(10-06-2016, 04:23 AM)justMongo Wrote: These are both 2009 era routers by Linksys. Model WRT610N.
Neither has IPv6 capability. R1 is plugged into a Motorola 2210 DSL modem. The modem is in full bridge mode -- so the modem is just a dumb mod/demod. R1 initiates PPPoE. Both routers have a built in 4 port gigabyte switch.
Yes, I can isolate the bad actors on R1 and the protected stuff on R2.
Be sure and test the isolation of the LAN's. As I said I don't trust home routers. Linksys has many, many, MANY buggy insecure things that I know of. Sadly, many of the other manufacturers are probably worse, just not as thoroughly explored as Linksys.
One "simple" solution would be to use a third cheap home router. Plug R3 into the modem, then plug R1 and R2 into the LAN ports on R3. On most home routers, the upstream "WAN" port network can't see the LAN side of the router. No special configuration required, they're isolated out of the box.
You might think there will be a performance hit, but your home routers are SO much faster than your DSL, that you'll never see it. Well, except that there are more places for things to break.