I live in a fraternity house on a college campus. Some of the members of the house (myself included) had noticed a serious performance problem with our school network. It became so bad that we are now considering purchasing our own service from an ISP (FiOS or something similar, probably 25/25 mbps). We would want to maintain our connection to the school network, and operate this private network independant of the school.
Where we are running into some problems is the extra equipment we would need to make such a Dual ISP setup viable. We would like to get a 48 port Gigabit switch to provide good speeds for our LAN (we have some servers running in the house, data sharing is important), and some preliminary research indicated to me that we would need a router that can perform policy based routing on packets to determine which ISP to use for different types of traffic.
What I'm hoping for are suggestions for equipment that would suit our needs and not be a pain to setup (we have people who work in network administration, but time is a finite resource). Any advice on configuration or alternate methods to achieve our goals would also be appreciated!
If you guys need any more information please ask.
After some independant research some other suggestions came up. For our needs it might be appropriate to simply get a Dual WAN firewall and establish a whitelist for certain traffic on that. Just more food for thought. Looking forward to any and all input
We have 24 users in the house, and a few static resources that require networking as well (printer, house servers). We certainly could get away with a 24 port daisy chained to an 8 port or something, but at that point it might be better to keep things simple with one switch.
With regard to your suggestion of a pfsense based box, I browsed their website and it might be something we could implement. My concern would be why bother with an open source box if I'm going to need to pay for hardware anyway? A solid dual WAN firewall would be $500-600 dollars. How inexpensive would such an implementation be?
The house is currently wired. I am not trying to get new users connectivity. I want to get my existing users connectivity to both the old ISP (my school) and the new ISP we are looking to acquire. As I understand it, one method to accomplish this would be a firewall with two untrusted ports for each router and one trusted port for my LAN (the house). I'm just curious if anyone has a better suggestion.
I probably should have mentioned this, but I'd rather do this with minimal changes to the existing router configuration. I'm much more likely to get the school to approve this change if I tell them we'll do all the work.
Another criterion would be a seamless transition for my users. They aren't going to want to have to setup a proxy server on every machine we bring into the house, etc. I'd prefer to have to do all the work on my end.