TLDR: isp feeding linksys wrt3200acm feeding Rpi4 openWRT router feeding home lab and test center, is dual nat a problem? Is there a better way?
If I have my isp modem feeding a linksys wifi, basic of the basic setup, and want to have a much more involved active setup behind it, to avoid taking the main internet down (in interest of my family’s sanity) what are some different ways of accomplishing it?
I am not sold on any one single setup and our needs are rediculously low, (I already have my pi-on-a-stick/vlan managed switch configured) but currently I’m dual nat, I’m not entirely understanding the downside to this, sqm seems to work amazing even in this current config, but I’m looking for the right/ideal way to set my network up
Double-NAT is not an usually issue, although it does depend on your goals, of course. As long as the upstream and downstream subnets are different, it will work without issue. Even better, if your main router is running OpenWrt, you can setup a home-lab VLAN and/or configure static routes (static routes may be available on the stock firmware of the WRT3200ACM). Then you can run without double-NAT.
I think you've got it, in general -- do your experimentation on a device behind your main router.
double-NAT isn't ideal, but it's not an issue for most things these days. You might run into some additional complications if you're trying to expose services to the internet from your home-lab network -- game consoles, other servers, etc... you need to setup port forwarding appropriately and some game systems will complain about double NAT... but those can usually be handled.
Ultimately, the optimal way to do things depends in large part on what your goals are, but if it is working now, don't worry about it.
I have heard a few times over that I should avoid putting openwrt on the wrt3200acm due to wireless issues, my families wifi usage is limited to streaming services, and socials, I won’t be exposing my network to the internet for a good long time lol. Mostly want to have a secure place to test, mess up and learn without taking down the net, the pi project was a lot of me starting and restarting as I asked you questions, I learn very fast when I do things this way.
I'd have to look through the threads and info about the linksys device to know about the wifi status, but if you've seen stuff that suggests you should keep it with the stock firmware, I'd tend to agree... especially if you want to keep it running without issues for your family.
Like I mentioned earlier, the stock firmware may still support static routes, so if you want to avoid double NAT, it's pretty easy to do and shouldn't cause you (or your family) any problems. But, honestly, if you aren't having any issues with the double-NAT config now, just keep things as they are.
As far as I can tell I have no issue, the linksys uses 10.xxx somthing and I’m using 192.168.2.1 on the “er-pi-x” (still coming up a with a name for this little god of a unit lol)
The people that care about double natting are gamers as it increases lag enough for them to whine... (damn kids and their ms reflexes)
Every travel router used is double natted. It is fine. If the hotel/coffee shop/complex is large enough you could even be triple natted.
This makes me giggle a bit, I ran tracert, the ping difference is sub 1ms but have you ever left candy in your lap with a toddler around? I feel like sub 1 ms can be noticed somewhere lol(satire)
So I don’t like that I can’t access the main router from my pc behind the second router, also don’t like that linksys is so cloud integrated now, might toss it into bridge mode (access point mode?) and move it behind the pi
This should not be a problem, actually. You should be able to reach it at the same address as you do when you are directly on the main router's network.
You might be able to turn off that cloud integration, although I don't know for sure. But yes, as a dumb AP, you could then use OpenWrt as the main router. The only problem is that you have that family reliability issue if you might mess with the OpenWrt router to the point of needing to reset.
I now realize I trapped myself, I was typing the url linksys smart wifi dot com instead of the 10.xx ip its using. When I use the ip I get right in. Interestingly it has a lot of features, vlans, open vpn, usb space for network storage
What I do, is on the machine in the LAN I enable forwarding of packets. The Subnet I put on a seperate sublan (192.168.x.0/24 with x different from the main LAN).
Then on the main router, I set up a route to the subnet via the machine that leads to the subnet (e.g. that machine that has connections both in the main LAN and the sub LAN).
This avoids double NAT, but means all machines on the main LAN and sub LAN can talk to each other. It works for me.