Repeater Bridge

From DD-WRT Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 05:22, 4 January 2015 (edit)
Donny (Talk | contribs)
(Notes - half bandwidth)
← Previous diff
Revision as of 19:27, 31 August 2015 (edit) (undo)
Steved64 (Talk | contribs)
m (Site Survey Adjustment - additional info about checking association after Join)
Next diff →
(13 intermediate revisions not shown.)
Line 12: Line 12:
-The limitation with standard bridging is that it only allows '''wired''' clients to connect to your secondary router. ''Wireless'' clients cannot connect to your secondary router configured as a standard bridge.+The limitation with standard bridging is that it only allows '''wired''' clients to connect to your secondary router. ''Wireless'' clients cannot connect to your secondary router configured as a standard bridge. Repeater bridge allows wireless AND wired clients to connect to a the repeater bridge router, and through that device wirelessly to a primary router. You can still use this mode if you only need to bridge wired clients; the extra wireless repeater capability comes along for free however you are not required to use it.
-New in DD-WRT v24 is '''Repeater Bridge''' mode. This extends your primary LAN via secondary router (bridge router) and '''also''' allows wireless clients to connect to your secondary router. This extends the range of your wireless network while simultaneously allowing wired clients to connect to your secondary router.  
[[Image:Repeater_Bridge.jpg|thumbnail|Reference Image]] [[Image:Repeater_Bridge.jpg|thumbnail|Reference Image]]
Line 169: Line 168:
===Setup=== ===Setup===
-*<font color="red">Be using a build no older than r25139, if you are, then get up to date first before proceeding! Please ignore most other info on this page, it is outdated info for Broadcom units, Qualcomm Atheros units have it simple & trying to follow most other things outside of this QCA section will result in problems.</font>+*<font color="red">Be using a build no older than r27378; if you are, then get up to date first before proceeding! Please ignore most other info on this page, it is outdated info for Broadcom units. Qualcomm Atheros units have it simple, & trying to follow most other things outside of this QCA section will result in problems.</font>
Open the '''Wireless -> Basic Settings''' tab Open the '''Wireless -> Basic Settings''' tab
-*Physical Interface (ath0, ath1 etc) +*Physical Interface (ath0, ath1, etc.)
-**Wireless Mode : Client Bridge (Routed) +**Wireless Mode: Client Bridge (Routed)
-**Default GW Mode: Auto (DHCP), manually enter IP of the host if no internet on auto+**Default GW Mode: Auto (DHCP). Use manual with host IP if it refuses to connect, has no internet, or unable to access either the host or bridged router from the other end
**Wireless Network Mode: Match the host router **Wireless Network Mode: Match the host router
-**Channel Width: Match the host router, if its unknown, select dynamic or wide HT40. Do take note of [http://svn.dd-wrt.com/ticket/3414 this ticket about a long lasting bug with QCA routers in client/client bridge/wds modes + VAP]+**Channel Width: Match the host router, if its unknown, select wide HT40 or VHT80 if using 802.11ac.
-**Wireless Network Name(SSID): Match the host router exactly including capitals, make sure you spell this correctly +**Wireless Network Name (SSID): Match the host router exactly including capitals, make sure you spell this correctly
**Network Configuration: Bridged **Network Configuration: Bridged
**Click '''Save''' **Click '''Save'''
Line 195: Line 194:
-*Virtual Interfaces (ath0'''.1''', ath1'''.1''' etc) +*Virtual Interfaces (ath0'''.1''', ath1'''.1''', etc.)
-**Click Add+**Click '''Add'''
**Wireless Network Mode: AP **Wireless Network Mode: AP
-**Wireless Network Name(SSID): Same as the host router if you want a repeater, or different from the host router if you want your own separate network or for other advanced configurations+**Wireless Network Name (SSID): Same as the host router if you want a repeater, or different from the host router if you want your own separate network or for other advanced configurations
-**Wireless SSID Broadcast : Enable+**Wireless SSID Broadcast: Enable
**Click '''Save''' **Click '''Save'''
**Wireless Security: Match the host router, exactly including capitals & security algorithm. EX: host using WPA2 Personal AES will still work if the repeater is set to WPA2 Personal Mixed AES, for whatever reason, as it includes the algorithm in use (WPA2-AES) **Wireless Security: Match the host router, exactly including capitals & security algorithm. EX: host using WPA2 Personal AES will still work if the repeater is set to WPA2 Personal Mixed AES, for whatever reason, as it includes the algorithm in use (WPA2-AES)
Line 209: Line 208:
=== SSIDs === === SSIDs ===
-Under "Wireless -> Basic Settings", you must use '''only''' the primary router's SSID for the physical interface '''to connect wireless clients''' and create a new SSID for the virtual interface.+Under "Wireless -> Basic Settings", you must use '''only''' the primary router's SSID for the physical interface '''to connect wireless clients''' and create a new SSID for the virtual interface. You will be able to tell which you are connected to as the two ssids MUST be different. (The only way to have one seamless network with the same ssid is to use WDS which almost always requires routers to support WDS AND have at least the same chipsets)
===The "half bandwidth" misunderstanding=== ===The "half bandwidth" misunderstanding===
-Too many people make a big deal out of the half bandwidth oversimplification of the repeater bridge setup. It's not that big of a deal, and not that complicated. A router can only talk to one device at a time. So if the router is set up as a repeater bridge AND it has active clients, the repeater bridge router must talk to two devices- the client computer and then to the primary router. This will effectively half the bandwidth available to the client computer, but it is no different than having two computers on a single primary router. The router can only talk to one at a time, so if both are active, it will only be able to talk to one at a time, effectively cutting the available bandwidth in half. So it really is no big deal. I see people all the time who are concerned about the "half bandwidth" issue, but are on tot at all concerned when there are two devices on their network. It's the same thing. And only matters at all when the device is active (transferring data to or from the wan).+Too many people make a big deal out of the half bandwidth oversimplification of the repeater bridge setup. It's not that big of a deal, and not that complicated. A router can only talk to one device at a time. So if the router is set up as a repeater bridge AND it has active clients, the repeater bridge router must talk to two devices- the client computer and then to the primary router. This will effectively half the bandwidth available to the client computer, but it is no different than having two computers on a single primary router. The router can only talk to one at a time, so if both are active, it will only be able to talk to one at a time, effectively cutting the available bandwidth in half. So it really is no big deal. I see people all the time who are concerned about the "half bandwidth" issue, but are not at all concerned when there are two devices on their network. It's the same thing. And only matters at all when the device is active (transferring data to or from the wan).
=== Security === === Security ===
 +
 +Dd-wrt will often not work unless BOTH the primary router and the secondary router use wpa2-aes security ONLY. Wep will also often work, but it is not secure.
Keep in mind any security settings will need to be configured including MAC filtering in order for the Secondary Router to connect to the Primary Router and also for clients connecting to the Secondary Router to gain full access to the connectivity of the Primary Router. There are some factors to consider when setting up Security for Client Bridge mode that may or may not be factors when setting up Repeater Bridge mode. I simply have not experimented with this. Keep in mind any security settings will need to be configured including MAC filtering in order for the Secondary Router to connect to the Primary Router and also for clients connecting to the Secondary Router to gain full access to the connectivity of the Primary Router. There are some factors to consider when setting up Security for Client Bridge mode that may or may not be factors when setting up Repeater Bridge mode. I simply have not experimented with this.
Line 221: Line 222:
[NOTE {Montrealmike}]Also when your adding WEP,WPA,WPA2 etc... between the AP and the repeater bridge you have to start with the AP first; then the repeater bridge.When you enable security on the repeater click save not apply, then click on the administration tab scroll down to the bottom and click apply settings. You will then have to power cycle the repeater twice ( unplug and plug back in twice ) in order for the repeater bridge and AP to synchronize. This has worked for four repeater bridges for me. [NOTE {Montrealmike}]Also when your adding WEP,WPA,WPA2 etc... between the AP and the repeater bridge you have to start with the AP first; then the repeater bridge.When you enable security on the repeater click save not apply, then click on the administration tab scroll down to the bottom and click apply settings. You will then have to power cycle the repeater twice ( unplug and plug back in twice ) in order for the repeater bridge and AP to synchronize. This has worked for four repeater bridges for me.
-Edit - Altair - In my experience the above advice of power cycling the router has been confirmed. I spent 20 minutes trying different things to no avail before I finally gave in and tried power cycling it twice (I honestly didn't believe it would do anything). After the power cycle it has been working flawlessly.+Edit - pmiller - I can also confirm the power cycling to sync the repeater to the AP. You can confirm that the repeater has syncronized with the AP by going to the Status>Wireless tab on the AP and viewing the MAC address of the repeater with some % signal quality value. Before doing 2 power cycles on the repeater, the MAC address would display on the AP's Status>Wireless tab, but with 0% signal quality. After the power cycles the % quality displayed around 30%. I played around with other security settings later on the AP and found the 2 power cycles to be unnecessary after the 2 had originally sync'ed- no idea why this would work, but it did. I had some difficulty at first because I had security enabled on the AP as WPA2-Personal Mixed, which is basically WPA2-AES or WPA-TKIP simultaneously. The repeater is unable to connect with the AP in this mixed mode; rather you must choose between WPA2-AES or WPA-TKIP . I have now switched both my wireless security settings to WPA-TKIP (physical and virtual) just for simplicity, though in theory the virtual need not match the physical. Your security is as good as the weakest link. For those having trouble, I would turn off all security and turn on SSID broadcast first, then once you get a good sync turn on security on the AP first, then
- +
-Edit - pmiller - I can also confirm the power cycling to sync the repeater to the AP. You can confirm that the repeater has syncronized with the AP by going to the Status>Wireless tab on the AP and viewing the MAC address of the repeater with some % signal quality value. Before doing 2 power cycles on the repeater, the MAC address would display on the AP's Status>Wireless tab, but with 0% signal quality. After the power cycles the % quality displayed around 30%. I played around with other security settings later on the AP and found the 2 power cycles to be unnecessary after the 2 had originally sync'ed- no idea why this would work, but it did. I had some difficulty at first because I had security enabled on the AP as WPA2-Personal Mixed, which is basically WPA2-AES or WPA-TKIP simultaneously. The repeater is unable to connect with the AP in this mixed mode; rather you must choose between WPA2-AES or WPA-TKIP . I have now switched both my wireless security settings to WPA-TKIP (physical and virtual) just for simplicity, though in theory the virtual need not match the physical. Your security is as good as the weakest link. For those having trouble, I would turn off all security and turn on SSID broadcast first, then once you get a good sync turn on security on the AP first, then the repeater.+
- +
-Edit - aselvan - I have this setup on identical hardware (i.e. Linksys wrt310n) for AP and repeater running identical DDWRT (v24 standard generic). However, I can't get the WPA2 working between the repeater unit and AP no matter what combination I tried-- the repeater and AP can't connect, however, WEP and WAP works. Anyone have any idea?+
- +
Edit - crandler - '''WPA2 personal mixed''' with Linksys WAG160N as DSL uplink with original firmware and WRT160N with dd-wrt v24 std in repeater bridge mode does not function. Had do switch both devices to '''WPA2 personal'''. Edit - crandler - '''WPA2 personal mixed''' with Linksys WAG160N as DSL uplink with original firmware and WRT160N with dd-wrt v24 std in repeater bridge mode does not function. Had do switch both devices to '''WPA2 personal'''.
Edit - ytal - Using encryption for the bridged connection only works if I either use '''the same''' encryption data (incl. ESSID) on the other (virtual) interface or do not use any encryption on the virtual interface at all. If set differently, the wireless link to the base station fails. Base station is a Speedport W500V / Targa WR 500 VoIP (http://forum.openwrt.org/viewtopic.php?id=5774) with the original Telekom firmware. Edit - ytal - Using encryption for the bridged connection only works if I either use '''the same''' encryption data (incl. ESSID) on the other (virtual) interface or do not use any encryption on the virtual interface at all. If set differently, the wireless link to the base station fails. Base station is a Speedport W500V / Targa WR 500 VoIP (http://forum.openwrt.org/viewtopic.php?id=5774) with the original Telekom firmware.
- 
-Edit - Andy - Running v24-sp1, I am also unable to have different WPA2-Personal (AES) key's between the physical and virtual interface. The security and keys must match. Upon saving and cycling the power, the status page on the AP shows signal to the repeaters, but no ping responses or network traffic exists. Also, the Repeater Bridge function fails if I turn broadcast off on the AP. 
- 
-Edit -PeterMartin, RFShop - Avoid using the passphrase generator with WEP. You can’t overtype the key codes later. 
-(Or rather you can and they do work but the old ones are the ones that remain visible. Very Difficult to erase.) 
-Instead type in the key codes directly. Or better still copy and paste from a text file, which you need to keep for reference, as they are not visible once typed in. 
-Agree that encryption has to be the same for both secondary and primary network. Same keys too. Same bugs seem to be present on Universal Repeater Mode. 
Edit - RamonBuckland - I found that setting the security to off worked first. But WPA2 Personal did not. I then lowered the key refresh to 15 seconds (same Wireless Security settings tab) on both routers and applied. They then found each other. One would figure if I were patient enough (to wait 3600 seconds, 1 hour) then it would have worked. So .. I think the key renewal is what throws them. I have it now working WPA2 Personal (AES) with a key renewal of 15 seconds. Perhaps upping it now to an hour and walking away (from the house) they will work :-) logically. Good work peoples. Edit - RamonBuckland - I found that setting the security to off worked first. But WPA2 Personal did not. I then lowered the key refresh to 15 seconds (same Wireless Security settings tab) on both routers and applied. They then found each other. One would figure if I were patient enough (to wait 3600 seconds, 1 hour) then it would have worked. So .. I think the key renewal is what throws them. I have it now working WPA2 Personal (AES) with a key renewal of 15 seconds. Perhaps upping it now to an hour and walking away (from the house) they will work :-) logically. Good work peoples.
Line 260: Line 249:
Site Survey does NOT create any connection. It only fills in the name of the primary router, which you must save for site survey to have any use. You can fill in the primary SSID simply by typing it in on the secondary router instead of using site survey to type it for you. Site Survey does NOT create any connection. It only fills in the name of the primary router, which you must save for site survey to have any use. You can fill in the primary SSID simply by typing it in on the secondary router instead of using site survey to type it for you.
 +
 +You can verify that the Bridge is using correct settings by looking at the Status -> Wireless page on the Bridge where it will show details of the SSID, channel, and encryption in use. The real indicator of proper association is on the Access Point, where the Bridge's MAC should appear on AP's list of active clients (also Status -> Wireless if the AP is running dd-wrt).
== See Also == == See Also ==

Revision as of 19:27, 31 August 2015

You are here: DD-WRT wiki mainpage / Linking Routers / Repeater Bridge


A wireless bridge connects two LAN segments with a wireless link. The two segments are in the same subnet and look like two ethernet switches connected by a cable to all computers on the subnet. Since the computers are on the same subnet, broadcasts reach all machines. DHCP clients in one segment can get their addresses from a DHCP server in the other segment.

Use a wireless bridge to transparently connect computers in one room to computers in a different room when you cannot—or don't want to—run an ethernet cable between the two rooms.

A standard wireless bridge (client bridge) connects wired clients to a secondary router as if they were connected to your main router with a cable. Secondary clients share the bandwidth of a wireless connection back to your main router. Of course, you can still connect clients to your main router using either a cable connection or a wireless connection.




The limitation with standard bridging is that it only allows wired clients to connect to your secondary router. Wireless clients cannot connect to your secondary router configured as a standard bridge. Repeater bridge allows wireless AND wired clients to connect to a the repeater bridge router, and through that device wirelessly to a primary router. You can still use this mode if you only need to bridge wired clients; the extra wireless repeater capability comes along for free however you are not required to use it.


Reference Image
Reference Image


In the case in which we are interested, a secondary router running DD-WRT v24 is configured as a Repeater Bridge between a Primary wireless router (of any make/brand/FW) allowing the above configuration.

Assumptions:

Primary router is configured in a 192.168.1.X subnet and leases DHCP address in the same pool. Secondary router is running DD-WRT v24

No security setup will be covered in this Wiki. It will be up to the user to setup security between the Primary and Secondary routers

Note: If you are unsure of what you are doing, is advisable to practice by setting up the router first in client bridge mode and get it working correctly. Client bridge mode is simpler but most of the settings are the same. Once you understand how to set up a client bridge and have it working, then proceed to setting up repeater bridge

Contents

Broadcom

Instructions

A very simple step-by-step description to connect a Router running selected DD-WRTV24 firmware in Repeater Bridge Mode. You do not need dd-wrt on the primary router for this to work, however your primary router must be able to support encryption that works with dd-wrt. (WPA2-aes works)

If you are using a G router, use 12548 builds to create a wireless bridge. DO NOT USE SP1 OR THE MAY 24 08 BUILD. If you are not using a G router, use one of the builds recommended in the Peacock announcement, which you should read prior to doing anything else: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486

This mode is NOT for WIRED connections between two routers! It is a wireless connection only.

To enable bridge mode between two routers, the primary router must be in AP mode (default) with DHCP Server enabled. The secondary router running DD-WRT v24 will be configured as the Repeater Bridge.

  1. Restore Factory Defaults on Secondary (DD-WRT) Router
  2. Do a proper HARD 30-30-30 Reset on the router.
  3. Set your computer to a static IP of 192.168.1.9 if you know how to set static addresses. Otherwise leave your computer's network adaptor(s) programmed with the factory default setting of DHCP and the router will assign a valid address to your computer.
  4. Connect your computer to the secondary router via wired LAN port or as a wireless client. The dd-wrt default wireless SSID is "dd-wrt"
  5. Open the address http://192.168.1.1 in your web browser. Newer versions of DD-WRT will require you to set a password before you can continue.
  6. Open the Wireless -> Basic Settings tab
    • Physical Interface Section
      • Wireless Mode : Repeater Bridge
      • Wireless Network Mode : Must Match Primary Router
      • Wireless Network Name(SSID) : Must Match Primary Router exactly including exact case- Make sure you spell this correctly
      • Wireless Channel : Must Match Primary Router (This will disappear once you put it in RB mode, and isn't needed)
      • Wireless SSID Broadcast : Enable
      • Network Configuration : Bridged
      • Save
    • Virtual Interfaces Section
      • Add
      • Wireless Network Name(SSID) : Different from Primary Router
        • [NOTE] - You CAN try using the same SSID but it usually will not work properly. Many have had random disconnects and/or no connection if the SSID's are the same.
      • Wireless SSID Broadcast : Enable
      • AP Isolation : Disable
      • Network Configuration : Bridged
      • Save
  7. Open the Wireless -> Wireless Security tab
    • Physical Interface Section
      • Security Mode : Must Match Primary Router and DD-wrt only works reliably with WEP or WPA2-AES
      • WPA Algorithms : Must Match Primary Router
      • WPA Shared Key : Must Match Primary Router
      • Key Renewal Interval (in seconds) : Leave default
    • Virtual Interfaces Section (note if you don't see this section your firmware should be atleast v24-sp2)
      • Security Mode : Must Match Physical Interface
      • WPA Algorithms : Must Match Physical Interface
      • WPA Shared Key : Must Match Physical Interface
      • Key Renewal Interval (in seconds) : Leave default
      • Save
  8. Open the Setup -> Basic Setup tab
    • Connection Type will be: Disabled
    • Set STP for Disabled (Enabled sometimes can cause connection problems) redhawk
    • IP Address : 192.168.1.2 (Assuming Primary Router IP is 192.168.1.1)
    • Mask : 255.255.255.0
    • Gateway: 192.168.1.1 (again assuming Primary Router IP is 192.168.1.1)
    • DHCP Server: Disable
    • Local DNS: 192.168.1.1 (if IP of Primary Router is 192.168.1.1)
    • Assign WAN Port to Switch : Optionally enable this to use the WAN port as another LAN port.
    • Save
  9. Log back into the router at it's new IP address of http://192.168.1.2
    • Open Setup -> Advanced Routing tab
    • Set Operating mode to "Router"
    • Save
  10. Open Services
    • Disable Dnsmasq
    • Save
  11. Open the Security -> Firewall tab
    • Uncheck all boxes...except Filter Multicast
    • Disable SPI firewall
    • APPLY Settings
  12. Reboot the router.
  13. Once you have it working, go to the wireless security tab, and set the same type of security AND key for both the primary and the repeater ssids and hit apply. Avoid WPA2 Personal MIXED, as it will likely kill communication between the routers (see Security section below for more on this). WPA2 Personal is fine.
  14. SET YOUR COMPUTER BACK TO AUTO IP AND AUTO DNS.

You should now be able to connect wired clients and wireless clients to the newly configured Secondary router . They will receive IP Addresses from the Primary Router and will be able to use the Internet connection supplied by the Primary Router.

Also take note of the fact that all repeaters, including this Repeater Bridge mode, will sacrifice half of the bandwidth available from the primary router for clients wirelessly connected to the repeater. This is a result of the repeater taking turns talking to not just one partner, but to two, and having to relay the traffic between them. As long as your internet bandwidth requirements are within this halved bandwidth amount there will be little or no reduction in "speed".

Troubleshooting

Encryption type and key must be the same on both the primary and secondary router. The first thing to do when running into problems is to remove all encryption and see if the routers can connect. This is the single most common reason that bridged routers don't work


Wireless Clients cannot connect to Repeater

Disable security and try again. Delete and re-create your profile on the wireless computer. Check to make sure you have set security properly and that the key you used matches the key in the primary router. If one security type doesn't work try another on all routers. eg. try WEP or WPA2-AES [Mera Pakistan]

NAT

Open the Set-up -> Advanced Routing tab and change the mode to "router" instead of "gateway".

Wireless Clients have no Internet

Make sure you have a gateway specified in the repeater bridge router, and that the address there is the primary router.

No packets making it accross the bridge - "Auto" channel setting

Pulling your hair out? Sporadic documentation got you down? Are you using the "auto" setting under Wireless -> Basic Settings - Wireless Channel? Try setting this to a fixed channel. Two days worth of battling with v24-sp2 on a d-link 615 d, with nary a mention of this setting in any walkthroughs. If this still dosn't fix it, try setting up the bridge with security disabled, then re-enable it once its working.Fonz 05:01, 9 September 2010 (CEST)

This is actually part of Step 5. Don't miss any parts of each step

Linksys

(Likely the same for all broadcom devices)


After this make sure your new subnet/IP address settings are working well on your router. If you try to do the wireless bridging first without making sure that your router isn't on the same ip address as the primary and is on the same subnet your router may become unresponsive. A 30-30-30 reset will fix this problem.

Finally, once and ONLY AFTER you are connected to your host AP, as the final step you will want to go to Setup > Advanced routing tab and change the setting from Gateway to Router. Then enable dynamic routing for both Lan & Wlan and apply your settings.

The other steps and procedures listed above for broadcom should work perfectly. I advise using a wired connection as it verifies the connection to the host AP best, then you can test wireless capability. Mine worked beautifully with WPA2 encryption and SSID's being the same.

Make sure that you click save, not apply between each step, as when you click apply, you will activate all changes, which may make accessing the router difficult.

D-Link DIR-615 D4

The forums are full of people having issues with getting this to work on the DIR-615 HW rev: D4. I was able to get this working very easily using the latest brainslayer firmware (v24-sp2). Less steps are needed for it also.

  1. Restore Factory Defaults on Secondary (DD-WRT) Router
  2. Do a proper HARD 30-30-30 Reset on the router.
  3. Go to 192.168.1.1 and log in.
  4. Go to the wireless tab.
    • Choose Repeater Bridge under wireless mode.
    • Match your SSID and channel settings exactly to the main router you will be connecting to.
    • Make sure bridged is selected.
    • Click Save.
  5. Go to the Wireless Security tab.
    • Match these settings to your main router exactly.
    • Click Save.
  6. Go to setup>basic setup.
    • Choose a local IP in the same subnet that is not being used as your main router. If your main router is 192.168.1.1 then as long as it is not in use 192.168.1.2 will work. Assuming your ip is in this range the subnet will be 255.255.255.0 and the gateway and local dns will be 192.168.1.1.
    • Click Save
  7. Click Apply

The router should immediately connect and both extend the wireless range but also the LAN ports work and Internet should work

See also: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=153372


Qualcomm Atheros

Setup

  • Be using a build no older than r27378; if you are, then get up to date first before proceeding! Please ignore most other info on this page, it is outdated info for Broadcom units. Qualcomm Atheros units have it simple, & trying to follow most other things outside of this QCA section will result in problems.


Open the Wireless -> Basic Settings tab

  • Physical Interface (ath0, ath1, etc.)
    • Wireless Mode: Client Bridge (Routed)
    • Default GW Mode: Auto (DHCP). Use manual with host IP if it refuses to connect, has no internet, or unable to access either the host or bridged router from the other end
    • Wireless Network Mode: Match the host router
    • Channel Width: Match the host router, if its unknown, select wide HT40 or VHT80 if using 802.11ac.
    • Wireless Network Name (SSID): Match the host router exactly including capitals, make sure you spell this correctly
    • Network Configuration: Bridged
    • Click Save
    • Wireless Security: Match the host router, exactly including capitals & security algorithm. EX: host using WPA2 Personal AES will still work if the repeater is set to WPA2 Personal Mixed AES, for whatever reason, as it includes the algorithm in use (WPA2-AES)
    • Click Save




  • If you only have devices connected to the repeater via ethernet, click apply settings now. If you have both ethernet & wireless, or just wireless clients, continue below.




  • Virtual Interfaces (ath0.1, ath1.1, etc.)
    • Click Add
    • Wireless Network Mode: AP
    • Wireless Network Name (SSID): Same as the host router if you want a repeater, or different from the host router if you want your own separate network or for other advanced configurations
    • Wireless SSID Broadcast: Enable
    • Click Save
    • Wireless Security: Match the host router, exactly including capitals & security algorithm. EX: host using WPA2 Personal AES will still work if the repeater is set to WPA2 Personal Mixed AES, for whatever reason, as it includes the algorithm in use (WPA2-AES)
    • Click Save
    • Network Configuration: Bridged if you want a repeater to extend the current network of the host router, unbridged if you want your own separate network & are an advanced user
    • Click Apply Settings

Notes

SSIDs

Under "Wireless -> Basic Settings", you must use only the primary router's SSID for the physical interface to connect wireless clients and create a new SSID for the virtual interface. You will be able to tell which you are connected to as the two ssids MUST be different. (The only way to have one seamless network with the same ssid is to use WDS which almost always requires routers to support WDS AND have at least the same chipsets)

The "half bandwidth" misunderstanding

Too many people make a big deal out of the half bandwidth oversimplification of the repeater bridge setup. It's not that big of a deal, and not that complicated. A router can only talk to one device at a time. So if the router is set up as a repeater bridge AND it has active clients, the repeater bridge router must talk to two devices- the client computer and then to the primary router. This will effectively half the bandwidth available to the client computer, but it is no different than having two computers on a single primary router. The router can only talk to one at a time, so if both are active, it will only be able to talk to one at a time, effectively cutting the available bandwidth in half. So it really is no big deal. I see people all the time who are concerned about the "half bandwidth" issue, but are not at all concerned when there are two devices on their network. It's the same thing. And only matters at all when the device is active (transferring data to or from the wan).

Security

Dd-wrt will often not work unless BOTH the primary router and the secondary router use wpa2-aes security ONLY. Wep will also often work, but it is not secure.

Keep in mind any security settings will need to be configured including MAC filtering in order for the Secondary Router to connect to the Primary Router and also for clients connecting to the Secondary Router to gain full access to the connectivity of the Primary Router. There are some factors to consider when setting up Security for Client Bridge mode that may or may not be factors when setting up Repeater Bridge mode. I simply have not experimented with this.

[NOTE {Montrealmike}]Also when your adding WEP,WPA,WPA2 etc... between the AP and the repeater bridge you have to start with the AP first; then the repeater bridge.When you enable security on the repeater click save not apply, then click on the administration tab scroll down to the bottom and click apply settings. You will then have to power cycle the repeater twice ( unplug and plug back in twice ) in order for the repeater bridge and AP to synchronize. This has worked for four repeater bridges for me.

Edit - pmiller - I can also confirm the power cycling to sync the repeater to the AP. You can confirm that the repeater has syncronized with the AP by going to the Status>Wireless tab on the AP and viewing the MAC address of the repeater with some % signal quality value. Before doing 2 power cycles on the repeater, the MAC address would display on the AP's Status>Wireless tab, but with 0% signal quality. After the power cycles the % quality displayed around 30%. I played around with other security settings later on the AP and found the 2 power cycles to be unnecessary after the 2 had originally sync'ed- no idea why this would work, but it did. I had some difficulty at first because I had security enabled on the AP as WPA2-Personal Mixed, which is basically WPA2-AES or WPA-TKIP simultaneously. The repeater is unable to connect with the AP in this mixed mode; rather you must choose between WPA2-AES or WPA-TKIP . I have now switched both my wireless security settings to WPA-TKIP (physical and virtual) just for simplicity, though in theory the virtual need not match the physical. Your security is as good as the weakest link. For those having trouble, I would turn off all security and turn on SSID broadcast first, then once you get a good sync turn on security on the AP first, then

Edit - crandler - WPA2 personal mixed with Linksys WAG160N as DSL uplink with original firmware and WRT160N with dd-wrt v24 std in repeater bridge mode does not function. Had do switch both devices to WPA2 personal.

Edit - ytal - Using encryption for the bridged connection only works if I either use the same encryption data (incl. ESSID) on the other (virtual) interface or do not use any encryption on the virtual interface at all. If set differently, the wireless link to the base station fails. Base station is a Speedport W500V / Targa WR 500 VoIP (http://forum.openwrt.org/viewtopic.php?id=5774) with the original Telekom firmware.

Edit - RamonBuckland - I found that setting the security to off worked first. But WPA2 Personal did not. I then lowered the key refresh to 15 seconds (same Wireless Security settings tab) on both routers and applied. They then found each other. One would figure if I were patient enough (to wait 3600 seconds, 1 hour) then it would have worked. So .. I think the key renewal is what throws them. I have it now working WPA2 Personal (AES) with a key renewal of 15 seconds. Perhaps upping it now to an hour and walking away (from the house) they will work :-) logically. Good work peoples.

Edit - MikeMaven - I'd just like to add my own confirmation. I was having problems with WPA2 at first. I think it was a result of the key refresh not occuring. I set it to 15 seconds, reconnected, and everything seems to be working great! For the record, I'm connecting to a 2wire AP using WPA2-Personal and the same key on both the physical and virtual interface.

Accessing Both Routers?

Since all routers are on the same subnet, you will be able to access both of the routers when connected to either of them.

MAC Filtering

For those of you who have enabled MAC filtering on your Primary router, you need to add the WLAN MAC address of your Secondary router to the permitted MAC filter list of the Primary router. This is different than the MAC address printed on the bottom of the case, you can find it by going to Status->Wireless and the top line will list the internal MAC address. Of course, you will want to add the MAC filter list to the Secondary router. This should be setup prior configuring your WPA, WPA2, etc. settings otherwise you will spend some time pondering why the bridge isn't working.

[EDIT - Redhawk] - The wording here was a little confusing. Once I used the Wireless MAC address then all worked correctly....the MAC filter address on the Primary router needs to be the "Wireless MAC" address listed on the Router Status page and not the LAN MAC address . (Use Router MAC +2) - Yes...I know it says WLAN but for an noob doing this procedure it could be confused.


Special thanks to Griminal for providing a basic graphic which I modified for this Wiki Entry.

IF YOUR ROUTER WIRELESS KEEPS DISCONNECTING PLEASE CHOOSE REPEATER AND NOT REPEATER BRIDGE

Site Survey Adjustment

Site Survey does NOT create any connection. It only fills in the name of the primary router, which you must save for site survey to have any use. You can fill in the primary SSID simply by typing it in on the secondary router instead of using site survey to type it for you.

You can verify that the Bridge is using correct settings by looking at the Status -> Wireless page on the Bridge where it will show details of the SSID, channel, and encryption in use. The real indicator of proper association is on the Access Point, where the Bridge's MAC should appear on AP's list of active clients (also Status -> Wireless if the AP is running dd-wrt).

See Also