Multilink PPP - (DSL Bonding) [Now $100USD]



  • I'm trying to get a feel how much this would cost as a bounty.

    We (few of us) are looking for a easy way to allow us to do MLPPP.  Our ISP already supports it, we are already running Pfsense so now we are just looking for someone who could do the programming.

    I know Pfsense already does load balancing but we are looking for MultiLink PPP.



  • If this is compatible w/ Teksavvy, I would put $100 towards this bounty.



  • IMO, it would be easier to do this on the router than on the firewall, but it should be within the realm of possibility.
    Someone has a good howto on using MLPPP on TekSavvy DSL here: (Owen mentioned DSL, so I'll assume the OP meant DSL too)
    http://bsdtips.utcorp.net/mediawiki/index.php/Mersault/MultiLink_PPP
    The howto uses userland ppp, and IIRC, pfSense uses mpd instead of userland ppp for PPPoE connections. The author mentioned somewhere that mpd 4 would also work with TekSavvy, but pfSense is still using mpd3x due to some issues with the newer version.
    Note that I'm just giving some information- I haven't used mlppp since bonding two 33.6k modems on a FreeBSD 2.x box and have no programming skills whatsoever.



  • Am I right to assume that MLPPP is not limited to 2 connections?  ie. I could use 3 or more PPPoE DSL connections?

    – Phob



  • I am bonding three DSL connections using FreeBSD. I'm presently using userland ppp, though I have spent some time working with the developer of mpd, and we have the CVS version of mpd4 and mpd5 working with TekSavvy. That was a few months ago, so it's quite possible that he's released a new version with the fixes applied.

    A very good primer on MLPPP and how it works can be found here:
    http://www.tcpipguide.com/free/t_PPPMultilinkProtocolMPMLPMLPPPPPPMP.htm

    I don't know what issues with newer versions of mpd that dotdash is referring to, but if those can be overcome it should be pretty simple to drop in a recent binary of mpd4 or mpd5. I can provide the mpd config files I used for both mpd4 and mpd5 to successfully connect to TekSavvy.



  • @Phobia:

    Am I right to assume that MLPPP is not limited to 2 connections?  ie. I could use 3 or more PPPoE DSL connections?

    – Phob

    From what I understand yes.



  • Well it only took 3 days and someone made a MLPPP version of the Tomato Firmware.

    http://www.dslreports.com/forum/r20484600-TomatoMLPPP-released-evade-throttle-or-bond-two-DSL-lines
    http://www.dslreports.com/forum/r20452999-MLPPP-on-WRT54GTomato-progress-report-with-download

    Any chance someone can do the same with pfsense?



  • Well it is pretty simple to do this with pfSense it has just to be exported to the interface, since mpd supports this.

    The idea is to setup multiple ppp connections and then create a final bundle(in mpd talk) for them. This would even bring support for  pptp/pppoe/ppp on interfaces other than WAN as an aside.

    I can take a look at this after i finish the other bounty if nobody wants to dig in before.



  • Thanks for looking into it.



  • I would put another 25 in this bountey IF it works with PPPOE.

    It would be great if others would also put a smal amount in, this feature would really rock :)
    Cheers



  • I am really fascinated with this. I'm talking to our local telco's president to see if they support this. If so, and their fiber roll out to our house is over a few months, and they'd rather do MLPP instead of a couple bonded T1's - I'll post 50$



  • if I recall when someone asked Teksavvy if they do/could support it. About 6 hours later they had it activated.



  • I will add $10 to the bounty, This feature would be useful.



  • I'll add $25 USD to bounty if MLPPP should still work even if you have 1 DSL line, yes?



  • @Edward_k:

    I'll add $25 USD to bounty if MLPPP should still work even if you have 1 DSL line, yes?

    It does with tomato. And it does bypass the DPI throttling.



  • So what would you all need to help dev. this.

    I could put Pfsense in Vmware on a XP box that can be vnc'd into. This is what I provided to the Tomato MLPPP devs.



  • It's not complete and bug-free, but it's a good start.  Only a few hours were required ;)

    http://www.dslreports.com/forum/r20504733-MLPPP-on-pfSense



  • This link is a more complete setup.

    Though mpd5 has templates which should simplify some things on the configuration side.
    But that all to doing it.

    I think that you better enable tcpmssfix rather than setting mss maxsize option.

    If you are interested on getting this into pfSense when you have a diff just report in here.



  • The link is dead.

    I tried to remove my "set mss" directives and add one "set iface enable tcpmssfix", but this didn't change anything.



  • It works for me but in any case try this.



  • @ermal:

    It works for me but in any case try this.

    That link is dead too. DSLR uses dynamic links so you can't just link to them.





  • This feature would make pfsense the ultimate firewall!!

    There is another firewall called Boot CD or something that used to be free but then the guy started to take advantage of the fact that his prduct was the only one to allow MLPPP.

    My Business will give $30 to the person that codes this!!



  • Ok here's the updated scoop.
    As you can see if you read that thread we are having severe latency issues. at one time it got better for me and wasn't so bad but it would come back now and then. SO i was wondering if anyone perhaps had any hints as to why this is happening. keep in mind this is in single dsl mlppp mode. We have yet to finalize testing using two modems and seeing how this responds etc. Couple other bugs I have noticed is it won't get the ISP dns entries we had to put them in ourselves and tell pfsense not to override with a wan dns entry. I am ruling out hardware as the issue for the latency as both machines tested with the same problem have way diff specs.



  • Please note that I am VERY ignorrant to coding anything so I am not qualified to make any sort of suggestions in this area.

    However would taking a look at:

    http://www.upstreaminter.net/bondedcd.shtml

    and having a look at the settings there help?

    Also, sangoma has some interesting tips on:

    http://wiki.sangoma.com/wanpipe-linux-wan#mpppdOverTTY

    I don't know if this helps you at all



  • @Daboom:

    Ok here's the updated scoop.
    As you can see if you read that thread we are having severe latency issues. at one time it got better for me and wasn't so bad but it would come back now and then. SO i was wondering if anyone perhaps had any hints as to why this is happening. keep in mind this is in single dsl mlppp mode. We have yet to finalize testing using two modems and seeing how this responds etc. Couple other bugs I have noticed is it won't get the ISP dns entries we had to put them in ourselves and tell pfsense not to override with a wan dns entry. I am ruling out hardware as the issue for the latency as both machines tested with the same problem have way diff specs.

    I fixed the DNS issue.  Add this to your mpd.conf :

    
      set ipcp enable req-pri-dns
      set ipcp enable req-sec-dns
      set iface up-script /usr/local/sbin/ppp-linkup
    
    

    So, the only issue is latency.



  • So right now with Tomato with two DSL lines at 3008/800  I cam getting about 620K/sec download and 150k/sec upload.

    So as soon as someone can build this into Pfsense I will be adding $50 the pot myself.

    I currently have pfsense for my servers only running off 1 modem.  But this workstation Tomato since I use it for all my downloads/uploads.



  • Well i can tell that on 1.3(based on FreeBSD 7) this would work like a charm since of newer things and alloing to do multilink ppp with split packet(don't quote me on the name) which allows to increase the mtu and avoid fragmentation issues.
    Even the issues that you are seeing is in fact that mpd5 is not really meant for FreeBSD 6 code base.

    Ermal



  • The mlppp in testing, will pfsense be able to support 2 pppoe connections using any standard pppoe modem?

    Or will we have to fork out for the expensive sangoma cards?

    The feature is the one feature that pfsense needs to be the best firewall of all time!! (horrray!)

    I've already added $30 to the pot but ill add another $20 to that to make it $50!

    Could the op do an update on the total currently in the pot?



  • @jonnytabpni:

    There is another firewall called Boot CD or something that used to be free but then the guy started to take advantage of the fact that his prduct was the only one to allow MLPPP.

    Eddie hardly charges a fortune(£23 per year)! Go and see how much Cisco would charge you  ;).

    I think that people should be paid for putting effort into developing software in there spare time. He gives you it for free if you use him as your ISP which is more than fair.



  • ok yes, people should be rewarded for their efforts.

    However I still stand by the fact that pfsense would be one of the best firewalls ever if it had this feature!



  • @ohmer:

    It's not complete and bug-free, but it's a good start.  Only a few hours were required ;)

    http://www.dslreports.com/forum/r20504733-MLPPP-on-pfSense

    I'm using that method, but I have issues with it when I reconnect. pfSense blocks all incoming communications, as if the firewall&nat rules don't work anymore.
    I have to manually make it reload the filter rules before it starts forwarding stuff again.
    This is obviously a blocker if you run anything to be accessed remotely.



  • @Daboom:

    Ok here's the updated scoop.
    As you can see if you read that thread we are having severe latency issues. at one time it got better for me and wasn't so bad but it would come back now and then. SO i was wondering if anyone perhaps had any hints as to why this is happening. keep in mind this is in single dsl mlppp mode. We have yet to finalize testing using two modems and seeing how this responds etc. Couple other bugs I have noticed is it won't get the ISP dns entries we had to put them in ourselves and tell pfsense not to override with a wan dns entry. I am ruling out hardware as the issue for the latency as both machines tested with the same problem have way diff specs.

    Well i gave it some more time to this and here what came out.
    http://bsdtips.utcorp.net/mediawiki/index.php/Mersault/MultiLink_PPP

    although for the latency issues it is recommended to change the line
    set bundle enable round-robin
    to
    set bundle disable round-robin

    This would use split packets and truly double/triple/…. the bandwidth and utilization of the links.

    To fix the problem that pf blocks the packet on the other ng* interfaces use the up-script as said here
    http://mpd.sourceforge.net/doc/mpd25.html#25
    and in the script add a command ifconfig $1 group netgraph

    then in /etc/inc/filter.inc search for "Default deny rule"
    and add before it pass in quick on netgraph all keep state

    NOTE: this will not allow any QoS to work with the other links and will just enable the functionality to use multi link ppp/pppoe not sure about pptp. You have to take even nat i consideration.

    I cannot integrate it yet on pfSense since i have not a test setup for it so ....



  • Anyone have any idea on why my forwarding rules don't get reloaded after a reconnect?



  • Look at the source Luke :D

    issue touch("/tmp/filter_reconfigure") or is it filter_reload whenever you want the rules to get reloaded.



  • So is anyone planning on taking a real good stab at this?



  • Well 1.3 support multiple pppoe/pptp connection so adding this is not much work afaik. But i will not take it for now.



  • @ermal:

    Look at the source Luke :D

    issue touch("/tmp/filter_reconfigure") or is it filter_reload whenever you want the rules to get reloaded.

    I found the appropriate command, but I could not figure out the appropriate location to place it in and have it run. From what I can see, the MPD5 daemon does not die when the connection experiences an error, and if I do manually kill it, it does not auto restart. What should I do?



  • Ok, at this point I am going to withdraw my request for this bounty. If anyone else wants to keep it going by all means but I will no longer require it.

    1:1 Nat in Tomato will solve all my requirements and I will not be using Pfsense anymore.

    Thanks everyone for the attempt.


Log in to reply