not an issue just an observation

[edwardsmarkf]

first off, AWESOME JOB, mike. i wish i had this guide rather than the "quick-start" pamphlet that came with the router.

it would be interesting to see something even more "dumbed-down" to my level. i am thinking of instructions that make this Ubiq router as easy as the typical DLink/Netgear/Linksys router. Maybe with all the ports using the same subnet, like what the typical router does.

[mjp66]

If you simply want all the ports to be the same, just adjust which sections to follow in the guide, Specify "One LAN" in section 11, then don't follow section 18, modify the firewall rules, etc... The "guide" is exactly that, If you are not yet up-to attempting your own modifications, you could buy a cheap undamaged gigabit switch (8 ports are under $20.) Connect the switch to eth3, giving you more "ports" for connecting more devices. Then simply don't use eth1/2.

[spkess]

Mike, Seeing this reminded me that I have been meaning to write and say how thankful I am that you produced this extensive guide. I cannot be happier with the network I have set up with your instructions. I do have one question for you or anyone else who sees this...I added a USG managed switch (USG-8-150W) in order to supply PoE to my AP and cameras because the PoE injectors were causing too much clutter in my wiring cabinet. When adding the VLANs to the switch and configuring the ports, I started wondering if the guest/IoT VLAN traffic being intermingled on the AP and switch with the home network traffic, and not segregated by the router ports, posed a risk. Clearly I do not know enough about VLAN and packet tagging so I am hoping there is a simple answer. Thanks again for your hard work on this, Stephen

[edwardsmarkf]

hey mike - is there any particular reason you suggested using eth3 with a switch?

also, i bought both a pretty good 5-port and 8-port "Tenda" switch on amazon for $17 (for 8-port).
Tenda brand is unfamiliar to me, but it does get good reviews.

[mjp66]

@edwardsmarkf I suggested a switch for eth3 because I thought you needed more ports for the HomeNetwork.

@spkess I believe the traffic is already segregated from each other via the VLANs, but not separated out by port. There are likely security implications of running the ER-X as Non-VLAN Aware, IF you were running the wired separate network (ethernet line) over to some external entity i.e. a renter / neighbor. This is an interesting point, that I had not thought of before.

Here are a couple of Permalinks (i.e. a specific posting within a thread) about being VLAN Aware:

https://community.ubnt.com/t5/EdgeRouter/riddle-me-this-ER-X-how-do-I-set-a-native-VLAN-on-the-switch/m-p/2667164/highlight/true#M240023

https://community.ubnt.com/t5/EdgeRouter/EdgeRouter-X-VLAN-config-for-switch0-with-LAN-and-VLAN-on-same/m-p/2666758/highlight/true#M239994

There are additional interesting links within the second URL, which was made by @BuckeyeNet. Note that the posts I referenced, were both made - yesterday. The Ubiquity community is pretty active.

[edwardsmarkf]

yes indeed mike - and thanks again for your excellent suggestion. i was just curious why you selected eth3, and not eth2 or eth4. i am thinking that any one of them (2-4) would have worked the same, but i wanted to double-check.

[mjp66]

Maybe I spoke too soon about running the ER-X as non-VLAN-Aware, as eth2 has already been removed from the ERXs switch.