Solved

ADSL internet

Posted on 2014-04-24
9
463 Views
Last Modified: 2014-05-12
We have two ADSL connection to have access to internet and have limit in the plan .  I want to aggregate the two links to utilized the link by combining the links. What is the best approach to utilize the both links. Current practice is to used one ADSL link and then move to the other one when you come to the middle of the month
0
Comment
Question by:cur
9 Comments
 
LVL 7

Assisted Solution

by:Lee Ingalls
Lee Ingalls earned 28 total points
Comment Utility
There are a number of broadband bonding devices out there.
With one of these devices you are able to aggregate your links without Telco involvement.

Look at Mushroom Networks - Truffle Lite
http://www.mushroomnetworks.com/product/Truffle-Lite
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 110 total points
Comment Utility
link aggregation in the strict sense of the term will most likely lead to non/dis-functional setups with adsl links because they will most likely not work with asymetric routing.

you'll need each connection to be dedicated to a link

most working approaches use load sharing (ie static mappings of ip:ports to a specific link with failover) but you'll also find devices that can actually select the less loaded link dynamically.

there is nothing much to it except use a device that handles it. many software firewalls such as pf and ipf can do wan balancing, a linux host can be configured to do so (but is a real pita to configure and maintain), many low end routers can handle this.

best approach in your case, it to first check if your existing equipment can handle this, and if not, use a simple home router that can handle multiple wan links (i assume a home router will be enough since you don't expect that much load on adsl), or configure a machine with pf (or pfsense if you want a gui) to do that (something like a pentium 3 with a couple of ethernet cards is more than enough).
0
 

Author Comment

by:cur
Comment Utility
my main purpose is to utilized the ADSL1 and 2 during 30 days  . I got 100 gb on the each case  and most of the time will used the ADSL1 and then move uers from ADSL to ADSL 2  to utilized the other 100 gb . SO I want to have both the ADSL to be active and utilized the 30 days . Can I used the Mushroom  one ?
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 110 total points
Comment Utility
mushroom is targetted towards link aggregation. i'd recommend something else in your case.

this features load sharing
http://dualwan.org/load-balancing.html
http://www.radware.com/Products/LinkProof-Features/

note that i do not specifically know these products. i'd just recommend something that does load sharing rather than aggregation

--

you did not give any information regarding your existing equipment. should i assume that you don't have a router (other than the boxes provided with your adsl links) and just unplug one box and plug the other one when needed.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 82 total points
Comment Utility
Just be careful with load-sharing.  If a dual-WAN router does it on a per-packet basis it can break HTTPS connections.  You'd need to be able to specify a particular link to be used for certain types of traffic.

If the router shares bandwidth on a per-client basis it's not an issue, as each client would always use the same link - the router would just send the first client's traffic down link 1 and the second client's traffic down link 2, etc...
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 110 total points
Comment Utility
... which is why i'm suggesting load sharing rather than aggregation. load sharing is performed statically depending on 1, several or all of src-ip, src-port, dst-ip, dst-port so a single connection should always transit through the same link. unfortunately protocols such as ftp may break nevertheless, unless there is a dissector in the box that handles them specifically.

with link aggregation, not just https but likely all connections will break because as far as i understand the author's setup, he will have different external ips on both links
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 82 total points
Comment Utility
With true load-aggregation (or bonding) the two links appear to the rest of the world as one link - that's a different thing and won't work here, because as you say there will be two different IP addresses.  With proper link-aggregation you don't see issues with HTTPS being broken because the IP is always the same.

With load-sharing it's not an issue for normal traffic if it goes out of two different links even if the IP addresses are different.  The internet host just sees a TCP session from x.x.x.x and sends the packet back to that IP - there is no asymmetric routing here.

However, the problem is where session information needs to be maintained such as when a secure login needs to be facilitated.  In HTTPS scenarios the server logs the source IP for the secure session, so when the traffic comes from the second link it doesn't have a secure session set up which matches that IP.  With HTTP traffic the standard TCP client/server session doesn't care about the traffic coming from the same IP as long as the 3-way handshake is complete.  If there was asymmetric routing this would break, but that's not the case with load-sharing.  You won't get a packet leaving one interface but coming back in on another.
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 110 total points
Comment Utility
@craigbeck

In HTTPS scenarios the server logs the source IP for the secure session... With HTTP traffic the standard TCP client/server session doesn't care about the traffic coming from the same IP as long as the 3-way handshake is complete

this is awfully wrong : a single tcp connection requires a single source address. there is no session id in the tcp headers. tcp sessions are identified by the source address and port combination, and antispoofing is ensured by initially setting sequence numbers randomly.

then if you're talking about application-level HTTP sessions (which will usually span multiple tcp sessions), they may or may not check the source address regardless the fact that ssl is used. (un?)fortunately, most http hosts do not perform this kind of checks and rather rely on cookies or basic http authentication which is transmitted with each new request.

anyway we both agree that sharing should be preferred over link aggregation. i see no reason in cluttering the thread with more (and false) information.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 82 total points
Comment Utility
I've edited this post because I really can't be bothered getting into an argument.  I'll unmonitor now as to not pollute the water.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now