Is it possible to merge my ISP and cellphone Internet access? I want to split download and upload



I would like to use my ISP for download only, and my cellphones 4G connection for upload only. This is because my ISP's upload speed is poor, but download is OK, and my 4G upload is great and free (I only pay for downloads).

So one PC, two connections: ISP for download, and 4G for upload. With doing this I would be paying the same as today, but increase my upload from 0.1 Mbit/s to about 60 Mbit/s.


Posted 2015-05-25T08:24:54.130

Reputation: 129

Question was closed 2015-05-26T13:40:03.117

Yes, it IS a duplicate, and there are many more similar questions, including my own a couple of weeks ago, but they never seem to get a straight answer! – Lefty – 2015-05-25T08:44:46.907

So, since they dont seem to get a straight answer, I let this thred live. I have read the others and they havent fixed the problem, even after 1000 views. – FreddyJoe – 2015-05-25T08:49:29.760

1@Lefty: If you want to draw attention to your question offer a bounty. – Karan – 2015-05-25T18:09:17.340

Isn't there some software that does this? I feel like I read about it about a month aog – Jon – 2015-05-25T18:52:17.523

1You know, this question is actually different than the ones this question is linked to and claimed to be a duplicate of. Those are about generally merging connections, this question is more than that. – Matt H – 2015-06-11T02:16:33.017



This is not possible. Acknowledgements are an integral part of Transmission Control Protocol. If you split incoming and outgoing data distinctly between two interfaces you would be inherently disabling the acknowledgement component of the protocol.

TCP is a connection-oriented protocol, which means a connection is established and maintained until the application programs at each end have finished exchanging messages. It determines how to break application data into packets that networks can deliver, sends packets to and accepts packets from the network layer, manages flow control, and—because it is meant to provide error-free data transmission—handles retransmission of dropped or garbled packets as well as acknowledgement of all packets that arrive. In the Open Systems Interconnection (OSI) communication model, TCP covers parts of Layer 4, the Transport Layer, and parts of Layer 5, the Session Layer.

Routers can implement network load balancing between separate interfaces, but that typically operates on a hashing. This means that a connection is established on a given interface based on a hashing algorithm, and maintained on that interface until it terminates. Even with expensive routers each interface is required to maintain an established connection until completion.

Addition: It may be possible, but the scope of the implementation makes it impractical. Besides, even if you manage to offload all your traffic to a mobile tether, how long do you think it'll be before the ISP updates your terms of service? There's likely a fair use policy in there somewhere already. Here are the requirements.

  • Spoof source IP of traffic egressing via mobile tether to match that of traffic egressing via your ISP connection so that it returns via ISP con. This can be done with iptables.
  • Route local traffic via mobile teather. Somethign like: 'route add mask [external IP of mobile tether]. Maybe run DDNS to keep you from having to update this frequently.

If you want to go ISP big, look into asymmetric routing with BGP.

Alex Atkinson

Posted 2015-05-25T08:24:54.130

Reputation: 2 845

11This is baloney; there is very little in this answer which is actually wrong, but all of it is completely irrelevant. – Ben Voigt – 2015-05-25T18:28:55.027

1Couldn't some form of tunnelling solve that? Acknowledgements would still have to go in the undesired direction, but most data not. And tunnelling over UDP could even avoid the acknowledgements, right? – Artur Gaspar – 2015-05-25T19:26:39.597

1@ArturGaspar: Acknowledgements are just TCP data packets with the ACK flag set, they follow the same rules as all TCP data packets. And there is no "have to go in the undesired direction". IP packets are like envelopes -- you can write your return address, take them to any post office, and drop them in the box. They don't have to be put in your own box -- think about how many postcards get sent while on vacation. The catch for IP packets is reverse path filtering, which is specifically designed to detect and prevent this (Note that return address spoofing is possible on paper mail as well) – Ben Voigt – 2015-05-25T21:31:06.233

1The claim in this answer that "If you split incoming and outgoing data distinctly between two interfaces you would be inherently disabling the acknowledgement component of the protocol." is one of the parts that is outright wrong. TCP acknowledgements work between endpoints, and the path taken by the packets matters not at all (as long as the time-to-live is not exceeded) and certainly does not have to match. – Ben Voigt – 2015-05-25T21:32:50.203

1Can't split incoming and outgoing data?? Satellite Broadband download with Dialup upload was on sale in Aus for years. Google "One-way receive, with terrestrial transmit" – JumpingJezza – 2015-05-26T08:59:56.383

@BenVoigt I understand that. I meant an undesired direction from the asker's practical point of view (packets being sent from the server he is connecting to, to his 4G connection, counting his download limit). Tunnelling all data through two TCP connections from different IPs to a server that was aware the client needs to send data through one and receive through the other would solve his problem save for acknowledgements being sent in the opposite direction. – Artur Gaspar – 2015-05-27T10:37:32.343


Although it is practically impossible to separate upload and download between connections (as described in details in other answers) there is possible manual workaround.

You can manipulate default connection, switching it depending on task you wish to start. Default connection on Windows is first connected interface, its order is calculated by Metric (which tends to put wireless above cable).

You can easily override metric with manual order in advanced settings of network connections: How to change default connection in Windows. (Should work same from XP to 8.1 with minor or no differences)

Most modern programs use default connection provided by system, after connection is established it will (should) be kept on it. Usually it means that program will use connections that was default on time you started it. By switching default connection before opening connection you may be able to switch connection depending by task and keep both open at the same time.

Keep in mind that some programs (eg, download/upload managers) will open connections per-task, rather than per session, so your mileage may vary.


Posted 2015-05-25T08:24:54.130

Reputation: 251


It's possible to use both internet accesses to share the load of download/upload, but always only per connection. So one TCP (or UDP) connection can go only via one link. This is mentioned also in the other answer - for outgoing TCP packets you must receive acknowledgement packets and these must go via the same interface.

You could manually alter the routing table for example before doing large youtube upload to divert all youtube traffic via the internet with faster upload speed and then change it back. But it would be difficult as youtube uses many different IP addresses (routing works on IP, not on hostnames). But for some company FTP server, it could be doable.

This is true for all home internet access where you are given IP address from your ISP. So on the first ISP you get e.g. IP, but on the cell phone you get IP of your phone network operator, for example The entire connection (outgoing and incoming data) must go with only one of those IP addresses.

For commercial and server hosting internet you can get one IP address which is independent of the ISP and so you can use more internet connections at the same time.


Posted 2015-05-25T08:24:54.130

Reputation: 903

You could always use a local HTTP or SOCKS proxy instead of manually editing the routing table. This way you can cleanly separate the two connections simply through a browser addon such as FoxyProxy. – sleblanc – 2015-05-25T16:40:01.677

Interesting suggestion, but I don't think you can specify source ip in the proxy configuration (as outgoing network interface is chosen by the source ip). – Marki555 – 2015-05-25T18:07:32.793


You would have to have an overlay (tunnel) connection that supports different endpoints for upstream and downstream traffic. The only protocol that I know of that supports that natively is LISP (Locator Identifier Separation Protocol). If you can find a LISP ISP near you you might be able to buy service from them in addition to your current connections. It probably won't be free though.

Sander Steffann

Posted 2015-05-25T08:24:54.130

Reputation: 4 169


Technically speaking, this capability is inherently built into all networking built on top of IP (you must have a publicly routable IP address), and activated just by changing your client-side routing table. Most likely traffic intended for the ISP's own local network would continue to be sent through that interface, while all other traffic will go out through your default gateway.

The "source" IP address that has to match to make acknowledgements and everything else work is chosen based on the socket through which the data is sent, and, except for the unusual case of an interface-restricted socket, has nothing at all to do with the interface used to carry the data. (Contrary to comments saying that outgoing network interface is chosen by source IP, in reality only the routing table has any influence).

However, the fact that routing depends only on the destination address has been used for malicious purposes (packet spoofing is an important component of reflection attacks), so most carriers have configured their routers to implement reverse path filtering and throw away packets where the source IP address doesn't match the path, since they are deemed to be spoofed.

If you don't have a public IP address, then in addition to reverse path filtering, the NAT/PAT layer will prevent this from working (your source IP address used by your computer will be meaningless on the other network, and won't be correctly rewritten if the packet doesn't go out through the NAT/PAT router).

In fact for large multihomed networks, asymmetric routing does happen. Importantly, most implementations of reverse path filtering require that a route exist which matches the interface where the packet arrived; it does not have to be the preferred route (the one with the lowest cost metric).

So, "all" you have to do is convince your internet provider (including their providers upstream) to either (a) disable reverse path filtering or (b) set up a non-preferred route. Thich is not going to happen, core routers can't handle three billion routes, in order to have one for every unique public IP address. So it is very rare to have routes for any block smaller than a /20, except internally to the ISP where routes exist for all the local subnets.

Ben Voigt

Posted 2015-05-25T08:24:54.130

Reputation: 6 052

Perhaps filtering between different sources is not done if it happens that his ISP is also the provider of his cell phone 4G plan? – Ángel – 2015-05-25T21:29:54.620

@Ángel: That's entirely possible, but if the same company were providing both services, I suspect that would be marketing this ability (after all, satellite internet already uses very different paths for upload and download, both under control of the same ISP) – Ben Voigt – 2015-05-25T21:34:58.760

only if they officially supported such configuration. Most phone companies here provide both telephone (calls and data) and residential ADSL. Depending on the (lack of) segregation of those two networks, it could work [for some time], and I would expect such setup to break any day (but Freddy could enjoy that hack until then ☺) – Ángel – 2015-05-25T21:51:38.007


The short answer is: in 95% of the cases it cannot be done, and yours falls within that 95%.

First, let me say that it makes little sense to speak of routing separately upload and download, because even intense download tasks require that some packets flow backward to the source, i.e. any download requires some upload flow (This is less true for UDP than for TCP, but never mind that).

If we were to channel the upload of a mostly-download connection through a different NIC than the one used for the download part, the source of the download would see replies to its packets originate from a different IP address than the one to which it is sending packets; it is a basic security feature to disregard packets purporting to be related to a given connection, but originating from a third-party address. Hence the upload part of the conversation would be dropped, and the connection would grind to a halt. This has little to do with ISPs and their services: it occurs even between two pcs on the same LAN, if one of the two is trying to connect to an IP address by using in the same connection two different NICS (hence two different IPs).

This is the reason why we talk about connections, not upload/download.But then one might re-formulate your question as follows: can I have a pc, which has two NICs both connected to the network, use the two NICs for two distinct connections, say the slow connection for a slow, tedious job like e-mail, and the fast connection for a quick process like Web page download?

The short answer to this well-posed question is: in Windows, *Nix (including MacOS) and Android no.In Linux yes, you can.

The reason why you cannot do this in Windows (any version), *Nix and Android is that any routing table can have just one default gateway (*i.e.*the address to which you send all packets not destined to your LAN), and these OSes can only handle one routing table: hence a single gateway.

Instead, in order to allott different applications to different interfaces, you need two distinct functionalities: one, the ability two run two routing tables simultaneously, and two, the ability to tie applications to either routing table. Only the Linux kernel (light years ahead of the competition) has these capabilities, as of this writing. The *Nix kernel partially compensates for that through a judicious use of its firewall, pfsense, without however achieving the full result.

The ability to run two routing tables at the same time (called policy routing or source-based routing) means that packets are differently routed depending on their IP address. This is an extremely useful feature if you are building a router.

However, in order to use different NICs (and thus IPS) depending on the application, you need network namespaces, a Linux kernel feature that allows you to build a separate shell with its own network stack. Now processes running inside this separate shell will all be routed according to the routing table of the network namespace, not that of the main pc.

This is of course a form of virtualization, albeit a weaker form than, say, a Linux container, not to mention a virtual machine. But it is the real way, with a single pc, to route different processes through different interfaces.

To sum up, in Linux (and only in Linux) you may run a separate network namespace, which is, for instance, connected through a VPN to your work place, so that you access your work resources, and, if you run Firefox, you appear to be based at your work place, while at the same time runnning Google Chrome outside the network namespace, and thus appearing (on Chrome) to be based at home.


Posted 2015-05-25T08:24:54.130

Reputation: 41 321

2"purporting to be related to a given connection, but originating from a third-party address"... the source address in the packet is the only thing that makes it related to a given connection, and reverse path filtering doesn't care whether the packets it drops are connection-oriented or not (most spoofing attacks are against connectionless protocols). – Ben Voigt – 2015-05-25T21:55:26.120

"This has little to do with ISPs and their services: it occurs even between two pcs on the same LAN" -- It has everything to do with the ISP. You can disable reverse path filtering on your own computer (if you're running an OS such as Linux which has it in the first place). The problem is when your ISP (or their upstream provider) is using it. – Ben Voigt – 2015-05-25T21:56:49.853


Splitting related connections across different providers would only be possible if you had a single IP address reachable/routeable from both providers. That IP would normally be provided to you as part of a larger block of addresses via BGP. And if you had that, you would be able to do this with BGP using a feature called path pre-pending and local preference rules in BGP.

Even if you could get such an arrangement to work between your ISP and your cell phone provider so that your IP would be reachable via both networks, it would likely cost you more than you're paying right now for both connections.

If on the other hand what you're in fact asking is if it's possible to favour the 4G connection for a predominantly upload session such as when uploading files with ftp/sftp or http. And for normal web browsing to have that traffic use your ISP then I think the answer is maybe. But for maybe to work you'd have to be able to classify the session as a mainly upload one, or a download one. As ftp and http and other protocols can be used equally for either upload or download, you can't determine this by port number. So the only alternative is to be looking at the data mid-stream. By that stage the decision would have been made as the data is already flowing. So that can't be automated.

So, in your case. NO. (at least not when you're on a shoestring).

Matt H

Posted 2015-05-25T08:24:54.130

Reputation: 3 823


You need a host you control reachable from both connections.

Set up two VPN tunnels to that host, each one going from a different interface on your side. Once you have that it's like having two Ethernet cables. You can use bonding to use them together as a bigger cable, and then try passing traffic through it.

Now I don't know if you'd actually gain much performance out of that (the mobile network's latency is much higher than your broadband one which may cause problems), but you should try it and see.


Posted 2015-05-25T08:24:54.130
