In most cases, a traditional consumer router works best in only one scenario. It connects your wired/wireless LAN clients to an Internet provider via a single physical WAN port on the router. In FreshTomato, this concept has been abstracted. Each physical or wireless router interface can be customized to work as WAN or LAN interface. This allows for some creative scenarios. Let's discuss some common examples.

Previously, we discussed Wireless client mode, in which FreshTomato connects to another router/AP and serves Internet access to its Ethernet clients. In this scenario, the internal wireless chipset is used to provide connectivity and does not allow client devices of the client router to connect via WiFi. You might think of this as the reverse of the most common router setup. In the most common scenario, the router distributes Internet access from a wired connection to wired and WiFi clients. In Wireless Client Mode, the router distributes Internet access from a wireless router/AP only to Ethernet clients.

Wireless Client Mode can run on three types of devices:

1. Single band: These are usually low-end devices. You can connect to a remote AP, and FreshTomato
   will get an “external” IP address on the WAN interface (wl0 most likely). The router itself and its wired clients
   will use this as a gateway to the Internet.
   
   
2. Dual-band: Similar to above, but you have a secondary wireless chipset (probably “wl1”).
   This secondary interface can be set to operate in a different mode, such AP or WPS mode.
   Another potential scenario for dual-band devices is to have both wl0 and wl1 working in
   Wireless Client Mode,
   and use the MultiWAN function to allow the router/AP to perform either load sharing
   or active failover functions.
   
   
3. Tri-band: With these models, you have the flexibility of a third WiFi chipset to to use as you like,
   in various combinations of operational modes.

Let's consider some real-world scenarios to understand how these modes might apply in each scenario.

You have access to an external WiFi service at the front of your property, but the signal doesn't reach your WiFi enabled devices.

The Issue:

For this configuration, you'll need at a dual-band or tri-band device. Set up “wl0” as wireless client and “wl1” as an AP. On dual-band devices, the wl0 interface is usually 2.4 GHz, and wl1 is 5 GHz, so there's no risk of interference between the two.

Generally, a 2.4 GHz signal will travel further, so you should use that band to connect at longer distances. If your device is tri-band, ensure the two 5 GHz interfaces (regardless of the operating mode they're in) work on a non-overlapping frequency (channel). In this mode, your router will connect to the external WiFi and serve you an SSID. You wil connect to that SSID from within the property.

The Solution:

You have a wireless router/AP in one building and want to extend its LAN to a second building. Ideally, you would use a long Ethernet cable or fiber for this purpose.

The Issue:

However, this is not always possible. Both Wireless Ethernet Bridge and Media Bridge modes allow you to extend the LAN from one building to another.

If you have a large number of clients, and end-to-end LAN connectivity isn't a prerequisite, you might consider using Wireless Client mode. Doing so will stop broadcast packets from crossing the WiFi link, or at least reduce them to a minimum. Of course, intra-LAN (within the LAN) communication over that one wireless link will have limited capacity, but it will work well enough for low-bandwidth traffic. Setting the two wireless LANs to the same SSID username/password will allows clients to roam freely between buildings, retaining WiFi connectivity at both sites.

The Solution:

In this scenario, you have access to both physical connectivity (for example, a wired ISP) and wireless connectivity (such as a generous neighbour). Here, you might want a Dual WAN configuration, where the ISP on the physical WAN port acts as your primary WAN, and where, say, “wl0” might provide a backup connection. In this case, MultiWAN should be set with weight 1/0 (active/passive).

The Solution:

This is a Dual WAN Wireless Client mode scenario. Say, for example you have a Dual/Tri-band router and have access to two different WiFi Services (say public, street-based Wifi and a generous neighbour). You could configure wl0 as a wireless client for the public Internet and wl1 as a wireless client towards your neighbour's network. Then, if you have a Dual band model, you're left only with physical connectivity for your LAN. However, if you had a Tri-band model, you'd still have room to create a local SSID. Remember that Dual band models always have one 2.4GHz interface and one 5GHz interface. Tri-band models always have one 2.4GHz interface and two 5GHz interfaces. Consider this carefully during your planning, as some devices are likely to be 2.4GHz only. Another option would be to add a second local device (FreshTomato or otherwise) to handle LAN WiFi.

The Solution:

WiFi 6 is a superior technology, not currently supported by FreshTomato due to driver/kernel restrictions. If you need to cover a large area (say, with repeaters), you are advised to buy external WiFi 6 mesh equipment to handle LAN WiFi connectivity only and let FreshTomato perform all gateway (to the Internet) operations with WiFi disabled. if you will require functions like Guest WLANs or any sort of LAN separation, make certain that the WiFi 6 mesh system you select supports VLANs.

The Solution:

• WDS is a relatively old protocol to establish direct wireless connectivity between APs where the usage of a physical cable isn't possible. While the use of WDS is unrecommended since 2022, WDS can still be helpful in certain, less common scenarios.
• WDS is vendor-dependent, and might not benefit from the full intra-device airtime bandwidth.
• Finally, remember that currently, trunking over WDS is not supported. Thus, to extend an SSID/VLAN from AP1 to AP2 would work only for one bridge (such as “br0”). If you wanted to extend the secondary SSID/VLAN, you would need to use a secondary radio (such as 5GHz interface).
  In other words, 1 WDS link = 1 VLAN (max).