Question about integrating home lab with standard network

Sean_KeltschSean_Keltsch Member Posts: 10 ■□□□□□□□□□
So I already have a Cisco lab comprised of three 1800 routers, one L3 Switch, and two L2 switches. Everything is IOS15. My most exterior router has an empty WIC slot.

My goal is to connect the cisco lab with a home series wireless router that I can delegate to do the majority of my home networking, primarily wireless internet and standard routing, that could stand alone, so even if I pulled the DCE connection on the home/enterprise edge router, I would still have a standard home wireless network. Obviously this device is going to be doing the natting and will for most purposes be the network, BUT I will still be able to have a home cisco lab connected to the cloud to enhance understanding and troubleshooting.

I would like the said cisco device to be able to accept CLI and run IOS 15 if possible. The inverse to doing this seems like I would need to purchase enterprise wireless grade APs and decorate the house with them, which seems like it would be a lot more money.

If the combination of a home and enterprise device possible? Or should I just be content with a local off-the-grid network? I'm willing to shell out a decent amount of cash if I need to, but I would prefer to stay under $300 as I am planning on also getting a new modem, and would like to add a functional NAS through one of my switches so I can build the thing from the ground up, and really get some great understanding.

Thanks in advance!

Comments

  • Sean_KeltschSean_Keltsch Member Posts: 10 ■□□□□□□□□□
    Perfect, thanks
  • Sean_KeltschSean_Keltsch Member Posts: 10 ■□□□□□□□□□
    UPDATE: I don't think that is going to work for the vast majority of home users


    This video seems to assume you have an edge router that has TWO WAN/INTERNET ports. From what I have researched two WAN ports are the exception in home networking, and primarily present in small business intended equipment. I have four Ethernet ports on my router but these are fundamentally dumb switch ports, so I cannot configure an IP address on them.

    I have decided to order a small business class Cisco router dual WAN ports; this brings about a new set of questions. What to do about wireless? I suppose I could dedicate my old wireless router to only AP functions, and I may do this, but it seems like getting a cisco Wirless access point would be cooler. Any suggestion on his?
  • Sean_KeltschSean_Keltsch Member Posts: 10 ■□□□□□□□□□
    I'm actually thinking about this

    Cisco WAP321 A K9 Small Business Wireless N Selectable Band Access Point w Poe | eBay

    I would love to move it out of my room, but it's not my place and I'm not sure about drilling holes in the wall.
  • GDainesGDaines Member Posts: 273 ■■■□□□□□□□
    I have four Ethernet ports on my router but these are fundamentally dumb switch ports, so I cannot configure an IP address on them.

    I doubt that's the case. As a minimum the router will provide DHCP so anything connected to those ports will get an IP address, and so it's very likely that you can create a static reservation in DHCP on the router to ensure one port always gets the same address, or set a static address (which is always more susceptible to misconfiguration). That's what I do on mine although I'm not sure it's what you're thinking, but this is my setup:

    I have a cable modem provided by the ISP to which I connect a consumer-class (home user) wireless router. This provides wired and wireless Internet to the home for my PC, a couple of laptops, a tablet and all our smartphones. There's no reason if you use ADSL or something similar why you couldn't use just a single router.

    My Cisco network connects to an 1841 router with one of it's ethernet ports connecting onwards to the home router (so yes, you might need to run a single cable back to that router which doesn't necessarily have to involve any drilling). I have NAT outside/inside set up which restricts home users from getting access to the Cisco network and I assume it works the other way around too though I have no need to care as only I have access to the Cisco network.

    If you want to play with wireless you could easily add a Cisco WAP onto the Cisco network just for yourself/testing, that way switching everything off at night won't affect anyone else.
  • Sean_KeltschSean_Keltsch Member Posts: 10 ■□□□□□□□□□
    Nice thinking there, I didn't think about adding a DHCP exception/reservation, and tie it to a certain port (I'll have to check) , but I didn't think I could do much to configure the ports anyhow. I'll give it a try; although I've already ordered a new router and WAP.
  • EotnakEotnak Member Posts: 11 ■□□□□□□□□□
    I have FIOS. ONT is plugged directly into my 1841 router. Throughput I believe is up to 48Mbps on the 1841, but I am running NAT and DHCP on it, so if I were to need, say more than 45 Mbps throughput, I would need to upgrade my 1841.

    Anyway, 1841 is subnetting 192.168.0.0/24 to home PC's 192.168.1.0/24 to lab environment via T1 CSU/DSU serial connection. 3 Buffalo WZR routers are running my home wireless as AP DHCP relays to 1841 edge router, and to make sure On Demand works properly, I have my FIOS router set up as a client on the 192.168.0.1/24 network. It only routes whatever packets that come from the TV coax, I don't know how it works, honestly, but I know it is necessary for On Demand.

    I imagine the same can be done with a cable modem gateway that does not provide router/switch functionality. I guess most cable companies these days are providing home routers to convert to ISP coax. If that's your case, then you should be able to log into it via HTTP (Comcast username: cusadmin PW: highspeed for example) and provide a good subnet mask that you can work with 10.1.10.0/24 or 10.0.0.0/8 if you really want to have fun.

    The 1841 WAN fa0/0 is pulling the ip address from the ISP's DHCP server. There is a specific way to provide the static route to avoid constant arp requests to the ISP router from the 1841 but I can't recall it right now. I can provide my running config if this interests anyone.
  • Sean_KeltschSean_Keltsch Member Posts: 10 ■□□□□□□□□□
    I've got the IP configured on it now, but I've got some other weird issues I'm working though.

    The connections are as follows: ISP > R1 > R2 > R3 > MLS > Sw2 > Sw1 > Laptop,

    R1 can ping the laptop, and can also ping ISP router, the laptop has network connectivity, but not internet access. As I mentioned there is no issue pining from the cisco R1 (most hops away device ) , but when I do a trace route from the laptop attempting to reach the ISP router, it gets stuck at the MLS. HUH?

    I added routes to the ISP router, and default routes to the MLS and all the routers pointing towards the ISP router, so the traceroute getting stuck at the MLS to me is mind boggling.

    I realize this is almost impossible to diagnose without running configs, so I'm not looking for a solution, maybe I missed something big is all.

    My two Primary questions are: I do eventually want to run all cisco gear like a small enterprise in my house, with the WAP and a cisco small business grade router (already ordered)

    1. Will I need a terminal server to swap back and fourth between devices remotely without messing with the cable?

    2. Will I need any additional DNS set up locally, or will I only need the ISP's WAN DNS set up?

    I have been trying to cover everything under routing protocols, but perhaps some static routes is not a bad idea either. Obviously I'm just going to need to mess with it. Any info is helpful.
  • GDainesGDaines Member Posts: 273 ■■■□□□□□□□
    I've got the IP configured on it now, but I've got some other weird issues I'm working though.

    The connections are as follows: ISP > R1 > R2 > R3 > MLS > Sw2 > Sw1 > Laptop,

    R1 can ping the laptop, and can also ping ISP router, the laptop has network connectivity, but not internet access. As I mentioned there is no issue pining from the cisco R1 (most hops away device ) , but when I do a trace route from the laptop attempting to reach the ISP router, it gets stuck at the MLS. HUH?

    I added routes to the ISP router, and default routes to the MLS and all the routers pointing towards the ISP router, so the traceroute getting stuck at the MLS to me is mind boggling.

    I realize this is almost impossible to diagnose without running configs, so I'm not looking for a solution, maybe I missed something big is all.

    My two Primary questions are: I do eventually want to run all cisco gear like a small enterprise in my house, with the WAP and a cisco small business grade router (already ordered)

    1. Will I need a terminal server to swap back and fourth between devices remotely without messing with the cable?

    2. Will I need any additional DNS set up locally, or will I only need the ISP's WAN DNS set up?

    I have been trying to cover everything under routing protocols, but perhaps some static routes is not a bad idea either. Obviously I'm just going to need to mess with it. Any info is helpful.

    By MLS do you mean Multi Layer Switch, or in other words a L3 switch? And do I take it therefore that SW1 and SW2 are just L2 switches?

    Have you run the command ip routing on the L3 switch to enable routing? Look if that term appears in your running config, and if not type it and then try again. Once you can get all the way to R1 from the laptop, and if only R1 can access the internet and not the internal clients then it sounds like you've not set up ip nat inside/outside on R1.

    Personally I think a terminal server (in the Cisco sense) is a waste of money but plenty of people use them. I just swap my console cable over (at the serial port end) to the device I want to view, but there's no reason you can't have multiple telnet windows open at the same time to all your devices. In fact if you have a 2nd/3rd monitor and it's big enough you can position them in such a way that you can see them all at the same time.

    In my lab my L3 switch does my internal DHCP and DNS is pointed to the Google public DNS servers (4.4.4.4 and 8.8.8.8 ). I have no issues pinging devices on different VLANs, but I don't yet have any networks separated by routers so don't know the answer to that question for you.
  • Sean_KeltschSean_Keltsch Member Posts: 10 ■□□□□□□□□□
    Great! That explains a lot, I was not sure if the downstream client could get the DNS information from the ISP router, but I guess it makes sense, it would take a DNS discovery protocol, and since I was just setting static IPs it was getting nothing. I'm probably going to destroy and rebuild this weekend.

    Yea MLS was multi layer switch, the other two are l2 switches. I don't think it's an issue of Natting since my ISP router is doing the natting, setting up NAT on R1 would be Natting twice, and that souunds like a bad idea. I think it is an issue of no DNS, which I resolve by setting up with DHCP.

    I have my cisco business class router, with a DMZ port that I will be connecting to my lab. I'm sure there will be some nuance to setting up a DMZ I have never thought of.

    Thanks for the info, getting IP connectivity and telent / SSH seems like the way to go.
  • Phillies8607Phillies8607 Member Posts: 83 ■■□□□□□□□□
    You should be able to accomplish what you are looking to do. I struggled with this and GDAINES was able to help me set up NAT on my Cisco router (1841 btw). Hmmm the traceroute gets stuck at the MLS. Are you saying that is the last device it gets a response from? Remember that routers can only route packets to a destination if they have a route that matches it. So your ping from your laptop is probably getting to the ISP router but if there isn't a route in its routing table for the source address (your laptop) it will drop the ping reply and you will not get a response back. In other words, the ISP router doesn't have a route for the subnet that your laptop is connected and it will not send a ping reply back since it doesn't have a route for it. It only knows of a route for its local subnet and a bunch of other public IP subnets.

    Your ability to ping from R1 to the ISP router and back to the laptop points to the fact that R1 is acting as a regular plain old host that's connected to the ISP router. Its not truly Natting as it should be. Remember to add in all routes along the way on each device that is needed and dont forget your gateway of last resort!! This is an educated guess and it will be hard to diagnose without some running configs, but I hope it helps.

    If I were you, what I would do is take your laptop and hook it up to R1 and connect R1 to the ISP router and troubleshoot from there. Then once that's working, hook every other device up and see what doesn't work and troubleshoot from there. Also, what kind of ISP router do you have?
  • Phillies8607Phillies8607 Member Posts: 83 ■■□□□□□□□□
    Eotnak wrote: »
    I have FIOS. ONT is plugged directly into my 1841 router. Throughput I believe is up to 48Mbps on the 1841, but I am running NAT and DHCP on it, so if I were to need, say more than 45 Mbps throughput, I would need to upgrade my 1841.

    Anyway, 1841 is subnetting 192.168.0.0/24 to home PC's 192.168.1.0/24 to lab environment via T1 CSU/DSU serial connection. 3 Buffalo WZR routers are running my home wireless as AP DHCP relays to 1841 edge router, and to make sure On Demand works properly, I have my FIOS router set up as a client on the 192.168.0.1/24 network. It only routes whatever packets that come from the TV coax, I don't know how it works, honestly, but I know it is necessary for On Demand.

    I imagine the same can be done with a cable modem gateway that does not provide router/switch functionality. I guess most cable companies these days are providing home routers to convert to ISP coax. If that's your case, then you should be able to log into it via HTTP (Comcast username: cusadmin PW: highspeed for example) and provide a good subnet mask that you can work with 10.1.10.0/24 or 10.0.0.0/8 if you really want to have fun.

    The 1841 WAN fa0/0 is pulling the ip address from the ISP's DHCP server. There is a specific way to provide the static route to avoid constant arp requests to the ISP router from the 1841 but I can't recall it right now. I can provide my running config if this interests anyone.


    So are you saying you're using the serial port to provide connectivity to the home lab as opposed using a LAN port on the 1841?
  • EotnakEotnak Member Posts: 11 ■□□□□□□□□□
    Yes, it's the T1 CSU/DSU card. The 2 FastEthernet ports are used up by the FIOS ONT and 3550 switch that my home network is running on.
  • GDainesGDaines Member Posts: 273 ■■■□□□□□□□
    Great! That explains a lot, I was not sure if the downstream client could get the DNS information from the ISP router, but I guess it makes sense, it would take a DNS discovery protocol, and since I was just setting static IPs it was getting nothing. I'm probably going to destroy and rebuild this weekend.

    Yea MLS was multi layer switch, the other two are l2 switches. I don't think it's an issue of Natting since my ISP router is doing the natting, setting up NAT on R1 would be Natting twice, and that sounds like a bad idea. I think it is an issue of no DNS, which I resolve by setting up with DHCP.

    I have my cisco business class router, with a DMZ port that I will be connecting to my lab. I'm sure there will be some nuance to setting up a DMZ I have never thought of.

    Thanks for the info, getting IP connectivity and telent / SSH seems like the way to go.

    I remember viewing this response but must have been going out or something as I don't seem to have responded. Setting up NAT twice is exactly what you need to do! The ISP router provides NAT to any host connected to it, which includes R1, but nothing beyond that, so R1 needs to provide NAT for your Cisco network.

    It's easier to visualise when you look at my first network diagram.



    The ISP only sees HOME, but through NAT all my home computers and R1 (the border router on my Cisco network) can get out onto the internet sharing that one address. Now for the Cisco network to get out, R1 has to also provide NAT, so anything on the Cisco network hits R1 and is presented to the HOME router as a connection being made by R1. HOME forwards the request out to the Internet, receives the response which it hands to R1, and R1 in turn knows where the Internet request came from and therefore which client or device to route replies back to.
Sign In or Register to comment.