Announcement

Collapse
No announcement yet.

How best to connect two halves of network? Expert network advice needed.

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    How best to connect two halves of network? Expert network advice needed.

    I have a nice Asus router on one end of my house. On the other end, I have my server that happened to have a built-in wi-fi card. I wasn't using the wi-fi card in the server until one evening I listened to my kids complain about the signal at that end of the house. I dove into the server and it's network config and managed to get the wi-fi card up as a wireless access point, and voila - we have two wifi access points.

    The downsides to the server wi-fi access are:
    1. I cannot get "N" class connections enabled, only "G", even though the card is N capable. My 'net research reveals this may be a firmware limitation so I gave up on it. This isn't a deal-breaker anyway.
    2. I learned (rightly or wrongly) that I could only make it work at all if I used a different set of IP addresses.


    #2 means while connected to the Asus router you get an IP range from 192.168.1.2 to 192.168.1.198 (a range I set to reserve fixed IP's) but while connected to the server AP you get 192.168.0.50 to 192.168.0.150.

    This results in a solid and usable internet connection for ether connection, but devices connected to one AP cannot connect to various services on the other. Mostly, this involves my server itself which is hard-wired to the Asus router for it's connection but also KDE Connect cannot connect to my phone if I'm connected to the server AP instead of the router.

    To get this to the state it's currently in, I muddled through dozens of networking AP how-to's until I landed on using hostapd to configure the AP.

    Here's the contents (minus remarks) of /etc/dnsmasq.conf
    Code:
    server=8.8.4.4
    server=198.153.194.1
    interface=wlan0
    dhcp-range=192.168.0.50,192.168.0.150,24h
    Here's the entire contents of /etc/hostapd.d/hostapd.conf:
    Code:
    [FONT=monospace][COLOR=#000000]# WiFi Hotspot[/COLOR]
    interface=wlan0
    driver=nl80211
    #Access Point
    ssid=smithserver
    hw_mode=g
    # WiFi Channel:
    channel=1
    macaddr_acl=0
    auth_algs=1
    ignore_broadcast_ssid=0
    wpa=2
    wpa_passphrase=<NON_YA_BIN_ESS>
    wpa_key_mgmt=WPA-PSK
    wpa_pairwise=TKIP
    rsn_pairwise=CCMP
    
    # 802.11n (HT) is enabled
    ieee80211n=1
    ht_capab=[SHORT-GI-40][HT40+][HT40-][DSSS_CCK-40]
    wmm_enabled=1
    wmm_ac_bk_cwmin=4
    wmm_ac_bk_cwmax=10
    wmm_ac_bk_aifs=7
    wmm_ac_bk_txop_limit=0
    wmm_ac_bk_acm=0
    wmm_ac_be_aifs=3
    wmm_ac_be_cwmin=4
    wmm_ac_be_cwmax=10
    wmm_ac_be_txop_limit=0
    wmm_ac_be_acm=0
    wmm_ac_vi_aifs=2
    wmm_ac_vi_cwmin=3
    wmm_ac_vi_cwmax=4
    wmm_ac_vi_txop_limit=94
    wmm_ac_vi_acm=0
    wmm_ac_vo_aifs=2
    wmm_ac_vo_cwmin=2
    wmm_ac_vo_cwmax=3
    wmm_ac_vo_txop_limit=47
    wmm_ac_vo_acm=0
    [/FONT]
    and heres' /etc/network/interfaces:
    Code:
    [FONT=monospace][COLOR=#000000]# This file describes the network interfaces available on your system[/COLOR]
    # and how to activate them. For more information, see interfaces(5).
    
    # The loopback network interface
    auto lo
    iface lo inet loopback
    
    auto eth0  
    iface eth0 inet manual
    bond-master bond0
    
    auto eth1
    iface eth1 inet manual
    bond-master bond0
    
    auto bond0
    iface bond0 inet static
    address 192.168.1.250
    netmask 255.255.255.0
    broadcast 192.168.1.255
    gateway 192.168.1.1
    bond-mode 0
    bomd-miimon 100
    bond-slaves none
    dns-nameservers 192.168.1.1
    dns-search smith.lan
    dns-domain smith.lan
    network 192.168.1.0
    pre-up iptables-restore < /etc/iptables.rules
    post-down iptables-save > /etc/iptables.rules
    
    iface wlan0 inet static
    hostapd /etc/hostapd/hostapd.conf
    address 192.168.0.250
    netmask 255.255.255.0
    [/FONT]
    So you can see the setup is rather simple.

    I did muck about with the IP tables:
    smith@server:/mnt/sde2$ sudo iptables -t nat -L -v
    Chain PREROUTING (policy ACCEPT 1748K packets, 530M bytes)
    pkts bytes target prot opt in out source destination

    Chain INPUT (policy ACCEPT 1694K packets, 525M bytes)
    pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 1346K packets, 325M bytes)
    pkts bytes target prot opt in out source destination

    Chain POSTROUTING (policy ACCEPT 1114K packets, 299M bytes)
    pkts bytes target prot opt in out source destination
    260K 29M MASQUERADE all -- any bond0 anywhere anywhere
    What I want to be able be able to connect to every computer on the network and all the services via both AP's. I either have to figure out how to get both devices working on the same IP group or "bridge" them or something, but I'm too network n00b-ish to know where to begin.

    Hints or suggestions?
    Last edited by Snowhog; Oct 07, 2017, 07:15 PM.

    Please Read Me

    #2
    sorry no expert hear ,,,,but I do see you only have "g" enabeld in /etc/hostapd.d/hostapd.conf .

    this may be a dumb queshton ,,,but dont you have a desktop installed on that server ,,,,I think I remember seeing that in one of your posts ,,,,,,,so did you try to set up the "access point in networkmanager ?

    VINNY
    i7 4core HT 8MB L3 2.9GHz
    16GB RAM
    Nvidia GTX 860M 4GB RAM 1152 cuda cores

    Comment


      #3
      #2 means while connected to the Asus router you get an IP range from 192.168.1.2 to 192.168.1.198 (a range I set to reserve fixed IP's) but while connected to the server AP you get 192.168.0.50 to 192.168.0.150.
      Having two DHCP servers running doesn't sound like it will work. In theory, maybe, (hackers do it...) but the router would have to know to send some traffic to the server, and I doubt if the Asus will let you in to it to set that up at that level.

      (I was trying to solve a similar problem with a surplus ADSL router, and I was over thinking it. A frustrating afternoon. All I had to do was give it a different IP for itself, turn off DHCP, and set a different channel. Plug in and go.)

      Have you looked at linux bridging? Say,
      https://wiki.linuxfoundation.org/networking/bridge
      Last edited by jlittle; Oct 06, 2017, 12:01 AM. Reason: clarify
      Regards, John Little

      Comment


        #4
        Loosen up your subnet mask a little. I would suggest setting it to 255.255.254.0 on whatever device(s) are providing DHCP so all devices catch the upgrade. You'll need to renew DHCP leases on all devices but this should work.

        Hope this helps -
        we see things not as they are, but as we are.
        -- anais nin

        Comment


          #5
          Originally posted by vinnywright View Post
          sorry no expert hear ,,,,but I do see you only have "g" enabeld in /etc/hostapd.d/hostapd.conf .

          this may be a dumb queshton ,,,but dont you have a desktop installed on that server ,,,,I think I remember seeing that in one of your posts ,,,,,,,so did you try to set up the "access point in networkmanager ?

          VINNY
          Yeah, this is the server so no networkmanager. It's configured manually and statically. The hostapd docs state that "n" is layered on top of "g" so the "g" reference is correct. The "n" configuration is the part after:

          # 802.11n (HT) is enabled

          Apparently, not all wi-fi devices support N-class when in AP mode. Meaning they can send N but not receive it. I don't know if this is hard-coded in the device, a kernel parameter, or a driver limitation.

          Please Read Me

          Comment


            #6
            Originally posted by jlittle View Post
            Having two DHCP servers running doesn't sound like it will work. In theory, maybe, (hackers do it...) but the router would have to know to send some traffic to the server, and I doubt if the Asus will let you in to it to set that up at that level.

            (I was trying to solve a similar problem with a surplus ADSL router, and I was over thinking it. A frustrating afternoon. All I had to do was give it a different IP for itself, turn off DHCP, and set a different channel. Plug in and go.)

            Have you looked at linux bridging? Say,
            https://wiki.linuxfoundation.org/networking/bridge
            Everything I've read leads me to believe two DCHP servers are fine as long as they don't overlap IP assignments. In this case, I couldn't get it to work by just restricting the server AP to a different set of IP addresses in the same range. I really don't care if they use the same range or not, I just want all of them to communicate with each other without having to go outside my home network.

            I use AsusWRT by Merlin on the router and it's very configurable - just over my head. I was hoping a simple iptable redirect or route on the server to allow connection to the router. I tried to bridge, but that just took my server off-line too. Too many connections (notice dual NICs in bonding mode) I guess. Or I just didn't do it right.

            Please Read Me

            Comment


              #7
              Originally posted by wizard10000 View Post
              Loosen up your subnet mask a little. I would suggest setting it to 255.255.254.0 on whatever device(s) are providing DHCP so all devices catch the upgrade. You'll need to renew DHCP leases on all devices but this should work.

              Hope this helps -
              This is one area I know nothing about. I will explore this and see if it helps me.


              Thanks everyone, for replying.

              Please Read Me

              Comment


                #8
                Originally posted by oshunluvr View Post
                This is one area I know nothing about. I will explore this and see if it helps me.
                It will. A subnet mask tells your machine what's on your local network and what has to be sent through the gateway to teh intrawebz. The default subnet mask of 255.255.255.0 will let you connect to the 192.168.0.1 through .255 *or* 192.168.1.1 through .255 (but not both) depending on the IP address of your machine. Loosening the subnet mask a little will show both networks as local but all the devices will have to pick up the new subnet mask either manually or (preferred) from the DHCP server(s) to work properly.
                we see things not as they are, but as we are.
                -- anais nin

                Comment


                  #9
                  Well, that sucked :/

                  I switched everything over to 255.255.254.0 and now the wireless AP won't come back up.

                  Please Read Me

                  Comment


                    #10
                    Originally posted by oshunluvr View Post
                    Well, that sucked :/

                    I switched everything over to 255.255.254.0 and now the wireless AP won't come back up.
                    You'll have to use a paper clip and push the reset button and hold it for 15 seconds or so to reset your wifi.

                    Convert subnet masks to binary. All the '1's are network addresses and all the '0's are host addresses.
                    Last edited by GreyGeek; Oct 06, 2017, 07:01 PM.
                    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                    – John F. Kennedy, February 26, 1962.

                    Comment


                      #11
                      Originally posted by oshunluvr View Post
                      Well, that sucked :/

                      I switched everything over to 255.255.254.0 and now the wireless AP won't come back up.
                      SOHO routers may not sit still for stuff like this, I guess.

                      May I ask why the AP are on different networks? Seems to me that your needs would be better served putting everything on the same subnet. Bridging wired and wireless connections on the server seems to me to be the thing to do

                      Good readme here -

                      https://wiki.archlinux.org/index.php...e_access_point
                      we see things not as they are, but as we are.
                      -- anais nin

                      Comment


                        #12
                        I got the AP back up, I left a typo in the config file. Took me a long time to see it - a "b" where should have been a "B". But the new configuration has broken dhcp from the AP for some unknown reason.

                        May I ask why the AP are on different networks?
                        I assume you mean why not all using the same set of IPs? Like, why not all on 192.168.1.0/24? Initially, I had tried that but the AP would not come up. The instant I switched the AP over to 192.168.0.1, it worked and I could get to the internet. The issue was with that setup was - by not having the IP subnet matching the devices connected to the AP could not communicate with the devices on the other subnet. This became apparent when my phone could not connect to my PC via KDEConnect when using the AP because (obviously) they were no longer on the same network. The thought was be expanding the network using a less restrictive netmask would solve the issue, but not so far.

                        So before I re-configure everything yet again, lets review the current setup.

                        Hardware:
                        A server with built-in wifi card to use as an Access Point (AP).
                        Server is connected to Asus Router with wifi via ethernet and a switch.

                        Current setup:
                        Router is now running local dhcp for it's wireless devices with a range of 192.168.1.2 to .254.
                        Server is running Ubuntu 14.04.5 and using "hostadp" to initialize the AP and dnsmasq to assign IP addresses in the rage of 192.168.0.1 to .198
                        Both are using a netmask of 255.255.254.0.

                        When I was using a netmask of 255.255.255.0, I could get on the internet using the AP but not to my other devices on 192.168.1. network. Rather than configuring a bridge (which I've tried in the past and never could get right) I routed traffic from the AP (wlan0) to the ethernet connection (bond0) using iptable entries that are inserted by hostapd.

                        This worked.

                        Moving forward to try and get all devices connected to each other without having to go outside the network, my understanding was by simply changing to 255.255.254.0 the devices would be able to communicate with each other. So far, I don't know if this works or not because I can no longer connect to the network because the AP won't issue an IP. I don't know if it's a dnsmasq problem or what.

                        Here are the relevant config files:
                        launchap (starts hostadp at boot up):
                        Code:
                        [FONT=monospace][COLOR=#000000]smith@server:~$ cat /etc/hostapd/launchap[/COLOR]
                        #!/bin/bash
                        #Initial wifi interface configuration
                        ifconfig wlan0 up 192.168.0.250 netmask 255.255.254.0
                        sleep 2
                          
                        ###########Start dnsmasq, modify if required##########
                        if [ -z "$(ps -e | grep dnsmasq)" ]
                        then
                         dnsmasq
                        fi
                        ###########
                          
                        #Enable NAT
                        iptables --flush
                        iptables --table nat --flush
                        iptables --delete-chain
                        iptables --table nat --delete-chain
                        iptables --table nat --append POSTROUTING --out-interface bond0 -j MASQUERADE
                        iptables --append FORWARD --in-interface wlan0 -j ACCEPT
                          
                        sysctl -w net.ipv4.ip_forward=1
                          
                        #start hostapd
                        hostapd -B /etc/hostapd/hostapd.conf
                        [/FONT]
                        hostadp.conf:
                        Code:
                        [FONT=monospace][COLOR=#000000]smith@server:~$ cat /etc/hostapd/hostapd.conf[/COLOR]
                        # WiFi Hotspot
                        interface=wlan0
                        driver=nl80211
                        #Access Point
                        ssid=smithserver
                        hw_mode=g
                        # WiFi Channel:
                        channel=1
                        macaddr_acl=0
                        auth_algs=1
                        ignore_broadcast_ssid=0
                        wpa=2
                        wpa_passphrase=password 
                        wpa_key_mgmt=WPA-PSK
                        wpa_pairwise=TKIP
                        rsn_pairwise=CCMP
                        
                        # 802.11n (HT) is enabled
                        ieee80211n=1
                        ht_capab=[SHORT-GI-40][HT40+][HT40-][DSSS_CCK-40]
                        wmm_enabled=1
                        wmm_ac_bk_cwmin=4
                        wmm_ac_bk_cwmax=10
                        wmm_ac_bk_aifs=7
                        wmm_ac_bk_txop_limit=0
                        wmm_ac_bk_acm=0
                        wmm_ac_be_aifs=3
                        wmm_ac_be_cwmin=4
                        wmm_ac_be_cwmax=10
                        wmm_ac_be_txop_limit=0
                        wmm_ac_be_acm=0
                        wmm_ac_vi_aifs=2
                        wmm_ac_vi_cwmin=3
                        wmm_ac_vi_cwmax=4
                        wmm_ac_vi_txop_limit=94
                        wmm_ac_vi_acm=0
                        wmm_ac_vo_aifs=2
                        wmm_ac_vo_cwmin=2
                        wmm_ac_vo_cwmax=3
                        wmm_ac_vo_txop_limit=47
                        wmm_ac_vo_acm=0
                        [/FONT]
                        dnsmask.conf:
                        Code:
                        [FONT=monospace][COLOR=#000000]smith@server:~$ cat /etc/dnsmasq.conf            [/COLOR]
                        no-resolv
                        server=8.8.4.4
                        server=198.153.194.1
                        interface=wlan0
                        dhcp-range=192.168.0.1,192.168.0.198,255.255.254.0,24h
                        [/FONT]
                        All these entries were taken from this site and it got me connect to the internet before. I don't know why it's not working now.

                        Please Read Me

                        Comment

                        Working...
                        X