Solved: Is it posible to lock default public ip address?

ebarriera · ‎02-21-2014

Is it posible to lock default public IP address on multiWAN routers?

I have several RV016 with up to 4 30Mbps VDSL Internet lines each and using the latest firmware to load-balance 50-200 clients.

When used for browsing, some sites may need to lock public IP source from client (especially sites that need user authentification).

From a server point of view, public IP will jump between 4 public IPs provided by ISP, following automatic round-robin load-balancing strategy.

As public IP read by server has changed, server cuts down session and users have to input username and pasword again to log in.

Is it posible to lock that public IP for some time until idle? (it was featured on my former BeWAN LX400H router as "LockSource IP timer")

mpyhala · ‎02-21-2014

ebarriera,

The RV016 doesn't have any feature like LockSource IP timer unfortunately. This is a common issue with Load Balancing in the Cisco Small Business routers and mostly affects 'secure' traffic like HTTPS and RDP. I would test balancing HTTP traffic and binding HTTPS traffic only to one WAN port and see if you get decent results.

- Marty

View solution in original post

Tom Watts · ‎02-21-2014

Hi Ebarriera, this kind of comes in the form of "protocol binding". You can bind specific service to a WAN port so if HTTPS page per example is a problem, may be you want all HTTPS traffic to use only WAN 4.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

ebarriera · ‎02-21-2014

Thank you Tom for your answer. Yet if a specific protocol is bound to a WAN port, there is no longer any benefit in load-balancing for the clients. And they loose the failover feature as well.

Tom Watts · ‎02-21-2014

Hi Ebarriera, they do not lose the fail over feature. In addition, I very much doubt they lose load balance as well. Most websites use HTTPS to authenticate then go to other services after secure pages.

I do not think there will be any major issue for this behavior.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

Dan Miley · ‎02-21-2014

the device won't do protocol binding to a port that is down, so if a port fails that has a protocol bound to it, it will use the other ports that are up.

of course if you have 4 wan connections, you will not be able to specify which one it fails over to, and might have the same issue as you have now.

You can load balance manually by spreading the protocols across ports.

https --> wan1

http --> wan2

smtp/imap --> wan3

etc...

Dan

ebarriera · ‎02-21-2014

Thank you Daniel, maybe this is my best option for 2 wan connections.

The thing is that clients mostly use http/https protocol for browsing, so if I bind http to one specific wan connection only, they won't profit from the bandwidth provided by remaining links.

mpyhala · ‎02-21-2014

ebarriera,

The RV016 doesn't have any feature like LockSource IP timer unfortunately. This is a common issue with Load Balancing in the Cisco Small Business routers and mostly affects 'secure' traffic like HTTPS and RDP. I would test balancing HTTP traffic and binding HTTPS traffic only to one WAN port and see if you get decent results.

- Marty

SamirD · ‎02-22-2014

I believe you can set multiple protocol binding entries, one for each wan. Then, once a session starts on a particular wan, it will stay there, but sessions will be started in a round-robin sequence. Give it a try and see how it works.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com