1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Gateway or Router mode for AP?

Discussion in 'Tomato Firmware' started by rtv99, Mar 19, 2013.

  1. rtv99

    rtv99 Serious Server Member

    I'm configuring a Linksys WRT54GL router with standard Tomato 1.28 firmware as an 'Access Point'. I have another router in the network that is connected directly to the Internet and takes care of DHCP, DNS etc. The WRT54GL should only connect wireless clients to the network.

    I have configured the 'Wireless Mode' to 'Access Point', but also have to configure the WRT54GL to be in either 'Gateway mode' or 'Router mode', what is the correct setting for the functionality I want?
  2. Toastman

    Toastman Super Moderator Staff Member Member

  3. rtv99

    rtv99 Serious Server Member

  4. occamsrazor

    occamsrazor Network Guru Member

    I have my access points set to Router mode
  5. Monk E. Boy

    Monk E. Boy Network Guru Member

    Router mode means NAT translation is applied to packets going to and from the WAN port. Gateway mode means NAT translation is disabled.

    Both modes can route packets to/from the LAN to the WAN, if desired, it's just that if you don't have publicly routed IPs (or another router performing NAT translations in front of the Gateway router) then you can't use Gateway mode with a normal "home" user internet connection (which assumes use of a single public IP).

    The device can function as an AP in either mode, but Gateway mode is simpler, and APs should be as simple as possible.
  6. jerrm

    jerrm Network Guru Member

    Everything for an access point should be on the LAN side, so router or gateway won't make any difference.

    If you set the WAN/Internet connection to disabled (I do), you should NOT check the "bridge WAN port to LAN" check box unless you absolutely have to have the extra wired port. You will end up with software doing the bridging and increasing load on the router. If you do, try to keep your least used device on the "WAN" port to minimize the load. At the end of the day, it probably won't make that much difference, but if it's not neccessary don't do it.
  7. mstombs

    mstombs Network Guru Member

    I think you should check what Tomato has used as terminology inherited from ancient Broadcom/Linksys WRT54G usage! Microsoft also use term "Internet gateway" for a nat routing device.

    Should in theory to be able to use router mode (just routes no nat), but this does not work 'out of the box' with tomato. You don't want to use nat gateway mode, as you would end up with double-nat (but does work). If router mode worked you could apply access restrictions filters, and collect stats on the access point, but most Tomato functions seem to expect gateway mode - I suspect fixable by scripts

    So I use "WAN port disabled", and "Use WAN port for LAN", this configures the switch via VLANs, so all ports equivalent and no kernel involved and and WAN routing mode not used see the following, same in Toastman I believe.

  8. jerrm

    jerrm Network Guru Member

    Are you sure about that? I would swear when I tested (probably Shibby) it showed the wan interface as part of a bridge in brctrl. Maybe I looked at it wrong. Have to admit I haven't looked back at it again, none of my AP only units need the extra port.
  9. mstombs

    mstombs Network Guru Member

    Sorry, you are completely correct, maybe I was thinking of dd-wrt! Recent Toastman on E3000

    bridge name    bridge id        STP enabled    interfaces
    br0        8000.98fc1179a145    no        vlan1
    wan port vlan2 still exists and is bridged via kernel, along with the dual wireless networks. Maybe too much for lot of tomato code not to have vlan2 in play. I am using the 5 Ethernet ports but slave router always lightly loaded in this mode since not nat/stats etc, and 20m of old external telephone cable on uplink cable not an issue either....
  10. jerrm

    jerrm Network Guru Member

    No need to be sorry. These things blur together after while. If it ever were an issue with a high load environment, I think the port could moved to the primary vlan with robocfg. That may not work with all hardware though, and may be why Tomato does it via a bridge.
  11. Monk E. Boy

    Monk E. Boy Network Guru Member

    Please don't take this the wrong way, I don't mean to come off as cross at all, but I was just trying to explain in Tomato terms what the difference between the two settings are, and not speaking in terms of generalities. I've never been particularly enthused about how Tomato has that setting labelled, since it has little to do with being a Gateway vs. Router since in both modes the device acts as a router. Hmm.

    Actually, in fact, I got that reversed... gateway means it has NAT translation enabled, router means NAT translation is disabled. It really should be labelled as NAT translation something-or-other since that's what the setting controls, but d'oh, my mistake. So router mode makes less impact on the router, and is simpler, and APs are typically left in router mode, though the mode doesn't particularly matter if you have DHCP disabled and don't want to route data through the WAN port.

Share This Page