I have two separate sites: Site A and Site B. Each have their own subnet: 192.168.0.1/24 and 192.168.1.1/24, respectively. Both have the subnet mask of 255.255.252.0. They each have their own gateway and DHCP server. There are servers on both sites. Each site accesses the Internet through their own gateway. Site A has a router running AdvancedTomato and Site B has a router running OpenWRT.
I would like to somehow connect both networks over the internet in such a way that all the devices on either network can see each other. However, either site should access the internet through their own independent gateways; any new devices added at each site should obtain IP from that site's DHCP server. In the future, if there are more Sites, I would like to add them to the setup such that the third Site would see all other Sites' computers.
Is this a possibility? What do I need to accomplish this?
Any advice or instructions would be helpful. I think my low knowledge of networking is preventing me from finding the answer with the right keywords.
12 Answers
Have a look at tinc, it's made exactly for this kind of situation. On each site, one computer runs tinc (that can be the router), and this computer will see an extra network interface which you should add to the site network. Then you need to set up routing, and clients in network A will be able to reach clients on network B under their 192.168.1.* address, and vice versa.
They behave like they are in different LAN segments, so protocols needing broadcasts on a single LAN segments (Apple Bonjour etc.) won't span both networks, unless you do add multicast routing demons.
1In general, you have a NAT router to the Internet. If you want to connect the two networks, you need to do some tunneling and routing. Your choice in tunnels is almost limitless (GRE, IPSec etc.), but I suggest you have a look at openvpn. Not just because both Advanced Tomato and Opwnwrt support it, but also because it is RELATIVELY well documented and easy to install.
In general (which means: if you have not installed helpers/forwarders on the router), DHCP will not leave your layer-2 network. So the reply will always come from you local DHCP server.
If you run the Openvpn on the routers, you may not even need to set a specific route/ static route on your servers.
So yes, it is possible. And this reply should give you enough keyword to get the right answer :-)
2
