Conceptually, it’s fairly easy to understand - nftables, relayd, likely some firewall application.

However, is it as simple as configuring the WAN port as the WiFi interface and leaving it at that? Note that I’m not bothered about double NAT since I won’t be opening any ports, and the main router cannot be touched.

I do want my own SSIDs, my VLANs, control over the firewall etc. Basically, my own network space. If anyone has done this/has an idea of the problems I might run into, please do comment!

Appreciate the help!

Pretend the “main router” is a hotel wifi and use the TravelMate package.
https://github.com/openwrt/packages/blob/master/net/travelmate/files/README.md

@MigratingtoLemmy@lemmy.world
creator
link
fedilink
English
28M

Thank you! Could you explain a bit about what travelmate does under the hood? I’d like to know the basics of how it operates.

The main config needed is AP+Sta mode, which is explained here:
https://openwrt.org/docs/guide-user/network/wifi/ap_sta

@MigratingtoLemmy@lemmy.world
creator
link
fedilink
English
28M

Thanks!

Avid Amoeba
link
fedilink
English
5
edit-2
8M

Do you even need relayd? I think relayd is for extending the existing NAT, i.e. a wireless bridge operation. At least that’s how I utilized it in a previous setup. If you want to have your own NAT, I think it’s enough to just connect to the upstream wireless network as a client. Not sure if you have to designate the wireless interface as WAN or not.

@MigratingtoLemmy@lemmy.world
creator
link
fedilink
English
18M

How would you do this? What would be the steps you take to create a double NAT + Firewall + DHCP server with the OpenWRT router behind the main router?

Avid Amoeba
link
fedilink
English
28M

I think you basically need to do this. I see it mentions the wifi interface becoming WAN too.

@MigratingtoLemmy@lemmy.world
creator
link
fedilink
English
18M

Thank you!

The_Pete
link
fedilink
English
18M

Depends if you want to assign IP addresses or not. If you don’t, you just want your own section of the same lan, I.e.all your devices connected to your router but let dhcp pass through then you can just set itnup as an extender

He mentioned that he wants to create Second level Nat, that will require new IP addresses and DHCP in the subnet

@Decronym@lemmy.decronym.xyz
bot account
link
fedilink
English
1
edit-2
8M

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

Fewer Letters More Letters
AP WiFi Access Point
IP Internet Protocol
NAT Network Address Translation

3 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.

[Thread #585 for this sub, first seen 10th Mar 2024, 07:45] [FAQ] [Full list] [Contact] [Source code]

Lemmy Tagginator
bot account
link
fedilink
08M

deleted by creator

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 191 users / day
  • 419 users / week
  • 1.14K users / month
  • 3.85K users / 6 months
  • 1 subscriber
  • 3.71K Posts
  • 74.6K Comments
  • Modlog