Hey all, I was wondering if anyone could help me work out how to do this? Basically, I have a stupid number of smart devices and my router has become increasingly unstable. I want to have all my IOT devices on one router and reserve the other for priority devices like phones and PCs.
I plan to put my IOT hub on 2G only and my primary hub on 6G and 6e only to avoid 2G congestion.
Problem is, if I connect both my routers to my modem, only one can connect to the internet. I tried putting a network switch between the routers and the modem, no dice.
Does anybody know how I can have 2 separate networks using 2 separate routers on a single modem? Both require internet connection but they don’t need to be able to communicate.
Thanks in advance for any help people can give :)
Vlans my dude.
You don’t need 2 routers for this. Place all your iot junk in one vlan and you useful in a second. 2 routers aren’t needed for this kind of seperation.
It was more to distribute load rather than separate traffic. My main router seems to start pooping the bed once I have 40+ devices connected to it, so I wanted to reduce the number of devices connected to it to prevent that as I need it to be stable for work… and gaming, haha.
If it’s the WiFi that’s crapping out, get a ubiquiti UniFi 6+ access point. It will handle up to 300 devices for $130. You will need to by the POE adapter for it but it’s ~$15.
It’s ok to put iot stuff on an overloaded network tho, it doesn’t need too much bandwidth.
I’ve found cheaper routes tend to crap out due to numbers, not just load. I’m not sure what’s actually causing it, but it’s not network congestion due to traffic.
Best I can tell, it’s overhead congestion. They try and give each device a chance to talk. Unfortunately they don’t multitask this well. IoT devices are a little notorious for being slow to respond (because of sleep modes etc). With enough of them, this can leave critical devices with a long lag time before they get a proper window.
Most routers that can handle vlans can more than handle this issue. My ubiquiti router blazes along, and it’s under a far worse load than my cheap provider’s router was failing under.
I’ve got the ubiquiti dream machine and it’s been bombproof so far.
Except they plainly said this was about stability.
One of them will have to go through the other. Ultimately your modem only allows one device attached to it, which is likely because it assigns a public IP address directly. So if you could plug two in, they’d have to give you two IP addresses. Given the tendency of going CGNAT already, they probably don’t want to do that.
So you need a router that will talk to the modem. Ideally that’d be the best one of them. So like maybe plug the IoT router into the LAN of the main router, so it appears as one client instead of dozens of light bulbs, and set up some QoS and firewall rules to keep it isolated and throttled down if needed. Ultimately if neither of the routers can support all that traffic, you’ll need a router upgrade because it has to converge to that point.
If you can flash an custom firmware like OpenWRT on it, you can do some pretty fancy things and really tune your network. Usually you can broadcast multiple SSIDs and put them in different VLANs and the likes. On some crappier models, the software improvements can really make a difference, or at least let you tweak it in a way you can squeeze a bit more out of it.
If both of them can get OpenWRT you might be able to distribute the NAT load across them where the primary router only needs to forward the traffic from the IoT router. Usually stateful connection tracking is what blow up and you run out of memory to keep track of them all, and the router can’t process any more connections. And all those IoT devices probably open one or more connection to the cloud each, using up precious conntrack slots. So if you can avoid having to track the state of connections from the IoT router on the main router, it’s freed up to process the rest of your traffic. On the main router, allocate a range of ports that unconditionally get forwarded to the IoT router. Then make the IoT router use that port range for its own NAT, and voilà, you now have two router’s worth of NAT capacity because the primary router can now just blindly forward IoT<>modem as-is.
That said, I feel like it’s worth the investment in a good router. I have zero regrets about my EdgeRouterX and Unifi AC-Lite 4-5 years ago. I just have two VLANs configured on the router, two matching SSIDs on the AP, two completely isolated networks on the same hardware. So it can easily NAT the two networks to my ISP, no hassle and a ton of headroom. Barely uses 5% of the CPU doing a gigabit speed test
I love my ER3 lite and ER-X. I was totally surprised when they came out with a new firmware for it. It’s still beta but it was a relief to know they haven’t abandoned their edge routers.
Quick and dirty solution. Designate 1 as the primary, it gets the modem. The secondary gets plugged in, and appears as a single device to the primary. This works, but the secondary network is double NATed. This can make its internet connection a bit grumpy and laggy. It’s fine for IoT devices however.
Best solution, upgrade to some more robust kit. I personally use the Ubiquiti Dream Machine. It’s a massive step up from the cheap rubbish ISPs provide. It can do multiple vlans, and so separate the 2 networks, while sharing infrastructure. It also allows for things like remote management or VPN connections. It can be a good alternative for remote control, rather than exposing your master controller to incoming internet connections.
Also, what do you use as a master controller, and can it handle and internet dropout? I’ve known a couple of people burnt by their internet breaking, and taking their light switches with it! I personally use Home Assistant, but there are a few other options out there.
This works, but the secondary network is double NATed
Second one does not necessarily have to be double nat’d. You can disable nat, disable the internet port entirely, disable DHCP, DNS, and any other IP services on the secondary router, and just connect the switch of the secondary router to the switch of the primary router.
The second “router” no longer performs any routing or server functions. It just acts as an access point and a switch. When the IOT devices connect to the AP of the secondary router and request an IP address via DHCP, the request is fulfilled by the primary router’s DHCP server.
Assuming OP’s problem with excessive devices is a bug at the physical layer (SSID) and not at the link layer (MAC), this should resolve it. If it’s at the IP layer or higher, it can’t be solved with their current equipment.
Since the secondary router is neither handing out DHCP addresses nor requesting a DHCP address for its LAN interface, it will need a static address within the primary router’s subnet for devices to be able to access it.
Assuming the 2nd router is willing to play ball. I’ve seen some that won’t go into access point mode.
Other than that though, it’s another good option.
You could buy a pfsense capable mini-pc ~$200. It will give you, 1 wan port and 2 or 3 lan ports or repurpose an old desktop by updating it with a dual network card. The pfsense mini pc will use a lot less power long term. Then use your routers in access point mode, one for your IOT on 2.4ghz and one on 5ghz for the other stuff. You can set up the firewall to prevent the iot network on the second lan from seeing anything on the primary lan but still have full access to devices from the primary to the IOT network.
Easier solution is what was already suggested is by using vlans with one router and the setup the second router in access point mode for the IOT
This is the answer you’re looking for.
One router to control them all, and then 2 separate wifi ap’s
Two easiest options based on some general assumptions, not ideal but should work:
-
Connect the WAN port on the second router to any LAN port on your first/primary router. To change router settings you’ll need to change networks. If this doesn’t work, then it’s possible both routers are issuing DHCP addresses for the same subnet. Connect to either one of the routers and change the subnet to something else.
-
Disable DHCP on the second router, manually assign it an IP address within the DHCP subnet of your first router, and connect any of the second router’s LAN ports directly into any LAN port on your first/primary router. Leave the WAN port on the second router unnoccupied. You can change settings on either router you can be on either network
Slightly more advanced territory:
What routers are you working with? If these are standard off-the-shelf routers, you should be able to set up VLANs and separate wireless networks to isolate your IOT and personal devices, and set the IOT wlan to only broadcast on 2.4GHz.
Also how familiar are you with networking? This might need some knowledge of subnets, VLANs and a few other bits, particularly in regards to configuring your router’s dhcp settings, and other stuff so you can (optionally) access devices on the IOT network from your personal devices network.
You might get more help crossposting to the much larger [email protected] though.
-
My router (asus) gets unstable with 35+ “smart” devices. What ive done is i bought a mesh extender and connected all the smart devices to that mesh so the router has free connections for wifi. Seems to work. More stable now and the wifi connection load is shared.
Does your modem have dhcp and NAT? If it does, turn those on and it should work.
Unless you pay your ISP for two connections, you won’t get two routers connected to your modem. I’d suggest upgrading to a better router designed to handle higher traffic, like a business router. Or you can build your own router with a computer and OPNSense.
I am guessing that the Modem needs a PPPoE connection? Otherwise two routers on a modem should work but with PPPoE it wont. It is probably also just about the WiFi connections? Then you can just configure the IOT router to not use PPPoE and plug it into the other router.
Modem - Switch - Router 1
…………………………|_Router 2
May be this setup?