Im going to be telecomuting soon but part of the deal is that I need to be online all the time (as much as possible).

I already have NTL installed and I will be signing up to some ADSL service or other.

What I require is a device (router or PC) that will provide me with:

Automatic rollover if one of the connections dies.

Load balancing across the 2 connections, both in and out bound: Ideally with the ability for me to configure which services use which connection. i.e. NTL POP3 mail on the NTL connection but ADSL POP3 on the ADSL connection.

Port Fowarding, NAT, VPN Pass through etc etc.


Tongy has already suggested a Cisco 2600 Router with Ethernet and DSL WICs. I will consider it as the most expensive solution as even second hand it will cost in the region of Ã,£200.


Does anyone have any experience of this kind of thing ?
What kit would you suggest ?
Is there a simple Linux alternative ?

I do already have ample kit for building a PC dedicated to this task...

Theres a router/firewall version of linux called smoothwall thats easy to set up. It can be modded to do 2 wan connections, but I have no idea how easy/good it is. You can take a look at the site :http://www.smoothwall.org, you can also get to the forums from there where you can search for something like "dual red interface".

Whats at the remote end? Is it going to be a VPN between you and work? What sort of load balancing do they carry?  

The way I have load balancing across the leased lines set up between satellite offices and our main site is by using GLBP on 3845s (two gateways) at each end each part of the same GLBP group and their virtual gateway address is the default gateway for the devices in that office to and from that VLAN to the other office.

I have it running in round robin mode and supported with EIGRP. This gives me maximum resilience on what I have and it cuts over within 7 seconds if one of the leased lines drop.

If you are going to be doing proper load balancing then it would be best to go for something like a second hand 2611XM with crypto (For VPN possibilities) and use GLBP in round robin mode.

If youre using client to site VPN and just need to use both the lines then I would still use a router but not necessarily something like a 2611 - you dont need any of its features for that - you could try the software router or something small like an 800 series - youll get one of those for about Ã,£30.

What sort of VPN is it anyway - is it cisco, nortel or a checkpoint/NG of some sort?

You could try this from Linksys.
http://uk.insight.com/apps/productpresentation/index.php?product_id=LNKNA04D4P&nbs_search=K%3Drv042

It does have dual WAN which can be setup for either automatic fail over or load balancing.

Im guessing youll be using a VPN client of some kind to connect to work.

BXGTi16V, that all sounds lovely but I think I missed out some important information...
There are 2 people me our IT department, me and 1 other. We make all the IT decisions but have 0 budget to buy anything with.
The company see IT as an expense and really try to avoid investing in it. As a retail store they could function 9albeit not as well) with just a paper and pen.

This means that there is basically no "remote end" infrastructure in place yet and all that will be there (best case) will be a WinXP Pro or (best case) a Win2k AS running RRAS.

I will be having to personally fork out for any hardware I need to run at home in order to make this a possibility. The alternative is that I get a new job...

I like the look of the device Jugulator has found, I was already looking at the Hotbrick Firewall LB2 but I cannot find a UK supplier
http://www.hotbrick.com/produto.asp?tipo=2&codPro=22


Basically, I dont need a FTSE 100 solution ! I am looking for a cheap but functional SOHO/SME solution that works for me.

Do you really need a load balanced approach? I mean Ive been working on 24/7 support for most of my career and theres never been a time when I couldnt spare the 2 minutes it would take to unplug from on and plug into another router.

Also your loadbalanced approach in all likely hood wont improve your office VPN performance as itll be seen as a single connection and go down one ISP
at a time.

A quick and simpler solution would be 2 WAN routers and wirelss on different channels, just move the wireless preferances up or down depending on which youd rather connect to at any time?

BXGTI : your solution wont work over internet connections as you wouldnt be able to pair the EIGRP over the web to make the load balancing work. Nice solution for leased lines though I prefer to use BGP so I can control the traffic better.

Just so you know I have one of those RV042s at home although not using the load balancing.

I also have its big brother the RV082 at work which has a few extra functions and I have used the load balancing on it.

Works fine except on a few websites like my internet banking which rejects you as it sees you as 2 IP addresss and thinks its a bit dodgy

I solved that by setting up some basic rules.

Ive got to say its not as configurable as a cisco but it also doesnt have the price tag.

One thing the RV082 can do that the RV042 cant, is specify a backup tunnel in the VPN settings.
I only see this being useful if you have a RV082 at each end tho.

Ok, the whole single TCP connection load balancing does not really come into play. I guess I need to explain how my job works out in a bit more detail.

My primary role is as a systems designer, with coding thrown in. The office VPN will be used pretty much for the purposes of interacting with Sourcesafe (a document management system).

The remainder of my job is providing final line support to the 20+ sites that run the software. Each of these is connected to using either PCAnywhere or Remote Desktop. There is no VPN involved, although it wouldnt affect any load balancing as each one would be a new connection and could therefore be balanced.

The main reason for needing the redundancy (and balancing) is that at anyone time I may well be:

1) VPN to Office.
2) Remoted to a site.
3) On Skype / VoIP to the site.
4) Downloading files / database dumps from site(s).
5) Uploading to the sites.

I am going to checkout that RV082, Smoothwall doesnt look like its easy (possible?) to do what I need.

Quote from: Porch MonkeyDo you really need a load balanced approach? I mean Ive been working on 24/7 support for most of my career and theres never been a time when I couldnt spare the 2 minutes it would take to unplug from on and plug into another router.

Also your loadbalanced approach in all likely hood wont improve your office VPN performance as itll be seen as a single connection and go down one ISP
at a time.

A quick and simpler solution would be 2 WAN routers and wirelss on different channels, just move the wireless preferances up or down depending on which youd rather connect to at any time?

BXGTI : your solution wont work over internet connections as you wouldnt be able to pair the EIGRP over the web to make the load balancing work. Nice solution for leased lines though I prefer to use BGP so I can control the traffic better.

GLBP is the load balancing protocol - EIGRP is the nice to have routing protocol in our setup. Obviously it wont work properly over 2 routers as there are two different gateways. Different if both lines terminated on one router.

Quote from: BXGTi16V

Quote from: Porch MonkeyDo you really need a load balanced approach? I mean Ive been working on 24/7 support for most of my career and theres never been a time when I couldnt spare the 2 minutes it would take to unplug from on and plug into another router.

Also your loadbalanced approach in all likely hood wont improve your office VPN performance as itll be seen as a single connection and go down one ISP
at a time.

A quick and simpler solution would be 2 WAN routers and wirelss on different channels, just move the wireless preferances up or down depending on which youd rather connect to at any time?

BXGTI : your solution wont work over internet connections as you wouldnt be able to pair the EIGRP over the web to make the load balancing work. Nice solution for leased lines though I prefer to use BGP so I can control the traffic better.

GLBP is the load balancing protocol - EIGRP is the nice to have routing protocol in our setup. Obviously it wont work properly over 2 routers as there are two different gateways. Different if both lines terminated on one router.

Sorry, mis-read your post, but youd still need 2 routers at his house to provide load balancing as GLBP balances on the gateway address then relies on each router being independantly connected to the destination. Its a solution but an expensive one even buying second hand.

Anyway, Im wandering off topic.

THE RV082 sounds like a good option, recompiling Smoothwall for dual WAN interfaces is a bit of a pig. Let me know how you get on Im interested to see what results you get.

Ive done my standard "kid in sweetshop" routine and bought this:

http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&ih=011&item=320015706206&rd=1&sspagename=STRK%3AMEWN%3AIT&rd=1

My plan is to use a DG834 in Bridge mode as the ADSL interface to one of the WICs.

Ok, 1 thing, the netgear connects to one interface and the NTL to the other? how do you then connect to the 2600?

[edit] took out my own stupidity. [edit]

The 2600 actually has 3 connections: 2 WICs and 1 LAN.

The 2 WICs are used to connect to the Cable Modem and the ADSL Modem. The LAN interface is used to route back onto the LAN.

At least thats how I am hoping itll work, I did somthing similar with a 1700 and bonded DSL lines. But that didnt have to provide NAT, Port Forwarding, VPN or Load Balancing !!

One other thought, the outbound connection will be load balanced by the 2600 if you set-up CEF and dual default gateways but it wont load balance return packets, you may need to switch off the firewall on the DG834 otherwise you could get some odd results.

In the sale it didnt mention any additional WIC interfaces, sure the 2611 has 2 WIC slots but you have to purchase the correct interface card for these to utilise. 2611s have 2 ethernet interfaces by default so youd need an extra ethernet WIC to get your 3 interfaces.

Yeah, I wasnt intending to use the DG834 as anything more than a modem. I wont be hosting many services and I dont /cant/wont have any DNS A records associated with either connection, so load balancing incoming connections will be impossible by all accounts.

Im going to have to triple check the specs now, Im sure I read (twice) that the 2611 has 2 Ethernet WICs and a single Ethernet AUX connection. If Im wrong, I might buy a DSL WIC rather than another Ethernet one (maybe).