[wtallis]

The typical architecture for routers these days is that the main SoC has two ethernet interfaces, each of which is connected to a 7+ port managed switch. One of the host CPU's interfaces is on the WAN VLAN, and the other is on the LAN VLAN. Some older routers used to have just one ethernet link between the switch and the CPU, with the CPU's other interface exposed directly as the WAN port. That made it easier to avoid bloat or bugs in the ethernet switch itself, but was fundamentally incompatible with the NAT offload those switches provide, so that configuration is now almost impossible to find.

[pedrocr]

This also makes these little routers extremely powerful. Since those switches have VLANs as well you can create very interesting topologies that would require much more expensive managed switches to achieve. I run an extra VLAN from my router, to one of my APs, to a dedicated wifi SSID to another wireless router to ethernet to a TV box so I can have the TV signal in a place I can't run ethernet to. Doing it through the normal Wifi would be a bad idea because the provider uses multicast IPTV and if you put that on your wifi every connected devices receives it. And this is all done with 3 50€ routers running LEDE, each with different VLANs and wifi SSIDs configured. They make for a really flexible setup.