0

I am trying to setup a static route within 3 routers. I have a CISCO WRT320N, a TENDA AC2100 and a WiFi 5 Dual Band router. I'm trying to keep the largest number of devices connected via Ethernet. I have disabled the WiFi on the CISCO and the TENDA routers, so the WiFi router can handle that task. There is also the router provided by my ISP as it is shown below.

Network topology

The reason I am not connecting my devices using just a switch directly to my ISP router is because I was having a very low performance, so my ISP sent an "expert" to fix the problem. After trying with different options, he realized the problem was with the DNS, so I have to manually change the DNS on every device to 8.8.8.8, 8.8.4.4 (which I think is the Google DNS). Since it is not possible for me to setup my ISP router, I decided to use my own routers and setup the DNS to 8.8.8.8 and 8.8.4.4, now every device gets the correct DNS using DHCP (better than setting a static IP to almost every device on my house). Since I need communication between every LAN devices, I am setting up a static route as it is shown below:

  • WRT320N:
  1. LAN Network: 192.168.3.0/24 Gateway: 192.168.2.2 Interface: LAN
  2. LAN Network: 192.168.1.0/24 Gateway: 192.168.0.100 Interface: WAN
  • WiFi Router:
  1. LAN Network: 192.168.2.0/24 Gateway: 192.168.2.1 Interface: WAN
  2. LAN Network: 192.168.1.0/24 Gateway: 192.168.2.1 Interface: WAN
  • Tenda:
  1. LAN Network: 192.168.2.0/24 Gateway: 192.168.0.101 Interface: WAN
  2. LAN Network: 192.168.3.0/24 Gateway: 192.18.0.101 Interface: WAN

I used CISCO Packet Tracer to simulate the static route and I can send ICMP packages between all devices on every LAN without any problem. However, on my house there is only connection between the LAN2 to the LAN3 (and vice versa), but the LAN1 does not seem to be communicating at all either with the LAN2 or LAN3.

I have double checked that the static routing is the same as the one I configured on CISCO Packet Tracer, so I am not sure if I need to do any extra configuration on my routers of if I am doing something wrong.

I am a newbie so if someone knows a better way of doing this I would appreciate it.

Improve this question
1
  • Although most likely irrelevant, LAN Network: 192.168.2.0/24 Gateway: 192.168.2.1 Interface: WAN is wrong (well, inappropriate, but it still sort of works) since 192.168.2.0/24 should be a direct route (i.e. no gateway). And you should not need to add such route manually.
    – Tom Yan
    Commented Aug 2, 2022 at 22:13

1 Answer 1

Reset to default
0

With regards to the original reason for this frankenNetwork: you only need 1 extra router to override your ISPs behaviour, no need for 3. Just put that router behind your ISP provided-device and connect switches and access points to that. Also, slap your ISP for providing you with shitty DNS. You can't expect a consumer to run their own router because they can't provide a reliable DNS service, it's absolutely ridiculous.

Back to the specific question:

A big difference between Packet Tracer and the routers that you're using is that packet tracer provides "proper" routers (for the lack of a better term). Most consumer devices for routing were designed on the assumption that there is a WAN side and a LAN side (as you did in your drawing). Proper routers don't make that assumption and consider all networks on "equal footing", unless you configure otherwise.

Most consumer routers automatically apply NAT (SNAT) to LAN->WAN traffic, which totally breaks your design. There is no way to traverse from WAN to LAN with just plain routing or static routes (which is what you want here). You might hack it together using port forwarding, but this is gonna lead to headaches in the future.

While your thinking is generally correct (as confirmed by Packet Tracer), you're also missing out on default routes. Even if you got everything to work as desired, you'd still have no internet connection on LAN 1, 2 and 3, because they have no default route, and thus wouldn't be able to find anything on the internet (giving ICMP destination unreachable).

I think the easiest way out is to change your design to only include 1 additional router and just connect everything to that. If you want to go full-on nerd; get a couple of Edgemax or Mikrotik routers and start experimenting with those. And instead of static routes, employ a routing protocol like RIP or OSPF to really get a grasp of how large-scale networks work.

Improve this answer
2
  • What actually "breaks" WAN-to-LAN is that they might (and they should) have firewall that prevent "active" access from WAN hosts to LAN hosts (either "statefully" or by checking the destination IP at some point earlier than reverse NAT is performed). At least when the router is Linux-based, "replies" from the LAN hosts will be exempted from the SNAT. (So don't expect "security" from NAT.)
    – Tom Yan
    Commented Aug 2, 2022 at 21:49
  • Thank you so much for your feedback @mtak. After 2 hours on the phone and getting a new ISP router the DNS problem is solved, so I am using the routers as access points on the same LAN.
    – Smooth Researcher
    Commented Aug 2, 2022 at 23:18

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .