Two routers in the same subnet and VPN

I like this question, old though it might be.

Some conceptual items:

• Routers should typically be drawn between networks because they provide a "route" (or path) from one to the other.
• They can be connected to as many networks as they are capable of, and they will have an IP address on each.
• You don't need more than one physical link between routers, to answer the implicit question related to the two links between router A and router B.
• Any physical link between two routers should be represented as a network on the layer-3 diagram (it can be a network that other hosts or routers are connected to).

In your diagram, I would place router A between the Internet and subnet A.

I would place router B between subnet A and subnet B, meaning that subnet A is also used as a routing network between subnet B and the Internet.

In order for the routing network to work out correctly, router B must be configured with router A as its default route to the Internet. Also, router A must be configured to recognize router B as the correct direction for traffic to subnet B.

That probably looks like:

• Router B:

  • IP1: 10.0.0.1/24 netmask: 255.255.255.0
  • IP2: 10.0.2.2/24 netmask: 255.255.255.0
  • Route: Net: 0.0.0.0/0 [default], gateway: 10.0.2.1/24
  • Note that the networks 10.0.0.0/24 and 10.0.2.0/24 are defined implicitly and are local to this router. Only the Internet needs an explicit route.

• Router A:

  • IP1: [Internet IP via PPPoE]
  • IP2: 10.0.2.1/24 netmask 255.255.255.0
  • Route: Net: 0.0.0.0/0 [default], gateway: PPPoE
  • Route: Net: 10.0.0.0/24, gateway: 10.0.2.2

8) Is there two static IPs in a router? One for WAN and one for LAN?

Yes – a router, by definition, connects multiple networks and has an address from each network that it's on. So the WAN interface has its own address and the LAN interface has its own. (They might not necessarily be static though – e.g. the "WAN" address is usually dynamically obtained via DHCP.)

So with that in mind,

• WAN IP Address: 192.168.254.254 (Guessing here to use Router 1 IP address) Gateway: 192.168.254.254 Primary DNS Server: 192.168.254.254

the "Gateway" field is correct, but the "WAN IP address" field is not: it defines the 2nd router's own IP address. So if the upstream (1st router)'s LAN interface is 192.168.254.254/24, then the TP-Link (2nd router)'s WAN interface could be 192.168.254.7/24 or something.

(A bridge however (e.g. Ethernet switches, Wi-Fi access points aka extenders, Powerline adapters) links a single network together, so usually has only one IP address – and that address is only used for managing the bridge, not for actually forwarding packets.)

So at first you need to decide whether you want the ISP device to stay in router mode (having two LAN subnets in total) or whether you want it to be in bridge mode. I would recommend the latter: now that you have bought a better router, you don't need the ISP device to act as a router anymore.

1) Do I enable the DHCP on BOTH the main modem/router (ie the ZTE ZHXN H108N) and secondary router (TP Link AC2300)? Will it conflict each other? What range should I put on both? Does it have to be very different IP address range?

Your TP-Link device is a router, and you specifically stated that you want it to be a router. So it has to have different networks on its WAN and LAN sides.

For example, if the ISP router's LAN (which is also the TP-Link's WAN) uses 192.168.1.0/24, then the TP-Link's LAN could be 192.168.2.0/24.

The two networks can both use DHCP without any conflict, because there is a router separating them.

2) Will connecting two routers caused double NAT? Will that even be an issue?

If the ISP device remains in router mode, yes, generally this will result in double NAT. It might cause annoyances such as making port-forwarding twice as difficult.

If the ISP device cannot act as a bridge, then it should at least have the TP-Link configured as its "DMZ" host.

3) How about Voip? Will it be effected?

It depends on the protocol used, and on the outcome of question #2. With double NAT, SIP might be affected more than other protocols.

4) How about the UPnP? Do i enable it on both or none?

It's a link-local (same-subnet) protocol. Devices connected to the TP-Link router will only talk UPnP IGD to the TP-Link.

The TP-Link router itself won't talk UPnP IGD to its upstream router. (It's not technically impossible, just never done because such routers expect to be connected to an ISP, not to another router, and ISPs do not talk UPnP IGD at all.)

5) What internet connection type do I choose on the secondary router TP Link AC2300 since it offered 5 types (Dynamic IP, Static IP, PPPoE, L2TP and PPTP)?

If the ISP device is in bridge mode, the TP-Link router should inherit its settings exactly, so choose whatever the ISP wants.

If the ISP device is in router mode, it certainly won't be offering something as complex as PPTP or PPPoE to its LAN devices (i.e. to the TP-Link) – just regular IP. Whether you want the TP-Link to have a static or DHCP (dynamic) address is up to you. Dynamic would be simpler to deal with.

7) Should I turn off the wireless radio on the ISP modem/router (ZTE)?

If it's in bridge mode, yes.

If it's in router mode, probably also yes, because devices connecting to it would bypass the TP-Link.

At minimum, if both routers end up providing Wi-Fi, they must have different network names (SSIDs) because they provide access to different subnets. Otherwise devices roaming between them would get very confused.