Posted: Tue Jan 24, 2023 2:43 Post subject: Netgear R9000 SFP+ as Wan
I have Motorola MB8611 cab le modem and wanted to use the SFP+ connection on the R9000 router for better performance.
How do I configure the SFP+ network on R9000 to act as Wan?
Any step by step instructions?
Do I need to buy anything in order to make it work? _________________ Netgear R9000 main router
RAX80 as AP
I use an 8611/9000 combo though the setup is slightly different.
9000 WAN is connected to 8611 running Gigabit from Cox.
9000 10Gb fiber SFP is connected to 16 port 10Gb switch hosting the household network.
2 10Gb NAS boxes, 2 10Gb Gamers, 1 remote 10GTb switch and the rest of the house and AP's on 1Gb.
The 9000 has zero 1Gb ports in use as everything is on the SFP. _________________ Segment 1 XR700 10Gb LAN, 1Gb WAN ISP BS
Wired AP 1 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 2 Unifi Wifi 6 LR US 1Gb LAN
Wired AP 3 Unifi Wifi 6 LR US 1Gb LAN
Syslog Services Asustor 7110T NAS 10GB
NetGear XS716T 10GB Switch
download1.dd-wrt.com/dd-wrtv2/downloads/betas/ (Brain Slayer)
YAMon https://usage-monitoring.com/index.php
Things to bear in mind...
-you'd need a compatible SFP adapter, as not all are compatible https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=328296
-to download the DWCruiser vlan guide you must be logged in...(i guess the guide is down for an update, so its missing at the moment )
-if you can afford an extra hardware, you can follow ddaniel51 advise, as it makes sense...
-R9000 has a bad heat-sink design and tends to get very hot, especially if you use its SFP port...
some people, as well me, run an extra fan on it...as well you can set internal fan to nonstop via GUI settings, but for heavy use and SFP, its not enough...
-if R9000 gets overheated very often its radios tend to burn out and than no radios...
-i run almost the last firmware 51440, cannot update ATM to the last, but you can run the very last currently 51506, as usually the last firmware has all the patches...or you can read the SVN line as well new build threads...and check with the other members...and their reports... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 58184 WAP
TP-Link WR1043NDv2 -DD-WRT 58730 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 58785 Gateway/DoT,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 58785 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 58689 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 58785
Broadcom
Netgear R7000 --DD-WRT 58627 Gateway/SmartDNS/DoT,AD-Block,IPsetFirewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
whats your thought on not using the radios then and just use it to give out ips / dhcp and connect to my local network and then use a different wifi in access pt mode..
sounds like the same issues i have having with my older rt-ac5300 with the 2.4ghz radio dropping out and sometimes needing a reboot or even a f/w reflash to get it going again.
also strange it gets so hot i have a tplink in one of my switches 10g,, in an sfp+ slot and it is not getting that hot at all.
Joined: 16 Nov 2015 Posts: 6704 Location: UK, London, just across the river..
Posted: Mon Jan 30, 2023 19:24 Post subject:
I do use the 2.4Ghz radio only, but stopped using its SFP...as my adapter was really getting hot...
and it was just a 1Gbit adapter RJ-45...no idea if optic adapters get hot too, as i never had one...
Yes you can use an external wifi AP plugged to its LAN ports... if radios are dead...on the last builds BS made R9000 to be able to boot without radios, if those are gone...so happy days...
Overall its a great unit...very powerful..and delivers great performance..sadly mine doesn't really see that heavy use as R7800, but both are rock solid... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 58184 WAP
TP-Link WR1043NDv2 -DD-WRT 58730 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 58785 Gateway/DoT,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 58785 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 58689 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 58785
Broadcom
Netgear R7000 --DD-WRT 58627 Gateway/SmartDNS/DoT,AD-Block,IPsetFirewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
thanks for the input but unfort. that would defeat the purposes as i am trying to get stuff on the lan (private ips) using the router as the default g/w to get faster than 1g for instance when going to my nas's etc..
How is SPF+ port assigned to vlan2?
Is eth2 defaulting to some hidden "wan" bridge that has vlan2 assigned to it?
Could I then assign eth0 to that "wan" bridge?
Would it be necessary to
create a new bridge (ex.30)
assign eth0 to bridge 30
assign eth2 to bridge 30
assign vlan2 to bridge 30
Joined: 16 Nov 2015 Posts: 6704 Location: UK, London, just across the river..
Posted: Mon Sep 23, 2024 6:54 Post subject:
Nuor wrote:
I don't understand this.
How is SPF+ port assigned to vlan2?
Is eth2 defaulting to some hidden "wan" bridge that has vlan2 assigned to it?
Could I then assign eth0 to that "wan" bridge?
Would it be necessary to
create a new bridge (ex.30)
assign eth0 to bridge 30
assign eth2 to bridge 30
assign vlan2 to bridge 30
not the best picture but says it all..(you need to be logged in to see the pic) _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 58184 WAP
TP-Link WR1043NDv2 -DD-WRT 58730 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 58785 Gateway/DoT,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 58785 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 58689 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 58785
Broadcom
Netgear R7000 --DD-WRT 58627 Gateway/SmartDNS/DoT,AD-Block,IPsetFirewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Tue Sep 24, 2024 10:36; edited 1 time in total
How is SPF+ port assigned to vlan2?
Is eth2 defaulting to some hidden "wan" bridge that has vlan2 assigned to it?
Could I then assign eth0 to that "wan" bridge?
Would it be necessary to
create a new bridge (ex.30)
assign eth0 to bridge 30
assign eth2 to bridge 30
assign vlan2 to bridge 30
No, you don't need to bridge anything.
And if you use the SFP+ port exclusively for WAN, you don't need any VLANs either.
VLANs are only needed if you want to run multiple virtual networks over a single port.
So simply select eth0 as the WAN port (WAN port assignment) and the SFP+ port acts as the WAN port.
Great - I'll give it a try as soon as pick up a 2.5 gig managed switch to test.
As a startup command, as part of a multi vlan setup, I currently use
'swconfig dev switch0 vlan 2 set ports "3 5t"'
I take it vlan2 remains with port3 on switch 0 and the existing wan port3 defaults to br0?
Would the above line need to be changed to something like
'swconfig dev switch0 vlan2 set ports "0t 3 4t 6t"' ?
Is it no longer necessary to have eth2 linked to the switch as eth0 is linked to eth2 directly?
edit: Another question, since the port that connects the "wan" rj45 port to the CPU is apparently no longer used by the switch when the SPF+ connects directly to the CPU. Can that port be used to increase the bandwidth between the CPU and the switches.
ie 'swconfig dev switch0 vlan2 set ports "0t 3 4t 5t 6t"'
'swconfig dev switch0 vlan2 set ports "0t 1 4t 5t 6t"'
'swconfig dev switch0 vlan2 set ports "0t 2 4t 5t 6t"'
As a startup command, as part of a multi vlan setup, I currently use
'swconfig dev switch0 vlan 2 set ports "3 5t"'
I take it vlan2 remains with port3 on switch 0 and the existing wan port3 defaults to br0?
Port3 (old WAN connection) appears to be neatly made redundant by DDWRT's WAN reassignment to SFP+ port selection. |Setup|Networking|then Interface Setup section.
Nuor wrote:
Would the above line need to be changed to something like
'swconfig dev switch0 vlan2 set ports "0t 3 4t 6t"' ?
As above, this seems NOT needed at all due to the clever SFP+ reassignment selection by BS.
Nuor wrote:
Is it no longer necessary to have eth2 linked to the switch as eth0 is linked to eth2 directly?
I think you're very logical and thorough. The WAN reassignment selection in DDWRT somehow takes care of this issue (behind the scene). I did not have to change anything else.
Nuor wrote:
Another question, since the port that connects the "wan" rj45 port to the CPU is apparently no longer used by the switch when the SPF+ connects directly to the CPU. Can that port be used to increase the bandwidth between the CPU and the switches.....
I had several discussion posts with ho1Aetoo relating to a similar issue from a different angle. He pointed out a flaw in Netgear R9000's design. Briefly, it can not take advantage of 10Gbps from SFP+ as WAN port due to the 1Gbps bottleneck at its twin switches. So the utilization of RJ45 old WAN port may be just a moot point if my understanding is correct.
P.S. My answers above are based on my setup of a HORACO 2.5GbE Switch (4x 2.5Gbps RJ45 Ports and 2x 10G SFP+ Ports Switch for only under US$21!) b/w my ISP modem and a Netgear R9000. Good luck.
No idea what you always want with vlan2...
If you use the SFP+ port as a WAN port, VLAN2 is no longer needed.
You can then add the WAN port (Port3) to VLAN1
Then all external ports are VLAN1 ports but they are all connected together with only 1Gbit.
You can also leave the WAN port as it is and it will be automatically bridged to the LAN via br0.
Then the “WAN port” has a 1Gbit connection and the remaining LAN ports have a 1Gbit connection.
Quote:
edit: Another question, since the port that connects the "wan" rj45 port to the CPU is apparently no longer used by the switch when the SPF+ connects directly to the CPU. Can that port be used to increase the bandwidth between the CPU and the switches
No, this is not possible, you cannot connect several ports to one and the same VLAN.
This creates a loop and the router receives its own sent frames and packets ... then nothing works at all.
Thanks for the answers. It sounds like you two have already walked this road.
My thought was that I could pass the data from the 2 gig SPF connection through the (2) 1 gig ports (0 and 5) to the master switch; bond and pass the connection out of two lan outputs (ex. wan+lan2) then receive them into 2 bonded lan ports in a small managed switch as described by D.F.Cruizer then pass the 2 gig connection back out through the 2.5 gig lan port of this external switch.
ho1Aetoo wrote:
No idea what you always want with vlan2...
Since vlan2 seemed to be already present I just thought it would work as well as anything else for the new bonding connection.
Basically I'm trying to keep my customized setup on my R9000 and still make full use of my greater than 1 gig wan speeds.