This weekend, I setup a Wireless Ethernet Bridge.
What the heck, I hear you say! I’d better explain why I did this, and what it actually means.
I have a wireless network in the house that extends to a large part of the rooms. Unfortunately we have thick walls and ceilings with a lot of steel-reenforced concrete, and this causes less-than-ideal wireless reception in parts of the house. The thick concrete walls do not invite drilling a lot of holes for CAT5 cables. I had to think of something else that minimized the drilling of holes and still gave me a network that covers all of the house.
I have been using a WRT54GL (its selling point being that it can easily be flashed with alternative Linux based firmware) until now. This gave me a wireless speed of 54 Mbit/sec (802.11g) maximum. I have flashed this router with an alternative firmware, tomato, which really helped me getting my Internet router stable and feature-rich while at the same time I was able to raise the transmission power a bit… but not enough.
So what I did was to buy a new wireless dual-band router with 802.11n speeds (300 Mbit/sec) which gives the existing wireless LAN a boost. This new router had to be capable of running tomato firmware too (because I am fond of it) and the dual-band gave me a way to leverage the old WRT54GL without killing the speeds of the larger wireless LAN: a dual-band router basically has two wireless access points built-in. I found the Cisco/Linksys E3000EW at a very interesting price (it is being followed up by a new device, the E4200). It also has an USB port (for connecting a hard drive or a printer) and I found that the tomatousb firmware (a successful mod of the tomato firmware) fully supports this device.
The E3000EW was switched on and two minutes later, the poor bugger was running tomato firmware! A firmware upgrade through HTTP upload using the standard Linksys firmware worked flawlessly.
Now the first task was to copy the configuration of the old WRT54GL to the new E3000EW. That was not too hard. AlsoI setup the two internal access points with two different ESSIDS of course. Then I quickly swapped the two (after “cloning” the WAN MAC address so that I would not have to go through my ISP’s provisioning setup again) and I had freed the WRT54GL for re-configuration into a Wireless Ethernet Bridge.
What was my plan? To position the WRT54GL in the house, nearby the area where wireless signals were weak because of the steel and concrete. Its position would be where I do have a good wireless connectivity. From that point on, I would run CAT5 cable from the WRT54GL to the computers that needed to be connected. This would mean, much less cable and much less drilling.
Actually, that was the final plan, which I implemented. Originally I wanted to create a distributed wireless network using WDS, which is a technique (supported by the tomato firmware) to connect multiple wireless access points. However, when I started reading about these techniques, it turned out that WDS effectively cuts your wireless network speeds in half with every “hop” that you create in your network. And I was not prepared for lower speeds… even though the advantage would be that I did not have to run new CAT5 cables. Access points with WDS still accept client connections, so all I would have to do was put the second AP in a location where it gave good coverage to the computers that suffered from problematic wireless reception.
The thing with Wireless Ethernet Bridging (WET) is this: the second Access Point, deployed to connect to the “master” and create the bridge, dedicates its wireless link to that bridged connection. It will no longer accept connections from wireless clients. It means that the computers need to connect to it using conventional cable!
It was a matter of weighing the pros and the cons. I decided on creating the bridge and using cables, because that would keep the maximum network speed acceptible.
So the old WRT54GL was reconfigured (using a network cable of course, you can not do this wirelessly). And it works surprisingly well! I am writing this article while my laptop is connected to this device using a cable and the traffic is bridged across the air. So, whoopee!
There are a few gotcha’s that I ran into, before I finally found out what it takes to successfully create a wireless bridge.
- The “master” router (the E3000EW in this case) needs to be configured as a Wireless Access Point – that is the default, so I could leave that one alone.
- The secondary router (the WRT54GL) needs to be configured, not as a gateway but as a router (in the tomato’s Advanced > Routing menu) or else your traffic is not going to reach the “master” router at the other end of the bridge.
- The wireless security must be set to “WPA Personal”, with AES encryption (in the tomato’s Basic > Network menu). I had left this setting to “WPA/WPA2 Personal” at first, using AES for ecryption (this was what I used when the WRT54GL was still my Internet router), and it would refuse to connect to the wireless master. If you look more closely to the dropdown menu for the security settings, you’ll see that the tomato warns that WPA is the only accepted choice…
- The WRT54GL can function as a wireless bridge without having an IP address assigned to it. However, you lose the ability to make a HTTP connection to the administrative interface – and someday that will prove to be very inconvenient. So I gave the router an unused IP address from my LAN address range.
Remember, when you setup a bridge, you are extending your network transparently. A network bridge passes network packets back and forth without dividing the network in two segments. Computers in the LAN will be unaware of the bridged connection – it does not show up in a traceroute. There is another solution for my problem that I have not gone deeper into, and that is to setup the WRT54GL as a “wireless client”. This creates a new network segment though… which requires that you run a DHCP server on the WRT54GL for the wired client computers that you connect to the device.
And yet another option is to install the “dd-wrt” firmware and configure the WRT54GL as a Wireless Repeater which allows you to connect your computers wirelessly to the device… but dd-wrt is not nearly as userfriendly as tomato. Pick your choice.
This is the network diagram I ended up with (courtesy of oldspeak where I also obtained the final piece of the puzzle):
And what about powerline / homeplug, you ask?
I have considered that, and sometime ago, when my wireless conneciton problems became aggravating, I even wanted to buy a set of 200 Mbit Devolo mini adapters. They would give me 100 Mbit effective network speeds, but I still would have to buy a second wireless access point if I wanted to extend my wireless LAN, or else I would have had to use conventional cable. That made me decide to pick the geeky solution.
Eric
I just bought these: http://www.devolo.com/consumer/77_dlan-200-av-wireless-n_starter-kit_product-presentation_1.html?l=en. 😉
Alex
Nicely done! I have the older version of your new dual-band 802.11n router, the WRT320n, with Gigabit ethernet but without the USB port. I put DD-WRT on it as soon as I got it. DD-WRT really isn’t that difficult, it just gives you a LOT of control over the device and therefore a lot to read and learn.
I’ve used mine as a wireless bridge as well, but I had severe speed issues with it in that configuration, so now it serves as my main router and wireless AP, and if I have to temporarily plug in a device via ethernet from across the house, I just drop a 50-foot wire and put it away again when not needed.
Anyway, thank you for the post, it was very informative! 🙂
on dd-wrt for years now i’m my gl. never crashes 😀
I’ve been thinking on doing this myself for several months in order to connect PS3 and some fancy TV the wife got me as my apartment wasn’t designed (as usual) with conectivity on the rooms and I have changed the layout up to the point that even the power outlet are useless…
Anyway, thank you for the post, it was very informative!
I’m glad you posted this because I just had to redo everything in my house and had forgotten how to do this. However, I found some things to be a little different (my recap):
— make sure the WET Bridge(s) is/are set to Router; make sure the WAP is set to Gateway
— you can set the WAP security to WPA/WPA2, but the bridge must be WPA – found AES to be more stable than TKIP.
— disable DHCP
— make each one a unique color
— uniquely named my bridges: bridge(n) where ‘n’ matches the last octet of the IP
— everything else on the devices should basically match
Tomato rocks… upgrading to netgear WNR3500L tomorrow, but glad I got this straight first.
Thanks!
It truly is amazing in my opinion that so many companies
are not making use of business ethernet. It is extremely a great deal more cost effective than T1 lines or bonded T1 lines.
For those who have even bigger circuits like DS3 or OCx, Ethernet becomes even more cost efficient.
The WET unit must be in “ROUTER” mode , not “Gateway” mode as you described above. The main AP/Router that you are connecting to must be in Gateway mode. You want to switch to “Router” mode to disable NAT on the WET device. Using double NAT in this situation is not necessary and will likely cause degradation in performance.
Cheers!
You are right, I will update the article accordingly.