Routing
From DD-WRT Wiki
Revision as of 19:21, 28 June 2012 (edit) Glenn (Talk | contribs) (→When private internet IPv4 addresses are used on the LAN (normally) - chg) ← Previous diff |
Revision as of 19:22, 28 June 2012 (edit) (undo) Glenn (Talk | contribs) (→A small bit about link-local addresses - more) Next diff → |
||
Line 43: | Line 43: | ||
==A small bit about link-local addresses== | ==A small bit about link-local addresses== | ||
- | The [http://en.wikipedia.org/wiki/Link-local_address link-local addresses] ([http://tools.ietf.org/html/rfc5735 rfc5735]) ought not to be used as private addresses: | + | The [http://en.wikipedia.org/wiki/Link-local_address link-local addresses] ([http://tools.ietf.org/html/rfc5735 rfc5735]) ought not to be used as private addresses - but it can be used as private addresses and be NATted: |
* 169.254.0.0/16 | * 169.254.0.0/16 | ||
Revision as of 19:22, 28 June 2012
Contents |
start
This is the WIP page for routing with ddwrt. Just to have something to start.
In general router works like this:
apB--------apA-----Internet (WAN) connection | | clientB clientA
Set the (private) ip (sub)networks to e.g.:
- apA 10.0.0.1/24 Short for: ( address 10.0.0.1 subnet 10.0.0.0 mask 255.255.255.0 = 24 left-to-right binary ones )
- clientA 10.0.0.12/24 Short for: ( address 10.0.0.12 subnet 10.0.0.0 mask 255.255.255.0 )
- apB 192.168.168.1/24 Short for: ( address 192.168.168.1 subnet 192.168.168.0 mask 255.255.255.0 )
- clientB 192.168.168.15/24 Short for: ( address 192.168.168.15 subnet 192.168.168.0 mask 255.255.255.0 )
Routing (static) configurations:
- tell clientA that apA is his default gateway (normally done through dhcp)
- tell clientB that apB is his default gateway (normally done through dhcp)
- tell apB that apA is his default gateway
- tell apA that "WAN"-router is his default gateway
- set the apB device to router mode
- tell apA that requests to 192.168.168.0/24 will be routed through (apB) 192.168.168.1/24 (static route)
That's it!
When private internet IPv4 addresses are used on the LAN (normally)
The following (NAPT; network address and port translation) is a necessary because of to few public internet IPv4 addresses. NAPT is commonly referred to as NAT (Network address translation).
The NAPT is normally done by a router or firewall with NAPT functionalty.
The allowed private addresses are specified in rfc1918:
- 10.0.0.0 - 10.255.255.255 (10/8 prefix)
- 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
- 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
Note: Private ip addresses must be (source) translated (NATted, tcp, udp: PAT) to a public (=nonprivate) ip address (tcp: socket) before its payload can be send into the (public) internet.
A small bit about link-local addresses
The link-local addresses (rfc5735) ought not to be used as private addresses - but it can be used as private addresses and be NATted:
- 169.254.0.0/16
IPv6 also has link-local addresses (rfc4193):
- FC00::/7