this post was submitted on 08 Jan 2024
25 points (93.1% liked)

networking

2813 readers
1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 1 year ago
MODERATORS
[email protected]
25
2 routers, 2 separate networks, 1 modem… how? (lemmy.ml)
submitted 10 months ago by [email protected] to c/[email protected]
19 comments fedilink hide all child comments
 

Hey all, I was wondering if anyone could help me work out how to do this? Basically, I have a stupid number of smart devices and my router has become increasingly unstable. I want to have all my IOT devices on one router and reserve the other for priority devices like phones and PCs.

I plan to put my IOT hub on 2G only and my primary hub on 6G and 6e only to avoid 2G congestion.

Problem is, if I connect both my routers to my modem, only one can connect to the internet. I tried putting a network switch between the routers and the modem, no dice.

Does anybody know how I can have 2 separate networks using 2 separate routers on a single modem? Both require internet connection but they don’t need to be able to communicate.

Thanks in advance for any help people can give :)

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 14 points 10 months ago (1 children)

One of them will have to go through the other. Ultimately your modem only allows one device attached to it, which is likely because it assigns a public IP address directly. So if you could plug two in, they'd have to give you two IP addresses. Given the tendency of going CGNAT already, they probably don't want to do that.

So you need a router that will talk to the modem. Ideally that'd be the best one of them. So like maybe plug the IoT router into the LAN of the main router, so it appears as one client instead of dozens of light bulbs, and set up some QoS and firewall rules to keep it isolated and throttled down if needed. Ultimately if neither of the routers can support all that traffic, you'll need a router upgrade because it has to converge to that point.

If you can flash an custom firmware like OpenWRT on it, you can do some pretty fancy things and really tune your network. Usually you can broadcast multiple SSIDs and put them in different VLANs and the likes. On some crappier models, the software improvements can really make a difference, or at least let you tweak it in a way you can squeeze a bit more out of it.

If both of them can get OpenWRT you might be able to distribute the NAT load across them where the primary router only needs to forward the traffic from the IoT router. Usually stateful connection tracking is what blow up and you run out of memory to keep track of them all, and the router can't process any more connections. And all those IoT devices probably open one or more connection to the cloud each, using up precious conntrack slots. So if you can avoid having to track the state of connections from the IoT router on the main router, it's freed up to process the rest of your traffic. On the main router, allocate a range of ports that unconditionally get forwarded to the IoT router. Then make the IoT router use that port range for its own NAT, and voilà, you now have two router's worth of NAT capacity because the primary router can now just blindly forward IoT<>modem as-is.

That said, I feel like it's worth the investment in a good router. I have zero regrets about my EdgeRouterX and Unifi AC-Lite 4-5 years ago. I just have two VLANs configured on the router, two matching SSIDs on the AP, two completely isolated networks on the same hardware. So it can easily NAT the two networks to my ISP, no hassle and a ton of headroom. Barely uses 5% of the CPU doing a gigabit speed test

[–] [email protected] 2 points 10 months ago

I love my ER3 lite and ER-X. I was totally surprised when they came out with a new firmware for it. It’s still beta but it was a relief to know they haven’t abandoned their edge routers.