Menu
What's new
By:
Filters Better Search

Two subnets...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

oletuv said:
Why? I´ve already bought the hardware, set it up according to the diagram and tested it. I´ll put the network in production when I move into a new apartment in the beginning of June. One thing I´m considering is to change the Linksys LRT224 router with pfSense running in a Mini-ITX pc.

6 months back I knew nothing about networking. It started with the idea of bypassing the ISP hardware (media-converter, router) and plug the fiber into a switch with a SFP module and split the ISP VLANs. I´m retarded ... sorry retired, and learning a little about networking has been a fun excercise in my old days. :)
Click to expand...
Ok now this finally makes some sense. I was also wondering why you had made it so complex when it did not have to be. I at first thought your goal was a stable network, but that was at odds with your complex network design. Now I see that your trying things to learn more about networking. Cool, have fun doing it! One thing you may want to consider is putting a very simple design in for your main network and then using all the other stuff in a lab type environment. Then you could tinker away and not effect your main network.
 
To me running multiple networks is not complex. It is the running of multiple firewalls and double NAT that is overly done. It is silly to run multiple firewalls. You end up changing multiple firewalls for one simple task. A layer 3 switch is a much simpler setup for running multiple networks. Networks should only have one firewall at the point of exiting the local network for the internet.

PS
I should add oletuv has copied my home network. I run multiple networks in my home because of good reason. I had someone bring a laptop over for me to fix. It had a virus and infected my music server. I decided then I was going to run isolated multiple networks. So I setup a guest network isolated from my other home networks. If someone comes over they only have access to my guest network. My guest networks shares printers, guest wireless and any devices needed. but not workstations or servers. I built that in with my layer 3 switch.

My networks run 24/7 with clients on every day. My video streams in the guest network along with iPhones. My workstations run in my LAN server network separate from my guest network.
I figure TV and iPhones are less trusted than workstations.
 
Last edited:
[
coxhaus said:
.....
PS
I should add oletuv has copied my home network. I run multiple networks in my home because of good reason. I had someone bring a laptop over for me to fix. It had a virus and infected my music server. I decided then I was going to run isolated multiple networks. So I setup a guest network isolated from my other home networks. If someone comes over they only have access to my guest network. My guest networks shares printers, guest wireless and any devices needed. but not workstations or servers. I built that in with my layer 3 switch.
.....
Click to expand...
Yes, I was very much inspired by Coxhaus´ thread about setting up a guest VLAN on a layer 3 switch. Originally I had configured separate private and guest VLANs on my SG300 switch in layer 2 mode.

The benefit of Coxhaus´ implementation is to let the L3 switch do the inter-VLAN routing and let the router do NAT and firewall tasks. Besides, having the complete local network including DHCP server, ACL access control etc. configured on a L3 core-switch, makes it pretty easy to change hardware components like the router, adding APs etc.

Thank you Cox, I´ve learned a lot from your knowledgeable posts on SNB.

Ole
 
oletuv said:
Why? I´ve already bought the hardware, set it up according to the diagram and tested it. I´ll put the network in production when I move into a new apartment in the beginning of June. One thing I´m considering is to change the Linksys LRT224 router with pfSense running in a Mini-ITX pc.

6 months back I knew nothing about networking. It started with the idea of bypassing the ISP hardware (media-converter, router) and plug the fiber into a switch with a SFP module and split the ISP VLANs. I´m retarded ... sorry retired, and learning a little about networking has been a fun excercise in my old days. :)
Click to expand...

Yep, I already picked up the vibe that this is not a means to an end but an end in itself.
By all means revel in making it as complex as possible.
Totally cool idea to add pfsense into the mix.. that should keep you busy for a while.
Have fun! ;)
 
chris2kari said:
Yep, I already picked up the vibe that this is not a means to an end but an end in itself.
By all means revel in making it as complex as possible.
Totally cool idea to add pfsense into the mix.. that should keep you busy for a while.
Have fun! ;)
Click to expand...
I am! :D
 
Here ya go.

network.JPG 20160409_intensive_scan_192.168.0.1.png

The network map was taken with the scanning computer (192.168.0.50) plugged into the 192.168.0.1 gateway router.

I understand that cheap residential routers are not supposed to be able to do what the C5 can do: disable NAT and allow inter-subnet communications.

The cameras turned out to be the cause of my internet problems, not because of network traffic, but due to the fact they were wireless... My internet is provided via long-distance wifi; turns out the cameras were interfering with the connection.

I don't consider this complex at all.
 
Nothing is complex once you understand it, I suppose... :)

If you could explain your problem and how you solved it, that would be most beneficial from a "what is the point of this thread" perspective. (I do not understand your pictures, regarding your original problem and the solution.)
 
full circle...

I can't talk to the LAN2 router when logged in on LAN1 and vice versa. I can communicate with every other device from either LAN except the opposite router. Not really a problem, more of an annoyance.

My temporary work-around is to enable wifi and connect to LAN2 while connected by cable to LAN1. This works for a few days but gremlins start showing up; mostly cameras disconnecting for no good reason. This all clears up when the wireless adapter is disabled or switched back to the same LAN as the cable. Master browser issue maybe; the NAS on LAN2 is configured as master, but the tests to determine if there's a second machine trying to be master all hang.

Given that the C5 routers are pretty low on the must-have list, I don't expect anyone here has played with one. The neat thing about them is you can bridge subnets for $50 with stock firmware.
 
I used a netbook running Wireshark to monitor the transfer of a .jpg from a LAN1 machine to a LAN2 machine.

With the netbook plugged into LAN1 the transfer showed as using TCP.

With the netbook plugged into the gateway router (192.168.0.1) between the two LAN routers the transfer used UDP.

Does this make sense...?
 
Y'all aren't good for much except sticking your hands out, are you?

Maybe I should be asking questions that you can handle, like "why doesn't my wifi work" or "what cable do I use", or perhaps the ubiquitous "which router?". All I see here is the self-flagellation of a small group of indigent techno-nerds looking to get stroked. Kinda disgusting when you dwell on it...

I've remedied my minor issue; if you want to know how I'll forward you my paypal address.

amf

20160411_quick_scan_topology.png
 
MegaBill said:
Y'all aren't good for much except sticking your hands out, are you?

Maybe I should be asking questions that you can handle, like "why doesn't my wifi work" or "what cable do I use", or perhaps the ubiquitous "which router?". All I see here is the self-flagellation of a small group of indigent techno-nerds looking to get stroked. Kinda disgusting when you dwell on it...

I've remedied my minor issue; if you want to know how I'll forward you my paypal address.

amf

View attachment 5955
Click to expand...

You have no concept of how a public forum works, do you?
 
MegaBill said:
Y'all aren't good for much except sticking your hands out, are you?

Maybe I should be asking questions that you can handle, like "why doesn't my wifi work" or "what cable do I use", or perhaps the ubiquitous "which router?". All I see here is the self-flagellation of a small group of indigent techno-nerds looking to get stroked. Kinda disgusting when you dwell on it...

I've remedied my minor issue; if you want to know how I'll forward you my paypal address.

amf

View attachment 5955
Click to expand...

Yup, you are not the problem, everyone else is...

That is a logical conclusion. You win.
 
MegaBill said:
I used a netbook running Wireshark to monitor the transfer of a .jpg from a LAN1 machine to a LAN2 machine.

With the netbook plugged into LAN1 the transfer showed as using TCP.

With the netbook plugged into the gateway router (192.168.0.1) between the two LAN routers the transfer used UDP.

Does this make sense...?
Click to expand...
Yes it does.
SMB shares work over multiple ports.
By default windows will use UDP if you are on the same local subnet and TCP if you are on a routed subnet.
UDP is faster as well due to not requiring the three way confirmation of TCP.
 
You must log in or register to reply here.

Similar threads

M
OpenVPN clients cannot connect to LAN computers.
Replies
0
Views
129
MNBob
M
M
Solved Weird destination ip when connecting to a subnet
Replies
3
Views
500
drinkingbird
drinkingbird
T
Setting up Router and Bridge with with a Cable Modem
Replies
18
Views
555
Transer
T
E
DHCP questions & help
Replies
10
Views
576
JGrana
JGrana
M
Help connecting ASUS GT-AXE16000 to L3 Switch
Replies
1
Views
160
sfx2000
sfx2000

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,017 (members: 24, guests: 993)
Top