Dual and Multi WAN Router Review
Are there some REALLY good ones out there?

by Joe Mehaffey
September 18, 2006 (update on PepLink Balance LB 300 router> The best of the bunch.)

When you really want to have continuously available Internet service for a mail server or just because your business operations require an Internet connection to survive, having a REDUNDANT connection seems like a good way to go.  For the past four years, I have had two and sometimes three broadband connections to the Internet.  Mostly this was done because of the unreliability of a single connection.  In that regard, I will mention some of my experiences with a few of the local Internet vendors. 

1) Prestige Cable Internet (Now Adelphia).  This was the first broadband Internet capability in our area beyond ISDN.  I had this service for about a year around 1998.  It was up about 95% of the time and I had to daily cycle power on the modem to restore operation.  Tech Support tried hard but multiple site visits and trying never got the reliability above "very bad".
2) Then BellSouth brought DSL (1.5mbps) to our area and I immediately jumped on the bandwagon.  Reliability was MUCH better but still every few days, I had to cycle power on the modem or on the router to restore service.  Long outages were maybe monthly, but that was the state of the art.  I found the tech support people were working from a bad script and really did not know how to fix or what to do if cycling power on the equipment did not fix things.  And.. they thought that cycling power on modems and routers was "Normal" and if operation was restored, then as far as they were concerned, all was well.
3) After being frustrated by BellSouth for awhile, I opted for a second line from EarthLink hoping things would be better. And they WERE.  The service was more reliable than BellSouth and when something DID go wrong, the tech support people were knowledgeable and if not, would quickly turn you over to a tech support person versed in your problem.  Between EarthLink and BellSouth, I had a good year and MOSTLY continuous service except when they would go down at the same time due to problems in the BellSouth network.  It was obvious that EarthLink had  the more reliable operation.  At the end of a year, I canceled my BellSouth Contract and got a second EarthLink line.  I made sure the second line came from a separate EarthLink ISP center so that (hopefully) an EarthLink problem in one ISP location would not affect both lines.  This worked really nicely UNTIL Earthlink farmed out their tech support to India or some such.  We were back to non-knowledgeable support people reading from a script and with bad English and no fall back position.
4) Service on the EarthLink local ISPs  gradually deteriorated and tech support seemed to be disconnected and without resources to even test when problems occurred.  Finally when one DSL line when out for many days and I had to beg for an onsite call for a fix, I had to conclude it was time to give up.    
5)  A new local company called SpeedFactory.net had come along and they had a good reputation locally in the Atlanta area.  I phoned their technical support dept and found them knowledgeable and apparently they had direct means of troubleshooting line problems immediately.  I signed up with SpeedFactory and eventually had two DSL lines installed from them.  Their service proved very good and when there WERE outage problems, they were fixed promptly and effectively every time.  Almost every time, it was a problem in the BellSouth network causing the outage.  But the difference was that the techs at SpeedFactory.net could get BellSouth to "go fix it".
6)  By 2005, the overall reliability was dramatically improved over what was available from prior years.  95% of the problems turned out to be in the BellSouth network.  UNfortunately,  many of these problems resulted in both DSLs going down simultaneously even though SpeedFactory served me from two different ISP sources in Atlanta.  Since I had moved on to a private mail server, VOIP and other services needing "always on" Internet, I decided to diversify back to one DSL and one Cable Internet line.  I hoped that six years had resulted in some improvement in our local Adelphia Cable Internet service.  Indeed, the cable Internet IS now more reliable, but far less so than my DSL service from SpeedFactory.  Still,  when the two DSLs went down simultaneously, the Cable Internet did stay online.  This was what I wanted.. Full time Internet service.  

So.. At present, I have one 3 mbps DSL line from SpeedFactory and one 3mbps Cable Internet line from Adelphia.  With the two operating together, it is rare indeed to find them both out of service at the same time.  It HAS happened one time in the two months I have had both but that was a power problem resulting from a storm.  I can excuse them for that.  Adelphia still has a relatively inept tech support department.  I still have several outages a week which can only be cleared by cycling power on the modem.  Multiple people at Adelphia have told me that if cycling power on a modem restarts the connection,  It is certain that the problem is in the modem.  This is hogwash.  I have tried a SB5100, SB5120 and Samsung modem and they all do the same.  For more information on this,   See for example Cisco's document on WHY CABLE MODEMS DROP OFFLINE.  
This document spells out MANY reasons not associated with the customer's cable modem which can cause cable Internet service dropouts.  Maybe when ComCast takes over Adelphia, things will improve.  DSL had similar dropout problems years ago, but with modern DSL modems, they "almost" always recover on their own when service is reconnected.  There is (I think) HOPE for the Cable Internet people when their technicians get out of the "denial mode" and are properly equipped to search for these difficult to find problems.


I have been searching diligently for a FULL FEATURED and RELIABLE dual WAN router now for about 5 years.  Let me list what I feel are essential and  highly desirable features for a SOHO dual/triple/quad  WAN router.

1) Handles PPPoE and DHCP lines interchangeably.  Facility to enable/disable each WAN without removal of parameters. Online, Offline and Backup selection modes preferred.
2) Provides DHCP server facilities for LAN clients.  (with DNS and Internet Gateway services)
3) Allows the use of fixed IP addresses on the LAN (outside the DHCP range) and provide DNS Gateway and Internet Gateway services for all LAN clients regardless of their fixed IP or DHCP configuration.
4) Allows selection of a minimum of 20 custom virtual server entries with one (or more when needed) ports for each entry as needed.
5) Allows enable/disable of each custom virtual server as needed.
6) Provides separate DNS entries for EACH WAN.  Allows DNS on each WAN by fixed IP entries as well as by DHCP from ISP when available.  This is needed as many ISPs do not allow users outside their own clients to access their DNS servers and having one list of "global" DNS servers for the router is often unsatisfactory.  While there are "open public DNS servers",  these can be slower to access than the  local ISPs DNS servers and the number and availability of these public DNS servers is not growing substantially.
7) Has a minimum specified bandwidth of about 40mbps throughput to handle a couple of 6mbps lines.  This is to insure that the additional computing load of routing table and virtual server and other filtering and routing operations do not slow down the overall throughput.
8) Has email notification of selected problems dispatched automatically to supervisor.
9) Has WAN/LAN combine status page accessible via one click from any page in router user interface.
10)  Elementary Routing capability to direct (bind) outbound traffic to particular WANS based on type of service request.  Especially needed to direct VOIP, SMTP and NNTP traffic to particular WAN link(s).   It should OPTIONALLY be possible to "failover" to another WAN for any of these services if the service is interrupted on a particular WAN.
11) Has a method of binding specific traffic (such as https traffic) to a particular WAN for the duration of a session.  This connection "persistence" is needed to prevent transactions such as banking and brokerage transactions from being disconnected if the session traffic is split between two different ISPs.
12) Remotely configurable database via http webpage type GUI.  Optionally configurable via WAN as well as LAN with security.
13) Has a robust and configurable scheme for a "health check" on each WAN with ability to AUTOMATICALLY put a non functioning WAN out of service quickly if a WAN fails to be able to pass traffic.  One scheme is to PING a particular URL (such as yahoo.com).  This tests both the DNS server and the ability to pass (at least) IMCP traffic to the Internet.  
14) Has URL LOOPBACK capability so that a LAN user can put in a URL of a server residing on the local LAN and properly resolve and direct the LAN client to the local server.
15) Has automatic "failover" and automatic recovery from WAN connection loss with automatic restoration to service of recovered WAN lines.
16) Has Outbound load balancing to approximately balance traffic on multiple WANs.  Exact balance is not necessary.  Either byte or packet balancing (IMHO) are equally good in the long run.
17) Has DataLogging system with time/date stamp via NTP server to log WAN failures/restores and other statistics. Log should not repeat entries but should increment a count of repeat problems such as WAN out of service to avoid wasting log space.  Easy way to reset LOG is needed.  Way of selecting log length (before wrap) is desirable.
18)  Inbound and outbound IP and port redirection is desirable.
19)  Management  Information System to assist manager in evaluating the functioning of the router and especially the WANs.

Nice to have items:
1) DDNS capability with multiple DDNS service providers.
2) Inbound load sharing with built in DNS server.  DNS server has capability for multiple A records, Multiple MX records, Multiple TxT records at a minimum.   This is a luxury item.
3) Internal DNS server capability to handle multiple domain names is a plus.
4) VPN capability is desirable for a SOHO application router.
5) SNMP capability is nice for a SOHO application.


Over the years, I have explored and used a wide variety of Dual, Quad and Triple WAN routers.  My experiences have varied from good to bad.  It has seemed that I have never been able to ask all of the right questions to determine the capabilities of the router BEFORE I put it into service and tried it out.  I am hoping that this paper will assist others in that quest.

1) My first Dual WAN router was a NexLand Turbo 800 Pro.  While NexLand is out of business (absorbed and shut by Symantec), this router has proved a favorite despite its remaining problems.  With the latest firmware, it has proved extremely reliable when running with two DSL lines.  But they never got it to work reliably with a mix of DHCP (cable Internet) and PPPoE lines on the WAN ports.  Further, the outbound load balancing never comes close to "balance" but it does send some traffic over each of the two WANs.  This router has been in service for about 4 years and the hardware has never failed.  The software is totally reliable when run with two PPPoE DSL lines but fails under high traffic when run with one or two DHCP connections and this was never fixed by updates.

2) In an effort to find a router to work with a mix of PPPoE and DHCP lines I then bought a HOTBRICK LB-2 VPN router.  This router works pretty well, but outbound load balance does not work well and it has had periodic lockups when run with more than one WAN operating.  HotBrick tried to be cooperative and sent several firmware updates but the periodic "lockups" prevents me from using this one in my high reliability environment.

3) Next I tried the Hawking FR24 dual WAN router in about 2004.  Unfortunately, this model does not have WAN load balancing nor does it have URL LOOPBACK or automatic fallover/recovery which are essential for my applications.  I do use the router still as a "NAT Box" for experimentation and it has proved a reliable performer within its feature limitations.

4) Next I tried the Edimax PRI-684.  This router appears to have all the features I could ever want.  It is relatively easy to program and functions well.  I had the unit for 6 months during which time Edimax engineers managed to fix almost all of the major problems.  The killer problem for me was that when running with Lantronix "Terminal Servers", the 684 would not allow even LAN users to connect to these terminal server units.  Edimax studied the problem but was unable to resolve it so I returned this unit and received a PRI-885 to evaluate.  (Note 1:  In April 2006, I was able to download a new update to the Lantronix terminal server which "I think" would correct the interoperability problem with Edimax PRI-684.  This new firmware makes the 10mbps Lantronix unit perform additional handshaking protocols with 10/100/1000mbps hardware which fixed a connectivity problem with a Belkin 54g access point.  This fix may have bearing on the problem the Edimax had with the Lantronix terminal server as well.)  Note 2: As of August 2006, Edimax has advised me that the problems I had with the PRI-684 and 885 have been corrected with the latest firmware updates.  I have not retested these units for myself.

5) The Edimax PRI-885 is a PENTA WAN router and is similar to the 684 in capabilities.  It has a really elaborate feature set, yet it is relatively easy to program.  The unit is new and the software was still a bit "buggy" but it was able to communicate with all my equipment including the terminal servers.  Unfortunately, the 885 throughput slowed to a "crawl" when connected to two WAN ports and loaded with traffic.  After such an event, the router had to be reset to recover.  Then it would work for awhile and then slow down.  These Edimax units look like good design but until the software has matured, you should have a "return if they do not work for me" agreement.  

6) Finally, as of March 2006, I am using a PEPLINK Load Balance 300 triple WAN router on my WISP system to provide access to multiple WAN lines for redundancy.   Peplink  is a relatively new company producing a Linux router appliance that has turned out to be the most reliable unit I have tested.  With the latest version 3.7.0  firmware, all of my needs have been satisfied and problems corrected.  Included are: Session persistence support for VOIP, https, http, FTP, and any single port services,  DNS Gateway,  per WAN health check, per WAN "use DHCP" or "fixed IP" DNS support,  programmable LAN side DHCP server,  inbound and outbound load balancing,  along with a host of other features.   Now available is a built in DNS server with NS/SOA, A-record and MX, TXT, and CNAME  record support.   This feature permits INBOUND load balancing and it operates for multiple domain names.  I am running the LB-300 router hooked up to two DSL lines and one Cable Modem line.  It passes data just fine at high speed and I am able to operate all my servers.    The system features are similar to the Edimax units discussed above  but the PepLink 300 (triple WAN) is more expensive than the Edimax Quad WAN unit.   But then,  I was able to get the Peplink unit operational on my (fairly complex) system which I could not accomplish with the Edimax units.     See http://www.peplink.comfor more information.  Late note:  Peplink has installed the VONAGE/SKYPE/SIP VOIP support features in the LB200/300.   Vonage operation in my application has (as of September 2006 with firmware 3.7.0) been made to function properly and without any workarounds.  Vonage "session binding" now works fine.  With this change, my vonage service is operating splendedly from the LAN side of the LB300 with automatic failover in case of WAN failure.  The LB300 problem of having spurious "WANdown/WANup" sequences has also been partially  fixed. The DHCP links sometimes think they "go down" but come right back up.  PepLink fixed the problem for PPPoE WAN links and is now working on this last WANdown problem.   This last problem is not causing any operational problems at the present.

 (Note:  Alas... The Cisco models have great reputations and work beautifully, but the cost and programming difficulty are both above me at the present time.)

RETURN to Joe and Jack's GPS Information Website