Sending internet from one router to another

[loady]

Hi,

i want to be able to let my neighbour accross the road use my internet, however they cant pick it up because of the dongle is not very good, i have routers sitting here doing nothing that have dd-wrt on them, they are wireless N D-link 615's, my intention is to install the roputer in there house hoping that i can beam my internet connection over to it for them to use in their house as a wifi router so they can connect thier computers and laptops etc, not sure if this is possible or what the technical name for this is so searching for something that i have no name for is quite hard, i do not want them to be able to have access to my network here, i mereley want to have the internet connection sent to them for them to use. Any advice will be greatly appreciated..the nearest guide i could find is this but i am not sure if it is only the internet it is sending..

http://www.connectedhome.infopint.com/bridge-two-wireless-routers/

 

[eibgrad]

The best solution is a Y configuration, where each of you shares the one connection to the primary router w/ your own routers. In a sense, the primary router becomes your common/secondary ISP.

[your router](wan)<-- wire -->(lan)[primary router – “isp”](lan)<-- wire -->(wan)[neighbor's router]

Each of you remains completely independent, and protected from the other by your respective firewalls, but yet retain access to the upstream router providing only internet access.

Of course, for both security and practical reasons, it’s best to have the neighbor’s router at their own home. So the question is, how do you convert the WIRED connection between the WAN of the neighbor’s router and the LAN of the primary router to WIRELESS? For that you need a wireless ethernet bridge (aka, client bridge, gaming adapter, ethernet converter).

[your router](wan)<-- wire -->(lan)[primary router]<-- wireless -->[wireless ethernet bridge](lan)<-- wire -->(wan)[neighbor's router]

Of course, the primary router must either offer a wireless AP, or you’ll have to add that separately.

This sort of arrangement, where the router has a wireless capability over its WAN, is called a WISP (wireless ISP) router. You can actually buy such routers, although they’re somewhat rare and thus narrow your buying options. Most ppl don’t bother since you can always construct your own.

So that’s the basic idea, but it’s not perfect. Hopefully it’s obvious there will ALWAYS be a certain amount of implied trust. Because one of you controls the shared resource (rather than a third party), specifically the primary router, it’s theoretically possible for the one who has physical possession to eavesdrop on the other’s traffic as it traverses the network of that router.

But that’s always the case whenever one of you becomes (effectively) the ISP. Even if you have your own independent ISP connections, there's an implied trust of that ISP. But the ISP could violate that trust and eavesdrop on the traffic were they so inclined. In that sense, there's nothing new here, except you (the neighbor in this case) are adding one more person/entity to your circle of trust. Maybe that's a good idea, maybe not, but only you can decide.

If this is a concern, you could use a VPN service so that traffic was encrypted until it reached the internet, thus making the data useless to the eavesdropper. But even then you’re trusting the VPN provider, right? In fact, a sophisticated user could probably “spoof” the VPN connection w/ a MITM (Man in the Middle) attack!

The point here is not to generate needless paranoia, but merely to provide the information so that each of you goes into the arrangement with full knowledge of the risks.

Of course, there are other details too. None of this architecture by itself establishes whether the neighbor’s wireless ethernet bridge can actually/reliably reach the AP of the primary router. You may need a stronger AP, repeaters, even a business class AP or point-to-point bridge between your homes. And all of these add to the overall cost. It just depends on your environmental conditions and what additional expenses each of you is willing to absorb/split to overcome them.

Finally, it might be worth considering the purchase of two static, public IPs from the ISP, one for each router. Then you can eliminate the primary router and substitute a "switched modem". That removes the otherwise superfluous secondary NAT and firewall. And now remote access is MUCH easier.

 

[loady]

Thanks for that adivce, sounds quite complicated..i had a quick look on my router thats running dd-wrt mega version and in the setup page under advanced routing options it is set to run as gateway, however, i see no setting for wirless AP so im gussing that other equipment needs to be purchased and i cant just use these wireless N DIR615 routers ?

 

[eibgrad]

Like a lot of things, it often sounds more complicated than it actually is to execute. Esp. if it's all new to you. And you can always start out w/ the simplest configuration and expand it as necessary. For example, you could build and test this architecture using only wire, then add the wireless ethernet bridge during deployment (all the bridge does is provide a substitute for wire between the homes). IOW, divide and conquer.

You can use the two DIR615 routers, but you'll need a third router to complete the Y configuration. How you decide to distribute the responsibilities of each if up to you. The basic concept remains the same.

 

[loady]

i think the problem is that i am looking for wireless bridge mode but it may be called something else, this is what i have on a quite advanced router with dd-wrt..
gateway
BGP
RIP2 router
OSPF router
vtysh OSPF BGP RIP router
OLSR router
router

 

[eibgrad]

Yes, you could use a dd-wrt router and reconfigure it as a wireless ethernet bridge. That would specifically be "client bridge" mode. But to be clear, that only addresses that one narrow part of the requirements.

 

[loady]

so to do this properly..im realistically going to be needing to use 4 routers, although i could have the wirless bridge also act as the router/dhcp server for neighbour it will affect the throughput ??..so i need another router connected to my router in my house to be configured as a wireless AP..then at neaighbours house, two routers, one to be the wirless client bridge and the other to serve as their router/dhcp server for house ?

 

[eibgrad]

Remember, I gave you the “ideal” architecture, the one that best preserves performance, security, and independence for each of you. In a world where cost was not a concern, that’s what you SHOULD do. But if you need/want to leverage existing equipment, then you can “cheat” a bit here and there, but usually w/ compromises in those same areas.

Consider the possibility (as you did) of using a router as both a wireless client and AP, using dd-wrt “repeater” mode (aka, WISP router). Yes, it would work. But it does this by toggling the one radio back and forth between those modes. And that potentially cuts your bandwidth in HALF. But if you keep them as SEPARATE devices, you now have TWO radios to work with, and you can use DIFFERENT freq/channels for each side, and thus preserving bandwidth (even response times since the toggling eats into that as well).

That’s a classic example of where you CAN do it differently, in this case combing two functions into one device, perhaps for the purposes of economizing. But it almost always comes at price. Only you can decide whether it’s worth it. Personally, unless you are really hard up for cash, I don’t think it is. A decent router (even dd-wrt compatible) can be had for $20-30, even less when a deal is available. But again, the choice is up to you.

Here’s another example. You could the dd-wrt router of your own network and offer up a second (virtual) SSID (or perhaps use any dual band router) and give your neighbor access to that SSID. It would definitely work. You’d simply be treating the neighbor as a guest network. But here again, it’s at a compromise. Now the neighbor is using your WAN, thus behind your network, eating your local bandwidth, subject to your firewall rules, port forwarding rules, etc. In short, wholly dependent on your router. Granted, you should be able to isolate the neighbor from your other resources (i.e., servers), but now every time you want/need to make a change to your router/network (reconfigure, shut it down for maintenance or vacation, reboot, etc.), you can't without possibly impacting the neighbor. That could be a real hassle, mostly for HIM. Now that Netflix movie he was watching just stops dead in its tracks. Little does he know loady is messin’ w/ the router, again.

Anyway, using 3 routers and a wireless ethernet bridge is the “ideal” solution. Whether you include the wireless ethernet bridge as the “4th" router is a matter of semantics. It comes down to 3 + 1, however you decide to divvy up the responsibilities.

 

[loady]

Little does he know loady is messin’ w/ the router, again.

That rang like my kids !! LOL

Maybe i should have said from the offset, i have lots of routers with dd-wrt installed and i have them coming out of my ears..so what i am getting at..expense is not an issue if i can, with dd-wrt installed, turn each router into its respective requirement for the project through the dd-wrt firmware...or will there be limitations in the hardware i am using..they are all D-link DIR 615 models..so will the hardware combined with dd-wrt let me make a wirless AP, an ethernet bridge and a repeater ?

 

[eibgrad]

There's nothing here that can’t be accomplished w/ dd-wrt routers. In fact, the only place that dd-wrt really comes into play is the wireless ethernet bridge. Beyond that, use anything you like (particularly for your respective private networks).

The unanswered question (as I alluded to previously) is range. IIRC, the DIR-615 isn’t known for its record breaking range/performance. So it’s possible you may need to upgrade that part of the architecture w/ a business class AP, external directional antenna, or even a point-to-point bridge between the homes. Of all the things that could be a problem, that seems the most likely, and with it come some additional expenses.

One other thing (I amended my initial response to include this, not sure if you noticed), once it’s working, and if you like it, you might want to consider getting TWO static public IPs, one for each of you. Now you can assign the pubic IPs to your respective routers (the primary router would be replaced-with/reconfigured-as a switch + wap) and manage your own public facing firewalls, which would enhance remote access.

 

[loady]

The delicacies of this are a little beyond my remit...the router radius reaches my neighbours house but literally with thier face stuck to the window so they cant roam around with devices, i was hoping that by having the router bridge thier end to recieve from the AP my end that they may meet half way, as i am sure the wireless antennas in the laptops and mobile device are quite poop, maybe this is not how it works, im certainly not going to spend money on enabling my neighbour to use my internet, i am doing them a favour afterall, i am only into this for the learning curve really.

 

[eibgrad]

Naturally, what you and the neighbor are willing to spend, if anything, are beyond what I can address. I'm only warning this is sometimes a stumbling block once you’re past the point of understanding the architecture. Laying out a plan on paper is one thing, deployment is quite another (it often reveals weaknesses).

Let’s keep in mind that we’re dealing w/ consumer-grade devices. They’re intended to serve a narrow purpose, namely, provide a decent wireless signal within a radius of perhaps 100-150 ft. And work best at 50 ft radius and under. That’s sufficient for most home use. But now you want to “stretch” it, and that as they say, is the 64k question. Good placement (maybe in second floor window), line of sight, directional antenna ( http://www.youtube.com/watch?v=YwW26jNWAQE ), etc., and it might all work out. Then again, maybe not.