Aggregating multiple ISP links via tunnels to an endpoint server

Question

If I have 3 ISP uplinks of 25mbps each, is it possible to set up a type of aggregated connection from a windows 2008 server or linux server over each of those 3 connections to the same endpoint (external linux server on gigabit) and then out from one of that server's IP's to the internet?

From the internal server you would see the 3 isp connections, over those 3 connections would be 3 tunnels, each going to the same endpoint (a linux server on gigabit with several static ip's). The goal would be to have 1 virtual tunnel IP on the windows 2008 server to achieve 75mbps on a single connection to any other external resource. Your external IP would be the IP from the linux server.

I know you can aggregate all 3 connections on the gateway itself and have it load balanced, however this doesn't fix the single-connection throughput, as any one connection would be limited to 25mbps. It also introduces the issue of having a semi-random IP address when opening new connections due to the 3 isp connections.

I suppose the simplest form of the question is: If you have a server with 3 100mbps connections and a server with 1 1000mbps connection, how can you acheive a single connection between the two at 300mbps.

Answer 1

If the links are provided by 3 different ISPs, then you're probably out of luck for what you want.

If all three links are provided by the same ISP, you might be able to ask them to bond the links on their end. What this means is that the ISP will treat all three links as the same source, and route packets to/from your IP along all three. You will then have to set up bonding on your end of the links as well; This will allow you to make use of all three connections at the same time.

You might also be able to take the ISP out of the equation via a custom VPN setup if you have a remote box which is capable of proxying the volume of traffic flowing through it and full control over the OS:

• Configure three ethernet-level VPN connections from a local router to the remote server
• Bond the VPN devices on both ends, such that the proxy will route packets back over any arbitrary VPN link, and the local router will do the same. You can do this with a bridge in linux, or netgraph on BSD.

This will likely have performance implications, is a very complex setup, and requires maintaining a remote proxy handling 2X the traffic load - far from ideal.

P.S., Netgraph is amazing.