Question Trying to better manage my home network with close to 200 devices

jouster

Distinguished Member
Joined
Feb 16, 2005
Messages
18,920
Reaction score
9,855
Points
4,526
Age
49
Location
Abberton, Colchester, Essex
So, as above, my home network is quite busy already, with 19 Sonos units, Two mesh systems, 10+ Echo devices, multiple phones, IP cameras, Wi-Fi lights etc etc, you name it, the collection keeps on growing. I’d like to add some Shelly L1 switches/relays to give some smart lighting control but this could add another 10.

All of these devices I’ve given static IPs so I can easily manage and group them but as each group grows I need to juggle things about and it’s getting harder all the time. I have a DCHP setup for guests and this is reserved for the last 54 IPs on the range.

so I am currently running DDWRT on a Linksys router and it’s working well. My current IP range is, for example, 192.168.1.1-254. Using a subnet of 255,255.255.0

192.168.1.1 being the router, 192.168.1.2-200 being my static IPs and the last 54 addresses handed out to guest devices when they join the network

so as a way of managing the different groups of devices, eg phones, tablet, Sonos, smart assistants, computer, lights...etc etc. I’d like to adjust my subnets to give me multiple ranges, eg 255.255.252.0 which I understand could give me 192.168.0.1-254, 192.192.168.1.1-254, 192.168.2.1-254 and 192.168.3.1-254, so potential 4 x 254...this would of course be overkill for most but give me more space for each type of device/group and less jiggling of static IPs over time

so am I right saying I can do this with my existing router, apart from being massive overkill (this would give 1022 potential devices/hosts but of course I’d never expect to use even a half of them), but it’s really just for segregation,

is there anything that could cause me problems...I assume everything on these separate subnets could communicate with each other and they could all communicate with the internet.

yes i know it’s a ridiculous amount of control where it’s possibly not needed, but I’ve been manipulating my network for so long and have detailed info of network usage already in place, this would just give me further control on my growing network And the number of devices is unlikely to go down any time soon

appreciate any opinions, suggestions
 
Last edited:
What Linksys Router are you using ??
What does it connect to ?? A diagram might help......

First job would be to create a Guest Network with its own Subnet. By doing this it frees up 50 odd addresses on your LAN.
 
its a Linksys WRT 1200AC but I dont use the wireless from that device...thats all handled by two mesh systems........a BT Wholehome Premium that is used for all laptops, tablets and phonoes in the house.....and a Cisco Aironet AP setup whcih pretty much handles everything else IoT, cameras, etc etc
 
The DHCP server in a SOHO router may not offer the ability to service multiple IP subnets (called "scopes" in some implementations,) check the user guide to be sure.

If you need a bigger address range, you can always use a different subnet address. There are 3 classes of "private" IP address ranges (IP addresses which are guaranteed by IANA to never exist on the public Internet.) 192.168.X.Y that most are familiar with, 172.16.0.0 thru 172.31.255.255 and 10.0.0.0 thru 10.255.255.255.

So if you want an address space that's bigger than 256, you could either use 192,168.X.Y with a bigger subnet mask (255.255.0.0 for example would give you a 65536 address space) or use 172.16.0.0 (which a lot of kit will recognise and "default" to a 255.255.0.0 subnet mask in the UI,) or use the 10.0.0.0 and subnet that with 255.255.0.0 (or use it "as is" with a 255.0.0.0 subnet mask giving 16.7ish million address space.) I'd choose the 172.16.0.0 subnet mask 255.255.0.0 option - for no better reason than It's something I've used a few times before.

You could use smaller subnet mask to give a smaller address space, but I'd keep it on byte (or at least nybble) boundary as it's easier to read in (hateful) dotted decimal notation.

Be sure you understand what subnet masks are all about if you want to get into this - we can help here.

Also be sure to understand that having multiple DHCP Scopes running on the same (common) layer 2 (switching/Wi-Fi) infrastructure does NOT provide any kind of "separation" between the devices, it's purely an admin convenience. The DHCP Server won't "know" to ascribe one class of devices to one scope and other to another scope - it's all keyed purely on the MAC Address and you'd have to appropriately create DHCP reservations. And if you are going to have all that hassle, you may as well have a single address space and group the devices by IP addresses accordingly.

The only way to (without prior knowledge of their MAC Address) identify some device as a "guest" device is if it is presented on a different network at layer 2. If they are all Wi-Fi devices, there might be a way (with the correct kit) to do this with a different SSID, but mostly we'd be getting into VLAN's and so on.

To cite an example of my own creation (in a former "day job") I built the network with a 172.16.0.0/255.255.0.0 subnet and thence, for administration purposes, decided (completely arbitrarily) 172.16.1.X would be my "servers" 172.16.5.X would be the printers, 172.16.10.X would be Wi-Fi AP's and so on. Thence when we deployed kit, we would either statically assign IP addresses according to this scheme, or pre-stage DHCP Reservations (Leases) accordingly - but that meant we need to "know" the MAC addresses of our devices in advance in order to create the DHCP leases before we plugged them in. Again, this was purely an admin convenience, though I went this way with a bit of "future proofing" in mind in case we ever needed to physically partition the network. E.G. if we have to hive off all the "servers" onto a separate network, then all being 172.16.1.X meant we could just amend our physical infrastructure and routing rules accordingly and not need to "re-address" all the servers.

PS - I guess one other thing worth adding is that you don't need to "worry" too much about sizing the IP address space "just so" for the number of hosts - as long as it's big enough: IP doesn't work any faster or slower because you use a 16 bit subnet mask (255.255.0.0) compared to a 24 bit subnet mask (255.255.255.0.) It's only really up at "carrier" scale routers will millions of routes in their tables that this sort of thing starts to matter. For small to medium sized networks, it's of little if any consequence so you may as well "fill your boots" and use a 16 bit subnet mask if you are needing to step up from a 24 bit subnet mask.
 
Last edited:
Jouster Mansions...?


1611326129637.png


I totally knew all you mods were bajillionaires..
 
You know that Billion Dollar complex on the Black Sea that was attributed to Putin, well Putin's Russian Secret Service name is 'Jouster'.. Just Sayin'

1611327088865.png
 
Well it went relatively well apart from a few devices that didn’t want to behave themselves but I was able to set a static IP for those few devices directly on each device.

I went with 255.255.252.0 in the end giving me the full 4 ranges and the segregation worked well and gives me lots of room for more devices as they come in

in truth it was far easier than I imagined as all static leases were set on my router before anyway as opposed to on each device themselves.
 
I’d like to adjust my subnets to give me multiple ranges, eg 255.255.252.0 which I understand could give me 192.168.0.1-254, 192.192.168.1.1-254, 192.168.2.1-254 and 192.168.3.1-254, so potential 4 x 254...

[pedantic]
192.168.0.255
192.168.1.0
192.168.1.255
192.168.2.0
192.168.2.255
192.168.3.0

are all usable addresses in 192.168.0.0 /22
[/pedantic]
 
Well it went relatively well apart from a few devices that didn’t want to behave themselves but I was able to set a static IP for those few devices directly on each device.

I went with 255.255.252.0 in the end giving me the full 4 ranges and the segregation worked well and gives me lots of room for more devices as they come in

in truth it was far easier than I imagined as all static leases were set on my router before anyway as opposed to on each device themselves.

Do you have any separation between the 4 networks or are they joined at your router with routing allowed between all the subnets?

The thing to watch is discovery, which can be quite important setting up IoT things. If you are on subnet 1 and want to add something to subnet 4 then "discover" it, then it won't work unless you are passing certain protocols\broadcasts on by default you wouldn't.

How did you decide which goes in which?

255.255.252.0 could also give you a different range e.g. 192.168.128.0/22 :)
 
Do you have any separation between the 4 networks or are they joined at your router with routing allowed between all the subnets?

The thing to watch is discovery, which can be quite important setting up IoT things. If you are on subnet 1 and want to add something to subnet 4 then "discover" it, then it won't work unless you are passing certain protocols\broadcasts on by default you wouldn't.

How did you decide which goes in which?

255.255.252.0 could also give you a different range e.g. 192.168.128.0/22 :)
Oh you’ve lost me a bit there. All current devices work fine and everything works as it did. I’ve also added a new Echo DOT to my system since yhe change and it worked fine and communicates as it needs to.

FYI all network ranges run through the same router on dumb (unmanaged) switches.

certainly not saying everything is perfect but certainly not experienced any issues just yet.

Fingers crossed it stays that way
 
I think CM is exploring whether you believe running multiple address ranges has provided any "separation" of the devices from each other. (It's highly unlikely it has.)

If you've given everything the same subnet mask, then there should be no problems. You've simply created a (single) subnet with a bigger address space, (which is what Kristian is also pointing out,) and that's just fine. It should work from now until the end of time, or you change something.
 
I think CM is exploring whether you believe running multiple address ranges has provided any "separation" of the devices from each other. (It's highly unlikely it has.)

If you've given everything the same subnet mask, then there should be no problems. You've simply created a (single) subnet with a bigger address space, (which is what Kristian is also pointing out,) and that's just fine. It should work from now until the end of time, or you change something.
ah ok, with you now...no, it was never to add separation to my network, and was more to give me more space to group stuff for my own management as opposed to separating out traffic.

If I ever upgrade switches to managed ones I could of course change things up a little but I dont personally see a need for that.....yet!!!!
 
I think CM is exploring whether you believe running multiple address ranges has provided any "separation" of the devices from each other. (It's highly unlikely it has.)

Yep, I have been answering too many VLAN queries recently :)

@jouster often you might want to have some separation between say less trusted IoT devices and say your laptops or anything else on the network. Some have some security holes that you can drive a bus through, they can just walk through your firewall. Often people chose VLANs which natively won't talk to each other except via a router. You could use similar IP addresses but unlike how you have it now they won't necessarily automatically talk to each other.
 
If I ever upgrade switches to managed ones I could of course change things up a little but I dont personally see a need for that.....yet!!!!

In and of itself, a managed switch wouldln't make any difference (beyond needing an IP address for it's own management UI) - you could keep the same address range unless you've run out.
 
Yep, I have been answering too many VLAN queries recently :)

@jouster often you might want to have some separation between say less trusted IoT devices and say your laptops or anything else on the network. Some have some security holes that you can drive a bus through, they can just walk through your firewall. Often people chose VLANs which natively won't talk to each other except via a router. You could use similar IP addresses but unlike how you have it now they won't necessarily automatically talk to each other.
My router does have some VLAN abilities but I won’t lie, I wouldn’t know where to start.
 
If I ever upgrade switches to managed ones I could of course change things up a little but I dont personally see a need for that.....yet!!!!

In and of itself, a managed switch wouldln't make any difference (beyond needing an IP address for it's own management UI) - you could keep the same address range unless you've run out.
It’s pretty clear my understanding of VLANs is extremely limited. Seeing as how I have two mesh systems for the house with all of the my devices other than phones and laptops being on the older (but robust) system, would a VLAN enable even better segregation?

my router has VLAN capabilities but nothing else does specifically. Do I need to just assign a ranges or ranges of IPs to that VLAN?
 
Last edited:
Have a read of the "VLAN's" 101 in this post.... Question - How to isolate Ethernet ports from access to LAN?

Each VLAN is different/separate network. As such, in IP terms, they all need to have different network addresses (we often call this a "subnet" in "IP" terms, though it's a bit of a lazy use of the term.) You then need "something" to join the networks together and make decisions about what traffic is "allowed" between the VLAN's (or physical LAN's if you didn't use VLAN technology.) This is what routers so - proper routers, most SOHO get-you-on-the-Internet omni-boxes lack the functionality, though something flashed with DD-WRT or tomato et al may do so (it's years since I looked at them.)

Even then, networks with a router between them are not "transparent" like an ethernet network, hosts have to "go out of there way" to explicitly send traffic to a host on a different network (subnet) - ie they hand it off to a router and ask the router to forward it towards the destination. This is what the "default gateway" setting is all about in IP addressing - essentially any IP traffic that cannot be directly delivered to a host that is part of "the same" network (called a "broadcast domain" in the jargon) is instead handed off to LAN's "local" router (default gateway) and that router decides where to send it next (which might include not being able to decide what to do with it and dropping it.)

A "broadcast domain" essentially defines the extent of each IP subnet in that if a host sends out a packet addresses to "all stations" (a broadcast,) which stations can it reach without having to do something "special" like hand off to a router.

Typically each LAN/VLAN (including any Wi-FI AP's connected to them) is a single broadcast domain and thusly each is a unique IP subnet needing their own distinct and unique IP subnet address and routers to connect them together.
 
Last edited:
in case it makes any difference. My current router is a Linksys WRT1200AC...flashed with a relatively recent DDWRT firmware. The original software on the router had VLAN capability


one thing I will say, is that since making these changes, somehow my copying between devices...in the main instance between my main Windows 10 mahcine and my Synology NAS, the copying/mobing speeds has increased...a lot.....not sure if this is somehting I should expect to see or even why it would be different but every file copy/move since the changes has been at least 50% quicker one decent sixed files....strange benefit, but great to see
 
It shouldn’t make any difference.

what files you are copying will do though so lots of smaller ones will be slower than one large one.
 
It shouldn’t make any difference.

what files you are copying will do though so lots of smaller ones will be slower than one large one.
Moving simialr sized files (UHD lossless rips from discs across gigabit network) and they just to be not inly quicker. Of course this is based on windows and it’s awful time and speed indicators
 

The latest video from AVForums

TV Buying Guide - Which TV Is Best For You?
Subscribe to our YouTube channel
Back
Top Bottom