Giving new roomate wifi to my DSL- How to limit his BW and access to rest of network?

topcat989

topcat989

Extremely [H]
Joined
Jan 2, 2001
Messages
33,291
Like the title says. Finally had to accept reality and get a roomate to share rent. I have AT&T DSL (the cheap/slow package:( ) and I want to:

Limit his bandwidth. I don't think this guy will be a problem, but he will only be staying till the end of summer. The new roomie then might be a torrent monkey.

Completely shield my other computers from his sight, so to speak. Like I said he's not a hacker but the new roomie might be.

I'd like the router (linksys WRT54G v3 runner latest linksys fw) and the rest of my network (main PC and media server) to be resistant to at least a script kiddie, and hopefully against a intermediate hacker.

I'm currently using wifi with WAP2 personal as the router security.

Thinking of tomato or DDWRT, advice, suggestions?

TIA:)
 
Yeah if you go with an alternate firmware you can implement QOS and the like - I'd do that myself cause my roommate was a porn addict.

Are you worried about him using too much bandwidth or just that he's going to bog you down? Cause you might want QOS and not a hard limit on him.

You can put him on a separate VLAN as well so that he can't "see" your computer.
 
Well, I know you can do it with a dd-wrt compatible router, vlans, and pfSense because I do it myself.

On my WAP (access point) I run two SSIDs. One for me and one for guests on another VLAN. The NIC on my pfSense box is setup as a vlan trunk.

The main SSID maps to the main network and has full speed/access. The guest SSID maps to it's own network and has Internet access only as well as a 1.5Mbps cap.

I know DD-WRT can do multiple SSIDs with VLANs (if your router supports it). I'm not sure if it does QoS/shaping/limiting per SSID though. That would be the key, and if it does, you can do it without pfSense.

Riley
 
The router is dd-wrt compatable.

For the record I'm hardware strong (building systems, water cooling) and a bit weak on the software side. And really weak on networking setups.

I guess I'll need some more google fu-

How to set him up on a separate VLAN? I know what QoS means, and VPN means, just not how to implement them:p

thanks for the responses, keep them coming. As long as this thread stays open I welcome input. :eek:
 
Most out of the box wireless routers dont do VLAN's by default, but they do QOS. Maybe a third party firmware can setup VLAN's. If not, you will need to get a manager switch and then just access point to attached the switch and route the traffic that way.

Its been a long time since I had to buy a wireless router (going three years strong on my D Link) so some of my information may be incorrect.
 
THe linksys/Cisco WRVs4400n does this all :)

Vlans tagging you can make it so each ssid can't talk to each other and you can make it so they can't see the wired too.


Nice little unit.
 
There is no "multiple SSID" or "guest SSID" support in the standard software for the WRT45g.

You can do most of what you want very easily with dd-wrt. Assuming you are using the wireless router as your main router - i.e., as long as you have it set up with the WAN port of the router connected directly to your DSL modem - then you don't even need to deal with VLANs. Load dd-wrt. Follow the on-screen setup for a "guest" SSID. Its really, really simple...

You definitely get the network separation you want doing this - users of the "guest" network have absolutely no access to your main wireless LAN, the LAN ports on the router, or the management interface of the router. I don't remember if you can set bandwidth limitations easily on the guest SSID (I think you can, but its been a while since i started doing something more complicated).
 
Honestly you will be better off being friends with the new roommate, or at least communicating to him your bandwidth concerns. I had to deal with a "bad" roommate, and he would constantly (daily or so) just physically unplug my computer from my router and leave his connected. So I unplug his and plug mine back in, and he swaps my router with his. So I swap them back, and he short circuits my router, bricking it. Better off just not getting on his bad side (or assuming he's bad to begin with).
 
Lazy_Moron said:
Most out of the box wireless routers dont do VLAN's by default, but they do QOS. Maybe a third party firmware can setup VLAN's. If not, you will need to get a manager switch and then just access point to attached the switch and route the traffic that way.

Its been a long time since I had to buy a wireless router (going three years strong on my D Link) so some of my information may be incorrect.
Click to expand...

I'm looking for simple and to do it with my existing equipment if possible-

dashpuppy said:
THe linksys/Cisco WRVs4400n does this all :)

Vlans tagging you can make it so each ssid can't talk to each other and you can make it so they can't see the wired too.


Nice little unit.
Click to expand...

I'm looking for simple and to do it with my existing equipment if possible-

PigLover said:
There is no "multiple SSID" or "guest SSID" support in the standard software for the WRT45g.

You can do most of what you want very easily with dd-wrt. Assuming you are using the wireless router as your main router - i.e., as long as you have it set up with the WAN port of the router connected directly to your DSL modem - then you don't even need to deal with VLANs. Load dd-wrt. Follow the on-screen setup for a "guest" SSID. Its really, really simple...

You definitely get the network separation you want doing this - users of the "guest" network have absolutely no access to your main wireless LAN, the LAN ports on the router, or the management interface of the router. I don't remember if you can set bandwidth limitations easily on the guest SSID (I think you can, but its been a while since i started doing something more complicated).
Click to expand...

Been thinking about going dd-wrt- My current setup is:

incoming DSL data line---> DSL modem in bridged mode----> Linksys WRT54G ---->Netgear 8 port Gb switch---->wired computers (all mine)

Roomie gets WiFi

Yeah I just want him to have access and see only internet, no access to my computers or router's management page (yes it's setup with a decent pw now, but still)

Look's like dd-wrt is going to be my best bet... Thanks for the advice

iissmart said:
Honestly you will be better off being friends with the new roommate, or at least communicating to him your bandwidth concerns. I had to deal with a "bad" roommate, and he would constantly (daily or so) just physically unplug my computer from my router and leave his connected. So I unplug his and plug mine back in, and he swaps my router with his. So I swap them back, and he short circuits my router, bricking it. Better off just not getting on his bad side (or assuming he's bad to begin with).
Click to expand...

I'm easy to get along with, and I wouldn't deliberately antagonize the roomie, but fuck being held hostage or kissing ass. If he's a serious problem then he GTFO. Besides, all networking equipment is in my room under lock and key. No physical access.

I can't believe you'd let someone touch your shit w/o permission, let alone delibertly destroy it. His ass would have been booted out the fucking door. If I was renting in his home, yeah, you have to follow his rules on access. But renting from me? I promise just basic low end broadband and that's it. I don't want the fucker torrenting kiddie porn or anything else that will fuck me up with the men in black; I also don't want him using 97% of the bw leaving me 3%.

As I've said, my current roomie is not really the issue, but he's gone in a couple of months and I want to be prepared for whoever replaces him.
 
You must log in or register to reply here.
Back
Top