A little background first. Router is a Linksys EA8500. I have OpenWRT 19.07 running without issue. It has been WAY more stable than the later releases of dd-wrt.
My intent is to segregate the network traffic with 3 functional zones (LAN, IoT, Guest). I know, I know, everyone is thinking "Not this again", but trust me, it's different. The Guest will be on it's own subnet (10.0.2.0) and the will have internet access only. I have all the rules setup for this and it works as expected.
The LAN will have cell phones, laptops, my servers (OpenVPN, NAS, ESXi, WebServer, and other ESXi guests). The IoT will be mostly Google Home devices and some Wyze Cameras. I originally was going to run a separate subnet for the IoT, but could not get the casting stable enough using smcroute. So, I decided to go a different route. Since all of my LAN devices have reserved IPs, I decided to create reservations for the IoT also. This way, maybe I could just setup iptable rules to block traffic on the same subnet (hopefully). My thought is to have 10.0.1.2-10.0.1.100 as LAN, and 10.0.1.101-10.0.1.200 as IoT, and then anything new gets assigned in 201-250.
Now, I have a 25 year+ history in corporate IT infrastructure, not in Networking. I know the basics though.
The reason I want to keep everything one subnet is to avoid the issue of casting to devices. Currently I have OpenWRT serving the IPs for the Guest and current IoT interfaces, and I have PiHOLE serving DHCP for LAN and also DNS for guest, IoT, and LAN.
So, the question. Can I have the same subnet span multiple interfaces AND still create seperate firewall zones? This would likely be a zone for LAN+Wifi and a zone for IoT Wifi. I would need to have the IP Address segments handed out based which interface OR I could create IPTable rules based on their reserved IPs. Though a zone rule would be much easier.
So, am I reinventing the wheel here, or will none of this work and I just need to move the google devices back to the LAN?