Reply

Networking help - Trying to bridge two different networks

Dixit
Novice

Networking help - Trying to bridge two different networks

My networking skills are great for normal things but when we start getting into bridging two different networks and what not I get fuzzy. Need some help here and advice. I have two houses about 200 meters apart. House A is on 192.168.1.x network with its own Cable modem (using a Linksys E2000 router running DDWRT). House B is on 192.168.0.x network also with its own Cable modem (using a Netgear R7000 stock firmware).

We could not run a wire that far as we are crossing over 4-5 houses/neighbors. So we are using high powered Wireless antennas as we have a line of sight to the other house. So each house has a Mikrotik SXT AC wireless antenna. Each one has its own local IP (such as the one for House A has its own SXT and it carries a 192.168.1.50 address for example).

Right now I have them bridged and using a route to each side. Here is my problem right now. Side A sometimes services DHCP requests for clients sitting on the SideB side. And vice versa happens too. So basically a client device sitting under HouseB gets a 192.168.1.x IP (which is a HouseA network). Ive had to create a firewall rule on the Mikrotik SXT devices to block UDP port 67/68 on the device itself. But problem there is that it causes the device to actually slow the link down. Normally I can get about 125-150Mbps link between the two houses if I don't configure the firewall. Once you configure the firewall rule I only get 80Mbps. So its eating well over 50%.

So thinking is there any way around this? If I create say a VLAN specifically for the Wireless Antennas (Mikrotik SXT devices) and not bridge those, will it keep the DHCP broadcasts from going across the wireless bridge?

One more thing, what I like about the setup now (where Im using the firewall on the SXT itself) is that UPNP works across, so Xbox or other UPNP devices on either side can see the entire list of UPNP servers or devices even from HouseA or B which is nice. Im afraid if I do the VLAN setup then that part probably gets killed as well.

What advice you all got on this? Do I need to dump the E2000/R7000 devices as the main routers for each house and get more of a SOHO router with built in firewalls or better DHCP servers that can only serve its own side?

Dixit


Message 1 of 6
fordem
Mentor

Re: Networking help - Trying to bridge two different networks

What are you hoping to achieve through this bridge?

Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Message 2 of 6
Dixit
Novice

Re: Networking help - Trying to bridge two different networks

Sorry should've been clear about that part too. Idea was mainly to be able to backup each others data via a server at each house without relying on the ISP side for that. Each side is limited to barely 5Mbps upload. With the Mikrotik SXTs we get 125-150Mbps. We also want to then use it to stream movies from the other side when needed. With the current setup (even with the firewall in place we get 80Mbps) we have no issues streaming 20-30Gig video files in real time to say an Xbox. We have static routes setup on each side to point to the local Mikrotik SXT when it looks to hit the other side. That SXT just takes that traffic and sends it to the other SXT which then hits the other house network.

So in summary it is just to talk to the other house without the ISP. But each house still uses the ISP for their own clients for anything that requires the WAN side traffic.

Dixit
Message 3 of 6
fordem
Mentor

Re: Networking help - Trying to bridge two different networks

http://wiki.mikrotik.com/wiki/Bridging_Networks_with_SXT If I assume that the link above details what you are attempting, I think you may need to have a chat with Mikrotik. First - there is a bit of ambiguity in the terms - what you are creating is a wireless bridge, but you do not want to bridge the two networks because you want them separate. Perhaps a better way to describe it would be as routed wireless link between the two networks. Maintaining the networks as separate entities requires you to route the traffic rather than bridge, and that separation is what will prevent broadcast traffic (such as DHCP requests) from being transmitted across the bridge. Once you have the Mikrotiks configured for routing, you will also need a static address on each of the internet gateways pointing traffic intended for the other network back to the Mikrotik.

Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Message 4 of 6
Dixit
Novice

Re: Networking help - Trying to bridge two different networks

Right I follow you there. But I think I have it setup the way your last sentence mentions. Each SXT has its own local IP for that house, such as one SXT for HouseA is 192.168.1.50 and one for HouseB is 192.168.0.50. I have static routes setup say for example the R7000 has a static route for 192.168.1.0/24 with destination set to 192.168.0.50 (the local SXT). And similar on the E2000 running DDWRT, it has a static route for anything on the 192.168.0.0/24 to route to 192.168.1.50 (its local SXT). But even on that without the firewall on the SXTs, the DHCP is somehow bleeding into the other side.

Is the DHCP broadcast and reply even going across the static route? Shouldn't that not happen or is that correct by design?

Dixit
Message 5 of 6
fordem
Mentor

Re: Networking help - Trying to bridge two different networks

First - broadcasts are never routed. Second - whilst it is possible to send DHCP requests & replies over a routed link (this is not unusual in corporate environments), it requires a DHCP server that supports multiple lease pools and the use of something known as DHCP relay, which can either be run on the router (if supported), or, on a PC. I mention the above so that you understand that the only way you can pass DHCP broadcasts across that link is if the link is acting as a network bridge, rather than simply as a routed link. The problem has nothing to do with the routers that act as internet gateways, or the static route, it is either an incorrect configuration on the Mikrotik link or a bug in their code.

Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Message 6 of 6
Top Contributors
Discussion stats
  • 5 replies
  • 7686 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 6E