Moving the NAS
I had to move my NAS into the basement. There is no room in our flat left for noisy computer equipment. My flat is in the first floor. I have no chance to build a wired ethernet connection into the basement. So I had to build up a wireless connection into the basement. The current setup is drawed in the following pictures: The settings of the OpenWRT Router are:
- Hardware: TP-Link Archer AC1750 C7 v5
- Software: OpenWrt 19.07.3 r11063-85e04e9f46
My first approach was to just bridge a WiFi interface of the router to the ethernet ports. However, I learned, that bridging between WiFi and ethernet is not that simple. The root cause is a missing source MAC address in the 802.11 standard. The best solution to this problem is using WDS. This switches WiFi to a four MAC address mode. The details are in the linked article. I didn’t get WDS working. Therefore I used relayd as workaround. I followed the setup in the linked article. Relayd has some drawbacks. Relayd does not support IPv6. Furthermore it does Layer 3 things to emulate Layer 2 connectivity.
I have a static route (
192.168.88.0/24) installed on my NAS to route traffic for my VPN to my raspberry Pi. After the initial relayd setup
I was unable to connect from my VPN to the NAS. Connecting to the NAS from any device in my home network to the NAS worked.
Including the raspberry Pi terminating the VPN. I tracerouted a target in the VPN from the NAS. Packets for the VPN host
where routed by my easybox into the network of my ISP.
After some debugging (tcpdump yeah!) I found that my NAS did a correct nexthop and ARP lookup. It set the raspberry Pis MAC address as target.
However, the relayd on the OpenWRT router redoes the nexthop and ARP lookup on relaying the packets.
Installing the static route on the OpenWRTs main routing table solved the problem. To be sure I installed the route on both the relayd interface, and the WiFi uplink interface. After this the NAS was able to connect to hosts
in the VPN.
This twitter thread documents my debugging rants in German.
relayd resets the nexthop. If a host behind your relayd has static routes, you must have that route on the OpenWRT in the main routing table.