• On average the cost of a 100mb leased line is £550 per month here. I'm aware of the service level they provide and it's a dedicated line with guarantee 99.9% uptime. My home cable provider does 150mb for £42. I've been with them for the past 10 years and it technically only went down once. I know they do traffic shaping after 6pm  but it wouldn't affect me as we will only be using it during the day.

    Wouldn't it make sense to get a few 150mb and load balance it over pfsense? Isn't it more cost effective or this is just a dumb idea?

    Don't worry I won't be able to use the home provider as they don't support the area I want to install.

  • I guess you are talking about a point-to-point leased line between 2 offices. That gives you guaranteed bandwidth and your inter-office data will not (should not) be piped over the public internet at all - it will be some internal dedicated circuit provided by the service provider. So in theory you do not have to encrypt it (as well as you would want to encrypt using VPN over the public internet). And you get unlimited data quota - pump the 100Mbps with as much data as you like.

    If you buy a 150Mbps connection at each office then you obviously pay for 2 connections, so price that into your comparison. Then you put an encrypted VPN logical circuit across that. If you are really going to pump 100Mbps data across the VPN circuit a lot of the time then you have to check with the ISP about data quotas, fair-use policies… and you might not always see 100Mbps throughput because some ISP circuits are congested.

    If you buy 2 150Mbps links at each end (total 4 connections to buy), from 2 different ISPs that have different infrastructure coming to each office, then you get real redundancy and can configure the site-2-site VPN to fail over...

    These days I expect you can get just a much reliability from using site-2-site VPN links with multiple ISPs at each site, compared to buying a dedicated leased line circuit. But you probably do not get the moment-to-moment guaranteed bandwidth/latency that you can get from a real dedicated leased line circuit.

  • LAYER 8 Netgate

    And the 100Mbps is probably 100/100.  The 150 is likely, what, 150/25 maybe?  Usually static IPs, etc.

    It's usually the upstream that makes people upgrade.  You usually get right into tier two support when you call in too.

  • It isn't going to be point to point and only one site purely for internet access. The site won't be hosting any external servers. But maybe a few people will be using VPN.

    Yes, the 100mbps line will be 100/100 and the 150mbps is 150/12. Both are unlimited bandwidth and can provide static/ multiple IP address. I'm guessing it is against their TOS to purchase a home broadband at a business address.

    I had a few quotes for a leased line and most of them quoted for a backup adsl line. However the provider I've chosen advised me not to get a backup line as he said there isn't much need plus the exchange in that area will give you between 2-5mbps. Even if the leased line go down, the adsl won't cut it. I think he is being very honest about it, what do you guys think?

  • I'd opt for a symmetric fiber optic line at both ends if available.  A normal business line like that will probably give you just as much performance and reliability as a leased line.

  • People pay the extra where the time lost is worth more than the price of the leased line. If your cheaper connection works just fine, then don't worry. I pay $90 for an uncapped dedicated 100/100 connection myself. Not a leased line, but good enough.

  • Rebel Alliance Developer Netgate

    The part you're paying for isn't necessarily the uptime, it's the mean time to repair. You'd be surprised how long even a "five nines" uptime can be down when that's averaged out over a year. If you cable line does go down, how long do they typically take to fix it? What is the time stated in the leased line SLA for repair?

    An example here in the states, a cable line could be down for days depending on how busy the cable co is and how much yelling is done. A leased line is typically repaired in less than 4 hours, but in either case it depends on the nature of the problem. If someone cuts a line with an excavator it's typically going to be down longer than if it's a bad card or other easily solved issue.

    If you can handle a bit of downtime in either case, then the extra cash for the fancy SLA may not be worth it. If you can get lines from different providers that enter your building from different wire paths that's even better for redundancy. If the telco provides both the leased line and the ADSL, then odds are if one goes down, they both go down, but if you have a line from cable and another over phone lines then odds are one will remain up.

    And not that it's relevant in your case, but even on a leased line between two sites, you'd still want to encrypt the traffic. Best practice (and by some standards, a requirement) is to encrypt anything that leaves your location and the network you physically control. Even if the line is "private" it's still equipment that could be compromised, either unknowingly by a third party, or willingly as in a telco granting access to a government agency.