Dual and Multi WAN Router Review
Are there some REALLY good ones out there?
by Joe Mehaffey
September 18, 2006 (update on PepLink Balance LB 300 router> The best of the bunch.)
When you really want to have continuously available Internet service
for a mail server or just because your business operations require an
Internet connection to survive, having a REDUNDANT connection seems
like a good way to go. For the past four years, I have had two
and sometimes three broadband connections to the Internet. Mostly
this was done because of the unreliability of a single connection.
In that regard, I will mention some of my experiences with a few
of the local Internet vendors.
1) Prestige Cable Internet (Now Adelphia). This was the first
broadband Internet capability in our area beyond ISDN. I had this
service for about a year around 1998. It was up about 95% of the
time and I had to daily cycle power on the modem to restore operation.
Tech Support tried hard but multiple site visits and trying never
got the reliability above "very bad".
2) Then BellSouth brought DSL (1.5mbps) to our area and I immediately
jumped on the bandwagon. Reliability was MUCH better but still
every few days, I had to cycle power on the modem or on the router to
restore service. Long outages were maybe monthly, but that was
the state of the art. I found the tech support people were
working from a bad script and really did not know how to fix or what to
do if cycling power on the equipment did not fix things. And..
they thought that cycling power on modems and routers was "Normal" and
if operation was restored, then as far as they were concerned, all was
3) After being frustrated by BellSouth for awhile, I opted for a second
line from EarthLink hoping things would be better. And they WERE.
The service was more reliable than BellSouth and when something
DID go wrong, the tech support people were knowledgeable and if not,
would quickly turn you over to a tech support person versed in your
problem. Between EarthLink and BellSouth, I had a good year and
MOSTLY continuous service except when they would go down at the same
time due to problems in the BellSouth network. It was obvious
that EarthLink had the more reliable operation. At the end
of a year, I canceled my BellSouth Contract and got a second EarthLink
line. I made sure the second line came from a separate EarthLink
ISP center so that (hopefully) an EarthLink problem in one ISP location
would not affect both lines. This worked really nicely UNTIL
Earthlink farmed out their tech support to India or some such. We
were back to non-knowledgeable support people reading from a script and
with bad English and no fall back position.
4) Service on the EarthLink local ISPs gradually deteriorated and
tech support seemed to be disconnected and without resources to even
test when problems occurred. Finally when one DSL line when out
for many days and I had to beg for an onsite call for a fix, I had to
conclude it was time to give up.
5) A new local company called SpeedFactory.net had come along and
they had a good reputation locally in the Atlanta area. I phoned their technical
support dept and found them knowledgeable and apparently they had
direct means of troubleshooting line problems immediately. I
signed up with SpeedFactory and eventually had two DSL lines installed
from them. Their service proved very good and when there WERE
outage problems, they were fixed promptly and effectively every time.
Almost every time, it was a problem in the BellSouth network
causing the outage. But the difference was that the techs at
SpeedFactory.net could get BellSouth to "go fix it".
6) By 2005, the overall reliability was dramatically improved
over what was available from prior years. 95% of the problems
turned out to be in the BellSouth network. UNfortunately,
many of these problems resulted in both DSLs going down
simultaneously even though SpeedFactory served me from two different
ISP sources in Atlanta. Since I had moved on to a private mail
server, VOIP and other services needing "always on" Internet, I decided
to diversify back to one DSL and one Cable Internet line. I hoped
that six years had resulted in some improvement in our local Adelphia
Cable Internet service. Indeed, the cable Internet IS now more
reliable, but far less so than my DSL service from SpeedFactory.
Still, when the two DSLs went down simultaneously, the
Cable Internet did stay online. This was what I wanted.. Full
time Internet service.
So.. At present, I have one 3 mbps DSL line from SpeedFactory and one
3mbps Cable Internet line from Adelphia. With the two operating
together, it is rare indeed to find them both out of service at the
same time. It HAS happened one time in the two months I have had
both but that was a power problem resulting from a storm. I can
excuse them for that. Adelphia still has a relatively inept tech
support department. I still have several outages a week which can
only be cleared by cycling power on the modem. Multiple people at
Adelphia have told me that if cycling power on a modem restarts the
connection, It is certain that the problem is in the modem.
This is hogwash. I have tried a SB5100, SB5120 and Samsung
modem and they all do the same. For more information on this,
See for example Cisco's document on WHY CABLE MODEMS DROP
This document spells out MANY reasons
not associated with the customer's cable modem which can
cause cable Internet service dropouts. Maybe when ComCast
takes over Adelphia, things will improve. DSL had similar dropout
problems years ago, but with modern DSL modems, they "almost" always
recover on their own when service is reconnected. There is (I
think) HOPE for the Cable Internet people when their technicians get
out of the "denial mode" and are properly equipped to search for these
difficult to find problems.
MULTIPLE WAN ROUTERS.
I have been searching diligently for a FULL FEATURED and RELIABLE dual
WAN router now for about 5 years. Let me list what I feel are
essential and highly desirable features for a SOHO
dual/triple/quad WAN router.
1) Handles PPPoE and DHCP lines interchangeably. Facility to
enable/disable each WAN without removal of parameters. Online, Offline
and Backup selection modes preferred.
2) Provides DHCP server facilities for LAN clients. (with DNS and Internet Gateway services)
3) Allows the use of fixed IP addresses on the LAN (outside the DHCP
range) and provide DNS Gateway and Internet Gateway services for all
LAN clients regardless of their fixed IP or DHCP configuration.
4) Allows selection of a minimum of 20 custom virtual server entries
with one (or more when needed) ports for each entry as needed.
5) Allows enable/disable of each custom virtual server as needed.
6) Provides separate DNS entries for EACH WAN. Allows DNS on
each WAN by fixed IP entries as well as by DHCP from ISP when
available. This is needed as many ISPs do not allow users outside
their own clients to access their DNS servers and having one list of
"global" DNS servers for the router is often unsatisfactory.
While there are "open public DNS servers", these can be
slower to access than the local ISPs DNS servers and the number
and availability of these public DNS servers is not growing
7) Has a minimum specified bandwidth of about 40mbps throughput to
handle a couple of 6mbps lines. This is to insure that the
additional computing load of routing table and virtual server and other
filtering and routing operations do not slow down the overall
8) Has email notification of selected problems dispatched automatically to supervisor.
9) Has WAN/LAN combine status page accessible via one click from any page in router user interface.
10) Elementary Routing capability to direct (bind) outbound
traffic to particular WANS based on type of service request.
Especially needed to direct VOIP, SMTP and NNTP traffic to
WAN link(s). It should OPTIONALLY be possible to "failover" to
another WAN for any of these services if the service is interrupted on
a particular WAN.
11) Has a method of binding specific traffic (such as https traffic) to
a particular WAN for the duration of a session. This connection
"persistence" is needed to prevent transactions such as banking and
brokerage transactions from being disconnected if the session traffic
is split between two different ISPs.
12) Remotely configurable database via http webpage type GUI.
Optionally configurable via WAN as well as LAN with security.
13) Has a robust and configurable scheme for a "health check" on each
WAN with ability to AUTOMATICALLY put a non functioning WAN out of
service quickly if a WAN fails to be able to pass traffic. One
scheme is to PING a particular URL (such as yahoo.com). This
tests both the DNS server and the ability to pass (at least) IMCP
traffic to the Internet.
14) Has URL LOOPBACK capability so that a LAN user can put in a URL of
a server residing on the local LAN and properly resolve and direct the
LAN client to the local server.
15) Has automatic "failover" and automatic recovery from WAN connection
loss with automatic restoration to service of recovered WAN lines.
16) Has Outbound load balancing to approximately balance traffic on
multiple WANs. Exact balance is not necessary. Either byte
or packet balancing (IMHO) are equally good in the long run.
17) Has DataLogging system with time/date stamp via NTP server to log
WAN failures/restores and other statistics. Log should not repeat
entries but should increment a count of repeat problems such as WAN out
of service to avoid wasting log space. Easy way to reset LOG is
needed. Way of selecting log length (before wrap) is desirable.
18) Inbound and outbound IP and port redirection is desirable.
19) Management Information System to assist manager in
evaluating the functioning of the router and especially the WANs.
Nice to have items:
1) DDNS capability with multiple DDNS service providers.
2) Inbound load sharing with built in DNS server. DNS server has
capability for multiple A records, Multiple MX records, Multiple TxT
records at a minimum. This is a luxury item.
3) Internal DNS server capability to handle multiple domain names is a plus.
4) VPN capability is desirable for a SOHO application router.
5) SNMP capability is nice for a SOHO application.
DUAL ROUTERS I HAVE USED
Over the years, I have explored and used a wide variety of Dual,
Quad and Triple WAN routers. My experiences have varied from good
to bad. It has seemed that I have never been able to ask all of
the right questions to determine the capabilities of the router BEFORE
I put it into service and tried it out. I am hoping that this
paper will assist others in that quest.
1) My first Dual WAN router was a NexLand Turbo 800 Pro. While
NexLand is out of business (absorbed and shut by Symantec), this router
has proved a favorite despite its remaining problems. With the
latest firmware, it has proved extremely reliable when running with two
DSL lines. But they never got it to work reliably with a mix of
DHCP (cable Internet) and PPPoE lines on the WAN ports. Further,
the outbound load balancing never comes close to "balance" but it does
send some traffic over each of the two WANs. This router has been
in service for about 4 years and the hardware has never failed.
The software is totally reliable when run with two PPPoE DSL
lines but fails under high traffic when run with one or two DHCP
connections and this was never fixed by updates.
2) In an effort to find a router to work with a mix of PPPoE and DHCP
lines I then bought a HOTBRICK LB-2 VPN router. This router works
pretty well, but outbound load balance does not work well and it has
had periodic lockups when run with more than one WAN operating.
HotBrick tried to be cooperative and sent several firmware
updates but the periodic "lockups" prevents me from using this one in
my high reliability environment.
3) Next I tried the Hawking FR24 dual WAN router in about 2004.
Unfortunately, this model does not have WAN load balancing nor
does it have URL LOOPBACK or automatic fallover/recovery which are
essential for my applications. I do use the router still as a
"NAT Box" for experimentation and it has proved a reliable performer
within its feature limitations.
4) Next I tried the Edimax PRI-684. This router appears to have
all the features I could ever want. It is relatively easy to
program and functions well. I had the unit for 6 months during
which time Edimax engineers managed to fix almost all of the major
problems. The killer problem for me was that when running with
Lantronix "Terminal Servers", the 684 would not allow even LAN users to
connect to these terminal server units. Edimax studied the
problem but was unable
to resolve it so I returned this unit and received a PRI-885 to
evaluate. (Note 1: In April 2006, I was able to download a
new update to the Lantronix terminal server which "I think" would
correct the interoperability problem with Edimax PRI-684. This
firmware makes the 10mbps Lantronix unit perform additional handshaking
protocols with 10/100/1000mbps hardware which fixed a connectivity
problem with a Belkin 54g access point. This fix may have bearing
on the problem the Edimax had with the Lantronix terminal server as
well.) Note 2: As of August 2006, Edimax has advised me that the
problems I had with the PRI-684 and 885 have been corrected with the
latest firmware updates. I have not retested these units for
5) The Edimax PRI-885 is a PENTA WAN router and is similar to the 684
in capabilities. It has a really elaborate feature set, yet it is
relatively easy to program. The unit is new and the software was
still a bit "buggy" but it was able to communicate with all my
equipment including the terminal servers. Unfortunately, the 885
throughput slowed to a "crawl" when connected to two WAN ports and
loaded with traffic. After such an event, the router had to be
reset to recover. Then it would work for awhile and then slow
down. These Edimax units look like good design but until the
software has matured, you should have a "return if they do not work for
6) Finally, as of March 2006, I am using a PEPLINK Load Balance
300 triple WAN router on my WISP system to provide access to multiple
WAN lines for redundancy. Peplink is a relatively new
company producing a
Linux router appliance that has turned out to be the most reliable unit
I have tested. With the latest version 3.7.0 firmware, all
of my needs have been satisfied and problems corrected. Included
persistence support for VOIP, https, http, FTP, and any single port
services, DNS Gateway, per WAN health check, per WAN "use
DHCP" or "fixed IP" DNS support, programmable LAN side DHCP
server, inbound and outbound load balancing, along with a
host of other features. Now available is a built in DNS server
NS/SOA, A-record and MX, TXT, and CNAME record support.
This feature permits INBOUND load balancing and it operates for
multiple domain names. I am running the LB-300
hooked up to two DSL lines and one Cable Modem line. It passes
just fine at high speed and I am able to operate all my servers.
The system features
are similar to the Edimax units discussed above but the PepLink
300 (triple WAN) is
more expensive than the Edimax Quad WAN unit.
But then, I was able to get the Peplink unit operational
on my (fairly complex) system which I could not accomplish with the
Edimax units. See http://www.peplink.comfor
more information. Late note: Peplink has installed the
VONAGE/SKYPE/SIP VOIP support features in the LB200/300. Vonage
my application has (as of September 2006 with firmware 3.7.0) been made
to function properly and without any workarounds.
Vonage "session binding" now works fine. With this change,
service is operating splendedly from the LAN side of the LB300 with
automatic failover in case of WAN failure. The LB300 problem of
having spurious "WANdown/WANup" sequences has also been partially
fixed. The DHCP links sometimes think they "go down" but come right
back up. PepLink fixed the problem for PPPoE WAN links and is now
working on this last WANdown problem. This last problem is not
causing any operational problems at the present.
(Note: Alas... The Cisco models have great reputations and work beautifully,
but the cost and programming difficulty are both above me at the present time.)
RETURN to Joe and Jack's GPS Information Website