I'm re-doing the loadbalancing/Multi-WAN/failover thread and updating
it to more current developments. This is due to many emails requesting
me to "Put it back! Put it back! Put it back!":)

The following is a new section I plan to add.



Many of these pre-built packages are well known open-source solutions...
Such as SmoothWall, M0n0Wall, IPCop, etc.

But we are beginning to see signs of these packages supporting multiple
WAN connections. As in, you can connect to multi-ISPs with one router.

Bare in mind, there's three main schemes used.


(1) Loadbalancing

Technically, this isn't true loadbalancing, but it does the job.
A true solution requires the cooperation of your ISP, while this low cost
implementation allows multiple ISPs from different technologies. (as in
one can be ADSL, another Cable, and so on). It doesn't need your ISPs
to get involved.

Note that this doesn't necessarily improve your speed, it does however
increase your bandwidth. As in you can put more people on and share
multiple lines you have.

An analogy would be, you have added more water pipes rather than make
the water flow faster.

Some commercial routers like from SnapGear (CyberGuard), Linksys,
Netcomm and Xincom offer this feature.

Both Linux and FreeBSD/OpenBSD support this, although their
implementations are a bit primitive and lack the pretty GUIs as
commercial routers do, but it does work.

The hard part is implementing the schemes used in this method.

For example, you can have the links to ISPs alternating.
ISP1, ISP2, ISP1, ISP2...This is called round-robin
(Its "per connection" basis).

Or even based on the amount of bandwidth a user can set.
ISP1 = 40%
ISP2 = 30%
ISP3 = 10%

There are other variations...


(2) Failover

This is where one link fails, and another will automatically take over.

The above mentioned commercial routers also support this.
And you can (with some work), do this yourself with open-source
solutions.


(3) Static routing (via Policies) OR Multi-WAN

This is where you just manually assign which PC on the LAN side goes
to which WAN/ISP. If it fails, you have to manually adjust this to the other
ISP.

This is the least complicated of the Multi-WAN schemes to implement, but
requires a bit of work from the user, as they need to grasp the concepts
for setting up routing policies.

The good thing about this is, its not as problematic when you use things
like VPN or SSL etc.



So, what's the point of this post?

Well, looking around in the open-source area, I find two projects that
have started working (in some cases, have got working) "multi-ISP"
support.


(1) ClarkConnect

Technically, this is a multi-purpose server with firewall capabilities.
(Security specialists will tell you it is unwise to have unnecssary services
running on your firewall as it introduces unnecessary points of
vulnerability...Which makes sense...But I have yet to hear a
ClarkConnect box get compromised this way).

Its most recent Snapshot Release now incorporates Multi-WAN with
failover capability.

Notes of it can be found here.
=> http://www.clarkconnect.org/projects/sn ... 051013.php

Some more notes here.
=> http://www.clarkconnect.com/wiki/index. ... _Multi-WAN

Its obviously NOT ready, as its beta, but the feature is being introduced.
So we hope the free one gets this feature in the future.


(2) pfSense

This is a derivative of M0n0Wall, but uses a more recent version of
FreeBSD and incorporates features of OpenBSD. It also allows you to
add more features like Squid Transparent Proxy, Anti-Spam-Proxy, Radius
server, etc.

pfSense does incorporate Loadbalancing (incoming and outgoing), as
well as Multi-WAN support. It does not yet support failover...
(2 out of 3 ain't bad ;))

I've tested this with Optus and Telstra Cable...It is a bit fiddly, but you
gotta set it up like this if you have Telstra Cable on one of the WANs.

LAN = To a switch/hub for your client PCs
WAN 1 = Telstra Cable
OPT/WAN 2 = Optus Cable

Reason is because WAN 1 is only allowed to use the Telstra/BPA
Login feature.

Either way, it is currently the only open-source solution that shows most
promise if you happen to be connected to multiple ISPs.

There's some useful bits on their site...

What about using multiple WAN connections?
http://faq.pfsense.org/index.php?action ... artlang=en

There's a mini-HOWTO on the loadbalancing...

Incoming Load Balancing mini-howto
http://wiki.pfsense.com/wikka.php?wakka ... dBalancing

Outgoing Load Balancing mini-howto
http://wiki.pfsense.com/wikka.php?wakka ... dBalancing

Don't forget to search their mailinglist archive as they will have
someone asking help about these features...It may apply to you if you
try this capability.

Take special note, pfSense isn't quite there yet. It requires a bit of
knowledge, so I suggest doing some research and reading before
playing with it. Before sure to check the hardware compatibility list!
Remember, it hasn't reached Ver 1.0 yet! But it shows a lot of potential!

Development of this project is taken at a pretty fast pace. (compared
to other solutions including M0n0Wall)...So hopefully, it wouldn't be too
long before it is ready as "production quality" or "Stable".