Currently, my setup is ONT > TPLink Archer A7 > ISP Router. Subsequently, I have 2 wifi networks, but in practice a single LAN network.
The question is: Should I be able to go ONT > Unamanged Switch > TPLink AND ISP Router > rest of house split up between the two. Thus, giving two LAN networks and 2 WIFI networks independent from each other to provide redundancy from a hardware perspective?
Note, nothing else would be plugged into the main unmanged switch, everything would either be plugged into the TPL or the ISP Router - thus allowing for security, firewall port rules, etc. on each device.
Solved! Go to Solution.
No. This would put two "public" facing devices on the ONT side of the connection each of which would compete for an upstream IP from Verizon. Vz will only allow you a single IP -- so the result would be one device won't get an address and thus won't work.
And unless you've reconfigured the ISP router, you actually have two networks -- one behind the TPlink, and one beyond the NAT (double NAT) behind the ISP router behind the TPlink (so the stuff behind the ISP router can see everything and the stuff behind the TPlink can only see the stuff on the TPlink.
Some routers will allow you to VLAN segments and enforce privacy between segments (you can actually do this between the Ethernet, Moca, and Wifi segments in the Vz router as well -- but it's NAT translation gets a little wonky and doesn't appear to always work right) -- but the other approach if you truly want different segments would be to put a small firewall in between the ONT and your upstream routers and have each router on a different DMZ (like a small Pfsense box).
If your not a skill networking person, this is not an entry level project.
Thank you for this information. My main desire/goal was to 1) separate networks in a sense that devices plugged into my ISP router wouldn't be affected by any miscellaneous port forwarding rules (such as a FTP server or a NAS device, things of this nature), which considering the ISP Router has it own internal firewall - I guess that is moot. And 2) help split the traffic between the devices (as sometimes, especially over wifi, it can seem to get congested and create timeouts). I haven't experienced anything like that over LAN, so it may just be too many devices or traffic over Wifi. That said, I've just about completed running CAT cables to each room with switches in each to mitigate the number of devices connecting over wifi. It sounds like I just need to keep the setup the way it is (ONT > TPL [and separate switch for NAS and FTP server] > ISP Router (into the TPL) > rest of devices). Thanks for the detailed response and input!
Better might be to use the Vz router as the primary connection to the ONT, setup a Wifi network using the name and password of your choice on the Vz router and use "Auto" for frequency selection (or pick channel 1, 6, or 11 for 2.4ghz and pick one of the available 5ghz like 149 or 153). Do your port forwards on the Vz router as well.
Then, change the TPlink to "access point" mode and provide the same network name and password for the Wifi as your Vz router and connect it to the Vz router. Use "auto" as well here for frequencies (or choose one of the three frequencies above that your are NOT using on the Vz router for 2.4ghz and a different frequency from the Vz router for your 5ghz).
Now, your devices will automatically attached to the router and frequency (if you use the same SSID for 2.4 and 5 ghz networks) which seems best.
A couple things to note -- if you have band steering enabled (same SSID on both 2.4 and 5 networks with the setting turned on in the router), this can result in slower results since sometimes you'll be steered to what is normally the faster 5ghz network but depending on distance may actually be slower the the 2.4ghz one.
Also, using the "auto" mode for frequencies on the routers will allow the router to choose what seems to be the quietest frequency so that you should get better performance. However, if you have multiple routers on the same SSID, this can result in both choosing the same frequency -- which causes all kinds of interesting issues which can affect performance as both routers try to compete on the same channel (better routers will recognize this an move to another frequency at best or at least detect it as a spanning tree loop and disable one of the radios -- but can't say I've seen this on standard home residential routers).