1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco 1700 ADSL

Discussion in 'Servers and Enterprise Solutions' started by s0ck, 12 Oct 2009.

  1. s0ck

    Soldato

    Joined: 18 Oct 2002

    Posts: 5,299

    I've got one of these knocking around at home. If I grabbed another dsl wic for it, could I load balance across two lines?

    I'm thinking this should work but I can't find any supporting documentation on cisco.com for it or, indeed, anywhere else...
     
  2. J.B

    Soldato

    Joined: 16 Aug 2006

    Posts: 5,922

    Dont they have to be coupled on the ISPs end? Im not sure, dont hold me to that!
     
  3. paradigm

    Caporegime

    Joined: 26 Aug 2003

    Posts: 36,359

    Location: Staffordshire

    Yep, they would need to be.
     
  4. ethos

    Mobster

    Joined: 5 May 2003

    Posts: 4,515

    Location: UK

    Wouldn't that be bonded rather than load balanced?
     
  5. s0ck

    Soldato

    Joined: 18 Oct 2002

    Posts: 5,299

    Yeh, I'm not looking to bond. I reckon I can get away with two gateways on the same metric. I suspect there's no documentation so as to push sales at the 1800/2800 series.
    BT rejected my order because of a postcode mismatch *sigh* but I'll keep ya posted.
     
  6. iaind

    Capodecina

    Joined: 26 Feb 2009

    Posts: 14,814

    Location: Exeter

    I see no reason why 2 gateways with the same metric wouldnt work, would be crude though!
     
  7. J.B

    Soldato

    Joined: 16 Aug 2006

    Posts: 5,922

    2 gateways with the same metric? How would it decide? Would it be round robin style?
     
  8. ethos

    Mobster

    Joined: 5 May 2003

    Posts: 4,515

    Location: UK

    Yes J.B, round robin works fine with this setup.
     
  9. PistolPete

    Mobster

    Joined: 6 Sep 2008

    Posts: 3,993

    Location: By the sea, West Sussex

    I wouldn't say fine, but it does work of sorts.

    UDP traffic gets very quickly confused and you'll lose packets, making VoIP/Gaming/FTP pretty much useless. Secure internet traffic (HTTPS) gets screwed up too as it starts seeing data from 2 IP addresses and thinks it's being comprimised and bombs out.

    I used to have plenty of other problems too, some you could work around with routing tables on the PC, some you had to live with.

    It's interesting to have a play with so long as you are not expecting to get a sudden doubling in speed with no side affects.
     
  10. ethos

    Mobster

    Joined: 5 May 2003

    Posts: 4,515

    Location: UK

    I have NO issues with any of that Pete, what hardware were you using out of interest?
     
  11. bigredshark

    Man of Honour

    Joined: 30 Jun 2005

    Posts: 9,516

    Location: London Town!

    Having tested this extensively when I worked for an ISP who wanted to offer a solution based along these lines, the basic version is, all the options are rubbish...

    round robin doesn't work properly, breaks some traffic, causes horrific jitter and is generally as rubbish as you'd expect it to be...

    line bonding was a nightmare and I quite understand why most ISPs can't be bothered offering it. I won't go into the specific issues as nobody will understand I suspect but suffice to say it was worth the effort by a long way

    The only option which even half worked was load balancing between two tunnel based VPNs, one over each connection, terminating on a router in the datacenter and piped out from there. I had that setup at home for a while before I moved but commercially it was too expensive to be worth considering...and jitter was still an issue...
     
  12. PistolPete

    Mobster

    Joined: 6 Sep 2008

    Posts: 3,993

    Location: By the sea, West Sussex

    1721 first and 1841 later.

    I ended up going to an ISP that bonded, not MLPPP tho, and it still wasn't perfect.
    Which ISP you with?
     
  13. ethos

    Mobster

    Joined: 5 May 2003

    Posts: 4,515

    Location: UK

    Pete,

    I have it working with 3 different providers with a Watchguard Firebox. I haven't noticed any issues, and failover generally takes 1-2 seconds if a line goes down. If I look at the current connections it generally splits the load 1/3 (round robin doing it's thing).

    We don't have any site to site VPNs anymore, although we have home users using PPTP VPN, including myself (I use it pretty frequently).

    This is a supported method from watchguard.
     
  14. PistolPete

    Mobster

    Joined: 6 Sep 2008

    Posts: 3,993

    Location: By the sea, West Sussex

    Right, so you have your Firebox with a 5 NIC option, 3 of the NIC connected to an ADSL modem/router?
     
  15. ethos

    Mobster

    Joined: 5 May 2003

    Posts: 4,515

    Location: UK

    4 port, 3 WAN, 1 trusted.

    Had it up and running for a couple of months now (used to run cisco pix 501s at 3 sites w/VPN). I'm very impressed with the Firebox.
     
  16. PistolPete

    Mobster

    Joined: 6 Sep 2008

    Posts: 3,993

    Location: By the sea, West Sussex

    So this is very different from a Cisco with multiple WICs.

    These Ciscos can only do per-session or per-packet load balancing, each having it's own advantage and disadvantages. Pre-session is most compatible, but it can only use 1 line so single session downloads didn't benefit from the extra line making it pretty pointless. Per-packet used both lines but gave me the problems I experienced.

    It was a cheap and dirty way of doing it and it kinda worked, but ho hum.

    On the Firebox front, when it I got my 1841 I retired my old Firebox III/1000.
    The support contract was well out of date and I couldn't get anymore updates for it.... however I've just found out that you can put pfsense on an X500 / X700. There are loads of them going cheap on the bay due to them being out of contract too.... can you see where this is going??