A client reached out to me and requested a solution that would enable 3 way wireless WAN connection that would bond two SIM cards from different providers + local WiFi to provide internet access for his LAN. He is currently living in a travel trailer. Ideally he would like it to bond or bandwidth aggregate the SIM and WiFi connections to provide better bandwidth and speed to his LAN router but not necessary.
I was thinking of something like this:
But idk if you can reflash it to something like PFSense or if the factory firmware supports bridging WiFi to the local LAN.
The other idea was 2 off the shelf 4gLTE gateways + a raspberry pi in bridge mode connected to something like this:
Any ideas on a solution that is less than $500?
He is operating out of a trailer so it has to be small footprint + low(er) power consumption as he is on batteries every now and then.
I think we are going to move forward on trying this solution:
2x
1x
1x
1x
1x
1x
I will take suggestions on external antennas for the 4G modems if offered otherwise it will just be a reasonable Amazon solution.
Maybe I will get crazy and wire everything into the battery system on his trailer so it is all 12v DC
For the POE Switch:
For the Router:
Netgear Modems are USB-C so that is easy enough.
The Netgear modems will provide LTE connectivity and the TP-Link WiFi-as-LAN (WISP) that will feed the TP-Link Multi-WAN Router. Inter-trailer connectivity will be ethernet from the switch + the AC1750 Access point ceiling mounted.
Does anyone have any experience with TP-Link stuff?
All the antennas and modems will be POE from the switch on a DMZ VLAN that will feed the Multi-WAN router. Internal LAN will have a separate VLAN. All switching will be done through the 10-port switch. I don’t see why I can’t have one physical WAN connection to the router and then just have it carry all of the modem traffic. They are all significantly less than 1Gbps even combined. Just have them on seperate VLANS and then have the Multi-WAN router handle load balancing between vlans. Any suggestions?
I know no other solution for load-balancing traffic on multiple ISPs other than BGP. Doing a quick web search, I found this:
So you only need a linux router and you’re good to go. I have no idea how this works, but I think that traffic goes one way and comes back the same way (there’s no other way), unlike BGP which is dynamic and takes the best route based on different parameters. BGP is for big boy networks, if you just want a redundant and load-balanced SOHO Internet connection, I think this software should do it.
I never used it, so I have no idea how it will perform for your setup. Also, I’ll take my time to read through all the posts later and watch this, this sounds like an interesting topic.
If that could run OK on something like his Synology NAS that would be great. I offered to build him a small linux appliance that would act as his router (mATX pfsense box basically) but he would prefer off the shelf hardware that he can fix or replace quickly as well as the 5 year warranty that TP-link comes with.
Check out the specs on the Multi-WAN router but the big things were that it will load-balance 4 WAN’s and you can remotely manage it. (He will be on the road and I am his managed IT provider so it would be nice to have that capability)
The real golden egg would be link-aggregating all of the WAN connections but that is $$$$$
a RPi should be easily replacable, even on the road. You should also be able to find most (all?) gear in 12v or less. Be careful with PoE voltage/current draw, especially if his setup is 12v - ie you want to not drain his battery in 12 hours
I agree with the RPi solution. I think that he has the mindset of buying “commercial” hardware wherever he can so I couldn’t really sway him to the RPi solution unfortunately
Also, he just texted me today that he is getting a bunch of these for free so I think that power will be less of a concern:
They are 2v 600Amphr batteries so there will be 2 banks of 6 in series then connected in parallel for 12v @ 1200 amp hours
Also, he just purchased Starlink so that will replace the cellular hotspots.
Being able to use Starlink simplifies a lot of the issues of working around cellular modems.
Everything except Starlink will be 12v DC from the trailer batteries so it should be much more power efficient than 12v trailer>110v>Device Voltage. The Synology is just a place holder right now. Not sure if that will be implemented ATM but in the future maybe. They use an external power brick so I should be able to wire it in directly to the trailer batteries as well. The only thing that concerned me about feeding everything from the trailer system is how sensitive some of these things will be to under volt. I might place a current protection circuit between the batteries and the network devices to shut them down if the batteries dip to like 11.5 or something.
Note: starlink is average 100w, and when “snow mode” is invoked 170w, and thats just the dish, POE btw. (ref: Geoff Geerling latest “Starlink after 4 months” review)
So after hemming and hawwing he decided that he does want a cellular backup and is willing to pay for it. This will take care of his router as well as LAN WiFi and will load balance between starlink and cellular in a 12vDC small form factor. Then he will have a small dumb switch for his hardwired devices in his office.
could use a combination of NAT and policy based routing…
i’m multi homed and doing this at work.
BGP is more for path redundancy for inbound traffic not a load balancer.
if you’re wanting to load balance outbound requests by splitting traffic across two gateways you can match an acl and change the next hop on the way out via policy based routing. so long as your gateways both do NAT on the way out your return traffic for each connection will come back to the gateway it was sent out on.
obviously to do this a couple of things need to happen:
you need a central routing device that can do policy based routing
you need two uplinks
e.g., at work I use PBR with a reachability test so (pseudocode ish - I’m using Cisco route map-maps and ip SLA) on my core router this happens:
default route = ISP2
if ISP1 responded to ping (check every 30 sec)
match IP address (of some specific IP ranges)
set IP next hop ISP1 gateway
else, leave packets untouched
my core router in this case is a layer3 switch that routes between all my VLANs and has several WAN routers hanging off it (a couple of MPLS connections - one with internet reachable via MPLS - and another internet link).
both ISP1 and ISP2 routers do 1:many NAT (or also known as PAT) on the way out (like most internet connected routers these days).
if ISP1 goes down, it stops responding to ping and the redirection stops, and falls back to default route.
Instead of matching by IP address, you could match by TCP/IP protocol, IP address, VLAN, time of day or whatever on the internal traffic and redirect it to either one of your gateways as appropriate.
For this to work that way you’d need the ISPs involved to permit source-routed traffic which isn’t really a thing over the internet these days as it is prone to abuse (e.g., I send a bunch of source-routed traffic requests from me or my botnet with YOUR source address = convenient method of denial of service). it used to be a thing for 1 way satellite connections and the like (old school - terrestrial slow uplink and high bandwidth satellite downlink) but it was always pretty crap. I’ve seen that work with dialup for upstream and sat downstream but yeah… not relevant in 2021 any more.
So long as you can NAT traffic on the way out from either one of your gateway’s public IP addresses, it should return to the gateway it left from.
As above, I’m using CISCO, but I’d wager that Linux or BSD can do connection tracking and policy based routing via native OS network firewall management tools as well.
e.g.
edit:
note… “source routing” in the linux routing link above is not the same as source-routing via the TCP packet contents, which is what used to be a thing
openwrt has mwan3 that goes and sets up a routing table per policy and sets up rules to send things out the correct routing table based on firewall marking and firewall does connection tracking (ingress/egress matching) for you. It’ll even set up connectivity checks and enable/disable individual routes in those tables/policies.
You can configure all of this through its web UI super easily and intuitively.(relative to what would be required doing this by hand).
It’s basically what Teltonika and many others have skinned in order to sell the product as an “industrial multi wan router”, except they were lazy and didn’t port the entire mwan3 web ui.
Pi 4 running openwrt is “a known quantity” , lots of people use it, popular, get it anywhere on a days notice and uses very little power, routes and nats PBR up to gigabit between native and USB just fine. People pair it with TP-Link ue300 for a second / third nic because the realtek chip inside is relatively non-buggy and efficient despite being realtek over USB. If you need 4 wan links, get a USB hub and a few more ue300.
You can automate backups on OpenWRT, and it’s cheap enough you can get two and keep one in a drawer.
You can power it using a gigabit poe usb splitter if you have poe e.g. coming from starlink or from a poe switch. Uses about 4W routing gigabit/2W idle, including a typical poe splitter (reading from a dashboard, not real/accurate energy usage).
