My problem is lte is the only thing available to me for internet. My kids like to play games online and watch youtube hours on end. My wife streams music and video alot and is taking online classes. I have two lte modems at this time, because one wont handle my wife and kids. Ive tried the load balance route but my kids end up stealing all available bandwidth. So i was woundering if i can set up my RB3011 as three seperate routers so to speak. Have a network for the boys 192.168.2.0 with there own lte modem. And 2nd network for adults 192.168.3.0 when own lte modem no cross talk between those to networks. Then i would like one more 192.168.1.0 where the other two can see for printer and small server. Is this possible? If so can anyone help me?. Heres a quick drawing. Router right now is setup fo one network.
Before you adopt this scheme (since it would be more complicated), have you tried the new kid control feature under IP->Kid Control? You can add the devices for your kid and give them a rate limit, that way they can’t use all of the bandwidth.
What you want is possible, but is a bit more complicated to set up. I suggest the Kid Control feature only because it may accomplish your goal without making your setup more complicated.
I have, my only problem is the conection and vary from 2m to 20m. When i get 20 no problem but in the evenings when the cell tower gets load speed drops and thats when we start having problems.
You’ll need three different VLANs on your bridge - set the PVID for each bridge port to place those on the correct VLAN, and the VLAN interfaces to Interface-VLAN to assign the IPs. Assign the IPs to the VLAN interfaces and set up DHCP servers on each VLAN interface. Once you are done, enable safe mode and enable VLAN filtering by going to Bridge->bridge->VLAN tab and checking “VLAN filtering”. If something was missed (and I might have missed something) then you may lose connectivity to the device at this point, which is why I would recommend enabling safe mode just in case. The VLAN setup won’t take effect until you enable VLAN filtering.
You might need to adjust firewall and NAT rules as well to support the three different networks.
I would get that working first, and then worry about the routing part. For the routing, you will need to set up policy based routing, by adding a different default route that goes out the second LTE modem (with routing mark set to “kids”) and then create a mangle rule that takes any packets from the kids network and sets routing mark kids, to force them out the second connection.
Alternative to the VLAN based setup described by @mducharme would be to use more bridges inside RB (one per LAN) and to assign ether ports to each of bridge according to LAN of which connected devices should be part. There are a few reasons to choose this approach over VLAN based and vice versa:
VLAN based approach allows to keep using HW offload if VLAN operations (tagging and untagging) are configured directly on switch chip. If these operations are configured on bridge (this is the intended way on ROS greater than 6.41), HW offload is not possible which might reduce intra-LAN throughput on RBs with weaker CPUs
bridge based approach only allows HW offload on only one bridge (or, in case of RB3011 with its two switch chips, two bridges if ether ports are distributed between bridges according to hardware layout, consult RBs block diagram). Compared to using VLANs this may proove to be better anyway (see previous bullet)
VLAN based approach offers better flexibility of placing different devices to their LAN segment if one uses separate VLAN capable switches. Example: if there are two devices co-located, belonging to two different LANs, with VLAN based setup single UTP cable can be used to connect both to main router (a smart switch is needed at that location as well). Port based setup requires one UTP per LAN on each device location (and use of several dumb switches, one per LAN, in case of plenty devices at remote location)
when thinking about WiFi, VLAN based approach has advantage. On APs one can configure virtual AP with separate SSID and security profile and with different VLAN on the wired side of AP. Thus single AP device per location can offer wireless access to many LAN segments.
If physical network setup is really simple star with your RB in centre, then port-based setup might be better. If, on the other hand, physical setup is not as simple, VLAN based setup would be better due to higher flexibility. It is sligtly more complex to setup though.
I setup using three bridges and 3vlan point to the bridges set some firewall rules and every network is seperate from the next. Internet work just to network assigned:) but print and server can not be access from kids or adults. And i got kicked from router before i could save and download rsc file. How do i get back on so i can make a rsc file and post on here?
Your config looks OK to me, unless I missed something. Have looked at it a few times. As long as you are plugged into the router itself on one of the ports that is on the “Admin” bridge you should be able to log in. Is the MAC address set on the admin bridge the same as the MAC for one of the ports on the bridge, like ether2? This is normally the case.
Thank you for looking it over turns out i need to move my firewall rules and everything started to work. Also cleaned it up a little and only using two networks instead of three. Ill post the setup after i get some sleep
This is just an observation and I thought I might offer a suggestion with regards to your issue and to propose a more simpler setup. The current configuration sure sounds like the problem I was having, wife has 2 devices streaming and works from home, kids have at least 3-4 devices streaming, and I’m just trying to use the Internet for either personal or business related stuff. The proposed solution you had seems to be a bit more complicated than it should be. Instead use 1 subnet, and begin to get more familiar with Quality of Service (QOS) as this is what it was made for. Get another sheet of paper, write a list of 1 - 8 and figure out what is critical and what is not critical. From here, start by making all Inbound / Outbound Forward traffic as Priority 8. Once this has been done, then start implementing rules that show what each type of traffic should have with the selected Priority Level. I have put together a list of P1 - P7 of how I have mine setup and has worked wonders, nothing like “Making The Network Great Again!” Please keep in mind, what you do to one direction, you must do the same to the other direction; as in if the VoIP traffic is set as P1 Inbound Forward you must set the VoIP Outbound Forward as a P1. I have also posted a link at the bottom from a website that talks about and gives a great example of where to start on QoS’ing your network, believe it or not, you will enjoy messing with the QoS Stuff.
Up/Down Forward Traffic
P1 - UDP - VoIP/FaceTime/Skype VoIP)
P2 - Network Management (RDP, SSH, Telnet, ICMP, WInbox, WebFig, and etc…)
P3 - Wife PC or Business Traffic
P4 - Web Traffic (TCP Port 80 & 443)
P5 - Gaming Consoles (PS / Xbox / Wii)
P6 - Movies / YouTube
P7 - Downloads / Torrents / Backups / Etc…
P8 - Default Traffic (All Unmarked Traffic)
*** This is just an example, feel free to move things around as you see fit to your network. ***
Itmonkee, i skimed that website, and it looks to me like you need to set limits. Upload and download. If thats the case i cant use it. My internet connections are both cellular. I live in an area where cable, dsl or any other constant speed internet is available. So my download speed very from as low as 1mbps to as high as 22mbps per connection, see pic. If you can base it on a percentage they by all means im in 100% to try it out.
David
