×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Affordably Aggregating ISP Connections?

timothy posted more than 4 years ago | from the glob-glob-glob dept.

Networking 180

An anonymous reader writes "Has anyone setup a system to aggregate multiple ISP connections to form a high bandwidth site-to-site link? Load Sharing SCTP looked interesting, but it doesn't look like it has been widely adopted. Multi-Link PPP appears to be more widely supported for clients, but I can't find any good guides for setting up both sides of the connection for a site-to-site link. The hardware solutions I've found are expensive for a small business. Does anyone have experience using hardware solutions from Mushroom Networks (Virtual Leased Line, p2 of this document), Ecessa (site-to-Site Channel Bonding), or others?"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

180 comments

Peering (1)

sopssa (1498795) | more than 4 years ago | (#29763851)

The hardware solutions I've found are expensive for a small business.

And leasing the line is too if you want multiple ISP's on it. One is easy, after that it gets hard.

If you want something fail-proof, just go for co-location in an established datacenter with many peers.

The more interesting question here is that if someone has done *peering* outside of major datacenters? It's of course costly, but it's something the submitter is looking for.

Re:Peering (2, Insightful)

Annymouse Cowherd (1037080) | more than 4 years ago | (#29763919)

I think that the poster was intending to agreggate a cable, DSL, and satellite link to make a more reliable connection, not get multiple ISPs on one line.

Re:Peering (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#29764295)

Oh my god im going to poop!
 
  There will be So much poop!

Re:Peering (0)

Anonymous Coward | more than 4 years ago | (#29764067)

put the two circuits on the other side of two cable/dsl/... modems.
on your workstations -
two default gateways,
nat both of them
you are good to go

HTTP proxy doing range requests (1)

seanadams.com (463190) | more than 4 years ago | (#29764151)

I had an idea for how to do this - has anyone tried using a HTTP proxy, and having it split up large downloads across multiple HTTP range requests, each going out of a separate WAN connection?

In other words, given N connections to the internet: Small requests are load balanced by simply doing round-robin. When the response starts coming in, if the object size is more than say 10MB, the proxy goes and issues N-1 additional range requests across each of the other WAN connections for equal sized chunks (or sized in proportion to the speed of each link, if they're different speeds).

And this could be done a lot better with some additions to the HTTP protocol. A "stride" parameter for example...

Of course it is not trivial but I think for static objects it is imminently feasible.

Re:HTTP proxy doing range requests (0)

Anonymous Coward | more than 4 years ago | (#29766029)

You can do already do this on a lower network layer. What if you're not using HTTP?

Re:Peering (1)

wgoodman (1109297) | more than 4 years ago | (#29765397)

I know linksys has a couple routers (both the RV042 and RV082) that supports 2 incoming broadband connections with link aggregation (or it can use it as failover) if you used two of these and set up a VPN it would be fairly cheap/easy (under $500 easy) I just looked on their site but since the Linksys business stuff is now buried in Cisco's crappy site, i was unable to find a link. I've seen them at Fry's plenty of times. I've used several of them and they tend to be fairly stable.

Re:Peering (2, Interesting)

hardwarefreak (899370) | more than 4 years ago | (#29765715)

I know linksys has a couple routers (both the RV042 and RV082) that supports 2 incoming broadband connections with link aggregation (or it can use it as failover) if you used two of these and set up a VPN it would be fairly cheap/easy (under $500 easy) I just looked on their site but since the Linksys business stuff is now buried in Cisco's crappy site, i was unable to find a link. I've seen them at Fry's plenty of times. I've used several of them and they tend to be fairly stable.

I looked into the RV082 a while ago and found that you can get reasonably close to doubling your _outbound_ bandwidth, but not inbound. Bonding the inbound links would require both WAN lines be provided by the same ISP, so they could configure round robin across your two links.

The RV082 is a great little SOHO router and does pretty good load balancing/aggregation of outbound traffic. The OP seems to be looking for true bi-directional link aggregation of dissimilar ISP WAN links (cable/dsl or two of one of these from different providers). This is simply not possible, because there must be intelligence on the other end of your links round robin'ing the traffic between them, just like your RV082 is doing in this case.

In short, this is a great inexpensive product to double your outbound and provide redundancy. Keep in mind you'll need to do some creative things in DNS and with port forwarding on the Linky as you'll have two different public IPs on those WAN links. WRT hosting a mail server, you'll need two MX and A records, one for each public IP on each WAN link. You'll also need duplicate records for all your servers, whether WWW, ftp, etc.

Setting up _inbound_ redundancy is not simply clicking a radio button as with outbound redundancy. Remote hosts have to be told how to reach you. This means advertising both routes. Since you aren't paying an ISP for this redundancy, and you're doing it on the cheap yourself, you'll have to mangle DNS to get the inbound redundancy.

If you're looking for merely link aggregated high bandwidth site-to-site, I'm not sure if this Linky will do so with the VPN feature. You can sure try it. You can also use the little brother RV042 for a little less money, although neither is terribly expensive.

pat benatar? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#29763907)

fucking cunt.

Don't be so cheap (-1, Troll)

solid_liq (720160) | more than 4 years ago | (#29763917)

Use a point to point T1 just like all the other small businesses out there. Even small businesses can afford it. They just may not want to pay for it, but they will.

Re:Don't be so cheap (3, Insightful)

adolf (21054) | more than 4 years ago | (#29763993)

All of them?

Um, yeah: Whatever you say, kid.

We usually just use a Roadrunner account for the main office, just like all the other small business out there. It's faster and cheaper than a T1, and has better reliability than the PRI that handles our phones. (We also have a freebie account with a local WISP that we do some business with for manual fail-over, but we haven't had to use it in years.)

Re:Don't be so cheap (1)

solid_liq (720160) | more than 4 years ago | (#29764019)

When I first read it, I thought he was talking about connecting two offices together securely. Of course, I also hadn't considered that we here in Chicago tend to spend more money than people in other areas, either.

Re:Don't be so cheap (1)

TubeSteak (669689) | more than 4 years ago | (#29765719)

(We also have a freebie account with a local WISP that we do some business with for manual fail-over, but we haven't had to use it in years.)

That sounds like code for "we haven't tested our backup plans in years"
Having a backup and not testing it is a rookie move.

Re:Don't be so cheap (1)

adolf (21054) | more than 4 years ago | (#29766063)

Relax, meme. Everything works fine. Not that it particularly has to, though: There isn't much that goes on in this particular small business which requires Teh Intarweb, anyway.

Assuming otherwise without further information is the mark of a real asshole. And just because it's a popular assumption over the past few days (Danger/Sidekick/T-Mobile/Microsoft) doesn't mean that it's universally true.

Now get back under your rock, #669689.

Bonded VPNs (5, Informative)

Anonymous Coward | more than 4 years ago | (#29763929)

I have bonded 2 IPSec VPNs running over 2 ISP's to create a bigger (and cheaper) site-to-site link on the cheap.

http://www.zeroshell.net/eng/faq/vpn/

Read Point 5 in the link

I would never socialize with a slashdot user. (-1, Troll)

Anonymous Coward | more than 4 years ago | (#29763937)

I would never socialize with a slashdot user.
No. Just no. lol. I would be mortified if someone saw me with a bunch of neckbeards waddling around with their cell phones strapped to the outside of their waists. Half of you have been in junior college for almost a decade. Blech.
My time is precious, and I can afford to be choosy when it comes to people I associate with. I wouldn't even look at you if you tried to get my attention.

Re:I would never socialize with a slashdot user. (-1, Troll)

Anonymous Coward | more than 4 years ago | (#29764169)

...and your trophy wife is busy mating with well-hung negroes as we speak. It seems that she is a choosy person as well, especially while her vagina is being turned into a pink slinky while you work on your hedge funds.

Jew.

Re:I would never socialize with a slashdot user. (1)

John Hasler (414242) | more than 4 years ago | (#29764915)

> ...their cell phones strapped to the outside of their waists...

You strap yours to the inside of your waist? I'm trying not to visualize that...

Re:I would never socialize with a slashdot user. (0)

Anonymous Coward | more than 4 years ago | (#29764965)

> I would never socialize with a slashdot user.

Good move. Having people talk about how hard it was to get the stench off after spending time with you would not help your job prospects (were you ever to graduate from Junior High). Better that you associate with your own kind. There's always work for unskilled labor.

What are you really trying to do? (5, Insightful)

BadAnalogyGuy (945258) | more than 4 years ago | (#29763969)

What you have presented us with here is a "B C" problem. You want to achieve C, so you ask us how to do B. Unfortunately, you never specify what A is, so the best we can do is give you some pointers for B which are probably going to be irrelevant and useless to what you are really trying to achieve.

Most of the comments will probably be about trying to figure out what your A problem is. To that end, why don't you just get a faster line in the first place and forget about this line aggregation stuff you're asking about?

Re:What are you really trying to do? (1, Informative)

Anonymous Coward | more than 4 years ago | (#29764103)

To that end, why don't you just get a faster line in the first place and forget about this line aggregation stuff you're asking about?

A lot of people don't realize that in many places in the US "getting a faster line" just isn't an option. When you get out of the large metro areas, the connection options start going down considerably until you may be left with satellite as your main option and iffy terrestrial wireless (or, gasp, dialup) as your backup options. When that happens, I don't blame anyone for trying to tech the tech for better bandwidth.

Multiple bonded connections (3, Informative)

davidwr (791652) | more than 4 years ago | (#29764159)

In theory, you can bond multiple DSL, multiple cable, multiple T1, or even multiple dialup connections from the same vendor.

Even if you are in a small town where the best service you can get is 1Mbps DSL, if you've got enough wires running from the neighborhood box to your house you can ask for 2 or 3 or more separate DSL lines and see if the local telco will support bonding them.

Even 15 years ago some telcos offered on-demand, 0-24 circuit, bonded dialup. The idea was a business would use it as up to 24 voice circuits during times of the day they talked a lot and up to 24 modem/data circuits when they needed them, typically at night for batch data exchange. It was sold as an alternative to T1 or ISDN, the first of which was very expensive and not available in all areas, and the latter of which was expensive and roughly the equivalent of 2 phone-or-data lines.

DSL and later cable internet made this pretty much obsolete, at least in technically advanced areas.

Re:What are you really trying to do? (2, Insightful)

KingSkippus (799657) | more than 4 years ago | (#29765359)

Unfortunately, you never specify what A is...

As the other poster noted, it's not always easy to just add more bandwidth. Where I live, the absolute fastest DSL line I can get is 1.5 Mbps. Fortunately, my cable company offers faster options, up to 22 Mbps. If they didn't, I'd be screwed if I actually wanted a decent connection relatively cheaply.

Also, one nice thing about having multiple links over multiple ISPs multiplexed together is that you have redundant links. If one ISP is having problems, you still have some bandwidth, which is generally better than no bandwidth at all. I'm assuming that the submitter would like features like automatic failover, so that if one link goes down, all of the traffic will defer to the other link until it comes back up.

Where I work, we have this type of setup with most of our big plant sites, although with the bandwidth we're talking about, it's definitely high-end business-class (read: expensive as hell) service, and because we don't want sites to become dependent on the higher bandwidth, we leave our secondary circuits idle unless needed. It would be nice for there to be a solution that offers the higher bandwidth and redundancy of a multiplexed connection cheaper than it would cost to only be available to huge MNCs.

Re:What are you really trying to do? (1)

Vancorps (746090) | more than 4 years ago | (#29766311)

If I provisioned secondary services and let them sit idle then accounting would report it and then I wouldn't have a secondary link anymore. I have Ecessa WAN Load balancers and they get the job done on the cheap compared to the alternatives I researched from Fat Pipe for instance. I put on a show that requires real-time streaming of video among many other Internet features required to perform. The only Internet I can get is 3meg DSL which hurts at that location. Every other location I can get optical Internet on the cheap. My last show I had 150meg of bandwidth and life was good. The load balancers are clustered per site, you'll have to have units on both ends to coordinate packet transmission as others have noted, latency among links can cause responsiveness problems. Fortunately the load balancer takes care of that allowing me to set thresholds and prioritize traffic.

Not only do I have redundant transparent Internet connections but I can use all the bandwidth as I see fit making it easier to justify the expense of service which for us is temporary. The only problem I ran into was with our SIP phones pass-thru port as it would put workstations on another VLAN. Something about how it handles the traffic requires me to connect another cable to the load balancer and feed the VLAN directly instead of using the trunk port. All said and done it was pretty easy to deploy though.

In my case I make sure I have multiple static IP addresses, should the load balancer experience some failure my firewall will detect the failure and route directly advertising a working link via OSPF. The cost is higher so the link only gets used by my main router if the load balancer becomes unavailable. Automatic fault tolerance is a beautiful thing when you make 80% of your money for the year in 7 days.

Re:What are you really trying to do? (1)

jawahar (541989) | more than 4 years ago | (#29765857)

Wondering if it is possible to aggregate 2 power lines for e.g. 10 Volts + 20 Volts = 30 Volts

Have experience with Ecessa... (2, Informative)

Anonymous Coward | more than 4 years ago | (#29763977)

We've been using 2 Powerlinks from Ecessa (back when they were Astrocom). They work really well, and the price is tough to beat. We have one in our Dallas branch (with a T1 and business cable ISP) and one at our home office in Baton Rouge (a dual bonded T1 and business cable). They are channel bonded with each other, so the site-to-site VPN is more stable. They made my life a lot easier!

tomato (3, Informative)

angelbunny (1501333) | more than 4 years ago | (#29764033)

The cheapest way to do this is use the mlppp version of tomato on a wrt type router. You can check it out here: http://fixppp.org/ [fixppp.org]

Re:tomato (5, Informative)

Anonymous Coward | more than 4 years ago | (#29764305)

Only works if you've got DSL, and then again only if they use PPPoE. Then the remote DSLAM needs to support mlppp as well.

I would suggest OpenBSD + PF and just load balance the connections using PF. Takes all of 10 lines of code to get it up and going and is well documented. This won't aggregate your bandwidth, however if you have multiple streams open, it'll bounce those between two or more connections. I've personally done 4 lines like this (2x adsl2+ and 2x DOCSIS 2) and hit about 95% utilization across all lines.

Also with PF, both lines don't need to be the same speed, or even with the same provider, which gives you some additional fault tolerance.

Re:tomato (1)

geniusj (140174) | more than 4 years ago | (#29764891)

Psst.. If DSL is not PPPoE, then it's typically PPPoA. Should work either way.. You just have to find an ISP that will support you.

Re:tomato (1)

Vancorps (746090) | more than 4 years ago | (#29766317)

Very few ISPs will support you, you should never rely on a 3rd party providing a special service for you when you can load balance it yourself with two cisco routers using BGP or with Ecessa Powerlinks should your budget be constrained like mine was. Then you don't have to worry about what the hopefully various ISPs that you use support.

Re:tomato (0)

Anonymous Coward | more than 4 years ago | (#29765001)

I would suggest OpenBSD + PF and just load balance the connections using PF. Takes all of 10 lines of code to get it up and going and is well documented.

Where is this documented?

Re:tomato (1, Insightful)

Anonymous Coward | more than 4 years ago | (#29765583)

im curious what happens with sessions on web sites and such that look at your IP address...

do you constantly have to re-login to such sites?

Re:tomato (1)

angelbunny (1501333) | more than 4 years ago | (#29765929)

with mlppp you have one external IP address. This is not multi wans going out but more 2 pipes going out of your house to the same ISP which then goes out from your ISP as one IP like having a fatter pipeline.

Re:tomato (0)

Anonymous Coward | more than 4 years ago | (#29765131)

Yea, ML-PPP doesn't seem to have that much documentation, but that's mostly because it's so incredibly simple. I was actually amazed. You just put "multilink" in the config files on both ends, and it pretty much just works...

Other than that, just use PF and load-balance. It's pretty close to functionally the same in many instances.

pfSense (3, Interesting)

adairw (1338775) | more than 4 years ago | (#29764035)

Unless you can get your ISP to bond several connections together about the best you can do is load balancing across multiple connections. I use pfsense (http://www.pfsense.com) as my router/firewall VPN solution that's free, you only supply the hardware to run it on. with it you can load balance and fail over to 2 or more connections automatically. Specif connections can even be setup to have certain traffic routed over them while all other traffic gets load balanced round robin style. there are of course other free *nix distros out there that will let you do the same type of stuff however I and many others have found pfSense to be far batter than most. AW

Re:pfSense (2, Insightful)

angelbunny (1501333) | more than 4 years ago | (#29764133)

I use pfSense too for my multi wan needs and it really is a wonderful distro imho.

However, there is a difference between grabbing a bunch of wans and throwing them together vs linking them together like one giant pipe. I'm not completely sure what the author is trying to do but if this person wants the multi lane freeway approach instead of multiple separate parallel roads than pfSense does not currently support protocols such as mlppp and may not be what they are looking for.

However, if the person wants to hack it a bit then theoretically it could be done since pfSense is built on freebsd (i believe) which does support mlppp. However, one might ask why do that when you could install freebsd on the box instead of pfSense and do the same thing with the same amount of work?

Re:pfSense (0)

Anonymous Coward | more than 4 years ago | (#29764439)

I do something similar with pfSense. We don't aggregate, but we route our servers out on a T1 and our users out on a Comcast line. When the Comcast line goes down, we manually failover our users to the T1.

pfSense also supports load balancing based on multiple rule-types, round robin being the most common choice. For inbound balancing you can split based on IP (we've done this when we've needed to stream A/V) and then aggregate offsite (also done this for A/V streaming).

You can't do what you want to do (0, Troll)

realmolo (574068) | more than 4 years ago | (#29764041)

You didn't give us enough info, but it sounds like you want to aggregate multiple connections from *multiple ISPs*. Which isn't really possible. Not like you want. You can achieve *failover*, but not aggregation.

Basically, you need to read a fucking book on how routing works.

Re:You can't do what you want to do (5, Informative)

Anonymous Coward | more than 4 years ago | (#29764177)

Sure you can.

http://www.openbsd.org/faq/pf/pools.html [openbsd.org]

One simple example. Plenty of other options available with other software. As long as you load-balance per connection instead of per packet there aren't many issues with this, and those often don't apply outside of special use cases.

Re:You can't do what you want to do (0)

taskiss (94652) | more than 4 years ago | (#29764971)

The original poster requested info on how to create link aggregation on multiple network routers, not load balance his system...although I'm not sure he understands the difference.

The short answer is - he can't. He would need them going to a single device which supports port trunking, and that's not going to happen with connections from dissimilar IPS's.

Re:You can't do what you want to do (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#29765063)

you're a fucking retard, the OP said he wanted to link "two offices" via aggregated lines, which means he has control over both ends of the connection(s), and can setup link aggregation on top of the normal internet access that is available from both office locations.

Re:You can't do what you want to do (1)

taskiss (94652) | more than 4 years ago | (#29765331)

Perhaps English isn't your first language...

The OP wrote "Has anyone setup a system to aggregate multiple ISP connections"

Had he written "Has anyone setup a system to aggregate multiple connections from an ISP" you'd just be a jerk, but as it stands, you're an ignorant jerk.

Re:You can't do what you want to do (2, Informative)

Jah-Wren Ryel (80510) | more than 4 years ago | (#29765401)

Wow. I'm not the AC but after that response I fully agree with him.
Your use of selective quoting is amazing, you got some big-ass internet cojones to ignore the rest of the very same sentence that you quoted.

...to form a high bandwidth site-to-site link.

Re:You can't do what you want to do (5, Funny)

hcetSJ (672210) | more than 4 years ago | (#29764209)

a fucking book on how routing works

Now there's a fetish you'll only run across on Slashdot.

Re:You can't do what you want to do (1, Funny)

Anonymous Coward | more than 4 years ago | (#29765355)

Insert tab A into slot B...

Hot RJ45 action!

Re:You can't do what you want to do (2, Insightful)

Penguinoflight (517245) | more than 4 years ago | (#29764239)

It is possible as long as you have control of both endpoints. The routing book is probably still a good idea.

Oh yes, you can! (It just costs money) (1)

JimProuty (1298167) | more than 4 years ago | (#29764351)

What people presume to know, sheesh! Bandwidth Aggregation: Combining Internet Connections to Incrementally Increase Bandwidth Capacity Bandwidth aggregation combines two or more Internet connections and gives Internet applications access to their total available bandwidth and increases reliability with link redundancy. PowerLink, ShieldLink and ClariLink bandwidth aggregation techniques (also known as multi-homing) support load balancing to route Internet sessions from congested links, to links with more available bandwidth. They also provide automatic failover of Internet sessions from failed links to functional connections to eliminate the Internet as a point of failure. http://www.ecessa.com/pages/solutions/solutions_technology_bandwidth.php [ecessa.com]

Re:Oh yes, you can! (It just costs money) (1)

Predius (560344) | more than 4 years ago | (#29765571)

And they all work like crap...

If you want to truly multi-home, get an ASN and do BGP.

Re:You can't do what you want to do (1)

timmarhy (659436) | more than 4 years ago | (#29764583)

you might want to have a read of that routing book as well, since it's possible to use 2 different isp's and still increase aggregate speed....

Re:You can't do what you want to do (0)

Anonymous Coward | more than 4 years ago | (#29764643)

After reading some of the subsequent posts about Talari and Sharedband.com, I think your post about reading a fucking book on how routing works makes you look like a retard.

Re:You can't do what you want to do (1)

geniusj (140174) | more than 4 years ago | (#29764967)

I imagine the way sharedband works is that it's a VPN endpoint. If you use VPNs (essentially creating another IP layer on top of the existing one), you *can* aggregate multiple connections and even get faster single-session transfer speeds.. You just need an endpoint to connect to that has at least that much bandwidth. This appears to be part of what sharedband offers. The main issue I'd be concerned with, however, is latency.

Re:You can't do what you want to do (1)

Rozine (1345911) | more than 4 years ago | (#29765045)

For something natively supported in Linux, this really isn't something that I'd say is impossible...

Haven't tried this document but it looks promising (0)

Anonymous Coward | more than 4 years ago | (#29764055)

http://www.ssi.bg/~ja/nano.txt

Misread title (0, Offtopic)

Bovius (1243040) | more than 4 years ago | (#29764083)

At first glance I read "affordably aggravating ISP connections". As in respectably annoying without breaking the bank.

failsafe.ca (0)

Anonymous Coward | more than 4 years ago | (#29764099)

Failsafe (http://failsafe.ca) My own tunneling system, which operates at the IP layer (and so doesn't care what the underlying links are), will provide both aggregation and redundancy using multiple links between sites.

Linux Based Solutions (0)

Anonymous Coward | more than 4 years ago | (#29764101)

Other options in the Linux world are Zero Shell and Vyatta. You can aggregate Internet connections and also have failover capabilities.

HMH

Talari Networks? (2, Informative)

Anonymous Coward | more than 4 years ago | (#29764123)

Have you looked at what Talari Networks (http://talari.com/ [talari.com]) is doing? I'm pretty sure their products do EXACTLY what you're talking about. Might be pricy for you, but it should do the trick.

printers/newpapers (3, Informative)

shareme (897587) | more than 4 years ago | (#29764129)

Your local newspaper or medium sized printer will have such a setup. Buy their IT staff diner to get the information..

Re:printers/newpapers (3, Funny)

bendodge (998616) | more than 4 years ago | (#29765775)

Even in really depressed metros, diners are still pretty expensive compared to T1's.

Dreytek (2, Insightful)

Rainwulf (865585) | more than 4 years ago | (#29764195)

The higher end dreytek business modems support at least two aggregate DSL links. The real question is, do you want a wider pipe, or a faster pipe. One is easy, the other not so easy. Bigger trucks in your tubes, or faster trucks in your tubes :) (sorry couldnt resist that analogy)

Re:Dreytek (0)

Anonymous Coward | more than 4 years ago | (#29764393)

But in a way they are tubes, they are tubes of light!

www.sharedband.com (1)

newmember (1270322) | more than 4 years ago | (#29764277)

www.sharedband.com
Bonds both Up and Down stream.
Layer 3 so you don't have to bother your ISP.
I have seen people bond FiOSS with DSL and Cable modems.

Sold directly or through your ISP if they offer the service.

Reliable and very cost effective.
Keeps your ISP honest.
Cheers

Multi WAN router (1)

Grant The Great (562818) | more than 4 years ago | (#29764323)

Just get one of the commercial multi wan routers and jam a bunch of connections into them. It's not true link aggregation but it's as affordable as it can get. It won't become one giant pipe, instead the connections from machines behind the router will get load balanced out. In order to get true link aggregation, well, it's horribly expensive and I'm almost positive that it can't be done with multiple ISPs.

Ask Willie Nelson, he uses Mushroom Portabella (4, Interesting)

Anonymous Coward | more than 4 years ago | (#29764453)

Wired has an article on Willie Nelson's setup in his tour bus running, http://www.wired.com/epicenter/2009/10/willie-nelson-broadban/ [wired.com] "Willie Nelson has tossed the satellite dish off the back of his corn-powered tour bus in favor of a little box that fuses wireless data cards from a variety of networks into a single connection."[Mushroom Networks PortaBella 141]

Give us more information (1)

jbroom (263580) | more than 4 years ago | (#29764463)

What exactly are you trying to achieve?
Some scenarios:
A) remote to central with 2 ISP's at remote with "cheap regular" DSL type connection going to central where there is a "big fat pipe" (multihomed?)
A.1) a one of for a single remote .2) something repeatable for multiple remotes
B) remote to central with 2 ISP's as A) and with (same?) 2 ISP's at central (also B.1 & B.2) as above).

Do we have any fixed public IP addresses anywhere in the equation (or is this out of budget too)?
In all cases in which direction is the data flowing mainly?
Also, what is the purpose mainly here? Getting higher speed? Higher redundancy? Less latency (hah!) ?
> The hardware solutions I've found are expensive for a small business
Can you define expensive, what type of price is out of it (both for hardware and for links)?

I would GUESS that the end result needed is to connect LAN-1 to LAN-2 , so it doesn't HAVE to "look" as a single channel for the routers involved, just that the paths
aggregate and are redundant... But a bit more information would be appreciated!

Vyatta? (0)

Anonymous Coward | more than 4 years ago | (#29764495)

I think it can do multi-WAN...

Need More Infos (2, Insightful)

LoudMusic (199347) | more than 4 years ago | (#29764507)

Sounds like you're trying to take a DSL, cable, and possibly a T1 or other technology and trunk them for combined throughput. That isn't possible because you'd have packets in the same stream taking different routes and TCP/IP doesn't allow for that, that I know of. I don't think any technology allows for that. For example an 8mbit DSL, 6mbit cable, and a T1 can't be combined to make a 15.5mbit connection. I suppose the same would be true if you were wirelessly connected to multiple networks.

You can, however, use all three gateways independently with a variety of load balancing software so that when a new request is made from any host it is routed through the gateway with both the quickest response time and the most bandwidth available. I'll let you look that up on your own - there are lots of free options. The problem is that the load balancer needs to be smart enough to not fuck up your active sessions. If you were communicating with a host via one route, went idle for a bit but didn't end the session, then sent more data via another route the host on the other end will most likely (if written correctly) not accept your new packets.

The way we handled it at "The Geek House" with three internet gateways was to just permanently assign gateways based on the role of the host, and made sure not too many were on the slower gateways. It's not perfect, and certainly could have been geekier, but it worked and we didn't have to worry about shit breaking in the middle of a frag fest. And if one gateway was down the hosts configured with that gateway just had to change their gateway.

Re:Need More Infos (5, Informative)

mindstrm (20013) | more than 4 years ago | (#29764735)

"TCP/IP doesn't allow for that, that I know of"

It sure does - it doesn't care what route the packets took - just that they got there. THe problem is if you split the stream over 3 links with varying latency - you won't see the performance gains you wan t- it'll more likely hurt.

If the goal is to end up with a virtual point-to-point link between two offices using multiple ISPs, you can certainly leverage multiple connections to do that. It also depends on the nature of the traffic.

You can set up multiple VPN tunnels and then run whatever protocol you want - you could do MLPPP - but that'll get ugly if the links don't have very similar characteristics.

The solution you mentioend in the end - Iv'e found that' susually the best - you can get most common *nix systems to do some kind of weighted load balancing of outgoing sessions... whether it's per-source, per-destination, per-protcol, or based on any other weird usage combination you had.

For an office situation Iw as once in - we had 1 2mbps and 1 x 4mbps lines (from separate providers) and a very high latency 1Mbps satellite connection.
I gave them a web page that had four buttons on it.
The first was "normal operation - 2MB + 4 MB". TCP sessions would be randomly routed over one orhte other, with double rpeference given to the 4 meg line.
The ohters were "ISP1, ISP2, and Satellite" respectively. At the push of a button the routes would flip, the state tables would flush, and everything would work. For practical puproess, it worked really well.

There is no magic way to simply aggregate bandwidth from separate providers over consumer connections with meaningful results... not like bonding multiple direct lines or anything like that.... 2 + 2 won't equal 4.... but depending on the use case, it can be just about as good.

Re:Need More Infos (1)

ngg (193578) | more than 4 years ago | (#29765279)

"TCP/IP doesn't allow for that, that I know of" It sure does - it doesn't care what route the packets took - just that they got there. THe problem is if you split the stream over 3 links with varying latency - you won't see the performance gains you wan t- it'll more likely hurt.

The problem is that many stacks treat out-of-order packet reception as packet loss, which causes the sender to throttle the outgoing stream. When the GP said "TCP/IP doesn't allow for that," they probably meant, "The congestion-control algorithms used by TCP/IP work very poorly when you try to distribute the packets over multiple links, especially when they have different speeds and latencies."

If the actual packet loss on the link is low, it seems like this could probably be addressed with a sort of re-ordering buffer that holds out-of-order packets for, say, 2x the average latency of the slowest link (and releases them to the receiver if the intermediate packets don't show up in that time). I'm sure this causes other problems that I haven't thought of, though.

Re:Need More Infos (1)

Leto-II (1509) | more than 4 years ago | (#29765641)

Sounds like you're trying to take a DSL, cable, and possibly a T1 or other technology and trunk them for combined throughput. That isn't possible because you'd have packets in the same stream taking different routes and TCP/IP doesn't allow for that, that I know of. I don't think any technology allows for that. For example an 8mbit DSL, 6mbit cable, and a T1 can't be combined to make a 15.5mbit connection. I suppose the same would be true if you were wirelessly connected to multiple networks.

I think you need to review your basic networking knowledge. We use packet switching, not circuit switching. Different packets within a single TCP/IP connection can most definitely take different routes to their destination. It might not be the optimal situation, but it is built to work that way.

Re:Need More Infos (1)

ScarKnee (588584) | more than 4 years ago | (#29765733)

That isn't possible because you'd have packets in the same stream taking different routes and TCP/IP doesn't allow for that, that I know of.

Actually you can do it. We used to do it at work between a couple of sites. We had a T1 and a DSL line. We used an off-the-shelf product from Fatpipe (http://www.fatpipeinc.com/) that can do just that over various types of connections. Not cheap/free, though, so it doesn't fit the poster's need.

I am sure there are several methods of accomplishing the same end. We liked the support they provided.

The answer depends on the fine details. (0)

Anonymous Coward | more than 4 years ago | (#29764511)

If you want to enhance single-flow performance, then MLPPP or round-robin per-packet balancing is what you'd want, but would require the cooperation of your ISP. This isn't possible with multiple ISPs.

Alternatively, if you were trying to enhance performance between home and $job, or just wanted to steal bandwidth from $employer, then you could plop down a device at the office, then build a tunnel to it over each ISP connection, and then balance your traffic over those tunnels, likely at the expense of god awful latency and jitter.

If single-flow performance imüprovement isn't on the agenda, but aggregate improvement is (i.e. to improve peer-to-peer download), then you could run through a PAT device that would source traffic from IP#1, IP#2, ... and then shoot it down Connection#1, #2, ... This would be like server load balancing in reverse. I can't think of an app or device that would do this, but it would be pretty easy. You could probably do this with a cheap-o Cisco router with one ethernet/vlan to ISP#1, one to ISP#2, and one to Inside network, and then have two PAT configs tied into an extended ACL matching on destination traffic, and tell it to break out the traffic between the two PAT configs based on a wildcard match of 1/0 of the last bit in the IP (i.e. even/odd). I've used a similar config to balance many inside hosts in a pinch to many outside cheap ISP connections. I.e. last bits = 00, you get upstream#1 PAT, last bits = 01, you get upstream#2, last bits = 10, you get upstream #3, ...

int Fa0.1
  desc Inside
  ip addr 10.42.42.42 255.0.0.0
  encaps dot1q 1 native
  ip nat inside
int Fa0.100
  desc isp#1
  encaps dot1q 100
  ip nat outside
  ip addr dhcp
int Fa0/0.101
  desc isp#2
  encaps dot1q 101
  ip nat outside
  ip addr dhcp
ip nat inside source list 100 int Fa0.100 overload
ip nat inside source list 101 int Fa0.101 overload
access-list 100 permit ip 10.0.0.0 0.255.255.255 0.0.0.0 255.255.255.254
accessölist 101 permit ip 10.0.0.0 0.255.255.255 0.0.0.1 255.255.255.254

As a side-note, you may even be able to do per-packet balancing on outbound. Some ISPs will do uRPF, an anti-spoofing measure that prevents you from sourcing traffic from IPs that aren't routed back to the connection your ISP receives them on. Some ISP's don't.
Otherwise, you can policy-route the outbound traffic.

I'm sure you could whip up a similar config using unix packet filter of choice.

Re:The answer depends on the fine details. (1)

MadRocketScientist (792254) | more than 4 years ago | (#29764613)

If you're going to recommend a pair of Cisco routers, then why not run GRE over IPSec? You can run EIGRP over the tunnel interfaces, and configure either equal-cost load sharing across the links, or use variance to proportionaltely allocate traffic over the links according to the expected bandwidth. If you want to keep some conversations pegged to a particular link, you can policy route those host/network pairs, while still maintaining failover if that link dies. You don't even need NAT/PAT in this scenario if the private address ranges don't overlap.

Re:The answer depends on the fine details. (0)

Anonymous Coward | more than 4 years ago | (#29764715)

The recommendation wasn't for a pair of Cisco's. It was for a single Cisco that would, without participation of any other device, balance traffic through PAT based on the last bit(s) of the destination IP address.

I.e. if the destination IP is x.x.x.191, send to ISP#1 w/isp#1 src ip. If it's x.x.x.192, send to ISP#2 with isp#2 src ip, if it's x.x.x.193, send to ISP#1 w/isp#1 src ip.

Peplink multi-WAN router (1)

michaelchan (92068) | more than 4 years ago | (#29764521)

Peplink multi-WAN router supports forming multiple site-2-site VPN connections over multiple WAN connection. Failover and load balancing VPN traffic is supported. Routing between sites is automatically configured. 256 bit AES encrypted. Supports static IP, DHCP and PPPoE WAN types.

Only Half a dozen BSD and Linux Appliances... (2, Informative)

thatkid_2002 (1529917) | more than 4 years ago | (#29764667)

I'm not one to yell at noobs but I really can't imagine timothy did more than a Bing search because I see that pfSense comes up on the first page of results on Google when you query "multi wan".

PfSense is probably the go for this, but you are free to choose any other BSD or Linux based distro which gives you a nice pretty point and click web interface out of the box and good online documentation on how to use the features.

Hell, you don't even actually need physical hardware for this provided that you have two NICs available and a virtualization capable server.

Re:Only Half a dozen BSD and Linux Appliances... (1)

adairw (1338775) | more than 4 years ago | (#29764687)

not even a virtual hardware, just a nic that supports 802.1q and a vlan capable switch! In theory a single interface is all that's needed with the right hardware. There is a story online where a guy took a computer with two nic's (one lan, one wan) a vlan switch and load-balanced across 6 DSL connections for a gaming center using pfSense.

Re:Only Half a dozen BSD and Linux Appliances... (0)

Anonymous Coward | more than 4 years ago | (#29766017)

Ask Slashdot isn't about getting a google search answer. It's about drawing on the opinions and experiences from a group of people who have walked the path before you. People who can tell you about expensive options that don't work and recommend ones that do.

Wireless (1)

Tdawgless (1000974) | more than 4 years ago | (#29764695)

Are you trying to bond all of your neighbor's WAPs together so you can aggregate their bandwidth? This could make bit torrenting an interesting thing.

Linux, with "Advanced Router" features (1)

Sipper (462582) | more than 4 years ago | (#29764757)

Someone I know did this by setting up Linux routers with "Advanced Router" kernel features -- namely source-routing on established connections, so that established TCP connections could be consistently kept onto a single ISP connection. Without doing this then packets can be sent (or received) from an IP address not associated with the TCP connection, so they're dropped.

Obviously this won't work on UDP packets, since they're stateless; so if you have programs that need to stream data via UDP, that will be an issue.

Good luck with the project.

Mac OS X? (4, Interesting)

appleguru (1030562) | more than 4 years ago | (#29764867)

Admittedly, I have no idea if it works, nor do I have any idea how it decides to load balance between the connections.. But I ran across the feature the other day and it looked pretty cool.

In Mac OS X you can create a new "Aggregate" network device from any other devices and, in theory, do exactly what your describing. Again, I just ran across this the other day in Network Preferences and have no idea if/how it works, but it might be worth a shot (especially since it seems a lot easier to configure than a roll your own router with dd-wrt or tomato, though those likely offer more fine-tuned configuration).

Policy-based routing (1)

jmilne (121521) | more than 4 years ago | (#29764895)

If you're trying to combine different types of access (leased-line, cable, DSL), I think you're out of luck with trying to aggregate everything into a single "super circuit". However, you can certainly utilize all of those individual circuits. Look up policy-based routing. Most every platform out there should support it through some method. Set it up so that email goes over the DSL, your database queries goes over the cable connection, and your VoIP goes over the leased-line. You'll probably need to tweak it a bit at first until you get a nice blend of traffic, and you'll want to make sure to set up some default routes to handle things if you have an outage on one of your circuits, but you'll see better performance on individual circuits and use all of them. If you've got the same type of access, but through different providers, you'll probably have to do the same. If you've got the same type of access through the same provider, then MLPPP or GRE should work.

iproute2 (1)

crazybit (918023) | more than 4 years ago | (#29764935)

Linux & iproute2 should be more than enough for what you want.

"Routing for multiple uplinks/providers" [lartc.org]

Once the load balancing has been stablished you can set up OpenVPN to encrypt the traffic between the two (I like using openvpn + brigde to do a Layer 2 vpn). You can even get more fancy and add traffic shaping to distribute bandwith, prioritize packets (for a lower latency in ssh or terminal server traffic for example).

currently looking into this... (0)

Anonymous Coward | more than 4 years ago | (#29765105)

I've been trying to find info on this for a little while.

Basically you have two methods: one is to get several internet connections, connect them to a machine/router and use load balance/pfsense/multippp. This gives you redundancy, load balance, and you can get faster d/l (for d/l multiple items) and is cheap. However, it does NOT provide a faster link. You have multiple connections, but any single d/l or u/l will only go as fast as one of the connections! For what I want this is unacceptable (trying to increase upload for a gameing server - because the IP's are different between two connections, we can't use load balancing for multiple connections). If anyone has found a way to link standard ADSL as a single connection for a single IP for faster upload, I'd REALLY like to hear it!

So from what I found we have the option of buying a huge connection (fibre or the like = VERY expensive), or something along the lines of BGP. BGP will link several connections, and from what I understand, pretty much makes you an extention of the services providers network. 1 IP, multiple connections reading as one endpoint. This is still expensive, but not as much as getting fibre laid out here. In my search I found one group that would do it for me, and the way they basically run is to put in a SDSL connection at 2M up/down, unlimited transfer. Then as you want faster, they just keep adding 2M lines up to about 24. However getting extra lines, the cost of the connections, and the cost of their modem/router is fairly prohibitive, but cheaper than a good fibre connection out here. As to what degree I'll get a better upload for the initial connection vs. ADSL would remain to be seen.

Pseudo-code recipe (1)

injustus (1429537) | more than 4 years ago | (#29765123)

Lets suppose you have networks A and B. Given N cheap broadband connections on each side, lets call them A1, A2 ... A(N) and B1, B2 ... B(N)

At host A, for each A(N), B(N) pair, you set:
* a route for B(N)_IP via A(N)_Gateway
* a VPN link with source address A(N)_IP and destination B(N)_IP
* a static route for private networks behind B via each A(N)->B(N) virtual interface

Repeat for host B and each B(N), A(N) pair.

Problem: if each link has very distinct latencies, you will end up with package streams arriving at the other side heavily out of order. Tune your TCP stack accordingly.

OpenVPN + Linux Bonding (0)

Anonymous Coward | more than 4 years ago | (#29765171)

Use OpenVPN with one separate connection per ISP you have. Use Linux's ethernet bonding on the new virtual ethernet devices created by OpenVPN. You'll probably want one of the round-robin methods that doesn't require any special switches. And you are done.

Whatever you do, DO NOT use multi-link PPP. You will essentially be using TCP over TCP without any smart software to handle the complications with two layers trying the same resending techniques every time a packet is lost. The connection will stall every time you lose a packet. It is a horrible experience. I learned this the hard way before using OpenVPN.

Time share vs. cost (1)

toddler420 (56961) | more than 4 years ago | (#29765309)

As many posters have pointed out, there are about a gajillion ways to do this (I'm a big fan of GRE, Quagga, and some judicious OSPF metrics :)

If you're talking about remote offices with workers who aren't IT-aware past "Oooooh, email" and you start adding layers of complexity to their Internet connection(s), you necessarily increase the risks of network downtime due to configuration errors, busted hardware, code bugs, etc... many times things you can't fix remotely. Some assessment of your target customer's tech-level for dealing with those issues should go in to the design decision. E.g. - implementing a Linux-based firewall on repurposed commodity hardware in an office without full time IT staff might make for a nightmare if the hard drive died; you likely would end up driving to that office to fix it, hiring a local "consultant" to assist if you can't drive there reasonably, or re-tasking someone's time in the office for your own nefarious IT purposes (instead of them being out there selling your employer's bread and butter).

If you're a centralized network manager at the company HQ, then the conversation that starts with "Powercycle the blue-and-white box and tell me what the LED's do" is a lot easier to deal with than "What does the screen say? Oh, well a kernel panic means something really bad happened..." You can mitigate those issues, but you'll inevitably end up on the phone someday with an office worker whose "Internet ain't workin". Sometimes it's easier to spend the money up front for a piece of dedicated hardware, rather than in the back-end on support costs (opportunity or actual).

Etherchannel (0)

Anonymous Coward | more than 4 years ago | (#29765529)

presuming you are not using a suckful ISP and you've got ethernet, just etherchannel two ports together at both ends.

LISP Routing (3, Interesting)

paul248 (536459) | more than 4 years ago | (#29765565)

Some people (Cisco, etc.) are working on developing the Locator/ID Separation Protocol [google.com] as a core component of the Internet infrastructure.

If that ever takes off, you'll be able to buy a Provider Independent IP address block, advertise it through multiple ISPs (even Cable/DSL), and transparently load balance your upstream and downstream traffic across them, without bloating the core BGP tables.

The downside is, you'll have to use an MTU that's smaller than 1500, but I'd say it's a fair trade.

Why do you need an ISP for a point-point? (1)

fluffy99 (870997) | more than 4 years ago | (#29765691)

An Internet Service Provider (ISP) isn't involved in a point-point. It's just a service provider at that point. Multiple links from the telco for redundancy is silly as the vast majority of problems will take down both links (cut fiber, local CO issues, etc). If you're talking mixing Telco, Satellite and Cable for redundancy as someone else mentioned, then I'd guess you are are talking about an ISP and running VPN then? In that case there are options such as mlppp, etc.

what's your definition of "expensive"? (1)

VolciMaster (821873) | more than 4 years ago | (#29765959)

I don't work for Barracuda, but their link balancer (http://www.barracudanetworks.com/ns/products/link_overview.php) is ~$3700 US for the 3 connection device, with full support.

Linux Advanced Routing and Traffic Control (0)

Anonymous Coward | more than 4 years ago | (#29766057)

Hi,

If you are familiar with Linux you could Linux Advanced Routing and Traffic control (www.lartc.org) a try. Works for me budenling together three DSL lines.

Michael.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...