Any Draytek 2820 experts about?
04 April 2011, 09:50 PM
#1
Any Draytek 2820 experts about?
Bit of a complex one this:
Is there a way to bridge or create an open pathway (no firewall) between the LAN and WAN 2
WAN2 is actually another network in a sperate building served with its own seperate internet by another ADSL modem/firewall (so no risk to being open to nasties from the internet).
What I want is PCs on both networks to see and access each other freely. But keep the firewall active on WAN1.
The user manual has too many acronyms for me make sense of it all (I'm getting old
). My current bodge is to use a switch to bridge the WAN2 to the LAN, it works (suprisingly), but I'm sure its not a healthy way to route data.
I know the ideal way would be to have both ADSL lines comming into the same building, but this is not possible.
Is there a way to bridge or create an open pathway (no firewall) between the LAN and WAN 2
WAN2 is actually another network in a sperate building served with its own seperate internet by another ADSL modem/firewall (so no risk to being open to nasties from the internet).
What I want is PCs on both networks to see and access each other freely. But keep the firewall active on WAN1.
The user manual has too many acronyms for me make sense of it all (I'm getting old
). My current bodge is to use a switch to bridge the WAN2 to the LAN, it works (suprisingly), but I'm sure its not a healthy way to route data.I know the ideal way would be to have both ADSL lines comming into the same building, but this is not possible.
05 April 2011, 12:59 PM
#2
Found some tarty layout diagram software so I thought I'd post the layout topology (its not as smart as it looks...its a 40metre cable run between the buildings and most of those PCs are Pentiums IIIs 
)
Basically, the incomming cable to building 2 is now split with an extra switch; one cable going from the switch to a LAN port on the Vigor 2820 and another going from the same switch to the WAN2 port on the 2820.
It works; I get load balancing and redundancy if either ADSL line fails and I can see the devices on both networks from either building, so am I best just to leave it alone as it is?
Although I'd prefer to eliminate the extra switch - I'm sure there is a way to configure the 2820 to do this. But I'll be damned if I can see how.
)Basically, the incomming cable to building 2 is now split with an extra switch; one cable going from the switch to a LAN port on the Vigor 2820 and another going from the same switch to the WAN2 port on the 2820.
It works; I get load balancing and redundancy if either ADSL line fails and I can see the devices on both networks from either building, so am I best just to leave it alone as it is?
Although I'd prefer to eliminate the extra switch - I'm sure there is a way to configure the 2820 to do this. But I'll be damned if I can see how.
Last edited by ALi-B; 05 April 2011 at 01:05 PM.
05 April 2011, 07:24 PM
#3
Scooby Regular
can you create a DMZ between the WAN2 and LAN
the DMZ option on these sort of routers is uusually just a way of forwarding all traffic to an interface anyway
presumably you have configured a routing protocol -- where does the Load Balancing logic sit btw
the Router must be quite sophsiticated bit of kit
the DMZ option on these sort of routers is uusually just a way of forwarding all traffic to an interface anyway
presumably you have configured a routing protocol -- where does the Load Balancing logic sit btw
the Router must be quite sophsiticated bit of kit
07 April 2011, 09:48 PM
#4
Scooby Regular
Join Date: Nov 2001
Posts: 2,576
Likes: 0
Received 0 Likes
on
0 Posts
That sounds an odd setup to me.
How about buying another switch for office1 linking to office2, unplug all lan connections from office1 router and into the new switch, configure the office1 router for bridge mode and wire this direct to the wan2 port on the Draytek in office3. Just sounds more logical...
I don't think that Draytek does load balancing? Possibly only supports failover for the wan ports?
How about buying another switch for office1 linking to office2, unplug all lan connections from office1 router and into the new switch, configure the office1 router for bridge mode and wire this direct to the wan2 port on the Draytek in office3. Just sounds more logical...
I don't think that Draytek does load balancing? Possibly only supports failover for the wan ports?
08 April 2011, 12:12 AM
#5
Had a sit down and tried to work through it today.
Basically I've come to the conclusion the 2820 doesn't support this. The WAN2 socket is only intended for WAN use via direct connection to a modem, so trying to use it to accomodate mixed LAN and WAN traffic is never going to work properly.
The only other way round it is to run another cable between the buildings, and thats no small job. They are 20mtres apart and the current cable is ran underground somewhere. This reason why the second ADSL line is in the another building is beacuse the second phone line runs via an overhead telegraph pole...one to one building, the other to the other (the only reason why we have the second ADSL is because it came free with the call package).
Of course I could join the LANs via wireless LAN, which frees up the cable, but I don't know what it is interferring in this area, but Wireless LANs just do not work over any decent range here....10metres, if I'm lucky, even with 802.11n. Short of sticking up some external Yagi antennas there is little else to improve it.
I could use the unused twisted pair in the cable, but that would rule out any future upgrade to gigabit LAN (not saying I would, but the NAS does max it out when doing a big backup job, so the extra bandwidth would be nice).
So, joining the WAN2 to the LAN with the switch, as odd as it appears is actually the easiest way round it. Well, put it this way, it works.
Oh well suits this place; bodge on a bodge on a bodge - It comes to be expected when the network comprises of a flakey Belkin modem, £15 switches of dubious age/makes and computers that were made in the last century.
Basically I've come to the conclusion the 2820 doesn't support this. The WAN2 socket is only intended for WAN use via direct connection to a modem, so trying to use it to accomodate mixed LAN and WAN traffic is never going to work properly.
The only other way round it is to run another cable between the buildings, and thats no small job. They are 20mtres apart and the current cable is ran underground somewhere. This reason why the second ADSL line is in the another building is beacuse the second phone line runs via an overhead telegraph pole...one to one building, the other to the other (the only reason why we have the second ADSL is because it came free with the call package).
Of course I could join the LANs via wireless LAN, which frees up the cable, but I don't know what it is interferring in this area, but Wireless LANs just do not work over any decent range here....10metres, if I'm lucky, even with 802.11n. Short of sticking up some external Yagi antennas there is little else to improve it.
I could use the unused twisted pair in the cable, but that would rule out any future upgrade to gigabit LAN (not saying I would, but the NAS does max it out when doing a big backup job, so the extra bandwidth would be nice).
So, joining the WAN2 to the LAN with the switch, as odd as it appears is actually the easiest way round it. Well, put it this way, it works.
Oh well suits this place; bodge on a bodge on a bodge - It comes to be expected when the network comprises of a flakey Belkin modem, £15 switches of dubious age/makes and computers that were made in the last century.
Last edited by ALi-B; 08 April 2011 at 12:14 AM.
08 April 2011, 06:35 AM
#6
Scooby Regular
Join Date: Nov 2001
Posts: 2,576
Likes: 0
Received 0 Likes
on
0 Posts
How about running the cable between the buildings just on the lan. On the pc's configure 2 default gateways with different metrics? Assuming you are running on the same subnet across all the offices. Never actually tried this before.
08 April 2011, 09:00 AM
#7
Scooby Regular
keeping this really simple -- if building A and B are on different LANS/Subnets at some point you are going to need routing logic performed
i.e. - "anything for a network i know nothing about forward to this interface" and "anythinng I know that matches (the other LAN subnet) forward to this interface"
this routing logic can either be as static routes on the clients -- or on the routers themselves.
the firewall bit is irrelevant for the moment.
i.e. - "anything for a network i know nothing about forward to this interface" and "anythinng I know that matches (the other LAN subnet) forward to this interface"
this routing logic can either be as static routes on the clients -- or on the routers themselves.
the firewall bit is irrelevant for the moment.
Trending Topics
08 April 2011, 10:48 AM
#8
In terms of lazyness, I went one step further and stuck it all on the same subnet, disabled the other modem's DHCP and changed its gateway IP, so the Draytek acts as the main gateway and DHCP server for everything, and basically the whole network is seen as one single LAN. I'm ok with that, makes the firesharing easier to configure.
Basically, the main reason being is Iwant to avoid that Belkin crap doing any more than what is absolutely necessary hence no subnet or any static routes. All it is now is a gateway, switch and wireless AP for that particular office. So if it throws a wobbly (which it does if the NTP server doesn't repsond) it only affects the one PC and printer, whereas before it would knock out everything.
The Draytek acts as the primary gateway and I have entered the second gateway's IP into the WAN2 settings. That automatically switches between either gateway depending the traffic on each WAN connection.
Is there any real reason why one building should be on different subnet? I suppose I could put the Belkin's IP on a different subnet just to prevent any PC auto detecting it as a primary gateway (hasn't happened...yet).
Short of erecting telegraph poles or digging trenches to find the duct going between the buildings, running extra fresh cable between the buildings is not possible. I had enough of a game trying to justify the expense of this new modem 
I'd love to just rip everything out and start a fresh 
Basically, the main reason being is Iwant to avoid that Belkin crap doing any more than what is absolutely necessary hence no subnet or any static routes. All it is now is a gateway, switch and wireless AP for that particular office. So if it throws a wobbly (which it does if the NTP server doesn't repsond) it only affects the one PC and printer, whereas before it would knock out everything.
The Draytek acts as the primary gateway and I have entered the second gateway's IP into the WAN2 settings. That automatically switches between either gateway depending the traffic on each WAN connection.
Is there any real reason why one building should be on different subnet? I suppose I could put the Belkin's IP on a different subnet just to prevent any PC auto detecting it as a primary gateway (hasn't happened...yet).
How about running the cable between the buildings just on the lan. On the pc's configure 2 default gateways with different metrics? Assuming you are running on the same subnet across all the offices. Never actually tried this before.
I'd love to just rip everything out and start a fresh
08 April 2011, 11:19 AM
#9
Scooby Regular
if i read the above correctly -- all traffic will be going out of 1 WAN router unless you put a static route on the clients in site X to go out of the DG interface in Site X
so you only need 1 adsl connection
so you only need 1 adsl connection
08 April 2011, 12:05 PM
#10
The Draytek gateway 192.168.1, the gateway of the Belkin is set at 192.168.1.90.
In the Drayteks's WAN2 settings menu I've manually entered the IP of the Belkin (192.168.1.90), the status report shows that it is connected to it and happily getting traffic to and from it. (I've restricted the DHCP pool to only use 192.168.1.2 to 192.168.1.50)
Default gateway to all the PCs is 192.168.1.1 . So internet traffic goes to the Draytek and then the Draytek dicates which route it takes through one of its two WAN ports (WAN1 or WAN2). The only thing awkward here is the switch (not in the diagram) which is essentially joining the WAN2 port to one of the LAN ports on the Draytek as well as connecting to the other building (and this is what I was trying to eliminate in my first post - unsucessfully).
All I can say the current setup does work, any PC can use one of either ADSL connections. Say if I went onto http://whatismyipaddress.com/ Sometimes it'll show up with the IP of my one ADSL connection, sometimes it'll show the other. Currently its random (I can configure manual load balancing policies but its all on default now). If I set one PC on a huge download, If I log onto another PC and check its internet IP, I find its usually using the other ADSL connection.
The Drayteks's maintenance section has graph display showing the traffic through each WAN and it appears to show that it is automatically balancing traffic through both ADSL connections.
In the Drayteks's WAN2 settings menu I've manually entered the IP of the Belkin (192.168.1.90), the status report shows that it is connected to it and happily getting traffic to and from it. (I've restricted the DHCP pool to only use 192.168.1.2 to 192.168.1.50)
Default gateway to all the PCs is 192.168.1.1 . So internet traffic goes to the Draytek and then the Draytek dicates which route it takes through one of its two WAN ports (WAN1 or WAN2). The only thing awkward here is the switch (not in the diagram) which is essentially joining the WAN2 port to one of the LAN ports on the Draytek as well as connecting to the other building (and this is what I was trying to eliminate in my first post - unsucessfully).
All I can say the current setup does work, any PC can use one of either ADSL connections. Say if I went onto http://whatismyipaddress.com/ Sometimes it'll show up with the IP of my one ADSL connection, sometimes it'll show the other. Currently its random (I can configure manual load balancing policies but its all on default now). If I set one PC on a huge download, If I log onto another PC and check its internet IP, I find its usually using the other ADSL connection.
The Drayteks's maintenance section has graph display showing the traffic through each WAN and it appears to show that it is automatically balancing traffic through both ADSL connections.
Last edited by ALi-B; 08 April 2011 at 12:08 PM.
08 April 2011, 07:05 PM
#11
Scooby Regular
Join Date: Nov 2001
Posts: 2,576
Likes: 0
Received 0 Likes
on
0 Posts
Short of erecting telegraph poles or digging trenches to find the duct going between the buildings, running extra fresh cable between the buildings is not possible. I had enough of a game trying to justify the expense of this new modem I'd love to just rip everything out and start a fresh
I'd love to just rip everything out and start a fresh
09 April 2011, 11:53 AM
#12
Thats kind of what I was trying to do, but I can see no way with the 2820's options to internally get it to use a LAN port for secondary WAN traffic and still achieve load balancing/redundancy between both ADSL connections.
Seem its only works when it is connected to both the WAN1 and WAN2 sockets.
Seem its only works when it is connected to both the WAN1 and WAN2 sockets.
Thread
Thread Starter
Forum
Replies
Last Post
The Joshua Tree
Computer & Technology Related
18
11 September 2015 09:24 PM
