Using OpenWRT on old laptop for ADSL (Dutch KPN provider) without double NAT'ing

Submitted by hbogert on Wed, 12/31/2014 - 16:56

Update

I was switched from ADSL to VDSL. I can verify that once this happens, the "tricks" below do not work anymore with the Arcadyan ( Experiabox V8 ) router. Internally the router has 2 virtual interfaces, one for ADSL and one for VDSL. It seems that the PPPoE frames are still switched over the ADSL virtual interface, instead of over the VDSL interface.

TL;DR

  • Setup the ISP-Router as PPPoE gateway
  • Install OpenWRT on a laptop
  • Setup a wan port with PPPoE on physical port named as your lan bridge, probably br-lan
  • Let OpenWRT ignore the IPTV tuner's DHCP request
  • Let the ISP-router have a DHCP pool of size one, with a static entry of your tuner's mac.

Note:
Although the same router is provided by Telfort, this may not work, PPPoE doesn't seem to work.

Intro

Having been fed up with ISP (KPN) supplied router, an arcadyan vgv7519, I looked if there was any alternative I had.

Some of my considerations, which may not apply to you

  • I already had a laptop connected 24/7
  • I didn't want another router, only marginally better than ISP-Router - I want power, and I don't dislike the command-line

Related work

This blog -http://www.tvdw.eu/blog/2013/04/11/kpn-experia-box-v8-and-pppoe-passthro... - explains how to setup the ISP-Router as a glorified modem, but keeping wifi and the switch ports intact

Setup

OpenWRT - install

There are 2 ways of doing this, virtualized or native. As I had already setup a laptop for my domotica, I wanted OpenWRT to be a Virtual Machine[VM] running on a ubuntu laptop.

OpenWRT install - VM with libvirt

I used libvirt, install using:

sudo aptitude install libvirt-bin virt-manager

Be sure to have a bridge on your host PC/laptop, with the eth0 as a member with a static IP assignment, I used 192.168.2.1. You could, if you want, have it be served up by the ISP-router, make the DHCP pool with a size of 2, with a static lease. Here is my host's /etc/network/interfaces:

auto lo
iface lo inet loopback


auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
        bridge_ports eth0
        address 192.168.2.1
        broadcast 192.168.2.255
        network 192.168.2.0
        netmask 255.255.255.0
        gateway 192.168.2.252
        dns-nameservers 192.168.2.252 8.8.8.8

You can see by looking at the gateway that I've chosen the eventual OpenWRT install to be on IP 192.168.2.252 (it seems .253 and .254 both are used by the ISP-Router).

Now fire up virt-manager and add a host, use generic settings for linux with kernel 2.6, make sure the harddisk controller is simple IDE, not virtio, though the network can be. If you really want to use virtio for the harddisk, boot first with IDE and then change /etc/fstab to use /dev/vda instead of /dev/sda, then reboot after changing IDE to virtio. Use the harddisk image provided in: https://downloads.openwrt.org/barrier_breaker/14.07/x86/kvm_guest/openwr... or any newer version if applies, though use the KVM / 'combined' variant.

For the network, select your network bridge. (No NAT of course).

OpenWRT install - native

As assignment for the reader

OpenWRT - config

Most of the needed firewal/NAT-ing rules are already set in OpenWRT, we just need to set a WAN port to PPPoE (username and password don't matter at all) on (custom) physical port br-lan (assuming your actual network bridgeis called br-lan in linux, check with ifconfig through ssh) and make sure that WAN is in the firewall zone of 'wan' and 'br-lan' is set to firewall zone 'lan'


It should work after that.

ISP-Router

Caveats and solutions - the dirty part

IPTV, the ISP-Router listens for the IPTV tuner with DHCP and consecutively sets the corresponding switch port to VLAN 4. But in our case we want OpenWRT to function as DHCP, else we can't have it serve up the new gateway IP through DHCP. So, what seems to work is to assign a pool of size one on the ISP-Router, and have a static entry for the tuner(you can find it in the config of the tuner, or use wireshark). Now tell OpenWRT to ignore a DHCP request from the tuner, the ISP-Router will then function as intended and set the port as a member to VLAN 4.
The mac address of the tuner should be ignored by OpenWRT

Final note

We now have a fully functioning OpenWRT instance, and are reusing the wifi and switch ports of the ISP-Router, NAT-ing and other things like avahi/Apple Bonjour seem to work better according to others, though I never had any problems with those. I do like having control over my network which made this whole hassle worthwile.

Tags: