Hey there. I had a bit of an epiphany tonight. I kind of feel dumb not finding this sooner. I have been using a Peplink balance 30 for 3 years and recently upgraded to a Balance One Core. I have two radio links to the same ISP. On uses a better transmitter than the other. I have 26/4 on one and 16/4 on the other.
I have tried to get the Overflow algorithm to work, but it never behaved as I expected. When I download three movies from iTunes to an iPad, all three downloads would end up on one link. That’s strange, I can tell the link is saturated, why can’t the router? Well, because I very rarely ever see my peak download speeds. Both connections are best effort (not CIR - guaranteed throughput). Because I had set the upload and download limits to indicate the POTENTIAL highest speed AND I am rarely ever to see those speeds - the router never labeled the link as “saturated”. So all new outbound connections went out the same wan link.
Simple enough, I will just set the values to half of what they are capable of for upload and download. This left me with 13/2 and 8/2. Well, now it is utilizing both links but the download speeds still suck. I go do some forum browsing and stumble across a post that indicated the router won’t throttle download speeds based on the WAN configured speed values, but it will throttle the Upload stuff. I checked the iPads upload throughout and it is right at 4 mbps. So, the download is being limited by not being able to send tcp responses back out. I changed the upload values back to 4 for both links. I am getting full throughout on both links concurrently. What a wonderful day.
Long story short - if you don’t have guaranteed throughout rates, don’t put the maximum in the download limit - put what you realistically can expect during peak hours. However, since the upload limit is enforced by the router - make sure it is set as close to the maximum that your ISP claims.
Please let me know if I am off base with any of my information. Thanks me happy outbound load balancing!
Well, now I am questioning what the download and upload values DO. I may have spoken too soon about the download bandwidth setting. Is the download bandwidth used to throttle back downloads to prevent the link from becoming over saturated?
I am using group bandwidth control, but only the options that limit staff and guest. I am NOT using the reserved bandwith function.
This is very hard to troubleshoot since there are so many variables outside of my view. My speeds are demarked at the radio gear at my house. I know the values that the ISP has configured. But, I am still unable to get full aggregated download when a single client downloads a file using two ore more TCP sessions.
Is there any documentation as to where the WAN download and upload values are used? It appears to be in more places than just “used for calculating weights for the default outbound policy”.
Don’t think overflow is the best algorithm for your use case ( single client downloads a file using two or more TCP sessions) as WAN1 need to fully congested (>90%) inorder the new sessions will be start forwarded using WAN2. It will still depend the behavior how the connections generated, some applications may generate the sessions first before actually start to pulling the data from the server, thus high chances the sessions generated will forward using the same WAN1.
Do you test before using Lowest Latency (Assume the latency will increase when download start) or Least Used or Weighted Balance ? This should give you better session handling dedicated for your use case ( single client downloads a file using two or more TCP sessions) whereby sessions is forwarded first before really need to check WAN1 saturated conditions.
Quick reference for the defined WAN interface Download/Upload Speeds are used :
WAN Upload Bandwidth
Limiting upstream bandwidth for the WAN
Outbound policy for algorithm Overflow, Least used
QOS
WAN Download Bandwidth
Outbound policy for algorithm Overflow, Least used
I have tried almost every algorithm you guys provide. I have never been able to get it to work exactly how I want.
I guess what I really want is a “Every other connection” type of algorithm. Basically, I know the destinations I want balanced – they are all the content distribution networks. It would be great if I could configure by destination IP/Hostname and have it use WAN1 for connection 1, WAN2 for connection 2, WAN1 for connection 3, WAN2 for connection 4, etc.
Any ideas on how to accomplish that? The lowest latency is close. Least used could work (maybe).
It sounds like you should be using a weighted balance algorithm. You would set the upload and download values per WAN and then weight the WANs accordingly in your rule. There isn’t a simple round robin that just switches traffic back and forth as round robin rules don’t take into account the actual capacity of the connection. If you want to get more advanced you can use an outbound policy rule and set the destination as the domain you are trying to have this rule apply for, then set the weight rule for that domain. You’d be making a rule per domain/ip unless you want the rule to apply to the whole network for all traffic.
I tried as you suggested @Kevin, but unfortunately - it didn’t work.
The Xbox (at least mine) is making 4 concurrent download requests to the same outbound IP. I am afraid anything other than Round Robin would be a roll of the dice at best.
One solution could potentially be a modulus equation inside of an outbound policy. The source port numbers seem to be sequential. Even srcPort % 2 == 1 → WAN1 and srcPort % 2 == 0 → WAN2 would get the job done. I see a feature request in my future. I am thinking of a new section in the router config specific to gaming – it needs to be optimized. Marketing would have a field day – take a look at NetDuma, they are doing pretty well and their feature set is pretty wack.
In my case, it is all http traffic. I can see how persistence would cause issues though.
I don’t fully understand the https persistence rule either. I get that it will keep existing 443 requests tied to the WAN that it first went out on based on source IP. My https persistence rule is at the bottom of the outbound policy rules, so I don’t think it ever gets hit. I use Overflow for VLan level outbound policy, and it never seems to Overflow to the second WAN. So, 443 is kind of being persisted, but just by luck. There isn’t anything Guaranteeing it. Seems that https persistence should go by source and destination. Why isolate all 443 traffic from a single source to one WAN, there could be several destinations that wouldn’t require source IP to remain constant.
I wonder why there isn’t a round robin algorithm. It seems that it would be the easiest to implement since there are very few variables required to make the routing decision. Seems it would have been the first to be implemented as it is a basic FIFO type of logic.
