Hi Guys,
After the wifi has became very flakey on one of my Xiaomi R3Gs I decided to order a pair of Ubiquity UAP-AC-PROs and at the same time I was gifted a Cisco 2960 from work, so my network is getting an overhaul!

I've been wanting to implement VLANs for sometime as my network has a lot of IoT devices, and since WAH I need put my kids devices on their own segement to be able to throttle bandwidth. I've not implemented VLANs before but have done a lot of reading on the subject of late, and I think with the hardware I have I should be able to achieve what I've laid out below:

Home LAN v21988×1472 100 KB

I'd like to use a single cable for trunking and from what I've read this is possible on the APs (up to 4) and should be doable in OpenWRT too. I'm also open to any feedback on this design and links to good reading material to how to setup my router to achieve this. As a side note I dont really need any communication between VLANs as access to my smarthome and NVR is all via the cloud, so each should just go out to the WAN.

My two cents:

• Looks like you have a double-NAT scenario. I would try to put the ISP's device into bridge mode, so the main router has a public IP address.
• That setup looks very reasonable, just read the guides about guest networks or VLANs on the wiki, and you will be fine.

Thanks Edu!
I took that on board and have enabled bridging on the ISP router and now have the external IP landing on my OpenWRT router. Thanks for pointer!