What's new

Bridging to another network via MACID?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

PcGuy

Occasional Visitor
Looking for some help / suggestions

ISP Modem/Router1 >> Switch1>Device 1
>Device 2
>Network Printer

ISP Modem/Router2 >>> Router (dd-wrt)>>Switch2>Device 3
>Device 4
>>Device 5
>>Device 6

The dual ISP Modem/Routers are a bit over kill but it is a result of signing a deal with the ISP for lower rates that they are giving us 2 modem/routers.

I need to subnet off devices 4,5 and 6 from the ISP router hence the router (dd-wrt) use.
The devices 3 & 4 are at location in the building where running a second cable is difficult so they are both using the same wired cable for all their traffic. I want to bridge/route all traffic for device 3 over to ISP modem/Router1 and have that router do DHCP for devices 1 -3 and the network printer.

Do I do this bridging via MACID of device 3?

Any help regarding this would be greatly appreciated as I am banging head against desk here ;)
 
I'd handle this by putting both ISP/router combo units into bridge or pass-through mode, if possible, and running a single router (the dd-wrt unit in this case) in a dual-WAN, load-balanced configuration (doable in DD-WRT I believe), then segment your devices into two different subnets with VLANs (also doable in DD-WRT). If your two switches aren't managed/VLAN-capable, you'll need to replace with two that are. Not all that expensive and totally worth it. You would then mirror the untagged and tagged VLANs on the trunk port to the router on all ports to the respective managed switches.

That's the best-practice way to do this, IMHO. Much better that multiple routers and unmanaged switches, which introduce needlessly complex multi-NAT in your network.
 
Any recommendations for low cost managed switches? As you can see there are not that many devices plugged into the switches as it is.
 
Sure thing.

The $29 Ubiquiti USW-Flex-Mini can't be beat for value, but they're routinely out of stock (as they are right now), and installing controller software just to configure your switches is not everyone's cup of tea.

So, moving on, if you're highly skilled and don't mind self-supporting, a Mikrotik RB260GS ($47) is a solid value, otherwise I'd probably just go with a Zyxel GS1900-8 ($59) for something more mainstream with real support (and a lifetime hardware warranty).
 
I will have to see if these router/modem combos can be put into bridge mode or not. Regarding the switches, switch2 is out at the distant location with device 3&4 and would be the switch I would need to swap to a managed switch. Is replacing switch1 to a managed version required as well since all the devices plugged into it are on the proper subnet currently?
 
Last edited:
How about the Netgear GS308T; I'm showing CDN $64.99 on Amazon.ca.

Ya that Netgear one is more affordable up here. The Zyxel is horrendously priced over $100 here for some reason. The prior price for the Zyxel that I had mentioned was for another model.
 
Trip
I must be missing something. I tried drawing this out again with the ISP modem/routers in bridge mode and using a 5 port (including WAN port) dd-wrt based router to handle DHCP via VLANs.

One thing I did not mention in my op is devices 1-3 and devices 4-6 do not need to talk to each other traffic-wise. The current unmanaged switch1 and switch2 are not physically by the 2 isp modems. They are by device1&2 and 3&4 respectively. Devices 5&6 are on their own cables which run up to the isp modem/router. By my calculations, the dual WAN configuration takes 2 of the 5 ports on the dd-wrt. The cables coming from the new managed switches would take 2 more ports on the dd-wrt device leaving only one port to accommodate device 5&6.

Am I missing something? Sorry, but I have spent so much time on various configurations of this that my brain is a bit numb ;)
 
Hi again, got it. After rereading your posts, I think I over-spec'd your requirements by one managed switch too many, if we want to make this work with the bare-minimum amount of new hardware possible (click thumbnail to enlarge):
SNB.png
Switch Setup: S1 connects to P1, D1 and D2 as it does now, and uplinks to R1, port 3 in the diagram (p3 is untagged VLAN 1 in DD-WRT). S2 gets re-purposed to receive the cable runs from D5 & D6, then uplinks to R1, port 5 in the diagram (p5 is untagged VLAN 2 in DD-WRT). Lastly, you bring in a single new managed switch, S3 (highlight in green), to handle D3 (access port tagged for VLAN 1) and D4 (access port tagged for VLAN 2). Then you tag both VLAN 1 and 2 on the "trunk" port (port 8 in the diagram), uplinking S3 to R1. *Note: the blue/red line is not two cables, but a single cable carrying the traffic of both VLANs 1 and 2.

Router Config: In DD-WRT, you'll setup dual-WAN in a load-balanced setup, to utilize both WANs for all clients. If you want to force D3 out ISP 1, then you'll have to setup a policy route for D3 (should be able to Google how to go that in DD-WRT easily enough). You'll also need to create separate DHCP scopes for both VLANs' respective subnets (192.168.1.0/24 and 192.168.2.0/24 in the diagram).

Let me know if I got this correct enough.
 
Thanks so much for taking all that time and effort with the diagram and the detailed explanation, It makes sense what has to be done.
 
I noticed that on Amazon there is a GS308E-100NAS for $44.99 vs the GS308T-100NAS for $64.99 that you had suggested. I found the following on the Netgear community re the differences:

--------------------------------------------------------------------------------------------
Similarities between the GS108Tv2 and GS108Ev3 switches:

a. Both switches will provide standard 802.1Q VLAN management per port, based on Untagged or Tagged modes, with or without PVID - which correspond to basic Access or Trunk port modes, with or without Native VLAN in other terminologies.

b. Both switches will provide standard Port Mirroring, ingress or egress or both, with multiple source ports and one destination port. When set in Mirroring mode, the destination port cannot work normally, i.e receive and send normal traffic - true for both switches.

Differences between the GS108Tv2 and GS108Ev3 switches:

a. The GS108Ev3 offers HTTP web interface and management, hence no encryption for restricting management access. On the other hand, the GS108Tv2 offers HTTPS web interface and management, which will be better fit for application outside of your firewall.

b. The GS108Tv2 can be powered by upstream PoE switch via its port 1 while the GS108Ev3 does not support this.

c. The GS108Tv2 provide more advance features such as Access Control for security (ACLs) and Differentiated Services (QoS) for packet prioritization will be done at Layer 2/ Layer 3/ Layer 4.
---------------------------------------------------------------------------------------------
Can you see anything that would hinder using the cheaper switch in this situation? Admin of the switch would be done from within the location.
 
Just to clarify -- it's the GS308__ models we're talking about, right? Not the GS108__ -- you referenced the 108's through your comparison list.

On the choice, I can't see anything show-stopping between the two, although I will say having ACL and DiffServ are nice if you ever want to ever want to create device-based access/denial and/or offer potentially more effective QoS for things like VoIP phones, video streaming clients, gaming endpoints, etc.

In the end, I don't think you can go wrong either way.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top