I have a few questions about the peplink balance 20
Can it do both sessions and IP based load balancing (meaning can it maintain the same wan port while specific web session with the IP of your internet banking for example) (without a rule in place) vs a traditional round robin.
How many (total number permitted) protocol binding or specific IP to WAN port forwarding rules can you set-up in the router at one given time.
What other unique forms of load balancing (algorythms) can it do while maintaining the same WAN for an IP session (for banking an other application compatibility assuming it can) that other load balancers typically cannot.
Thank you for your prompt response, we need to purchase a load balancer by Tuesday of this week and are trying to decide between Dreytek, QNO, and Peplink
What about non HTTS but regular HTTP sessions is it possible to make them persistent without rules
There must be some limit the Cisco maxes out at 100 the DrayTek at 60, are you telling me I can bind 1000 individual IPs to specific WAN ports on the Balance 20
So by reading this with the balance 20, I’m really limited to weighted or persistence or enforced or priority, which one of those will give me any benefit in speed of downloads and browsing (and will the persistent HTTPS & HTTP sessions work in that mode)
Yes, you can create multiple persistence rules, based on specific port of your choosing.
Tim is actually referring to port-forwarding of inbound traffic, WAN to LAN.
Irregardless, there’s no limit on outbound rules that you can create either. From our past experience, the number of rules you create here will affect time for browser to load the UI, or for extreme cases, browser might become non-responsive.
You can configure weight-balance as the default rule. This way, you can utilize all your available WANs for downloads and browsing. By default a persistent HTTPS rule will be created for your when you chose to add custom outbound policy. I’ll recommend keeping it in place, as HTTPS sessions like internet banking require that to work. Of course, max bandwidth here will be based on the WAN used by the particular session.
I understand, but the question is can you have the HTTPS persistant, specific IP to specific WAN forwarding, and weighted load balancing for all other traffic. All configured together at the same time?
It’s a very specific question, most routers will only allow persistent or weighted, not both simultaneously, is the balance 20 and 30 an exception?
From KY’s response I somewhatunderstand the following. Is it correct?
So it will go in the following steps:
protocol IP forwarding to WAN port outbound rules if exist
persistent if HTTPS session over least uses WAN or (wan available by your algorithm)
if doesn’t meet either of those conditions it will be weighted over multiple WAN ports
Is this correct?
Also is it better to use IP for forwarding specific websites to specific WAN ports or URL (I see your router handles URL as well, that’s unique, which is a better solution in terms of efficiency and effectiveness)?
Just replace the source from “IP Address” to “Any” will do. Edit: You can use Enforce rule for this as well, to force all HTTPS traffic out of a specific WAN.
A custom rule using Enforced algorithm.
2,3. Refer to the above and my previous post.
So then it’s not possible to force only specific HTTPS IP’s or URLS to go to a specific WAN port, while just having normal HTTPS persistence with load balancing across your other WANS for all of your other HTTPS URLs or IPs?
Say I have eight specific HTTPS URL’s that must be accessed via WAN2, I cannot singularly force those specific URL’s to WAN2 and spread the rest with persistence across the other WANS?
Also you say that you support unlimited singular IP or URL to individual WAN forwarding rules, in practical reality that’s not possible, as there are over a billion unique IP’s. Cisco supports 100, Draytek 60, in practical purposes without causing strain on the router do you think the balance 20 and 30 would comfortably support 1000 outbound protocol forwarding rules, or 500, or 250 ( I probably would not need more than 250 maybe I could use 500, I’m just trying to understand the realistic real world use case and not a hypothetical scenario )
So then in this case it could work as follows:
IP or URL (protocol) forwarding to a specific WAN port (because this will include HTTPS URLS too)
HTTPS persistance for all HTTPS sessions not specific IPs
weighted load balancing for all traffic that doesnt meet the above criteria
Another option is some routers provide session or IP based load balancing, where you could opt to have every unique browser session HTTPS or HTTP maintained on the port it originated on, can the balance 20 and 30 operate in this fashion? If so could I keep step 1 in place forwarding specific IP’s or URLs and or protocols to specific WANs for their sessions (is there a benefit to using IP over URL i noticed in your demo your router supports both)? In this scenario would I see any benefit in speed while downloading from the load balancing or no because the session would be restricted to the WAN port. Would I see a speed benefit in downloading multiple files or torrents?
Sorry just trying to be real specific because your answers are quite thorough but they are missing the essence of my question.
So then it’s not possible to force only specific HTTPS IP’s or URLS to go to a specific WAN port, while just having normal HTTPS persistence with load balancing across your other WANS for all of your other HTTPS URLs or IPs?
Say I have eight specific HTTPS URL’s that must be accessed via WAN2, I cannot singularly force those specific URL’s to WAN2 and spread the rest with persistence across the other WANS?
Also you say that you support unlimited singular IP or URL to individual WAN forwarding rules, in practical reality that’s not possible, as there are over a billion unique IP’s. Cisco supports 100, Draytek 60, in practical purposes without causing strain on the router do you think the balance 20 and 30 would comfortably support 1000 outbound protocol forwarding rules, or 500, or 250 ( I probably would not need more than 250 maybe I could use 500, I’m just trying to understand the realistic real world use case and not a hypothetical scenario )
So then in this case it could work as follows:
IP or URL (protocol) forwarding to a specific WAN port (because this will include HTTPS URLS too)
HTTPS persistance for all HTTPS sessions not specific IPs
weighted load balancing for all traffic that doesnt meet the above criteria
Another option is some routers provide session or IP based load balancing, where you could opt to have every unique browser session HTTPS or HTTP maintained on the port it originated on, can the balance 20 and 30 operate in this fashion? If so could I keep step 1 in place forwarding specific IP’s or URLs and or protocols to specific WANs for their sessions (is there a benefit to using IP over URL i noticed in your demo your router supports both)? In this scenario would I see any benefit in speed while downloading from the load balancing or no because the session would be restricted to the WAN port. Would I see a speed benefit in downloading multiple files or torrents?
Sorry just trying to be real specific because your answers are quite thorough but they are missing the essence of my question.
Thanks for the clear explanation.
I understand a lot better now.
Yes it’s possible.
Custom rule #1, specific destination IP (or domain name if you’re using specific URL), protocol pointing to TCP 443, algorithm using Enforced and WAN of your choosing.
Custom rule #2, any source, any destination, protocol pointing to TCP 443, algorithm using weight balance.
Default rule
Also possible.
Custom rule #1-8, same as the above, using domain name each with a specific URL), protocol pointing to TCP 443, algorithm using Enforced and WAN2.
Custom rule #9, any source, any destination, protocol pointing to TCP 443, algorithm using weight balance.
Default rule
Practically I’m not too sure why you need to specify the outbound traffic of up to 500 public IP. Perhaps you can share more on this, or maybe explore if there’s a way to group them into small group of subnets, instead of /32 IP addresses.
Yes, you’ll need to add in the 2 rules stated below. Of course, the HTTPS rule will be conflicting the 2nd rule we have above, so it depends on how you want to route your HTTPS traffic.
Custom rule #1, any source, any destination, protocol TCP 80, algorithm using persistence, by source.
Custom rule #2, any source, any destination, protocol TCP 443, algorithm using persistence, by source.
If you download a big file directly from a browser, it will stick to a single WAN, so no benefit in speed. For traffic like torrents which utilize multiple sessions, yes there will be an increase if you load-balance via both WANs.
So now let’s see if I understand a little better, as long as i set my custom IP or URL forwarding rules with a higher priority than the persistence rules, they will be executed first?
If opted not to use persistence for port 80 or regular HTTP sessions would I see an increase in download speeds for large files because they would be spread across the WANs?
I currently have the Cisco RV042 and I have 100 protocol binding IP to WAN forwarding rules in place and I’m migrating because I need more. I access a lot of websites that require specific IP’s to access them and that is the reason for the large number of protocol bindings. They are totally unique IP’s so they can not be broken down into groups. Realistically, what do you think would be the most I would want to use with the balance 20 or 30 without causing the interface to slow down to a crawl and problems to start to occur (is 250 unrealistic please be blunt and honest)? Also is there any benefit to IP over URL, I notice that you support both?
Thank you for you for the clarity in your answers this time. I’m not very technical so it’s much easier for me to understand.
I have a balance 20 in my hands now that was given to me, it’s 3-4 years old and I’m trying to update it to the latest firmware and it won’t update. Has the hardware changed and new firmware not suitable for the previous iterations. I submitted the serial # of the device in my support ticket, if you could look at that and advise me I’d greatly appreciate it.
This balance 20 only supports IP’s your live demo supports IPs and URLs does the current balance 20 firmware support both too or is that only on larger models?
Finally there is no way to enable the router for best application compatiblity mode or most application compatibility mode AND add custom rules you MUST choose one or the other correct?
So now let’s see if I understand a little better, as long as i set my custom IP or URL forwarding rules with a higher priority than the persistence rules, they will be executed first?
This is correct, the rules are executed firewall-style from top to bottom.
If opted not to use persistence for port 80 or regular HTTP sessions would I see an increase in download speeds for large files because they would be spread across the WANs?
Only if you are using a Download Manager or if it is torrent traffic, otherwise it will only come back on the same WAN the request went out on.
I currently have the Cisco RV042 and I have 100 protocol binding IP to WAN forwarding rules in place and I’m migrating because I need more. I access a lot of websites that require specific IP’s to access them and that is the reason for the large number of protocol bindings. They are totally unique IP’s so they can not be broken down into groups. Realistically, what do you think would be the most I would want to use with the balance 20 or 30 without causing the interface to slow down to a crawl and problems to start to occur (is 250 unrealistic please be blunt and honest)? Also is there any benefit to IP over URL, I notice that you support both?
Honestly it is hard to put an exact number on it. I have never heard of any one needing so many different custom rules. URL would be better because if the destination IP changes you would not need to change it.
We will follow up with you via the support ticket regarding the firmware update.
Finally there is no way to enable the router for best application compatiblity mode or most application compatibility mode AND add custom rules you MUST choose one or the other correct?