Well then all resources are localized per subnet, thus should not be an issue. This
assuming you have linked downstream routers via their WAN ports to LAN ports on the
upstream router and are relaxing downstream routers' firewall rules to allow traffic
in/out their WAN ports to the "main" SubnetA which in turn serves as gateway to the
Internet.
If you're setup as suggested earlier not using the WAN ports to connect downstream
routers then you WILL run into issues with multiple subnets and routing problems
IMHO. If you had a single subnet and did not use WAN ports the routers would simply
be switches but you are subnetting & firewalling to isolate which means you can't
(shouldn't for simplicity sake) forgo using the WAN ports.
Better to double NAT & keep key resources for each subnet on their own router because
they see whatever is on the WAN port as the rest of the world same as plugging them a
cable or DSL modem. Simply put anything outside their subnet MUST route out the
gateway and the gateway is going to assume it's routing to whatever is plugged into
the WAN port meanwhile all key resources are local: DNS, DHCP, Gateway.
On 4/25/2010 12:32 PM, Winterlight wrote:
At 12:00 PM 4/25/2010, you wrote:
OK, let me see if I can clarify the setup here.
Internet->Ethernet->WANPort->Router1->LANPort->Ethernet->WANPort->Router2->LANPort->Ethernet->TVDevice
Router1 WANPort is DHCP Internet = cable modem
Router1 DNS server is ISP
Router1 is the Gateway and DNS server for all = yes
Router2 is DHCP server for SubnetA = being the LAN..right?
Router2 WANPort is Router ONE DHCP Intranet SubnetA
Router2 DNS server is Router1
Router2 is Gateway and DNS server for SubnetB = LAN switches and clients
Router2 is DHCP server for SubnetB
TVDevice is DHCP client on SubnetB
TVDevice Gateway & DNS server is Router 2
Is this accurate?
yes, I think so
