home network Running 2 Routers from one Hub

[The Evil Overlord]

Paging @BudMan

 

Hell paging anyone who knows what they're doing.

 

Ok this has been eating away in the back of my mind for ages....

 

I'm in the process of getting upgraded equipment from VM, a new VM SuperHub and tivo

 

My Current setup is an older VM Superhub, with all wireless deactivated, connected to my Netgear NightHawk AC Router, which is installed in my upstairs hallway windowsill.

The router handles all traffic wired and wireless for my upstairs devices, and most of the wireless for my other devices downstairs on the 2.4G Band.

The 5G band is Exclusive to a second router, a Linksys E4200 that is receiving on 5G and then transmitting on the 2.4G and wired to my devices downstairs using ddwrt firmware (and into my back yard)

This router is dying, and has been for a few months now (I'm pretty sure it's done for, so I've found a cheap replacement for it, a TP Link 940 single band router)

 

I'm thinking about running a 20 meter cat 7 cable from my VM Superhub to a second router, (for increased wifi range, and better wired connectivity for my BD player and various consoles)

What I need to know is, does this change how other devices will connect to my wireless printer, or another part of my 'network'? (for lack of a better word)

 

Also would it be a better set up to wire the second router to the first, or directly to the superhub?

 

This is important to me as I'm in need of help as to how I might need to configure and disable the second router's security settings, as I would have thought the primary router's firewall and security settings would be more than adequate.

 

In my head this seems fine as I don't see a reason to have 2 firewalls going if the primary firewall is fine. But as I'm not very knowledgeable, in this matter I'll need to consult with someone who is.

(Each router will have a unique ssid so that's not a problem, as I'll rename the new router to the ssid already in place)

 

So to sum up, Would it be better to disable all security on the 2nd router, and run it off the first, using the primary router's security settings for internet traffic?

Or

Would all of my wireless devices that connect to my media center and printer, and any other shared resources over my home network still work if I was to just hook up my new router directly to another port on my superhub?

[+BudMan MVC]

why are you buying a router if what you want is an AccessPoint... Sure any wifi router can be used as just an AP..  And you can pick up a wifi router for $20 etc..

 

Are you happy with the nat/router/firewall features of the device you got from your isp?  If all you want is better wifi cover get some AP and connect them to your isp router.

 

If your not happy with how your isp does anything, then sure you can put a router behind it... Its best if you can put that isp device in "bridge" mode so your not doing a double nat.  But you can run in double nat if you have to...

 

If your going to use another router as just AP...  You will turn off its dhcp server, connect it to your network via one of its lan ports not its wan.  And give it an IP address on your network for its lan.

 

But if you want good wifi, and you want to place correctly for better coverage I would really suggest you get a true AP, which is normally POE and allows you place it correctly in the ceiling or wall for best coverage.  The unifi new AC line runs as cheap as $89 for the lite and $149 for the pro.
 

[BinaryData]

I would strong suggest getting a WAP. It's made a tremendous difference in my life. I should have listened to BudMan but I was dumb and didn't. I wasted $60 on a WAP that is obsolete now. I'm looking at spending $450 to cover my entire property with WiFi now. Follow BudMan, if he says jump, question it but also inquire how high.

[The Evil Overlord]

I used to have a netgear wnhde111 in bridge mode, that used to connect to my Linksys and act as an ap for my devices, but it could only receive on the 5g and only had ethernet 2 ports, I don't know how, but I put it into storage a few months ago when my router started failing only to find the bridge doesn't work anymore neither...

 

I've replaced most of my home wired and WiFi network, barring buying a second device to go downstairs, hence why I asked, the downstairs device doesn't need to be fancy, as the only thing that will be connecting to it via WiFi is my kids' devices, (phones, tablets etc 6 total, and it gives me more control over their WiFi usage, as they're all connected to my main router,) my wife's kindles, she likes to read in the back yard.

 

(Having trouble quoting from my phone so used copy paste from busman's post)

 

If your not happy with how your isp does anything, then sure you can put a router behind it... Its best if you can put that isp device in "bridge" mode so your not doing a double nat.  But you can run in double nat if you have to...

 

The ISP think they're clever by using different names, but the hub device has been configured to run in modem mode by me.

(Something I read in one of your posts years ago that most routers are great at protecting home networked devices, so added or doubled protection settings can hinder traffic)

[The Evil Overlord]

 

12 hours ago, BudMan said:

~snip~

 

I sat and thought, considered, reconsidered, shot myself in the brain, and had Doctor McDreamy fix me back up (Grey's Anatomy reference for those who don't know), and decided to ask...

I looked into those ap's you mentioned (along with some others..)

 

They seem to be wired, in wireless out, and a little on the pricey side for the UK market.

 

What I would like to do is run the downstairs device as wired in, wired and wireless out. This would be the preferred method

 

(Current method is ok (wireless 5ghz in, wired and wireless 2.4ghz out on a different ssid), but as the Linksys is dying and is unresponsive at the best of times, (and I can't figure out what happened to my wnhde111) I'll replace with anything within a certain price (my wife is already ###### at me as the 6 month old hallway carpet is going to have to be ripped up,  thrown out, and replaced to gain access to the floorboards)

 

(also if needed, I can change the settings of my superhub to router mode, and run the second device directly from IT <this is an option BUT> but I'm not sure if this setting, <2 routers running from one modem> will allow for use of my home network resources media centre, wifi printing etc..)

 

This is my Current Setup

 

What I would like to do is...

 

 

This is my wish BUT if I can't set this up, I'd be happy to go with

 

 

 

As Long as I can still share my resources (media center, printer etc...)

 

 

Edit trying again as I screwed it up the first time

edit again

In that first picture, I forgot to rename 'access point' to router 1 and 2, sorry

Edited May 14, 2016 by The Evil Overlord

[T3X4S]

Sheesh - you either have a lot of people, or a lot of "stuff" !

Me & my fiance - 1 laptop, 1 desktop
Desktop serves as media hub for streaming to TV
she has an iPad
We both have an iPhone

[The Evil Overlord]

2 minutes ago, T3X4S said:

Sheesh - you either have a lot of people, or a lot of "stuff" !

Me & my fiance - 1 laptop, 1 desktop
Desktop serves as media hub for streaming to TV
she has an iPad
We both have an iPhone

Kids..

I was surprised when I actually stopped and counted how many devices I had connected over the years

Eldest is 17, then 12 and the youngest is now 8, (even those piddly little vtech kiddies tablets have wifi)

[BinaryData]

So, here's a question for you...

 

Why not pick up a router (RV320 is what I have), pick up a smart switch (SG200 or SG300), and grab one or two Wireless APs, total cost is around $500. Run the wireless on a separate vlan,

 

vlan1 - transit network (192.168.1.x)

vlan3 - Wired Network (192.168.2.x)

vlan5 - Parent network (no restrictions) (10.10.10.x)

vlan7 - Kids WiFi network (Some restrictions, don't know your kids so this would be up to you) (172.16.1.x)

 

This is similar to how my network is setup, though I don't have a modem since I'm on Fiber. BudMan's been helping me with re-configuring my network to a more sensible setup. Believe me, it's a struggle having no knowledge in this, but I've made leaps and bounds in progress. Just a thought, it's easy to expand the network even further, I'll end up having 4 switches, 1 router/firewall/vpn.

[The Evil Overlord]

3 hours ago, BinaryData said:

So, here's a question for you...

 

Why not pick up a router (RV320 is what I have), pick up a smart switch (SG200 or SG300), and grab one or two Wireless APs, total cost is around $500. Run the wireless on a separate vlan,

 

vlan1 - transit network (192.168.1.x)

vlan3 - Wired Network (192.168.2.x)

vlan5 - Parent network (no restrictions) (10.10.10.x)

vlan7 - Kids WiFi network (Some restrictions, don't know your kids so this would be up to you) (172.16.1.x)

 

This is similar to how my network is setup, though I don't have a modem since I'm on Fiber. BudMan's been helping me with re-configuring my network to a more sensible setup. Believe me, it's a struggle having no knowledge in this, but I've made leaps and bounds in progress. Just a thought, it's easy to expand the network even further, I'll end up having 4 switches, 1 router/firewall/vpn.

my blu ray player is not a wifi model,

(and I wanted wired connectivity for my consoles in the living room, in a simple package, too many brigdes and ap's only means more complex connectivity, then I can control the kids wifi access by simply turning off the living room router, as opposed to trying to figure out which device is which connected to the nighthawk)

 

(Bolded statement) Not sure what I'm on, but I know it's getting upgraded to 200Mbit, the 'modem' is a VirginMedia Superhub, but a new one is coming next week, with docsis 3 technology, whatever that is.

(So I decided to finish the job I started 5 months ago, left it as is because I was waiting for the E4200 to die completely)

Edited May 14, 2016 by The Evil Overlord

[TAZMINATOR]

6 minutes ago, The Evil Overlord said:

my blu ray player is not a wifi model,

(and I wanted wired connectivity for my consoles in the living room, in a simple package, too many brigdes and ap's only means more complex connectivity, then I can control the kids wifi access by simply turning off the living room router, as opposed to trying to figure out which device is which connected to the nighthawk)

You can wire from modem to your blu ray player... not a problem..

 

you can connect wireless to your devices such as tablets, phones, etc.   up to you.

 

I have bunch of devices connected to my wireless and no problems so far.

 

I am looking forward to new internet speed coming next week.

[The Evil Overlord]

Just now, TAZMINATOR said:

You can wire from modem to your blu ray player... not a problem..

 

you can connect wireless to your devices such as tablets, phones, etc.   up to you.

 

I have bunch of devices connected to my wireless and no problems so far.

 

I am looking forward to new internet speed coming next week.

Oh, right... I'm getting upgraded, will be up to 200Mb unlimited, so out with the old and dying and in with the new and shiny

The E4200 used to be my main router, but ny Negrear NightHawk is WAAAAAy better, (and I'll be wireless ac ready, some of my tablets can connect to the 5ghz, just not the other 5ghz, so for the moment they're running on smart connect mode <both radios running one network name>)

[The Evil Overlord]

(...  And I'm looking at Hyperoptic to see if they can get me a deal that would be worth me leaving VM)

[BinaryData]

6 minutes ago, The Evil Overlord said:

my blu ray player is not a wifi model,

(and I wanted wired connectivity for my consoles in the living room, in a simple package, too many brigdes and ap's only means more complex connectivity, then I can control the kids wifi access by simply turning off the living room router, as opposed to trying to figure out which device is which connected to the nighthawk)

Eh, it's actually not that complex. I'm just rather dumb at times. Honestly, I bought the Nighthawk and returned it. the Ubiquiti AP AC Pro is 100x better. Supports multiple vlans, works plenty well, and covers 75% of my house. I live on half an acre, and it covers about 25% of it. I'll be picking up a total of 4 to cover my entire property with WiFi.

 

The way I'm doing my network is easy. Takes me all of 2 minutes to block something I don't want on my network. If I'm on the go, I can VPN and then ssh to my router, and block or unblock something. Really neat setup. My router connects to the ISP Cat5 cable, then my switch connects to the router, I have 1 cable running to my garage with a switch connected to provide internet to my lab, I have another switch running to my half of the house, which all my TVs, PIs, computers, and servers are connected too. I then have an 8 Port switch that sits near my TV which supports my brother and his friends LAN Party needs. It's complex enough to keep my brother and his friends from messing with it, but easy enough to access and work with that I can understand it. Don't get me wrong, it's overwhelming, but I'm picking things up slowly.

 

It's just a thought, I'm not trying to strong arm you into changing or anything.

[+BudMan MVC]

So yeah running the same ssid is called band steering where client that are 5ghz you push them to 5 and clients that are 2.4 connect on that with the same ssid.,  I run it myself, does your night hawks support ATF?  Air Time Fairness.. Your in the EU so the unifi there support DFS as well.

 

They are bit price in the UK market as how much?  You sure your looking at the new line, and not the OLD one - the old acprov2 was priced at 300$ 

 

I show them cheaper in the UK then here for gosh in #

https://www.msdist.co.uk/product_Ubiquiti-UniFi-UAP-AC-LITE.php

 

Price£ 67.23  (£ 80.68  inc-VAT)

 Get trade prices | Enquire

 

If you need ports then get a switch...   You can take the horse to the water I guess..  good luck in your setup.  Make sure you use your wifi routers as AP or your going to be natting between your connection and and they will not be able to talk to each other.

 

[TAZMINATOR]

11 minutes ago, The Evil Overlord said:

(...  And I'm looking at Hyperoptic to see if they can get me a deal that would be worth me leaving VM)

VM?  You mean you have another OS in your system such as Windows or Linux in Virtual Machine?

 

I have Windows VM on my iMac. 

[The Evil Overlord]

9 minutes ago, BudMan said:

So yeah running the same ssid is called band steering where client that are 5ghz you push them to 5 and clients that are 2.4 connect on that with the same ssid.,

 

They are bit price in the UK market as how much?  You sure your looking at the new line, and not the OLD one - the old acprov2 was priced at 300$ 

 

I show them cheaper in the UK then here for gosh in #

https://www.msdist.co.uk/product_Ubiquiti-UniFi-UAP-AC-LITE.php

 

Price£ 67.23  (£ 80.68  inc-VAT)

 Get trade prices | Enquire

 

If you need ports then get a switch...   You can take the horse to the water I guess..  good luck in your setup. 

9 minutes ago, BudMan said:

Make sure you use your wifi routers as AP or your going to be natting between your connection and and they will not be able to talk to each other.

 

See that's the thing, £80 vs £30, (I know it doesn't sound all that much, but when factoring in the cost of living in the uk etc...)

The living room router currently has a different ssid than the main router.. and it's the Nat battle I would wish to avoid

My current setup was fine until the E4200 started to burn up, but then I figured, why not just run a cable, (the guy who spoke to me at the local computer store assured me that the tp link can be run as an ap but as I consider myself a beginner, this info is the kind of stuff I need to be told to look out for.

 

[The Evil Overlord]

6 minutes ago, TAZMINATOR said:

VM?  You mean you have another OS in your system such as Windows or Linux in Virtual Machine?

 

I have Windows VM on my iMac. 

lol

VirginMedia

 

[BinaryData]

8 minutes ago, TAZMINATOR said:

VM?  You mean you have another OS in your system such as Windows or Linux in Virtual Machine?

 

I have Windows VM on my iMac. 

ISP homie, ISP.

[The Evil Overlord]

(I'm guessing I should have asked if I could buy a network switch with wifi)

 

Sorry, I have a hard time explaining things. and overcomplicate stuff unnecessarily

[+BudMan MVC]

Any wifi router can run as AP.. be it they have a mode that bridges in the "wan" port or not has nothing to do with anything to be honest.  If they do not have AP mode that bridges in the wan port, then just don't use the wan port.

 

A wifi router is combination of 3 things, router, switch and AP.. Normally the AP is just bridged to the switch ports that make up the lan because the wan is on a different vlan.  Here is typical drawing a wifi router setup.

 

 

So as you se the wifi is bridged over to the vlan0 switch ports while the wan is on vlan 1..  So to use ANY wifi router as just pure AP, all you have to do is turn of its DHCP server, and connect it to your network via one of the lan ports vs the wan.  Now its just an AP with some switch ports all on the network its connected to.  Normally you would change the LAN IP to be on the network your using so you can easy admin the wifi, etc.

 

wifi routers that support AP mode quite often just add that extra switch port that was being used as wan to the br0 bridge..

 

So if what you want to use is some wifi router, and leverage the switch ports sure go for it.  Not the way I would do it, not the way I would suggest anyone one do it - but sure it can be done that way.  Unless you run 3rd party on the device your not going to get any fancy stuff like vlan support.  Since its not actually your router your not going to get "guest" mode, etc.

 

Where are you getting a nighthawk for the 30 quid??  I highly doubt a 30 quid wifi router is going to support any sort of advanced wifi features, more than likely is going to be 1x streams..  Band steering - doubt it really, but ok maybe.  If you want good wifi, and you have lots of wifi devices your going to want decent placed AP with good features..  I really would suggest isolation of your different devices including wifi on to their own vlans so you can filter traffic you don't want to allow.  Big issue I see coming is isolation of your IoT devices from the rest of your network for just piece of mind security..  Do you really want guest that come over on the same network as other stuff.  If you start using just wifi routers as AP you have no vlan support.  If that device is not the actual edge router then you have no isolation between your network and these "guests" etc..

[The Evil Overlord]

5 minutes ago, BudMan said:

Any wifi router can run as AP.. be it they have a mode that bridges in the "wan" port or not has nothing to do with anything to be honest.  If they do not have AP mode that bridges in the wan port, then just don't use the wan port.

 

A wifi router is combination of 3 things, router, switch and AP.. Normally the AP is just bridged to the switch ports that make up the lan because the wan is on a different vlan.  Here is typical drawing a wifi router setup.

 

 

So as you se the wifi is bridged over to the vlan0 switch ports while the wan is on vlan 1..  So to use ANY wifi router as just pure AP, all you have to do is turn of its DHCP server, and connect it to your network via one of the lan ports vs the wan.  Now its just an AP with some switch ports all on the network its connected to.  Normally you would change the LAN IP to be on the network your using so you can easy admin the wifi, etc.

 

wifi routers that support AP mode quite often just add that extra switch port that was being used as wan to the br0 bridge..

 

So if what you want to use is some wifi router, and leverage the switch ports sure go for it.  Not the way I would do it, not the way I would suggest anyone one do it - but sure it can be done that way.  Unless you run 3rd party on the device your not going to get any fancy stuff like vlan support.  Since its not actually your router your not going to get "guest" mode, etc.

 

Where are you getting a nighthawk for the 30 quid??

It's a tp link I'm getting for £30

https://www.amazon.co.uk/gp/product/B00MIFM3R8/ref=ox_sc_act_title_3?ie=UTF8&psc=1&smid=A3P5ROKL5A1OLE

 

edit

but I'm currently looking to see if a switch exists that has wifi (or if such a device exists), I should say (as you and @BinaryData mentioned it might be simpler than what I'm trying to do)

[+BudMan MVC]

That is only N... and only in the 2.4ghz...  Yeah that is your typical cheap home router..  Shoot its ports are not even gig... Have fun with it

 

Quite sure it will do what it says it does, which isn't much.. You have all that wifi and its 2.4 N stuff.. No 5ghz, no AC in all that wifi devices?

 

So you do understand that 450 is marketing speak.. Your not going to see anywhere close to 450mbps.. that is PHY.. So really /2 that off the bat.. And then your wire is 100mbps anyway..  So where you even going to get 200, talking to another wifi client.. Yeah that is auto /2 again since wifi is half duplex..  So where does this 450mbps come into play??

[The Evil Overlord]

13 minutes ago, BudMan said:

That is only N... and only in the 2.4ghz...  Yeah that is your typical cheap home router..  Have fun with it

 

Quite sure it will do what it says it does, which isn't much.. You have all that wifi and its 2.4 N stuff.. No 5ghz, no AC in all that wifi devices?

I think you've misunderstood, (or I may have mis explained myself)

The bulk of the devices connected wirelessly to my main router, the Netgear are ok, but the children devices also connect directly to it, also my wife would like to be able to use her tablets and kindle(s) in the back yard due to the approaching good weather)

I'd like to take them off from my netgear and move them to my second <router/switch/whatever> as my living room overlooks the back yard. and they can play in the back yard supervised. And as my wife will have connectivity in the back yard, she can't complain about there being no wifi there anymore, this is why I wasn't bothered about the tp link just being a draft n 450.

 

The 'wired' from my netgear to my secondary, then wired from the secondary to my consoles and bdp would be something for me alone,

I'm playing the 'Hell, I'm paying for it, I'm having to rip up and throw out a reasonably new carpet, and floorboards for it, I'm the one who'll have to replace said carpet, (also re fit the floorboards) so I'm going to have wired because of it' card.

 

(I have 5ghz tablets that are connected to the nighthawk, also my e4200 is set to receive on the 5ghz, then it transmits on the 2.4, and has wired, but it needs replacing)

[+BudMan MVC]

Ok if your looking for just cheap coverage in a area that you have power and place to put a normal wifi router so it doesn't look out of place..  Then yeah that is a cheap option for 2.4N with a 100mbps limit on speed shared between clients because it only has a 100mbps interface..

 

I put a unifi in my kitchen near the patio door so I get full AC out there.. With such a fast internet connection I am surprised that you would be ok with wifi devices only getting a fraction of that speed when they are capable of more..  And just your wifi connection is holding them back..  There is one thing if you have an older device that only does G or 2.4 N, etc.

 

No device connect to this addon wifirouter as AP is going to be limited to guest, they will be on the normal wired network you connect them too..

[The Evil Overlord]

2 minutes ago, BudMan said:

No device connect to this addon wifirouter as AP is going to be limited to guest, they will be on the normal wired network you connect them too..

Yeah that's ok, I can simply turn the second router off to cut that access,

(part of the trouble is the ps4 doesn't play well on wifi, cannot talk to party members due to nat type issues, I've noticed it works better when wired in my bedroom next to my netgear, <type 1 nat, whatever that is>)

(The other console will work happily over wifi but again, it's better wired)