FreeBSD router two DSL connections

[Danial Thom]

--- Danial Thom <danial_thom at yahoo.com> wrote:

> 
> 
> --- Ted Mittelstaedt <tedm at toybox.placo.com>
> wrote:
> 
> > 
> > Does it meet the test I already outlined?
> > 
> > Download the FreeBSD iso then upload it to a
> > remote server,
> > with both lines connected.  Time it.
> > 
> > Disconnect 1 line, then repeat the test.  If
> > the time to
> > download and upload when both DSL lines are
> > connected is
> > half the time it takes when 1 DSL line is
> > connected, then
> > your load-balancing.
> > 
> > If not, then you are not - although if it
> makes
> > you feel
> > like you haven't wasted your money claim your
> > "per session load balancing" then I suppose
> it
> > would be
> > uncharitable to make you feel bad by pointing
> > out that
> > this is purely a marketing term with no
> > networking
> > significance.
> > 
> > Oops.
> > 
> > Ted
> 
> 
> Ted seems incapable of grasping how things
> work,
> so I don't recommend wasting your time on
> anything he says.
> 
> As I stated, you cannot control how traffic
> comes
> into your network, so Ted's little download
> test
> is sure not to work. Traffic is routed to
> whichever ISP has the best route. You can only
> control how traffic goes OUT of your network.
> So
> load-balancing can only increase your upload
> speeds, not your download speeds. If you are
> hosting this is useful. If you have mostly
> download traffic, then its probably not worth
> is.
> 
> I don't know if Ted is trying to boondoggle you
> into thinking his view is correct, or he just
> doesn't understand it. I suspect its a bit of
> both.
> 
> You should really try the freebsd-isp list, as
> there are at least some people on there that
> have
> a clue. Although even Ted's resume looks good
> on
> paper, so you really can't tell. Incompetence
> is
> widespread.
> 
> DT

To sooth the nerves of the OP, the truth about
this is that it might work and it might not.
Ted's assertion that all ISPs do ingress address
filtering is simply wrong. Not even close. My
assumption that none do isn't right either. IF
when one of your lines goes down you are still
online then you can load-balance outbound. IF you
are multi-homed or have a working backup
scenario, then you can load balance outbound.

There is much discussion on the trade-offs of
ingress address filtering, and many believe its
the old "cut off your nose to spite your face".
It reduces the cpu power of your router by
causing it to test every packet coming in, it
makes multi-homing not work, and it makes
changing addresses on a large network extremely
more difficult, in order to thwart an unlikely
event. I recommend that my customers isolate
co-location customers so when worms hit they can
find the problem easier. Few do because its
easier to have everyone on the same wire. My
cable company, for example, changes their
networking scheme every few months, and if they
had to change ingress filters on 100s of routers
manually it would be ridiculously difficult to
do. So they don't address filter.

Ted is somehow in denial that 100s of people load
balance to different destinations. Since he
doesn't know the terms (such as round-robin, etc)
you can be sure he's never done any of it. The
simple truth is that you have to try things. You
never know what your upstream is doing. DSL is a
strange animal that requires muxes in often very
complicated meshes. If you can move your default
router to your "other" router then you are likely
not filtered.

There are many issues more important than
address-spoofing, such as stability and
performance. I have customers that are so
disorganized that they can't isolate any known
address group to any specific router, and others
that require that you register your MAC address
with them or nothing will work at all. You can't
postulate what your situation is. You have to do
testing and figure out what you can and can't do.
The more you know about how things REALLY work,
the more innovative you can be in your
implementation.

DT


		
__________________________________________ 
Yahoo! DSL – Something to write home about. 
Just $16.99/mo. or less. 
dsl.yahoo.com