Thanks to last nights storm that hit the northeast, I spent what spare time
I had today investigating WAN failover. It took a while to get working,
though exactly why I don't know because what I ended up with as a working
config is exactly what Lonnie has documented! I suspect my testing was
impacted by trying to do it from my basement (where I get one bar of 4G on
AT&T, (aka 3.5G in the rest of the world, not LTE). Upstairs I get a
decent 3 bars LTE.
I found an old TP-LINK WiFi in a drawer which supports bridge mode. So
what I have is APU2 eth2 -> TL-WR702N -> iPhone -> AT&T. As I write this
it is my active connection as power and internet are not back yet. This is
okay as an occasional use setup as the WiFi link to iPhone does not appear
to connect automatically. I seem to need to go into the router (bridge) web
interface and scan for the iPhone hotspot and connect to it... the issue
seams to be that the iPhone can decide to change WiFi channel, and the
router wants me to select a specific channel (it has an auto setting, but
doesn't seem to like it if I select that -- though further testing
required).
Which got me googling and I landed on the same Netgear modem. They have a
LB1121 version (adds PoE support, you need to buy your own PoE injector)
which I find attractive because PoE would give me flexibility to place the
modem anywhere in my house and have it powered from my large UPS that
Astlinux is connected to. So for as long as I have enough battery to power
AstLinux, I will have a cell connection. I can last about 8 hours on that
UPS.
So much now-a-days depends on a network connection that I am tempted to buy.
Now I would need to figure out entries for the failover script. For
example, I would want to block all traffic from my NAS (which has online
backup setup), so some firewall rules to block all traffic from certain
internal IP's. I might also want to block selected ports which I know are
used for an online backup that is installed on my work laptop. Would be
nice if I could block youtube too (kids, you know), and maybe dropbox,
etc. Basically I want to keep network activity to the essentials. Any
ideas?
David
On Wed, May 16, 2018 at 6:15 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com>
wrote:
> > The Netgear LB1120 didn't specifically mention it can operate in Bridge
> Mode which is a must for me. I had trouble finding many that could actually.
>
> It appears the Netgear LB1120 does with a bug fixed in firmware update:
> NTG9X07C_12.09.05.27
>
> https://community.netgear.com/t5/Mobile-Routers-Hotspots-
> Modems/LB1120-Bridge-Mode-No-Connectivity/m-p/1404666#M3431
>
> Though if all your traffic is over a WireGuard VPN, Bridge Mode is not as
> much of an issue, but Bridge Mode is best.
>
> Lonnie
>
>
>
>
> > On May 16, 2018, at 5:04 PM, Michael Knill <michael.knill@ipcsolutions.
> com.au> wrote:
> >
> > Thanks Lonnie
> >
> > The Netgear LB1120 didn't specifically mention it can operate in Bridge
> Mode which is a must for me. I had trouble finding many that could actually.
> > Whoops WireGuard VPN. My bad. Im looking forward to testing it out.
> >
> > Regards
> > Michael Knill
> >
> > On 17/5/18, 7:52 am, "Lonnie Abelbeck" <li...@lonnie.abelbeck.com>
> wrote:
> >
> > Hi Michael,
> >
> > Very interesting, should work ... as usual the devil is in the detail.
> >
> > I would use a WireGuard VPN to utilize static addresses across your
> AstLinux box network. Works nicely for me.
> >
> > I did a quick search and the Netgear LB1120 4G LTE Modem ($95 USD) is
> an all in one box with a 4G/LTE radio included, no USB dongles required.
> The Amazon reviews are mostly good, no idea if your carriers support it.
> Just the idea if a simple box with one NIC seems like a good KISS
> solution. There may be other "4G LTE Modem" devices out there as well.
> >
> > Here in the US this 4G/LTE connection can get expensive with a lot of
> data over it.
> >
> > Sounds fun to test.
> >
> > Lonnie
> >
> >
> >
> >
> >
> >> On May 16, 2018, at 3:47 PM, Michael Knill <michael.knill@ipcsolutions.
> com.au> wrote:
> >>
> >> Hi Group
> >>
> >> Ok so I am about to start developing a 4G backup solution for my
> systems utilising Astlinux WAN Failover and the Dovado 4G Tiny AC (
> http://www.dovado.com/en/products) operating in bridge mode.
> >> To overcome the hassle of NAT and providing a Public IP on the 4G
> network, I plan on establishing an OpenVPN or Wireline VPN tunnel to
> another hosted Astlinux box via the 4G network. This will give me access to
> the onsite Astlinux box if there is a primary WAN failure and I can also
> pass voice traffic if this is desired.
> >>
> >> Can anyone see any gotchas with this setup?
> >>
> >> Regards
> >> Michael Knill
> >> ------------------------------------------------------------
> ------------------
> >> Check out the vibrant tech community on one of the world's most
> >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot______
> _________________________________________
> >> Astlinux-users mailing list
> >> Astlinux-users@lists.sourceforge.net
> >> https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >>
> >> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
> >
> >
> > ------------------------------------------------------------
> ------------------
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > _______________________________________________
> > Astlinux-users mailing list
> > Astlinux-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >
> > Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
> >
> >
> > ------------------------------------------------------------
> ------------------
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > _______________________________________________
> > Astlinux-users mailing list
> > Astlinux-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/astlinux-users
> >
> > Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
