Using 2 gateways on 1 NIC

ov3rcontrol · Apr 12, 2018

Hello i am a owner of an internet cafe my Network is like this
-2 Routers
1st router ip [192.168.1.1] 2nd router ip [192.168.1.2]

-1 switch all 12 PC and 2 routers are connected to it

I want my customers to be able Play online games on [192.168.1.1] and browse the internet on [192.168.1.2] at the same time using 1 NIC
Is it even possible ? and if it's possible how can i do it? [I have good experience in Programming if that can help]

I tried forcebindIP and it worked but it requires 2 NIC and i want to use 1 only
My NIC Supports VLAN if that can help

SugarPsycho · Apr 12, 2018

No this is not possible you can only have 1 gateway per computer, when a computer can't find an ip on its own network it sends it to the default gateway. The computer does not really understand what kind of traffic (data ie. games or web browsing) the packet is so it cannot send it to either, I would recommend putting half of the computers on 1 router and the rest on the other.

velocityg4 · Apr 12, 2018

You need a higher end load balancing router. Then connect everything to it. You can then manually setup custom rules in the router for all web traffic going to specific servers (ie gaming) use modem A. All other traffic will go to modem B.

You can also subscribe to security and other services for your gateway from Zyxel. These aren't mandatory but make life easier for you when setup. Such as Content Filtering. So people aren't looking at porn in public hurting business and making questionable activity more difficult to perform from your shop. Anti-Virus to reduce the risk of viruses hitting your entire network. Anti-Spam to reduce wasted use of bandwidth. Application Intelligence & IDP gives you greater control over what web services are and are not allowed to run and blocks many hostile programs.

You can also setup failover rules. That way if the connection to Modem A is lost all traffic is sent to Modem B and vice versa. It has some minor limitations. It can take up to five seconds for failover to kick in. Some connections will be dropped and have to be resumed by the user. Like if they are watching Netflix. The video will stop and they'll have to refresh the page. This is more of a limitation of web services than the router.

You'll want one which can handle a lot of traffic and fast internet connections. Cheaper models have pretty low limits. The best I found for this without breaking the bank is a Zyxel Zywall 110. It can handle 1600mbps web traffic. If you need more look at the ZyWall 310. It handles a 300mbps Comcast and 1gbps AT&T connection just fine.

I know it looks a bit pricey. Once setup. It should greatly improve the security for your web cafe and reduce maintenance costs. Well worth the cost of the router and yearly security bundle.

https://www.amazon.com/Zyxel-Generation-Firewall-Ports-ZYWALL110/dp/B00E6IP2HI
https://www.zyxel.com/us/en/products_services/Business-Firewall-ZyWALL-110-310-1100/
https://www.zyxel.com/us/en/products_services/Licenses-for-Unified-Security-Gateway-ZyWALL-Series-Security-Licenses/overview

ov3rcontrol · Apr 12, 2018

But bill001g said it's possible here : http://www.tomshardware.com/answers/id-1925749/gateways-nic.html
i just don't understand how routing works

SugarPsycho · Apr 12, 2018

ov3rcontrol :

Well, I forgot it is possible but you have to set up a manual route for every route you want on the second gateway, you also have to have 2 cables coming out of each pc (unless they are wireless I am not well versed in wireless) here is a run through of the command you would have to run in windows cmd https://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-intelligent-contact-management-enterprise/20524-route-command.html

I am not very good at this as it is more advanced I would recommend waiting for further assistance unless you can figure it out from here.

EDIT: he did say it was very tedious for many computers keep in mind.

failboat · Apr 12, 2018

Can you describe the issue you are having that lead you to that idea? Maybe people can come up with more practical solutions.

If you had two subnets you could have the computers connected to a vpn on the other when gaming. The WAN interface could be split and throttled (QoS). The same customer would be on one or the other, not both. Only one NIC would be needed in the computers. I think this would be easier then trying to setup QoS for traffic coming from the same subnet. I'm not experienced at setting up QoS.

Making sure people are on the VPN could be a challenge.

ov3rcontrol · Apr 19, 2018

How can i at least make customers use the second gateway when visiting youtube only? and use the default gateway for everything else

ov3rcontrol · Apr 19, 2018

i am able to achive what i want with the routing command
route add IP-Address mask 255.255.255.255 192.168.1.2 -p
but i want to redirect them to facebook but i can't just write facebook.com

failboat · Apr 19, 2018

ov3rcontrol :

With complex tagging and routing rules in something like pfsense.

If you could tag the packets based on where they are going or type then you could setup rules to make them go to another gateway. You're going to need a router with VLANs. Video streaming and web browsing hits the same ports a lot. You could make rules based on that.

It might be able to work without VLANs if you can throttle based on the packet tagging. I'm not 100%. I know you can throttle all the traffic on a virtual interface.

https://support.teradek.com/hc/en-us/articles/226177168-What-network-ports-are-required-for-streaming-and-device-operation-

bill001g · Apr 19, 2018

It appears you have pretty much figured this out. I suspect they chose not to support DNS names in the route command to allow it to run faster. It all depends how often it looks up the name. In theory the name/IP should not change but large sites do use it to load balance traffic. You could write a script I suppose to generate the ROUTE commands that issues a nslookup and extracts the ip to generate the ip.

Another method that may work if you can separate the traffic by application is a program called forcebindip. It was badly broken when win10 came out and I never used it after but it appears they have made it work but I have not tried it. You can in theory tell a game program to use one and a browser to use another. The messy part is/was browser launch other programs to run things like video players. It has been years since I tried this.

The route method tends to work better if you just have a small number of ip you are dealing with.

ov3rcontrol · Apr 20, 2018

bill001g :

First of all thanks for replying to my question
Forcebind IP would be great but i think forcebind ip only works when you have 2 network cards ?
if forcebind ip work with 1 NIC that's going to solve all of my problems

ov3rcontrol · Apr 20, 2018

i tried force bind ip but it didn't work the gateway 192.168.1.6 is offline but am still getting reply from the server which means that it's not using 192.168.1.6 and using the default gateway
can you please confirm whether forcebind ip is working or not? maybe i 've done something worng
Thanks

ov3rcontrol · Apr 20, 2018

failboat :

ov3rcontrol :

With complex tagging and routing rules in something like pfsense.

If you could tag the packets based on where they are going or type then you could setup rules to make them go to another gateway. You're going to need a router with VLANs. Video streaming and web browsing hits the same ports a lot. You could make rules based on that.

It might be able to work without VLANs if you can throttle based on the packet tagging. I'm not 100%. I know you can throttle all the traffic on a virtual interface.

https://support.teradek.com/hc/en-us/articles/226177168-What-network-ports-are-required-for-streaming-and-device-operation-

How can i redirect all connections going through port 80 to use my 2nd gateway? if i could make that happen that would solve my problem too
any ideas?

failboat · Apr 20, 2018

ov3rcontrol :

I think you will be fine with just one gateway.

Limiters are the most basic. It's not perfect its just throttling it. It gets really complicated if you want to tweak it so that the network is always fully utilized. You can make your network much slower with errors. Gaming uses very little bandwidth. So you could probably give it a small % with a basic limiter. As long as the network isn't hitting 100% the gaming should be fine.

https://www.youtube.com/watch?v=rF46PNid1Mo

bill001g · Apr 20, 2018

I had forgotten the restrictions on forcebind. I did not really like the way it worked and when win10 broke it I never looked at it again.

Routing is based purely on ip addresses not on ports. If replacing your router is a option there are dual wan routers that may work. It has been a while so I forget if you can do path selection based on the destination port.

I know that routers running third party firmware like dd-wrt can do it. Really any router based on unix using iptables can. Iptables though I think was invented by a crazy person it takes a while to learn. A cisco commercial router this is a trivial policy based routing configuration.

Be aware this takes a lot more processing power than a simple NAT. It depends how large your internet connection is. If it is over 100mbps I would consider a actual server with one of the router firmware images loaded on it.

Doing it on the PC you are limited by what microsoft allows, I guess we have to be happy they did not remove the route command ....or make you buy a more expensive version of windows to be allowed to use it.

failboat · Apr 23, 2018

I played with mine this weekend and found that it was fairly easy to use the pfsense wizard and get started. Moving the bandwidth around wasn't difficult. I had one computer that downloads games and another streaming. When the stream started the download would drop from 250kBs to 80kBs. Downloads from steam were on port 80. Which is what a lot of traffic is on. A lot of sites use HTTPS which is port 443. You could easily increase HTTPS. It's going to take A LOT of trouble shooting to get it working. It's difficult to adjust it live, because you have to reset the firewall state to push in new rules. You will need something like ntop or wireshark to help figure out what's happening. pfsense has an ntop package.

Trying to prioritize latency was very difficult for me. I mainly played with PRIQ and with the highest level for my gaming bandwidth, downloading still brought my latency to 300ms. I only have a 3Mbs connection outside city limits and it's very sensitive. Probably a lot more so than yours would be, gaming only needs about 300Kbs per user. HFSC has a little bit more control over bandwidth but I found it much more difficult to configure. I might play with it more. I think a combination of throttling and queue based would work. If there's a way to adjust the throttle based on number of users that would probably work well.

If you decide to build a pfsense box, expect to pay $700-1,000+. You are going to need Xeon and ECC ram. The low power Xeon are really expensive. I think an E3 would cost less and do well. You could build a used one for $350 from ebay if you don't want to commit to a new one. You will likely need static ips on all your computers if certain ones are for gaming and others not. That way you can do ip rules.

Search

Using 2 gateways on 1 NIC

ov3rcontrol

SugarPsycho

Reputable

velocityg4

Glorious

ov3rcontrol

SugarPsycho

Reputable

failboat

Splendid

ov3rcontrol

ov3rcontrol

failboat

Splendid

bill001g

Titan

ov3rcontrol

ov3rcontrol

ov3rcontrol

failboat

Splendid

bill001g

Titan

failboat

Splendid

TRENDING THREADS

Latest posts

Moderators online

Share this page