My struggle to setup a Linksys WRT54GS v.4 in client-bridge mode

The problem

I’ve been fighting for weeks now trying to get my home wireless network to work smoothly. I’m living in an apartment in Ireland, built in the 1970’s, that has concrete walls for every single wall in the house. It does wonders for my wireless signal, and to date the only thing that has provided a decent (albeit not strong) signal in all rooms was a Linksys WAP54G.

I recently purchased my first Mac desktop (the wonderful Apple 27″ iMac with the quad-core i7 chip). It is a brilliant machine, the fastest I’ve ever owned, and I didn’t want to limit it with a slow wireless connection. My partner and I both have Mac laptops as well, and I wanted to see a speed improvement there too. Finally, we both have Wifi enabled phones, I have an iPod, there are a couple of AirPort Express for broadcasting iTunes music and sharing a printer, an AppleTV for renting movies, and a Popcorn Hour A-110 that we stream movies to (using one of the AirPort Express as a bridge).
To improve my network, I went with the latest Apple AirPort Extreme (Simultaneous Dual-Band II). My hope was that I could 802.11n at 5GHz for the Macs, and 802.11n and 802.11g at 2.4GHz for the rest. Unfortunately though, despite MUCH fiddling (trying lots of channels, fiddling with this that and the other, etc.), I kept running into problems. First off, the only place in the apartment where I could get a usable 5GHz signal (decent as defined by sustaining more than 3MiB/s transfers) was at the kitchen table about 5m away from the AirPort (through one wall). In my bedroom (about 10m away from the AirPort and through three walls) where the 27″ iMac is, I usually could get between 24-144Mbps signal (never constant) and could usually sustain around 1.7MiB/s transfers. And, I could not for the life of me get a good streaming signal – one that always worked without pauses – to stream movies to the Popcorn Hour in the living room (about 10m away and two walls). Sometimes, yes, but not always. This situation is actually worse than it was before!
I must say that I love the AirPort Express for its ease of configuration, and its IPv6 support, but it just isn’t working for me with the vast amount of concrete I have.

To try to solve my problems with my iMac, I decided to configure an old Linksys WRT54GS I have in a client-bridge configuration. The Linksys has two spiffy antennas with potentially better gain than the built-in antenna of the iMac. I chose the WRT54GS as it has a built-in switch – which would be nice to have in the bedroom – whereas the WAP54G I used in the past has only a single port.
As it turns out, after spending literally hours trying to get such a configuration working, the solution was incredibly simple. I found lots of interesting but conflicting information on the web about how to do this, but was unable to get any of it to work. I must be honest and state that I did not want to use the nvram command to do the configuration. I just find that such by-hand configurations are hard to reproduce should I need to someday, and prefer to have a documented, easy-to-understand, and repeatable solution instead.
I finally decided to forge ahead without docs to see what I could get going.
The solution


This section assumes a cleanly installed OpenWrt firmware on the router. (See below on how to reflash with TFTP if you need.) It also assumes you are logged into the more advanced Administration mode (not the default Essentials mode) of the OpenWrt interface.
Configure the WAN interface (Network > Interfaces > WAN)
I changed nothing here.
wan
Protocol: DHCP
Bridge interfaces: unchecked
Interface: eth0.1
Zone: wan
Configure the LAN interface (Network > Interfaces > LAN)

My local network subnet is 172.18.0/24 so I placed the LAN interface within that subnet. By doing this, I can telnet into the router without needing to specially configure a machine to talk to it.
lan
Protocol: static
Bridge interfaces: checked
Enable STP: unchecked
Interface: eth0.0
Zone: lan
IPv4-Address: 172.18.0.11
IPv4-Netmask: 255.255.255.0
IPv4-Gateway: 172.18.0.1
DNS-Server (added): 172.18.0.1
Click Save.

Configure the wireless to join my existing network (Network > Wifi > WL0)
Device wl0
enable: checked
Channel: auto
Transmit Power (dBm): 70
802.11h (added): checked
WMM Mode (added): checked
Interfaces
ESSID: KWAB
Network: lan
Mode: Client
Encryption: WPA2-PSK
Key: ******* (I’m not giving that up!! 😉 )
Click Save.
Switch (Network > Switch)
The Linksys WRT54GS v.4 uses slightly different VLAN ports than other routers. Basically, the WAN port is #0, whereas most other routers it is #4. I updated accordingly.
ETH0
ethX.0: 0 1 2 3 5*
ethX.1: 4 5
Click Save.
DHCP (Network > DHCP)
DHCP is enabled by default. It must be disabled. Uncheck the Dynamic DHCP option.
Click Save.
Apply all the changes (Changes > Save and Apply)
Once the settings are applied, the router should be pingable at 172.18.0.11 and the normal network should also be accessible using normal means (in my case DHCP). I have noticed that the router sometimes gets confused at this point, and a simple reboot [by pulling the plug] fixes that.
Enable multicasting
By default, the network interfaces do not support the full set of multicasting required for Bonjour and mDNS to work (two things I can’t live without with my Macs). To get them going, we need a quick shell script.
Edit the /etc/firewall.user script, and add these lines to it:
# enable full multicasting
for iface in br-lan eth0 eth0.0 eth0.1 wl0; do
ifconfig ${iface} allmulti
done
Run the script to setup the multicasting. In case you were wondering, Tte script will be executed automatically by the firewall script on subsequents boots.
We’re done!
The Result
After all was said and done… I still wasn’t happy 🙁
The iMac talking directly to the AirPort Extreme (jumping between 24-144Mbit/s as reported by the AirPort) was usually able to sustain 1.7MiB/s transfers, while the Linksys (jumping between 18-54Mbit/s as reported by the AirPort) could usually sustain only around 400KiB/s, more than 4x slower. Grumble.
I also use IPv6 on my network, but the Linksys isn’t bridging it through. It means when I do lookups for addresses like freenas.local (my NAS) I get the IPv6 address which I cannot talk to. There is probably a solution to that, but I haven’t looked into it yet.
In any case, back to the drawing board.
References
OpenWrt release: Kamakaze 8.09.2

Reflashing with TFTP
More than once, I locked myself out of the router during my fiddling. Luckily, OpenWrt has a default boot mode one can go into by holding down the reset button during power-on, releasing it once the DMZ LED lights. In this mode, the IP of the router returns [temporarily until reboot] to 192.186.1.1, and it allows telnet access without a password. Using telnet, I was able to manually erase the firmware, then reflash new firmware with TFTP.
To reset the router, I followed these steps:
  1. Placed a copy of OpenWrt in my ~/Downloads folder
  2. Changed to my ~/Downloads folder
    $ cd ~/Downloads
  3. Set a static IP on my laptop to 192.168.1.2
  4. Added a manual ARP entry (needed later for TFTP) to 192.168.1.2 (valid for OS X 10.5/10.6)
    $ sudo arp -s 192.168.1.1 00:16:b6:1e:a2:3f
  5. Telnetted into the router. For this to work, you must be plugged into the LAN portion of the router (the switch section) and not the WAN port (the Internet port).
    $ telnet 192.168.1.1
  6. Erased the flash on the router
    # mtd erase linux
  7. Pulled the power out of the router
  8. Started TFTP on my laptop
  9. $ tftp 192.168.1.1
    tftp> mode binary
    tftp> rexmt 1
    tftp> timeout 90
    tftp> trace
    Packet tracing on.
    tftp> put openwrt-wrt54gs_v4-squashfs.bin
  10. Plugged the router back in
  11. Waited for the firmware to flash. You should see something similar to this if the upload works:
    sent DATA 
    received ACK
    sent DATA
    received ACK
    ...
    sent DATA
    received ACK
    Sent 2166816 bytes in 61.9 seconds

    The number of blocks will of course be different for the release of OpenWrt you use.

The router will reboot on its own, and become available on the IP 192.168.1.1.