Any benefit to using a separate router for IOT network segmentation/isolation vs. using a guest wifi on my main router?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Waylo

Occasional Visitor
For the purpose of network isolation for my IOT devices, my current practice is to have a guest wifi on my Asus router set specifically for this. These devices have access to the internet but no access to each other or other elements of the LAN.

The same router also puts out wifi networks for:
1. my LAN @ 2.4hz with full interconnectivity
2. my LAN @ 5ghz with full interconnectivity
3. A separate guest wifi for actual house guests with the same network isolation as the IOT
4. Another IOT network where the devices can communicate within that VLAN. Some media devices, for instance, need to see each other.

As my home's IOT devices have increased, I have wondered if there is any benefit to using a separate router just to serve the isolated IOT devices.

Would there be any difference in speeds, etc? Would there be the potential for more network congestion?
 

L&LD

Part of the Furniture
No.

Depending on ISP speeds (both up and down), network usage, and client devices used (other than IoT).
 

HTBruceM

Regular Contributor
I agree with L&LD. IMO, the separate router does provide more robust isolation between the IoT devices and your main network. You would have completely separated networks, as opposed to the Guest Network where your isolation comes from some firewall rules.

But is the overall benefit of a separate IoT router (i.e. 3 dumb router design) worth the extra cost & effort? Doubtful.

I have Asus routers. Not only do they implement the typical isolation features, they also use separate subnets for each Guest network. Nice! (This might be a Merlin FW feature, I can't remember).
 

Waylo

Occasional Visitor
Appreciate the commentary. I happen to have another of my same RT-AC68U sitting around unused, running john's LTS build, so was considering this as a "why not?."

But if the router is perfectly capable of transmitting these multiple VLANs to dozens of IOT devices without performance issues, won't be necessary.
 

HTBruceM

Regular Contributor
Appreciate the commentary. I happen to have another of my same RT-AC68U sitting around unused, running john's LTS build, so was considering this as a "why not?."

But if the router is perfectly capable of transmitting these multiple VLANs to dozens of IOT devices without performance issues, won't be necessary.
Well technically the guest network provides similar functionality to a VLAN but it's not really equivalent to true a 802.11Q standard VLAN. And remember that the guest network is WiFi only - so you can't connect an ethernet device to it without using a bridge.

99% of the IoT devices use very little bandwidth, with the exception of display devices that can do Chromecast. Even the speakers are fairly low bandwidth utilization. While IoT devices may be "phoning home" to their company servers quite often, they are likely transferring very little data in the process - more like a simple "is there anything I need to do" message.

Either way, every device in your house is contending for your internet access, no matter whether you separate them internally on VLANs, their own routers, or on your guest network. Whether they aggregate traffic at your WAN or at some point downstream in your network, it's still going to occur regardless. :)
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top