Category:Bonding: Difference between revisions

From AAISP Support Site
Line 109: Line 109:
*See: [[Router - RouterOS and Routerboard bonding]]
*See: [[Router - RouterOS and Routerboard bonding]]


=Mixing BT, TT and BE lines=
=Mixing BT & TT lines=
AAISP BT lines, TalkTalk Wholesale and BE Wholesale lines can all be used for bonding, and gives even great resilience in the case of a fault in BT or a fault in BE. - as of October 2010, BE lines need to run on a reduced MTU of 1492 - and bonding will need all lines to use this reduced MTU. This is an tickbox option on the control pages though
AAISP BT lines, TalkTalk Wholesale and BE Wholesale lines can all be used for bonding, and gives even great resilience in the case of a fault in BT or a fault in BE. - as of October 2010, BE lines need to run on a reduced MTU of 1492 - and bonding will need all lines to use this reduced MTU. This is an tickbox option on the control pages though



Revision as of 15:37, 17 March 2015

Related Pages on the A&A Website:


AAISP have been providing bonded ADSL services for many years... There are various things to consider and understand...

Overview

AAISP support per-packet bonding - this is at the IP level, and simply means that packets entering or leaving your site use the ADSL lines on a roundrobin basis (or based on the speed of the lines). That way, a single TCP/IP session is transmitted over multiple lines.

MLPPP (Multilink PPP) Is not supported - it was originally designed for ISDN, and AAISP take the view that bonding at the IP level is the way to do bonding.

  • There is also details on the AAISP KB page: [1]
  • Also see the FireBrick 105 Bonding FAQ [2]

Advantages

More bandwidth, as well as resilience (having more that one line increases the probability of staying online in the event of a fault) People often want greater upload bandwidth so as to improve performance of remote workers (etc. VPN/remote sessions etc.) or sending out large files etc.

Limitations

FireBrick 105 Throughput

We do recommend the FireBrick 105 product for bonding, fallback, and firewalling - as of Oct 2010, this is nearing the end of its life, and the throughput peaks at around 10-10Mbit/s - so with today's faster lines, it's limit may be easily reached. -New products are due very soon to replace the 105.

Firebrick 2500 and 2700

The replacement to the 105 is the 2500 and the 2700. There is a separate section on this wiki for FireBrick.

Packet re-ordering

As IP packets are taking separate routes to get to you, there is potential for packets to be out of order. This can happen where the ADSL lines have different amounts of latency. -this can be overcome to some extent by adding/removing 'interleaving' on the ADSL lines. Latency can be easily seen on the CQL graphs for your lines on the ADSL Control Pages.

In theory, out of order packets should not be a problem, TCP copes with out of order packets, but some applications may have problems. We have seen some VPNs and specific video streaming applications being very sensitive to packets being out of order. This is rare though.

Bonding

Fast failover

It is important that when a line fails for any reason the service switches automatically to using the remaining lines. Our constant quality monitoring system means we are constantly monitoring every line and will be able to react to a failure of a line within 10 seconds. When a line goes out of service the routing of traffic can automatically switch to remaining lines.

When using multiple lines for redundancy this allows the fall-back line to come in to service very quickly. When being used for extra speed the failed line simple means less speed until the problem is resolved.

We provide email and text alerts of lines going off line unexpectedly so that you are alerted to the problem.

Download Bonding for Faster Speed

From the Internet to you. AAISP use FireBrick FB6000 routers to manage ADSL connections. This manages the bonding of traffic from AAISP to your location. IP blocks (configured on Clueless) can be routed to multiple lines on your login. for fallback, the FB6000 will stop routing IPs down a line that is off line, and from the Control Pages you can control which lines are used. Speed wise, the FB6000 will route based on the speed of the line - so if you have a 10M line and a 5M line, then the traffic will be weighted correctly (i.e. 1/3 on the 5M line, and 2/3 on the 10M line.)

Upload Bonding for Faster Speed

Upload bonding requires a device at your side to route IP packet up alternate lines. Typically a FireBrick can do this, as well as provide fallback (not using a line that is down) and firewalling. AAISP staff can also configure the Firebrick for your lines for a nominal fee.

There are other devices that can do this, some of the Mikrotik range of routers can do this.

Linux is capable of doing both basic upload bonding by multipath routing. It can also do sophisticated upload bonding using a combination of policy routing and firewall rules.

IP addressing and routing

Our control pages allow you to adjust the IP routing on your lines. You can have multiple IP addresses on a login, and each can be set for routing to one or more lines. You can set each IP address block separately and can define backup routing.

The recommended set up is to use a FireBrick and multiple PPPoE modems or bridges. The FireBrick would have one WAN address over all of the lines, and either public Legacy IPv4 addresses on the LAN, or private address and NAT on the FireBrick. In either case you can have public IPv6 addresses on the LAN and still handle bonding down and up on multiple lines.

The alternative if to use separate routers. These would normally share a /29 interlink subnet and connect to some firewall or router within you network, routing a static IP block to that router. The interlink address block could be private IPv4 addresses but you do not want NAT or fire-walling on the external routers even in that case as it will not handle the bonding. In general using the FireBrick and PPPoE is simpler and more flexible.

Tunnelled bonding

Another approach is to use a tunnelling system of some sort such as a VPN or FireBrick tunnels to tunnel traffic via one or more lines to a tunnel endpoint held in a data centre. We offer hosting services and host FireBricks as tunnel endpoints. Using FB2700's at both sides will allow multiple tunnelled connections which can be via multiple ADSL lines that are even from different internet providers.

Examples

Simple Download Bonding

This is a poor-mans bonding setup, but would be effective, but not as flexible is using additional hardware such as a Firebrick. As AAISP manage download bonding, the simplest set up is as follows:

  • You have 2 or more ADSL lines with AAISP (either BT, or BE, or a mix)
  • You have a block of IPs, big enough for your LAN
    • The first usable IP will be Router 1, the second Router 2, and the rest will be for your devices.
  • You have 2 standard ADSL routers (e.g. supplied by AAISP)
    • The ZyXELS can be configured to use the other router as a fallback gateway (giving some level of fallback if the ADSL goes down, this isn't configured automatically by AAISP router programming)
  • You plug the routers, and computers etc. all in to the same network switch
  • You pick on of the routers IP addresses to use as the gateway on your devices (or you can set up DHCP server on one of the routers)
    • You could use one router as the gateway for half of your devices, and the other router as the gateway for the other half - thus giving some level of upload bonding

With this setup, you wouldn't have any firewall capabilities (apart from that provided by your operating systems.)


Simple Download Bonding, using a router/firewall

If you have an existing router/firewall, then you could use this to firewall your network, and provide NAT (if that's what you want to do) The points are similar to the above example, with a difference on the LAN side of the ADSL routers.

  • You have 2 or more ADSL lines with AAISP (either BT, or BE, or a mix)
  • You have a block of IPs, big enough for your LAN (assuming you are not natting), and a block of IPs for the ADSL routers and your firewall.
    • The first usable IP will be Router 1, the second Router 2, and the rest will be for your firewall.
    • The LAN block will be configured as static routes in the ADSL routers to route the traffic to your firewall.
  • You have 2 standard ADSL routers (e.g. supplied by AAISP)
    • The ZyXELS can be configured to use the other router as a fallback gateway (giving some level of fallback if the ADSL goes down, this isn't configured automatically by AAISP router programming)
  • You plug the ADSL routers and firewall (WAN port) in to the same network switch
  • Your firewalls LAN port is connected to your main LAN switch.
  • Your firewall uses one of the routers as it's gateway
  • Your firewall can be the DHCP server, can run NAT etc. for your LAN

With this case, assuming your firewall is not able to do upload bonding, or have the ability to change which router it uses in the case of an ADSL line being down, in the event of the ADSL line that is being used for upload fails, fallback would need to be controlled manually (i.e. configure the firewall to use the other ADSL router as it's gateway)

Full Bonding with a FireBrick

A FireBrick at your side can manage bonding, fallback and firewalling - this would give you maximum benefit of having multiple lines. AAISP staff can configure a router when purchased for bonding for a nominal fee. The FireBrick pages also covers config examples for bonding on the 2500 and 2700 FireBricks

Full bonding with pfSense

If you can't afford to buy a FireBrick, you might try pfSense as a free alternative. From version 2.0.1, it's possible to configure pfSense for policy-based routing and fallback over multiple WAN connections. One AAISP customer runs this with two AAISP ADSL lines, switching to an AAISP SIM card if both lines fail - see his blog entry for details. However, pfSense does not yet have IPV6 support, and (as of 2.0.1) the recovery from fallback might not always work perfectly.

Bonding with a MikroRik RouterBOARD

Mixing BT & TT lines

AAISP BT lines, TalkTalk Wholesale and BE Wholesale lines can all be used for bonding, and gives even great resilience in the case of a fault in BT or a fault in BE. - as of October 2010, BE lines need to run on a reduced MTU of 1492 - and bonding will need all lines to use this reduced MTU. This is an tickbox option on the control pages though

Bonding FTTC Circuits

FTTC lines can be bonded in exactly the same way - although we do sometimes see congestion on the BT network due to the huge amount of bandwidth! We have customers bonding 2 FTTC lines with a FireBrick 2700, giving the full throughput.

Subcategories

This category has only the following subcategory.

Pages in category 'Bonding'

The following 5 pages are in this category, out of 5 total.