Multi Wan Bonding (250$)

Marv21

Hello,
the idea is to have a packages that creates a new interface which can be used as a normal Gateway.
The interface should be an Aggreated Link to an VPS.
The package should have a graphical user interface (in the Pfsense webinterface), where people can setup their VPS IP Adress and so on.

Openmptcprouter would be a good start to look at. But i would love to see it integrated in Pfsense.

I will start with a quit low 100$ and hope that many will jump in.

https://www.openmptcprouter.com/
https://zehome.github.io/MLVPN/

JeGr

What about simply using OVPN Links with FRR/OSPF Routing?

netblues

Not the same think.
An ospf load balanced link will do that for many different connections, but a single connection will only consume one member of the bundle

Marv21

right,
btw this is the redmine :
https://redmine.pfsense.org/issues/6022

Derelict

The MLVPN project looks like it has stagnated for years.

Marv21

Maybe it just work as expected? No improvements needed`.
openmptcprouter is just working, sure there a flaws, but they are minor and from the Overlay itself.
And i think it would be easy to implement in Pfsense. It creates a Interface which can easily add into the GUI via the Interface GUI. I tried it by myself but got stuck, because many Repos are missing (due to security reasons) and iam a absolute Linux (exspecially FreeBSD) noob.

JeGr

@Marv21 said in Multi Wan Bonding ( 100$):

Maybe it just work as expected? No improvements needed`.

His Github shows activity days ago, so no, there ist current work, but no one seems to have taken over the port for FreeBSD, so no maintaining or current code base.

sotirone

I can contribute $50 for now

tandyuk

I'll also contribute $100 to this.

I've preiously tried to set this up in a number of ways.
Closest to sucess was a pair of centos VMs, one at home, one in my DC, using MLVPN.
Home end I gave the vm nics on 3 different LANs, each of which was force to route out over a specific one of my broadband lines.
Using 2 or 3 providers, I could get the tunnel to come up and could consistently ping each end, which remained stable when randomly disconnecting one or 2 of the wans at a time, so the 'bonding' was clearly working.
It fell over however as I counldnt figure out at all how to actually get data routing over it.

My ideals for this kind of setup:

Datacenter / vps end:
Running pfsense.
In my case I have a pair of virtual pfsenses, with multiple vlans replicating exactly how you'd setup a pair of eg XG-7100's in HA.
The ability to leverage HA (ie bind to CARP ips), and failover betwwen nodes would be essential.
In addition I have a large(ish) ip subnet, and would want to be able to route a public IP/range over the tunnel. (either single ipv4 or a range, and/or ipv6 range)

Home end:
Single pfsense, multiple nics, each connected to a VDSL modem, and I then have 3 pppoe connections in pfsense.

Tunnels:
Assume each wan link is 'unsafe', and therefore would want traffic encrypted over the raw link.

Also I know this must be possible somehow, as a pair of Draytek 2860's (also BSD based) will let you create 2 seperate vpn tunnels, each bound to a single WAN only, and subsequently add both these tunnels in "VPN TRUNK Management" to either a backup or load balance group. Additionally for load-balance mode, you can set a weight, such as 80/20 to send more traffic down a particular link.
In one clients case, we have this working between 2 sites with 2860's, one with a single 100/100mb leased line, and 1 ip, and the other with one 24/2mb adsl line, and one 80/20mb vdsl line. Resulting file transfers (with load balance weight set to 9-91) allow us to download at ~95mbps, and upload at ~21.5mbps.

hoffman4

Broadband Bonding is essentially melding the two routers/firewall you had, into a single device that does all the messy, yet mandatory functions of combining the two WAN resources together automatically. You simply plug in your WAN connections into the multi-WAN router and then plug the router into your LAN network.

tandyuk

@hoffman4
There need to be 2 compnenets - one local, and something remote with sufficient bandwidth to handle all the resulting traffic.

Services like Sharedband for example.

This request is about adding both of those features to pfsense, so it can be the multi-wan router on your lan, and give it the capability to be the device in a datacentre which aggregates.

Marv21

@tandyuk

There are some Solutions to this with a VPS in an Datacenter and your Pfsense at home.
Like MLVPN or mptunnel/VPN.