I am trying to set up a network at an apartment building. cat5 ran to 1 location with a cable connection coming in (roughly 35x8 with 16 static ip's).
We want to provide each tenant with their own router pre-configured in "client-mode" with a both a static wan(through the isp) and on the network.
I imagined this:
cable modem --> router(to handle distribution of isp ip's and qos) --> managed switch (setting up vlans to separate network traffic).

Does this sound like a feasible plan, and if so, does anyone have a specific router/switch combination they'd suggest? I've been looking in to sonicwall and hp, but I don't really know too much about this topic..

  1. I would use a bridge rather than a router

    I have used zeroshell which can run on normal computer hardware, it's very stable and easy to use.

    So for example

    cable modem --> bridge --> switch --> Client Router --> client network
    (zero shell)

    The bridge can do QOS, MAC filtering, DHCP etc

    So the client's router will have a public ip address that they can then forward ports and do what ever they like.

    Mac filtering can stop people from using unwanted devices directly on your network which may disrupt
    And if you really want to lock it down VLAN's are a good idea, AFAIK zeroshell supports vlans too.

    It also depends on your budget. I have used cisco switches which are very nice. A cheaper option would be a level one brand switch which I have also used and it workes fine.
