@cfusco , I also have a question about “smart things”.
First of all, I fully agree with what you have stated in the previous posts.
Needing (out of passion) to create load balancing for myself (if one adsl or fiber line, goes down on me, another one set as failover is activated),
I bought a TPLINK er605 router for about 100€, which I attached “cascaded” to IPFire’s RED, automatically creating double NAT, double firewall and double port forward.
Honestly, this smart router is not giving me much satisfaction: once a month I have to reboot it, because it hiccups.
How do you see this? I know that IPFire does not currently support load balancing which I am interested in.
@casabenedetti I am not competent enough to give an informed opinion. However there are several people here that know network hardware well. I hope they will give you their point of view.
I thank you very much for the shift. I was sure I posted in the wrong topic. I realized it later.
Yes, I have updated. My hardware version though is 1.
So the latest firmware I see for my model is 2022-06-15
In fact, the hardware V2 even has a USB port. My hardware is the old model. I read that you damage the router by loading firmware from another hardware version. And that seems logical to me.
I am convinced, however, that big solutions are not there, other than buying either a better router or waiting for IPFire version 3. It seems to me that it will integrate such a system.
Also consider that I have been behind these upgrades. But after 30 days of continuous ER605 operation, failover no longer works if the main line goes down. Only solution: Reboot the ER605 once a month. For me it is a BUG that this firmware carries with it. Maybe for now I will use an electronic system that will reboot it for me. Or I will replace ER605 with unstable IPFire 3: a good reason to test it.
But I wonder you do have TWO ISP connections and have so many IOT devices you need to load balance them? Is IPFire able to handle two ISP providers on RED at all?
With multi-wan, IPFire cannot do load balancing by itself, but it can keep the line stable with a fail over automatic switch to the second provider if both lines are PPoE. I also believe that you can have two separate IPFire, one for each provider and using keepalived implementation of the Virtual Router Redundancy Protocol you can create only one gateway for your clients.
No idea about the details. My sources are the two documents I linked above.
Yes, let’s say it is not vital for me to use two ISP.
Having surveillance cameras, it might come in handy to activate the second ISP (SIM modem) if the first ISP (landline) goes down.
But the first ISP is stable. I could also eliminate it ER605.
The in any case, roughly it works. I can’t evaluate the gigabit surfing speed well. I have 90 mega downloads on the first ISP and 60 mega downloads on the second ISP. With these values no attenuation.
There is only this “monthly restart” problem, which would not be serious.
But eventually I will have to check the Tp-Link forums. It is not an IPFire problem. Of that I am certain.
The solution suggested by @cfusco
I did not know. I will definitely take it into account.
Hi,
How do you have the ER605 configured.
I’m trying to set up the same thing, but not having much success even getting the 2 WANs to be accessible from IPFire.
Thanks
I sincerely thank you for asking the question.
I am happy to help you, I will do my best.
For the connections you can stick to my diagram.
The configuration is a bit more complex in the sense that IPFire “does not interact directly with ER605”.
You see the multiwan router and IPFire as two blocks.
To the ER605 router I have connected on its WAN ports 2 ISP modems, as the diagram shows.
The ER605’s LAN port is to be connected to IPFIRE’s RED.
IPFire side: no particular configuration.
All the multiwan configurations, I did exclusively in the ER605.
Keep in mind that the ER605 will see the IPFirewall as “one IP RED.” This means that you will not be able to make sure that you balance the load between two local computers in IPFire’s GREEN, nor between IPFire’s subnets.
On the other hand, you will only be able to balance the load by “reasoning about ports,” or create a failover, or “add up” the UPLOAD and DOWNLOAD speeds, in the case of torrents.
I have given you a first smattering. Ask me more questions in more detail and I will try to help you further.
Good work with the project.
P.S.
This procedure I described is my current preferred condition.
Yes, there are many solutions on the market.
The one I bought (old model) has up to 4 gigabit ISPs (WAN) and one gigabit LAN port. The WAN ports can also be configured as LAN ports. It seems to me that “at the time” it cost about 100€. All 4 WAN ports on the ER605 can be used as failover or load balance .
The new model now also has a USB port that should be used for a sim stick (I think).
I think if you only need a failover, the model you reported is fine. In the WAN I can connect an ISP router + the SIM, right? At least it is easier to configure I think.
In any case, I am not sure if it is always possible to eliminate a dual nat and use IPFire at the same time.
In my network, my WIND fiber runs through its own specific modem/router. To this Wind Modem, a line for fixed telephone calls is also “hooked up”. I am not sure if IPFire 3 can replace my ISP modem. And that in itself generates a “dual NAT” (ISP Modem+IPFire). But if I eliminate ER605 by replacing it with IPFire 3, I will definitely have one less NAT.
.
.