Link to home
Start Free TrialLog in
Avatar of jimmycher
jimmycherFlag for United States of America

asked on

Multiple subnets on a home (FiOS) network

I want to build a home network with three subnets.  I have a FiOS router (fiber optic).   I'm willing to invest in a small router and small switch to accomplish this.  

Please check my logic:

FiOS router interface "outside" goes to the ISP
FiOS router interface "inside" address is assigned 192.168.1.1 (and is default GW)
Home devices are assigned, via DHCP, 192.168.1.2 (and .3,  and .4, etc.)
All NAT/PAT is taken care of by the FiOS router.  ** see note 1 **

To build my subnets, I attach a home-use router:

e0/0 is assigned 192.168.1.2, pointing to FiOS router   ** see note 2 **
e0/1 is assigned 10.10.10.1, going to subnet 10 on my switch
e0/2 is assigned 10.10.20.1, going to subnet 20 on my switch
e0/3 is assigned 10.10.30.1, going to subnet 30 on my switch
----Home-use router default route points to FiOS router
----Build access-list on home-use router to prevent subnets from communicating.

Assign my UNIX boxes 10.10.10.2 and .3; connect to subnet 10 on switch (GW=10.10.10.1)
Assign wife's PC to 10.10.20.2; plug into subnet 20 on switch (GW=10.10.20.1)
Assign son's Wii to 10.10.30.2; plug into subnet 30 on switch (GW=10.10.30.1)


Note 1:  there is no need for additional Nat'ing on the home-use router, correct?

Note 2:  since is it router-to-router, do they still require a xover cable and clocking?

Note 3:  What consumer-grade router can handle this?  Also, did I miss anything?

Many thanks.
Avatar of akhalighi
akhalighi
Flag of Canada image

I understand you want to isolate traffic ; it's a bit too much for a home though :)

anyways ; what you need is a VLAN design which basically can happen on switch level OR
router level based on your budgeting . you will need a layer 3 switch to accomplish this .

don't worry about cables , all straight cables.

so , for this design ; in a nut-shell ; you need a layer 3 device that can offer 4 VLANs ; you will define 4 subnets and for each subnet you assign a network (e.g. 10.0.1.0/24 , 10.0.2.0/24 ,etc)

Please note that you probably need to configure your devices manually and not through a DHCP server because there are many different ranges .  having multiple DHCP servers for a home use seems to be too much , but it's up to you .

I think the best way for you if to find a Router at least 5 interfaces that supports VLAN ; this way you can have 1 interface connected to public internet ; and 4 interfaces with 4 different IP addresses for each VLAN . e.g. Interface FE0/1 : IP address 10.0.1.1

then connect your first VLAN to this port on the router ; give devices IP in this range and make DNS and default gateway 10.0.1.1

e.g :

IP address : 10.0.1.20
Default Gate Way : 10.0.1.1
DNS IP address : 10.0.1.1

No need for extra natting this way .
Avatar of BillBondo
Do yourself a favor and lose the fios router! Connect your own to the wan side. Verizon will complain that you need the router for tv program guide and what not. I didnt care, their router gave me nothing but headaches. I used a simple linksys to isp and to a 2003 server running R and R with lan routing and I believe nat on the interfaces. Server has 3 nics each with a different ip 192.x.x.x, 172.x.xx etc and 3 other linksys routers. Dont think you can isolate traffic but. And server does dhcp too.
Avatar of jimmycher

ASKER

Thanks akhalighi , but the router you spec'ed is only two ports, so I'll need to trunk into a switch, then seperate the switchports into distinct VLANs.  

I understand my initial design was seperate switch and router, and that they can be combined into one L3 device.  

Is my initial design sound?
What is a good L3 SOHO device to use?
You are going to need one interface or sub Interface per VLAN on your edge device ( your Router in this scenario) to properly isolate the traffic . I sent you one link to a cisco router ( above ) ... you probably can find some second hand switches/routers to help you achieving this.  they key is that your device should have enough interfaces and support VLAN.
what router has two ports ? FIOS ?
The Cisco 1841 has two interfaces, plus the console port.   I get the concept, I think you chose a bad example in the 1841.
ASKER CERTIFIED SOLUTION
Avatar of akhalighi
akhalighi
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ah yeah .. sorry .. 1841 supports VLAN , something similar ..probably more Ethernet modules.
Yes, directly connected networks will communicate by default on a router; I mentioned earlier that ACLs are needed to stop that.   Don't think broadcasts will flow, as they are stopped at network boundaries, but I get the drift.   Thanks.