Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why get a leased line?

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 6 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      BaNZ
      last edited by

      On average the cost of a 100mb leased line is £550 per month here. I'm aware of the service level they provide and it's a dedicated line with guarantee 99.9% uptime. My home cable provider does 150mb for £42. I've been with them for the past 10 years and it technically only went down once. I know they do traffic shaping after 6pm  but it wouldn't affect me as we will only be using it during the day.

      Wouldn't it make sense to get a few 150mb and load balance it over pfsense? Isn't it more cost effective or this is just a dumb idea?

      Don't worry I won't be able to use the home provider as they don't support the area I want to install.

      1 Reply Last reply Reply Quote 0
      • P Offline
        phil.davis
        last edited by

        I guess you are talking about a point-to-point leased line between 2 offices. That gives you guaranteed bandwidth and your inter-office data will not (should not) be piped over the public internet at all - it will be some internal dedicated circuit provided by the service provider. So in theory you do not have to encrypt it (as well as you would want to encrypt using VPN over the public internet). And you get unlimited data quota - pump the 100Mbps with as much data as you like.

        If you buy a 150Mbps connection at each office then you obviously pay for 2 connections, so price that into your comparison. Then you put an encrypted VPN logical circuit across that. If you are really going to pump 100Mbps data across the VPN circuit a lot of the time then you have to check with the ISP about data quotas, fair-use policies… and you might not always see 100Mbps throughput because some ISP circuits are congested.

        If you buy 2 150Mbps links at each end (total 4 connections to buy), from 2 different ISPs that have different infrastructure coming to each office, then you get real redundancy and can configure the site-2-site VPN to fail over...

        These days I expect you can get just a much reliability from using site-2-site VPN links with multiple ISPs at each site, compared to buying a dedicated leased line circuit. But you probably do not get the moment-to-moment guaranteed bandwidth/latency that you can get from a real dedicated leased line circuit.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • DerelictD Offline
          Derelict LAYER 8 Netgate
          last edited by

          And the 100Mbps is probably 100/100.  The 150 is likely, what, 150/25 maybe?  Usually static IPs, etc.

          It's usually the upstream that makes people upgrade.  You usually get right into tier two support when you call in too.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • B Offline
            BaNZ
            last edited by

            It isn't going to be point to point and only one site purely for internet access. The site won't be hosting any external servers. But maybe a few people will be using VPN.

            Yes, the 100mbps line will be 100/100 and the 150mbps is 150/12. Both are unlimited bandwidth and can provide static/ multiple IP address. I'm guessing it is against their TOS to purchase a home broadband at a business address.

            I had a few quotes for a leased line and most of them quoted for a backup adsl line. However the provider I've chosen advised me not to get a backup line as he said there isn't much need plus the exchange in that area will give you between 2-5mbps. Even if the leased line go down, the adsl won't cut it. I think he is being very honest about it, what do you guys think?

            1 Reply Last reply Reply Quote 0
            • K Offline
              kejianshi
              last edited by

              I'd opt for a symmetric fiber optic line at both ends if available.  A normal business line like that will probably give you just as much performance and reliability as a leased line.

              1 Reply Last reply Reply Quote 0
              • H Offline
                Harvy66
                last edited by

                People pay the extra where the time lost is worth more than the price of the leased line. If your cheaper connection works just fine, then don't worry. I pay $90 for an uncapped dedicated 100/100 connection myself. Not a leased line, but good enough.

                1 Reply Last reply Reply Quote 0
                • jimpJ Offline
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  The part you're paying for isn't necessarily the uptime, it's the mean time to repair. You'd be surprised how long even a "five nines" uptime can be down when that's averaged out over a year. If you cable line does go down, how long do they typically take to fix it? What is the time stated in the leased line SLA for repair?

                  An example here in the states, a cable line could be down for days depending on how busy the cable co is and how much yelling is done. A leased line is typically repaired in less than 4 hours, but in either case it depends on the nature of the problem. If someone cuts a line with an excavator it's typically going to be down longer than if it's a bad card or other easily solved issue.

                  If you can handle a bit of downtime in either case, then the extra cash for the fancy SLA may not be worth it. If you can get lines from different providers that enter your building from different wire paths that's even better for redundancy. If the telco provides both the leased line and the ADSL, then odds are if one goes down, they both go down, but if you have a line from cable and another over phone lines then odds are one will remain up.

                  And not that it's relevant in your case, but even on a leased line between two sites, you'd still want to encrypt the traffic. Best practice (and by some standards, a requirement) is to encrypt anything that leaves your location and the network you physically control. Even if the line is "private" it's still equipment that could be compromised, either unknowingly by a third party, or willingly as in a telco granting access to a government agency.

                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.