I’ve researched this high and low and haven’t found any solutions and I’d very much appreciate some help.
I live and travel in a 5th wheel and have three internet connections. My primary router handles my local network and multi-wan for two of the internet connections. We have a third (cheap 4g) internet plan that I wanted to make available on a separate Wifi SSID so I purchased a Beryl for this purpose. Part of the goal here is to not use too much bandwidth for any single plan and to leverage the cheaper plans for longer/slower downloads such as Windows Updates and such.
The Beryl’s WAN port is tied to our 4g modem (which works well) and I want to connect the Beryl’s single LAN port to my primary router. What I want the Beryl to do is, when a client is connected via Wifi:
Route internet traffic locally through the WAN port (using my third internet connection)
Switch local traffic through to my primary router (DHCP from primary router, Beryl acting as a dumb switch)
Right now, I have the Beryl disconnected from my primary router and I can access the internet but not my local network. Would love the ability to connect to both (but NOT use the internet from the primary router).
Any help is appreciated! I’m proficient in Linux, SSH and such and can make config changes that way, if necessary.
… but you answer your question: yeah, I’m sure you could do it. Anything you don’t see within the GL GUI can be handled via LuCI (GL GUI → Advanced Settings) or via SSH to edit conf if you’re like me & don’t care for OpenWrt’s UCI.
Hypothetically it could just be a matter of setting the Beryl to set the Guest SSID’s client MACs to force’em to only use a specific interface (eg: tethering). iptables is used & Beryl interfaces are defined @ /etc/config/network. This might give something for a starting point:
You could try having Beryl repeat your main router’s Wi-Fi.
On Beryl, Ethernet is prioritized over trunking. It will use the WAN port to carry Internet traffic unless the WAN port is disconnected.
Thanks for your help bring.fringe18 and yuxin.zou,
I’d probably use just the Beryl for multi-wan except for the fact that it only has 1 WAN port and 1 LAN port and I have three internet connections (1x Starlink & 2x GSM Modem/Routers).
Repeating the main Wifi might work, but I’d prefer to avoid this as some of the RV parks have congested air waves and because I prefer using a hardline where possible.
Right now I have the Beryl, connected to my primary router (expensive Asus router) via the single LAN port and the WAN port to my third internet modem. Based on a conversation with ChatGPT and Bard, I’ve set my /etc/config/network to the following:
The modem’s subnet is 192.168.3.1 and the primary router is 192.168.1.1. Currently I’m able to connect to my local network but internet access is coming from the primary router rather than the Beryl’s WAN port. The AI’s suggest lowering the metric to WAN and increasing on LAN; this didn’t help.
I think the problem at this point is maybe the firewall, and I need to somehow tell the router to use the WAN port for local internet traffic. I haven’t had any more luck on this endeavor and would appreciate advice.
OK, so this where I’m leaving off for the night. I wasn’t able to find any issues with the Firewall however when I SSH into the Beryl and pull my internet IP address (curl ipecho.net/plain ; echo) or do a traceroute - I’m seeing the router itself is using the internet from it’s own WAN port (yes!). If I connect to the Beryl over Wifi, the internet connection is from my primary router (no!). Somehow connecting to the router over Wifi isn’t letting me connect to the internet on the Beryl’s WAN port.
I went into Luci and noticed that for both wireless interfaces that the “Network” only had “lan” selected and so I added “wan” to both antennas and rebooted but that didn’t resolve the issue.
My routing looks correct to me (I’m trying to force Wifi internet traffic to 192.168.3.1 which is the modem that’s connected to the WAN port):
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.3.1 0.0.0.0 UG 1 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 10 0 0 br-lan
192.168.1.0 0.0.0.0 255.255.255.0 U 10 0 0 br-lan
192.168.3.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
The routing looks fine but this is the routing table directly from the Beryl, not from my client device connecting to the Beryl over Wifi. When I try to access my modem’s admin page on 192.168.3.1 - it’s unable to connect as it’s routing over to my primary router which is 192.168.1.1.
/etc/init.d/network restart should help save some time instead of rebooting.
This is unsolicited advice, I know, but I think you'd be better served with the Flint or forthcoming Flint v2. Either would give you 4 LAN ports + WAN to reassign as you see fit... & for consolidation. This presumes the Asus unit uses a AC outlet of course.
I prefer to hardwire wherever possible too but congestion is directly correlated to distance. 2.4GHz penetrates obstacles/distance better than 5GHz for repeating/'backhaul' & no hotel/campsite is going to give you anything near the max. available bandwidth for 2.4GHz/802.11n.
Beyond that I think the folks over at the OpenWrt Forums might be better suited for such a custom setup if you're set on utilizing the Beryl.
I totally appreciate the advice bring.fringe18. I’ve never been a fan of these Asus mesh routers that I purchased a few years ago and have been waiting for a better option. I do think I’ll eventually swap out to the Flint v2. The thing holding me back from getting the first Flint was that I needed more LAN ports. I’ve been thoroughly impressed by the Wifi 6 capabilities of the Beryl - the speeds (at distance) have been much better than my other router and I would expect the Flint v2 to be the same.
Also - thank you for the suggestion on checking with the OpenWRT forums. I have time to kill and would love to up my networking skills so this is a good mental exercise.
Yeah, the Flint v2 looks like a killer bit of kit; 900 Mbps over WireGuard has me positively salivating.
Technically a 'cheap & cheerful' 5 port switch can expand that one required LAN port but... that kinda moves away from the whole consolidation benefit. Still, it's an option as IDK the ETA on the Flint v2.
If you're looking to kick your networking skills up a level then lemme give 'ya a few tips:
Current GL GUI builds are based on OpenWrt 21.02
it uses iptables for firewalling
Future builds are expected to be 22.03
Upstream switched to nftables so be away of potential syntax differences
OpenWrt can be run in a virtual machine (eg: VirtualBox)
Vbox's 'snapshot' feature allows me to bail out when 'f--- around & find out' goes horribly sideways.
Awesome ideas, thanks for the direction bring.fringe18.
I actually own that switch and have it on hand but we’re balancing a number of factors (weight + power usage) with what we can fit and do in this 5th wheel. Appreciate the suggestion though
