Edgerouter X + Huawei B618s-65d Wireless Broadband unit

Forums › Spark New Zealand (including Skinny and BigPipe) › Edgerouter X + Huawei B618s-65d Wireless Broadband unit

AndyT

163 posts

Master Geek

#275616 31-Aug-2020 22:37

Does anyone have experience of using the Edgerouter X with the Huawei B618s 65d LTE Spark combo? I'm keen to explore what the ERx (and Ubiquiti generally) has to offer but I'm a bit concerned as to compatibility with the Huawei unit.

Once the ERx is set up and configured, I was hoping to take a feed from the B618 into eth0 and reticulate from eth1, 2 & 3. However I can't see the ability to put the B618 in bridge mode so instead was intending to switch off DHCP and Firewall with the ERx doing that. I might if possible and in the short term use the B618 WAP as one of several WAP's (re-purposed de-commissioned routers) around the house. I'm intending to rationalise the WAPs down to two Unifi PoE WAPs as soon as funds permit!

Questions I have with this proposed setup are:

does switching off DHCP & Firewall on the B618s effectively achieve bridging, or will I be at risk of double NAT and if so is that likely to be a problem in practice in a domestic environment?
can I use the Huawei WAP as well as the modem function and just switch off its routing funcionality?

All advice appreciated.

Thanks & regards,

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2557706 6-Sep-2020 07:48

Hi, so yes the default subnet of the 618 is 192.168.1.0/24 with the interface 192.168.1.254, if I am correct, and yes the ERX needs to have a different lan, and taking your comment lets make it 192.168.10.0/24 with the interface 192.168.10.1, I will assume you will sort all the dhcp server and pool to suit., plus DNS

You dont need to turn the 618's DHCP server off assuming you set the WAN of the ERX statically as in the following paragraph.

Now you need to add a WAN interface to the ERX, this will typically be eth0 and put it in the 618's lan, so make it say 192.168.1.20/24, also adjust the System gateway of the ERX to point to 192.168.1.254, this is set on the main system setup screen, ie top level.

To turn the NAT off on the ERX its under the Firewall, there is a NAT tab, under Source NATs there will be a default rule that Masqurades to eth0, delete that.

Now on the 618, I dont have one in front of me, but it definitely supports the following.:

Add a static route, this should be set for subnet 192.168.10.0/24 (or possibly as 192.168.10.0 255.255.255.0 format) and this should have a next hop of 192.168.1.20 (ie the wan of the ERX)

You should also turn on the DMZ in the 618 and point it to 192.168.1.20, now any incoming new connections will be forwarded to the ERX and any port forwards only soley handled by Destination NATs in the ERX, this of course assumes you are not behind the ISP CG-NAT, in which case you cannot port forward anything. This essentially bypasses the 618s inbound firewall, the 618s outbound should essentially be open by default, if there is any switch to turn more of it off then go for it, as I say I dont have one in front of me to see.

That should be it, just connect the LAN interface of the 618 to the WAN of the ERX and it should work, let us know how you get on.

Cyril

snnet

1410 posts

Uber Geek

#2557710 6-Sep-2020 08:07

I've been trying to do something similar off and on as well but I can't actually see where I can add a static route on the 618s - it just has the basics from what I can see like DMZ (at least, unlocked on the device on spark)

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2557715 6-Sep-2020 08:16

Ahh, thats a bugg3r, I was pretty sure it was an option when I last looked at one.

Cyril

AndyT

163 posts

Master Geek

#2557874 6-Sep-2020 13:17

Many thanks guys.

Makes me nervous, but I guess I'll take courage into my hands and give it a go and let you know how I get on!

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2557879 6-Sep-2020 13:26

Hi if you cannot do routes then the double nat is going to be a problem, ie you will need to leave nat on the erx.

Cyril

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2557900 6-Sep-2020 14:18

Hi if you cannot do routes then the double nat is going to be a problem, ie you will need to leave nat on the erx.

Cyril

Mph

8 posts

Wannabe Geek

#2568882 21-Sep-2020 01:07

If you are doing double NAT, i.e. Internet -> B618 -> ErX -> LAN it is kinda tricky and I wouldn't recommend it. However I believe it is possible.

You will need to create two networks on the ErX (e.g. the B618's default subnet) and another new network for LAN clients.

Then there needs to be a static route between the interfaces on the ErX. If you cannot setup a static IP address on the B618 outbound interface (but it is a DHCP server), you will need to set eth0 on the ErX to DHCP. Then create a static route from eth0 to another interface, or bridged interface, on the ErX (where you can setup another DHCP server for LAN clients)

Routing performance is significantly reduced when bridging eth1, 2, 3 on the ErX as it is a software bridge. It degrades throughput considerably (i.e. 1Gbps is now 100Mbps) so having a switch connected to your LAN clients outbound interface on the ErX is desirable.

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

AndyT

163 posts

Master Geek

#2571538 21-Sep-2020 20:30

Many thanks Mph.

I've taken on board everyone's feedback in this and my other thread and will read and re-read yours to ensure I fully understand it.

However I must admit, as a network noob, to being a little overwhelmed by the deep technical and logistical understanding required for what I thought would be a relatively straightforward set-up, having successfully configured and used bridged Apple Airport Extremes and Timecapsules for many years and now keen to migrate to the Ubiquiti ecosystem.

I keep hoping that someone out there will come up with a complete set of steps (having done it for their own system) for the end-to-end process of connecting the ER-X to the B618s as modem connecting to the Spark rural WBB by PPPoE with CG NAT and which cannot be bridged. Alternatively if anyone can categorically say I'm trying to achieve the impossible, I'd close the book on it.

In the meanwhile I've kind of given up trying and re-trying different configs so many times without success, but still very interested to hear from anyone with an "idiots guide" per the above para!

Thanks & regards,

Spyware

3761 posts

Uber Geek

Lifetime subscriber

#2571541 21-Sep-2020 20:45

You can Google for the most basic ER-X config with DHCP on WAN interface, which would be 95% of examples amongst the ton of resources. Change the LAN side network on ER-X so as not to conflict with network assigned by Huawei on ER-X WAN and connect them. double NAT.

You should be able to achieve the above in a few minutes following the wizard (as long as you realize you cannot have same network on WAN and LAN or the ER-X won't route anything.).

Spark Max Fibre using Mikrotik CCR1009-8G-1S-1S+, CRS125-24G-1S, Unifi UAP, U6-Pro, UAP-AC-M-Pro, Apple TV 4K (2022), Apple TV 4K (2017), iPad Air 1st gen, iPad Air 4th gen, iPhone 13, SkyNZ3151 (the white box). If it doesn't move then it's data cabled.

AndyT

163 posts

Master Geek

#2574761 26-Sep-2020 20:59

I've cracked it at long last!

I now have a stable internet connection, although from a "traceroute" on Mac OS terminal, I can see I'm double NATing, but it doesn't seem to be the end of the world.

Many thanks to all those who gave me advice .... and particular thanks to Spyware who's 21/09/20 20.45 posting re-energised my efforts after a bit of self-doubt crept in about it all.

Now for the fun bit of learning about and implementing a couple of VLANs.

Thanks & regards,

Mph

8 posts

Wannabe Geek

#2580405 7-Oct-2020 00:43

Nice job!