Cisco 1700 ADSL
- Thread starter s0ck
- Start date
Wouldn't that be bonded rather than load balanced?
Yeh, I'm not looking to bond. I reckon I can get away with two gateways on the same metric. I suspect there's no documentation so as to push sales at the 1800/2800 series.
BT rejected my order because of a postcode mismatch *sigh* but I'll keep ya posted.
Soldato
- Joined
- 6 Sep 2008
- Posts
- 3,974
- Location
- By the sea, West Sussex
I wouldn't say fine, but it does work of sorts.
UDP traffic gets very quickly confused and you'll lose packets, making VoIP/Gaming/FTP pretty much useless. Secure internet traffic (HTTPS) gets screwed up too as it starts seeing data from 2 IP addresses and thinks it's being comprimised and bombs out.
I used to have plenty of other problems too, some you could work around with routing tables on the PC, some you had to live with.
It's interesting to have a play with so long as you are not expecting to get a sudden doubling in speed with no side affects.
UDP traffic gets very quickly confused and you'll lose packets, making VoIP/Gaming/FTP pretty much useless. Secure internet traffic (HTTPS) gets screwed up too as it starts seeing data from 2 IP addresses and thinks it's being comprimised and bombs out.
I used to have plenty of other problems too, some you could work around with routing tables on the PC, some you had to live with.
It's interesting to have a play with so long as you are not expecting to get a sudden doubling in speed with no side affects.
Man of Honour
- Joined
- 30 Jun 2005
- Posts
- 9,515
- Location
- London Town!
Having tested this extensively when I worked for an ISP who wanted to offer a solution based along these lines, the basic version is, all the options are rubbish...
round robin doesn't work properly, breaks some traffic, causes horrific jitter and is generally as rubbish as you'd expect it to be...
line bonding was a nightmare and I quite understand why most ISPs can't be bothered offering it. I won't go into the specific issues as nobody will understand I suspect but suffice to say it was worth the effort by a long way
The only option which even half worked was load balancing between two tunnel based VPNs, one over each connection, terminating on a router in the datacenter and piped out from there. I had that setup at home for a while before I moved but commercially it was too expensive to be worth considering...and jitter was still an issue...
round robin doesn't work properly, breaks some traffic, causes horrific jitter and is generally as rubbish as you'd expect it to be...
line bonding was a nightmare and I quite understand why most ISPs can't be bothered offering it. I won't go into the specific issues as nobody will understand I suspect but suffice to say it was worth the effort by a long way
The only option which even half worked was load balancing between two tunnel based VPNs, one over each connection, terminating on a router in the datacenter and piped out from there. I had that setup at home for a while before I moved but commercially it was too expensive to be worth considering...and jitter was still an issue...
Soldato
- Joined
- 6 Sep 2008
- Posts
- 3,974
- Location
- By the sea, West Sussex
1721 first and 1841 later.
I ended up going to an ISP that bonded, not MLPPP tho, and it still wasn't perfect.
Which ISP you with?
Pete,
I have it working with 3 different providers with a Watchguard Firebox. I haven't noticed any issues, and failover generally takes 1-2 seconds if a line goes down. If I look at the current connections it generally splits the load 1/3 (round robin doing it's thing).
We don't have any site to site VPNs anymore, although we have home users using PPTP VPN, including myself (I use it pretty frequently).
This is a supported method from watchguard.
I have it working with 3 different providers with a Watchguard Firebox. I haven't noticed any issues, and failover generally takes 1-2 seconds if a line goes down. If I look at the current connections it generally splits the load 1/3 (round robin doing it's thing).
We don't have any site to site VPNs anymore, although we have home users using PPTP VPN, including myself (I use it pretty frequently).
This is a supported method from watchguard.
Soldato
- Joined
- 6 Sep 2008
- Posts
- 3,974
- Location
- By the sea, West Sussex
Right, so you have your Firebox with a 5 NIC option, 3 of the NIC connected to an ADSL modem/router?
Soldato
- Joined
- 6 Sep 2008
- Posts
- 3,974
- Location
- By the sea, West Sussex
So this is very different from a Cisco with multiple WICs.
These Ciscos can only do per-session or per-packet load balancing, each having it's own advantage and disadvantages. Pre-session is most compatible, but it can only use 1 line so single session downloads didn't benefit from the extra line making it pretty pointless. Per-packet used both lines but gave me the problems I experienced.
It was a cheap and dirty way of doing it and it kinda worked, but ho hum.
On the Firebox front, when it I got my 1841 I retired my old Firebox III/1000.
The support contract was well out of date and I couldn't get anymore updates for it.... however I've just found out that you can put pfsense on an X500 / X700. There are loads of them going cheap on the bay due to them being out of contract too.... can you see where this is going??
These Ciscos can only do per-session or per-packet load balancing, each having it's own advantage and disadvantages. Pre-session is most compatible, but it can only use 1 line so single session downloads didn't benefit from the extra line making it pretty pointless. Per-packet used both lines but gave me the problems I experienced.
It was a cheap and dirty way of doing it and it kinda worked, but ho hum.
On the Firebox front, when it I got my 1841 I retired my old Firebox III/1000.
The support contract was well out of date and I couldn't get anymore updates for it.... however I've just found out that you can put pfsense on an X500 / X700. There are loads of them going cheap on the bay due to them being out of contract too.... can you see where this is going??