A second router for network monitoring?

[DJQuad]

Hey all! I currently have a cable modem and an Airport Extreme router. Comcast is going to be enforcing a data usage plan so I’d like to more closely monitor the computers and devices on my network. I have a few PCs plugged into the router and the rest of the network is wireless (iPads, TVs, Rokus, laptops, etc).

Since the Airport Extreme doesn’t support SNMP anymore, I’m wondering if another router that sits between my current router and modem would work. I’d like to keep the Airport since the wireless is very good. I’m just wondering if a router like an EdgeRouter could distinguish between the wireless devices in its monitoring features since all wireless traffic goes to Airport then a single port of the EdgeRouter. I may even use something like NetWorx or Cacti to monitor SNMP if possible.

If would have 2 routers, any advice on how the wiring and configuration would be done is very helpful.

Thanks!

 

[bill001g]

You need to make sure the airport is running as a AP. You should see all the mac and ip address on your main router then.

I do not know if that router does a version of netflow. SNMP tends to not be very good at collecting usage data.

 

[DJQuad]

I've been playing with NetWorx today and it looks like what I need in case the EdgeRouter UI doesn't cut it. I'm looking at https://www.ubnt.com/edgemax/edgerouter-x by the way.

With NetWorx there's a way to change it to monitoring a router instead of the local PC, and then asks for SNMP details.

According to https://discussions.apple.com/thread/3868306 it seems like the Extreme should be switched to Bridged Mode to act as an access point?

Please excuse my noobness, but I'm not sure what port should be plugged into what port, and the order the wiring and configuration should be. I can't seem to wrap my head around using 2 routers instead of 1, or even if that network configuration would accomplish what my goal is as far as monitoring.

 

[jsmithepa]

I can't seem to wrap my head around using 2 routers instead of 1.

A router, in its generic sense, is just a traffic cop between 2 or more intersections, there is nothing mystical about it, and in theory it should be transparent to you, EXCEPT:

You are right to be concerned, in a home environment, it's typically not advisable to have more than one router, and the reason for it is, router introduces a new subnet (Google/WIKI if you must to understand subnet). So home typically work with ONE subnet, you throw in another router and BAM! now you are to deal with 2 subnets and all the problems that come with it.

I have an INTERNET APPLIANCE sitting right behind my modem, this is another name for small business hardware firewall and it does keep track of bandwidth used by site, I forget whether it tracks by MAC or not. May want to look into that, usd$150-500.

 

[bill001g]

I have not used that router but I have used other ubiquiti stuff and most their OS is very advanced but I do not know what monitoring it has.

I do know you can use asus and other routers with third party firmware and they support the ability to export data. I know gargoyle has the ability to actually enforce caps by mac/ip address. Still what I have used before is the netflow and exported it to a free netflow collector machine.

Looking at the edge router it sorta looks like a switch so it may support mirror ports. You could then just hook up any pc running wireshark and get your reports that way.

The apple may have a bridge mode but you can run pretty much any router as a AP. There are even youtube videos showing how to cable it...not that it is all that hard. You cable lan-lan, disable the dhcp, set the lan ip to not conflict.....and you have a AP.

 

[Bruce Geng]

Adding a secondary router in a home network is not recommended.

1. If your router has "port mirroring" feature, you can deploy a passive internet monitoring and filtering program(ie: WFilter) on the mirroring port to monitor clients connections.

2. If not, you can install openwrt/ddwrt firmware in your router for monitoring purpose.

 

[DJQuad]

Thanks guys. Yeah this seems to be a little too complicated for something pretty simple. I guess I'll just get a new router that has SNMP support for hopefully around $150. I've had bad luck with both Netgear and Linksys so I'm a little leery of them