dk what you mean by sideways but I can access any device connected to my network from any of my access points. Like I mentioned, this is how most businesses and campuses and other places that need a huge wireless network are setup. It’s not like mesh was around in the aughts.
ubiquiti etc arent average consumer harwdare, nor is DD-WRT.
When you install DD-WRT, those devices still give you an IP address - they run their own DHCP servers.
If you're running things through a WAN port, all the firewall rules of the router are active and block the two sides from direct communication. Running DD-WRT definitely opens up a lot more possibilities there, but also usually harms performance a lot (all the ones i tested had severely worse local file speed transfers on DD-WRT since they couldnt get the hardware acceleration features working on the chipsets. Fine for internet, terrible for local transfers)
…I can access all devices connected to my switch through any access point though? I think you’re forcing a distinction that doesn’t exist (although certainly can be configured into existence if one so chooses).
The default blocks them out. I've been clear that you need to change settings to make them accesible, which you either did yourself, or things like installing DD-WRT did it for you.
Again, that only works with specific hardware.
The only way this works the way you're claiming is that they dont have a DHCP server, which also means they cant be plugged into and setup or configured - they'd need to have a master device on the network to copy those settings from (which is how some unifi/ubiquiti/enterprise devices work, wired mesh effectively) -
which requires compatible matching hardware. Not what the OP already owns.
In this setup, the un-numbered device would be the bridged modem of whatever type that is.
Then we have primary router 1, router/AP 2 and 3 with some clients each. Wavy line for wifi, but honestly thats irrelevant.
Traffic cant go sideways here - clients on router 3 are aware of router 3 as their destination for all traffic and it is only aware of it's WAN going router 1 - it cant go sideways to router 2 via any means.
In a normal setup with routers/APs, each of these would be running an ethernet cable to their WAN ports, and then runs their own DHCP server sending out their own IP ranges, in their own subnets completely seperate to the other routers.
Traffic can go up, it can never go down. It can go sideways in a LAN environment if all devices are on the same IP range and subnet, but thats not how routers and AP's work by default.
You can share a USB printer on router 1 and every single device can see it - but a wifi printer on router 3, only router 3's clients will have access to it.
If it was a wifi or wired device on router 1, the firewall rules of each router/AP and their DNS and subnet settings would all individually block access to that network.
Think of it like port forwarding, unless you've done port forwards for every single router on the network, they aint going anywhere
Go check your network setup, see the IP addresses your routers/AP's are on, and what ranges the clients are on. You'll either be going upstream with what you're doing, or you've got it configured so the DHCP servers are disabled and they're all on the one network. DD-WRT may have automted some of this if you ran it and used some of the setup wizards on those later routers, but consumer routers dont offer those options.
Hell my google router you cant disable or alter its DHCP settings, AT ALL. It automatically grabs the IP from it's WAN port adds +1 (192.168.1.) becomes 192.168.2.1) to it, and then refuses to work if it cant directly connect to googles DNS servers with zero hops in between.
