5

I have one router on my home network. This acts as the main WiFi access point for all devices, as well as being connected to a simple switch for my home lab. I would like to be able to isolate my home lab onto a different subnet, where all machines on this side of the network would have static IP addresses.

Is it possible to do this with only one router? I have been advised by a colleague that I can set up a VLAN and use this as a way to split the network up into two subnets, but I'm not sure i fully understand how this works.

Any advice on how to achieve this would be appreciated.

Thanks.

Hamza
  • 51
  • 1
  • 1
  • 2
  • 1
    *Maybe* possible with third-party firmware, but not likely with any stock firmware for an OEM SOHO router. Also, especially if you're isolating the networks for security reasons, it's probably better to just have a separate router anyway. It's simpler to configure two physically separate networks than it is to have to worry about properly setting up VLANs. – Iszi Sep 15 '14 at 12:27
  • If I was to get a separate router,correct me if i'm wrong, but would it not cost quite a bit? My current router acts as a modem and a router as-well, so I'm guessing I would need to buy two routers since the only way i could connect another router to it is to allow it to operate in modem only mode. I would then need two routers - one for my subnet and another for the wifi that will be the other subnet. – Hamza Sep 15 '14 at 13:18
  • If you want to physically separate the networks, you will need to buy a new router. This can range from $20 to $200, depending on the features you want in the router and where you go to buy it. Depending on *how much* you want to isolate the networks from each other, you may need a third. – Iszi Sep 15 '14 at 13:28
  • Most SOHO infrastructure devices are actually multiple infrastructure components combined into one. At the component level, for two subnets to be isolated from one another *and* have Internet access, you'll need a minimum of: 1 gateway device (modem), 1 router connected to the modem, 1 switch connected to the gateway router, 1 router for each isolated network (one of these may be the same as the gateway router), 1 switch for each isolated network (again, one may be the same as for the gateway), 1 Wi-Fi access point (AP) for each Wi-Fi network desired. – Iszi Sep 15 '14 at 13:30
  • The above can minimally be accomplished with two separate physical devices. One will be a combo modem/router/switch/AP (these devices are commonly provided by your ISP with mid- to high-end data plans) which will serve as both your gateway device and your host for subnet 1, and the other will be a combo router/switch/AP (generally referred to on the shelf as a "Wi-Fi router" or similar) which will be the host for subnet 2. For further isolation, you'd want: 1x modem/router/switch (gateway network), and 2x router/switch/AP (one for each subnet). – Iszi Sep 15 '14 at 13:33

2 Answers2

3

First of all check that your router is able to make VLAN;. If it is, give us a screenshot with your settings page. If it doesn't an option would be to install OpenWrt+LuCi ;) (if your router supports it), and then: http://wiki.openwrt.org/doc/uci/network/switch

jAce
  • 1,352
  • 6
  • 16
  • 31
sebekk23
  • 31
  • 1
0

A router functions on the 3rd OSI layer, on which communications occur using the Internet Protocol (as in, IP addresses). VLANs are a product of the 2nd layer, the Data Link Layer. You'll likely not have that functionality without using a switch in between the router and the rest of the network.

FYI - having two different subnets will require two different routers, even if your network is segmented into VLANs. Routers are how computers communicate across different networks. In short, you'll need a second router in order for the two networks to communicate anyway.

Mike D'
  • 9
  • 2
  • 1
    Of course you can have that functionality, provided the home router is either a Linux box (which most are) and you have root access, or you can install something like OpenWRT on it. Just add the VLAN interfaces in the configuration, and configure the interfaces themselves correctly. No need for a second router. – dirkt Jul 10 '18 at 14:16