Is a managed switch the easiest way of doing this

DrD787

Prominent Member
Joined
Jul 22, 2005
Messages
1,660
Reaction score
79
Points
404
Age
75
Location
Leeds UK
I have just set up a network that involves two 3G routers driving effectively two independent networks but on the same site. I would like the ability to swap over the two feeds (for balancing data usage - both 3G modems have a FUP, this is in Africa BTW). I could do it very simply with an RJ45 patch panel but I would prefer to be able to do it remotely from back here in the UK. I have zero experience of using managed switches but I'm guessing they could do the job for me. Is this correct ?
 
It will depend on the capabilities of the switch you buy - managed switches offer a much greater diversity of "features" than unmanaged ones (which are generally all much of a muchness feature wise) so you have to choose your managed switch according to what you want it to do and thereby what features you need it to have.

However, I don't think what you want will be easy or foolproof, others may have better ideas. This is just a flavour of some of the complexities I can envisage:

One idea might be to use a switch that implements VLAN's which often avail to ability to assign which VLAN a particular (physical) port is bound to. So one would set up two VLAN's (let's say) VLAN 100 & VLAN 200. Bind a port from network "A" into VLAN 100 and a port for network "B" into VLAN 200, then similarly bind a port connected to router 1 into VLAN 100 and router 2 into VLAN 200. Then to "swap" you reassign which VLAN the switch ports connected to the routers belong too. The hassle is, you can easily "cut off" one network or another if you are not careful about the order in which you make the changes and (if you are using SOHO type routers with DHCP servers in them) IP addressing for clients will get screwed when you swap. And this is assuming you can reliably remotely access the management interface of your managed switch. It's really "messy" and not something you would want to be doing regularly (I wouldn't want to do it remotely at all - I'd prefer to be on site, just in case and then I'd have to go reboot all the client to refresh the DHCP allocated IP addresses.)

If I were doing this I'd look to do something at layer 3 (IP level) with a "proper" load balancer or (proper not SOHO) router/firewall that avails such facilities, put each client network and router on separate subnets (each client net with their own DHCP Server/Relay agent) and implement traffic management at the aggregation point using using routes, or some load balancing agrorithm, etc.

Even just physically repatching on a PP as you suggest would screw up any DHCP allocated IP addressing every time you swapped. It could get ugly really fast.
 
Although I understand your points, I would like to keep this in perspective. Remember, this is Africa where even getting through a single day without a power failure is a major achievement, so a little bit of disruption from time to time on the network is neither here nor there.
When you say "easily cut off one network or another" do you mean permanently or just for a while during the switch over ?
Also, I would obviously do such a switch out of working hours when nobody was using it. The nature of usage is such that everyone switches their computers off or removes their mobile devices at night, so a reassignment of IP addresses is not a problem.
 
Just to give an example, let's imagine we use the VLAN scenario I painted and the management interface of the switch is currently connected to VLAN 200 and you remotely access the switch UI via router 2. Thence you use the switches VLAN assignment and remove the port connected to router 2 from VLAN 200 and... Eek - I've lost access to the switch management interface and there's no way I can get back into it to make any further changes, so I'd have to get hold of someone locally and "talk them through" making the rest of the changes. In that case, you may as well have someone go and physically repatch.

It might be simpler to just have the "last person to leave the office" swap a couple of cables every night/week. You could use colour codes and the like to make is easier to support ("is the red cable in port 6 or 7 today,") but I'd expect you to be getting calls about "things not working today" (which might even be reported as "dropped wi-fi signal" - be mindful of that one - users often report perceived wi-fi issues which often are nothing to do with wi-fi proper,) each time your swap due to the IP addressing hassles.

See if anyone has any better ideas, but doing this a layer 2 (switching) wouldn't be how I'd go about it, I'd find a layer 3 load/traffic balancer of some kind and automate and avoid the IP hassles by using multiple subnets.
 
The equipment is currently in the loft, so it's non-trivial for someone there to perform the switch over. It was my intention, if using a manual switch, to site it in a room below.

I didn't mention it, but I have a headless server in place (an Intel NUC) that is connected to both routers by separate LAN ports. This gives me a certain amount of resilience in the event of me messing up one of the networks, I still have a route in. I envisaged the managed switch being downstream of the connections to the server, so I would always be able to access the internet connections from the server.
I have a separate problem though with the remote access function to these routers (to avoid going via the server). There seems to be an issue with the ISP in that this function doesn't work. It works fine at home with a Three SIM in the router but not in Kenya with Orange. I Googled the problem and it seems to be something that can happen, to do with the ISP not assigning a unique external IP address ??
 
I have now purchased a Netgear ProSafe 5 port router with VLAN support and it works an absolute treat. Does exactly what I want.
 
I have a separate problem though with the remote access function to these routers (to avoid going via the server). There seems to be an issue with the ISP in that this function doesn't work. It works fine at home with a Three SIM in the router but not in Kenya with Orange. I Googled the problem and it seems to be something that can happen, to do with the ISP not assigning a unique external IP address ??

All Internet IP addresses are unique, but ISP's generally don't assign you an IP address that is unchanging - they sometimes recycle them as they age out (they are usually assigned using DHCP just like your internal IP addresses from a pool, but the pool "churns" much more than you local one,) so your external IP addresses can change. Normally you have to "pay" to get an IP address that never changes.

Because of this, a lot of people that need to "find" something on the Internet reliably use a mechanism called DynDNS. This allows you to register a DNS name with a DynDNS provider and an agent is used in your equipment that keeps the DynDNS name pointing to your external IP address even is the external IP address changes.

I would prefer to use DynDNS agents based in your router(s) if they they have them, however not all routers offer this. If yours don't, then maybe look at running a DynDNS agent on your server (though with your multi-homed server it may be "interesting" figuring out how to bind the DynDNS agent to a particular path to the Internet - I've never tried it.)
 
Sorry, I think you misunderstood me. I understand the concept of ip addresses, dynamic and static, and indeed I use Dyndns extensively myself (I haves about 8 machines all with a dyndns logical name). However, I had read or heard that in the case I am talking about it is possible for an ISP to somehow have an ambiguity such that the ip address can not be resolved to a particular location. The point I was making was that even though I know the ip address of my router I cannot access it via its own remote management software when it is located on the Orange network in Kenya but it's fine with ISPs over here in the UK.
 
I've heard tell of similar situations where some ISP's block certain types of traffic. Usually it's based on the port numbers, so perhaps you could check if your Kenyan ISP is doing something to prevent connection.
 
The default port for the router's remote management is 80 and I have also tried it on a non-standard port without success so I don't think it is that.
 

The latest video from AVForums

TV Buying Guide - Which TV Is Best For You?
Subscribe to our YouTube channel
Back
Top Bottom