General questions

[Worhammer]

Background: I'm a full time network security engineer for a fintech company. I design and build networks for fun. My current gaming router is a Netgear Nighthawk AC1900 flashed with DD-WRT. It's over 6 years old at this point, and I only have moderate success with UPnP (Multiple consoles/pcs active in the house simultaneously, often playing the same game but not always). Due to its age, the DD-WRT project has been abandoned and the most recent firmware is almost two years old at this point. As a network engineer, old firmware makes me unhappy on principal.

I'm looking to replace it, but I have a few questions. I'd appreciate any answers!

My current setup is a Palo Alto Networks PA-220 firewall router at my edge providing a separate IP address to the gaming router. On the layer 2, I'm driving everything via a cisco switch that has a separate VLAN for the connection between PA-220 and gaming router for public IP, and a second VLAN for the wired gaming local network.
Question 1: Does DumaOS support VLAN tagging for the LAN? If so, how difficult is it to configure? 

Because I have an enterprise grade firewall at my edge, I like to turn off the firewall part of any gaming router I buy. Why do I need two firewalls?
Question 2: Is it possible to turn off the firewall? What type of firewall does DumaOS use? (SPI, DPI)

 

Question 3: Anything else I should know? Any other network nerds using Duma? What made you switch off whatever you were using before?

I really like to think of my gaming network as "set it and forget it" - I hate having to work after working all day, if you know what I mean. I need something that will do UPnP well because I don't want to be manually creating port forwarding rules every time I buy a new game that wants to use new ports, or add a third (same brand) console into the mix in the future.

[Netduma Fraser]

Hey, welcome to the forum!

I'll try to answer your questions as best I can. I assume you would be wanting a router with AC so I'll base my answers on the assumption you would be getting one of the XR routers.

1. Yes this is part of the Netgear settings area. You can setup via bridge group - wired ports or individual wifi bands or you can use VLAN tag group, choosing the ID, priority and what port/band it applies to.

2. There is no way to turn off the firewall fully at present though you can switch NAT Filtering from Secure to Open. It uses SPI & NAT.

3. We are working on a redesign of the software, adding lots of features and fixes. It will make the router more versatile, allowing updates to be given to individual features rather than required an entire firmware update. You can find out more about what we have planned here, though we haven't revealed everything yet. http://www.netgearinnovation.com/dumaos-beta/Latest_News.html