Like Tree1Likes

Dual WAN and automatic load balancing

Closed Thread
Page 1 of 2 1 2 LastLast
  1. #1

    Join Date
    Jun 2005
    Location
    in my home
    Posts
    3,451

    Dual WAN and automatic load balancing

    Thanks to Pin for reminding me of a post made by HKNewBi...i think I might be interested in this setup of using my free 10M powerline and a paid 10M HGC account to combine into a faster net connection.

    But..im a bit lost and wondering who out there has done this and what i need to know.

    Specifically:
    1. any router recommendations for a apple user?
    2. is the load balancing automatic or do i need to set up special rules to handle the balancing? (like VoIP on this connection and HTTP over here, and blah blah)

    any other caveats i should know?


  2. #2

    Join Date
    Jun 2006
    Posts
    2,161
    Quote Originally Posted by BenderBends:
    2. is the load balancing automatic or do i need to set up special rules to handle the balancing? (like VoIP on this connection and HTTP over here, and blah blah)

    any other caveats i should know?
    Thanks to 'web developers' you cannot load balance HTTP requests from different IP addresses. Often this means dual-WAN routers need to be smart and send all requests for the same domain through the same link. It is usually prevalent for HTTPS connections but also affects many HTTP sites.

    Other problems occur because the dual-WAN setup is not full IP routing, i.e. you are not a registered autonomous system (AS). When you send packets out of one link they cannot come back through the other. So this means UDP transports usually need to be forced to one link.

    DNS servers provided by the ISP usually block access from the Internet, this means DNS requests cannot be load balanced across the connections at the transport layer. It also means if one link is down the router needs to be smart enough not to forward DNS requests to the ISP associated with that link.

    Also consider general problems with Internet routing. Hong Kong often has major routing faults in the morning thanks to external backbones, predominantly I find that Singtel loves to drop Hong Kong off the Internet for a few hours. What happens when one part of the Internet disappears on one link but is routable on the other.

    So it's a PITA and you can only expect poor quality solutions from low end appliances.
    TheBrit likes this.

  3. #3

    Join Date
    Mar 2010
    Posts
    1,194

    Understand that this only is going to split your traffic into two lines... it is not going to aggregate the circuits and give you 20Mbit. If the box is not intelligent you may find that in some web sites it is worse to use two circuits than one... One thing I did in the past was using two PPPoE circuits to Netfront aggregated them into one single circuit but that is using Cisco routers, which is out of the reach for most.

    Back to your Multi-Wan router.

    Not sure what low end boxes are available but for them to give you benefits consistently should have quite a lot of intelligence. Even a higher end (HK$9000) box I used failed impress me due to the load balancing algorithms. The other problem is with these boxes is being able to determine if you are gaining anything as knowing what the balancing algorithms are actually doing is not easy.

    You need to combine many algorithms PER protocol to get optimal results or be ready configured by someone that understands the needs of each TCP protocol.

    Here is a list of load balancing Algos, though impressive looking, a lot of them are useless or should be used with care Eg. select the loest latency.

    Weighted Balance - Traffic will be proportionally distributed among available WAN connections according to the specified load distribution weight.

    Persistence - Traffic coming from the same machine will be persistently routed through the same WAN connection.

    Enforced - Traffic will be routed through the specified WAN connection regardless of the connection's health status.

    Priority - Traffic will be routed through the healthy WAN connection that has the highest priority.

    Overflow - Traffic will be routed through the healthy WAN connection that has the highest priority and is not in full load. When this connection gets saturated, new sessions will be routed to the next healthy WAN connection that is not in full load.

    Least Used - Traffic will be routed through the healthy WAN connection that is selected in the field Connection and has the most available downlink bandwidth.

    Lowest Latency - Traffic will be routed through the healthy WAN connection that is selected in the field Connection and has the lowest latency. Periodic latency checking packets are sent to the selected connections to determine their latency values. Thus additional network usage will be incurred.

    The feature I would look for is:
    - Fastest throughput circuit selection per destination IP and caching. It should test which of the two lines gives you the best performance and use that one in real time. If someone finds a box that does this, let me know.

    Surely there is a Linux distribution that does Multi-wan properly...

    Last edited by Fenix2; 18-03-2011 at 01:48 PM.

  4. #4

    Join Date
    Jun 2006
    Posts
    2,161

    pfSense 2.0 is the one to look for better dual-WAN routing. I have the older 1.2.3 and it's killing me how complicated it is.


  5. #5

    Join Date
    Jun 2005
    Location
    in my home
    Posts
    3,451

    ok, thanks....so it sounds a bit less of what i was hoping for. i dont want to go through too much hassle if its not going to pay off somewhat in the end, and it sounds like from your posts its not.


  6. #6

    Join Date
    Mar 2003
    Location
    HK
    Posts
    1,163

    If I had two connections I would buy a cheap box with 2 network ports and Wifi (or 3rd LAN), install Linux on it and setup routing with 2 WANs connected to the respective providers and Wifi/3rd LAN for internal network. Its amazing what can be done with traffic shaping (and its pretty easy)


  7. #7

    Join Date
    Mar 2010
    Posts
    1,194
    Quote Originally Posted by MrMoo:
    Thanks to 'web developers' you cannot load balance HTTP requests from different IP addresses. Often this means dual-WAN routers need to be smart and send all requests for the same domain through the same link. It is usually prevalent for HTTPS connections but also affects many HTTP sites.
    Well there are stupid site that enforce that the IP should not change during the session or break the authenticated sessions. Most should be able to work, but the reality is you can't be entering exceptions into the router all day...

    Many sites using multiple domains to deliver the contents so if you use persistence to a destination you will gain with such sites, but not with the rest.

    Ideally you want is to load balance based on contents so the pages through an a link persistently and graphics are balance or loaded through the other.

    To do this right is very complex...

    Quote Originally Posted by MrMoo:
    Other problems occur because the dual-WAN setup is not full IP routing, i.e. you are not a registered autonomous system (AS). When you send packets out of one link they cannot come back through the other. So this means UDP transports usually need to be forced to one link.
    Actually if the ISP allows you, you can send packets through one ISP that are due to return through the other ISP. Though you are right as you are originating with two separepate IPs the reply can only come back to one circuit.

    Quote Originally Posted by MrMoo:
    DNS servers provided by the ISP usually block access from the Internet, this means DNS requests cannot be load balanced across the connections at the transport layer. It also means if one link is down the router needs to be smart enough not to forward DNS requests to the ISP associated with that link.
    DNS resolving can be load balanced in so many ways.... even without any fancy routers.

  8. #8

    Join Date
    Feb 2009
    Posts
    8,279

    Ive set up a cheapo TPLINK router with dual wan before. It has 2 WAN ports. I got 2 internet lines with 2 modems provided by 2 different ISP's. I plugged the internet lines into the TPLINK. Then I setup the router pretty much like any other. It was a while ago and I cant remember everything I did, but load balancing options I just left as default. It wasnt that overly hard and it has been running untouched for about 20 users in a Shenzhen office for a couple of years. No complaints. MrMoo and Fenix2 make is sound quite complicated, but this was not my experience.


  9. #9

    Join Date
    Nov 2008
    Posts
    4,574

    or you could host with one of the big boys like amazon and forget about all this stuff and get on with making money off your business idea, not being a system admin


  10. #10

    Join Date
    Dec 2002
    Location
    薄扶林
    Posts
    47,963

    Linksys also has some good dual WAN routers which will work for you in all but extreme some circumstances. Ideally check if the router can provide you some sort of sticky session, so that you don't appear on site's like HSBC from two different IP addresses.


Closed Thread
Page 1 of 2 1 2 LastLast