Router connected to a managed switch?

[wellivea1]

I'm having a new home built, and am having cat6 wired to some of the rooms, but there are some things that have been worrying me. The builder is going to have a “network box” to which everything is going to be wired in a closet facing the outside because AT&T fiber has to wire from outside anyway. This also means that putting the router in that room would leave most of the house with an unusable signal. The current setup I’m thinking of is AT&T modem>NETGEAR Nighthawk S8000 switch>router upstairs.

I think I should be able to get the switch to act as the dhcp server, etc, but I can’t find any cases of other people doing this. There are two reasons that I have to do this, the first is that AT&T’s modem “pace 5268AC” doesn’t seem to have a real bridge mode, (https://forums.att.com/t5/AT-T-Internet-Equipment/I-have-a-Pace-5268AC-Router-how-to-put-it-in-Bridge-Mode/td-p/4330866), so I just have to set one device on “dmz+” mode and disable as much as I can and hope for the best.

The second is that my room needs to be connected to the router/modem with all the ports open, and the router will be upstairs, unusable as a switch. To make matters worse, the modem only allows one device to have that. I plan on calling AT&T and seeing if they can actually do bridge mode, but even then, I’d have to have the Ethernet switch handle routing. So I feel kind of boxed in on what to do here

Also, I'm considering a Linksys EA9300 or a Netgear R7000P as the router (I was set on the WRT32X, but the 2.4ghz performance drop was concerning.)

 

[BuddhaSkoota]

I'm having a new home built, and am having cat6 wired to some of the rooms, but there are some things that have been worrying me. The builder is going to have a “network box” to which everything is going to be wired in a closet facing the outside because AT&T fiber has to wire from outside anyway. This also means that putting the router in that room would leave most of the house with an unusable signal. The current setup I’m thinking of is AT&T modem>NETGEAR Nighthawk S8000 switch>router upstairs.

I think I should be able to get the switch to act as the dhcp server, etc, but I can’t find any cases of other people doing this. There are two reasons that I have to do this, the first is that AT&T’s modem “pace 5268AC” doesn’t seem to have a real bridge mode, (https://forums.att.com/t5/AT-T-Internet-Equipment/I-have-a-Pace-5268AC-Router-how-to-put-it-in-Bridge-Mode/td-p/4330866), so I just have to set one device on “dmz+” mode and disable as much as I can and hope for the best.

The second is that my room needs to be connected to the router/modem with all the ports open, and the router will be upstairs, unusable as a switch. To make matters worse, the modem only allows one device to have that. I plan on calling AT&T and seeing if they can actually do bridge mode, but even then, I’d have to have the Ethernet switch handle routing. So I feel kind of boxed in on what to do here

Also, I'm considering a Linksys EA9300 or a Netgear R7000P as the router (I was set on the WRT32X, but the 2.4ghz performance drop was concerning.)

What I'm gathering from your post is that your goal is to have good wireless coverage and ability to open ports to your room.

An AP can be added anywhere you have an Ethernet port, so that shouldn't be a difficult problem to overcome.

A router in the PACE's DMZ will allow you to open any ports needed to devices in your room. The router's LAN ports will still be available for use to wired devices.

The S8000 can't act as a DHCP server, but I don't see any reason you would need it to serve addresses in your situation. DHCP will still be performed by the PACE and router.

The problem with operating a router behind the gateway is that file sharing will be difficult between devices connected to the gateway and devices behind the router.

 

[wellivea1]

I'm having a new home built, and am having cat6 wired to some of the rooms, but there are some things that have been worrying me. The builder is going to have a “network box” to which everything is going to be wired in a closet facing the outside because AT&T fiber has to wire from outside anyway. This also means that putting the router in that room would leave most of the house with an unusable signal. The current setup I’m thinking of is AT&T modem>NETGEAR Nighthawk S8000 switch>router upstairs.

I think I should be able to get the switch to act as the dhcp server, etc, but I can’t find any cases of other people doing this. There are two reasons that I have to do this, the first is that AT&T’s modem “pace 5268AC” doesn’t seem to have a real bridge mode, (https://forums.att.com/t5/AT-T-Internet-Equipment/I-have-a-Pace-5268AC-Router-how-to-put-it-in-Bridge-Mode/td-p/4330866), so I just have to set one device on “dmz+” mode and disable as much as I can and hope for the best.

The second is that my room needs to be connected to the router/modem with all the ports open, and the router will be upstairs, unusable as a switch. To make matters worse, the modem only allows one device to have that. I plan on calling AT&T and seeing if they can actually do bridge mode, but even then, I’d have to have the Ethernet switch handle routing. So I feel kind of boxed in on what to do here

Also, I'm considering a Linksys EA9300 or a Netgear R7000P as the router (I was set on the WRT32X, but the 2.4ghz performance drop was concerning.)

What I'm gathering from your post is that your goal is to have good wireless coverage and ability to open ports to your room.

An AP can be added anywhere you have an Ethernet port, so that shouldn't be a difficult problem to overcome.

A router in the PACE's DMZ will allow you to open any ports needed to devices in your room. The router's LAN ports will still be available for use to wired devices.

The S8000 can't act as a DHCP server, but I don't see any reason you would need it to serve addresses in your situation. DHCP will still be performed by the PACE and router.

The problem with operating a router behind the gateway is that file sharing will be difficult between devices connected to the gateway and devices behind the router.

Hmm, while talking to some people on IRC, someone said that I should have a second port to bring a cable to the switch in the network/patch box from the router upstairs to solve this (I can't wire everything from the loft where the router will be). Will the AT&T modem be a bottleneck if I can't get them to put it in a true bridge mode? Or could I just have the ATT modem serve as the dhcp server and have the router acting as an AP (att pace modem with dhcp>switch feeding all the rooms>router as AP)? I don't know if that will work....

 

[BuddhaSkoota]

Hmm, while talking to some people on IRC, someone said that I should have a second port to bring a cable to the switch in the network/patch box from the router upstairs to solve this (I can't wire everything from the loft where the router will be). Will the AT&T modem be a bottleneck if I can't get them to put it in a true bridge mode? Or could I just have the ATT modem serve as the dhcp server and have the router acting as an AP (att pace modem with dhcp>switch feeding all the rooms>router as AP)? I don't know if that will work....

Yes, if you had a second cable to keep devices in the same subnet as the Pace, then that would work.

While having the Pace in bridge mode would be ideal, it shouldn't be a bottleneck when operating as a gateway. Unfortunately a gateway is required for service with some ISPs (no straight modems provided).

With the router as an AP, any port forwarding will need to be done on the Pace of course. If you just need a single game console that needs open ports (not a PC), then an option would be to place that system in the DMZ.

 

[wellivea1]

Hmm, while talking to some people on IRC, someone said that I should have a second port to bring a cable to the switch in the network/patch box from the router upstairs to solve this (I can't wire everything from the loft where the router will be). Will the AT&T modem be a bottleneck if I can't get them to put it in a true bridge mode? Or could I just have the ATT modem serve as the dhcp server and have the router acting as an AP (att pace modem with dhcp>switch feeding all the rooms>router as AP)? I don't know if that will work....

Yes, if you had a second cable to keep devices in the same subnet as the Pace, then that would work.

While having the Pace in bridge mode would be ideal, it shouldn't be a bottleneck when operating as a gateway. Unfortunately a gateway is required for service with some ISPs (no straight modems provided).

With the router as an AP, any port forwarding will need to be done on the Pace of course. If you just need a single game console that needs open ports (not a PC), then an option would be to place that system in the DMZ.

Okay, so putting the router on DMZ, and feeding a cable back to the switch would be better than having the router feeded by the switch acting as an AP with the modem running dhcp behind the switch?

 

[BuddhaSkoota]

Okay, so putting the router on DMZ, and feeding a cable back to the switch would be better than having the router feeded by the switch acting as an AP with the modem running dhcp behind the switch?

One configuration is not necessarily better over the other. Having the router as an AP would keep things simple and allow all devices to remain on the same subnet, but port forwarding would be required from the Pace. This would seem like the preferable solution. I'd recommend trying this method first to determine if the Pace is capable of managing ports well.

edit: Having that second cable installed to the room may be a good idea to keep your options open.

 

[wellivea1]

Okay, so putting the router on DMZ, and feeding a cable back to the switch would be better than having the router feeded by the switch acting as an AP with the modem running dhcp behind the switch?

One configuration is not necessarily better over the other. Having the router as an AP would keep things simple and allow all devices to remain on the same subnet, but port forwarding would be required from the Pace. This would seem like the preferable solution. I'd recommend trying this method first to determine if the Pace is capable of managing ports well.

edit: Having that second cable installed to the room may be a good idea to keep your options open.

Thanks! And yeah, I plan on doing so.

Edit: Well, I could set the ip of my PC under DMZ (dmz+ on the modem) with the router as an AP, I think.

 

[wellivea1]

Okay, so putting the router on DMZ, and feeding a cable back to the switch would be better than having the router feeded by the switch acting as an AP with the modem running dhcp behind the switch?

One configuration is not necessarily better over the other. Having the router as an AP would keep things simple and allow all devices to remain on the same subnet, but port forwarding would be required from the Pace. This would seem like the preferable solution. I'd recommend trying this method first to determine if the Pace is capable of managing ports well.

edit: Having that second cable installed to the room may be a good idea to keep your options open.

Thanks! And yeah, I plan on doing so.

Edit: Well, I could set the ip of my PC under DMZ (dmz+ on the modem) with the router as an AP, I think.

In case anybody wants an update (and just to get this out of my system):
This has been a rollercoaster. I did end up needing that second ethernet connection because using the port forwarding/DMZ+ on the Pace broke completely at some point and having my server PC under DMZ made local file sharing near-impossible. But at the same time, AT&T's "IP Passthrough(aaris)" and "DMZ+ (Pace)" which are supposed to be replacements for a proper bridge were inadequate. The built-in firewall cannot be fully turned off for some reason causing strange issues.

AT&T has given many explanations for this, but the general response seems to be this: "Our modems are also carriers for our TV and telephone service and rather than having these completely separated in some way, we just have a separate layer before you connect to handle it. There is no way to turn this off and there never will be." That's not an actual quote, but you get the point. Other ISPs manage to properly separate the two, but apparently that's too tall a task for AT&T. In reality it probably just costs a bit more to develop for edge case users who use their own router.

Some of my issues like the blocking of NTP and an incredibly slow admin page were fixed with a swap to their new AARIS modem, but some seem to be not. I recently switched to openwrt (even though this means I can't use the full gigabit speed) and it seems to be a bit more stable now. I don't know what that means about these problems, but I image having two NATs just causes a lot of problems that I don't have the skills to diagnose.

There are open source projects for getting a third party device to interface with their ONT, but I have yet to try this. I hope this helps someone else out there, even a little bit.
https://github.com/aus/pfatt