Dual wireless/ Load Balancing/ Link Aggregation
Hi all,
I've been reading up on this topic all day, with multiple Google and Apple searches, but haven't found the exact answer to this query. There was another post on this forum http://discussions.apple.com/thread.jspa?threadID=1660762 which was vaguely similar.
Basically I'm looking to experiment with combining 2 wireless connections, and therefore 2 seperate internet connections into one Mac.
I have seen suggestions of using a couple of wireless -> ethernet bridges, since Leopard supports Link Aggregation of ethernet devices. But the first question I have is: since I use a 3rd party wireless adaptor (Netgear wg111v3 USB dongle), it already shows up in Network Preferences as an Ethernet port. Leopard treats it as an actual ethernet device, hence is oblivious to the fact it is a wireless adaptor. Since Leopard thinks it's an ethernet port, could I use a second wireless dongle and then use Link Aggregation on them both?
Additionally, if that idea were to work, would it then be possible to connect each wireless adaptor to a seperate wireless network, or would they both have to connect to the same access point?
My DSL connection is roughly 512k on a good day, but I find this bandwidth to be choked when someone else at home is streaming videos etc. So in principle my idea was to have one connection using the regular DSL line as usual, plus connect the secondary wireless to my friend's wireless over the road when needed (and yes he's already agreed to my use since he rarely accesses the net). Therefore, giving a total theoretical bandwidth of 512k x2.
Since I aim for a load-balancing idea (spreading traffic over both connections), the main issue I can forsee is that this Mac will have problems routing traffic with both IPs since I read somewhere else that DNS problems might occur.It seems relatively easy to use Terminal to add a default route for specific destinations (e.g. all traffic to apple.com out of one interface, all traffic to yahoo.com out the other). However, I wondered if web traffic could be forwarded out one connection, whilst email traffic goes through the other. Alternatively, it would be great if web traffic could be "halved" and sent out both wireless connections simultaneously, though I don't think there's an easy way to do this (it would just be a nice feature if possible).
Your thoughts and advice on the matter would be much appreciated, and I'm going to continue experimenting with various ideas and see what I come up with.
Hi all,
I've been reading up on this topic all day, with multiple Google and Apple searches, but haven't found the exact answer to this query. There was another post on this forum http://discussions.apple.com/thread.jspa?threadID=1660762 which was vaguely similar.
Basically I'm looking to experiment with combining 2 wireless connections, and therefore 2 seperate internet connections into one Mac.
I have seen suggestions of using a couple of wireless -> ethernet bridges, since Leopard supports Link Aggregation of ethernet devices. But the first question I have is: since I use a 3rd party wireless adaptor (Netgear wg111v3 USB dongle), it already shows up in Network Preferences as an Ethernet port. Leopard treats it as an actual ethernet device, hence is oblivious to the fact it is a wireless adaptor. Since Leopard thinks it's an ethernet port, could I use a second wireless dongle and then use Link Aggregation on them both?
Additionally, if that idea were to work, would it then be possible to connect each wireless adaptor to a seperate wireless network, or would they both have to connect to the same access point?
My DSL connection is roughly 512k on a good day, but I find this bandwidth to be choked when someone else at home is streaming videos etc. So in principle my idea was to have one connection using the regular DSL line as usual, plus connect the secondary wireless to my friend's wireless over the road when needed (and yes he's already agreed to my use since he rarely accesses the net). Therefore, giving a total theoretical bandwidth of 512k x2.
Since I aim for a load-balancing idea (spreading traffic over both connections), the main issue I can forsee is that this Mac will have problems routing traffic with both IPs since I read somewhere else that DNS problems might occur.It seems relatively easy to use Terminal to add a default route for specific destinations (e.g. all traffic to apple.com out of one interface, all traffic to yahoo.com out the other). However, I wondered if web traffic could be forwarded out one connection, whilst email traffic goes through the other. Alternatively, it would be great if web traffic could be "halved" and sent out both wireless connections simultaneously, though I don't think there's an easy way to do this (it would just be a nice feature if possible).
Your thoughts and advice on the matter would be much appreciated, and I'm going to continue experimenting with various ideas and see what I come up with.
Similar Messages
-
Cisco 1921 Dual ADSL Load Balancing/Failover?
Hello,
We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
I had a look at ppp multilink but I am unsure our ISP (BT) support this?
This is my current config which I think only one ADSL line is being used. Some input would be appreciated
Robbie
! Last configuration change at 13:18:34 UTC Tue Mar 29 2011
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname xxxxxx
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 xxxxx
enable password xxxx
no aaa new-model
no ipv6 cef
ip source-route
ip cef
ip name-server 194.74.65.68
ip name-server 194.72.0.114
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-xxxxxx
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-xxxxx0
revocation-check none
rsakeypair TP-self-signed-xxxxx!
crypto pki certificate chain TP-self-signed-xxxxxx
certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
license udi pid CISCO1921/K9 xxxxx
username admin privilege 15 secret 5 xxxxxxxxxx/
interface GigabitEthernet0/0
description lan$ETH-LAN$
ip address 10.0.8.1 255.255.248.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/0/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/1/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dialer0
mtu 1483
ip address negotiated
ip access-group spalding in
ip access-group spalding out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
interface Dialer1
mtu 1483
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp link reorders
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.0.15.201 3389 interface Dialer0 3389
ip nat outside source static tcp 195.194.75.218 3389 10.0.15.200 3389 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 permit 10.0.0.0 0.254.255.255
dialer-list 1 protocol ip permit
control-plane
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
scheduler allocate 20000 1000
endHi,
Can anyone help me with this config? not very reliable.
Building configuration...
Current configuration : 17349 bytes
! Last configuration change at 06:08:06 UTC Sun Apr 5 2015 by Shawn
version 15.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Router
boot-start-marker
boot system flash0:c2900-universalk9-mz.SPA.154-3.M2.bin
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$sNeA$GB6.SMrcsxPf51tK2Eo9Z.
aaa new-model
aaa authentication login local_authen local
aaa authorization exec local_author local
aaa session-id common
no ip source-route
ip port-map user-protocol--8 port udp 3392
ip port-map user-protocol--9 port tcp 3397
ip port-map user-protocol--2 port udp 3391
ip port-map user-protocol--3 port tcp 14000
ip port-map user-protocol--1 port tcp 3391
ip port-map user-protocol--6 port udp 3394
ip port-map user-protocol--7 port tcp 3392
ip port-map user-protocol--4 port udp 14100
ip port-map user-protocol--5 port tcp 3394
ip port-map user-protocol--10 port udp 3397
ip dhcp excluded-address 192.168.1.1 192.168.1.49
ip dhcp excluded-address 192.168.10.1 192.168.10.49
ip dhcp pool DHCP_POOL1
import all
network 192.168.1.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.1.1
lease infinite
ip dhcp pool ccp-pool1
import all
network 192.168.10.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.10.1
lease infinite
no ip bootp server
ip host SHAWN-PC 192.168.1.10
ip host DIAG 192.168.1.5
ip host MSERV 192.168.1.13
ip name-server 139.130.4.4
ip name-server 203.50.2.71
ip cef
ip cef load-sharing algorithm include-ports source destination
no ipv6 cef
multilink bundle-name authenticated
cts logging verbose
crypto pki trustpoint TP-self-signed-1982477479
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1982477479
revocation-check none
rsakeypair TP-self-signed-1982477479
license udi pid
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package datak9
redundancy
controller VDSL 0/0/0
operating mode adsl2+
controller VDSL 0/1/0
operating mode adsl2+
no cdp run
track timer interface 5
track 1 interface Dialer0 ip routing
delay down 15 up 10
track 2 interface Dialer1 ip routing
delay down 15 up 10
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-all sdm-nat-user-protocol--7-1
match access-group 104
match protocol user-protocol--7
match access-group 102
class-map type inspect match-all sdm-nat-user-protocol--4-2
match access-group 101
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--6-1
match access-group 103
match protocol user-protocol--6
class-map type inspect match-all sdm-nat-user-protocol--5-1
match access-group 103
match protocol user-protocol--5
class-map type inspect match-all sdm-nat-user-protocol--4-1
match access-group 102
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--7-2
match access-group 101
match protocol user-protocol--7
class-map type inspect match-all sdm-nat-user-protocol--3-1
match access-group 102
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--2-1
match access-group 101
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--1-2
match access-group 102
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--2-2
match access-group 102
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--3-2
match access-group 101
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--8-2
match access-group 101
match protocol user-protocol--8
class-map type inspect match-all sdm-nat-user-protocol--9-2
match access-group 104
match protocol user-protocol--9
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-all sdm-nat-user-protocol--9-1
match access-group 101
match protocol user-protocol--9
match access-group 104
class-map type inspect match-all sdm-nat-user-protocol--8-1
match access-group 104
match protocol user-protocol--8
match access-group 102
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all sdm-nat-user-protocol--10-2
match access-group 104
match protocol user-protocol--10
class-map type inspect match-all sdm-nat-user-protocol--10-1
match access-group 101
match protocol user-protocol--10
match access-group 104
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-cls-insp-traffic
match protocol pptp
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect match-any CCP_PPTP
match class-map SDM_GRE
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class type inspect sdm-nat-user-protocol--2-1
inspect
class type inspect sdm-nat-user-protocol--3-1
inspect
class type inspect sdm-nat-user-protocol--4-1
inspect
class type inspect sdm-nat-user-protocol--5-1
inspect
class type inspect sdm-nat-user-protocol--6-1
inspect
class type inspect sdm-nat-user-protocol--7-1
inspect
class type inspect sdm-nat-user-protocol--8-1
inspect
class type inspect sdm-nat-user-protocol--9-1
inspect
class type inspect sdm-nat-user-protocol--10-1
inspect
class type inspect CCP_PPTP
pass
class type inspect sdm-nat-user-protocol--7-2
inspect
class type inspect sdm-nat-user-protocol--8-2
inspect
class type inspect sdm-nat-user-protocol--1-2
inspect
class type inspect sdm-nat-user-protocol--2-2
inspect
class type inspect sdm-nat-user-protocol--9-2
inspect
class type inspect sdm-nat-user-protocol--10-2
inspect
class type inspect sdm-nat-user-protocol--3-2
inspect
class type inspect sdm-nat-user-protocol--4-2
inspect
class class-default
drop log
policy-map type inspect ccp-permit
class class-default
drop
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-NATOutsideToInside-1
interface Null0
no ip unreachables
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 192.168.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
no mop enabled
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/0/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/0/0.2 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
interface Ethernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/1/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
interface Ethernet0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface GigabitEthernet0/3/0
no ip address
interface GigabitEthernet0/3/1
no ip address
interface GigabitEthernet0/3/2
no ip address
interface GigabitEthernet0/3/3
no ip address
interface GigabitEthernet0/3/4
no ip address
interface GigabitEthernet0/3/5
no ip address
interface GigabitEthernet0/3/6
no ip address
interface GigabitEthernet0/3/7
no ip address
interface Vlan1
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 1444405858557A
ppp pap sent-username [email protected] password 7 135645415F5D54
ppp multilink
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 01475E540E5D55
ppp pap sent-username [email protected] password 7 055F5E5F741A1D
ppp multilink
router eigrp as#
router eigrp 10
network 192.168.1.1 0.0.0.0
router rip
version 2
network 192.168.1.0
no auto-summary
ip forward-protocol nd
ip http server
ip http access-class 3
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static udp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static tcp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static udp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static tcp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static udp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static tcp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static udp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static tcp 192.168.1.10 14000 interface Dialer0 14000
ip nat inside source static udp 192.168.1.10 14100 interface Dialer0 14100
ip nat inside source route-map ADSL0 interface Dialer0 overload
ip nat inside source route-map ADSL1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip access-list extended NAT
remark CCP_ACL Category=18
permit ip 192.0.0.0 0.255.255.255 any
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
remark CCP_ACL Category=1
ip access-list extended STATIC-NAT-SERVICES
permit ip host 192.168.1.35 any
permit ip host 192.168.1.5 any
permit ip host 192.168.1.10 any
permit ip host 192.168.1.17 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
route-map ADSL0 permit 10
match ip address NAT
match interface Dialer0
route-map ADSL1 permit 10
match ip address NAT
match interface Dialer1
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 3 remark HTTP Access-class list
access-list 3 remark CCP_ACL Category=1
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 3 deny any
access-list 10 remark INSIDE_IF=NAT
access-list 10 remark CCP_ACL Category=2
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 139.130.227.0 0.0.0.255 any
access-list 100 permit ip 203.45.106.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.10
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.35
access-list 101 permit tcp any any eq www
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.35
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.10
access-list 103 remark CCP_ACL Category=0
access-list 103 permit ip any host 192.168.1.5
access-list 104 remark CCP_ACL Category=0
access-list 104 permit ip any host 192.168.1.17
control-plane
banner login ^CCE-Rescue Systems^C
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
authorization exec local_author
login authentication local_authen
transport input telnet ssh
scheduler allocate 20000 1000
end
Thanks
Shawn -
Cisco RV042 - Dual Wan Load Balancing - Secure Site (HTTPS) Trouble
PID VID :
RV042 V03
Firmware Version :
v4.0.0.07-tm (Aug 19 2010 19:19:50)
Ever since I setup my RV042 with load balancing using the Dual Wan system I have had trouble staying connected to some secure sites. After doing some searching I found that the potential issue is the IP change mid session.
"http://www.broadbandreports.com/forum/r25537589-Cisco-RV042-can-not-use-load-balancing-for-some-web-sites"
Although my interface is significantly different I was able to find the same area in my RV042 admin area however, it doesn't seem to work.
System Management
> Dual Wan
In Wan 1 & Wan 2 I have HTTPS and HTTPS Secondary all forwarded to use Wan 2 under Protocol Binding
This however has not managed to do anything at all for my network and every computer conneceted experiences the same HTTPS irregularities at some websites.
I'm sure I must be doing something wrong, but I don't know what it is.
Both incoming connections are from the same service provider although the plans are different.
Any help with this would greatly help me stop losing my mind trying to fight with my website control panel for 10 minutes to just login and get something done.
ThanksAny ideas or advice from anyone?
-
Dual ADSL Load Balancing and Fault tolerance
Just wonder if this is doable with for example 2 WIC-1ADSL cards on say a 2800 series platform. The application would be simple internet access. If so could someone provide a sample config? Just a note...this application would include two static ip ADSL services. Thanks, Shawn
That is definitely doable. Here's a sample config:
ip cef
interface atm1/0.32
ip address 255.255.255.252
ip nat outside
pvc 1/32
oam-pvc manage
interface atm2/0.32
ip address 255.255.255.252
ip nat outside
pvc 1/32
oam-pvc manage
interface GigabitEthernet0/0
ip address 10.1.1.1 255.255.255.0
ip nat inside
ip route 0.0.0.0 0.0.0.0 atm1/0.32
ip route 0.0.0.0 0.0.0.0 atm2/0.32
ip nat inside source route-map ISP1-map interface atm1/0.32
ip nat inside source route-map ISP2-map interface atm2/0.32
route-map ISP11-map permit 10
match interface atm1/0.32
route-map ISP12-map permit 10
match interface atm2/0.32
Explanation:
- the use of two static routes will allow you to load-balance over the two links and provide redundancy at the same time
- the NAT config will dynamically choose the NAT'ed address depending on which interface CEF has chosen to send the packet out of...
Hope that helps - pls rate the post if it does.
Regards,
Paresh -
RV320 - Dual WAN - Load Balance Problem
Hi all,
I've just bought a RV320 Dual WAN router an try to get it running. My network setup looks lice the picture attached.
I have 2 WAN Connections:
- Router 1 (16Mbit Down / 512kbit up) - no public WAN IP
- Router 2 (3 Mbit Down / 512kbit up) - Fixed public IP
Router 1 ist connected to WAN1 and router 2 to WAN2 port on the RV320.
I have enabled load balancing mode.
Qustions:
1.
I want WAN1 to be the primary line to be used until capacity reached.
Currently for some reason I don't understand the cisco always uses WAN2.
That's not good as all browsing and downloading is limited to 3mbit.
When I switch to "fail-over" mode and set primry live to WAN1 that works, but WAN2 is not kept alive.
2.
I am using VOIP and need to route all VOIP traffic to WAN2 interface.
The best would be to tell the router IP 192.168.177.9 (voip phone) should use WAN2. So far I didn't figure out how to do that.
Can I put VOIP into one VLAN group and allocated VLAN to one specific WAN interface?
BrgdsSo, you can hear the phone ringing and answer it? which means that SIP pakets are coming through WAN to LAN and well redirected to the phone IP, but you cannot hear after that, which means that there could be a problem with the RTP packets.
If you have problem only with the incoming calls and not the outgoing, than try enable/disable SIP ALG (Firewall). If that doesn't fix the issue, try to allow (or even forward) from WAN to LAN RDP - UDP ports 16384-32767 to the phone IP.
Regards,
Kremena -
Dual ISP load balancing with 2 routers and 2 FW without using BGP
Hi all,
Based on the attachment diagram, is the design viable?
Do anyone has a similar deployment before and can you share with me the config guide to this because I'm at lost on a few configs:
1. On core switch A and B, I understood we need to have a default route pointing to the firewall interface. For this case, I have different IPs for the same context on both the firewalls.
So, how should the config be?
CoreSW_A(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.110
CoreSW_A(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.111
I don't think the above will work as the core switch will load balance the traffic to both firewalls even if one of the context is on standby mode?
2. The area from the firewall to the internet would all be public IP. Thus, if i put a switch in between the firewall and the router, then i would waste some public IP addresses but if i remove the switch, I would not have enough ports on the ASA firewall. What is the best recommended solution for this?
3. How do I load balance traffic to both R1 and R2 to their respective ISPs without using BGP? I may be using only a 2811 router.
Thanks alot!!.. really much looking forward for some guidance and tips on this as I havent found any guides on this deployment yet.. mostly are LAN HA.For policy based routing, I would need to create route maps on the core switch itself right?
Correct me if I'm wrong, if i use route-maps, i would be assigning e.g. internal network A to go through firewall context A and internal network B to go through firewall context B.
Context A will only have path to Router A and context B will only have path to Router B. But if router B goes down, network B won't be able to access the Internet, right?
I'm not sure whether it's a PI or PA for this as the ISP will assign us a block of IP address, for example 202.111.1.8/29 (these IPs can be used for webservers, etc). There will also be a public IP of /30 on the serial interface to connect to their router.
Thanks alot.. -
Dual Nic Load Balancing Solution
Hi,
I have a very peculiar situation. I'm currently a college student with access to an almost unlimited network. But the problem is that the network limits each IP to 30 Mb/s. I have 2 nics at my disposal and have tried two options so far:
bonding
two independent nic, let network manager take care of it
I set-up bonding and got it working, but it seems limited to roughly the same speeds as a single nic, but I can see the network being slit between the two nics evenly. This is what lead me to conclude that since I have a single ip address it's limiting it by IP not mac addresses. Here I might occasionally spike above the limits but not consistently.
With the network manager solution, Im basically thrown at random and can occasionally get higher than limited speeds. Specially with torrenting clients.
Are there any other useful options that I could explore, my next stop was a load balancing routing table but I want to see what you guys know before I keep trying weirder solutions.
Thanks in advancefalconindy wrote:There's no problem here. Please don't try to circumvent the policies your network admins are defining.
Oh come on, we'd all do the same thing if we could double our available bandwidth!
I really can't provide much of a solution. I did this back with my dialup days, many many eons ago. I used 2 phone lines bonded to get my 56k speeds doubled. It was a gigantic pain in the rear to set up back then, as well. However, I'm lucky to remember what I had for breakfast, so remembering how I did something 15+ years ago is pretty much out of the question.
I'm sure linux can do this, but I'm guessing one of the BSDs would have information about how to do this written up somewhere. This is right up BSD's alley. They have all kinds of load-balancing code built into their network stack (Amazon actually had a lot of trouble keeping up with demand when they were getting big, so they wrote up their own networking stack, which has since been returned to the FreeBSD project, iirc). So it might be worth your time to check that out and possibly run a mini BSD setup on an old computer or something to route the bandwidth to an internal network (of course this would likely require three NICs in a single computer...so more complexity there too). Some of the problem you are running into may be due to the network just being congested, which could explain the differing speeds. Then there may be an issue with certain servers not being able to push out 60 MB/s worth of data to you, for whatever reason.
Either way, please keep us posted about what you do and how you do it, I'm anxious to find out the final solution here.
Best of luck to you. -
LRT224 Load Balance "dumb" DHCP router setup... HELP!
Hi
I'm trying to set up a LRT224 with two ADSL modems connected to one network with load balancing.
I'm not going to use vlan or vpn at all.
All I need it to do is be a "dumb" router that combines the speed of both Internet connections.
Working mode is set to Router
LAN 192.168.0.1/255.255.255.0 (I changed the LAN ip range)
WAN 1 and 2 gets IP, default gateway and DNS trough DHCP from the modems.
Wan 1: IP 192.168.1.65 Gateway 192.168.1.1 DNS 192.168.1.1
Wan 2: IP 192.168.2.38 Gateway 192.168.2.1 DNS 192.168.2.1
DHCP setup:
Device IP: 192.168.0.1
Subnet: 255.255.255.0
DHCP Server
Range 192.168.0.50/254
DNS: Use DNS from ISP
Dual Wan:
Load Balance
I'm no IT expert at but I have set up a few routers before that was close to "plug and play"
My problem is that connected computers indicate that they are connected to Internet, but I'm not able to access any websites.
When trying to use windows troubleshooter it indicates that there is a DNS problem.
I'm not even able to connect to the modems.
Installed latest firmware and done a fabric restore.
Network is built as follows (still working as I'm not running anything trough the lrt224 before I can get it to work)
ADSL Modem with built in DHCP and Switch --> Switch --> Ubiquiti Unifi AP --> User
Some of the AP's is connected via Ubiquiti NanoStation (wireless bridge between 4 houses, works great)
Any idea how to get this to work or do I have the wrong router?I recommend:
Modem1 (192.168.1.1)=> LRT WAN1 (192.168.1.254)
Modem2 (10.10.10.1) => LRT WAN2 (10.10.10.254)
LRT WAN1 SN (255.255.255.0)
LRT WAN2 SN (255.255.255.0)
LRT WAN1 GW (192.168.1.1)
LRT WAN2 GW (10.10.10.1)
LRT WAN1 DNS (192.168.1.1)
LRT WAN2 DNS (10.10.10.1)
System Management => Load Balance
LRT DHCP Device IP (192.168.200.1)
LRT LAN => Switch => Ubiquiti Unifi AP => User
Nothing other than the LRT's connected to the modems.
If the modems DHCP is set to 192.168.1.x and 10.10.10.x subnet 255.255.255.0 then DHCP setting will work on the LRT WANs.
Please remember to Kudo those that help you.
Linksys
Communities Technical Support -
Multihomed eBGP load balancing with 3 ISP's
We currently peer with 2 ISPs using BGP in an active/failover configuration. My company wants to move to a 3 ISP model where Internet traffic is split across the 3 providers so that bandwidth is equally distributed on outgoing traffic across our 2 /22 ARIN IP ranges. This is from our 2 edge switches that have VSS.
Within my limited knowledge of BGP, I have determined that we could do load sharing pretty easily by adding multiple default routes and breaking up our /22's into /24 and advertising them that way. However, I don't think this satisfies the request that downtime must be seamless, should one link drop.
Currently, our ISP's advertise default routes. From the research that I've done, we could get close to load balanced links if we receive full BGP routes and community settings and definitions. I'm nervous about this because it looks really complicated, and I don't want our AS to turn into a transit AS. I've been told the same can be accomplished with only partial BGP routes and community settings and definitions.
Personally, I think we just need a WAN load balancer. However, given the request, is there a thread out there that can explain this, or can someone discuss this requested scenario a little bit?
Thanks!Hi there
First question would be what is the required reconvergence time for the applications using the Internet? Should an outage occur, when do they lose their state? Once you know that, you then have a target to aim for in terms of recovery
With regards load-balancing, with BGP we are always talking inbound and outbound.
The outbound solution is relatively simple - each ISP advertises a default route to your Internet edge router(s). Create an eBGP session from each edge router to the core, advertise the default route and redistribute into the IGP. Ensure the IGP cost to each BGP next hop is equal and you have ECMP for outbound routing.
Inbound influence is usually via MED (not likely in this case given 3 ISPs), adjusting local-pref in the ISP via BGP EXT communities configured your end, or via AS-PATH prepending for longer prefixes from your /22. Prepending would be simplest, but your unlikely to get an exact inbound traffic split, however a relatively even distribution should be sufficient. -
Load balance on CSM with both Firewalsl and Cache engines
Hi,
I'm come from VDC#3 ( Vietnam) , we have 2 CSM , 3 firewall , and 8 CE 7325. We configed dual CSMs load balance for 3 FW, and now we want to use one CSM to load balance for CEs. Can you hint me best topylogy network?
Thanksyour topology is correct.
The problem is your config.
If you need access to the CE ip addresses, you need to configure a vserver to allow this traffic.
Something like
serverfarm FORWARD
no nat server
no nat client
predictor forward
vserver access2ce
vip x.x.x.0/24 any
serverfarm FORWARD
ins
Replace x.x.x.0/24 with the subnet used by the CE.
Regards,
Gilles.
Thanks for rating this answer. -
Dual WLAN links with load balancing and failover
Hello,
I am in a scenario where I am in need of two WLAN links between two buildings. There is a distance of 100-150 meters and minimum bandwidth required for both links together is 300Mbit/s. The thing is that both links should use load balancing between them and if one of them goes down, the last one should act as fail over.
I have been looking at Cisco Aironet 1550 Series though I have no idea what is needed to get load balancing and fail over to work, so I am searching here for suggestions on what equipment is needed.
Something like this:
---------------WLAN Link 150-300Mbit/s-----------
Building Load balancing and fail over Building
---------------WLAN Link 150-300Mbit/s-----------
Thanks in advance!Several points.
When an AP is doing 300Mbps, that's NOT the real throughput you have. It's the data rate at which traffic is sent.
All in all, if your AP/client are doing 300MBps association, you will see max 150Mbps with a file transfer.
From there, I'm not even sure that 11n supports dual spatial streams over such long distances (you can't have multipath in open air) so afaik the 1550 only do 150Mbps association rate (=dual channel with one spatial stream). That means 75Mbps real speed.
I couldn't test a 1550 yet so don't take my word for official statement but that's what I'm thinking.
the wireless links will always be both up and they can be on different channels.
That will then mean that it will be "as if" the remote switch was connected directly to the central switch (where WLC is connected) as the WLC tunnels traffic all the way. So you could do a spanning-tree config on this one I guess to block the port onthe remote switch.
Regards,
Nicolas -
LRT224 Load Balancing and Link Failover
Hi, I am new to this forum. I have recently set up the LRT224 with two different ISP's. I am having problems configuring the Load Balance and Link Failover.
When I have Load Balance selected only one ISP (WAN 1) is active, the other (WAN2, ISP modem) remains inactive. Why is Load Balance only engaging one ISP?
When I have Link Failover selected, even with attempts and seconds configured to one second, and WAN1 has packets lost, it doesn't switch over to WAN2.
I am not tech savey but any help will be greatly appreciated so that I can get both ISP's active with Load Balance or at least have Link Failover work almost instantly. Thanks.Hi @BSue2015,
If both WAN1 and WAN2 are already getting IP Addresses from your ISPs then we can say that Load Balance is working. To check it further, do a speed test by going to http://www.speedtest.net. Dual WAN connections are doubling the amount of available full speed connections due to the load balancing. The speed should have its maximum throughput even if you have several users on the network. -
Unequal Load Balancing with EIGRP over 4 Wireless networks
We are trying to load-balance on 4 interfaces that have unequal bandwidths. The setup looks like this
8 Computers -> Empty Config Switch -> 3560 Router\Switch -> 4x Wireless Radios on different frequencies - networks -> 3560 Router\Switch->Empty Config Switch -> 8 Computers
We have EIGRP setup and the bandwidths defined, and the routes are showing proper share counts, but once we start adding traffic to the network, they all jump on one of the links. The config and everything looks right, its just not working. I have tried switching to different cef algorithms. Removed the vlans . I made them equal cost and they did the same thing. Its like EIGRP does not want to load balance.
When i did this config with static routes or as OSPF, it actually load balanced them, but I'm stuck with a 1:1 share ratio. If i could control the ratio, then that would be an acceptable solution.
Any ideas on what could be causing this?
Code:
Routing entry for 192.168.104.0/24
Known via "eigrp 10", distance 90, metric 13312, type internal
Redistributing via eigrp 10
Last update from 192.168.2.4 on Vlan2, 00:04:25 ago
Routing Descriptor Blocks:
* 192.168.9.4, from 192.168.9.4, 00:04:25 ago, via Vlan9
Route metric is 51712, traffic share count is 31
Total delay is 20 microseconds, minimum bandwidth is 50000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
192.168.5.4, from 192.168.5.4, 00:04:25 ago, via Vlan5
Route metric is 13312, traffic share count is 120
Total delay is 20 microseconds, minimum bandwidth is 200000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
192.168.3.4, from 192.168.3.4, 00:04:25 ago, via Vlan3
Route metric is 26112, traffic share count is 61
Total delay is 20 microseconds, minimum bandwidth is 100000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
192.168.2.4, from 192.168.2.4, 00:04:25 ago, via Vlan2
Route metric is 13312, traffic share count is 120
Total delay is 20 microseconds, minimum bandwidth is 200000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
3560_Switch_1#show int Fa 0/1 | inc packets/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
3560_Switch_1#show int Fa 0/2 | inc packets/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
3560_Switch_1#show int Fa 0/3 | inc packets/sec
5 minute input rate 17111000 bits/sec, 2545 packets/sec
5 minute output rate 13872000 bits/sec, 2251 packets/sec
3560_Switch_1#show int Fa 0/4 | inc packets/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
3560_Switch_1#show ip cef exact-route 192.168.101.57 192.168.104.57
192.168.101.57 -> 192.168.104.57 => IP adj out of Vlan5, addr 192.168.5.4
Here is the config.
Code:
ip cef load-sharing algorithm universal 00123456
interface FastEthernet0/1
switchport access vlan 2
bandwidth 200000
delay 1
spanning-tree portfast
interface FastEthernet0/2
switchport access vlan 3
bandwidth 200000
delay 1
spanning-tree portfast
interface FastEthernet0/3
switchport access vlan 5
bandwidth 200000
delay 1
spanning-tree portfast
interface FastEthernet0/4
switchport access vlan 9
bandwidth 200000
delay 1
spanning-tree portfast
interface GigabitEthernet0/1
description USER PORT
switchport access vlan 100
spanning-tree portfast
interface Vlan2
bandwidth 200000
ip address 192.168.2.1 255.255.255.0
delay 1
interface Vlan3
bandwidth 100000
ip address 192.168.3.1 255.255.255.0
delay 1
interface Vlan5
bandwidth 200000
ip address 192.168.5.1 255.255.255.0
delay 1
interface Vlan9
bandwidth 50000
ip address 192.168.9.1 255.255.255.0
delay 1
interface Vlan100
description User Data
ip address 192.168.101.1 255.255.255.0
router eigrp 10
maximum-paths 8
variance 15
network 192.168.2.0
network 192.168.3.0
network 192.168.5.0
network 192.168.9.0
network 192.168.101.0Yup, that was the first cef algorithm I had tried. ip cef load-sharing algorithm include-ports source destination
I tried all of the different types.
Also, I was sending data trough iperf from 4 computers + 1 comp steaming video on one network to 5 computers on another network. In any case of source or destination, it should have switched over. The odds of it all going on Vlan 5 is ~ 0.6% Restarting the router sometimes places it all on a different vlan, but in any case its all or nothing. -
Performance Routing (PfR) with single router, dual ISP and load balancing
It looks like PfR can do this but I have only found information about this feature which will start using ISP2 once ISP1 reaches 75% usage. But this is not load balancing.
Can we accomplish load balancing utilizing a single router with dual ISPs using this PfR feature?
Or do we have to use another feature?
thank you in advanceDisclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I'm rusty using OER/PfR, but I recall it could load balance two links on same router. The issue, I also recall, if doing BGP, OER/PfR has to detect a load imbalance, and there's a certain difference allowance, and OER/PfR takes some time to decide, so depending on actual traffic, it might not be obvious it's working. If doing BGP, there's a hidden command (which I don't recall is) that will load balance the two links on the same router; then you use OER/PfR to dynamically refine the balance load. -
Rv042 dual-wan threshold based load balance?
I have an RV042 (it's old, silver/dark grey plastic front one) w/ firmware 1.3.13.02-tm.
The reason we bought this (long ago) was to balance two WAN connections, one with unlimited data and one capped monthly. It did that once, but for a couple years both connections have been unmetered so it's just been balancing them 50/50. As of today one WAN connection (the new much faster one) is back to being metered but I can't figure out how to configure the RV042 as it once was to prefer sending traffic over the slow, unmetered connection first, and only use the faster metered connection when necessary.
It's been a long time and honestly I only vaguely remember the ability to prioritize a connection based on % of bandwidth used so that all traffic would go over the unlimited connection 1st until it was flooded, and only then fall over to the metered connection. This is totally different than the weighted round robin, or smart link backup.
I found this 3rdparty pforum post that supports that vauge memory and suggests this was eliminated netweem firmware 1.23 and 1.3:
http://www.linksysinfo.org/index.php?threads/rv042-load-balancing-options-from-the-manual-where-to-find.15512/#post-69948
So I humlbly ask... Is it possible to replicate this functionality with the current firmware? if so how? If not, how to do roll back to firmware 1.23?
It sounded like perhaps I could assigned WAN1 a bandwidth of 100000 (even though it's really 1500) and then assign WAN2 a bandwidth of 1 (even though it's really 20000) and the result might be the prioritization I'm looking to achieve... but I feel like I'm stumbling in the dark at the point.
Just FYI, I'm not at all opposed to buying new hardware to acheive this if it's not terribly expensive (ie. <$200). I'd rather not, but I've got to solve this quick.Hi Jon,
I Also have one of these routers.
On the bottom mine says (v02) which means its hardware version is 2.
I just got this one brand new for home as I have been using them for a very long time now. However I have been using them for VPN and now I am needing the same functionality as you.
I am currently running Firmware Version: 1.3.12.19-tm
If you login to the web management (eg 192.168.1.1) and go to System Management > Dual-WAN
Down the bottom you will see "Protocol Binding".
This is all I know of to send specific ports or applications via a specific WAN.
I'll give you an example of how I am using it currently.. (BTW it seems to be working OK, But you are on a higher firmware)
eg: WAN1 is more reliable than WAN2 which is a cheap unlimited service.
So I bind port 5060 (sip), port 80 (http) and port 443 (https) to WAN1 so that my VOIP phone is on the good service and so is all web traffic.
so all the other stuff can use the unlimited connection.
Also, My current bandwidth settings are
WAN UPSTREAM DOWNSTREAM
1 384 8000
2 384 10000
And Under: System Management > Bandwidth Management you can also prioritize those ports.
This may help you in some way, So maybe you can help me..
Your post has made me not want to upgrade the firmware.. Can you please confirm that this functionality exists still?
Thanks
Maybe you are looking for
-
Adding Data to the database for SAP Transactions
Hi I'm new to the whole ABAP. I would like to enquire about adding transaction data in SAP through ABAP but it must be immediate. I know that one can use a BAPI to add data and can rollback if any problems occur. But if no BAPI exists how does one wr
-
Hello, I have an integration scenario wherein I am sending a xml message to XI and in XI the message is mapped to 2 idocs and sent to 2 different R/3 systems. When I run the test in the Runtime Workbench and give the payload with the Quality of Servi
-
whenever i try to open html massege in my mailbox it is showing error code 200.resently i upgrade my phone to symbian belle
-
How to delete iweb page that crashes program
I have one page on my web site that crashes the program when i try to open it or delete it.. Is there another way to remove this volatility from the website with out loosing any other site pages?
-
Oracle forms installation - some help need
I am trying to install Oracle forms - but get the follwing message: Checking swap space: 576 MB available, 1535 MB required. Failed <<<< Some requirement checks failed. You must fulfill these requirements before continuing with the installation,at wh