have the following network topology as on the bellow picture.

drawing.png


Briefly:
  1. Router A is connected to the internet and has local IP of 192.168.1.1. It is also a DHCP and serves clients on LAN or WiFi.
  2. Router B is connected directly via LAN (onboard switches) to Router A. It has IP of 192.168.1.2. It also serves clients too.
Now comes the tricky part. Router C connects to Router B as WiFi client (bridge) and has local static IP of 192.168.1.200. (I tried to connect it as WDS but I couldn't - probably because I don't know how to).

All Computers/WiFi devices connecting to either Router A, or B, or C they get their dynamic IPs from the DHCP of router A and their gateway is 192.168.1.1 independed of which router they connect to.

My problem is the following. I am trying to isolate all devices (computers and later WiFis) on Router C from the other devices on Routers A and B. As such I thought to create a new Lan with its own IP addresses (yellow background). As such, I have enabled the VLan1 functionality to all 4 ports of Router C. I assigned a VLAN interface IP for the router of 192.168.2.1 and I enabled also DHCPD on that VLan to give addresses on the 192.168.2 subnet.

I have a couple of questions:
  1. Should all my routers (all 3) have a 255.255.0.0 subnet mask since I need 2 Lans (192.168.1.x & 192.168.2.x) or it isn't needed and all routers can have the 255.255.255.0 mask.
  2. Assuming that I have 255.255.255.0 everywhere, I guess that I need to do some kind of routing (especially for the VLAN1) so that routers need to communicate.
I thought that if I add 2 static routes on my Router C (see values in pictures bellow) I will be able to solve my problem but whenever I try to ping from the router to a computer on the 192.168.2.x subnet or the router B at 192.168.1.2 I don't have a pong...

The routes that I added to the router C are the following 2:

Name Metric Destination/Subnet Gateway Interface
From2To1 0 192.168.1.0/255.255.255.0 192.168.1.200 auth0
From1To2 0 192.168.2.0/255.255.255.0 192.168.2.1 vlan1


Just to let you know, the Router C is a DD-Wrt router.

Maybe I did it wrong and I don't need at all any static route on Router C since it knows both subnets but I need only a static route on either router A (or B) that has destination Lan: 192.168.2.0 and gateway the IP of the Auth0 interface of router C (192.168.1.200)?

Any idea please?
 

eibgrad

Very Senior Member
In a configuration such as this, it's the primary router (or more precisely, the default gateway of the private network (192.168.1.x)) that needs a static route. That static route needs to point to the LAN ip of router C on the private network as the gateway to the 192.168.2.x network. That will provide connectivity both between the 192.168.1.x and 192.168.2.x networks, and internet by the 192.168.2.x network provided the primary router is NAT'ing *all* private networks over the WAN of the primary router and not just the 192.168.1.x network (e.g., in the case of dd-wrt acting as the primary router, you'd have to explicitly NAT the 192.168.2.x network over the WAN, for OEM firmware, that can vary).

Of course, that doesn't prevent the 192.168.2.x network from accessing devices on the 192.168.1.x network (assuming that's your intent). You'd need to add firewall rules to router C to prevent that, while still allowing internet access.
 

SomeWhereOverTheRainBow

Very Senior Member
Hello!
I am happy that I have found that forum. Lately I was annoyed too much with the StackExchange sites. I really don't understand why people there are so unfriendly. Especially the ones with high ranking, they tend to have authority issues.

I have the following network topology as on the bellow picture.

View attachment 27603

Briefly:
  1. Router A is connected to the internet and has local IP of 192.168.1.1. It is also a DHCP and serves clients on LAN or WiFi.
  2. Router B is connected directly via LAN (onboard switches) to Router A. It has IP of 192.168.1.2. It also serves clients too.
Now comes the tricky part. Router C connects to Router B as WiFi client (bridge) and has local static IP of 192.168.1.200. (I tried to connect it as WDS but I couldn't - probably because I don't know how to).

All Computers/WiFi devices connecting to either Router A, or B, or C they get their dynamic IPs from the DHCP of router A and their gateway is 192.168.1.1 independed of which router they connect to.

My problem is the following. I am trying to isolate all devices (computers and later WiFis) on Router C from the other devices on Routers A and B. As such I thought to create a new Lan with its own IP addresses (yellow background). As such, I have enabled the VLan1 functionality to all 4 ports of Router C. I assigned a VLAN interface IP for the router of 192.168.2.1 and I enabled also DHCPD on that VLan to give addresses on the 192.168.2 subnet.

I have a couple of questions:
  1. Should all my routers (all 3) have a 255.255.0.0 subnet mask since I need 2 Lans (192.168.1.x & 192.168.2.x) or it isn't needed and all routers can have the 255.255.255.0 mask.
  2. Assuming that I have 255.255.255.0 everywhere, I guess that I need to do some kind of routing (especially for the VLAN1) so that routers need to communicate.
I thought that if I add 2 static routes on my Router C (see values in pictures bellow) I will be able to solve my problem but whenever I try to ping from the router to a computer on the 192.168.2.x subnet or the router B at 192.168.1.2 I don't have a pong...

The routes that I added to the router C are the following 2:

Name Metric Destination/Subnet Gateway Interface
From2To1 0 192.168.1.0/255.255.255.0 192.168.1.200 auth0
From1To2 0 192.168.2.0/255.255.255.0 192.168.2.1 vlan1


Just to let you know, the Router C is a DD-Wrt router.

Maybe I did it wrong and I don't need at all any static route on Router C since it knows both subnets but I need only a static route on either router A (or B) that has destination Lan: 192.168.2.0 and gateway the IP of the Auth0 interface of router C (192.168.1.200)?

Any idea please?
You can solve this using static routes options within each router.. there are ways to block routes and create routes.. it has just been along time since i have done something like this. a little digging on google about setting up static routes should help you in your endeavors.
 

ThePCHacker

New Around Here
Thank you very much both of you for your replies!
I really appreciate it. I think that eibgrad is correct on this. I hadn't think of trying routing the default gateway. I will have a try tonight and see how it goes.

Thanks again!
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top