Distribute LAN across 3 DSL connections?

yuloni

This post has been deleted.

Some_Person

You could have 3 modems, 1 for each line and connect them back to one router (Mikrotik RB750GL). With the Mikrotik you could mangle the traffic so that certain computers or IP ranges use a certain route (connection 1, 2 or 3).

yuloni

This post has been deleted.

croo

if you don't mind adding linux to the mix... Shorewall has a MultiISP configuration.
The overiview diagram here looks like it's what you want to achieve.

The firewall in the diagram would be a system running linux/shorewall and any number (including 3) of ISP connections could be added.

The configuration does look complicated, and I've never tried it myself, but the instructions are very detailed and whole shorewell project is about making gateway/firewall configurations easy so I'd expect that this is as easy as it gets.

Big Lar

TP LINK do a nice cheap router that can share up to 4 WAN's. Google TL-R470+.
I know its not exactly what you want but you can assign different groups of LAN ip's to seperate WAN's.

tech

you could use 1 DSL connection for the SBS server and mail, and get the DHCP server to dish out the LAN IP address of router 2 as your GW for all the clients,

you could use the 4rd router for the VPN traffic and give all the remote users the Public IP address of this connection??

just a taught

PogMoThoin

Condi wrote: »

This post has been deleted.

You need 3x modems and a decent router. I'd also recommend the Mikrotik RB750GL, won't break the bank and hugely customisable to whatever you decide. There is also plenty of information in their wiki pages to help you along
http://wiki.mikrotik.com/wiki/Load_Balancing_over_Multiple_Gateways
http://wiki.mikrotik.com/wiki/Improved_Load_Balancing_over_Multiple_Gateways
http://wiki.mikrotik.com/wiki/Two_gateways_failover
http://wiki.mikrotik.com/wiki/VLAN
http://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment

yuloni

This post has been deleted.

Knasher

Condi wrote: »

This post has been deleted.

If your server is running linux you can always use iptables for round robin load balancing across the 3 DSL links. Here is someone doing it across 5 links. It is also possible to have the modems on your switch instead of connected directly to the router, but you would need to modify the scripts to route to an ip address instead of over an interface. You should definitely be looking at load balancing with fallover, rather than statically assigning users to a connection, just in case either one of your links goes down, or everyone sits on one side of the room.

Moriarty

If possible, I'd move the two VM servers out to a hosted environment - I'd imagine it's a nightmare to access anything on those servers remotely over dsl. If you need it, you could have some sort of replication set up between the office server and the remote VMs if that's practical for your uses to still allow local access to these in the office.

For the office, as others have suggested three modems connected in to one router is your best bet. I'd suggest a PC with four network ports and pfSense (http://www.pfsense.org/) which will do outbound load balancing over the three dsl connections.

ResearchWill

Came across this yesterday it may be of interest, http://phys.org/news/2012-08-dispatch-software-combines-multiple-internet.html

lmimmfn

you could ask eircom if they do line bonding, in which case the 3 lines would be treated as 1.You would need a line bonding router though.

yuloni

This post has been deleted.

wandererz

If for example you used a FortiGate Firewall you could do the following.

- Place the 3 DSL modems in bridge mode and configure the PPOE settings on the Firewall instead
- They can be basic netopia modems, dont need to be expensive, as long as they can be placed into bridge mode.
- Configure policy based routing on the Fortigate for the server so that the Server only uses the dedicated DSL connections.
- Configure ECMP (Equal Cost multi Path) for the other two links so that connections could be split between them.

Another option is:
- to configure 2 separate virtual firewalls on the FortiGate
- one firewall handles 2 DSL connections along with ECMP for ISP load distribution.
- the other firewall handles the 3rd DSL connection as a single WAN interface.
- you have two physical connections from the Firewall into your LAN switch (split the subnet addressing on those interfaces)
- Servers default gateway points to internal interface of Virtual FW B.
- Other internal devices default gateway points to internal interface of Virtual FW A.

In terms of functionality you'd also get a recognised firewall, IPSEC VPN, SSL VPN, IPS,Web Filtering etc.


I really don't mess with subnetting any longer so am open to corrections, however something similar to the attached should work unless i'm mistaken.
You could take that to Eircom and tell them that's what you need delivered. And they should be able to do so.

Tenshot

Condi wrote: »

This post has been deleted.

Quite possibly not available in your area, but for what it's worth:

At the recent Tall Ships, Magnet installed five temporary DSL lines to our apartment block on the quays. These were bonded together to provide a single 10 Mb/s bi-directional link for use by the wi-fi mesh network made available to the crew members on the ships.

The rack-mount unit doing the bonding didn't look particularly cheap, but if Magnet can supply DSL in your area, might be worth a chat with their business section.

Otherwise, a cheap PC with four network interfaces, running Linux or (my preference) OpenBSD, sitting between your main LAN/server and the individual DSL routers is probably the most straightforward solution.

edanto

Fair play to you Condi. I organised that Magnet connection for Tall Ships and could put you in touch with our contact in Magnet to see if they are an option for you.

The key would be whether or not Magnet equipment is in your local exchange.

PM me your email if you'd like me to try set up the contact for you.

yuloni

This post has been deleted.

wandererz

I still think that the FortiGate would do what you need and be readily available, so no need to go hunting around sourcing equipment.

You could probably get one on loan to trial. Probably just need to source the modems.

BTW, what were the other option that were being argued about discussed.

yuloni

This post has been deleted.

yuloni

This post has been deleted.

revver

get one of the bonding units from themultipath lads down in Waterford... connect your dsl lines into it and job done.

http://www.multipathnetworks.com/

PM me if you like and i'll get you in contact with them for more details.

source: i've got one... have eircom dsl and three usb modem bonded together.

sawdoubters

http://www.tomshardware.com/forum/29099-42-combine-lines-increase-bandwidth

revver

oops... sorry just read that you purchased a load balancer already.
as you know a load balancer will still only give you the throughput of a single dsl line, it wont combine the speed of all 3 lines like a bonding unit will.

for the price of it (i paid about 150euro once off fee) +5euro aggregate server rental per month, i think it will pay for itself in about 20 minutes on cheaper electricity costs alone! it's worth looking into and getting one even if you go back to your load balancing. i promise you.

let me know how you get on!

p.s. it also acts as a fail safe in-case one dsl fails your bb will not go down...

yuloni

This post has been deleted.

revver

You mention you have a fallback DSL line? With the Multipath you can still combine the FW + DSL and get "a little bit extra"... should either DSL or FW fail on you the multipath unit will still use the other link... no one's the wiser.

The only thing is you lose a few % on each link, so it depends on how fast the DSL line is?

So do you have your Multipath unit with you already or did you not get yours yet? I managed to get mine early from the funding drive

yuloni

This post has been deleted.

revver

Can I ask who you're getting your 50:50 wireless connection from and what price range are we talking for your business?

I have often thought of trying something like that and splitting the cost between a number of houses here...

Is it a long range wireless connection do you know? If I was todo it here I'm probably talking about 8 or 14km

yuloni

This post has been deleted.

revver

oh yes, i know its a p2p link, i had a 28km 2.4ghz link working a few years back myself using StarOS equipment.
only thing was the station at the far end wasn't mine, so i had no control over any problems, and it did tend to lose connection when the wind blew.. I still have the kit, only it's not in use.

yip, i'm sure it would be against the t&c's of your contract too.. but, if it was all going through a proxy i doubt they would ever know. so long as you could trust the users or filter out the bad sites from being accessed.

Cuddlesworth

revver wrote: »

get one of the bonding units from themultipath lads down in Waterford... connect your dsl lines into it and job done.

http://www.multipathnetworks.com/

PM me if you like and i'll get you in contact with them for more details.

source: i've got one... have eircom dsl and three usb modem bonded together.

I'd be wary of filtering my companys traffic through another company's proxy.

revver

AFAIK you can setup your own aggregate server/proxy if you wish. you will just have the added expense of renting the server at the far end. So for residential applications like mine, it wouldn't make sense.