load-balancer and access point recommendations

At work we currently have two internet connections (Virgin and TalkTalk), each with their own wifi networks (using the standard consumer-looking routers), which are connected to by about 25 people in total. The problem is that people switch between networks, which often leads to one (and then the other) falling over. We're all pretty heavy users, with large files passing backwards and forwards over the internet connection, which doesn't help. Meanwhile, there are a tonne of wifi networks showing up around us, which means that every channel's pretty congested.

I feel like we'd have much better connectivity if we load balanced between the two internet connections and then got a proper wireless access point like the Ubiquiti UniFi that can handle that many connections without falling over. I don't really know what hardware to recommend though and even, really, if my idea of how we should be handling it is the best plan. Thoughts?

What are the relative speeds of the two connections?

What type of connection are they?

You only mention internet access. Is there any significant LAN traffic?

Cable it up.

Wifi should never be used for file transfers etc.

As above, try to cable up as many devices as you can. If not, start using the 5GHz wireless spectrum.

Draytek 2680 offers load balancing between multiple internet connections, although while I do use the router at work, I have not been able to test this feature. You'll need to plug the TalkTalk into WAN port 1, and set the Virgin SH (assuming it's their cable connection) to modem modem and plug that into WAN 2.

I'm curious why you've got to faff with two separate connections in the first place.

bremen1874 said:

What are the relative speeds of the two connections?

What type of connection are they?

You only mention internet access. Is there any significant LAN traffic?

Click to expand...

I think one's 100Mbps and the other's 30Mbps, though could be wrong.

Almost zero LAN traffic - everything's stored in Dropbox and shared from there.

joeyjojo said:

I'm curious why you've got to faff with two separate connections in the first place.

Click to expand...

Uptime - if one connection's down, theoretically, everyone can jump on the other - though in reality this tends to just overwhelm the other. There's very little anyone in the company can do without internet access. Anyway the contracts are all multi-year things so I'm just concentrating on making the most of what we have.

Surely though what you should actually be doing isn't load-balancing, it's failover.

A routing table that is based on an IP SLA (reachability track) would mean that you would automatically fail over to the secondary line if the primary were to fail.

Trying to run more than around 20-25 devices off a single (non high density) AP will always result in packet loss and connectivity problems, which can be exacerbated by transmitting and recieving devices that aren't necessarily authenticated to your SSID.

I think personally you need a decent router (or at worst a decent layer-3 switch) managing your routing tables and handling the WAN path failover, with either two standalone APs that are configured in a MESH, or a wireless LAN controller with dumb (lightweight) APs that are centrally managed to automatically channel hop to the cleanest frequencies, detect rogues (devices and networks broadcasting that are outside of your network), and mitigate connectivity problems. Dual-band APs (you'll only need 802.11n, it's more than enough to saturate your WAN) will allow you to have 5GHz capable devices automatically choose the less congested frequencies.

With a decent Cisco router, you could achieve the routing failover simply enough by configuring something like:

Although I have not done it, looks like the Ubiquiti EdgeRouter supports it easily.

https://help.ubnt.com/hc/en-us/articles/205145990-EdgeMAX-Dual-WAN-Load-Balance-Feature

My recommendation would be to buy an EdgeRouter Lite and a couple of UniFi AP AC Pros:

https://www.ubnt.com/edgemax/edgerouter-lite/
https://www.ubnt.com/unifi/unifi-ap-ac-pro/

You would need to configure both the existing routers in bridge mode, with the Wifi turned off. The 2 (or more, it depends how big your office is) APs will be on the same SSID, so all your users see a single Wifi network. The EdgeRouter is EXCELLENT (in my experience) at sharing traffic fairly, and you can introduce QoS if you find there are some users that are making life miserable for everyone else. You could also just throttle (or outright block) certain behaviours.

With 5GHz wifi you completely cut down any external interference, and you can easily and cheaply upgrade laptops that don't have 5GHz support (a replacement wifi card is less than £20).

This whole solution will cost you around £500 (you will need a switch if you don't already have one), and will give you an extremely solid solution. A fair bit of learning though!

Seems like you've got all your eggs in one basket with the WAN ruling the roost. How about putting a NAS or owncloud system in place so the LAN takes the strain. Have this sync or backup to off site storage which wouldn't be as affected by bandwidth since you'd most likely allocate it some bandwidth and it would just work in the back ground.

Edgerouter Lite will do the load balancing/failover very nicely.

Then connect that to a switch on eth2, then access points or more switches into that.

rotor said:

My recommendation would be to buy an EdgeRouter Lite and a couple of UniFi AP AC Pros:

https://www.ubnt.com/edgemax/edgerouter-lite/
https://www.ubnt.com/unifi/unifi-ap-ac-pro/

Click to expand...

Thanks for the recommendation. Presumably, you're recommending the AC-Pro over the AC-LITE due to the extra 5Ghz speed?

+1 for the Dreytek router option above - I've seen small businesses use these to load balance or failover 2 Internet connections. The only problem with the failover here though is that 100Mbs doesn't fail over to 30Mbps nicely unless you employ some QOS policy on the device. If you load balance it then you get that extra bandwidth you are paying for.

Also have you considered setting up a DMZ so you can transfer locally to a device with would then sync out to cloud storage. You could employ QOS to guarantee bandwidth for those flows or you could with some policy routing make it use one of the links freeing up the other for other traffic