Hello everyone, I will soon be moving into a shared apartment and want to set up a private network for myself so that my tinkering with DNS servers and other networking stuff won’t interfere with the other residents. I believe I have a decent idea of how to go about this but I wanted to get some more feedback from the experts before ordering a router for this scenario.
My situation for my new setup is as follows:
- There is an existing network for the rest of the house to which I want to connect my own private network. From my understanding I can do this by setting up my router as a repeater and adding all my devices to a VLAN.
- There is no LAN socket which I can use for a wired connection so I will need to set up my router as a WiFi repeater.
- I want to be able to set up my own DNS server to be used by all devices in my private network. This is because I have a mediaserver which I access using my domain and I have a split-horizon DNS setup so that my traffic does not leave my home network just to come back in through my cloudflare tunnel.
Based on a discussion I had with another user in the comment section of an unrelated post I believe the MikroTik hap ax2 would be able to fulfill these needs and could also be reused as a simple access point in the future if I decide to upgrade.
I guess my question boils down to this: Am I misunderstanding the technological requirements (e.g. the requirement for the router to be able to setup a VLAN) and is there possibly a better device for my use case I don’t know about?
My previous networking experience is basically tinkering with the settings in a Fritzbox and setting up their propietary mesh network in my old home. I have never worked with a managed switch or VLANs before so going the MikroTik route might be kind of a jump into the deep end of the pool for me.
I appreciate your help.
Hi, network engineer with a specialization in mikrotik, you’re on the right track.
You would configure the router to use one radio as your WAN connection, then NAT your internal connection using a masquerade rule. Pretty simple setup.
Some notable drawbacks for this dependent on model is that you will lose wireless speed as you will be using your wireless for upstream and downstream devices. This can be solved by using an AP on a different channel.
Note that mikrotik gives you a lot of ways to cut off your hands, so use safe mode for everything.
The specific topology you’re wanting to set up is something they teach you on day one at any mikrotik certification course.
Thanks for the setup tips, especially about the masquerade rule and safe mode.
I’m not too worries about the loss of speed since internet here in germany is on average slower than 250mbps and anything data intensive like access to my Mediaserver should be handled over Ethernet anyway. If it does become an issue I can always throw a second AP at it I guess?