How to create a subnet between two different networks
Solution 1
I finally give up, DD-WRT is way to buggy.
DD-WRT on Linksys WRT54G, build DD-WRT v24-sp2 (08/07/10) vpn (SVN revision 14896)
Wireless security keep switching to TKIP without reason, so my laptop and smart phone can't connect. PPTP VPN link between to DD-WRT incomplete route access.
What else, that I don't now...
I'll go with another solution.
But thank everyone for your input, I've learn I bit more from you!
Solution using Subnet Masking
For the record... I've been able to link to two network 10.35.1.0/24 and 10.35.2.0/24, together, using a different SubNet Mask. On each router, and every DHCP server you need to include both IP scope, witch is something like 255.255.252.0 (10.35.0.1 - 10.35.3.254). The Mask is a bit too wide, but it don't really matter for me actually. I'll add other subnet later.
Solution 2
First off, each local network would be its own subnet (which is shorthand for "subnetwork", where "network" refers to the entire network; in your case, the "network" is most likely the Internet). What you need to do is set up routing between the two subnets. They will remain separate entities, but traffic will be able to flow between them.
The first thing you need to confirm is that the IP ranges are non-overlapping. For example, 10.35.1/24 and 10.35.2/24 is fine, but 10.35.1.0/16 and 10.35.2.0/16 is not (because in the latter case, the IP ranges overlap and there is no good way for the router to know which traffic should go where).
I don't know exactly what steps you need to take to configure this in dd-wrt (as in "click here, type this, ..."), but what you need to do is:
- Physically connect Router A to Router B (either wired or wireless, direct or through a tunnel, but they need a way to talk to each other).
- Configure Router A to route any traffic intended for the network served by Router B (10.35.2/24) across its link to Router B.
- Configure Router B to route any traffic intended for the network served by Router A (10.35.1/24) across its link to Router A.
- On both routers, set up any necessary firewall rules to allow the traffic to flow between the networks served by Router A and Router B. Depending on the specifics this may or may not be strictly required.
Steps 2 and 3 (which are the magic sauce for making this work at all) are usually accomplished through setting up static routes. Any moderately competent IP stack provides a way of doing this, and I can't imagine that dd-wrt would be any exception, though the exact mechanics of how to do that vary. The general idea is to tell each router that "to reach the network a.b.c.d/e", it needs to "forward the traffic over link fghij" and/or "pass the traffic to next hop router k.l.m.n"; this is how all routing on an IP network such as the Internet works. If you are specifying a next hop router, then that router must be reachable through some other configured route.
For example, consider the following IPv4 routing table, which should be similar to what you have set up:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
What this says is: to reach network 192.168.1.0 netmask 255.255.255.0 (which corresponds to 192.168.1/24), use gateway 0.0.0.0 (that is, just dump the traffic onto the network) over the interface eth0. To reach the network 0.0.0.0 netmask 0.0.0.0 (or 0.0.0.0/0, the "default route"), the best option is to ask 192.168.1.254 to forward the traffic toward its ultimate destination. Only core network routers have no default route; that's called the DFZ or Default-free zone. When you get a "no route to host" error, it's almost always because you have hit a router that has no way of passing the traffic on toward the destination host.
Routes are always considered in a most-specific-match-wins fashion, and also as a consequence the default route is only consulted if no other configured route matches. Hence, if I want to route traffic to 172.16.128.0/23 over the physical link attached to eth1, I would end up with a routing table much like the following:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0
172.16.128.0 0.0.0.0 255.255.254.0 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
By making the corresponding change on the other side, I can ensure that the return traffic will be able to flow back to the originating network, enabling two-way communication over the dedicated link.
Once you have made this type of change in your dd-wrt configuration on both ends, hosts on the two networks should at least be able to talk to the router on the other end of the link. (At that point, it very likely comes down to configuring the firewall to allow appropriate traffic through.)
Related videos on Youtube
11 : 49
04 : 17
04 : 30
28 : 33
11 : 35
Hugo
Updated on September 18, 2022Comments
-
Hugo over 1 year
I need some help to build my first subnet between two routers.
My office is located near another office, and those two offices are linked together with a network cable, and both offices have independent Internet access.
Each network has their own network IP scope:
- Network A is
10.35.1.* - Network B is
10.35.2.*
I would like to set a subnet between those two networks, to share network resources.
How can I set up my DD-WRT router, to route those two networks?
Here is a quick sketch of the network’s design:
Actually all Subnet mask are 255.255.255.0
Network A Network B PC1 PC2 PC3 PC4 (10.35.1.10) (10.35.1.11) (10.35.2.12) (10.35.2.13) | | | | ------------------ ------------------ | | Router A (DD-WRT) -------------------- Router B (10.35.1.1) (10.35.2.1) | | | | {Internet} {Internet}Edit: Now I've added a manual static route in the router at 10.35.1.1 (highlighted in yellow in the image) But still can't ping 10.35.1.1 from Router TelNet or PC from the Network A
-
Ƭᴇcʜιᴇ007 over 8 yearsUse a 2 IP (/30) "glue network" between them, and setup routes in the routers. For the best chances on getting a longer/more detailed and specific answer, what have you tried so far, and where are you getting stuck exactly? Also specifics about exactly which routers are in question, and exactly how they're wired together, would probably help. -
user1686 over 8 yearsYou already have "subnets". You need a route between these two.
-
Hugo over 8 yearsWhat route exactly? Here what I've try; Destination LAN NET: 10.35.2.0 Subnet mask: 255.255.255.0 Getway: 10.35.2.1
-
Hugo over 8 yearsBut with that route, the router at 10.35.2.1 remain unreachable
-
Hugo over 8 yearsI've added the full Routing table in the question
- Network A is
-
Hugo over 8 yearsI've try to do what you tell me, but it still don't work. I've added a static route on each router. From the example above, I've added a route in the router A (DD-WRT Router) ; Dest: 10.35.2.0, Mask: 255.255.254.0 Metric 0 Gateway: 0.0.0.0 and on the Route B (Asus Router); Dest: 10.35.1.0, Mask: 255.255.254.0, Gateway 0.0.0.0, Metric 0
-
Hugo over 8 yearsThank Marius for your input, but I'll like to do that part without a VPN
-
user over 8 years@Hugo Please edit your question to include the exact IP ranges and subnet masks for each network. (Because you are using RFC 1918 space, this should not present any problems.) I'm pretty sure the netmask you quoted is wrong; /23 is not a common prefix length on LANs (I used it only to illustrate the different routes). -
Hugo over 8 yearsI'm not sure I understand what you mean by "range", what is the "/23" mean? actually all PC behind each router have a mask of 255.255.255.0, ans there respective Router's IP has default Gateway
-
MariusMatutiae over 8 years@Hugo Why? VPN provides total security, with a negligible overhead due to encryption. -
Hugo over 8 yearsSecurity isn't a issue, since both network in a close loop. But later I'll try to add a third network (my home) via VPN. And from there I think a will try your suggestion.
