Multi WAN Multi VPN Link & Bandwidth Aggrigation

  • We have 3 offices site-to-site linked with openvpn on pf 1.2.3-release boxes works well btw.  Ironically the main office is the most rural and has limited bandwidth possibilities.  I am trying to use the vpn connection for some applications that require a decent level of bandwidth overhead.  My question is if the main office had two dsl connections lets say 3mb x 512k and they were load balanced in a multi-wan config could this improve data transfer speeds over the vpn?  Could multiple vpn links be trunked or bound to make one faster connection?  I got the basic model from this doc I found online.  Any input would be gracious.

    / <–VPN-1-on-link-1--> \     
        |--Main Office--| <-|  <--VPN-2-on-link-2-->  |-> |--Remote Office--|
                                    \ <--VPN-3-on-link-3--> /
                                            aggregated link

  • Rebel Alliance Developer Netgate

    In theory that can work, but at the moment we don't have anything setup to stack a link aggregation protocol on top of OpenVPN.

    As it is now, you can do redundancy that way, but not increase bandwidth.

  • I have a slightly different question, but I think it is related to this.

    I want to bind together at least 2 (up to 5 or 6 if possible) entirely different connections (same ISP; two ISP accounts; two modems) and load balance. I'm trying to improve my bandwidth (avoid caps and maximize overall throughput) to the VPN service I use. Here's the question: Is it possible to load balance a single session of OpenVPN over two (or more) different connections? It gets slightly trickier, I need to run pfSense virtualized on Win7. I'm thinking of something like, with a single session of OpenVPN load balanced. If it did work, it would go something like this:

    Win7 with OpenVPN Client <–> Virtual PfSense with Load balancing <--> Connections 1, 2,...,n <--> VPN Server <--> Internet

    Please note that I only have one VPN tunnel I want to make, I just want to expand the number of physical lines I can use to reach the server.

    Is that even possible? Does the Server need to be setup in a special way? Should PfSense be running the OpenVPN client instead of Win7? If this is possible, are there any particular methods I need to use? What are they?

Log in to reply