Previously, separate routers have been used to provide special network access for devices such as Quest. This time, it is changed to bypass gateways (some call them bypass routes), so as to solve problems such as different network segments and limited LAN bandwidth.
Old access
I have two home routers, one is WAX206 purchased some time ago (Router A). One is Xiaomi Router Pro (Router B), which was purchased long ago.
The connected equipment is as follows:
- Router A (2.5G interface router/2400Mbps WIFI): PC, NAS, WIFI 6 devices;
- Router B (old 1G interface router): built-in agent, special equipment access through WIFI or Lan.
The connection method of the router is as follows:
In this connection mode, the device connected to router B is in a different network segment from the device connected to router A.
For some software that uses LAN capabilities, the device under A cannot find the device on B.
There is no need to worry about VirtualDesktop. The client and server of VD will try NAT to make holes.
At the same time, devices under A and devices under B can access each other, and the LAN bandwidth will be limited by the 1Gbps router B.
New methods
In the new topology, the identity of router B is only a client device under A.
On the Lan of router B, provide a proxy exposed in the LAN.
Equipment requiring a special network is accessed through A's WIFI, but manually points the gateway to the Lan address of router B.
After the device is accessed with WIFI and the gateway is modified to the Lan address of B, the data path is as follows:
Under the new mode, LAN mutual access and WAN ordinary downlink traffic are not subject to 1Gbps interface bandwidth constraints; WAN traffic and WAN proxy downlink traffic are constrained by 1Gbps interface bandwidth.
Considering the status quo of domestic uplink bandwidth and proxy usage, the above constraints are harmless.
Some questions
How to configure the bypass gateway
Here are some key points:
- Fixed IP address of LAN port of router B
- The LAN gateway of router B points to the main routing IP
- Router B shuts down IPv4 and IPv6 DHCP servers
- Set firewall as appropriate
- Reasonably configure the software on router B
- Use a network cable to connect the router A Lan interface with the router B Lan interface, and leave the router B Wan interface blank
If the routers are all OpenWrt systems, these settings will be convenient.
Unable to access the Internet after connecting to WIFI and setting the gateway. You can access the Internet through the network cable connection
Refer to this article for technical details (there are also good articles on CSDN): After the bypass route is set, the main route WIFI cannot access the Internet
If you use the original OpenWrt instead of the OS modified by the domestic router manufacturer, you will not encounter this problem.
According to the observation, both the OpenWrt image compiled by ourselves and the image published by others have turned off iptables on the bridge by default, that is:
# cat /etc/sysctl.conf net.bridge.bridge-nf-call-arptables=0 net.bridge.bridge-nf-call-ip6tables=0 net.bridge.bridge-nf-call-iptables=0
How to set the gateway for Quest
When connecting WIFI, connect the IP settings
The option is changed to static state
After that, the gateway, DNS and other filling boxes will appear.
Why not configure the proxy directly on the main route
In order to improve the stability of the main route without affecting other devices.
What is the picture above painted with? It's so bad
Huawei MateBook E+stylus software is a Microsoft Whiteboard application that comes with Windows.