Need advice...and the backstory.

The Cobra

2[H]4U
Joined
Jun 19, 2003
Messages
2,775
During my day job, I am a Dir of IT for a private school located here in sunny FL. I have a Jr tech that works for me but I handle the heavy stuff mostly. In the evening I freelance as a video editor for my old company located in Seattle doing editing and rendering for them while also attending to other household duties. I also game as well :)

Now, onto the situation: I purchased my first house (2br/2bath) late in 2019. The house had all the major work done and need cosmetic updating. We've redone the bathrooms, repolished the terrazzo flooring, opened up the entire kitchen and living room by having a professional put in a load bearing wall which also allowed me to rewire the entire house with Cat6a and new Coax with two punchdowns in each room. We left the kitchen the same for now as we don't want to go over budget. Also did a lot of manual labor landscaping during the covid stuff. In July of 2020, my mother called and told me she wanted to semi-retire. She has been in the medical field for the last 40 years and divorced the last 20 and is a workaholic still at 68 and pinches pennies. Her hospital chain offered her a position here with shorter hours. She said yes. She called me up with a proposal and asked if she could convert my garage (Also known in Florida as a storage room) into a living room for her, a room for our washer and dryer, new bathroom and an added upstairs bedroom for her. We both said yes.

At my house I nerd out, I have Sophos Firewall and two POE AP's (AC, 4x4) with excellent coverage all over the house. Internet wise, I have Frontier Fios 1GB service for $62 a month. The problem is she wants the entire TV package: Box, DVR and On-demand. I have not had cable in 15 years except to provide internet. For my husband and I, everything has been Netflix, Disney+ and and other for different services with family members, lol. We spend $94 a month for ISP and online services. Frontier partners with DishTV and doesn't offer "Cable Box" service anymore. I don't want a sat dish on my house as I already have an OTA digital dish for my TV's over coax. She is coming down in three days for 10 weeks. I researched Spectrum and they have a package that is $129.99 a month (tax included) for the spectrum app (All the channels and ondemand) and Internet (600/50) The guy came out today, I own a DOCIS 3.1 modem and had him use that to provide her TV services. In order to use the Spectrum App (No need for a box anymore) and all its features, it requires a spectrum connection.

I had the guy run the cable modem onto a table next to my desk in the my main living room. (My Frontier connection is an ethernet ran into my firewall that sits next to my desk where I hardwire into my home network) Question is should I load balance the two connections? I do this at work with our two ISPs for various reasons, so why not at home? I could reroute all of her devices over its own Wi-Fi connection to the spectrum connection with bandwidth to spare. Since I like to play around and have my own sandbox, I said why not since she is paying for it. There is a lot of network traffic as I up/download files that are sometimes multiple 200-400GBs at a time. This happens three/four times a week. On my firewall, you can load-balance and give priority to the connections. I hooked the spectrum up to my firewall with my FIOS disconnected to test the spectrum app and it worked fine and the speeds were pretty close as advertised. I unplugged it and put the Fios back on after the cable guy left.

Is it worth doing just to have fun? I can move the cable modem upstairs and plug it in with it's own Wi-fi (I have an older netgear system) I really don't want another wifi system in the house though. As long as she can watch her tv, everything is cool.

Opionions?
 
Last edited:

SamirD

Supreme [H]ardness
Joined
Mar 22, 2015
Messages
4,196
So to keep the MIL happy and not mess with her stuff, I would simply let your setup be a client on her network and connect that to the sophos as another wan. And I'd set it up for failover or overflow versus primary so nothing on her side gets affected unless you are using your full 1Gb frontier connection.

I've had multi-wan for years (decades?) now and honestly love it, especially when you have multiple isps and have a critical need for internet access. But in your case you can't mess up the primary reason for getting the spectrum line--her service.
 

Nicklebon

Gawd
Joined
May 22, 2006
Messages
696
Why not? You've already said your hardware supports it. Keeps your internal infrastructure clean and tidy, not mention the frequency space. Make all the routing/sdn decisions in a single place. You gain redundancy and your mom is happy. Win/Win. Once you go redundant ISPs at home you'll wonder how ever you ever lived without it.
 

The Cobra

2[H]4U
Joined
Jun 19, 2003
Messages
2,775
So here is the update: Created her own Wi-fi network, routed that traffic over the spectrum connection and it works perfectly. When I got her the cable package, it was $129.99 400/25 all the channels. I had to extend the physical network with one more access point upstairs via ethernet in her bedroom as the concrete wall separating the main living room and her new "den" was causing lag and only connecting at 2.4Ghz. I had a few extra Sophos AP55s lying around at work as we retired them as areas of the school that no longer had dead-zones since our upgrades over the past two years with the new APX series. So I added the spare AP55 upstairs in her bedroom that is out of sight and has good signal strength, problem solved: her devices all at 5ghz and maxing out.

Over the last week, I decided to move the firewall and cable modem to the minirack I had built into the small closet during the reconstruction. I also purchased a used HP ProCurve J9146A switch from ebay for $129. and cleaned up the wiring situation around my desk.

Now onto the load balancing: I am not a network pro by any means. In my early years I did basic networking when I started off in tech support but that was with Token ring support and IPX/SPX. But as my career grew, I became more involved in server work, desktop stuff and advertising/video editing which led to my accidental career in education. I have attached a pic below and weighted the two WAN connections. Now the question is aside from the obvious active/backup, 5 sec failover...what else is the load balancing for? I've had 3 education positions over the last 15 years where I have been the "IT guy" and teacher. We've always had the backup connections for failover. But the connections were always "load balanced" I get good download speed from both, the upload is decent, but Frontier says "speeds may vary from time to time."

It is def cool having two internet connections though :)
 

Attachments

  • wan.PNG
    wan.PNG
    9.8 KB · Views: 0
  • wan1.PNG
    wan1.PNG
    33.4 KB · Views: 0
  • wan2.PNG
    wan2.PNG
    30.4 KB · Views: 0
Last edited:

Nicklebon

Gawd
Joined
May 22, 2006
Messages
696
Now the question is aside from the obvious active/backup, 5 sec failover...what else is the load balancing for?

It is def cool having two internet connections though :)

I'm not familiar with using Sophos but I would assume that it would provide application steering/sdn options so that you could send certain types of traffic over a preferred link or tunnel (underlay/overlay.) In my case I know that one of my ISP sniffs DNS traffic. I not only enforce DoT I also send all of it over the other ISP. I also use quality metrics to send netflix/prime video traffic over the link with the best quality. Another example would be all my son's gaming traffic goes over the DOCSIS ISP while mine takes the fiber path. :)

Assuming your Sophos device allows that in the end the use cases are up to you.
 

SamirD

Supreme [H]ardness
Joined
Mar 22, 2015
Messages
4,196
Now the question is aside from the obvious active/backup, 5 sec failover...what else is the load balancing for?
I'll share what I used it for. Back 2004, the fastest cable modems were 8M/128k. Well, I was shooting aroud 2GB of data each weekend that I needed online by Tuesday. Even uploading 24x7, 128k is only 16KB/sec, so a single megabyte would take 64 seconds, so about 1 minute per megabyte. With only 128k, this meant 33hrs to upload my weekend's work, which would just barely get it all uploaded in time and that's not all I had to do with it.

I was able to get a business connection but it was the same speed and cost 5x as much. So I asked if I could get 3x services, aka 3 different accounts. They were a bit dumbfounded by the question, but they had no issues doing it aside from the fact I would have 3x modems. I didn't have a problem with that as 3x 128k is 384k, which cuts that 33hr time to just 12hrs. And this meant I could start the upload before I sleep and by the time I'm recovered and ready to work, so were the photos.

The way this worked is that I had a minimum of 3x uploads from the lan going, each one maxing out a modem. And the opposite worked if I had a lot of files to download. I once tried a multi-threaded ftp download just to see what it could do and I hit a whopping 1.2MB/sec, which probably maxed out my computer as 24Mbits should yield over 2MB/sec.

As upload speeds creeped up from 128k to 768k and then finally 1Mbit, my upload speeds went from 384k to 2.304Mbits to 3Mbits, which was pretty unheard of in residential Internet at the time. Once they did a big jump to 25/5, that's when I didn't need 3x modems anymore as a single connection was enough, although I did keep 25/5 x 3 for a few months because 75/15 effective speeds was pretty unreal to see in real life.

Today, multi-wan for me make more sense for redundancy at a site level and as dedicated bandwidth for IPsec tunnels to different sites, so not only am getting bandwidth benefits by having the multiple connections as a client on the site lan, but also each site that is connected to another site does so from a single wan, so 2x sites both connect from different wans and have dedicated bandwidth. (I could do failover even for the IPsec tunnels, but that would require moving to all the same vendor's equipment at all sites and I don't want to lock in like that.)

Anyways, that's how I use it. :)
 
Top