I am adding two 4G connections (each 100Mbps down 40Mbps up as clear line of site to tower 200m away but limited to 32GB each per month) to my home network by using OpenWRT/Rooter firmware on a WD MyNet 750 which allows me to connect and manage two 4G USB modems as well as another WAN which I would like to be from my ADSL connection (10Mbps down 1Mbps up unlimited from a BT Home Hub 5).

The problem is that the ADSL line and the 4G antenna position are not near each other but there is a single Cat 6 1Gbps cable between the locations and everywhere else so that the whole site has great wired and wireless (5 wired APs). The shape of the building is an odd C shape with lots of 600mm thick whinstone that laughs at radio signals.

Do I need a second cable between the Home Hub 5 and the 4G router? Don't want to drop the speed between to 2x 100Mbps by splitting the 8 core to 2 x 4 core as this will slow down link between home and business computers that share drives.

Can WANs be linked to a LAN at two different points as long as one router does DHCP?

 

From what you have described I would say only a single cable from adsl to 4g router this should plug into the wan0 or wan1 port on 4g router . .any other devices plugged into the adsl router or on adsl wifi will be the wrong side of the 4g router to take advantage of the 4g connections or see any devices on the 4g lan. . .they will have to use the lan port or wifi from the 4g router.

Hope that helps :/

 

If I understand this correctly John, I dont think a second cable will be needed.

You are getting 100mbps on each of the 4G connections, and providing GbE connectivity between the 4G router and your Home Hub.

What are you aiming to do with those three connections - I am not an expert in networking, but I dont think you are going to get aggregated badwidth from using all 3. You could load balance between all 3 but that is only of value if you have a lot of users on your network, but one user will only get the maximum bandwith that a single WAN service (4G or ADSL) is offering, it will also offer a failover capability if one WAN link fails.

 

I've seen and tried many different load balancing 'solutions' they're always a lot of work. Maybe Tooway would be less trouble? Or commit to 4G.

 

Thanks.

It is an interim solution whilst I test the 4G and consider whether to drop ADSL. Hoping that higher 4G data amounts will be available at some point.

I realise I cannot bond 2 or 3 connections except for peer to peer which I don't really use and wouldn't over a capped connection.

Looks fairly easy to route different computers to different WANs or different services like streaming to different WANs. Or I could switch between the two 4G modems when one SIM has run out.

Sounds a faff, but in the sticks and the phone line is direct to exchange with no cabinet.

The 4G router will have to be the router for the whole network so I think it is looking like running a second cable to the Home Hub.

 

2nd cable will cause a bridge between your 4g router lan and the wan port, BT hub does not support VLANs so think you will get an issue.

 

You can actually, although you have to use a third party and the costs are quite steep.

 

Update:

Home Hub 3 with DHCP off and wireless disabled and on its own subnet (192.168.0.254, rest of the network is 192.168.1.x) takes the BT ADSL and sends it out its gigabit port, so effectively working as a modem.

This goes to another room and goes into a port on a reflashed router. A VLAN setup configures this port to be separate to the other LAN ports. A WAN configuration is fed from this VLAN and takes a static IP address (192.168.0.253) and gateway (192.168.0.254). The router also has two USB 4G sticks attached which just need APN info added and some config options set. This router handles the three WANs and DHCP for the entire network. It also has dual band wireless for that area. Another network cable goes back to where the Home Hub 3 is but instead connects to a switch. This connects in 3 other directions to 4 further routers which have DHCP disabled to work as wired and wireless access points.

The load balancing software in the reflashed router pings the WANs and has failover options and policies that I now need to configure.

Sounds complex for a home network, but makes sense using lots of cheap gear and runs well so far and I have learned a bit about networking

 

http://www.speedtest.net/my-result/5905391731

Think speedtest sends out multiple streams so it is sort of channel bonding. Theoretical fastest from the gear I have is 100Mbps and it sometimes hits 97.

Very pleased.

 

Nice one John, it's not easy and as I think you're finding can become a hobby.

 

I'd document that in some detail now while it is clear in your head, if something stops working in a few months, it will be easier dealt with if you have a schematic on hand, unless your memory and powers of recall are much better than mine.

Learned a bit about networking - you're not kidding... I'd look at standing up a firewall and moving your DHCP server to behind the firewall - take a look at pfsense, highly recommend it, will also run on elderly hardware.

 

OpenWRT's firewall is giving me far more information and options than anything I've had before. Are you seeing heightened risk from something I've said in particular?

I've done some port scans, and when linked to the internet through 4G port 113 shows as closed rather than stealth. I've tried opening port 113 and forwarding it to a non existent IP address but it still shows closed. Seems a common issue and one with pfsense too from reading.

 

Just read up on OpenWRT, that has made significant progress since I last played with it, I might find out my old linksys router for some re-evaluation over the Christmas break.

I dont advise using one device for multiple purposes, if your router is also running your DHCP server for example, once your router is compromised, so effectively is your DHCP server. Follow the principle of one device for one purpose, dont share credentials between them, layer up security (defence in depth) means any attacker needs to overcome more barriers to effect the same outcome, or more controls need to fail in an open state to allow the attack to proceed. In a home set up I get that costs can be a constraint, and security is balanced against that point.

If you want, and trust me to do it, I can run an external vulnerabilty scan and small set of pen tests against your network, and let you have the findings. It will give an indication of how well your security will stand up against an external threat actor. Its your shout, and I wont be offended if you knock back the offer.

 

Thanks, makes sense. That would be interesting and would like to take you up on that. Let me know when you have chance to do it. Presumably you just need the present IP address of a computer on the network as that is the way I've done the port scans already, both when attached to the 4G network or to ADSL.