3

I work in the third world at an educational ministry. We're setting up in a new office and need to decide on an Internet package. Because the (only) telecom business has figured out that government organizations can spend limitless money on an Internet connection, there is a huge disparity in cost between leased lines for business use and home connections.

Can anyone explain my options for what I believe (from searching other threads) is called channel bonding? That is, I want to take 4 Internet connections (4 lines connected to 4 DSL modems), stick them into a server and let all computers on the network make use of the increased bandwidth. Also, I have to split use roughly equally between all 4 because of the way the ISP arranges billing.

The server has not yet been built, so we can easily go Windows or Linux at this point in time.

Catch: it's tough to get fancy equipment (read: decent routers) here. But we can, for example, buy a bunch of network cards.

What are my choices?

MikeyB
  • 38,725
  • 10
  • 102
  • 186

3 Answers3

3

I would suggest that you run the Pfsense firewall/router distribution on you server.

With this software you can load balance across the four DSL connections that you have. see http://doc.pfsense.org/index.php/Multi_WAN_/_Load_Balancing for more details.

You can also host data/services (web server,FTP etc) for external users through this router via a DMZ.

In all you would need 6 Network interfaces on your server. 4 - DSL lines 1 - LAN 1 - DMZ

Using a residential DSL line would most likely mean that you would be given a dynamic IP address. With a single line you would normally use a dynamic DNS service such as dyndns (http://www.dyndns.com). With this approach you would create an account with dyndns (say) and choose a web address. This web address will be a sub domain on one of the domains owned by DynDns. Then you would sync a DNS update client on you router with your account at DynDNS. At this point people can access your server using the address you choose when you signed up for the DynDNS account.

Doing this across multiple residential lines becomes either tricky or expensive. DynDNS has options that you can look at (Round robin load balancing etc. ). If this is beyond your budget then you can consider the following:

Using a single DSL line and creating a DynDns address for it (this is what you will give to people to access your data). Note that the outgoing traffic on this line (uploads from people using the internet at your ministry) will affect the performance of your webserver.

Create DynDNS addresses for all four of you DSL lines and create a separate web application hosted elsewhere that you can use to do the round robin on your DSL lines. In this scenario, you would give people wanting to access your site the address of you web application which will forward them to one of the four the DSL lines. Depending on your traffic, you can look at Google App Engine (http://code.google.com/appengine/) for free hosting for your web app.

Hope this helps =)

  • +1 for pfSense - it's a good quality firewall/router distro that's also free! – MikeyB Feb 11 '10 at 14:43
  • So, pfSense would be unable to handle the dynamic IP address? Does this only apply to inbound connections (that is, do I have a cheaper, easier solution on my hands by just forcing people connecting to our server to be stuck with one line), or would it fail to work for outbound connections too? Also, and I swear I tried to find the answer through the pfSense FAQ (but I am very inexperienced), does installing pfSense restrict the functionality of the server? The IT guy here now insists on a windows server for file sharing, security, and so on... can he still tinker with that? –  Feb 19 '10 at 04:55
1

I can present a few ideas off the top of my head:

  • with your ISP's assistance (if they are friendly to your situation) you could arrange with them to setup a proper multihomed setup for your network and use BGP to load balance across your multiple connections
  • you could use multilink PPP, but your ISP must support it on their end.
  • an option not requiring ISP support (indeed, you could multiple ISPs) would be to use Linux iptables to SNAT each outbound connection to a different outbound modem (this is only suitable if your traffic is outbound)
  • IPv6: If you get IPv4 from your provider, you could try and get a chunk of IPv6 space allocated to you, then you can bring up multiple tunnels to an IPv6 transit provider (HE.net does this for free) and run IPv6 BGP across those tunnels. In theory :)
MikeyB
  • 38,725
  • 10
  • 102
  • 186
  • Yeah, I have good reason to believe they won't be friendly to this idea. Forgive my ignorance, but what would it mean for traffic to be just outbound? If we were hosting data for people across the country to access, would this mean they couldn't access it? Or just that they could only access it with one of the connections? –  Feb 11 '10 at 04:45
  • If everything is outbound, then the load balancing is accomplished via SNATting to different sources on your end. You have no control over inbound connections, so you need some way to load balance them externally. Round-robin DNS is probably the best. @pwyll's suggestion of Google App Engine is a good one if it makes sense for your model. – MikeyB Feb 11 '10 at 14:40
0

With 4 IP's and 4 physical interfaces you can use either bonding mode 5 or 6 on Linux (I believe there are Windows alternatives as well) both are adaptive load balancing algorithms for outgoing traffic, however this may also require some DNS-fu depending on what exactly you're doing with incoming traffic.

MikeyB
  • 38,725
  • 10
  • 102
  • 186
d34dh0r53
  • 1,671
  • 11
  • 11