Switch to Peplink


#1

I currently have a network 10.11.12.xxx with a connected WAN DSL provider. I will shortly get another provider with cable, in addition to DSL. Let’s say that router is in the 10.11.13.xxx network. All my devices with static IP adresses are between 10.11.12.1 and 10.11.12.99 and I do not want to reconfigure them all. When I get my Peplink (380 - it’s on its way), what are the steps to take? I was thinking of changing the modem/router connected to the DSL to 10.11.14.xxx, connect the cable router (10.11.13.xxx) and then create a network with the Peplink on 10.11.12.xxx, so I don’t have to change my static devices. Does this sound good?

Also, as for incoming connections, I suppose I’ll need to specify somehow if it uses the DSL or Cable connection through the Peplink? How can I specify this?
Lastly, if I use an (external) VPN or Proxy on a device connect to the Peplink, will it manage to send that data over both WAN ports? Doesn’t the external VPN or proxy server get confused somehow?


#2

Hi Fredzer,

It would be best if you could paint us a picture of how your existing network looks like - if you want to share confidential information with us, we can always submit a private support ticket on our website.

To answer your other questions:

For incoming connections, it will depend on what IP address the remote client is connecting to - if it is an IP on the DSL then the client will connect through DSL. If we are however looking to use Peplink as your authoritative DNS server for inbound load balancing then it would depend on Peplink configuration because Peplink in this case will be the one telling remote client which IP to connect on. We can read more at http://www.peplink.com/index.php?view=faq&id=123&path=19

For your other devices on Peplink LAN that we want them to be going out on a particular WAN so as to not to confuse remote peer, we could take advantage of our outbound policy e.g. priority. We can read more at http://www.peplink.com/index.php?view=faq&id=110&path=19

Thank you again for your business Fredzer :slight_smile:
Kurt


#3

It’s a simple network now: just a DSL with WAN IP, and then all devices in the 10.11.12.x range. Some static devices (under 10.11.12.99) and a few DHCP ones. When the Peplink arrives, I’ll be adding a cable connection with another WAN IP, and I’d like to keep all my devices in the same IP range 10.11.12.x so not to change the static addresses. I was thinking of changing the modem/router connected to the DSL to 10.11.14.xxx, connect the cable router (10.11.13.xxx) and then create a network with the Peplink on 10.11.12.xxx, so I don’t have to change my static devices. Does this sound good?


#4

Can you be more specific? I won’t host any domain names on this network - I’m just using DynDNS for access to some servers. I could register a domain for the Peplink, if this adds to functionality. But how exactly would this work?


#5

Hi Fredzer,

That is exactly what this article at http://www.peplink.com/index.php?view=faq&id=123&path=19 is for with graphical illustration of how we could take advantage of DNS for inbound load balancing. Have a look and see if this is something we are after.

Thanks,
Kurt


#6

Hi Fredzer,

By having some static devices under 10.11.12.99, are we referring to having another router at 10.11.12.99 NAT’ing for your static devices> Sorry we are having troubling picturing what we have in your existing network and how you are looking to deploy the Peplink with the new cable - is there anyway we could have a network diagram? We could then devise the ideal solution for you.

Thanks,
Kurt


#7

Here you go:


It’s actually quite a simple network - just one router per WAN connection and 1 DHCP server for the whole network handing out 10.11.12.100-253 (this will probably be the PEPlink). I’d like NOT to use drop-in mode.


#8

Hi Fredzer,

Thank you for the diagram and yes essentially this is the topology we are looking at.

Are we open to configure the DSL and cable routers in bridge mode once we have Peplink onboard? It will be a neater solution if only Peplink is NAT’ing for the whole network. Peplink will be the default gateway for all hosts in 10.11.12.0/24. We can configure DynDNS on Peplink WAN port too.

Thanks,
Kurt


#9

Yes, indeed, that would be ideal. How would I go about to configure everything at that time?


#10

That is perfect Fredzer,

The migration should be pretty forward - essentially we want to have the same setting today on your DSL router on Peplink.

Say we have the DSL and cable routers in bridge mode, and Peplink has the public IP directly on its WAN interfaces.

First of all we want to change Peplink LAN to 10.11.12.0/24 and Peplink LAN IP to 10.11.12.1 with DHCP server enabled - there should be no change to all the other static or dynamic computers in the network i.e. they are still assigning themselves a static IP or being assigned a dynamic IP, in the subnet of 10.11.12.0/24. All of them point to 10.11.12.1 as default gateway. We can refer to Balance user manual section 9 Configuration of LAN Interface if we need elaboration.

We would want to configure Dynamic DNS on Peplink WAN - we will select the service provider we use, enter the username and password as usual, should be no different to what what had before, and this is covered in Balance user manual 11.6 Dynamic DNS Settings.

Then there comes inbound port forwarding to allow inbound access to your servers - on Peplink web admin page we will want to define the servers by IP address first and then forward ports to them as appropriate. This is slightly elaborated than what we had before on your DSL router with only a single WAN link because now we have two. Have a look at this page at http://www.peplink.com/index.php?view=faq&id=165#NAT for a graphical illustration and the Balance user manual 15 Inbound Access will walk you through the setup.

That should be about everything and of course Peplink comes with a bundle of enterprise features we could take advantage of. Feel free to browse around the Balance web admin page to learn more :wink:

Thanks,
Kurt


#11

Does this mean I cannot use the external proxy over both outgoing WAN connections? This is quite important to me. The external proxy has no limits.


#12

I have reviewed the DNS information on your website. It remains unclear for me how the DNS server resolves exactly. Suppose I want to have ftp.domain.com to go to my FTP server, located on 10.11.12.20. What exactly should I configure at the authoritative external DNS Server as DNS records?


#13

Kurt, could you answer my last two posts? Thanks


#14

Of course Fredzer,

What external proxy do we have? If your proxy is not source-IP sensitive then we do not need to specify any Priority rule - the Priority rule was just to ensure the specified outbound traffic will have the same source IP address so as to not confuse the remote peer receiving the packets.

Maybe a graphical illustration below will help? Essentially the DNS query will be passed to Peplink Balance which will, depending on its WAN connection status and user-defined configuration, resolves the query to its WAN IP address accordingly, remote FTP client will then connect on this IP address to Peplink Balance and Peplink Balance given its port forwarding settings will forward the inbound connection on TCP 21 to the FTP server on Peplink LAN at 10.11.12.20.


And if we want to take a closer look at the configuration involving probably some more sensitive information of your domain and network, we can exchange these information by filing a support ticket at http://www.peplink.com/contact/support/

Thanks,
Kurt


#15

Thanks, but in the image you posted, it seems that wan1balance and wan2balance must have an A record to both WAN IPs. These, however, are dynamic. Will a CNAME work as well (a CNAME for wan1/2balance pointing to DynDNS)?


#16

Kurt, one more question: both WAN routers have an administration interface, to which I occasionally have to connect. If the Peplink has IP 10.11.12.1, how can I connect to the routers (via web) at 10.11.13.1 and 10.11.14.1, as they are located in another subnet?


#17

Yes indeed if we have dynamic IP addresses we would want to use CNAME instead of A record pointing to the DDNS hostname.

I believe Peplink WAN interfaces will be in these subnets e.g. Peplink WAN1 in 10.11.13.1 and WAN2 in 10.11.14.1? If so Peplink will know which interface to route accordingly.

Thanks,
Kurt


#18

Actually, it seems the cable router cannot be configured in subnet 10.x.x.x. So it will stay in 192.168.0.x while the DSL router will be in 10.11.13.x. And the Peplink 10.11.12.x. Does this matter? Will both administration interface still be accessible from devices connected to the Peplink LAN?


#19

I now have the 380 installed. It seems when I download a file, only WAN2 (100/5) is used, and not WAN1 (30/10). I want downloads to go through BOTH interfaces. How do I configure that?


#20

Hi Fredzer

This page on our Knowledge Base at http://www.peplink.com/index.php?view=faq&id=111 with graphical illustration should better explain how we could take full advantage of Peplink for load balancing in your environment.

Trust that you will be enjoying your Peplink.

Thanks,
Kurt