FreeBSD router two DSL connections

Ted Mittelstaedt tedm at
Mon Dec 12 08:07:31 PST 2005


From: Yance Kowara
Sent: Sunday, December 11, 2005 11:57 PM

Subject: RE: FreeBSD router two DSL connections
>Thanks for the advice.
>A friend of mine has just acquired an Internet Cafe.
>The previous owner connected the lan to 2 different
>ADSL (two different ISPs) one is a back up he said.
>So, two ADSL routers with half the Lan connected to
>one router and another half to the other router.

Most likely the trick used was to setup 2 independent routers,
one on each DSL line, and set half of the machines to use
one router as their default gateway, and half of the systems
to use the other.  If they really did use separate physical networks
that is a dumb idea, because you now have problems copying
update files and such in between systems in the Cafe.

It is a very crude form of redundancy but this is NOT a
load-sharing scenario.  Keep in mind the real need of an
Internet Cafe is redundancy, not bandwidth, so although
crude, this solution is one of the few solutions that is
available on a shoestring that is really effective.

>I am just thingking of a way to optimise the
>connection and came accross Steven's article. I
>thought I could do something similar with *BSD + pf.
>There is such thing as Dual Wan ADSL router:

And they do NOT work to combine bandwidth.  What these
devices do is they split the NAT translation table and
whichever DSL line is unused gets the next translation
slot allocated.

However the restriction is each translation slot still only
gets the bandwidth available for that DSL line.

Thus if your web-surfing and 1 DSL line is busy, you get shunted to
the next, but you cannot get the bandwidth available from both
lines at the same time, on the same PC.  Now, if you happened
to open 2 separate FTP sessions on your PC, and if the load-sharer
was sophisticated enough, it might be able to put 1 session on
1 DSL line, and the other on the other.  But each session
is still limited to the top speed of the DSL line.  To the
uninitiated, however, that might APPEAR to work as a bandwidth
load balancer.

The challenge I have always posed to the proponents of this
trick was to post results of downloading the latest FreeBSD
iso file that show they got the iso file in half the time.
Never been met, of course.

These devices also have a lot of trouble detecting when one
of the DSL lines is having a problem.  For example you could have
1 DSL line going very, very slow, the router thinks that circuit
is still up because all it can do is decide if a DSL line is up
or not - but traffic going through this is dog-slow.  If for example
one of those Internet Cafe PC's got infected with a mass-mailing
virus, it would cause exactly that scenario.

Would you rather have 1/2 of the PC's in the Internet cafe that
are using the slow DSL line as their default gateway just get dog-slow,
and the other 1/2 continue to work normally, or would you rather
have every single PC in the Cafe become intermittently slow when
one of the DSL lines gets slow?

>However, they are quite pricey compare to setting up a
>*BSD box (using old readily available hardware).

The NAT software in FreeBSD (and indeed, in any UNIX os) does
not have the notion of separate route tables and cannot do this.
In fact, just about all Cisco or other high-end routers cannot
deal with multiple, independent route tables in the same box.

>So, if this load balancing idea does not work, any
>other thing I can do to optimise two DSLs?
>I also came accross this (linux way):
>Is this worth trying?

It is the same issue - would you rather have half the PCs in
the Cafe get slow if there's a problem, or all of them become
intermittently slow?

I know about that Linux howto.  It came about a few years or so ago
when the bozo that wrote it, who had no understanding of networking,
posted exactly the same question you posted on one of the major
networking mailing lists, and when he was told it wasn't possible,
he got so pisssed off he was going to show those upity mucks that
he knew better than they did.

The result is a scheme that appeared to work enough to satisfy
this guy's ego, he never of course has posted any followup as
to how well it works when presented with the kinds
of failure scenarios (fiber-seeking backhoe, etc.) that are
common in real life.

It's easier for the proctor of the Internet Cafe to simply tell the
customer if one PC is acting up to go to another one that isn't.

Also keep in mind that unless both DSL lines are coming in on
completely separate wiring plants, you really don't have true
redundancy.  If your going to do this on the cheap, it would be
more effective to use 1 DSL line for some of the machines, and
a cable modem for the other.

Like the other guy said, if your friend wants more bandidth, buy
a business-class DSL line for more money. :-)


