Sharing fibre with cottage

[Suff1xed]

Morning all,

Hoping for some wisdom here. I have a cottage on my property with a tenant that has asked to share in my fibre connection. I have set it up with a LAN Cable running to the cottage for the time being but ultimately would like to have the tenant on a separate network to mine and be able to control bandwidth of that connection. I have done some reading and I have looked into the Ubiquiti Security Gateway Router (Ubiquiti Unifi Security Gateway Router + Firewall | USG) but unsure if its the right solution or if there are easier methods.

The Fibre is handled by a Microtik SFP Router/5 Port Switch but is managed by my ISP (I can ask them to turn off the routing and potentially take control of that on my side of the network) and I have separate lan cables to my 3 Ubiquiti AP’s and one going to the cottage.

Any advice is welcome.

 

[PHalanKS]

I doubt that your ISP would let you control their router, they are probably limiting your speeds etc on that router. It could be done with another Mikrotik or the USG (I imagine, I don't have one).

I've set up my Mikrotik basically the same way, one port is the internet (goes to fibre ONT) and then some ports for my LAN and one port removed from the default bridge and basically running a separate network address range, separate dhcp config etc, and a firewall rule blocking connections between the 2 networks.

I was expecting the tenant to run a router with a WAN port that would do NAT but he only had an old telkom adsl router his son wasn't using so I switched off DHCP on there and plugged the network cable into a LAN port so basically he is using it just as a wifi ap. Only disadvantage for him is off course I could switch off or modify that firewall rule and access stuff on his network, and I can see what devices are connected because they are dhcp clients of my router (but that's the kind of thing only I seem to care about anyway).

 

[PsyWulf]

If you can't take management on their mikrotik add your own and split the networks,apply speed limiting to cottage port and bingo bango

Sent from my F1 using Tapatalk

 

[Dom]

Could giving them a frequency band & limiting it like that work?

 

[DannyBoyOPC]

as per the guys above.. mikrotik is the right tool for the job, normally you need to apply to the ISP to allow you access to the router so that you can do as you please.

 

[AndyPants]

USG will also be able to sort this for you - easy to separate networks - since you already use Ubiquity APs...

But I know zero about mikrotik...so can't comment on that

 

[ThatGuy_ZA]

The Mikrotik can do it but it's probably easier to setup on a USG.

Have a look for guides for setting up guest VLAN's - that is essentially what you would do. You can tag the port that runs to the cottage so anything that connects to that cable/port will go onto the "guest" VLAN.

 

[Suff1xed]

Thanks all! Appreciate the advice. I will double check the Mikrotik option and do some reading.

 

[Messugga]

The Mikrotik can do it but it's probably easier to setup on a USG.

Have a look for guides for setting up guest VLAN's - that is essentially what you would do. You can tag the port that runs to the cottage so anything that connects to that cable/port will go onto the "guest" VLAN.

That'll work, yes. You can limit bandwidth for a VLAN, with a USG. Works well enough.

 

[iamgigglz]

If my ISP didn't let me mess around with the router I'd switch to a different ISP.
Cool Ideas installed a TP-Link for free when I signed up. It did well but I've since switched to a USG with Unifi APs etc.
All I had to do was call them to "reset the connection".

As others have said, since you have Unifi APs already, installing a USG makes the most sense. You can control bandwidth per user, AP, or SSID. I have 2.4GHz and 5GHz versions of the main house wifi, but the AP that feeds the cottage has a "Cottage" SSID on the 2.4GHz instead, and I've limited that SSID's bandwidth.

 

[dirko.van.schalkwyk]

Adding another spanner if I may:

TP link's Load balancers ( Load Balance Routers | TP-Link South Africa ) can do this on a user/group/ip and a vlan/port level with the added benefit of adding possible failover. For instance, bandwidth on user/group/IP level :

If 95 Mbps is an acceptable speed, their lower end models are quite good value, e.g.:

takealot.com

 

[Suff1xed]

Hi all,

Appreciate the advice. I will let you know which way I went.

 

[abd]

That'll work, yes. You can limit bandwidth for a VLAN, with a USG. Works well enough.

Just a question, will that require coding with json files etc?

I've got a dream machine pro and can't seem to limit the Vlan bandwidth with it

 

[Messugga]

Just a question, will that require coding with json files etc?

I've got a dream machine pro and can't seem to limit the Vlan bandwidth with it

Nope! Just config.

 

[abd]

Nope! Just config.

Sorry I meant with a wired connection.
The wireless bandwidth limits do work in the settings.

 

[Messugga]

Sorry I meant with a wired connection.
The wireless bandwidth limits do work in the settings.

You set up a VLAN tag on a port and then set up a user group which uses that VLAN tag to identify users. You can set bandwidth limits based on user group. This can be done entirely through the Unifi management console.

 

[abd]

You set up a VLAN tag on a port and then set up a user group which uses that VLAN tag to identify users. You can set bandwidth limits based on user group. This can be done entirely through the Unifi management console.

https://community.ui.com/questions/UniFi-User-Groups-with-Wired-Ethernet/7a99dea9-c1bc-4bd3-a0ba-701957e4588e

From what I recall when I read up on this, those limits only apply to wireless connections