3 Routers 3 connections 1 network

January 13, 2010 at 15:54:04
Specs: OSX
We have 3 DSL lines from the same ISP with approximately about 7 static IPs each. Each computer on our network needs one static IP (about 12 computers). We would like to maximize our available bandwidth while still being able to be on one network (share printer and database server). What is the best setup to accomplish this? We also have a 16 port Linksys switch at our disposal. 2 of the routers have DD-WRT on them and the last one is an Airport Extreme.

I've read it is possible for DD-WRT to do dual/triple wan configurations, but nothing I read seemed to fit or situation with static IPs.


See More: 3 Routers 3 connections 1 network

Report •


#1
January 13, 2010 at 16:58:01
Shame your ISP just didn't give you higher megabits on a single line. These 1.5mbps links? 21 ips. OK.

Couple of things I think you need to understand first.

Is your ISP providing firewall services for these static ips? Not NAT but firewall services like denial of DOS attacks, stateful packet inspection, port scans, reporting...

If not then you need to provide those services. Otherwise you are raw on the internet and prey to the simplest port /service pack exploit.

To accomplish the criteria you set is easy if you assume all the isp provided ips are in the same subnet.

Connect the dsl lines to the switch. That fills three ports.
Connect the twelve pcs to the switch. Ths fills 12 ports for a total of 15 in a 16 port switch.
Manually assign the ips to the pcs.

or did they give you three different subnets?

The only difference between the three lines is the gateway ip [still assuming single subnet].
If you wanted to load balance your 12 pcs you would put 4 pcs on gateway1, 4 on gateway2 and so forth.

BTW you can't do three lan router config without the physical ports. After all each dsl line has to connect to something in the router, right?


Report •

#2
January 13, 2010 at 18:12:45
Yea this wouldn't be problem at all if they just had better lines available in this area.

I'm going to assume there is no dedicated firewall provided by the ISP, So I'd prefer at least one router between the internet and our intranet.

Can I just plug each dsl line into a router then into the switch? Then put each computer onto the switch and then manually point each computer to one of the 3 gateways? Would that just end up bypassing the routers?


Report •

#3
January 14, 2010 at 07:20:19
what is your ip addressing? All in the same subnet or different subnets?

Assuming the ISP provides no firewall services and you have public ips router alone is no protection.

What are your ips? You can drop off the last octets like 192.168.x.x
if different
192.168.y.x
192.168.x.x for example


Report •

Related Solutions

#4
January 14, 2010 at 07:31:59
I'd like to know why you need all those static IP's. Are you running web servers on the internet?

If not, then you could be using whatever private IP class for your LAN.

It's also worth noting that even if you were running multiple web servers, it would be better to put them in a DMZ and offer them some protection while still protecting your LAN.

I can't see how DD-WRT could offer load balancing since your SOHO router only has one WAN port. I believe in the case devices designed to support dual ISP's they have dual WAN ports. You could achieve a sort of load balancing using the method wanderer described above.


Report •

#5
January 14, 2010 at 08:40:59
2 of the 3 connections are relatively close, and share the same first 2 octets, the last one has none of the octets in common.

We have a few servers, but mostly it was part of our previous security system which only allows certain users to access certain data on other hosted servers.

I don't have a problem sticking all those servers on one connection though, they are not too bandwidth intensive.

Also, DD-WRT has the capability to change one of its lan ports into an additional wan port. The hardest part of that configuration is find out how to issue multiple static ips from each connection.


Report •

#6
January 14, 2010 at 10:06:36
You have three different subnets. That is a problem. This makes it impossible to have one lan subnet given you want to use these static ips on the pcs/servers. It would require a router between subnets which requires nat which defeats the static ips.

You can't use all of those static ips.
You can't use all three connections. You can only use two.

For a router to route you have to have two different subnets, one on the wan and one on the lan. Given you want to use the statics you can't have two subnets. This means you can't nat.

Only solution is to drop using the statics to one except on one line where you would have 7.

I don't see your ww-drt [which usually is done to support WDS] router doing what a real dual port router does which is load balance/failover for the links.

This means;
Dsl1 has one static ip to assign to the router1 wan interface1
Dsl2 has 7 static ips
You drop Dsl3 unless ww-drt supports wan link balancing/failover.

You set Dsl1 router to provide dhcp ip to the lan with only a single gateway.
Dsl2 goes to your "dmz" for the servers using a switch [you can use one of the routers as a switch].

Now the problem becomes you have two networks, pc net and server net that can't communicate.

What you can do is enable rdp on the server(s). Change their listening port
server1 rdp listening 3389
server2 rdd listening 3390
etc.

You would enable port forwarding on the dsl3 router so
router2 forwards port 3389 to server1
router2 forwards port 3390 to server2
etc.
This would allow you to remotely admin the servers via rdp via the internet.

Otherwise you are back at the switch only and all three subnets can not communicate. You would do manual ip assignments.


Report •

#7
January 14, 2010 at 13:19:21
hmm, that's a bit disheartening to hear. I'll continue to work on getting the DD-wrt solution until perhaps someone comes up with a better solution.

Report •

#8
January 14, 2010 at 13:32:25
dd-wrt solution.

Think about this for a moment. How are you going to NOT nat with a router?
Answer is you bridge.
How are you going to bridge three interfaces [assuming 1 wan and 4 lan ports and you are going to use three for wan] to two?
Answer is you can't
If you do nat you can't use 21 ips in three different subnets
If you want a contigous lan it needs to either be in the same subnet or have routers between the subnets

Instead of trying to make do with a plan that can't work consider a new plan that involves a 3 wan interface router that also supports having a dmz.

Or get your isp to provide 21 ips in the same subnet over three lines.


Report •

#9
January 14, 2010 at 14:05:57
I don't have to utilize all 21 IPs. i'm fine with a dual wan setup, as long as 10-12 computers/devices can see each other on the same network.

Having the third lines speed and all 21 ips available would be icing on the cake though.


Report •

#10
January 14, 2010 at 14:38:24
You can do a dual wan setup
You just can't use any of those ips for the lan since you will have to do nat.

Closest you can get is what I outlined in #6

Or give a serious rethink to the game plan. Three lines and three different ip subnets doesn't get you in the ball park of what you want to do. Did you explain what you wanted to accomplish to the ISP or just you just order the lines?


Report •


Ask Question