2 Family Networking w/OPNSense & Asus routers

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Vexed

New Around Here
I'll be moving to a joint property with relatives. Second floor for them, first floor for us. We'll be sharing one gigabit line since it's a better value. I'm in charge of setting up networking, segmenting it, etc. I only have a vague idea of what I'm doing. Anyone done a similar project and have any tips? I'll just leave what I did here as a log in case anyone finds this useful.

-The internet enters the property on the first floor
-We just ran Cat6A between the floors/rooms
-We also ran Cat6A for POE cameras since we had a lot. I ran all of those cables to the first floor because I couldn't think of a good solution that didn't make my head hurt.
[Cameras -> Dumb POE Switch -> Shinobi NVR -> edge router] -> UPS

Current inventory:
-3x ASUS RT-AC68Us on Merlin-WRT currently in use
-Dumb POE switch
-Handful of 1GbE dumb switches
-Leftover Cat6A
-Cameras + old PC for it + UPS
-WIP OPNSense box (see below)

Will put at least one 68U on each floor as a dumb AP/switch. The 68Us might support port-based VLAN but it's not officially supported.

Problem:
We'd love to have separate LANs for each floor + a LAN/VLAN to dump the camera equipment, maybe QoS the gigabit line so each LAN gets half when loaded (doubt it). The Asus routers are great but I honestly don't think they can route at gigabit speeds. I know they can't QoS that well. Basically I needed something to go between the modem and all of our existing networking stuff, I think you call this an edge router.

Solution:
Bought an AMD GX-424CC thin client for $55 and an Intel I350-T4 for $50. Installed OPNSense. It definitely routes gigabit out of the box with minimal configuration. The box has a total of 4+1 interfaces, this should be enough hopefully.

If you don't see yourself doing virtualization ever an I340-T4 is $35 instead.

Caveats with solution:
-Can't enable Intrusion Prevention or it's too slow for gigabit but I already knew this
-Not sure how to set up QoS yet, can't test it

Questions:
How would you share something across LANs like a wireless HP printer if you really had to? Can the routing be done with just IP addresses?
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top