DD-WRT Wireless Bridge Update
Since November 2005, I have been using a Linksys WRT54G as a wireless bridge to connect two parts of my home network. The WRT54G runs on DD-WRT firmware (in 'Client-Bridged' wireless mode), which I find completely reliable - it simply just works. Last week however, as I decided to set up my trusted PrintMate+ print server, I discovered that a little fine tuning was needed with the DD-WRT setup.
The DD-WRT in 'Client-Bridge' mode is supposedly completely transparent. I.e. with DHCP turned off and assigned an IP address outside the range of the rest of the network, but within the same segment, the bridge will just connect to another router as a client. This other, "main" router must act as DHPC server and a device connected to one of the bridge ports will behave as if it was attached directly to the main router. What I discovered last week when I hooked up the print server to the bridge, is that the bridge actually blocks incoming traffic to devices located behind the bridge. In other words, from behind the bridge, I can ping any other device on the network, but I cannot ping devices behind the bridge from outside the bridge.
I started looking around to see, if I could come up with some fix to remedy this situation. First, I read something about disabling the firewall and loopback interface on the bridge.
This I did and it did not help.
Next, I came across this guide to setting up a DD-WRT bridge, which as its last step instructs you to telnet into the bridge and issue an proxy_arp command:
Apparently, this is nessecary because running the DD-WRT firmware basically turns your router into a Linux box, which uses multiple network interfaces. Altthough DD-WRT in bridge mode hides the difference between the LAN (network behind the bridge) and WAN (network in front of the bridge) interfaces, Linux still distinguishes between the two. The proxy_arp command makes the router forward (proxy) traffic from one interface to the other.
The above proxy_arp command did not work for me - it failed to execute. I then looked around some more and discovered that I just needed to issue the command for the network interface which is connected to my home network. I ran 'ifconfig' and found out that this is the 'br0′ interface and after a reboot of the bridge, the following command solved my problem:
If you enjoyed this post, make sure you subscribe to my RSS feed!
September 17th, 2006 at 13:13
Thank for that :)
July 16th, 2008 at 05:35
This is absolutely the greatest tip I have come across in months. I’ve spent SOOO long trying to solve this problem (trying to get media sharing working on my Xbox 360 from behind a DD-WRT bridge) and couldn’t find the solution anywhere. Your command worked like a champ. I feel like shouting it from a rooftop somewhere. AWESOME!! THANKS!!! =)
July 16th, 2008 at 11:35
Hi Rob, thanks for commenting - I am really glad to learn the post was useful to you.
August 22nd, 2008 at 08:03
Chris -
I’m having this exact problem and I’m hoping you can help. I’ve tried both the command from the guide as well as the command you published here, and neither of them seemed to be the solution. The former did not execute, and the latter appeared to execute but had no effect. Am I doing something wrong? Thanks!
August 22nd, 2008 at 08:53
Actually, I take that back… I was having multiple issues. My firewall was actually blocking the incoming ping requests.
I have a DHCP issue related to this thread: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=33206&postdays=0&postorder=asc&start=330
Guess I play the waiting game for now, or reflash to v23.
November 2nd, 2008 at 00:56
Tried on mine without success. Can you give me some pointers on how to interpret the ifconfig results so I can identify the right ipv4/conf path?