0

First of all, I'm not talking about those all-in-one routers that do wifi/switching/routing. It drives me nuts when people call a Wifi box a "router". Anway, I would like to do the following as shown in my diagram:

Is it possible to connect Router A and Router B to the same switch, while having Router B be connected to a different subnet? Excuse my ignorance, but my motivation for setting it up this way is to make it so that when the computer labeled Computer on 172.5.1.0/24 tries to connect to a camera that is on a different subnet (10.5.1.0/24) traffic flows through the switch, then to Router B which routes the traffic to the appropriate subnet. I want to bypass Router A because I want to reserve that router to only handle traffic associated with the 172.5.1.0/24 subnet & internet. I don't want it involved when going to the 10.5.1.0/24 subnet, hence the second router connected to the switch.

Specific questions I need clarification on:

  • First of all, is this even possible?
  • With this setup will I have to configure some sort of manual routing information on each device/computer so that it knows to go to Router B when wanting to go to that subnet?
  • I am unclear on what the "Default Gateway" setting on each machine would be, or if it matters at all. Typically that would be set to Router A when only 1 router exists on the network. But what about when there are 2?.

EDIT: Notice the WAN port on Router B is empty, that's because I want to avoid putting any connected subnets behind a NAT.

enter image description here

Phanindra Kallam
  • 9
  • 1
7wp
  • 564
  • 2
  • 8
  • 18
  • This is definitely possible. But it requires to at least have some general clues about how IP networking works. – Massimo Dec 13 '22 at 21:54
  • right @Massimo that's why i'm struggling a bit, it's good to know it is possible. Perhaps I will give it a try and see where I end up. Can you think of any Caveats I should look out for ? – 7wp Dec 13 '22 at 21:59
  • if a computer on 172.5.1.0/24 needs to access 10.5.1.0/24 (without traversing through router A) then it needs a route entry for 10.5.1.0/24 pointing to the 172.5.1.0/24 IP of Router B ... by the way, 172.5.1.0/24 is not a "private" subnet, for instance, 172.5.1.1 is `172-5-1-1.lightspeed.oshkwi.sbcglobal.net` – Jaromanda X Dec 13 '22 at 22:05
  • @JaromandaX Sorry about the subnets, it's just for illustration purposes i couldn't quickly come up with proper private subnet – 7wp Dec 13 '22 at 22:06
  • @JaromandaX It's OK if it uses Router "A" for the purpose of lookup... as long as the rest of the actual traffic flows only through the Switch, then Router "B".. Is that the case? Or will traffic go to Router "A" and then back into the switch then into Router "B" because that would make me sad :( – 7wp Dec 13 '22 at 22:10
  • not sure what you mean by "lookup". – Jaromanda X Dec 13 '22 at 22:38
  • @JaromandaX as in the computer wanting to connect to camera, goes to Router "A" and asks "Hey, whats the route to X"? (lookup) Then, thereafter computer goes directly to Router B via the answer it was given. From then on, theoretically you turn off Router A and the computer could still reach the cameras on Router B? – 7wp Dec 13 '22 at 23:01
  • 1
    I'm not aware if such routing behaviour exists. However, you can have DHCP send routing info to clients, assuming you use DHCP. For devices that don't, you would configure the route to 10.5.1 on each client that requires access to that network ... though [IRDP](https://en.wikipedia.org/wiki/ICMP_Router_Discovery_Protocol) seems to be a thing, but how supported it is I have no idea – Jaromanda X Dec 13 '22 at 23:28

1 Answers1

3

For clarity, let's assign Router A's inside interface 172.5.1.1 and give Router B 172.5.1.254.

Assuming SWITCH is strictly a layer 2 device, computers on 172.5.1.0/24 should have a default gateway to 172.5.1.1 [Router A] and a static route to find 10.5.1.0/24 via 172.5.1.254 [Router B].

Windows computers, for example, would run a command like the following:

route add -p 10.5.1.0 MASK 255.255.255.0 172.5.1.254 METRIC 10

Default gateway is shorthand for "what do I do with any traffic that isn't local and hasn't been explicitly routed?" The answer is almost always, "send it towards the Internet."

Many switches are layer 3 aware. The routing would be easier to manage there. If SWITCH can do vlans, Router B may not be adding much value.

Maurkov
  • 56
  • 2
  • Thanks I’m educated. Just wanted to let you know that SWITCH does support v-lans it’s set up that way now. But traffic still wants to go to ROUTER A first. For example if I reboot ROUTER A, I lose connection to the cameras on the subnet. Hence why I’m trying to introduce another router. – 7wp Dec 15 '22 at 02:18
  • Is the computer on a trunked port or an access port? – Maurkov Dec 15 '22 at 17:49
  • Sorry @maurkov I don’t know what a trunked port is, so probably not. – 7wp Dec 16 '22 at 19:05
  • 1
    @7wp a trunk port allows for crossing vlans where an access port does not. That's the only reason I can see for traffic hairpinning in the current 1 router solution. The switch is preventing computer and camera from interacting directly, but the router keeps sending the traffic back to the switch. Please try enabling trunking on the computer's switch port, then continuous ping the camera while you unplug and plug in the router. – Maurkov Dec 17 '22 at 08:49
  • Interesting @Maurkov I’ll give it a shot. – 7wp Dec 18 '22 at 20:22
  • FYI @Maurkov that trunking idea didn't work. It just made my cameras inaccessible completely. – 7wp Dec 20 '22 at 15:11