0

I have two separate sites: Site A and Site B. Each have their own subnet: 192.168.0.1/24 and 192.168.1.1/24, respectively. Both have the subnet mask of 255.255.252.0. They each have their own gateway and DHCP server. There are servers on both sites. Each site accesses the Internet through their own gateway. Site A has a router running AdvancedTomato and Site B has a router running OpenWRT.

I would like to somehow connect both networks over the internet in such a way that all the devices on either network can see each other. However, either site should access the internet through their own independent gateways; any new devices added at each site should obtain IP from that site's DHCP server. In the future, if there are more Sites, I would like to add them to the setup such that the third Site would see all other Sites' computers.

Is this a possibility? What do I need to accomplish this?

Any advice or instructions would be helpful. I think my low knowledge of networking is preventing me from finding the answer with the right keywords.

Improve this question
1
  • Is this what they call intranet?
    – marshal craft
    Commented Jan 22, 2018 at 19:38

2 Answers 2

Reset to default
0

Have a look at tinc, it's made exactly for this kind of situation. On each site, one computer runs tinc (that can be the router), and this computer will see an extra network interface which you should add to the site network. Then you need to set up routing, and clients in network A will be able to reach clients on network B under their 192.168.1.* address, and vice versa.

They behave like they are in different LAN segments, so protocols needing broadcasts on a single LAN segments (Apple Bonjour etc.) won't span both networks, unless you do add multicast routing demons.

Improve this answer
1
  • This DOES sound like exactly what I needed. Thanks! I never really knew about tinc.
    – Halcyon
    Commented Jan 24, 2018 at 13:33
1

In general, you have a NAT router to the Internet. If you want to connect the two networks, you need to do some tunneling and routing. Your choice in tunnels is almost limitless (GRE, IPSec etc.), but I suggest you have a look at openvpn. Not just because both Advanced Tomato and Opwnwrt support it, but also because it is RELATIVELY well documented and easy to install.

In general (which means: if you have not installed helpers/forwarders on the router), DHCP will not leave your layer-2 network. So the reply will always come from you local DHCP server.

If you run the Openvpn on the routers, you may not even need to set a specific route/ static route on your servers.

So yes, it is possible. And this reply should give you enough keyword to get the right answer :-)

Improve this answer
2
  • Thanks for the quick reply! Using OpenVPN would mean I would need router at each Site to act as an OpenVPN server and client, right? I would need to set rules to route particular subnet, say 192.168.0.1/24, through the tunnel (B-client to A-server) for Site B, and 192.168.1.1/24 for Site A over different tunnel (A-client to B-server)?
    – Halcyon
    Commented Jan 22, 2018 at 19:32
  • Connecting subnets behind OpenVPN is actually a bit involved; you need a special configuration.
    – dirkt
    Commented Jan 22, 2018 at 20:14

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .