Hi,

I’ve been trying to work out my network architecture with the pieces i have today:

  • isp box with 10gig dac downlink, 4 ssd bays
  • pfsense box with dual 10gig dac card
  • switch with 10gig dac uplink and multi gig rj45
  • main proxmox host
  • other devices (laptops, iot…)

ive ran into a dilemma regarding switching my isp box to bridge mode:

  • if i do, i lose wlan and nas capabilities
  • if i dont, i have to contend with double nat

i’m sure that eventually i will get an ap (maybe unifi) and a dedicated nas (either home built or something like synology or asustore), but for the moment, i want to keep cost down and gradually add new pieces

i was wondering if double nat is of huge performance and maintenance implications, or if i would be okay running this setup for a few months until i get to add an ap and nas?

thank you

  • Decronym@lemmy.decronym.xyzBEnglish
    2·
    1 year ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    AP WiFi Access Point
    IP Internet Protocol
    NAT Network Address Translation
    VPN Virtual Private Network

    4 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.

    [Thread #105 for this sub, first seen 4th Sep 2023, 08:55] [FAQ] [Full list] [Contact] [Source code]

  • vzq@lemmy.blahaj.zoneEnglish
    1·
    1 year ago

    It’s not a huge issue. Especially if you can forward ports in bulk to the second router.

    I’m surprised your ISP box can route traffic at 10G btw.

    Also be sure to check out grandstream APs and other alternatives . I run UniFi but I’m not sure I would deploy it today. Especially if you already have a pfsense box.

  • DefederateLemmyMl@feddit.nlEnglish
    1·
    1 year ago

    Using double NAT here because my ISP won’t even support/allow putting their box in bridge mode and I don’t even have root access to it, just some limited functionality via their web GUI.

    I haven’t had any issues with it.

    • lemmyvore@feddit.nlEnglish
      3·
      1 year ago

      Can you set the ISP box to designate your router as DMZ (de-militarized zone)? Your router needs to get a static IP from the private subnet defined by their router, then you mark that IP as DMZ in their router’s settings.

      It’s not technically the same as bridge mode, the ISP box continues to act as a router but also exposes your router fully to the internet so you can mostly ignore theirs afterward.