IPLB distributes the traffic over multiple IP links so that the load can be distributed evenly. IPLB effectively bundles the lines together, so that the total throughput is the sum of the individual lines.
Suppose we have the following information:
ABILIS 1 has an Internet connection with a speed of 1 Gbit/s and more public IP addresses (80.80.80.0/28).
The assigned IP for ABILIS 1 is the 80.80.80.1/28.
ABILIS 2 has 3 Internet connections (ADSL, Ethernet, LTE), from different Internet providers with the following Internet speeds:
ADSL 7/1 Mbit/s;
Ethernet 20/20 Mbits/s;
LTE 15/15 Mbits/s.
80.80.80.5 is the IP address assigned to ABILIS 2 by ABILIS 1 for IPLB;
The ADSL line from ABILIS 2 have a static IP 88.88.88.88/32;
The Ethernet line from ABILIS 2 have a static IP 99.99.99.99/24;
The LTE line from Abilis 2 has a dynamic IP.
The objectives:
To obtain a major throughput, theoretically the sum of the individual lines (42/36 Mbit/s);
To offer a failover to the WEB server (192.168.0.10/24) located in the LAN of ABILIS 2. If a line falls down we will have a lower speed but not disconnection of services.
Configuration of IP resources:
ABILIS 1:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a dev:eth-2 | Add an Ethernet device (e.g. ETH-2). |
a res:ip-2 subtype:lan | Add an “IP over LAN” resource (e.g. IP-2). |
s p ip-2 lanres:eth-2 | Configure the ETH-2 as the IP-2 lower resource. |
s p ip-2 ipadd:80.80.80.1/28 | Configure the IP address and the mask. |
s p ip-2 descr:WAN_80.80.80.0/28 | Configure the description of the IP resource. |
save conf | Save the configuration. |
ABILIS 2:
Configuration of ADSL connection:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a dev:dslusb-1 | Add an DSLUSB device (e.g. DSLUSB-1). |
a res:ip-3 subtype:dl | Add an “IP over Dedicated Line” resource (e.g. IP-3). |
s p ip-3 lowres:dsl-1 | Configure the DSL-1 as the IP-3 lower resource. |
s p ip-3 link-enc:rfc1483-llcmux | Configure a LLC-based multiplexing type |
s p ip-3 vpi:8 vci:35 | Configure the VPI and the VCI. |
s p ip-3 ipadd:88.88.88.88 mask:255.255.255.255 | Configure the IP address and the mask. |
s p ip-3 descr:Line1_ADSL | Configure the description of the IP resource. |
Configuration of Ethernet connections:
a dev:eth-1 | Add an Ethernet device (e.g. ETH-1). |
a res:ip-1 subtype:lan | Add an “IP over LAN” resource (e.g. IP-1). |
s p ip-1 lanres:eth-1 | Configure the ETH-1 as the IP-1 lower resource. |
s p ip-1 ipadd:99.99.99.99/24 | Configure the IP address and the mask. |
s p ip-1 state-detect:ping | Set the state detection of IP-2 resource to PING. |
s p ip-2 p-dst1:8.8.8.8 p-dst2:8.8.4.4 | Set the external servers to ping. |
s p ip-2 p-gw:99.99.99.1 | Set the gateway to use for ping. |
s p ip-1 descr:Line2_Ethernet | Configure the description of the IP resource. |
a dev:eth-2 | Add an Ethernet device (e.g. ETH-2). |
a res:ip-2 subtype:lan | Add an “IP over LAN” resource (e.g. IP-2). |
s p ip-2 lanres:eth-2 | Configure the ETH-2 as the IP-2 lower resource. |
s p ip-2 ipadd:192.168.0.1/24 | Configure the IP address and the mask. |
s p ip-2 descr:LAN | Configure the description of the IP resource. |
Tip | |
---|---|
Interesting chapter: Section 74.26, “How to use state detection of IP interfaces”. |
Configuration of LTE connections:
Type the following commands to configure the LTE device:
a dev:cellkey-1 | Add the cellkey-1 device. |
s p ctip:501 pdn-apn:mobile.it | Configure the APN (e.g. mobile.it). |
Type the following commands to configure the IP resource:
a res:ip-4 subtype:ppp | Add an IP over PPP resource. |
s p ip-4 descr:Line3_LTE | Configure the description of the IP resource. |
s p ip-4 lowres:ctislink | Set to CtiSLink the lowres of the IP resource. |
s p ip-4 nrty:30 rty:us | Configure the number of calls retry. |
s p ip-4 nrty3:nomax | Configure the PPP authentication number retry. |
s p ip-4 cdo:99 | Configure the called output number. |
s p ip-4 ipadd:retrieve neigh:retrieve | Configure a dynamic IP address. |
s p ip-4 username:provider_user password:provider_pwd | Configure the login information. |
s p ip-4 local:chap,pap remote:none | Configure the local and remote authentication protocol. |
Type the following commands to configure the data routing:
a ctir pr:1 descr:LTE_Data bci:data cdi:99 poi:Sl out:501 | Add a rule to route data to CTIP 501. |
save conf | Save the configuration. |
Configuration of VPN tunnels:
ABILIS 1:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a res:ip-5 subtype:aipt | Add an “IP over IP (Abilis tunnel)” resource (e.g. IP-5). |
s p ip-5 cr:yes | Activate the data encryption. |
s p ip-5 locipadd:80.80.80.1 | Configure the Local IP address for incoming/outgoing UDP packets. |
s p ip-5 remipadd:88.88.88.88 remport:2105 | Configure the Remote IP address and port for incoming/outgoing UDP packets. |
s p ip-5 descr:VPN1_to_Abilis_2 | Configure the description of the IP resource. |
a res:ip-6 subtype:aipt | Add an “IP over IP (Abilis tunnel)” resource (e.g. IP-6). |
s p ip-6 cr:yes | Activate the data encryption. |
s p ip-6 locipadd:80.80.80.1 | Configure the Local IP address for incoming/outgoing UDP packets. |
s p ip-6 remipadd:99.99.99.99 remport:2106 | Configure the Remote IP address and port for incoming/outgoing UDP packets. |
s p ip-6 descr:VPN2_to_Abilis_2 | Configure the description of the IP resource. |
a res:ip-7 subtype:aipt | Add an “IP over IP (Abilis tunnel)” resource (e.g. IP-7). |
s p ip-7 mode:ext-server | Configure the EXTENDED-SERVER operating mode. |
s p ip-7 cr:yes | Activate the data encryption. |
s p ip-7 locipadd:80.80.80.1 | Configure the Local IP address for incoming/outgoing UDP packets. |
s p ip-7 remport:2107 cli-id:80.80.80.1 | Configure the Remote port for incoming/outgoing UDP packets and the Client identification IP address. |
s p ip-7 descr:VPN3_to_Abilis_2 | Configure the description of the IP resource. |
save conf | Save the configuration. |
ABILIS 2:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a res:ip-5 subtype:aipt | Add an “IP over IP (Abilis tunnel)” resource (e.g. IP-5). |
s p ip-5 cr:yes | Activate the data encryption. |
s p ip-5 locipadd:88.88.88.88 | Configure the Local IP address for incoming/outgoing UDP packets. |
s p ip-5 remipadd:80.80.80.1 remport:2105 | Configure the Remote IP address and port for incoming/outgoing UDP packets. |
s p ip-5 descr:VPN1_to_Abilis_1 | Configure the description of the IP resource. |
a res:ip-6 subtype:aipt | Add an “IP over IP (Abilis tunnel)” resource (e.g. IP-6). |
s p ip-6 cr:yes | Activate the data encryption. |
s p ip-6 locipadd:99.99.99.99 | Configure the Local IP address for incoming/outgoing UDP packets. |
s p ip-6 out-ip:6 gw:99.99.99.1 | Configure the output IP resource and the gateway for this resource. |
s p ip-6 remipadd:80.80.80.1 remport:2106 | Configure the Remote IP address and port for incoming/outgoing UDP packets. |
s p ip-6 descr:VPN2_to_Abilis_1 | Configure the description of the IP resource. |
a res:ip-7 subtype:aipt | Add an “IP over IP (Abilis tunnel)” resource (e.g. IP-7). |
s p ip-7 mode:ext-client | Configure the EXTENDED-CLIENT operating mode. |
s p ip-7 cr:yes | Activate the data encryption. |
s p ip-7 locipadd:out-ip id:80.80.80.1 | Configure the Local IP address for incoming/outgoing UDP packets and the Identification IP address sent by the Client to the Server. |
s p ip-7 remipadd:80.80.80.1 remport:2107 | Configure the Remote IP address and port for incoming/outgoing UDP packets. |
s p ip-7 descr:VPN3_to_Abilis_1 | Configure the description of the IP resource. |
save conf | Save the configuration. |
Configuration of Speed Limit:
ABILIS 1:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
s p iprtr acl:yes cos:enabled cosbalance:yes | Configure the Access List activation, enable the Class-Of-Service management and the Class-Of-Service Balancing. |
a ipacl pr:0 type:permit ipcos:high tos-i:*-d prot:udp sres:int sa:* da:* spo:* dpo:* | Add the standard IPACL that assigns high priority to voice packets. |
s p ip-5 outspl:yes outsp:6700 | Activate the Output Speed Limit and configure the speed limitation value. |
s p ip-6 outspl:yes outsp:19200 | Activate the Output Speed Limit and configure the speed limitation value. |
s p ip-7 outspl:yes outsp:14400 | Activate the Output Speed Limit and configure the speed limitation value. |
save conf | Save the configuration. |
Tip | |
---|---|
Interesting chapter: Section 75.12, “How to configure the Speed Limit”. |
ABILIS 2:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
s p iprtr acl:yes cos:enabled cosbalance:yes | Configure the Access List activation, enable the Class-Of-Service management and the Class-Of-Service Balancing. |
a ipacl pr:0 type:permit ipcos:high tos-i:*-d prot:udp sres:int sa:* da:* spo:* dpo:* | Add the standard IPACL that assigns high priority to voice packets. |
s p ip-1 outspl:yes outsp:960 | Activate the Output Speed Limit and configure the speed limitation value. |
s p ip-3 outspl:yes outsp:19200 | Activate the Output Speed Limit and configure the speed limitation value. |
s p ip-4 outspl:yes outsp:14400 | Activate the Output Speed Limit and configure the speed limitation value. |
s p ip-5 outspl:yes outsp:900 | Activate the Output Speed Limit and configure the speed limitation value. |
s p ip-6 outspl:yes outsp:18000 | Activate the Output Speed Limit and configure the speed limitation value. |
s p ip-7 outspl:yes outsp:13500 | Activate the Output Speed Limit and configure the speed limitation value. |
save conf | Save the configuration. |
Important | |
---|---|
It's important to properly configure the
|
Configuration of IP Load Balancing:
ABILIS 1:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a iplb id:1 rule:wq descr:To_Abilis_2 res1:ip-5 res2:ip-6 res3:ip-7 | Add the IP LB to Abilis 2 of the 3 IP resources (VPN). |
save conf | Save the configuration. |
Tip | |
---|---|
Interesting chapter: Section 23.5, “IP Load Balancing”. |
ABILIS 2:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a iplb id:1 rule:wq descr:To_Abilis_1 res1:ip-5 res2:ip-6 res3:ip-7 | Add the IP LB to Abilis 1 of the 3 IP resources (VPN). |
save conf | Save the configuration. |
Configuration of IP routing:
ABILIS 1:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a ipr net:0.0.0.0/0 gw:80.80.80.14 ip:2 | Add a default route by configuring in the
GW parameter the IP address of the WAN
router and in the IP parameter the IP
resource connected to the WAN router. |
a ipr net:80.80.80.5/32 ip:5 | Add a static route for assigned IP for IPLB of ABILIS 1
by configuring in the IP parameter the IP
resource associated to one of VPN connection. |
save conf | Save the configuration. |
Note | |
---|---|
In the Console configurator, you must type the command: a sipr id:0 net:0.0.0.0/0 gw:80.80.80.14 ip:2 and a sipr id:1 net:80.80.80.5/32 ip:5. |
ABILIS 2:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a ipr net:0.0.0.0/0 ip:5 | Add a default route by configuring in the
IP parameter the IP resource associated to
one of VPN connection. |
save conf | Save the configuration. |
Note | |
---|---|
In the Console configurator, you must type the command: a sipr id:0 net:0.0.0.0/0 ip:5. |
Configuration of NAT:
ABILIS 2:
Enter into the Abilis control-program or open the configuration file with the Console configurator and type the following commands.
a
res:nat or s act res:nat | Add the NAT resource. or If the resource already exists, set it active. |
s p nat act:yes | Enable the NAT runtime functionalities. |
s p ip-2 nat:inside | Configure the NAT parameter for the IP-2. |
s p ip-5 nat:outside | Configure the NAT parameter for the IP-5. |
s p ip-6 nat:outside | Configure the NAT parameter for the IP-6. |
s p ip-7 nat:outside | Configure the NAT parameter for the IP-7. |
a nat pr:0 inat:in onat:out add:src snet:192.168.0.0/24 anet:80.80.80.5/32 pat:yes | Add a NAT entry for the 192.168.0.0/24 network. |
a nat pr:1 inat:out onat:in add:dst dnet:80.80.80.5/32 anet:192.168.0.10/32 pat:yes prot:tcp dpo:8080 apo:80 | Add a NAT entry for the access to the WEB server. |
save conf | Save the configuration. |
Important | |
---|---|
In the NAT |
Important | |
---|---|
Using the IPLB, all PCs/servers of ABILIS 1 will have one source IP the 80.80.80.5, but not IP of local Internet lines (ADSL, Ethernet, LTE). |
On a working Abilis, a system restart is required for ABILIS 1 and ABILIS 2.