static DHCP, wireless+ethernet?

Discussion in 'Tomato Firmware' started by canadave, May 13, 2008.

  1. canadave

    canadave LI Guru Member

    Hi all,

    I just got a new WRT54GL, loaded Tomato, and I have a question :)

    I'd like to set up my two clients (a Mac Pro and a Macbook laptop) to use static DHCP. I want to assign to my Mac Pro, and to my Macbook.

    My question is, is there a way to set up Tomato so that the computers will receive the correct IP, *no matter whether they connect via Ethernet or wirelessly*? Usually I connect the Macbook to the network wirelessly, but sometimes the laptop is in a place where it's better to connect it directly to the router via Ethernet cable. Since the AirPort wireless card has a different MAC address than the Ethernet card in each computer, is there a way to assign each of those MACs to the same IP? When I try it in Tomato in the static DHCP section, it says "IP already assigned".

    I know, the question is slightly "why would you want to do that?", but I'm curious about the answer anyway. Thanks! (loving Tomato, by the way....great firmware!)

  2. HennieM

    HennieM Network Guru Member

    You can force the cards' MAC addresses to be the same - dunno if the Mac OS will allow you to do that.

    The other way is to manually manipulate the dnsmasq configuration.

    However, IMO, you don't want to do either, as this can lead to mishaps that can bring your network down.

    The better way is to allocate different IPs, and then allow for both IPs in you routing tables, in firewalling, QoS, etc. An easy way to do that is to use IPs in the same class net for devices you want treated similarly.


    Set up your "normal" DHCP to allocate addresses in the range thru
    Assign static IPs you want treated similar to the dynamic ones as thru

    The above two address ranges can now be addressed collectively as or netmask; i.e. everything greater than

    Assign your static-IPs-to-be-treated-the-same as say,,, up to (Like your Macbook wired and the Macbook wireless

    These can now be addressed collectively as; i.e. everything less than
  3. canadave

    canadave LI Guru Member

    Thanks very much....I understand pretty much everything you suggested. I see where you're going with the concept, but I'm a little unclear what you meant by "the address ranges can now be addressed collectively as...." By this, you're saying there's a way to set up port forwarding for groups of IP's, right? i.e. I can forward incoming uTorrent packets arriving at port 12067 to IP range from to, which, in our example, would cover all the MAC addresses on, say, the Macbook?

    Or am I not quite getting what you're getting at? :)

    Either way, thanks very much for the answer.

  4. HennieM

    HennieM Network Guru Member

    I don't think you can forward incoming packets on a single port to a range of addresses via the web interface (as the web interface would probably not allow this). You can however, specify multiple destinations by manually setting up some DNAT iptables rules. See the iptables man page, and in particular the "--to-destination ipaddr[-ipaddr][:port-port]" option. This option seems to forward the packets to the different IP addresses in a round robin fashion, so it might not be exactly what you want.

    I have no idea how torrents work, but does your machine not need to initiate a connection first before packets start coming in? If so, the sort of internet->internal forwarding you mention would be there automatically; i.e. because your machine initiated a connection, packets coming back on that connection would go back to your machine.

    You might also play with port triggering, which could open certain incoming ports once your machine has triggered certain outgoing ports.

    Further, does uTorrent packets come in only on port 12067? I would think that it would use a range, like 12060 - 12069 or something like that.

    If so, as an alternative to the port triggering, you could set up normal incoming forwards:
    port 12067 to be forwarded to, and port 12068 to, etc.

    So incoming uTorrents will try 12067, and get no answer if is not there. It would then try 12068, and get an answer if you are on
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice