The current setup is a Peplink Balance One with the 5xWAN License.
We have 4 x FTTC connections to this (each of speed 80Mbit down/20Mbit up - PPPoE, using 4 x Openreach HG612 modems), and the environment is a medium-sized student residence that is yet to be at capacity (currently 10 or so students each with several devices). Therefore, setting up more complex balancing rules involving IPs and subnets will be very tricky as the devices aren’t static client devices.
Every room has an ethernet port (source - HP 1920-48G) however apart from one student, nobody is using these.
The building has a Ubiquiti Unifi WiFi setup (7 x UAP-AC-LR points + Cloud Key), all running off a HP 1920-24G PoE switch.
The IP network is in a /22 subnet/range so 1022 hosts max capacity.
Our issue is with the outbound policy and setting up an effective ‘persistence’ policy that won’t toy with the students’ connections to mainly streaming services, banking sites and HTTPS websites that don’t like being switched between IPs.
Firstly I tried the ‘High Compatibility’ policy however a few students complained of weird issues, and I myself couldn’t establish a solid browsing session to the UniFi site for AP management (unifi.ubnt.com) of which runs off HTTPS. This was purely through the web via the UniFi cloud and not connected locally to the device on port 8443. Trying to navigate various areas (settings, clicking anything pretty much) results in the page freezing. Whilst this is happening, I’m doing an external IP check/refresh on another tab and I’m seeing my external IP changing between the 4 IPs. This is why the site doesn’t browse without crashing. To settle this as being the issue, I disconnected 3xWANs and left 1 WAN connected, and this rectified my browsing of the UniFi site with everything working fluidly again (and any issues students were having, were suddenly rectified).
Afterwards, I set up a custom policy (in fact there was already a policy in place for HTTPS Persistence), and had the same issues as above again with the router unable to keep the web session to one WAN.
Is there a set of policies that anybody out there has made that I can pretty much plug into the Balance One rules, and have minimal issues? I have a reasonable networking understanding but not sure why this is happening. I don’t want to go down the path of having to set up outbound rules based on domains and IPs and set specific students to specific WANs if it can be avoided as this can get very time consuming, and these students have so many devices and their own bandwidth habits change day to day.
Most sites these days are running off HTTPS these days too.
Weighting isn’t required as all 4 WAN lines are of the same speed. Speedfusion isn’t required either as each WAN is of adequate speed for the most demanding of application (can handle 4k streaming). I’d just like the router to load balance between the connections and keep everyone flicking around between the least used. This will become a bigger issue once the student resident has more tenants (full capacity is 40) but as it stands right now with 10 students, the 1 x WAN connection I’ve left everyone on for the time being, is taking a real beating especially in the evenings so I’d need to resolve the outbound policy sooner rather than later, and I’m convinced I’m missing a trick so hoping somebody can help!