How to run two separate wireless networks from one WAP with load balancing

Hi,
Have a current customer with this requirement if someone could please provide some insight;

They currently have:

SOHO ADSL Router with single IP range 192.168.17.x
2x 24-Port Smart Switches
DHCP is provided by SBS2011 server
6x D-Link DWL-6600AP WAPs providing SSIDs on the main network for staff to use.

Our Goal:
Combine 2x ADSL services with load balancing and try and create a second SSID from the current WAPs that is to be used by clients. This SSID and network will need to be isolated from the staff network.

Points:
Would want staff to have 100% of the first ADSL and access to at least 60% of the second ADSL at all times.
Clients should only have access up to 60% of the second ADSL in business hours and 100% of the second ADSL after hours.
Is DHCP an issue? If the WAN router needs DHCP on the LAN side to be off, the clients would need to use the staff DHCP from the SBS2011?

Intended Hardware:
2x SOHO ADSL routers
2x 24 Smart Switches (Current)
1x TP-Link TL-ER5120 Load Balancer or something similar.

If someone could please layout how best to isolate and bandwidth control these two user groups. trying to avoid having to install another switch and WAPs for a new client network.

Thank you
CTS
CTS-GAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
ADSL does not have open-source drivers, which means that you need to set them both in passthrough mode and have 3rd router with multiwan (a virtual machine with openWRT can do)
http://wiki.openwrt.org/doc/uci/multiwan

Load balancer is something completely different.

The access-percent calculation is flawed. you cannot control that. You can send half of TCP connections to each DSL link as long as it is up, and you have no control over Mbps incoming.
CTS-GAuthor Commented:
Hi,
Thank you for the reply but while on topic im not assigning the answer on keywords..

I need info on the method used to either vlan and if possible throttle the ip ranges as stated.

The D-Link 6600 WAP only appear to have vlan as a method to seperate the ssids so need some info to get this through to the tp-link wan router with balancing enabled also.

thank you
gheistCommented:
Same documentation provides 2 ways of managing bandwidth with multiwan.

And yes, your switches can sustain isolated VLAN for wifi. Ans openwrt/ddwrt/tomato can do that too.
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

CTS-GAuthor Commented:
Thank you for the reply again. Not at all what we require though sorry.
We are all ok setting up the dual wan and bridged modems etc.

We need assistance with VLAN and load balancing and which DHCP server to use.

-The D-Link WAP can only isolate the SSIDs using VLAN.
-DHCP is provided by SBS2011 on staff network which would be VLAN1.
-We have 2x 24 Port Smart Switches.

Where would we start the VLAN config? Is the VLAN configured on the wan router and then flows through to the switches and WAPs?

We got stuck as we seemed to be able to apply a VLAN to a LAN port on the wan router but not a different ip range per vlan/port. We would need the different ip range for load balancing etc.

So do we configure the VLAN in the wan router or only from the switches on?

If it is from the switches on, do we require a second DHCP server for the second range? though all WAPS have a static ip, the clients connecting to the second vlan will need DHCP.

Network Diagram
gheistCommented:
You are asking for something that does not exist in this world.
You cannot bridge modems (providers dont know about eachother either)
ER5120 is a device to load-balance between your web servers, like F5 Big-IP, it will not help with multiple WANs

If you want me to re-rdraw your schema tell  if you have vmware or hyperv and what is the make and model of your existing switches (for VLAN support)
CTS-GAuthor Commented:
There are plenty of devices capable of combining WAN services at the customer end.. While this is not as good as being bonded at the ISP end it is still capable.

I don't believe you are correct with the TL-ER5120;

"The TL-ER5120 features three freely interchangeable ports that can be set to either LAN or WAN, allowing the router to support up to four WAN ports to satisfy various Internet access requirements through one device. The Intelligent Load Balancing function can distribute data streams according to the bandwidth proportion of every WAN port to raise the utilization rate of multi-line broadband. With IP-based Bandwidth Control and Session Limit functions, network administrators can flexibly manage network bandwidth to optimize bandwidth usage. "

Applicable Features:
Port Mirror
Rate Control
Port Config
Port VLAN
Intelligent Load Balance
Policy Routing
Protocol Binding
Link Backup (Timing, Failover)
Online Detection
IP-based Bandwidth Control
Guarantee & Limited Bandwidth
Time-scheduled Policy
IP-based Session Limit

So with bridged ADSL modems to the TL-ER5120 then to 24 Port Smart Switch. (All switches past this support vlan tag passthrough) staff=vlan1 client=vlan2

-Where to start the vlan configuration, in the switch?
-Connect the SBS2011 DHCP to staff vlan1?
-Existing waps go on which vlan at switch port and also lan config page of wap?
-I then can assign a vlan to eash staff and client ssids but if there is only one lan side ip address for the wap how does the ssid vlan find a different subnet?
-DHCP for the client vlan? (DHCP for 2 separate vlans)
gheistCommented:
1st thing is to isolate out existing WiFi antenna guest network. Rest is matter of preference.
Probably you need extra VLAN for management interfaces of those

Do those DLINKs support VLAN tagging and multiple VLANs?
CTS-GAuthor Commented:
ok im 100% certain your are not reading my posts and haven't from the start. gheist Please refrain from replying further so I can hopefully get someone who uses vlan often to answer my questions
gheistCommented:
I use more than one VLAN, so I leave you here.
CTS-GAuthor Commented:
OK i think i have answer it ourselves.

The main thing to help is:
https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol#DHCP_relaying

By setting the DHCP helper in the switch it will pass through vlan2 tags to the DHCP server on vlan1. Which than allows a second DHCP scope to be configure on the DHCP server for vlan2. Which in turn allows the WAN router to be configure for load balancing using ip ranges for both vlan1 and vlan2.
WAP then have vlan tag info assigned to each ssid.
Craig BeckCommented:
I know exacty what you want... Allow me to help :-)

What you're asking for is entirely possible, but your TP-Link router may not support it.  Let's assume it does (but if it doesn't just flash it with DD-WRT).

The switches need two VLANs configuring.  VLAN1 is there by default, so we need to add VLAN2.  Create the VLAN on each switch then configure the ports where the APs connect to UNTAG VLAN1 and TAG VLAN2.

The APs should also be able to support VLANs.  You'll need to create VLAN1 and VLAN2 on the APs, then create a SSID for each VLAN.

The router will need a link into both VLANs, either by connecting physical ports to the switch or by configuring VLANs on the router too.  You can use VLAN tagging at the router if you flash it with DD-WRT so one link can carry both VLANs if you want.  At the switch, configure either a port in each VLAN (if you use dedicated links from the router) or configure a port in exactly the same way as you did for the APs and connect the router's LAN interface there.  You'll need to configure a subnet for VLAN2 at the router.

The server is on VLAN1.  Connect it to the switch on a port configured in VLAN1.  Configure a DHCP scope for the VLAN1 and VLAN2 subnets at the server.  Jump back to the router and configure a IP helper (might be called DHCP relay) on the VLAN2 interface which points to the IP of the server on VLAN1.

Configure NAT and load-balancing on the WAN and that's it.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CTS-GAuthor Commented:
thank you craigbeck for the informative answer. exactly what i was looking for just a couple days late. I had sourced this info and will be testing this solution hopefully this week. I will follow up with how I go and if i get stuck anywhere.

Thank you for your time craigbeck
frankhelkCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: Craig Beck (https:#a40967856)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

frankhelk
Experts-Exchange Cleanup Volunteer
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Architecture

From novice to tech pro — start learning today.