managing resourses on subnetwork

Question

I have a network an a subnetwork on 2 ends of a powerline Ethernet adapter. I would like to allow access to the machines on the subnetwork to machines on the network without sending all the traffic from the subnetwork over the powerline adapter.

my setup is as follows: Both routers are ASUS RT-AC66Us [1][2]

  Modem
    |
----+-------------------------------------------
| router-a / lan-a / LAN                       |
| Wide area IP: 1.2.3.4 (external/Internet)    |  
| local IP (192.168.1.1 / Mask: 255.255.255.0) |
|                                              |
| static route:                                |
|    {Network IP:192.168.2.0                   | 
|           Mask:255.255.255.0                 |
|        Gateway:192.168.1.120                 |  
|      Interface:LAN}                          |
----+-------------------------------------------
    |
Powerline
    |
----+---------------------------------------------
| router-b / lan-b / SubLAN                      |
| LAN IP: 192.168.1.120 (should be labelled WAN) | 
| local IP: 192.168.2.1 / Mask: 255.255.255.0    |
|                                                |
| static route:                                  |
|    {Network IP:192.168.1.0                     |
|           Mask:255.255.255.0                   |          
|        Gateway:192.168.1.1                     |
|      Interface:WAN}                            |
|            NAT:off                             |
----+---------------------------------------------
    |
---------------------------------------
| Computer/Server IP: 192.168.2.166   |
---------------------------------------

The subnet is working as a subnet, I can access network resources attached to the LAN from the subLAN, but I can't get the subLAN to forward any traffic coming from the LAN, so I can't access the server from the LAN.

F.W.I.W. I have a media server running on the same machine as gaming pc, and I have the subnet set up for game streaming, but the tv is on the LAN, and can't access the content unless I merge the networks. I am not married to the subnet situation, but I need a way to prevent my gamestream from traveling over the powerline adapter twice.

Is there some reason you've set things up this way? Why would you create two separate networks if you don't want to two separate networks? — David Schwartz, Dec 27 '15 at 22:23
@DavidSchwartz, I have been finding that traffic behind the powerline connection is very slow with a single network, presumably due to the fact that all the routing is happening on the upstream router, making the game streaming (or in some cases video streaming) unusable. which is odd, because [this post](http://superuser.com/questions/295528/does-all-lan-traffic-travel-through-a-router) says I shouldn't see this. — Aaron Ladd, Dec 28 '15 at 16:28
@AaronLadd With two networks, you just have more routing to do. The routing the upstream router has to do doesn't get any less. — David Schwartz, Dec 28 '15 at 16:30

David · Accepted Answer · 2015-12-28T17:05:53.763

Let's call your lan lan-a and your sublan lab-b.

Firstly, you don't need two subnets, you just need a switch on lan-b, then have all your other devices on lan-b plugged into the switch. Ethernet switches do not echo all traffic across a segment like an Ethernet hub (but hubs are not very common these days). [1]

I suppose there could be other broadcast traffic and protocols from hosts on either side of your powerline adapters that you are trying limit. Usually this traffic relating to devices trying to discover things about your network, like DLNA, UPnP, mDNS/zeroconf/bonjour and other networking protocols.

So if you are looking to limit the broadcast traffic it could be two things:

1.) While you may have disabled NAT, you may still have your firewall on router-b turned on, and this is what is blocking traffic from lan-a. Is your firewall on router-b switched on?

2.) It could be that you do not have the routing configuration setup correctly on your router-a. Is your static route set to lan?

3.) Even if you have everything setup correctly with these routers, it may just not be possible given how the web base user interface limits what you can do with them. Try setting up an old computer running linux to act as the bridge/router between your 2 subnets.

4.) Even with your two subnet setup, some broadcast/sniffing/discovery traffic will still pass through your powerline bridge, such as MS SMB discovery traffic, other traffic will not go beyond your IP subnet as limited by your netmask.

 Modem
     |
----+-------------------------------------------
| router-a / lan-a / LAN                       |
| Wide area IP: 1.2.3.4 (external/Internet)    |  
| local IP (192.168.1.1 / Mask: 255.255.255.0) |
|                                              |
| static route:                                |
|    {Network IP:192.168.2.0                   | 
|           Mask:255.255.255.0                 |
|        Gateway:192.168.1.120                 |  
|      Interface:LAN}                          |
-------+----------------------------------------
       |
================
Powerline Bridge
================
       |
-------+------------------------------------------
|  WAN PORT                                      |
| ********************************************** |
| router-b / lan-b / SubLAN                      |
| LAN IP: 192.168.1.120 (should be labelled WAN) | 
| local IP: 192.168.2.1 / Mask: 255.255.255.0    |
|                                                |
| static route:                                  |
|    {Network IP:192.168.1.0                     |
|           Mask:255.255.255.0                   |          
|        Gateway:192.168.1.1                     |
|      Interface:WAN}                            |
|            NAT:off                             |
| ********************************************** |
|              LAN PORTS                         |
--------+-----------------------------+-----------
        |                             |
--------+-------------      ----------+-----------
| lan-b Switch       |      | Computer/Server    |
|                    |      | IP: 192.168.2.166  |
----+-----------------      ----------------------
    |
    |
   /|\
--+++++--------------- 
| other lan-b hosts  |
| 192.168.2.x/24     |
----------------------

Also, you may not need the static router on **router-b**, have you tried it without that? (Since router-b already has a route to the 192.168.1.0/subnet as its default route because it is sitting on that subnet.) — David, Dec 27 '15 at 19:11
I currently have a switch downstream of the router on **lan-b** with the majority of my devices on it, but my PC is straight on the router, if I switch the router to AP mode, my understanding it would act as a second switch, would I have any issues with the layered switches? — Aaron Ladd, Dec 28 '15 at 16:37
ASUS' use of `AP-MODE` is somewhat confusing. It seems to me that ASUS' implementation of AP-MODE is for various forms of using the wireless system for `bridging` networks together. Since you already are using the `Powerline` device, it seems to me that you do need to use this feature, unless you are connecting another network segment in eg **lan-c**. Switch AP-MODE off. — David, Dec 28 '15 at 16:46
To have any router act as a switch, all you need to be sure to do is **turn off the DHCP server**, and then you can use any of the LAN ports as another switch. — David, Dec 28 '15 at 16:49
EDIT: you answered my question before I could post it, Kudos!the other modes are media bridge, router or repeater mode. I don't see any other mode doing what I want either, unless i can set it to router mode and disable DHCP. — Aaron Ladd, Dec 28 '15 at 16:51
Also, have you tried running `tracert`(traceroute on MacOS / Linux) from a host on **lan-a** to **lan-b**? What is the last hop? It would be useful to post the output from a trace in your question. — David, Dec 28 '15 at 16:51
and the tracert goes from `192.168.1.1` to `192.168.1.120` then hangs — Aaron Ladd, Dec 28 '15 at 16:52
Yup, leave the router in router mode, and switch off DHCP. That's what I do. AP-MODE is just for wireless bridging. — David, Dec 28 '15 at 16:52

managing resourses on subnetwork

1 Answers1