Richard Gunstone - Blog

Back to main page


More adventures in home-working connectivity (Misc)

In my previous blog post I touched upon my setup with a Draytek 130 Vigor VDSL modem, combined with my Juniper firewall, and the potential for the SRX to provide resilient communications across multiple bearers.

Winding forward, I took delivery this week of a Draytek 2862 modem/router/firewall device, a considerable upgrade on the 130 modem.

This unit is a wholly different proposition to my previous idea of using the SRX and an Android AP to provide some kind of automatic failover. It is positioned as Draytek's flagship router/firewall, and has a number of interesting features. It has the ability to support 4 WAN bearers, including VDSL, ADSL, Ethernet and LTE. It also supports a host of other features as you'd expect, including IPV6, high-availability, SMS, VLANs, content filtering, QoS, and a whole host of other useful features.

With a Vodafone unlimited data SIM floating around (actually from the MVNO Lebara), I decided to implement my previous idea of resilient home-working comms using this device instead.

The interesting features for me at the moment in this device are:

Configuring Long Term Evolution (LTE)

The setup process was very straightforward. A SIM card can be added either using a USB dongle or using the in-built SIM card slot (on "ln" models).

Configuring the unit to support Plusnet's VDSL infrastructure is also straightforward from the management console. Mapping across my previous configuration, I set the display name for the LTE connection ("VodafoneLTE"), enabled Load Balancing on LTE, configured "3G/4G LTE Modem DHCP mode", and set the APN name to "uk.lebara.mobi" and username/password both to "wap". The 2862 also has an MTU discovery tool built-in for MTU value, and this returned "1500".

I also configured the WAN Connection Detection method for LTE to "Ping Detect" to a server I have in a Data Centre, with values of TTL=255, Interval=1, Retry=5.

Commiting the changes for LTE fired up the SIM and it worked flawlessly, with an RSRP of -83dBm and RSSI of -58 dBm (both "Excellent" quality according to the 2862 Dashboard).

Plusnet VDSL configuration

VDSL2 configuration for Plusnet was also straightforward, using the settings I talked about in my previous blog post. The settings I used were:

Other features

There are a number of interesting features in this device. It's possible to share bandwidth across all configured bearers, and fallback is naturally supported, e.g. if VDSL2 fails.

Over LTE the down/up speeds are around 18Mbps in both directions, which is a considerable improvement in the upload rate offered by the asymmetric profile offered under VDSL. This is not, however the theoretical rates offered by the LTE standard of 50Mbps up, and 150Mbps down, but this is obviously variable due to LTE being a shared medium.

Other useful features to enable are under the Firewall configuration, including:

Quality of Service

Under Bandwidth Management > Quality of Service, I configured QoS for both VDSL and LTE, though a value for up/down rates is needed for LTE as it is not auto-detected. I used the standard sharing of 25% each for Classes 1-3. VoIP priorisation is also useful to switch on. I assigned precedence tags for belt and braces for each class (precedence 1, 3 and 6), though these are only really useful if Plusnet honors them within its own infrastructure (unlikely).

Under Bandwidth Management > APP QoS, I enabled a variety of protocols for Class 1 High QoS handling by the router, such as Netflix, Spotify, Zoom, Citrix and TeamViewer.

SMS remote reporting

Handily the unit also supports SMS status reports over SMS, by sending the "router status" string followed by the password/PIN to the number assigned to the LTE SIM card.

The WiFi WAN bearer feature is also interesting, which provides the potential to use public WiFi (such as BT WiFi) as a further fallback for connectivity if VDSL and LTE fail.

Conclusions

There are a lot of features in this unit that I won't cover in this post, but first impressions are this is a high quality unit that is eminently capable of providing a resilient communications setup.

All that was left was to reconfigure the SRX to use a standard IP WAN interface (instead of PPP).

I also opted to remove NAT in the SRX and present the internal IP address space to the 2862. My aim here (further work down the line) is to shape the use of bearers based on IP address, ensuring IPs that need low latency use VDSL and others take advantage of the LTE WAN connection.

It's also possible in the 2862 to shepherd traffic based on a port profile to a particular bearer, so for instance under "Routing >> Load-Balance/Route Policy" you could direct all traffic for Spotify ports to LTE.

More to come on that when I get some time. Now to get my morning coffee before an early start.

February 03, 2021