Home networking help needed

[PavementArtist]

Bought a new router for the parental controls, need help getting it working. Here is a fairly extensive diagram. As connected in this diagram

-All devices can access the internet.
-Devices connected to routers A, B, or C can ping any other device in the 192.168.1.X network.
-Devices connected to router C can ping devices on router A or B but cannot access shared drives or shared printers by name (possibly can by IP)
-Devices connected to routers A, B cannot ping devices connected to router C

Can this be resolved with static routing? Would like to create one network but can't figure out how to create a bridge in Netgear router.

 

[DelJo63]

Very nice diagram; well done!

1. -Devices connected to routers A, B, or C can ping any other device in the 192.168.1.X network.
2. -Devices connected to router C can ping devices on router A or B but cannot access shared drives or shared printers by name
   (possibly can by IP)
3. -Devices connected to routers A, B cannot ping devices connected to router C

Notice that A+B are on the same subnet (192.168.1.x)
This avoids routing issues and gives control to the firewalls on those systems.

C however is a different subnet (192.168.2.x) can creates routing problems.

Solutions:
a) move the C router onto the same subnet as A&B
and I would then run DHCP only from the A device and disable DHCP everywhere else

b) study the ROUTE program and add a route for 192.168.2.* and ensure it is retained across router restarts (hint: it's a static route)

Problem (2) is your firewalls on A+B systems needs to

allow tcp/udp in/out ports 137-139,445 from 192.168.2.*

 

[PavementArtist]

Thanks.

Solution A
Allowed DHCP passthrough on router C where IP addresses are distributed by router A. Everything works fine except this defeats the parental controls in router C. Instead the parental controls in router A are adopted, in this case router A has insufficient parental controls to manage the users.

Solution B
I'm beginning to think that router A won't route over its LAN interface. I've entered routes on routers A and B, no change in connectivity.

 

[DelJo63]

get a command prrompt and enter route /?

you will need something like

route ADD 192.168.2.* MASK 255.0.0.0 192.168.1.201  IF 2

on A, instead of sending everything to the default (ie gateway), the above will send
anything destine for 192.168.2.x to the 192.168.1.201 interface which is connected to the C router.

B will always go to A and then the above will split the traffic appropriately

 

[PavementArtist]

Thanks for the replies, unfortunately none of these units have Linux/Unix interface. Its all GUI.

 

[DelJo63]

but of course; my Netgear has a webpage interface too.

The object was to show you the concept for adding the static route to router A.
The Netgear even has a page specifically for that purpose - -

You'll work it out if you poke at it.

 

[PavementArtist]

No workie. Added routes both ways, never got it working.

Gave in and physically moved the switch and loaded everything onto router C.

Apologies, it would be hard to provide advice for this setup as router A has onboard bridges (coax/LAN/WAN) configured to support the FiOS cables boxes and such plus some other wackadoo settings to deal with, just not as simple as setting routes on the interface when using the GUI. Thanks for the replies though.

 

[tipstir]

Why?

ISP - Modem - Router - external switch - WCB or HWAP
This is the way I would go.

 

[PavementArtist]

Hi, i'm lost on WCB and HWAP, what do those mean?

 

[PavementArtist]

route added to Router A. Ping fails to router B.

 

[tipstir]

I Product test Wireless N Routers TEW-673GRU DHCP AP and ESR9850 AP

WCB = Wireless Client Bridge (100% wireless)
WHAP = Wired Access Point via Wireless Access Point

 

[DelJo63]

route added to Router A. Ping fails to router B.

hmm the .0 may be insufficient; the mask 255.255.255.0 will cover the subnet so change
the destination to 192.168.2.1 and PING C again

 

[PavementArtist]

Unfortunately the router won't allow anything but a 0 in that field.

 

[DelJo63]

humbug! hate parochial software.

other thoughts are to ping a device on C rather than C itself, as you may be aware, the router
can be configured to ignore pings from the WAN-side connection.

then too, the target system firewall must also allow pings

like I originally said, networking can get complicated quickly.

 

[PavementArtist]

Yeah, I have been messing with it all morning. I think the NETGEAR router is garbage as even after moving everything to router C, services such as TVersity and network sharing don't work.... even on the LAN switch between devices in the same subnet. I may try to install DD-WRT to see if that helps.

My kids are getting really pissed at me!

 

[PavementArtist]

Happy to report that after flashing the NETGEAR3500L with DD-WRT firmware I had it up and running correctly with the addition of a static routes between router A and router B.

Thanks for sticking with it Jobeard, you were a huge help in my motivation!

 

[DelJo63]

My kids are getting really pissed at me!

YOO! Good teaching moment - -
Life presents moments where we can't control the outcome and/or we need to wait for
someone else to perform. Frustration is a way of life and we all need to learn how to deal with it without going postal.

Happy to report that after flashing the NETGEAR3500L with DD-WRT firmware I had it up and running correctly with the addition of a static routes between router A and router B.

Thanks for sticking with it Jobeard, you were a huge help in my motivation!

Nice to see this got sorted out AND you were kind enough to produce some feedback :wave:

best wishes, Jeff

 

[PavementArtist]

Thanks again. Unfortunately I found that the Netgear factory firmware is lacking in any sort of meaningful WAN routing.

I did have some serious performance issues with the DD-WRT firmware... it adds around 100 MS to any round trip, which nixes this as a gaming or performance load. Overall download speeds were consistent with the ISP's QoS package so no hit taken there.

I reflashed back to the Netgear factory firmware for the parental controls alone so In the end i'm right back where I started but with confirmation that neither the Netgear or DD-WRT firmware load can support my needs. At the very least I've learned how to install DD-WRT and flash back to factory firmware!

 

[DelJo63]

Thanks again. Unfortunately I found that the Netgear factory firmware is lacking in any sort of meaningful WAN routing.

just background for you:
any static routes added to a router operate on ALL traffic passing thru the device, be it Wan or Lan
(ie: into the device from the Internet or from one of the LAN connections.)

 

[PavementArtist]

My guess is that there is insufficient options to account for routing. For instance in the Netgear router, the metric for static routes entered can be no less than 2. When adding the route in the DD-WRT firmware, the metric was 0 and this route worked great. Maybe I am misunderstanding metric and cost functionality in this case.

 

[DelJo63]

Metric is an estimate of the 'cost' to deliver the traffic on that path.
It is only used if there appears to be a choice in alternatives.

The backgound on that is to understand the hierarching of choices in a route:

• the most specific route always wins
• a more specific is preferred over a general
• the default takes everything not resolved by a-or-b

a) the very specific would be a routing to one system; just like port forwarding is to one system; aa.bb.cc.dd with no wildcards
b) the more specific might be aa.bb.cc.0 with a mask of 255.255.255.250
(ie only 4 targets possible)
while a less specific migh be aa.bb.cc.dd with a mask of 255.255.255.0
(254 targets)

if the parochial software is not an impediment, then a very loose, yet specific route
might look like aa.0.0.0 & mask 255.0.0.0

and the default route (internally) would be 0.0.0.0 & a route of 0.0.0.0​