Three internet connections
23 November 2016, 08:59 PM
#1
Scooby Regular
Thread Starter
Join Date: Nov 2000
Location: 32 cylinders and many cats
Posts: 18,658
Likes: 0
Received 1 Like
on
1 Post
Three internet connections
I am adding two 4G connections (each 100Mbps down 40Mbps up as clear line of site to tower 200m away but limited to 32GB each per month) to my home network by using OpenWRT/Rooter firmware on a WD MyNet 750 which allows me to connect and manage two 4G USB modems as well as another WAN which I would like to be from my ADSL connection (10Mbps down 1Mbps up unlimited from a BT Home Hub 5).
The problem is that the ADSL line and the 4G antenna position are not near each other but there is a single Cat 6 1Gbps cable between the locations and everywhere else so that the whole site has great wired and wireless (5 wired APs). The shape of the building is an odd C shape with lots of 600mm thick whinstone that laughs at radio signals.
Do I need a second cable between the Home Hub 5 and the 4G router? Don't want to drop the speed between to 2x 100Mbps by splitting the 8 core to 2 x 4 core as this will slow down link between home and business computers that share drives.
Can WANs be linked to a LAN at two different points as long as one router does DHCP?
The problem is that the ADSL line and the 4G antenna position are not near each other but there is a single Cat 6 1Gbps cable between the locations and everywhere else so that the whole site has great wired and wireless (5 wired APs). The shape of the building is an odd C shape with lots of 600mm thick whinstone that laughs at radio signals.
Do I need a second cable between the Home Hub 5 and the 4G router? Don't want to drop the speed between to 2x 100Mbps by splitting the 8 core to 2 x 4 core as this will slow down link between home and business computers that share drives.
Can WANs be linked to a LAN at two different points as long as one router does DHCP?
Last edited by john banks; 23 November 2016 at 09:01 PM.
23 November 2016, 10:34 PM
#2
I am adding two 4G connections (each 100Mbps down 40Mbps up as clear line of site to tower 200m away but limited to 32GB each per month) to my home network by using OpenWRT/Rooter firmware on a WD MyNet 750 which allows me to connect and manage two 4G USB modems as well as another WAN which I would like to be from my ADSL connection (10Mbps down 1Mbps up unlimited from a BT Home Hub 5).
The problem is that the ADSL line and the 4G antenna position are not near each other but there is a single Cat 6 1Gbps cable between the locations and everywhere else so that the whole site has great wired and wireless (5 wired APs). The shape of the building is an odd C shape with lots of 600mm thick whinstone that laughs at radio signals.
Do I need a second cable between the Home Hub 5 and the 4G router? Don't want to drop the speed between to 2x 100Mbps by splitting the 8 core to 2 x 4 core as this will slow down link between home and business computers that share drives.
Can WANs be linked to a LAN at two different points as long as one router does DHCP?
The problem is that the ADSL line and the 4G antenna position are not near each other but there is a single Cat 6 1Gbps cable between the locations and everywhere else so that the whole site has great wired and wireless (5 wired APs). The shape of the building is an odd C shape with lots of 600mm thick whinstone that laughs at radio signals.
Do I need a second cable between the Home Hub 5 and the 4G router? Don't want to drop the speed between to 2x 100Mbps by splitting the 8 core to 2 x 4 core as this will slow down link between home and business computers that share drives.
Can WANs be linked to a LAN at two different points as long as one router does DHCP?
Hope that helps :/
23 November 2016, 10:38 PM
#3
If I understand this correctly John, I dont think a second cable will be needed.
You are getting 100mbps on each of the 4G connections, and providing GbE connectivity between the 4G router and your Home Hub.
What are you aiming to do with those three connections - I am not an expert in networking, but I dont think you are going to get aggregated badwidth from using all 3. You could load balance between all 3 but that is only of value if you have a lot of users on your network, but one user will only get the maximum bandwith that a single WAN service (4G or ADSL) is offering, it will also offer a failover capability if one WAN link fails.
You are getting 100mbps on each of the 4G connections, and providing GbE connectivity between the 4G router and your Home Hub.
What are you aiming to do with those three connections - I am not an expert in networking, but I dont think you are going to get aggregated badwidth from using all 3. You could load balance between all 3 but that is only of value if you have a lot of users on your network, but one user will only get the maximum bandwith that a single WAN service (4G or ADSL) is offering, it will also offer a failover capability if one WAN link fails.
23 November 2016, 11:06 PM
#4
Scooby Senior
I've seen and tried many different load balancing 'solutions' they're always a lot of work. Maybe Tooway would be less trouble? Or commit to 4G.
Last edited by JackClark; 23 November 2016 at 11:07 PM.
24 November 2016, 08:32 AM
#5
Scooby Regular
Thread Starter
Join Date: Nov 2000
Location: 32 cylinders and many cats
Posts: 18,658
Likes: 0
Received 1 Like
on
1 Post
Thanks.
It is an interim solution whilst I test the 4G and consider whether to drop ADSL. Hoping that higher 4G data amounts will be available at some point.
I realise I cannot bond 2 or 3 connections except for peer to peer which I don't really use and wouldn't over a capped connection.
Looks fairly easy to route different computers to different WANs or different services like streaming to different WANs. Or I could switch between the two 4G modems when one SIM has run out.
Sounds a faff, but in the sticks and the phone line is direct to exchange with no cabinet.
The 4G router will have to be the router for the whole network so I think it is looking like running a second cable to the Home Hub.
It is an interim solution whilst I test the 4G and consider whether to drop ADSL. Hoping that higher 4G data amounts will be available at some point.
I realise I cannot bond 2 or 3 connections except for peer to peer which I don't really use and wouldn't over a capped connection.
Looks fairly easy to route different computers to different WANs or different services like streaming to different WANs. Or I could switch between the two 4G modems when one SIM has run out.
Sounds a faff, but in the sticks and the phone line is direct to exchange with no cabinet.
The 4G router will have to be the router for the whole network so I think it is looking like running a second cable to the Home Hub.
Last edited by john banks; 24 November 2016 at 08:35 AM.
24 November 2016, 09:46 AM
#6
Thanks.
It is an interim solution whilst I test the 4G and consider whether to drop ADSL. Hoping that higher 4G data amounts will be available at some point.
I realise I cannot bond 2 or 3 connections except for peer to peer which I don't really use and wouldn't over a capped connection.
Looks fairly easy to route different computers to different WANs or different services like streaming to different WANs. Or I could switch between the two 4G modems when one SIM has run out.
Sounds a faff, but in the sticks and the phone line is direct to exchange with no cabinet.
The 4G router will have to be the router for the whole network so I think it is looking like running a second cable to the Home Hub.
It is an interim solution whilst I test the 4G and consider whether to drop ADSL. Hoping that higher 4G data amounts will be available at some point.
I realise I cannot bond 2 or 3 connections except for peer to peer which I don't really use and wouldn't over a capped connection.
Looks fairly easy to route different computers to different WANs or different services like streaming to different WANs. Or I could switch between the two 4G modems when one SIM has run out.
Sounds a faff, but in the sticks and the phone line is direct to exchange with no cabinet.
The 4G router will have to be the router for the whole network so I think it is looking like running a second cable to the Home Hub.
24 November 2016, 04:09 PM
#7
Scooby Regular
Trending Topics
22 December 2016, 08:48 PM
#8
Scooby Regular
Thread Starter
Join Date: Nov 2000
Location: 32 cylinders and many cats
Posts: 18,658
Likes: 0
Received 1 Like
on
1 Post
Update:
Home Hub 3 with DHCP off and wireless disabled and on its own subnet (192.168.0.254, rest of the network is 192.168.1.x) takes the BT ADSL and sends it out its gigabit port, so effectively working as a modem.
This goes to another room and goes into a port on a reflashed router. A VLAN setup configures this port to be separate to the other LAN ports. A WAN configuration is fed from this VLAN and takes a static IP address (192.168.0.253) and gateway (192.168.0.254). The router also has two USB 4G sticks attached which just need APN info added and some config options set. This router handles the three WANs and DHCP for the entire network. It also has dual band wireless for that area. Another network cable goes back to where the Home Hub 3 is but instead connects to a switch. This connects in 3 other directions to 4 further routers which have DHCP disabled to work as wired and wireless access points.
The load balancing software in the reflashed router pings the WANs and has failover options and policies that I now need to configure.
Sounds complex for a home network, but makes sense using lots of cheap gear and runs well so far and I have learned a bit about networking
Home Hub 3 with DHCP off and wireless disabled and on its own subnet (192.168.0.254, rest of the network is 192.168.1.x) takes the BT ADSL and sends it out its gigabit port, so effectively working as a modem.
This goes to another room and goes into a port on a reflashed router. A VLAN setup configures this port to be separate to the other LAN ports. A WAN configuration is fed from this VLAN and takes a static IP address (192.168.0.253) and gateway (192.168.0.254). The router also has two USB 4G sticks attached which just need APN info added and some config options set. This router handles the three WANs and DHCP for the entire network. It also has dual band wireless for that area. Another network cable goes back to where the Home Hub 3 is but instead connects to a switch. This connects in 3 other directions to 4 further routers which have DHCP disabled to work as wired and wireless access points.
The load balancing software in the reflashed router pings the WANs and has failover options and policies that I now need to configure.
Sounds complex for a home network, but makes sense using lots of cheap gear and runs well so far and I have learned a bit about networking
23 December 2016, 02:22 PM
#9
Scooby Regular
Thread Starter
Join Date: Nov 2000
Location: 32 cylinders and many cats
Posts: 18,658
Likes: 0
Received 1 Like
on
1 Post
http://www.speedtest.net/my-result/5905391731
Think speedtest sends out multiple streams so it is sort of channel bonding. Theoretical fastest from the gear I have is 100Mbps and it sometimes hits 97.
Very pleased.
Think speedtest sends out multiple streams so it is sort of channel bonding. Theoretical fastest from the gear I have is 100Mbps and it sometimes hits 97.
Very pleased.
23 December 2016, 03:44 PM
#11
I'd document that in some detail now while it is clear in your head, if something stops working in a few months, it will be easier dealt with if you have a schematic on hand, unless your memory and powers of recall are much better than mine.
Learned a bit about networking - you're not kidding... I'd look at standing up a firewall and moving your DHCP server to behind the firewall - take a look at pfsense, highly recommend it, will also run on elderly hardware.
Learned a bit about networking - you're not kidding... I'd look at standing up a firewall and moving your DHCP server to behind the firewall - take a look at pfsense, highly recommend it, will also run on elderly hardware.
23 December 2016, 04:58 PM
#12
Scooby Regular
Thread Starter
Join Date: Nov 2000
Location: 32 cylinders and many cats
Posts: 18,658
Likes: 0
Received 1 Like
on
1 Post
OpenWRT's firewall is giving me far more information and options than anything I've had before. Are you seeing heightened risk from something I've said in particular?
I've done some port scans, and when linked to the internet through 4G port 113 shows as closed rather than stealth. I've tried opening port 113 and forwarding it to a non existent IP address but it still shows closed. Seems a common issue and one with pfsense too from reading.
I've done some port scans, and when linked to the internet through 4G port 113 shows as closed rather than stealth. I've tried opening port 113 and forwarding it to a non existent IP address but it still shows closed. Seems a common issue and one with pfsense too from reading.
Last edited by john banks; 23 December 2016 at 05:48 PM.
23 December 2016, 09:41 PM
#13
Just read up on OpenWRT, that has made significant progress since I last played with it, I might find out my old linksys router for some re-evaluation over the Christmas break.
I dont advise using one device for multiple purposes, if your router is also running your DHCP server for example, once your router is compromised, so effectively is your DHCP server. Follow the principle of one device for one purpose, dont share credentials between them, layer up security (defence in depth) means any attacker needs to overcome more barriers to effect the same outcome, or more controls need to fail in an open state to allow the attack to proceed. In a home set up I get that costs can be a constraint, and security is balanced against that point.
If you want, and trust me to do it, I can run an external vulnerabilty scan and small set of pen tests against your network, and let you have the findings. It will give an indication of how well your security will stand up against an external threat actor. Its your shout, and I wont be offended if you knock back the offer.
I dont advise using one device for multiple purposes, if your router is also running your DHCP server for example, once your router is compromised, so effectively is your DHCP server. Follow the principle of one device for one purpose, dont share credentials between them, layer up security (defence in depth) means any attacker needs to overcome more barriers to effect the same outcome, or more controls need to fail in an open state to allow the attack to proceed. In a home set up I get that costs can be a constraint, and security is balanced against that point.
If you want, and trust me to do it, I can run an external vulnerabilty scan and small set of pen tests against your network, and let you have the findings. It will give an indication of how well your security will stand up against an external threat actor. Its your shout, and I wont be offended if you knock back the offer.
23 December 2016, 10:54 PM
#14
Scooby Regular
Thread Starter
Join Date: Nov 2000
Location: 32 cylinders and many cats
Posts: 18,658
Likes: 0
Received 1 Like
on
1 Post
Thanks, makes sense. That would be interesting and would like to take you up on that. Let me know when you have chance to do it. Presumably you just need the present IP address of a computer on the network as that is the way I've done the port scans already, both when attached to the 4G network or to ADSL.