3 WRT54G-TM with Tomato, trying to work out WDS/Client Bridge setup

Discussion in 'Tomato Firmware' started by mwsealey, Apr 15, 2009.

  1. mwsealey

    mwsealey Addicted to LI Member

    Okay, I have 3 WRT54G-TMs (32MB RAM, 16MB flash) which are all running stock Tomato 1.23.

    One of them is working right now running my ADSL connection around the apartment. However I have had to reorganize and I really need ethernet ports AND better signal outside and across the apartment.

    What i tried at first was setting up an AP+WDS and 2 WDS systems at various locations in various rooms. Usually what happens is I then can't access either of the WDS routers through their web interface unless I am directly connected to their ethernet ports. DHCP doesn't work (not turned on) and isn't being forwarded to the router from the AP+WDS system.

    They're basically linked in a chain (#1 ---- #2 ---- #3) so 1 has 2's MAC, 2 has 1 and 3's MAC and 3 has 2's MAC in the WDS Link With.. box. WAN port is off. DHCP is off. QoS and Vegas are off on the two WDS routers. They're and my DHCP range is to on 1. I have a static IP on the WAN on 1, and static DNS servers there. The DNS server on each of the WDS routers is (forwarding to the WAN router).

    I could probably manage just fine with 2 WDS routers and one client bridge (just to span the wireless across the apartment, get a bit of diversity) to break out ethernet ports for my office area and plug them into my Linksys managed switch. My experience with the client bridge is that the bandwidth from the bridge is ridiculously low - my 6Mbps connection doing a speed test (this is just 1x AP & 1x Bridge router) comes out about a megabit, even if I am in the same room or just outside as the original router.

    My two non-WAN routers have been set up exactly as the docs suggested, but I am really confused as to the difference between AP+WDS and WDS (some people here have suggested running all of them as AP+WDS) - all I can figure is that AP+WDS allows clients to connect to the non-WAN routers and have their connections forwarded wirelessly. I also understand that a WDS system should be letting the ethernet ports route over the wireless but they don't seem to work either, all I can do is get into the router itself with a static IP address.

    I found a few blogs and articles which say "turn off the firewall" but of course Tomato has nothing for this in the GUI and they don't explain it (Tomato's docs specifically state that the firewall is always on...) and I really don't feel like hacking a startup script to disable any firewall rules.

    My setup is basically a G-only network, WPA Personal, AES encryption, all on Channel 1 (which is clear around my apartment complex - lots of 6's and 11's but no 1's besides me. Thank god for router defaults and ignorant neighbours :) and with the same SSID.

    Does anyone have a recommendation for a setup for me, or a quick and instant "you did this wrong"?

    Thanks for your time,
  2. bigclaw

    bigclaw Network Guru Member

    Think of WDS as imaginary Ethernet cables connecting the routers (network nodes) together to form a network. Forget the fact that it uses wireless signals to achieve so. Now, if you have a WDS-only network, to all your client PCs, you essentially have a wired-only network. Therefore, they can only access the network (and thus the Internet) when plugged into one of the physical ports of your three routers.

    If you turn AP on so that a router now becomes AP+WDS, that means you have introduced a wireless access point to your network. At this point, your wireless clients can join the network through that access point.

    So, for routers 1, 2, and 3, if you have:

    1) WDS, WDS, WDS (no wireless client can access the network because there is no wireless access point; wired clients can connect to any of the routers)
    2) AP+WDS, WDS, WDS (wireless client can connect to router 1, wired clients can connect to any of the routers)
    3) AP+WDS, AP+WDS, AP+WDS (wireless client can connect to any of the routers; wired clients can connect to any of the routers)

    Now say your wireless client is connected as follows:

    Internet <-wired-> router 1 <--WDS--> router 2 <-- WDS --> router 3 <-wireless-> laptop.

    In order for traffic to go from the Internet to your laptop, router 2 and router 3 both have to receive and transmit the same traffic simultaneously using the same radio. Therefore, bandwidth is cut along the way. That's the price to pay with WDS.
  3. mwsealey

    mwsealey Addicted to LI Member

    I get that bit.. I also understand about the bandwidth halving, but Tomato doesn't do the Bridged Repeater that DD-WRT does (and I have no wish whatsoever to spend my time at home messing with fiddly Linux settings. I do that all day at work :)

    I think I'm going to throw them all out as AP+WDS then based on your description. But the problem that in this configuration it seems not to be able to connect or forward data between any of the WDS nodes is worrying. I will give it another try tonight or tomorrow though.

    We will see how it goes and I'll get some extra data on it. Anyone else got any hints?
  4. bigclaw

    bigclaw Network Guru Member

    Make sure you are using the wireless MACs to link these routers, which are different from the (WAN port) MACs printed on the unit itself. Wireless MACs are usually WAN_MAC+1.

    You can see the wireless MAC under Advanced/MAC address.
  5. mwsealey

    mwsealey Addicted to LI Member

    Definitely have all the settings right. CCNA comes in handy sometimes.

    Big difference between theory and practise though.. and most of the documentation out there is for DD-WRT which has it's own little definitions of how things work, and Tomato is unfortunately woefully documented (someone should write a guide on a wiki some day, not just a wikibook with a bullet point feature list of every gadget on each web page and no decent explanation of how it all ties together).
  6. fyellin

    fyellin LI Guru Member

    When setting up WDS, I've always found it easiest to have two computers near each other, each talking wired to one of the routers.

    If you go to Basic > Network, and look in the Wireless section, it'll show you the wireless MAC address. Each router's wireless MAC address goes into the WDS section (located conveniently just below) of the other touer.
  7. mwsealey

    mwsealey Addicted to LI Member

    Great idea; wish I could put it into practise, but lugging my computers round the apartment isn't my idea of fun and both my laptops have died just recently (new one on the way :)

    Right now I'm swapping routers on the main PC at my desk, in turn, and the sheer power (only at 25mW!) of a not-quite-configured WDS router right next to my Belkin key makes it stop being able to connect to the real WAN router in back, red icons, no signal etc.. Sigh.

    Laptop will come in handy. I can plug one into the PC and one into the Laptop and I've always been able to hook the WAN router up to one of 4 boxes sitting under my electronics table.. this is for this weekend though.

    I think I got what I came for; AP+WDS on every one is the way to go. WPA+AES seems to be the only workable option. I've had people wardriving past before on WEP and unsecured/MAC filtering so I'm really concerned about security (especially when I get abuse mails for downloading torrents for weird stuff).. but really want the extra wireless signal and the ethernet ports round the house.

    Anyway thanks for the advise everyone. I'll give a nudge about how it goes maybe Friday.
  8. mwsealey

    mwsealey Addicted to LI Member

    Setup: one router on WAN (in back room) and one router needed for ethernet ports on LAN (in another room)

    Both set up identically as Access Point + WDS - DHCP is disabled on the second one. Routing is set to Router instead of Gateway.

    Access Point + WDS router #1 and #2 have each other's wireless MACs in their Link To.. lists. Repeating over wireless SEEMS to work fine. However: the ethernet ports do not relay any information over the wireless network.

    I can log in to from the second router and change settings, but i can't ping from the router OR from the PC connected. As Wireless Ethernet Bridge it works great but it's not repeating wireless over WDS obviously.

    Is there some setting I missed?
  9. mwsealey

    mwsealey Addicted to LI Member

    Okay I finally figured it out: I had to set encryption to WEP 128-bit because Wireless Ethernet Bridge doesn't work with WPA2 and Vista doesn't like connecting to WPA networks (WPA2 was fine though). My WDS system needed the router set to "Mixed" mode (not G only) too or it just plain did not work.

    I'm still curious why an Access Point + WDS router would not repeat the data over ethernet ports though. I only set up the wireless ethernet bridge because my WDS routers were not repeating the data to the ethernet ports, otherwise I would have just as well set them all up identically as Access Point + WDS..
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice