For owners of a Fritz!Box router, the vendor AVM offers two interesting features in order to improve your home network:
If you want to combine both features, the Fritz!Box can act as a master and control the guest network seetings of the repeater.
In my setup, I connected the Fritz!Repeater via ethernet cable with the Fritz!Box and use it as an additional access point for the same WLAN as the Fritz!Box itself is providing. Of course, I not only want to extend the normal net, but also the guest network.
If you have multiple wireless networks, each acts as a broadcast domain and is therefore normally mapped to a VLAN in the wired domain. I got curious, as I plugged a non-VLAN-enabled switch between the Fritz!Box and the Fritz!Repeater and the guest network separation still worked.
Therefore I investigated how the Fritz!Box and the Fritz!Repeater communicate and I publish it here for further reference.
It turns out that the Fritz!Box tunnels the guest network between the router and the repeater via L2TP. This allows fine-grained control of all traffic and access on the Fritz!Box itself. The following settings are required in Wireshark in order to decode the traffic properly:
In this screenshot you can see a decoded Wireshark trace of an IPv4 broadcast packet, which was sent over the guest network:
You can easily see how the IP range of the guest network (192.168.179.0/24) is transported in the tunnel over the main network (192.168.42.0/24).
— Jun 21, 2015