0

Question moved and completely re-written here.

I have a block of Static IP's from my ISP and I am looking to setup separate network interfaces inside DD-WRT that all go through the single WAN connection I have. I want to assign Static IP's to each of these interfaces and have separate subnet's and gateway's set inside the DD-WRT router. I would like to be able to access each of these subnet's anywhere on the LAN depending upon the Static information I assign in each device.

Example:

1 WAN Port
2 WAN network interfaces (Via aliasing or VLAN's, or any other option)
2 Subnets (Routed separately to each of the respective WAN interfaces)

Connect any device on the LAN to either subnet and have that devices traffic routed through which ever WAN interface it is assigned and out of the same WAN Port.

I realize that normally there is only a single WAN network interface that has the physical MAC address of the WAN port, but I'm sure there's a way to create a second virtual interface with a virtual MAC (Random, whatever) and be able to be routed out of the same WAN port. Just not sure how to do it with DD-WRT. Already posted on the forums over at DD-WRT, but haven't gotten a response. Any information is much appreciated.

EDIT:

I cannot have my ISP assign all of the Static IP's to my gateway/router MAC. I have to statically set each network interface. So I essentially need to create a secondary, virtual WAN interface which is routed through the same WAN port, but assigned a different Static IP than the primary, default WAN interface is configured with. This could be resolved with having 2 physical network interfaces and then have them switched together, however, if I'm going to do that, why not just configure it to do essentially just that through virtual interfaces.

Improve this question

1 Answer 1

Reset to default
0

The approach is simpler than you might think. If your ISP has provided you a block of static IPs, then step one is to get the ISP to route those IP addresses to your WAN public address.

This one move ensures that any packets destined for your IP addresses will end up at your router.

All that remains is to ensure that outgoing packets are correctly natted to the right public address.

Assuming you use vlans for the internal networks - lets say one of them is 192.168.1.0/24 and another is 192.168.2.0/24 then you can use iptables commands to do the nat for you:

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT -o eth1 --to-source 123.123.123.123
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j SNAT -o eth1 --to-source 123.123.123.124

These are saying: after routing, if the source is in the 192.168.1.0/24 range, and the destination is out of the eth1 interface (the WAN interface), then changing the source address to 123.123.123.123

So the packet would leave your router with one of your public addresses, any replies would comb back to your router because your ISP has said the range is routed to your WAN address. There it will match the NAT rule and get "unnatted" to end up going to 192.168.1.x.

Improve this answer
12
  • The iptables routing seems to be part of what I need, but my ISP doesn't assign/route the block of Static IP's to my WAN MAC. They simply provide the block and allow me to use those. For instance, I have 4 Static IP's available to me - 1 Network, 1 Broadcast, 2 Static/Regular IP's. I have to statically assign 2 network interfaces these Static IP's. I could have two routers behind a switch, however, that would effectively create two separate LAN's.
    – t3chman
    Commented Jul 9, 2013 at 5:47
  • I would like to use a single router with only 1 WAN connection and setup some sort of virtual Ethernet interface - similar to the standard WAN ethernet interface in DD-WRT and other routers/devices.
    – t3chman
    Commented Jul 9, 2013 at 5:48
  • @t3chman Unless these IP addresses are routed to your internet service, then you won't be able to use them. You can't just assign them to interfaces and expect that the internet will know where they are. Your ISP must do this.
    – Paul
    Commented Jul 9, 2013 at 6:52
  • The ISP sets up a statically routed block. End users assign the static IP's to interfaces along with the provided gateway and broadcast addresses in the routed block. I actually work at the ISP and have been working with our administrators, but would like an extra set of opinions on how I should do this. I am in a VLAN that accepts statically setting IP information to network interfaces, as you can do with any network interface on LAN. I know I can set IP's statically, as I've done so and work with advanced networking daily. I just don't understand DD-WRT fluently enough to create a secondary
    – t3chman
    Commented Jul 9, 2013 at 7:35
  • virtual network interface that can be assigned an additional static IP, as the primary WAN interface is, and routed out through the same WAN port. I'm sure this can be done with network interface aliasing, as you can with other Linux OS's, just not sure how to do so with DD-WRT specifically - I am open to trying a different OS/FW, but I would like to use DD-WRT if possible. Open-WRT is supported with my router, unfortunately.
    – t3chman
    Commented Jul 9, 2013 at 7:37

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .