1

I use a load balance broadband router in order to double or triple the speed of my internet connection, as it allows multiple WAN entries, which are then used all together into one much faster speed, double or triple speed.

The problem is that some sites detect 2 or 3 different simultaneous external IP addresses requesting packets, which issues security flags. Not good.

I want to avoid this by only having 1 external ip address, but with the combined speed of multiple wan connections.

I know I can get 1 external ip address by connecting to an external proxy with the right protocol. I don't want to use that.

Is it possible to do this on my PC?

An idea would be connecting my desktop to a server-side proxy on my computer, which combines the ip addresses for example. And then connects to whichever external site I want.

The external site would only see one ip address, obviously.

Abhishek Rai
  • 115
  • 7
  • 3
    No, not with NAPT. Really, you do not want per-packet load balancing, you want per-flow load balancing. Each flow would get, at most, one WAN link, but, in aggregate, you use the combined bandwidth. – Ron Maupin Jan 01 '21 at 07:20
  • @RonMaupin Are there any options? at all? – Abhishek Rai Jan 01 '21 at 07:22
  • 2
    Not with NAPT. Your business could always contract with your ISP to get some public addressing so that you do not need to use NAPT, then the address you use could be the same for all three WAN connections, or you could see if your ISP offers link bonding. Either way, your business will need to modify your ISP contract, and it will probably cost your company more. – Ron Maupin Jan 01 '21 at 07:25
  • @RonMaupin I see. Much Appreciated. I will talk to them. Thanks. – Abhishek Rai Jan 01 '21 at 07:26

1 Answers1

1

Why should you have to collapse your WAN into one IP address?

Security or rate limits based on a single IP addresses will be a problem as you implement IPv6 and move away from NAT. Hosts having their own IP addresses is normal. Talk to the sites and services you use about better, application level authentication, and less precise IP address restrictions. If you have provided authentication factors, have logged in via the same device, and have an IP address on the same continent, there is not much reason to be suspicious.

Having multiple WAN links means you can diversify across different ISPs. Should the ISP changing between different flows trigger some sites' security, that's a problem. Consider getting provider independent IP space, where your flows are sourced from your own IP ranges. Ron Maupin implied this as an option in comments.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34