Kitz Forum

Broadband Related => Broadband Technology => Topic started by: tickmike on October 20, 2015, 10:19:27 PM

Title: VPN Bonding
Post by: tickmike on October 20, 2015, 10:19:27 PM

I'm going to make a separate post for this subject because I think it will be of interest to others, it was taken out of this post http://forum.kitz.co.uk/index.php/topic,16328.msg302796.html#msg302796


http://simonmott.co.uk/vpn-bonding

I might get around to testing it out sometime  :)

Title: Re: VPN Bonding
Post by: Dray on October 20, 2015, 10:24:45 PM

except I posted it first :)
http://forum.kitz.co.uk/index.php/topic,16246.msg301549.html#msg301549

Title: Re: VPN Bonding
Post by: burakkucat on October 20, 2015, 10:37:59 PM

And I've set it 'Sticky'.

So let's call this team-work!  :)

Title: Re: VPN Bonding
Post by: tickmike on October 20, 2015, 10:42:01 PM

Quote from: Dray on October 20, 2015, 10:24:45 PM

except I posted it first :)
http://forum.kitz.co.uk/index.php/topic,16246.msg301549.html#msg301549

Credit to you  :-[

Title: Re: VPN Bonding
Post by: dragon2611 on April 11, 2016, 10:36:23 AM

Yes it's possible to do, I did it at Layer3 using GRE tunnels and essentially having 2 routes with the same metric pointing at the remote end.

In my case for IPv4 it ended up as a 50/50 split and IPv6 went ECMP so only used one line or the other per destination/port (Due to the lack of a kernel route cache for Ipv4 in EdgeOS 1.8)

I also used BGP in the tunnels for the IPv4 and static routes with BFD for IPv6 (EdgeOS's BGP doesn't seem to do multi-path on IPv6). It meant if a line went down the routes would be removed and traffic would failover to the 2nd line.

Used a 70/20 Pulse8 + 70/20 Plusnet line, both with static IP's which made it easier (Since GRE uses the IP's as the endpoints), got 115 - 125Mbit/s down on speedtest and about 30-35 Up.

I recently stopped "Bonding" and downgraded one of the lines to a 40/10 service (Sky had an offer on that made it worth moving it to them).

Essentially the basic idea is to tunnel your traffic to somewhere with enough bandwidth to handle it all and then use some method to split the traffic between the tunnels the exact logic for doing that usually depends on the platform you are using and it's capabilities.

I do have to say I was pretty impressed that the UBNT ER-X's managed to do 120Mbit/s + of GRE across multiple interfaces whilst also doing firewall and NAT and PPPoE (Well the one at this end was, the other end was just doing routing + GRE as it has a 2nd one in front of it for the Firewall/NAT stuff)