Changing ISP's

airbornflghtairbornflght Houston, TX Icrontian
edited January 2008 in Science & Tech
Ok, I'm looking to change ISP's.

Right now we have a 10 megabit fiber line coming into the house that we pay $750 a month for.

I contacted suddenlink cable today about internet and I can get a 12/1.5 line for $500 a month or a 6/1 for $220 a month.

Both lines are business, dedicated, and 80% bandwidth guaranteed. So bare minimum I will get 9.6 mbps.

What I want to ask. Is if I get a dual wan router, or build a computer and lay a software router on top such as IPCOP, and get the two 6/1 connections. Will they run in serial when they are loadbalanced so that I will effectively have 12/3 connection minus overhead? If so I would really like to do that.

Otherwise if the speeds don't add together would there really be an advantage of two seperate connections and load balancing them?

What would you do? 12/1.5 or two 6/1?

I just now got put in charge of IT here so I'm working on quite a bit of stuff and my first goal is to cut $250 off of ISP bill and funnel that into rennovating the network. I will post a roadmap here later of what I want to accomplish and hopefully I can get some thoughts on it. This is my first big 'job' when it comes to the ammount of control I have. It's a little overwhelming to tell the truth, but I'm really excited about it.

Comments

  • kryystkryyst Ontario, Canada
    edited January 2008
    The biggest benefit you'll see from going with the two lines, isn't so much the download, load balancing it'll be a slight gain in your outgoing. If you setup QoS and getting it working your 12/1.5 line will give you overall faster incoming then load balancing between the two 6/1 connections.

    Now one question as I'm not familiar with your setup. Is your current 10meg fiber bi-directional. I know where I am all business class fiber connections are bi-directional so a 10 meg connection is 10/10, which is usually why they are so much more.

    Depending on what you are doing having your outbound connection drop from 10megs to 1.5 megs could have a significant impact.
  • mas0nmas0n howdy Icrontian
    edited January 2008
    I have a client who is on Verizon Business class FiOS with 15mb/15mb for >$150/month on a 2 year contract. It sounds to me like you are getting the shaft... Granted, Verizon is not available everywhere, but I assume you have shopped around? And ditto on kryyst's comments about upload, 1.5mb is pathetic for those prices and just plain unacceptable for a network of more than a few people.
  • fatcatfatcat Mizzou Icrontian
    edited January 2008
    why would you ever leave a fiber line for cable?.....

    yes those prices suck....but
  • GrayFoxGrayFox /dev/urandom Member
    edited January 2008
    Your not loadbalencing multiple wans with ipcop. You will need something like shorewall (+DHCP +Bind9). configuration will be much more complex, difficult and only via command line/config files.

    I think PFsense supports 2 wan connections and it has a web interface.

    The cheapest easyest option would be to get 2 adsl lines, Run each into a separate firewall and just set a range of ip addresses (150+) to use the other as the gateway.

    But yah cable generaly sucks. Higher latency then dsl/fiber, The isp's tend to be nazi's and thorttle bit torrent generally as well with cable.

    I wouldn't leave the fiber line unless you go adsl2 or with another fiber provider. Also remember if you have alot of users and ANY are running any p2p 1.5 megs of upload is pathetic.

    edit: The best option in your case would probably be shorewall, You could get by with that cable connection if you ONLY allow http traffic,msn,ssh,telnet,ect. (ACTIVELY BLOCK EVERYTHING ELSE, including uncommon games) you will also need QOS setup and you will probably be a VERY unpopular person if you axe the fiber line and have to start blocking everything.


    REMEMBER TO KEEP IN MIND with those business connections your liable with almost all isp's if anyone does anything illegal on them and you cant provide logs that prove who did it. The person who did it is the person who owns the connections (Illegal examples= Hacking, Childporn)

    Edit: You could probably do what you want to do with a windows 2003 server (I think the package on it is called IAS), I don't know much about it but linux users won't have DNS services same with mac users and some video game consoles. (At least with the way my school has it setup).

    edit: If you do go with pfsense, It also supports vlan trunking so you could put say every 4 rooms on there own VLAN (Limit arp cache poisoning and other security risks to very small parts of the network)
  • airbornflghtairbornflght Houston, TX Icrontian
    edited January 2008
    Yeh,

    Its a business class cable service so it's a dedicated line and it is wide open for what I want to use it for. I talked to a consultant/account manager and he insured me that traffic wasn't shaped or throttled. And my fiber connection isn't that great. I just ran a speed test and I got 5200/296, and I highly doubt anyone else is up on the internet at this time in the morning. So they are no where close to symmetrical. There aren't even that many people on the network right now. And changing from fiber to cable isn't a question. It has to be done because we are getting overcharged.

    I would really rather not give up the fiber line, but we aren't getting rated speeds, it costs way too much, and I need to funnel the extra money into repairing and upgrading the network. And as far as I'm concerned no one needs to be doing p2p on a shared connection anyway. I am blocking it now and still have a couple clients running but only get like 5 KBps, and if they want to run them like that then ok, but other people need the bandwidth more.

    I know we're getting raped, but it is a market with two big providers. We can either go with Chickasaw which is who we're with now, or suddenlink who will give us better rates. Other than that there aren't any.

    And we can't just get business class internet. Because we are legally considered a boarding house so we have to get a service that we are allowed to "resell" to tenants. It falls under the service theft laws even though we are all under one roof and one address. Kind of stupid but it's the law.

    I am aware that we are liable, which is why I am investigating ways to log traffic, aka cover my ass.

    Here is my road map at present

    1. Repair/replace broken network runs with Cat. 6
    2. Replace remaining runs with Cat 6.
    3. Upgrade switches to gigabit
    4. New router
    5. Wireless common rooms.

    I talked to one of the local isp's in town, and the guy there that ran it told me about a router called mikrotik. Anyone have experience with it? He could only do 1.5 max and I was talking to him about the network and he recommended it. I need something that is halfway intuitive so that when I leave someone can learn how to use it relatively easily if need be.
  • GrayFoxGrayFox /dev/urandom Member
    edited January 2008
    Yeh,

    Its a business class cable service so it's a dedicated line and it is wide open for what I want to use it for. I talked to a consultant/account manager and he insured me that traffic wasn't shaped or throttled. And my fiber connection isn't that great. I just ran a speed test and I got 5200/296, and I highly doubt anyone else is up on the internet at this time in the morning. So they are no where close to symmetrical. There aren't even that many people on the network right now. And changing from fiber to cable isn't a question. It has to be done because we are getting overcharged.
    How many people are you serving, You probably have a bit torrenter or 2.
    I would really rather not give up the fiber line, but we aren't getting rated speeds, it costs way too much, and I need to funnel the extra money into repairing and upgrading the network. And as far as I'm concerned no one needs to be doing p2p on a shared connection anyway. I am blocking it now and still have a couple clients running but only get like 5 KBps, and if they want to run them like that then ok, but other people need the bandwidth more.
    To block bit torrent you will have to block EVERYTHING other then standard protocols(This will also block online games and such).
    I know we're getting raped, but it is a market with two big providers. We can either go with Chickasaw which is who we're with now, or suddenlink who will give us better rates. Other than that there aren't any.

    And we can't just get business class internet. Because we are legally considered a boarding house so we have to get a service that we are allowed to "resell" to tenants. It falls under the service theft laws even though we are all under one roof and one address. Kind of stupid but it's the law.

    I am aware that we are liable, which is why I am investigating ways to log traffic, aka cover my ass.
    Awesome, Thats the right plan, You will need a transparent proxy server inorder to do that effectively.
    Here is my road map at present

    1. Repair/replace broken network runs with Cat. 6
    2. Replace remaining runs with Cat 6.
    3. Upgrade switches to gigabit
    4. New router
    5. Wireless common rooms.
    Gigibit would be a very bad thing if you have local file sharers, It will also increase your overall cost substantially. (You will need 10 gig uplinks on the switch to do this right). The best plan would be 10/100 to clients with a gigabit uplink on the switch (Running to the core switch, Where servers are connected).
    I talked to one of the local isp's in town, and the guy there that ran it told me about a router called mikrotik. Anyone have experience with it? He could only do 1.5 max and I was talking to him about the network and he recommended it. I need something that is halfway intuitive so that when I leave someone can learn how to use it relatively easily if need be.
    Ive never heard of them before.


    If you can let us know, How many people your serving ?, What the current average traffic is, And what protocols have the most traffic. Im sure most of us could help you set something up.
  • airbornflghtairbornflght Houston, TX Icrontian
    edited January 2008
    Right now I'm serving 40 people, but within 2 years closer to 100 people are projected. Which would probably be closer to 150 clients once xboxes and the like are taken into account.

    I can't tell you how much traffic, or what protocols are going through because I don't have any usage statistics. Right now the fiber runs into the transceiver, then into the cheap netgear consumer wifi router, then that is uplinked into two 48 port switches. I plan on purchasing 3 48 port switches.

    But wouldn't you agree that gigabit is a more future proofed option as well as being able to handle xbox/computer lan traffic? It is very noticeable right now when 15 xboxes link up over the lan. The main thing I was trying to accomplish with gigabit is to one: future proof our network and 2: achieve greater network throughput for file transfers and also not 'feel it' so much when everyones lan gaming.

    And the way I figured it is that 99% of people will have 100 megabit interfaces so it's not like anyone is going to be hammering the network with file transfers aside from me :D 90% of the traffic is either general http/email and gaming (xbox)
  • mas0nmas0n howdy Icrontian
    edited January 2008
    You'll spend the same amount of money on QUALITY 10/100 switches that you would on MEDIOCRE/POOR 10/100/1000 switches. Unless you are doing LOTS of in-house file transfers, no single client will need more than 10/100 and your switches won't be retarded under full load.

    /$.02
  • airbornflghtairbornflght Houston, TX Icrontian
    edited January 2008
    Recommendations?

    I know the gist of what I'm doing, but I'm missing the fine details, and more importantly, my lack of experience is most visible when it comes to knowing suppliers/brands such as where to buy and what to buy. For the most part I know what I need in the abstract such as features, but I don't really know what brands are reputable but also cost effective.

    And I thought layer 3 were routers? What is this layer 3 switch hub bub? Also, what is the difference between a smart switch and a managed switch? Anyone care to write me a network admin 101 cliff's notes?

    Also, does cat 5e support gigabit traffic? I've read conflicting thoughts on the matter. Does anyone care to elaborate? Because if Cat 5e supports gigabit then is Cat 6 just for like 10gb? I'm trying to soak up as much as possible so that I can make the best decisions possible.
  • GrayFoxGrayFox /dev/urandom Member
    edited January 2008
    Right now I'm serving 40 people, but within 2 years closer to 100 people are projected. Which would probably be closer to 150 clients once xboxes and the like are taken into account.
    150 Clients would need a expensive network infrastructure and expensive leased line.
    I can't tell you how much traffic, or what protocols are going through because I don't have any usage statistics. Right now the fiber runs into the transceiver, then into the cheap netgear consumer wifi router, then that is uplinked into two 48 port switches. I plan on purchasing 3 48 port switches.
    Make sure to get good switches, I suggest a layer3 gigabit switch for the core switch if you have lots of intranet traffic (Local File Sharers), Netgear makes a good switch. If you can't afford a layer 3 (Probably a grand) get a layer 2 (There not as fast but a layer 3 switch with 10/100 client switches that have gigabit uplinks shouldn't have any bandwidth issues.) If you just go with gigabit switches all the way you will run into a problem at the weakest point (The link to the other switches) in theory a single person can saturate that link.

    I also suggest encouraging local filesharing (But not taking responsibility for illegal files shared) and doing everything in your power to block sharing over the internet. If you encourage local sharing and have a good well designed network

    infrastructure, If you put them on separate vlan's they will suffer from slow network preformance but increased security
    But wouldn't you agree that gigabit is a more future proofed option as well as being able to handle xbox/computer lan traffic? It is very noticeable right now when 15 xboxes link up over the lan. The main thing I was trying to accomplish with gigabit is to one: future proof our network and 2: achieve greater network throughput for file transfers and also not 'feel it' so much when everyones lan gaming.
    If you go gigabit and theres lots of file transfers between switches you will see a nice little CONNECTION PROBLEM message if the uplink on the switch runs out of bandwidth. 10/100 is far more then you need for gaming, And with file sharing its sitll pretty dam fast.
    And the way I figured it is that 99% of people will have 100 megabit interfaces so it's not like anyone is going to be hammering the network with file transfers aside from me :D 90% of the traffic is either general http/email and gaming (xbox)
    I haven't seen a new machine since 2004 ship without gigabit.


    I recommend the following hardware for your setup.

    Netgear 7212 (Can be bought on ebay for around $200 used its $500 new)- Ive been running one of these since the summer, With the latest firmware its surpassed all my expectations (Stock firmware was crap). Firmware upgrade was efordless I just TFT'ED it over and reset everything to defaults. It supports Class of service, Port security, 802.1Q trunking and many more features. It has 12 ports gigabit Also supports SFP fiber. I use it as a core switch at home and transfers faster then my hard-drives can, Supports SSH for managment along with telnet and a web interface. The command line is similar to cisco's almost all the commands are the same, Easy to configure both from the command line and web interface. If you have your CCNA this should be effortless to setup properly.

    Netgear FS726T (Can be bought for around $170 new)- This switch is great for a 24 port fast ethernet switch, and features both a SFP uplink and gigabit uplink. (Plug that into the 7212's SFP port for a 2 gigabit connection.) Its not managed hence its low price. But you can implement the managed features you need on the core switch.

    For your current amount of people a p3 1GHZ with a scsi hard-drive and 512MB-1GB of ram that has good network cards (3com or intel), A good motherboard and a good psu . Should be fine (Any old dell/sun/hp server off ebay/creigs list around these specs will do).


    Recommendations?

    I know the gist of what I'm doing, but I'm missing the fine details, and more importantly, my lack of experience is most visible when it comes to knowing suppliers/brands such as where to buy and what to buy. For the most part I know what I need in the abstract such as features, but I don't really know what brands are reputable but also cost effective.
    And I thought layer 3 were routers? What is this layer 3 switch hub bub? Also, what is the difference between a smart switch and a managed switch? Anyone care to write me a network admin 101 cliff's notes?
    Layer 3 switches are high speed switches, They typically have much more ram and cpu then layer 2 managed switches and have much more features. A smart switch is also known as a unmanaged switch, Managed switches are much more powerful switches that can do much more, Such as class of service (Quality of service on the switches end), Web interfaces for configuration (See the documentation of the switch for more info)
    Also, does cat 5e support gigabit traffic? I've read conflicting thoughts on the matter. Does anyone care to elaborate? Because if Cat 5e supports gigabit then is Cat 6 just for like 10gb? I'm trying to soak up as much as possible so that I can make the best decisions possible.
    Cat5e should have no problem with gigabit as long as its not cheep overseas cable (Made in china). I can run gigabit over cable from delco without any issues. Cat 6 simply has more bandwidth (For furure use) and is harder to run (Cable is stiffer).
  • airbornflghtairbornflght Houston, TX Icrontian
    edited January 2008
    I'll be very blunt about this, I don't have my ccna, and I've heard cisco's ios is hell on earth if you don't have the certification. How much studying/time do you think it would take for me to learn the essential things? I am more than glad to read a couple books or else take a class at the vocational center during summer.


    Perhaps it would be beneficial for me to outline what we have right now. It's a fairly simple network.

    attachment.php?attachmentid=24653&stc=1&d=1200004405

    Do you have a different recommendation for network topology?
  • GrayFoxGrayFox /dev/urandom Member
    edited January 2008
    I'll be very blunt about this, I don't have my ccna, and I've heard cisco's ios is hell on earth if you don't have the certification. How much studying/time do you think it would take for me to learn the essential things? I am more than glad to read a couple books or else take a class at the vocational center during summer.


    Perhaps it would be beneficial for me to outline what we have right now. It's a fairly simple network.

    attachment.php?attachmentid=24653&stc=1&d=1200004405

    Do you have a different recommendation for network topology?
    You could use that current switch setup. Just run a cable on gigabit between them.

    Whats your current router ?.
  • airbornflghtairbornflght Houston, TX Icrontian
    edited January 2008
    Funny you should mention that.

    Netgear RangeMax™ Next (Draft 802.11n) Router

    I wasn't too happy about it when they bought it. I told them to spend the extra money and get a good router. But.. they went to staples and bought that. I do give it props that it is handling the load so far but it isn't really that configurable. and I am convinced that port forwarding on it doesn't work. I have some ports forwarded to my ip (static) and they are coming back as not forwarded.

    I am really wanting to replace the switches. as they are approaching ten years old and I just don't trust them. I've had a couple dead ports and had to do a little bit of cable shuffling, but not a huge problem. I'd feel better with a switch that could handle more throughput.
  • GrayFoxGrayFox /dev/urandom Member
    edited January 2008
    Humm if the ports are starting to die you might have problems in the future.

    Im surprised that router is able to handle everything, Your probably not using as many bandwidth or connections as I thought, You might be able to get buy with a ipcop box and a single cable connection with just QOS.
  • airbornflghtairbornflght Houston, TX Icrontian
    edited January 2008
    I know we aren't using tremendous amounts of bandwidth all the time. The time when I run into problem is during the peaks. That's when the router chokes out. And I think I may have come to a realization. I may have a 10mb line, but perhaps the router can only handle ~4mb of throughput. Because I usually sit around 2500-3000 but never about 4. and my upstream is pathetic. I would hook myself directly up to the transceiver but I'd have 30 or so people bitching at me for 10 minutes of downtime.

    When the router does get overloaded and go into a coma for a couple hours until it sorts things out I don't hear the end of it. Pulling the plug and letting it sit for 20 minutes doesn't fix anything either. I hate that router.
  • GrayFoxGrayFox /dev/urandom Member
    edited January 2008
    I know we aren't using tremendous amounts of bandwidth all the time. The time when I run into problem is during the peaks. That's when the router chokes out. And I think I may have come to a realization. I may have a 10mb line, but perhaps the router can only handle ~4mb of throughput. Because I usually sit around 2500-3000 but never about 4. and my upstream is pathetic. I would hook myself directly up to the transceiver but I'd have 30 or so people bitching at me for 10 minutes of downtime.

    When the router does get overloaded and go into a coma for a couple hours until it sorts things out I don't hear the end of it. Pulling the plug and letting it sit for 20 minutes doesn't fix anything either. I hate that router.

    Theres the consumer routers I know and love.[/sarcasm]

    I haven't seen throughput on any consumer router higher then 8 megabits, Even the best business ones die at around 256 simultaneous connections. I suggest finding a old P3 and putting up a ipcop box asap and seeing how it runs. Configuration is simple and straight forward. Also drop a gig of ram in it and enable transparent squid proxy.
Sign In or Register to comment.