I have been doing more reading and playing around with no success. I am starting to wonder if I just need to configure the whole thing differently. Everything was actually working except for one thing that started me on this path. That was NTP not connecting/working on the N66U. Let me give a better description of what I now think my setup should be.
The N66U is the center of the network. I use both bands 5 for machines to connect to and 2.4 for WDS to get some remote coverage. It also acts as my DHCP server. But it doesn't need to do NAT or any firewall stuff. That is handled by the MBR95 that has the modem and provides my Internet connection out here in the sticks.
MBR95 has static address of 9.1 no DHCP, no force DNS , N66U has 9.33 and provides 9.100-9.200 with DHCP. MBR95 and N66U are connected with ethernet via their respective LAN ports. 9.100 can ping/connect to everywhere. 9.33 can ping everything 9.x except for 9.1 and internet addresses. But it does correctly bridge/route everyone elses packets. I would think this would work and from the perspective of 9.100 it does. Just that small issue on 9.33
Should I go to something that might be more traditional.
MBR95 8.1 with no DHCP, no force DNS. N66U WAN get 8.2 and set to be STATIC. Connect these two with ethernet via LAN on MBR95 WAN on N66U.
Set LAN to 9.1 with DHCP still serving LAN 9.100-9.200
Turn on Internal DNS on N66U, Firewall to Router
MBR95 to 9.1 with DHCP/DNS serving. N66U WAN to static 9.2, LAN static 9.3 , Firewall to GATEWAY, no Internal DNS, GATEWAY is 9.1 with 9.1 as DNS server also.
Or just forget that NTP isn't working in the N66U and call it a day?
Thank you for any insight/explanations.
I have been using Tomato for a long time now, and this particular configuration has me stumped. It would be easier to just let the MBR95 do more, but I have had to switch the Internet connection several times and try to keep a stable network setup outside of it. That is why I let the N66U do more.