Netgear R9000 SFP+ as Wan

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
Goto page 1, 2  Next
Author Message
blaser
DD-WRT Guru


Joined: 16 Jul 2006
Posts: 525

PostPosted: Tue Jan 24, 2023 2:43    Post subject: Netgear R9000 SFP+ as Wan Reply with quote
I have Motorola MB8611 cab le modem and wanted to use the SFP+ connection on the R9000 router for better performance.
How do I configure the SFP+ network on R9000 to act as Wan?
Any step by step instructions?
Do I need to buy anything in order to make it work?

_________________
Netgear R9000 main router
RAX80 as AP
Sponsor
ddaniel51
DD-WRT Guru


Joined: 19 Feb 2013
Posts: 1463

PostPosted: Tue Jan 24, 2023 7:01    Post subject: Reply with quote
I use an 8611/9000 combo though the setup is slightly different.

9000 WAN is connected to 8611 running Gigabit from Cox.

9000 10Gb fiber SFP is connected to 16 port 10Gb switch hosting the household network.

2 10Gb NAS boxes, 2 10Gb Gamers, 1 remote 10GTb switch and the rest of the house and AP's on 1Gb.

The 9000 has zero 1Gb ports in use as everything is on the SFP.

_________________
Segment 1 XR700 10Gb LAN, 1Gb WAN ISP BS
Wired AP 1 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 2 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 3 Unifi Wifi 6 LR US 1Gb LAN
Syslog Services Asustor 7110T NAS 10GB
NetGear XS716T 10GB Switch
download1.dd-wrt.com/dd-wrtv2/downloads/betas/ (Brain Slayer)
YAMon https://usage-monitoring.com/index.php
lgkahn
DD-WRT User


Joined: 01 May 2007
Posts: 295

PostPosted: Sat Jan 28, 2023 18:28    Post subject: version Reply with quote
what version of dd-wrt are you running.. thanks
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6704
Location: UK, London, just across the river..

PostPosted: Sat Jan 28, 2023 20:00    Post subject: Re: version Reply with quote
lgkahn wrote:
what version of dd-wrt are you running.. thanks


all you need to know about..R9000

https://wiki.dd-wrt.com/wiki/index.php/Netgear_R9000
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=322349&postdays=0&postorder=asc&start=0

Things to bear in mind...
-you'd need a compatible SFP adapter, as not all are compatible https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=328296
-to download the DWCruiser vlan guide you must be logged in...(i guess the guide is down for an update, so its missing at the moment Wink )
-if you can afford an extra hardware, you can follow ddaniel51 advise, as it makes sense...
-R9000 has a bad heat-sink design and tends to get very hot, especially if you use its SFP port...
some people, as well me, run an extra fan on it...as well you can set internal fan to nonstop via GUI settings, but for heavy use and SFP, its not enough...
-if R9000 gets overheated very often its radios tend to burn out and than no radios...
-i run almost the last firmware 51440, cannot update ATM to the last, but you can run the very last currently 51506, as usually the last firmware has all the patches...or you can read the SVN line as well new build threads...and check with the other members...and their reports...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 58184 WAP
TP-Link WR1043NDv2 -DD-WRT 58730 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 58785 Gateway/DoT,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 58785 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 58689 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 58785
Broadcom
Netgear R7000 --DD-WRT 58627 Gateway/SmartDNS/DoT,AD-Block,IPsetFirewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
lgkahn
DD-WRT User


Joined: 01 May 2007
Posts: 295

PostPosted: Sun Jan 29, 2023 16:57    Post subject: Reply with quote
thanks the setup i need is simple sfp port part of the existing lan, normal wan port
normal dhcp..

not clear if i have to muck with the vlan setup to achieve that or not.

wan will be assigned a static ip from my pool of public ips (i have 13)

lan will be 192.168.11.x and give out ips..

this is working fine with older rt-ac5300 but want a faster lan port as i have a 10g infrastructure to my nas's etc.

i don;t even need a firewall just some port forwarding as i have a firewall on the upstream main public ip router.
lgkahn
DD-WRT User


Joined: 01 May 2007
Posts: 295

PostPosted: Mon Jan 30, 2023 18:49    Post subject: Reply with quote
whats your thought on not using the radios then and just use it to give out ips / dhcp and connect to my local network and then use a different wifi in access pt mode..

sounds like the same issues i have having with my older rt-ac5300 with the 2.4ghz radio dropping out and sometimes needing a reboot or even a f/w reflash to get it going again.

also strange it gets so hot i have a tplink in one of my switches 10g,, in an sfp+ slot and it is not getting that hot at all.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6704
Location: UK, London, just across the river..

PostPosted: Mon Jan 30, 2023 19:24    Post subject: Reply with quote
I do use the 2.4Ghz radio only, but stopped using its SFP...as my adapter was really getting hot...
and it was just a 1Gbit adapter RJ-45...no idea if optic adapters get hot too, as i never had one...

Yes you can use an external wifi AP plugged to its LAN ports... if radios are dead...on the last builds BS made R9000 to be able to boot without radios, if those are gone...so happy days... Smile

Overall its a great unit...very powerful..and delivers great performance..sadly mine doesn't really see that heavy use as R7800, but both are rock solid...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 58184 WAP
TP-Link WR1043NDv2 -DD-WRT 58730 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 58785 Gateway/DoT,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 58785 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 58689 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 58785
Broadcom
Netgear R7000 --DD-WRT 58627 Gateway/SmartDNS/DoT,AD-Block,IPsetFirewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
lgkahn
DD-WRT User


Joined: 01 May 2007
Posts: 295

PostPosted: Mon Jan 30, 2023 20:47    Post subject: Reply with quote
thanks for the input but unfort. that would defeat the purposes as i am trying to get stuff on the lan (private ips) using the router as the default g/w to get faster than 1g for instance when going to my nas's etc..
Nuor
DD-WRT User


Joined: 20 Apr 2015
Posts: 169

PostPosted: Sun Sep 22, 2024 19:38    Post subject: Reply with quote
I don't understand this.

How is SPF+ port assigned to vlan2?
Is eth2 defaulting to some hidden "wan" bridge that has vlan2 assigned to it?
Could I then assign eth0 to that "wan" bridge?

Would it be necessary to
create a new bridge (ex.30)
assign eth0 to bridge 30
assign eth2 to bridge 30
assign vlan2 to bridge 30
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6704
Location: UK, London, just across the river..

PostPosted: Mon Sep 23, 2024 6:54    Post subject: Reply with quote
Nuor wrote:
I don't understand this.

How is SPF+ port assigned to vlan2?
Is eth2 defaulting to some hidden "wan" bridge that has vlan2 assigned to it?
Could I then assign eth0 to that "wan" bridge?

Would it be necessary to
create a new bridge (ex.30)
assign eth0 to bridge 30
assign eth2 to bridge 30
assign vlan2 to bridge 30


not the best picture but says it all..(you need to be logged in to see the pic)

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 58184 WAP
TP-Link WR1043NDv2 -DD-WRT 58730 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 58785 Gateway/DoT,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 58785 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 58689 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 58785
Broadcom
Netgear R7000 --DD-WRT 58627 Gateway/SmartDNS/DoT,AD-Block,IPsetFirewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913


Last edited by Alozaros on Tue Sep 24, 2024 10:36; edited 1 time in total
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 3380
Location: Germany

PostPosted: Mon Sep 23, 2024 7:34    Post subject: Reply with quote
Nuor wrote:
I don't understand this.

How is SPF+ port assigned to vlan2?
Is eth2 defaulting to some hidden "wan" bridge that has vlan2 assigned to it?
Could I then assign eth0 to that "wan" bridge?

Would it be necessary to
create a new bridge (ex.30)
assign eth0 to bridge 30
assign eth2 to bridge 30
assign vlan2 to bridge 30


No, you don't need to bridge anything.
And if you use the SFP+ port exclusively for WAN, you don't need any VLANs either.
VLANs are only needed if you want to run multiple virtual networks over a single port.

So simply select eth0 as the WAN port (WAN port assignment) and the SFP+ port acts as the WAN port.

_________________
Quickstart guides:
use Pi-Hole as simple DNS-Server with DD-WRT
VLAN configuration via GUI - 1 CPU port
VLAN configuration via GUI - 2 CPU ports (R7800, EA8500 etc)

Routers
Marvell OCTEON TX2 - QHora-322 - OpenWrt 23.05.3 - Gateway
Qualcomm IPQ8065 - R7800 - DD-WRT - WAP
Nuor
DD-WRT User


Joined: 20 Apr 2015
Posts: 169

PostPosted: Mon Sep 23, 2024 17:19    Post subject: Reply with quote
ho1Aetoo wrote:
So simply select eth0 as the WAN port (WAN port assignment) and the SFP+ port acts as the WAN port.


Great - I'll give it a try as soon as pick up a 2.5 gig managed switch to test.

As a startup command, as part of a multi vlan setup, I currently use
'swconfig dev switch0 vlan 2 set ports "3 5t"'

I take it vlan2 remains with port3 on switch 0 and the existing wan port3 defaults to br0?

Would the above line need to be changed to something like
'swconfig dev switch0 vlan2 set ports "0t 3 4t 6t"' ?

Is it no longer necessary to have eth2 linked to the switch as eth0 is linked to eth2 directly?

edit: Another question, since the port that connects the "wan" rj45 port to the CPU is apparently no longer used by the switch when the SPF+ connects directly to the CPU. Can that port be used to increase the bandwidth between the CPU and the switches.

ie 'swconfig dev switch0 vlan2 set ports "0t 3 4t 5t 6t"'
'swconfig dev switch0 vlan2 set ports "0t 1 4t 5t 6t"'
'swconfig dev switch0 vlan2 set ports "0t 2 4t 5t 6t"'
D.F.Cruizer
DD-WRT User


Joined: 14 May 2023
Posts: 140

PostPosted: Tue Sep 24, 2024 9:35    Post subject: Reply with quote
Nuor wrote:
As a startup command, as part of a multi vlan setup, I currently use
'swconfig dev switch0 vlan 2 set ports "3 5t"'

I take it vlan2 remains with port3 on switch 0 and the existing wan port3 defaults to br0?

Port3 (old WAN connection) appears to be neatly made redundant by DDWRT's WAN reassignment to SFP+ port selection. |Setup|Networking|then Interface Setup section.

Nuor wrote:
Would the above line need to be changed to something like
'swconfig dev switch0 vlan2 set ports "0t 3 4t 6t"' ?

As above, this seems NOT needed at all due to the clever SFP+ reassignment selection by BS.

Nuor wrote:
Is it no longer necessary to have eth2 linked to the switch as eth0 is linked to eth2 directly?
I think you're very logical and thorough. The WAN reassignment selection in DDWRT somehow takes care of this issue (behind the scene). I did not have to change anything else.

Nuor wrote:
Another question, since the port that connects the "wan" rj45 port to the CPU is apparently no longer used by the switch when the SPF+ connects directly to the CPU. Can that port be used to increase the bandwidth between the CPU and the switches.....

I had several discussion posts with ho1Aetoo relating to a similar issue from a different angle. He pointed out a flaw in Netgear R9000's design. Briefly, it can not take advantage of 10Gbps from SFP+ as WAN port due to the 1Gbps bottleneck at its twin switches. So the utilization of RJ45 old WAN port may be just a moot point if my understanding is correct.

P.S. My answers above are based on my setup of a HORACO 2.5GbE Switch (4x 2.5Gbps RJ45 Ports and 2x 10G SFP+ Ports Switch for only under US$21!) b/w my ISP modem and a Netgear R9000. Good luck.
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 3380
Location: Germany

PostPosted: Tue Sep 24, 2024 10:11    Post subject: Reply with quote
@Nuor

No idea what you always want with vlan2...
If you use the SFP+ port as a WAN port, VLAN2 is no longer needed.
You can then add the WAN port (Port3) to VLAN1
Then all external ports are VLAN1 ports but they are all connected together with only 1Gbit.

You can also leave the WAN port as it is and it will be automatically bridged to the LAN via br0.
Then the “WAN port” has a 1Gbit connection and the remaining LAN ports have a 1Gbit connection.

Quote:
edit: Another question, since the port that connects the "wan" rj45 port to the CPU is apparently no longer used by the switch when the SPF+ connects directly to the CPU. Can that port be used to increase the bandwidth between the CPU and the switches


No, this is not possible, you cannot connect several ports to one and the same VLAN.
This creates a loop and the router receives its own sent frames and packets ... then nothing works at all.

You can only increase the bandwidth by using two different VLANs (VLAN1+VLAN2)
Optionally, you can also configure BONDING and use an external switch that supports bonding.
A lot of effort for a meager 2Gbit

_________________
Quickstart guides:
use Pi-Hole as simple DNS-Server with DD-WRT
VLAN configuration via GUI - 1 CPU port
VLAN configuration via GUI - 2 CPU ports (R7800, EA8500 etc)

Routers
Marvell OCTEON TX2 - QHora-322 - OpenWrt 23.05.3 - Gateway
Qualcomm IPQ8065 - R7800 - DD-WRT - WAP
Nuor
DD-WRT User


Joined: 20 Apr 2015
Posts: 169

PostPosted: Tue Sep 24, 2024 12:56    Post subject: Reply with quote
Thanks for the answers. It sounds like you two have already walked this road.

My thought was that I could pass the data from the 2 gig SPF connection through the (2) 1 gig ports (0 and 5) to the master switch; bond and pass the connection out of two lan outputs (ex. wan+lan2) then receive them into 2 bonded lan ports in a small managed switch as described by D.F.Cruizer then pass the 2 gig connection back out through the 2.5 gig lan port of this external switch.

ho1Aetoo wrote:
No idea what you always want with vlan2...
Since vlan2 seemed to be already present I just thought it would work as well as anything else for the new bonding connection.

Basically I'm trying to keep my customized setup on my R9000 and still make full use of my greater than 1 gig wan speeds.
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum