Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
"Good" ways to configure WAR1 CPE
#1
Ok, I have my routed backbone under control. Now I'm trying to figure out the details of connecting the client. So far I have about six hooked up, they are all done differently and none seem quite right. (most are just bridged, trying to avoid that)

I've been looking thru the wiki, the "What gives" thread and the "Best way to setup WAR/V2 CPE" for ideas. If there is another thread that provides guidance, please let me know.

My preferred install is a WAR1 at the customer's house, that connects to a WiFi router that I usually provide. The WAR1 uses dhcp on wpci1 to get a private IP that routes thru my network.

The "CPE setup w/NAT and DHCP auto-auth" looks good, but means I would be doing double NAT. (plus the customer is probably doing a 3rd NAT) This method seems to rely on using RIP to route between the two interfaces. I'm not familiar with that, but I'll give it a try if suggested. The example also uses static IP assignment on wpci1, not sure if that matters.

Earlier I tried setting the default route to the wireless interface, but since it is dhcp assigned I wasn't sure what to put in for the IP address?

(ahhh, I should write more clearly, but the sun is shining and I have nice new grain leg to hang a Lucaya x4000 on...)
Reply
#2
I use static addresses for my CPE's, but I am not using WAR/WRAP's.

I divide my AP subnets in:
x.x.x.1-99 for CPE's (cbq blocking)
x.x.x.100 IP of the AP
x.x.x.101-199 for customer IP's (internet goes thru this address)
x.x.x.200-254 not in use

If you do similar setup, You could use WAR1 in WDS (bridge) mode (ether1/wpci1) to run DHCP on LAN side and serve ONLY ONE IP form AP's subnet range assigned to customer that WiFi router could pick up.

WAR1 would then be staticly assigned IP address (od static DHCP by WAR1 MAC).

Someone should jump in and explain how to prevent DHCP passthrough.
Ljubomir Ljubojevic - Love is in the Air
Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman...
StarOS and CentOS/RHEL/Linux consultant
Powerful Starv3 manipulation tool - StarV3 Multipractik for Linux
Reply
#3
I'm not sure we do it correctly, but this is what we do. We route our network using the 10.x.x.x network. The first AP at the shop does NATing to masq the 10.x.x.x network to our public (internet side) IP addresses.

From there, the AP's are routed, with 10.1.x.x linked to 10.2.x.x and so on. Each Interface is on it's own subnet, so that our 4th AP (a WAR2 in this case) would have 10.4.1.x and 10.4.2.x as it's WPCI1 and WPCI2 cards. Each of these cards are DHCPing out 10.4.1.100+ and 10.4.2.100+ numbers respectively.

So, to answer your question on the CPE side, we use DHCP client on it's WPCI1 card to fetch a number from the AP, and we set it's ethernet to 192.168.100.1 - we then use a masq on the WAR CPE ''masq from 192.168.100.0/24 to dev wpci1'' and we use DHCP AutoAuth on the WAR CPE's Ethernet to hand out a 192.168.100.x number to the customer's computer (or to their router). BTW, we change the IP address on the WAR's ethernet to 192.168.100.1 so that it's more than likely not the same as the customer's router if they have one.

And yes, this means that there is NATing at the intenet side of our network, and there is at least a second NAT in the WAR CPE, and possibly a 3rd NAT in the customer's router if they have one. I don't know if this is a problem or not. I don't know of any other way to do it. I have been told that NATing at the edges is OK, just not in the middle of the network, but I don't know if this is correct or not. Seems to work here. Smile
Reply
#4
ninedd, I use same setup (with diferent CPE used). But I also add (where required, read bridge insted of NAT is in place) additional IP in .1-99 range for maintenace. You can also do IPMAP too the IP of the customers router, avoiding one NAT'ing, BUT ONLY with additional IP on the WAR1.
Ljubomir Ljubojevic - Love is in the Air
Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman...
StarOS and CentOS/RHEL/Linux consultant
Powerful Starv3 manipulation tool - StarV3 Multipractik for Linux
Reply
#5
Thanks DrLove73, I need to think about this more, but maybe the IPMAP might be better. I would prefer to use DHCP for the WAR1 to get it's address from the AP, but maybe static would be OK for now.

And Ninedd, also thanks. It sounds as if I'm duplicating your network here. I have configured a CPE this way, but for some reason the customer's router isn't pulling an IP address. I suppose I should test it here and make sure my settings are OK, rather than making the 15 mile drive over there.

Ninedd, do you do anything with static/default route? I couldn't figure out how to set the default route to wpci1 when it was using dhcp. I ended up leaving 192.168.3.1 on it, but also using dhcp. Maybe I am causing problems for myself with that, too.

When I was setting this up Thursday, I had a mistake in the masq statement. For some reason I get stupid (stupider?) after trying to run Cat5 thru dusty basements for several hours. I would really like to get to a point where I have a "cookbook" of a configs for a working setup. I am close to this now, the routing works for 25 miles. It is just the last two inches from the CPE wpci1 to the ether1 confusing me still.

Very frustrating. Wonder if I could convince the customers to give up their windows computers and just use the WAR1 for Internet access. They could do their pings and ssh's from there, the heck with web browsing. :-)


Reviewing the "What gives" thread, it seems like people want this psuedo bridging feature. That sounds like the long term preferred solution to me. Lonnie seems to indicate it will be added when there is room for the code, after moving to a web interface: http://forums.star-os.com/showpost.php?p...tcount=102
Reply
#6
valenti Wrote:Thanks DrLove73, I need to think about this more, but maybe the IPMAP might be better. I would prefer to use DHCP for the WAR1 to get it's address from the AP, but maybe static would be OK for now.

It seams that maybe both DHCP and static IP could coegzist together. Look into it, I do not use DHCP. Try first (in the lab!) adding one static IP, and then enabling dhcp client. Who knows.

valenti Wrote:Ninedd, do you do anything with static/default route? I couldn't figure out how to set the default route to wpci1 when it was using dhcp. I ended up leaving 192.168.3.1 on it, but also using dhcp. Maybe I am causing problems for myself with that, too.

DHCP AutoAuth should be enabled on ether interface (interfaces\ether1\dhcp auto-auth configuration\configuration). For gateway, you have to put IP off the ether1 interface, since those informations go to clients router/computer. Then set DNS entries and IP address range, and you are set.

valenti Wrote:When I was setting this up Thursday, I had a mistake in the masq statement. For some reason I get stupid (stupider?) after trying to run Cat5 thru dusty basements for several hours. I would really like to get to a point where I have a "cookbook" of a configs for a working setup. I am close to this now, the routing works for 25 miles. It is just the last two inches from the CPE wpci1 to the ether1 confusing me still.

just set "masq 192.168.x.x/24 to dev $net", but first be sure that "net = wpci1" is set before masq.
Ljubomir Ljubojevic - Love is in the Air
Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman...
StarOS and CentOS/RHEL/Linux consultant
Powerful Starv3 manipulation tool - StarV3 Multipractik for Linux
Reply
#7
valenti Wrote:Ninedd, do you do anything with static/default route? I couldn't figure out how to set the default route to wpci1 when it was using dhcp. I ended up leaving 192.168.3.1 on it, but also using dhcp. Maybe I am causing problems for myself with that, too.
Nope, when NATing on the WAR1 CPE, we don't need any routing tables or routing protocals at all. Just NATing.

So, looking at my personal CPE...

It's WPCI1 card has DHCP Client turned on, and it's fecthing a 10.4.1.x number from the AP. In my case, INTERFACE -> DHCP CLIENT INFORMATION -> VIEW ACTIVE LEASE shows that I'm currently geting 10.4.1.200

It's Ethernet card has DHCP AutoAuth server turned on, and it's handing out 192.168.100.x numbers from 2-10. Right now, my computer is getting 192.168.100.2 handed out to it, since the Ethernet card on the WAR itself if set to 192.168.100.1 manually.

The AP is routed, so it has a default route (to 10.2.4.3) and it's DHCPing out numbers (10.4.1.xxx and 10.4.2.xxx) on it's two Wireless AP cards - which is where my CPE is getting 10.4.1.200 from.

Now, for simplicity, I wouldn't start with a DLink in the mix - we have seen ones that can't seem to fetch numbers from the CPE. I've been told it's the flavour of DHCP AutoAuth that Star uses, but I don't know. In those cases, we've simply manually configured 192.168.100.2 into the WAN port of the DLink and it works fine. We've never had a computer itself not fetch a number from the WAR CPE, but we do have Routers that act in an unexpected manner.
Reply
#8
Ok, I've got this running pretty much as you describe. I usually use Zyxel routers for the house, they haven't caused problems so far. thanks

Will try to make a few minor edits in the wiki.
Reply
#9
valenti Wrote:Will try to make a few minor edits in the wiki.
Good, I am swampt with obligations, and have only so much time to form time to time make few quick posts. If you fill it with basics, I will try to add to it.
Ljubomir Ljubojevic - Love is in the Air
Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman...
StarOS and CentOS/RHEL/Linux consultant
Powerful Starv3 manipulation tool - StarV3 Multipractik for Linux
Reply
#10
DrLove73 Wrote:just set "masq 192.168.x.x/24 to dev $net", but first be sure that "net = wpci1" is set before masq.

Hi, I have to nat a few cpe's this week; the AP is prism v2 and is getting upgraded next week so we can then use WDS. Nat is new to me and will just be in place till next week.

Is it necessary to declare what device is net? Or can I just do the masq statement with wpci1 rather than $net?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)