Hi all… very very far out of my depth here but looking a new project. I’ve been using VyOS for several years and love it, but only at a very simple level - routing, dns, basic firewall, vlan, wireguard etc. That’s about my level of networking knowledge at present.
What I want to do is see if I can bond a satellite and a 4G connection together to utilise whatever bandwidth is available simultaneously. I’m imagining that the end result will be a single public IP attached to a VPS gateway/edge, then bonding the 2 connections between the VPS and the site with all traffic managed transparently - essentially this product, but DIY.
My problem is I don’t even know what terms to search for to begin to figure it out. I assume SDWAN will be part of it, but what other acronyms will I need to understand to pull this off?
As far as I can tell the product you link to needs something on the internet which reassembles the packets. You create multiple tunnels to a device which has bigger bandwidth which then reassembles the streams and you enter the internet through that.
You can create that I think, but you need something like a VM somewhere which has bigger bandwidth than your two connections together.
Another solution could be something like policy based routing. But to my knowledge that’s more static. So you define what traffic goes to the internet via which link. So you’re not really bundling the 2 links.
I was hoping that the VPS would be the device with the bigger bandwidth. Obviously you’re paying for traffic twice in this scenario, but there are affordable options with plenty of bandwidth for our requirements.
The main priorities are static public IP and as much bandwidth as we can cobble together from several different connections that are all ‘regional’ quality…
The issue you’re going to run into for almost any solution will be the jitter between a satellite and cellular connection. This makes striping the packets rough for TCP flows. If you’re fine with hashing flows between the 2 circuits, then you can leverage both circuits, but a single flow wouldn’t be able to exceed the max of the service it’s on (much like LACP). But the aggregate of all flows would reach the combined throughput of both circuits. The benefit would be you can do that locally on VyOS, and wouldn’t need that additional VPS (unless you’re making that sort of a security stack).
That’s interesting, thanks - I didn’t realise that Zerotier could be used that way.
I’m not really looking for extra security from this arrangement, but am I right in thinking that for traffic outbound to the general internet from site would still need to go through an endpoint somewhere (eg a Zerotier instance on a VPS) to get the benefit of bonding?
Yes, but like I said, bonding 2 circuits together with wildly different jitter can have bad results and lead to a lot of packet reassembly (or trigger TCP retransmits). You could potentially make things slower.
You may have better results by hashing flows between the circuits. If both circuits can do 50mbps, then you wouldn’t be able to double that and do 100mbps for a single flow (like a download), but you could do 2 flows and have one hash to each circuit. So 50mbps per flow, but 100mbps aggregate.
Understood. Starting to feel like I might have bitten off more than I can chew on this one. Will keep looking into it out of interest but don’t think I’m likely to pull it off.
Have you looked into speedify? It would do what you’re wanting to do. Their service would just replace the VPS. Even if you’re wanting to pursue an open source or self hosted solution, it could at least serve as a proof of concept that your circuits could be bonded without negative effects. You could just pay for a month to try it (they could have a trial or something as well).
Yes was just looking into that thanks. Will also have a look at the Fusion Broadband stuff linked earlier, they are a product from my country (Australia) so wold have more than a passing familiarity with the different networks available to me here.
