Routing
From DD-WRT Wiki
Revision as of 19:22, 28 June 2012 (edit) Glenn (Talk | contribs) (→A small bit about link-local addresses - more) ← Previous diff |
Revision as of 19:29, 28 June 2012 (edit) (undo) Glenn (Talk | contribs) (link chgs) Next diff → |
||
Line 12: | Line 12: | ||
clientB clientA | clientB clientA | ||
- | Set the ([ | + | Set the ([[wikipedia:Private_network private|Private_network private]]) [[wikipedia:Subnetwork|Subnetwork ip (sub)networks]] to e.g.: |
* apA 10.0.0.1/24 Short for: ( address 10.0.0.1 subnet 10.0.0.0 mask 255.255.255.0 = 24 left-to-right binary ones ) | * apA 10.0.0.1/24 Short for: ( address 10.0.0.1 subnet 10.0.0.0 mask 255.255.255.0 = 24 left-to-right binary ones ) | ||
Line 31: | Line 31: | ||
==When private internet IPv4 addresses are used on the LAN (normally)== | ==When private internet IPv4 addresses are used on the LAN (normally)== | ||
- | The following (NAPT; network address and port translation) is a necessary because of to few public internet IPv4 addresses. NAPT is commonly referred to as NAT ([ | + | The following (NAPT; network address and port translation) is a necessary because of to few public internet IPv4 addresses. NAPT is commonly referred to as NAT ([[wikipedia:Network_address_translation|Network address translation]]). |
The NAPT is normally done by a router or firewall with NAPT functionalty. | The NAPT is normally done by a router or firewall with NAPT functionalty. | ||
Line 40: | Line 40: | ||
* 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) | * 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) | ||
- | Note: Private ip addresses must be (source) translated ([ | + | Note: Private ip addresses must be (source) translated ([[wikipedia:Network_address_translation|NAT]]ted, tcp, udp: [[wikipedia:Port_address_translation|PAT]]) to a public (=non-private) ip address (tcp: [[wikipedia:Internet_socket|socket]]) before its payload can be send into the (public) internet. |
==A small bit about link-local addresses== | ==A small bit about link-local addresses== | ||
- | The [ | + | The [[wikipedia:Link-local_address|link-local addresses]] ([http://tools.ietf.org/html/rfc5735 rfc5735]) ought not to be used as private addresses - but it can be used as private addresses and be NATted: |
* 169.254.0.0/16 | * 169.254.0.0/16 | ||
Revision as of 19:29, 28 June 2012
Contents |
start
This is the WIP page for routing with ddwrt. Just to have something to start.
In general router works like this:
apB--------apA-----Internet (WAN) connection | | clientB clientA
Set the (Private_network private) Subnetwork ip (sub)networks to e.g.:
- apA 10.0.0.1/24 Short for: ( address 10.0.0.1 subnet 10.0.0.0 mask 255.255.255.0 = 24 left-to-right binary ones )
- clientA 10.0.0.12/24 Short for: ( address 10.0.0.12 subnet 10.0.0.0 mask 255.255.255.0 )
- apB 192.168.168.1/24 Short for: ( address 192.168.168.1 subnet 192.168.168.0 mask 255.255.255.0 )
- clientB 192.168.168.15/24 Short for: ( address 192.168.168.15 subnet 192.168.168.0 mask 255.255.255.0 )
Routing (static) configurations:
- tell clientA that apA is his default gateway (normally done through dhcp)
- tell clientB that apB is his default gateway (normally done through dhcp)
- tell apB that apA is his default gateway
- tell apA that "WAN"-router is his default gateway
- set the apB device to router mode
- tell apA that requests to 192.168.168.0/24 will be routed through (apB) 192.168.168.1/24 (static route)
That's it!
When private internet IPv4 addresses are used on the LAN (normally)
The following (NAPT; network address and port translation) is a necessary because of to few public internet IPv4 addresses. NAPT is commonly referred to as NAT (Network address translation).
The NAPT is normally done by a router or firewall with NAPT functionalty.
The allowed private addresses are specified in rfc1918:
- 10.0.0.0 - 10.255.255.255 (10/8 prefix)
- 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
- 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
Note: Private ip addresses must be (source) translated (NATted, tcp, udp: PAT) to a public (=non-private) ip address (tcp: socket) before its payload can be send into the (public) internet.
A small bit about link-local addresses
The link-local addresses (rfc5735) ought not to be used as private addresses - but it can be used as private addresses and be NATted:
- 169.254.0.0/16
IPv6 also has link-local addresses (rfc4193):
- FC00::/7