Multi-Router Mis-Configuration

[slow_speed]

I am pretty sure I have some sort of misconfiguration going on, and I could use some help. Here are the specs:

Router number 1

IPv4
IP Address: 192.168.1.1
Subnet Mask: 255.255.255.0
Enable DHCP server: checked on
Start DHCP Address Range at: 192.168.1.10
DHCP address range: 192.168.1.10 - 192.168.1.110
DHCP lease time: 1440 minutes.

IPv6
Ipv6: checked on
When on, connected devices can make IPv6 connections to the Internet.


Router number 2

Status
Device Name:Gargoyle
Gargoyle Version:1.8.1
Model:NETGEAR WNDR3800CH
Device Configuration:Gateway
Memory Usage:19MB / 123.4MB (15.4%)
Connections:101/4096
CPU Load Averages:0.02 / 0.14 / 0.08 (1/5/15 minutes)
Uptime:0 days, 0 hours, 5 minutes
Current Date & Time:11/08/15 12:05 AM EST
WAN IP Address:192.168.1.10
WAN Netmask:255.255.255.0
WAN MAC Address:
WAN Gateway IP:192.168.1.1
WAN DNS Server(s):192.168.1.1
LAN IP Address:192.168.1.2
LAN Netmask:255.255.255.0
LAN MAC Address:
Port Status
LAN1 100Mbps
LAN2 -
LAN3 -
LAN4 -
Wireless Mode:AP+WDS
Wireless MAC Address:
2.4 GHz Access Point SSID:Gargoyle
5GHz Access Point SSID:Gargoyle 5GHz
QoS Upload:Disabled
QoS Download:Disabled

Device Configuration
Configure Device As: Gateway (Default)
Internet / WAN
Connect Via: DHCP Wired
Current IP: 192.168.1.10
Current Lease Expires: 11/09/15 00:00 EST
Local Network / LAN
Router IP: 192.168.1.2
Subnet Mask: 255.255.255.0
DNS Servers: Default DNS Servers as specified by ISP
unchecked - Allow NameCoin/OpenNIC Resolution
unchecked - Force Clients To Use Router DNS Servers

DHCP
LAN DHCP Server Enabled <not enabled
DHCP range: Start: 192.168.1. End: 192.168.1.
Lease Time: (hours)
Static IPs


Router 1 is on the internet and works fine, but Router 2 cannot see the Internet and my computer cannot ping 192.168.1.1 because it is unreachable. Another router, we'll call Router 3, has the same problem with Router 1.

[tapper]

Hi mate try turning IPv6 off. Gargoyle does not work with IPv6. Other than that try flashing to Gargoyle 1.9.1

[slow_speed]

Turn off IPv6 on Router 2?

Which is the correct one?:
gargoyle_1.9.1-ar71xx-generic-wndr3800ch-squashfs-factory.img
gargoyle_1.9.1-ar71xx-generic-wndr3800ch-squashfs-sysupgrade.bin
gargoyle_1.9.1-ar71xx-generic-wndr3800-squashfs-factory.img
gargoyle_1.9.1-ar71xx-generic-wndr3800-squashfs-sysupgrade.bin

Thanks.

[slow_speed]

Okay, I got it working. Here's what I did.

First, I went ahead and used the experimental (beta?) version 1.9.1. I found that the correct one should be a .bin file. Then I found that the CH version is probably for Charter. I had the wrong one all along. My router is the plain Premium version, so it is set up correctly now.

I had to wait quite a long time to get the update finished and get the main screen back, but I just left it alone and it all worked itself out. I believe one must realize that the processor is tiny and it just takes awhile.

Once it was up and running, I reset the router, then logged in with 192.168.1.1 and "password", changed the password and timezone, and changed the IP to x.x.1.2.

Then I logged in with new address and password. and found I was on the Internet. It turned out that I had to set the "Connect Via" to "Disabled" (lost the Internet at this point), and the "WAN Ethernet Port" to "Bridge to LAN".

At that point I could get on the Internet and also see Router 1.

All good.

Thanks.

[Lantis]

Well, that is one solution. However you've now lost almost all features of Gargoyle.

Instead, you should have moved the LAN side of Gargoyle to 192.168.2.1 (different subnet). Then everything should have worked fine. DHCP would need to go back on.


Having devices on different subnets isn't always desirable but it is the right move here.

[slow_speed]

Interesting. This raises a few questions.

Why didn't the number 2 (Gargoyle) router see the first one initially?
Why didn't it see the Internet initially?
Where are the instructions for multiple router setups?

Normally, as I understand it, when stringing two or more routers together and using the same subnet, one can only have one of them being the DHCP server. So that was the first thing I wanted to do.

Next, I needed a third router with WiFi in another area, which I put on a separate subnet.

And finally, the second router, the Gargoyle one, is for setting up quotas. I had no trouble adding the third router's IP as having a set monthly quota.

Quotas were the reason I chose Gargoyle. If it does other things, I guess they are not of value to me. (?)

[Lantis]

Interesting. This raises a few questions.

Why didn't the number 2 (Gargoyle) router see the first one initially?
Why didn't it see the Internet initially?
Where are the instructions for multiple router setups?

Normally, as I understand it, when stringing two or more routers together and using the same subnet, one can only have one of them being the DHCP server. So that was the first thing I wanted to do.

Next, I needed a third router with WiFi in another area, which I put on a separate subnet.

And finally, the second router, the Gargoyle one, is for setting up quotas. I had no trouble adding the third router's IP as having a set monthly quota.

Quotas were the reason I chose Gargoyle. If it does other things, I guess they are not of value to me. (?)

Unsure why.

There aren't any instructions required for multiple router setups?
All configuration boils down to a couple of main scenarios, just with different devices at the ends serving the same base purpose.

If you want to string them together and use the same subnet, then you are correct that only one can have a DHCP server running.
However by setting connect via to "Disabled", you've turned Gargoyle into a glorified dumb switch.
No traffic is traversing the firewall, and therefore nothing (including quotas) will work properly.
You should see incorrect or zero usage being reported for the device.
All of the graphs should be incorrect.
Happy to be proven wrong, but this is my past experience (and it makes sense).

If you want to string two routers together in the same subnet and use Gargoyles features, Gargoyle should be the main internet facing router.

[slow_speed]

No traffic is traversing the firewall,

That's odd, since I didn't turn off the firewall. Who would design something like that when the whole user experience of current computing is that firewalls are a disparate thing that blocks or doesn't block transmissions? The firewall should work regardless of the medium of transmission.

and therefore nothing (including quotas) will work properly.
You should see incorrect or zero usage being reported for the device.
All of the graphs should be incorrect.
Happy to be proven wrong, but this is my past experience (and it makes sense).

I cannot see how that makes any sense whatsoever. One function should have nothing to do with the other.

To be clear, the number one router is a proprietary cellular router by the ISP and that cannot be changed. The Gargoyle router must come in next and count the quota for one IP address that is assigned to a third router.

[Lantis]

No traffic is traversing the firewall,

That's odd, since I didn't turn off the firewall. Who would design something like that when the whole user experience of current computing is that firewalls are a disparate thing that blocks or doesn't block transmissions? The firewall should work regardless of the medium of transmission.

and therefore nothing (including quotas) will work properly.
You should see incorrect or zero usage being reported for the device.
All of the graphs should be incorrect.
Happy to be proven wrong, but this is my past experience (and it makes sense).

I cannot see how that makes any sense whatsoever. One function should have nothing to do with the other.

To be clear, the number one router is a proprietary cellular router by the ISP and that cannot be changed. The Gargoyle router must come in next and count the quota for one IP address that is assigned to a third router.

Ok sure, let me rephrase with an example.

Much like Airport security, a firewall is only effective if every single person (packet) goes through security.

You're right, the firewall isn't off. The guards are still there making you empty your pockets and take off your shoes.
BUT
The lovely Gargoyle staff that hold up the signs for valued customers (lets say, high priority traffic), or the lady doing head-counts and taking statistics (quota management), have all been told to go home.

So yes, every packet/person has still been scrutinised by the firewall. However, no-one was there to direct particular packets down the express lane, or to keep a count of how many or how big the people/packets were that came through.


Better than that though, by setting "connect via" to "disabled", you've basically disabled all of the good firewall stuff even further. Now the good experienced guards are being sent home and are being replaced by vacation students who know how to deny the basic bad stuff, but don't look too deeply.
Now this doesn't matter, because your ISP router will have its own firewall and you'll be likely fine. And you also have local firewalls on your devices (right?).
It is, for all intents and purposes, a dumb switch.
Packet comes in, figure out where its going, send it out (that's more the definition of a router, but you get my point).


Here are some screenshots.
1. Connect Via: DHCP (Wired). Bandwidth monitor on and reporting traffic to and from the internet
2. Connect Via: DHCP (Wired). Quota set, and working
3. Connect Via: Disabled. Bandwidth monitor on and reporting sporadic tiny traffic (i'm actually not sure what this is but it happens all the time. possibly dhcp and other sign of life packets)
4. Connect Via: Disabled. Quota set, but not even displaying
5. Connect Via: Disabled. QoS enabled, but no traffic going through any classes


I assure you, that to make your setup work correctly, you should have
ISP Router -> Gargoyle -> 3rd Router
ISP serving you the internet
Gargoyle (on a separate subnet) receiving the internet from ISP Router, and doing its job monitoring and classifying/restricting traffic
3rd Router (same subnet as gargoyle), only acting as a remote connector to the device

[tapper]

Hi slow_speed when you use Gargoyle you are in a sense turning your router from your ISP in to a modem.

The hole point of Gargoyle is to let it handle all your traffic that's how it can make QOS and quoters work.
Most of the cool bits of Gargoyle have to have it this way or they will not work

In my setup my ISP's router is set as a bridge, then a cable go's from the Ethernet port on my ISP's router in to the wan port on my Gargoyle router.

My ISP's router is on 192.168.0.1
My Gargoyle router is on 192.168.1.1
I have 2 dumb AP's connected by Ethernet. The IPs of the dumb AP's are set outside of the DHCP range of my Gargoyle so:
AP1 is at 192.168.1.251
AP2 is at 192.168.1.252
DHCP is turned off for all routers except the one running Gargoyle

This lets my Gargoyle handle all the traffic in my house.

I hope this helps and sorry for my first post i did not read through your post proper i was in a rush.

ps Lantis knows a lot more than me so Lantis if i have got any of this rong pleas let me know. (cool)