Why not just make both ports 2.5gbe.....
Exactly what I was going to say. Who wants a LAN port that is slower than the WAN port?
It's probably a limitation of the SoC, which was probably designed more for wireless AP use than wired router use.
I think the point is that it'd make a lot more sense with 2.5GLAN/1GWAN than the reverse, given that limitation?
Perhaps.
And they can certainly be reversed: They're just Ethernet ports on a Linux box [with a front-end routing-oriented configuration/distro widget called OpenWRT]. They can do whatever tasks a person wishes to assign them to do.
Most likely the SoC has one port, and the other is hanging off USB.
And the limitation of 1x 2.5G ethernet, for those who it actually makes a difference to, is broadly sidestepped by using a managed switch and VLANs (just like ye olde Linksys WRT54G -- a device that only really had a singular Ethernet interface -- did internally).
One can have as many 2.5G ports as one wishes -- just add more/bigger switches. They can be WAN or LAN or whatever you want. (They'll all share the same full-duplex 2.5G pipe to/from this router and the outside world beyond, but so what? OpenWRT makes it easy.)
Is the idea to have modem and router on the same VLAN connected to that switch, and have the LAN traffic on another VLAN? So only one 2.5G port should be enough for everything?
Correct.
Switches vary in their nomenclature and defaults, but in the switch it could look something like this:
Port 1: Uber-fast WAN-device. VLAN 10 [WAN], untagged.
Port 2: Router-box. VLANs 1 [LAN, default] and 10 [WAN], tagged.
Ports 3-eleventy: Everything LAN. VLAN 1, untagged (or the default OOTB port config works for my stuff at home without any other considerations). More (cheap! dumb!) switches can be daisy chained here if one desires[1].
This keeps the traffic secure and separated. VLAN 1 [LAN] can't talk to VLAN 10 [WAN], and VLAN 10 can't talk to VLAN 1, but the router on port 2 can talk to both VLANs and it treats them as separate networks.
In OpenWRT, these individual VLANs show up almost like any other network interfaces do. The difference between a physical port and a VLAN member is pretty much just the name of that port. That part is easy -- in fact, it's all pretty easy.
---
And at the end of the day, this provides (up to[0]) ~2.5Gbps of WAN bandwidth to/from the LAN, minus whatever pittance of data is used for things like LAN DHCP or whatever other services are run on the router-box itself, in both directions, concurrently.
[0]: The most severe bottleneck here seems more likely to be the packet-processing capabilities of the dual-core 1.3GHz Cortex-A53 CPU than anything else. For instance: On the surface, it seems unlikely to have enough grunt to be able to do things like SQM at these kinds of data rates. But that bottleneck would exist with physical ports, too.
[1]: And in the context of home networking, daisy-chaining switches is not quite optimal, but it's also just fine, and it's far better and more-consistent than wifi. I just moved into a new place and I've already got 3 different network switches in use, for convenience as much as anything else, to get hardwired network access where it needs to be while running a minimum of cabling. (Maybe some day I'll go full structured cabling on the place with a rack of switches and shit somewhere, but meh: Just because I can doesn't mean that I should.)
Thanks for the explanation!
I can only see one scenario where it doesn't work out to 2.5gbps, if we have symmetrical 2.5Gbps WAN, then to upload and download at 2.5g from a LAN device wouldn't reach 2.5, because the router has to use that single link for ingress and egress from both sources.
Ah. Yes, that's a thing. WAN <-> LAN bandwidth is multiplied by a factor of 2. I didn't work all the way out on the loop. (Apologies -- I don't work with constrained networks at this level every day, and I appreciate the correction.)
It may be fine for "normal" use: 2.5 in, or 2.5 out, or a mix of some of each. Unless we're heavy into torrenting, I'd like to suggest that most households aren't maxing out both at once: We're doing either a big upload or a big download (but usually not both at once), plus whatever baseload we have for background noise (streaming services, browsing, and whatnot).
It's good enough, maybe? Especially for asymmetric sources?
But really: If a person has needs symmetric 2.5, then maybe they should be shopping for a router-like-device that costs more than $90. This little box from the OpenWRT folks is pretty neat, but it's still certainly built down to a price. :)
The LAN/WAN assignment should be trivial to flip in sofware (agreed the default is silly).
What’s the safest and quickest way to purchase this?
AliExpress is pretty safe and quick these days, takes about a week from order to delivery here in the UK, the estimated delivery date on listings is normally bang on.
AliExpress also have there own buyer protection program like eBay does, only had to use it once and it was no less of an issue then using eBay’s dispute system.
Only USB 2.0 is pretty lame. At least there's an nvme slot I guess
USB 3 can be pretty noisy at around 2.4GHz, which is perhaps not ideal for a device that is primarily intended to be used to provide wifi for an entire LAN.
(Yeah, I know. There's tons of other router-like devices with USB 3. It's probably not ideal in those instances either.)