If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
LAN Segregation
Home network.
Several PCs; Win 7 and Win XP. Several NAS. Several USB Drives. Main ATT WiFi Router to ISP Additional WiFi Router via CAT5 to main ATT for WiFi access in far area of house. All 1000Mb equipment. All works as configured right now. Some PCs have hardware WiFi switches and some have software WiFi switches. Turning off network access at a PC seems problematic. I did turn off one Win 7 PC, and I do not know how I did it, and it took a while for me to get the network access back on the network and I don't know how I did that. Why did I not know? It seems that clicking thing do not react immediately so it was some time after I clicked buttons that the network showed up. The two main PCs have both Cat5 and Wifi as do the laptops. The big question: What are the ways to configure the LAN and all the devices connected such that the NAS can be easily isolated without unplugging the NAS? I would like all PCs to have internet access and maybe one PC with full access to the NAS. I can add hardware, if necessary, to the LAN to make this work. I think I have a slot inside a PC for something too. But I would like to listed to all options to accomplish this. Thank you. --- news://freenews.netfront.net/ - complaints: --- |
Ads |
#2
|
|||
|
|||
LAN Segregation
On Fri, 20 May 2016 09:17:25 -0700, OG wrote:
Turning off network access at a PC seems problematic. I did turn off one Win 7 PC, and I do not know how I did it, and it took a while for me to get the network access back on the network and I don't know how I did that. Why did I not know? It seems that clicking thing do not react immediately so it was some time after I clicked buttons that the network showed up. If you simply Disable or Enable the network adapter, the result should be nearly immediate, certainly within a few seconds. Go to Network and Sharing Center, click on 'Change adapter settings', then right click on your network adapter and select Disable or Enable, as desired. The two main PCs have both Cat5 and Wifi as do the laptops. The big question: What are the ways to configure the LAN and all the devices connected such that the NAS can be easily isolated without unplugging the NAS? I would like all PCs to have internet access and maybe one PC with full access to the NAS. I can add hardware, if necessary, to the LAN to make this work. I think I have a slot inside a PC for something too. But I would like to listed to all options to accomplish this. The fastest and easiest way that I know of is to put the NAS on a different subnet, then 'dual home' each of the PCs that are allowed to access it. The cost is zero, but it might take a few minutes of your time if you aren't familiar with the steps. 1. If the allowed PC is currently using DHCP to obtain its IP address (and other networking info) from your router, you'll need to switch to a static assignment. It would be helpful to know the DHCP range (scope) that your router is allowed to use so that you can assign your PC an IP address outside of that range. Once you've made a static IP address assignment, netmask, and default gateway, as well as a primary and secondary DNS server, your PC will continue on as usual, able to access the Internet as well as the various other resources on your LAN. 2. Now add a second IP address from an entirely different subnet to the allowed PC, stacked on the same NIC, and give it a proper netmask, such as 255.255.255.0. Leave the default gateway blank. 3. Connect to the NAS and change its IP address to one that's on the same new subnet that you used in Step 2 above. Use the same netmask, as well, and leave the default gateway blank. (The NAS will no longer have direct access to/from the Internet, but you can map it on your PC to regain that access, if necessary. You didn't mention if that's a requirement.) The result is that your PC uses its LAN IP for everything, just as it did before, -except- when you need to talk to the NAS, in which case your PC will automatically switch and use the new IP address. Since no other PCs have an address in the new subnet, they won't be able to see the NAS. Your PC is able to use multiple IP addresses simultaneously, automatically selecting the right one based on the destination address. If you need more details, let me know what your current subnet is, probably something like 192.168.1.0 with a netmask of 255.255.255.0 and a default gateway of 192.168.1.1? Also, what's the current DHCP scope so that I can help you pick an address outside of that range. If you're familiar with what I'm proposing above, the whole thing will take a couple of minutes, at most, to set up and after that the NAS will be invisible to every other PC on your LAN but fully visible and functional to your PC (and any others that you also set up this way). The cost is zero. *** If you're determined to spend money, add a second NIC to your PC and put the new address on that, but I'd definitely start with the zero cost option since you already have everything you need to make it work. The benefit of going to dual NICs is that each NIC will have its own bandwidth, so if you're doing a massive transfer to/from the NAS your other LAN and Internet activities won't be throttled due to limited bandwidth available. That's the theory; in practice you can almost certainly do just fine with a single dual-homed NIC. -- Char Jackson |
#3
|
|||
|
|||
LAN Segregation
OG wrote:
Home network. Several PCs; Win 7 and Win XP. Several NAS. Several USB Drives. Main ATT WiFi Router to ISP Additional WiFi Router via CAT5 to main ATT for WiFi access in far area of house. All 1000Mb equipment. All works as configured right now. Some PCs have hardware WiFi switches and some have software WiFi switches. Turning off network access at a PC seems problematic. I did turn off one Win 7 PC, and I do not know how I did it, and it took a while for me to get the network access back on the network and I don't know how I did that. Why did I not know? It seems that clicking thing do not react immediately so it was some time after I clicked buttons that the network showed up. The two main PCs have both Cat5 and Wifi as do the laptops. The big question: What are the ways to configure the LAN and all the devices connected such that the NAS can be easily isolated without unplugging the NAS? I would like all PCs to have internet access and maybe one PC with full access to the NAS. I can add hardware, if necessary, to the LAN to make this work. I think I have a slot inside a PC for something too. But I would like to listed to all options to accomplish this. Thank you. I'm still working on building a diagram. And it isn't all GbE, as the Arris is 10/100 on the LAN ports. Your service is 50/5 or appears to be, so the 10/100 shouldn't be a problem. copper ADSL ---- ARRIS NVG589 --- VOIP phone (RJ11) 50/5 VDSL2 802.11 ---// B/G/N 10/100 --- IP Camera (Wired) 10/100 --- IP Camera (Wired) 10/100 --- Laptop 10/100 --- Asus GX-D1081 --- Living Room PC GbE Switch --- Bedroom PC --- --- NAS ??? --- NAS ??? --- --- R20000 ---// Dual band, 802.11a/b/g/n Router Used as Wifi extension??? 1 Wan, 4 Lan, RJ45, GbE Which devices use Wifi ? Was there a Wifi extension in the picture (R20000 maybe?). Are there NAS boxes ? Are the NAS boxes Wifi equipped or just copper ? Hanging the PC needing isolation off the R20000 might work. As the R20000 RJ-45 connectors might be on a different subnet than everything else feeding off the Arris. It might depend on well, as to whether the LAN side of the R20000 connects to the Asus, or the WAN ("modem") on the R20000 connects to the Asus switch. Paul |
#4
|
|||
|
|||
LAN Segregation
PCs and laptop all have Cat5 and WiFi capability.
Yes the other WiFI router is set up with its own set of addresses and is hardwired to the ATT. As configured it all plays OK NAS are all Cat5. Currently ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) WiFI to Cam Cat 5 to Switch1 1000Mb WiFi to Laptop1 Cat 5 to PC (A) Multimedia Source Cat 5 to NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Cat 5 to R20000 WiFi Router WiFi to Cam WiFi to Laptop2 Cat 5 to NAS2 ------- ROOM 3 FRONT OF HOUSE ----- Cat 5 to Switch2 1000Mb Cat 5 to PC (B) Viewer Cat 5 to Laptop --- news://freenews.netfront.net/ - complaints: --- |
#5
|
|||
|
|||
LAN Segregation
OG wrote:
PCs and laptop all have Cat5 and WiFi capability. Yes the other WiFI router is set up with its own set of addresses and is hardwired to the ATT. As configured it all plays OK NAS are all Cat5. Currently ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) WiFI to Cam Cat 5 to Switch1 1000Mb WiFi to Laptop1 Cat 5 to PC (A) Multimedia Source Cat 5 to NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Cat 5 to R20000 WiFi Router WiFi to Cam WiFi to Laptop2 Cat 5 to NAS2 ------- ROOM 3 FRONT OF HOUSE ----- Cat 5 to Switch2 1000Mb Cat 5 to PC (B) Viewer Cat 5 to Laptop It looks to me, like the NVG589 10/100 will factor into a lot of the communications paths. It looks like the emphasis started primarily as "ease of wiring". Do you already experience some combinations that don't work at all ? Like PC (A) to NAS2 ? Paul |
#6
|
|||
|
|||
LAN Segregation
Paul wrote:
OG wrote: PCs and laptop all have Cat5 and WiFi capability. Yes the other WiFI router is set up with its own set of addresses and is hardwired to the ATT. As configured it all plays OK NAS are all Cat5. Currently ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) WiFI to Cam Cat 5 to Switch1 1000Mb WiFi to Laptop1 Cat 5 to PC (A) Multimedia Source Cat 5 to NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Cat 5 to R20000 WiFi Router WiFi to Cam WiFi to Laptop2 Cat 5 to NAS2 ------- ROOM 3 FRONT OF HOUSE ----- Cat 5 to Switch2 1000Mb Cat 5 to PC (B) Viewer Cat 5 to Laptop It looks to me, like the NVG589 10/100 will factor into a lot of the communications paths. It looks like the emphasis started primarily as "ease of wiring". Do you already experience some combinations that don't work at all ? Like PC (A) to NAS2 ? Paul Not any that, just the biggest problem of the ATT flooding the LAN so I cannot get TV files from (a) to (B) to play without stuttering. Even doing a copy takes twice as long as the show runs. Still do not know why that i happening. So if I disconnect the ATT from the switch (that is why it is wired that way) I get full LAN bandwidth for what I want to do and the main Cam is still running. I want to configure it all such that a PC in Room B can surf while the NAS all over are isolated. But since the NASes are in different rooms it is not simple to isolate them. NASes and other stuff are on different UPS for isolating from power hiccups. --- news://freenews.netfront.net/ - complaints: --- |
#7
|
|||
|
|||
LAN Segregation
OG wrote:
Paul wrote: OG wrote: PCs and laptop all have Cat5 and WiFi capability. Yes the other WiFI router is set up with its own set of addresses and is hardwired to the ATT. As configured it all plays OK NAS are all Cat5. Currently ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) WiFI to Cam Cat 5 to Switch1 1000Mb WiFi to Laptop1 Cat 5 to PC (A) Multimedia Source Cat 5 to NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Cat 5 to R20000 WiFi Router WiFi to Cam WiFi to Laptop2 Cat 5 to NAS2 ------- ROOM 3 FRONT OF HOUSE ----- Cat 5 to Switch2 1000Mb Cat 5 to PC (B) Viewer Cat 5 to Laptop It looks to me, like the NVG589 10/100 will factor into a lot of the communications paths. It looks like the emphasis started primarily as "ease of wiring". Do you already experience some combinations that don't work at all ? Like PC (A) to NAS2 ? Paul Not any that, just the biggest problem of the ATT flooding the LAN so I cannot get TV files from (a) to (B) to play without stuttering. Even doing a copy takes twice as long as the show runs. Still do not know why that i happening. So if I disconnect the ATT from the switch (that is why it is wired that way) I get full LAN bandwidth for what I want to do and the main Cam is still running. I want to configure it all such that a PC in Room B can surf while the NAS all over are isolated. But since the NASes are in different rooms it is not simple to isolate them. NASes and other stuff are on different UPS for isolating from power hiccups. Your (A) to (B) path goes through the ATT box. The LEDs on the ATT box should flash, during a transfer there. You've put the switch in ROOM 1 and the switch in ROOM 3, on two wired ports of the ATT 10/100 box. The ATT doesn't route that traffic - it's likely to be switching it at wire speed. But the speed is only 100BT (12.5MB/sec). I'm not a networking expert like Char, so maybe he can propose the simplest re-jigging of the boxen to achieve the isolation. Since you have two routers, I might try to do it with the routers, relying on the unroutable 182.168.x.x subnets. Make one subnet 192.168.1.x and the other 192.168.2.x, so that the routers won't route between them. But then again, I'd be making better usage of the 8 port GbE switch, to get better transfer bandwidth where it is actually needed. Then throw a router in the way for isolation (so traffic can go to the Internet, but not to any other subnets). Paul |
#8
|
|||
|
|||
LAN Segregation
Paul wrote:
OG wrote: Paul wrote: OG wrote: PCs and laptop all have Cat5 and WiFi capability. Yes the other WiFI router is set up with its own set of addresses and is hardwired to the ATT. As configured it all plays OK NAS are all Cat5. Currently ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) WiFI to Cam Cat 5 to Switch1 1000Mb WiFi to Laptop1 Cat 5 to PC (A) Multimedia Source Cat 5 to NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Cat 5 to R20000 WiFi Router WiFi to Cam WiFi to Laptop2 Cat 5 to NAS2 ------- ROOM 3 FRONT OF HOUSE ----- Cat 5 to Switch2 1000Mb Cat 5 to PC (B) Viewer Cat 5 to Laptop It looks to me, like the NVG589 10/100 will factor into a lot of the communications paths. It looks like the emphasis started primarily as "ease of wiring". Do you already experience some combinations that don't work at all ? Like PC (A) to NAS2 ? Paul Not any that, just the biggest problem of the ATT flooding the LAN so I cannot get TV files from (a) to (B) to play without stuttering. Even doing a copy takes twice as long as the show runs. Still do not know why that i happening. So if I disconnect the ATT from the switch (that is why it is wired that way) I get full LAN bandwidth for what I want to do and the main Cam is still running. I want to configure it all such that a PC in Room B can surf while the NAS all over are isolated. But since the NASes are in different rooms it is not simple to isolate them. NASes and other stuff are on different UPS for isolating from power hiccups. Your (A) to (B) path goes through the ATT box. The LEDs on the ATT box should flash, during a transfer there. You've put the switch in ROOM 1 and the switch in ROOM 3, on two wired ports of the ATT 10/100 box. The ATT doesn't route that traffic - it's likely to be switching it at wire speed. But the speed is only 100BT (12.5MB/sec). I'm not a networking expert like Char, so maybe he can propose the simplest re-jigging of the boxen to achieve the isolation. Since you have two routers, I might try to do it with the routers, relying on the unroutable 182.168.x.x subnets. Make one subnet 192.168.1.x and the other 192.168.2.x, so that the routers won't route between them. But then again, I'd be making better usage of the 8 port GbE switch, to get better transfer bandwidth where it is actually needed. Then throw a router in the way for isolation (so traffic can go to the Internet, but not to any other subnets). Paul Maybe not reading my diagram correctly? Only the Internet goes through the ATT Box then to Switch1. There are no other connections on ATT. Yes there is also WiFi on ATT but nothing on the LAN acceses that until an application is run; that traffic goes out to ISP so can view on SmartPhone. The (A) (B) traffic goes: (A) to Cat5 to Switch1 To Cat5 to Switch2 to (B) Stuff from (A) and (B) may go ATT via Switch1 so would not the switch tend to isolate the ATT from LAN traffic? --- news://freenews.netfront.net/ - complaints: --- |
#9
|
|||
|
|||
LAN Segregation
OG wrote:
Maybe not reading my diagram correctly? Only the Internet goes through the ATT Box then to Switch1. There are no other connections on ATT. Yes there is also WiFi on ATT but nothing on the LAN acceses that until an application is run; that traffic goes out to ISP so can view on SmartPhone. The (A) (B) traffic goes: (A) to Cat5 to Switch1 To Cat5 to Switch2 to (B) Stuff from (A) and (B) may go ATT via Switch1 so would not the switch tend to isolate the ATT from LAN traffic? ATT ---- (10/100 ---- ---- ---- Switch1 ---- (GbE) ---- ---- ---- ---- ---- ---- Switch2 (or R20000?) ---- (GbE) ---- ---- ---- Each dotted line in the diagram is an RJ45. Paul |
#10
|
|||
|
|||
LAN Segregation
On Sun, 22 May 2016 04:06:18 -0400, Paul wrote:
I'm not a networking expert like Char, so maybe he can propose the simplest re-jigging of the boxen to achieve the isolation. I already suggested an easy way to achieve what he wanted to do, but so far he didn't pick up on it. -- Char Jackson |
#11
|
|||
|
|||
LAN Segregation
Char Jackson wrote:
On Sun, 22 May 2016 04:06:18 -0400, Paul wrote: I'm not a networking expert like Char, so maybe he can propose the simplest re-jigging of the boxen to achieve the isolation. I already suggested an easy way to achieve what he wanted to do, but so far he didn't pick up on it. I'm not 100% positive this network is physically set up as well as it could be. That's why I'm "relentless" with the request for a network diagram. Presumably isolation is easier with some setups than with others. There are two routers in the diagram. Not sure if there is one switch or two. It might be router - switch - router for example. ******* When I do my wiring here, one room has all the networking equipment, and wires (if they are ever necessary) radiate away from that room. Then I can select whatever cascade of boxen I want. For example, if I run the laptop in the kitchen, I run a wire up the hallway to the kitchen as a temporary solution. The laptop has Wifi, but no other gear in the house has Wifi, so doing it with Wifi is not an option. If some day, a network box happens to have Wifi, it might happen (an actual Wifi connection). My modem/router, is "entirely floating" in terms of electrical ground (which is why it happens to be so noise sensitive to thru-noise on the AC power). If it had Wifi inside the box, I don't know what that would do to antenna efficiency. For example, if that box had a TTL level serial port, I'd have to use an optoisolator to connect to the port, so the (lack of) ground doesn't get upset. Paul |
#12
|
|||
|
|||
LAN Segregation
On Mon, 23 May 2016 05:59:33 -0400, Paul wrote:
Char Jackson wrote: On Sun, 22 May 2016 04:06:18 -0400, Paul wrote: I'm not a networking expert like Char, so maybe he can propose the simplest re-jigging of the boxen to achieve the isolation. I already suggested an easy way to achieve what he wanted to do, but so far he didn't pick up on it. I'm not 100% positive this network is physically set up as well as it could be. I have a nagging feeling that his second 'router' is actually set up as a router, and not as an access point, and if so, that's usually undesirable. I don't know how it's set up, nor do I know how he intended to set it up. So that part bothers me a bit. The rest of his LAN seems to be switched, so that's very straightforward, in theory at least. Oh, the other thing that bothers me is that he says intraLAN transfers have been known to generate large amounts of WAN traffic, which if true would seem to indicate a misconfiguration. I've done that before, actually. Back in the mid-90's, before NAT routers were common and cable ISPs were handing out 3 or 5 or more routable IPs, if you did a file transfer from one LAN host to another the traffic actually had to go out to the ISP first hop, then back, traversing the cable modem twice. These days, with everything behind a router, that kind of thing should never be the case anymore, so I don't know what he's doing to generate WAN traffic when he does transfers within the LAN. If I'm working with an actual customer on something like this, I start with an equipment inventory. For each piece of equipment, I want to know its IP address, network mask, and default gateway. Next, I want to know about the physical connectivity. From there, I can build a map and begin to speak with authority on where the issues are. I see that you're doing some of the same, which is good. That's why I'm "relentless" with the request for a network diagram. Presumably isolation is easier with some setups than with others. There are two routers in the diagram. Not sure if there is one switch or two. It might be router - switch - router for example. ******* When I do my wiring here, one room has all the networking equipment, and wires (if they are ever necessary) radiate away from that room. Then I can select whatever cascade of boxen I want. Same here. At my last house, all of the cables entered the house in the corner of my basement office, so it made sense to 'home run' everything in the house back to that area. As a result, that's where the cable modem, router, and switches were located. At my current house, the builder had everything going to an upstairs closet, and while I liked the fact that he was thinking, I didn't like his choice of location, so I've since moved everything to my office. Still upstairs, but diagonally all the way across to the other end of the house. Now everything radiates out from there. There are additional switches in key locations around the house, in areas where I simply needed more Ethernet ports, but there are no additional routers anywhere. I run multiple subnets over the same physical media, isolating certain things from certain other things, so OG's request to isolate his NAS falls right in line with how I do it here. -- Char Jackson |
#13
|
|||
|
|||
LAN Segregation
LEGEND
-- Internet ++ WiFi == Cat5 ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) ATT++Cam1 ATT++Laptop1 ATT==Switch1 1000Mb Switch1===PC (A) Multimedia Source Switch1==NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Switch1==R20000 WiFi Router R20000++Cam2 R20000++Laptop2 R20000==NAS2 ------- ROOM 3 FRONT OF HOUSE ----- R20000==Switch2 1000Mb Switch2== PC (B) Viewer Switch2== Laptop3 --- news://freenews.netfront.net/ - complaints: --- |
#14
|
|||
|
|||
LAN Segregation
OG wrote:
LEGEND -- Internet ++ WiFi == Cat5 ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) ATT++Cam1 ATT++Laptop1 ATT==Switch1 1000Mb Switch1===PC (A) Multimedia Source Switch1==NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Switch1==R20000 WiFi Router R20000++Cam2 R20000++Laptop2 R20000==NAS2 ------- ROOM 3 FRONT OF HOUSE ----- R20000==Switch2 1000Mb Switch2== PC (B) Viewer Switch2== Laptop3 Char presented an isolation method near the beginning of the thread. http://al.howardknight.net/msgid.cgi...1%404ax.com%3E I'm still trying to figure out, how comms from (B) to (A), are going through the ATT 10/100 port. The traffic does appear to go through the wired R20000 ports. But doesn't have to touch the ATT, unless some funky routing is going on which isn't shown in the picture. switch --- PC (A) --- R20000 --- switch --- PC(B) I wonder if the Wifi on PC (A) and PC (B), the radio on those is switched off ? Paul |
#15
|
|||
|
|||
LAN Segregation
Paul wrote:
OG wrote: LEGEND -- Internet ++ WiFi == Cat5 ---------- ROOM 1 BACK OF HOUSE ------ ISP -- ATT (internet + phone) ATT++Cam1 ATT++Laptop1 ATT==Switch1 1000Mb Switch1===PC (A) Multimedia Source Switch1==NAS1 ------- ROOM 2 FRONT OF HOUSE ----- Switch1==R20000 WiFi Router R20000++Cam2 R20000++Laptop2 R20000==NAS2 ------- ROOM 3 FRONT OF HOUSE ----- R20000==Switch2 1000Mb Switch2== PC (B) Viewer Switch2== Laptop3 Char presented an isolation method near the beginning of the thread. http://al.howardknight.net/msgid.cgi...1%404ax.com%3E I'm still trying to figure out, how comms from (B) to (A), are going through the ATT 10/100 port. The traffic does appear to go through the wired R20000 ports. But doesn't have to touch the ATT, unless some funky routing is going on which isn't shown in the picture. switch --- PC (A) --- R20000 --- switch --- PC(B) I wonder if the Wifi on PC (A) and PC (B), the radio on those is switched off ? Paul The TV files are housed on (A) and viewed on (B); ATT not involved in that traffic directly (but because it is on the LAN it sees it? Since it is a 10/100 , as someone suggested in a post, device does that slow the overall LAN traffic?) Something is flooding the LAN with data and going to or from the ATT; this traffic kills the TV file viewing so if I unplug the ATT Cat5 to the rest of the LAN the LAN speed goes to full speed. Now this does not happen all the time when watching the TV files. But when it does it kills viewing. I have tried killing apps on the viewing PC (B) like NAS apps but got inconsistent results. WiFi on all devices is active and used. The IP address range is set to not overlap on the ATT and R20000. R20000 only acts as WiFi at that end of the house and as a Cat5 router. I am not familiar with the posted isolation suggestion and need to study it. Too much new terminology. My pea brain does not think I will understand it. --- news://freenews.netfront.net/ - complaints: --- |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|