Routing
From DD-WRT Wiki
(Difference between revisions)
Revision as of 19:03, 28 June 2012 (edit) Glenn (Talk | contribs) (→The following (sNAT) is a necessary because of to few public internet IPv4 addresses - more) ← Previous diff |
Revision as of 19:12, 28 June 2012 (edit) (undo) Glenn (Talk | contribs) (→When private internet IPv4 addresses are used on the LAN (normally) - more) Next diff → |
||
Line 32: | Line 32: | ||
The following (sNAT) is a necessary because of to few public internet IPv4 addresses. | The following (sNAT) is a necessary because of to few public internet IPv4 addresses. | ||
+ | |||
+ | The allowed private addresses are specified in [http://tools.ietf.org/html/rfc1918 rfc1918]: | ||
+ | * 10.0.0.0 - 10.255.255.255 (10/8 prefix) | ||
+ | * 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) | ||
+ | * 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) | ||
+ | |||
+ | The link-local addresses ([http://tools.ietf.org/html/rfc5735 rfc5735]) ought not to be used as private addresses: | ||
+ | * 169.254.0.0/16 | ||
+ | |||
+ | IPv6 also has link-local addresses ([http://tools.ietf.org/html/rfc4193#section-3 rfc4193]): | ||
+ | * FC00::/7 | ||
Note: Private ip addresses must be (source) translated ([http://en.wikipedia.org/wiki/Network_address_translation NAT]ted, tcp, udp: [http://en.wikipedia.org/wiki/Port_address_translation PAT]) to a public (=nonprivate) ip address (tcp: [http://en.wikipedia.org/wiki/Internet_socket socket]) before its payload can be send into the (public) internet. | Note: Private ip addresses must be (source) translated ([http://en.wikipedia.org/wiki/Network_address_translation NAT]ted, tcp, udp: [http://en.wikipedia.org/wiki/Port_address_translation PAT]) to a public (=nonprivate) ip address (tcp: [http://en.wikipedia.org/wiki/Internet_socket socket]) before its payload can be send into the (public) internet. | ||
[[Category:Routing| ]] | [[Category:Routing| ]] |
Revision as of 19:12, 28 June 2012
Contents |
start
This is the WIP page for routing with ddwrt. Just to have something to start.
In general router works like this:
apB--------apA-----Internet (WAN) connection | | clientB clientA
Set the (private) ip (sub)networks to e.g.:
- apA 10.0.0.1/24 Short for: ( address 10.0.0.1 subnet 10.0.0.0 mask 255.255.255.0 = 24 left-to-right binary ones )
- clientA 10.0.0.12/24 Short for: ( address 10.0.0.12 subnet 10.0.0.0 mask 255.255.255.0 )
- apB 192.168.168.1/24 Short for: ( address 192.168.168.1 subnet 192.168.168.0 mask 255.255.255.0 )
- clientB 192.168.168.15/24 Short for: ( address 192.168.168.15 subnet 192.168.168.0 mask 255.255.255.0 )
Routing (static) configurations:
- tell clientA that apA is his default gateway (normally done through dhcp)
- tell clientB that apB is his default gateway (normally done through dhcp)
- tell apB that apA is his default gateway
- tell apA that "WAN"-router is his default gateway
- set the apB device to router mode
- tell apA that requests to 192.168.168.0/24 will be routed through (apB) 192.168.168.1/24 (static route)
That's it!
When private internet IPv4 addresses are used on the LAN (normally)
The following (sNAT) is a necessary because of to few public internet IPv4 addresses.
The allowed private addresses are specified in rfc1918:
- 10.0.0.0 - 10.255.255.255 (10/8 prefix)
- 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
- 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
The link-local addresses (rfc5735) ought not to be used as private addresses:
- 169.254.0.0/16
IPv6 also has link-local addresses (rfc4193):
- FC00::/7
Note: Private ip addresses must be (source) translated (NATted, tcp, udp: PAT) to a public (=nonprivate) ip address (tcp: socket) before its payload can be send into the (public) internet.