Simplest way to combine networks

Started by mreev90, November 15, 2023, 03:14:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

mreev90

November 15, 2023, 03:14:40 PM
I currently have 2 buildings on campus (bldgs. 2 & 3) that has a very simple LAN configuration today. We are adding a wireless bridge in order to connect building 1 as shown in the picture. The idea is to connect the two networks in order to have the cameras in all buildings be connected to and viewed from the NVR in building 1. Other resources such as file servers, printers, etc. do not need to be shared, but they can be. I would like some advice configuring the routers to accomplish the combining of these 2 networks to simply share the camera resources at a minimum. The following are the specs on the equipment if that matters. I can change out routers or switches if necessary, but would rather not, if possible.

1) Routers =  Ubiquiti EdgeRouter 4
2) Wireless Bridge = Ubiquiti NanoBeam ac Gen2 High-Performance airMAX ac Bridge (NBE-5AC-Gen2-US)
3) Switches = Ubiquiti EdgeSwitch 8, 8-Port Managed PoE+ Gigabit Switch with SFP
4) Cameras are all POE IP cameras.
There are many other peripherals that are not pertinent to the discussion.
Bandwidth speeds are fine and not a problem currently. Building "A" can continue using ISP "A" and buildings 2 and 3 can continue using ISP "B".

icecream-guy

#1
November 16, 2023, 08:17:22 AM
what are the networks?   the easiest way to combine networks is to modify the subnet mask in all devices.
i.e.
192.168.0.0/24
192.168.1.0/24
=
192.168.0.0/23


:professorcat:

My Moral Fibers have been cut.

deanwebb

#2
November 16, 2023, 08:52:39 AM
If strict boundaries are not required, then as above, this can be one flat network. Technically. As a security guy, I hate flat networks, so I'll go with the non-combining approach and use any Layer 3 functions on those switches to aid in the solution.

As it so happens, the Edgeswitch has routing functionality, so we can add static routes for the internal networks and then a static route for Internet-bound traffic to use the closest Internet gateway, with a secondary route with a high cost for the gateway on the far end, in case the main one is down.

I do not like default outbound routes, as they are an aid to malware exploits, hence my specification of a route for Internet traffic that will hopefully traverse a proper boundary firewall and proxy server. :)

Short answer is: internal default routes on the gear, which does support that kind of routing.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions