[kwlug-disc] Bandwidth aggregation

unsolicited unsolicited at swiz.ca
Tue Feb 10 17:14:26 EST 2009


L.D. Paniak wrote, On 02/10/2009 4:51 PM:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> 
> unsolicited wrote:
> 
>> Esoteric, yes, in that you essentially have two choices:
>> (1) A single device must take in both 'providers', or each headend
>> device must run a gateway protocol. The devices have to negotiate
>> between themselves who's going to handle what. See (2). Ultimately, only
>> one device can have an IP. (DNS returns a single IP, essentially.
>> Fallbacks not included here.) Which device is going to claim the IP?
>> There is no guarantee as to the pathway of incoming packets - if one
>> device sends a packet out, expecting a reply, and it returns on the
>> other device, the other device goes "Why are you sending me this, I
>> didn't ask for it? Toss.) Such 'knowledgeable' devices are not overly
>> common at the consumer level.
>> (2) You have to maintain your own routing table. e.g. Your DNS IP comes
>> in and goes out one device. Your internal internet requests go out the
>> other. The advantages of, we'll call it 'load levelling' are
>> substantially lost. Good luck guessing which routes should go where.
>> Things get more complicated when services use reverse dns (smtp) to
>> verify the incoming packet is coming from the publicized source. And the
>> request went out the other.
>>
>> That's what I can think of off the top of my head, but it gets stranger
>> and more irritating. e.g. Providers don't like them - it is now up to
>> you to make sure that their network can't be attacked via your gateway
>> from another provider. And they don't trust you. Let alone, if the route
>> gets into the routing table, they now have multiple paths between
>> providers. It gets stranger and stranger.
>>
>> Thus the creation of gateway (edge) protocols to handle this nonsense,
>> and not many devices have that. Nonsense as it aggravation and fiddly bits.
>>
> 
> 
> I don't think one has to re-invent the wheel with these kinds of
> connections.  From a hardware point-of-view, I can easily imagine an
> OpenWRT-based router with two WAN ports. In fact, I have one running
> downstairs.  After that it boils down to some iptables gymnastics.  I
> find Shorewall to be the most user-friendly way to participate in that
> sport.  For multiple ISPs, take a look at:
> 

You are confusing two things:
(1) Theory, i.e., why it's esoteric.
(2) Common practice - consumer level, black box, and / or ISP provided.

That's what I was addressing, the why of the complexity, and why it's 
not more prevalent. Not the roll your own Linux boxes, or things like 
OpenWRT. Particularly, where a bunch of interested people get together 
to accomplish certain functionality. Not typical of the masses - 
either of them.

The 'OpenWRT' boxes are somewhat unusual in their ability to configure 
each port of the switch independently, which allows what you suggest.

>
.
.
.
> 
> Anyway, I'd certainly like to hear how this works from someone who knows
> what they are talking about.

That would be me, up to a certain point. Sorry you don't appreciate that.

> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> 
> iD8DBQFJkfbR8h2PnOHbiQcRAg13AJsFOVEg4m94XUCZQPTxsJZ2KtP4KgCfe4dF
> mVnAtp3mT/eGoJ3dureKkmc=
> =hh6v
> -----END PGP SIGNATURE-----
> 
> _______________________________________________
> kwlug-disc_kwlug.org mailing list
> kwlug-disc_kwlug.org at kwlug.org
> http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org
> 



More information about the kwlug-disc_kwlug.org mailing list