06-14-2016 03:23 PM
It pains me to
say write this out loud, but I have a special project going on next week where I would need to load-balance between twelve PPPoE uplinks on an EdgeRouter Pro.
The release notes state, that since 1.8.0 I should be able to configure eight of them already and that the limit is arbitrary and could be raised, if needed.
Well ... it's needed. But as all the LB magic is conducted by a UBNT proprietary binary, namely
/usr/sbin/ubnt-wlb I'd have to beg for some support from UBNT here?!
Thanks - Clemens
06-14-2016 03:30 PM
I reason I picked 8 is that we currently don't even make a router with more than 8 routable interfaces (and typically you use 1 for LAN). How are you getting 12 interfaces? Are the pppoe's on vlans? Is it all from the same ISP? Will they have different subnets and gateways?
06-14-2016 03:44 PM
Also note that the limit is per group, so in theory you could have groupA and groupB and then in the modify rule use to statistics match for 50% of the traffic to lb-group groupA.
set firewall modify BALANCE rule 10 statistic probability 50% set firewall modify BALANCE rule 10 modify lb-group groupA set firewall modify BALANCE rule 20 modify lb-group groupB
Also I only set aside 10 system tables for load-balance, so you'd probably have to define your own tables:
set protocols static table 1 interface-route 0.0.0.0/0 next-hop-interface pppoe1 set protocols static table 2 interface-route 0.0.0.0/0 next-hop-interface pppoe2 . . . set load-balance group groupA interface pppoe1 route table 1 set load-balance group groupA interface pppoe2 route table 2
06-14-2016 03:46 PM
These are 12 VDSL-25 links to get an aggregate of 300mbits into an event location. So, yes, as stupid as this sounds, we'll line up 12 VDSL modems, which we aggregate on two switches so we'll have two ports on the ERPro in use with six VANs each.
They all come from the same ISP (Deutsche Telekom) and will have PPPoE running on them with dynamic addresses (IPv6 and IPv4). Being "dynamic" also means the the BRAS could be the same for some of the connections but doesn't have to be. In the non-LB world I'd just make interface-routes and don't bother what the other end's IP-addresses are.
06-14-2016 03:51 PM
The "two times six" approach with a 50% probability is a neat trick. Wouldn't work with any "stickiness", though if I were to try it, right?
PS: Any chance I could use LB (sometime) for IPv6 too? Yes, this would involve NAT66, but since it does indeed work already (though not exposed through CLI/GUI) I would probably jump through these burning rings, risking to get crucified by my friends in the IETF :-)
06-14-2016 04:56 PM
Yeah, sticky would be an issue since it at the group level. Is seems https has the most issue with non-sticky, so instead of using statistic 50% maybe you could send all destination port 443 to groupA. Or if you had 2 LANs you could create 2 modifiy rules (one that uses groupA and one for groupB). Then apply the different modifiy rules to the different LANs.
Since it from the same ISP, is multilink an option they support? I don't really have a way to test multi-link so I don't know if it would work with offload (kinda doubt it), but I'd imagine a ER-Pro should handle 300Mb even without offload.
IPv6, hmm I think that would take a fair bit of hacking (try doing "sudo iptables -vnL -t mangle" to see wants involved in load-balance and would need to be replicated with ip6tables (iptables-save & ip6restore might work). The ping target does allow for an IPv6 address though.
ubnt@R1# set load-balance group G interface eth0 route-test type ping target ? Possible completions: <x.x.x.x> IPv4 address to ping <h:h:h:h:h:h:h:h> Ipv6 address to ping
06-14-2016 11:49 PM
No, with Deutsche Telekom's xDSL service there is no option for MPPP. But I can test it with a different provider, if nobody else had done this before.
re: IPv6 - I already saw the option for the IPv6 route-test target - hence my asking. You're already "getting closer", so why not go all the way? I volunteer to test it and report & provide a sample config ... ;-)
But still: Can I still ask for a ubnt-wlb binary supporting 12 (or why not make it 16 while we're at it?) WAN connections? *beg*
2 weeks ago
Same begging here! Any plan to increase 8 to 100? Cause the limitation is not the hardware - we can even use VLANs to increase ports by using switches? I need to manage 100 of them and will buy EdgeRouter Infinity for it. Do you sitll think it is possible to do it?
2 weeks ago
Here is a great solution that implemented by @UBNT-afomins that will probably fix your problem:
It is a bit late for your case probably but I think that might help for other Google Searchers