Is it better to have satellite internet like starlink as failover to existing fiber internet?
-
Good day. I read in the link below that the second internet provider should be of a different cabling path from the first internet provider:
https://docs.netgate.com/pfsense/en/latest/multiwan/index.html
If WAN2 is fiber internet, should WAN2 be satellite internet like starlink (meaning not fiber internet) so that WAN1 and WAN2 are not both fiber internet, and they do not pass the same route to the compound?
-
@richardsago Yes, indeed and why not.
Especially if you only needed as a backup and not want to use it as multiwan with load balancing, which opens a whole new world of issues and challenges, especially with the erratic performance of satellite links.
-
@richardsago said in Is it better to have satellite internet like starlink as failover to existing fiber internet?:
should WAN2 be satellite internet like starlink
https://docs.netgate.com/pfsense/en/latest/multiwan/index.htm - is, ihmo, common sense, it tells us that the second Internet access/source should use a different path, using a separate physical arrival.
The technology doesn't really matter, so I would go for the best, and that could be another fiber connection, as long as it doesn't go to the same upstream ISP building, uses a different underground path to you, etc. Most often, this isn't the case, so you have to pick another technology like coax, a phone line with a pair of modems, a Wimax connection (neighborhood wifi), ADSL, or, also valid : a satellite uplink.
The latter has a nice advantage : during massive electrical blackout you still have an Internet access as satellite are known not to be powered of the local power grid.
I presume you have your pfSense and local network equipment powered with an UPS, as that is the very first redundancy step you should to take.Also ... it Friday, so I'll add other related aspects.
As soon as you start to pay for extra backup plans, you better make sure it actually works. A weekly or monthly "what happens when the main uplink goes down" scenario test becomes mandatory, as you really don't want to figure out why the connection doesn't work anymore while you were paying all the time for this not to happen.
The thing is : people around you will know that your connection is less prone to go down as elsewhere. So, when it goes down, you as an admin have the double stress : making it work - and deal with the 'attacks' of your network users at the same time.
It's not hard to imagine : at home, take the average 12-15 years old and cut is Internet access for a couple of days, or even just a couple of hours. They will go 'wild' and this is probably an understatement.
Your connection is for a company ? Imagine the reaction of your boss, while paying for a backup and it didn't work when it was needed : you will receive the blame. Admins are fired for way less then that.Consider my plan F : Internet goes down ? Go fishing. Way simpler to implement and less expensive. You'll have peace at home and keep your job
#anchor(title) -
Depending on your FTTH provider, Passive Optical Network (PON) uptime is far higher than another other delivery method. There are no powered amplifiers/splitters between you and the central office, eliminating points of failure and increasing reliability.
I had a cellular backup to Crapcast, because their reliability is so poor. To address this, Crapcast now offers their own cellular backup for an additional monthly recurring extortion fee.
Now that I have ATT FTTH, I don't need a backup WAN. I just put all my IT kit on a UPS (ONT, modem, firewall, switch, APs, etc.). I experience momentary power interruptions in S.Fla all the time and never loose internet access.
-
@elvisimprsntr said in Is it better to have satellite internet like starlink as failover to existing fiber internet?:
Crapcast ... cellular backup .. additional monthly recurring extortion fee
-
Thank you @netblues @Gertjan @elvisimprsntr for the replies. Yes pfsense is connected to a UPS. As background I work for a school that also provides online classes using zoom. WAN1 is fiber internet and WAN2 is starlink. This is how the VLANs are assigned to the WANs:
- WAN1 fiber internet
- Teachers VLAN - will failover to WAN2 if WAN1 is down
- Students VLAN - will not failover to WAN2 if WAN1 is down
- WAN2 starlink
- Online Computers VLAN - will failover to WAN1 if WAN2 is down
Because starlink business plan charges additional fee if we use up the subscribed data allocation for the month, and it's more expensive than fiber internet, it was decided that only the online computer VLAN will normally connect to starlink to minimize data usage and cost. And only when fiber internet is down will the teacher VLAN failover to starlink.
My concern is that because starlink's latency and bandwidth throughput are not as good as fiber internet's, this results in laggy behavior in the online class zoom sessions. We already know during testing about starlink's behavior and we pushed through with it because of the understanding that the second internet provider should be of a different cabling path from the first internet provider. We thought that the fiber cabling of our existing WAN1 will be near the fiber cabling of another provider, passing along the same telephone pole outside the compound for example.
How does the pfsense community handle things like these? Are you using two fiber internet from different providers? And if yes, how did you mitigate the same cabling path risk? Thank you in advance.
-
@richardsago
In some cases there are two different isp's with different networks and different physical paths too.
Not so common, but you have to search locally for that.
That is the best cost sensitive solution.Another solution could also be 5g connectivity. Again you have to search for good signal and pricing options
A modem/gateway with a lan interface is the way to go for pfsense.
But if there is an outage and everybody switches to 5g on their mobiles then it might be an issueWhile at it , check for any fwa (fixed wireless access) offering from the wireless telco. They often utilize slicing, making things more predictable in traffic congestion circumstances. Not available everywhere of course, and the commercial names can be very different too.
If there is xdsl still available in the area, if you can get something with at least 20Mbit upload over copper it could be a possible option, but it does require descent traffic engineering from your side to prioritize zoom.
Bear in mind that these services are in the decline and will be sunset at some point too.And last but not least, opt for a leased line. In this case they will come digging from the closest pop, install new fiber (which is different from residential fiber which is almost always x-pon based) and also offer you an sla for recovery and maybe a managed backup solution too.
Price won't be comparable, but it is the ultimate, and also offers bandwidth guarantees up to the isp's uplinks
Depending on the business and how often residential fiber has issues, it could also be a solution. -
Thank you @netblues for the options you gave. Given the choices I will stick with starlink business plan for now even with sub-optimal performance. I was slightly hoping that a portion of the pfsense community had opted for two fiber internet from different providers for internet throughput performance reasons, and share their mitigation plans :)
-
@netblues said in Is it better to have satellite internet like starlink as failover to existing fiber internet?:
But if there is an outage and everybody switches to 5g on their mobiles then it might be an issue
We ran into this issue for years here.. Verizon finally got fiber close enough to the tower that serves us to replace the microwave backhaul so the speeds are better but still sub 50mbps when something as simple as a wreck on the nearby highway backs up traffic in the area.. Speeds with the microwave backhaul sometimes went lower than 1mbps when some event happened.
Luckily our local tower has generator backup as well.. not all do. We have no other Verizon towers that reach us. We have an original from 2017 unlimited data account that we don't want to give up. Another carrier might work better but not for the price point in our case.. And no "home internet" available for this location.. Some things to investigate for anyone thinking about cell as a back up.
