1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Proper use of dnsmasq and access restrictions in WDS

Discussion in 'Tomato Firmware' started by AlpineMan, Oct 2, 2007.

  1. AlpineMan

    AlpineMan Network Guru Member

    I'm a confused newbie.

    I have 3 Buffalo WHR-G54S all using Tomato 1.09. Router1 has cable modem connected. Router2 and Router3 are both in WDS to Router1 (star topology). R1 has DHCP enabled and R2 and R3 has it disabled. I have users connecting to R2 via WiFi. I want to control their access via dnsmasq and access restriction. I thought perhaps I can atleast do the access restrictions part (time of day when the users can access the 'net) by configuring their access times in R2. It didn't work. I had to do the access restrictions in R1.

    In addition, I wanted users in R2 to use OpenDNS via dnsmasq by putting the OpenDNS IP entries in R2. I guess this didn't work either. I had to put this stuff in R1 to make it work...but ofcourse this affects all users connecting to any of the routers...not just R2.

    Is it possible to configure R2 to do both access restrictions and dnsmasq so that it only affects my R2 users?
     
  2. ifican

    ifican Network Guru Member

    Essentially router 2 and 3 are switches in this setup and why you cannot restrict anything via IP or have dns work the way you want. I dont know if you could get access restrictions to work via mac (might be worth a shot). However if you made router 2 and or 3 a wireless client of router 1 instead of WDS you should beable to get DNS and restriction to work the way you want.

    edit: though you will loose the ability to connect to router 2 and 3 wirelessly and clients will have to be wired.
     
  3. AlpineMan

    AlpineMan Network Guru Member

    I tried to do the access restrictions via MAC in R2...it didn't work. If I make R2 a wireless client, this would mean I would need to put another WiFi router and connect it to R2 and have the users connect to that WiFi router, right? I can't do it this way. If I can't do it this way, then I must find a way to do the dnsmasq in R1 so that it will only affect users who connect to R2. I'm set with the access restrictions in R1...need help with dnsmasq in R1 if this is even at all possible. Thanks.
     
  4. ifican

    ifican Network Guru Member

    No if you made R2 a wireless client of R1 it would get its ip from R1 but your clients to R2 would have to be wired to it.
     
  5. mstombs

    mstombs Network Guru Member

    Checkout this thread, it is possible to configure dnsmasq under tomato to give out different dns by dhcp - if you know the mac addresses at least

    http://www.linksysinfo.org/forums/showthread.php?t=53835

    I would have thought the wireless network defined in first post would be really slow - any chance of running a cat5 cable from R1 to R2 and/or R3 and use different wireless channels?
     
  6. AlpineMan

    AlpineMan Network Guru Member

    No...I can't use CAT5 cables...that's why I elected to use WDS to expand the network. from R2 and R3, users get half the bandwidth of what users get from R1...but that's ok. I'll check out that thread. It does look like the info in that thread will work for me. Thanks!
     
  7. AlpineMan

    AlpineMan Network Guru Member

    mstombs, thanks again for suggesting that thread. Indeed, it worked for me. One last thing, I would like to do "strict-order" for my "red" users.

    dhcp-mac=red,aa:aa:aa:aa:aa:aa
    dhcp-mac=red,bb:bb:bb:bb:bb:bb
    dhcp-mac=red,cc:cc:cc:cc:cc:cc
    dhcp-mac=red,dd:dd:dd:dd:dd:dd
    dhcp-option=net:red,6,208.67.222.222,208.67.220.220,192.168.1.1

    I tried the following syntax but to no avail:
    strict-order
    strict-order,red
    strict-order,net:red
     
  8. K1nslayer

    K1nslayer LI Guru Member

    Try the new DD-Wrt on Router 2

    The latest version of DD-Wrt (V24 RC3)supports something called "repeater mode" If you install this on R2, you can use this to connect as a client to R1, then repeat another virtual network (SSID) for clients to connect to. This should give you all the functionality your looking for. Thats almost exactly what I do on my home network.

    -Kinslayer
     
  9. mstombs

    mstombs Network Guru Member

    @AlpineMan

    I just looked up strict-order, don't think it is up to R1 dnsmasq to define this as "red" won't be using R1 dnsmasq for lookups as you are telling them to use their own aren't you?

    @K1nslayer

    repeater mode sounds very useful, I'll have to put dd-wrt back on my Fonera to experiment - unless it only works with 2 aerials!
     

Share This Page