How can I bond two VPN connections?

[ianyp]

I have an rt-ac68u and I have it set up as a VPN client.

Each core in the CPU in the router seems to be able to handle about 25Mbps each. I've tested this and been able to simultaneously download at 25Mbps on each VPN connection to total 50Mbps. Is it possible to bond the connection locally and then route everything through the bonded connection?

Most of the articles I can find for guidance focus on using separate devices.

 

[ColinTaylor]

No, not possible.

 

[ianyp]

Okay. Can you qualify what stops me from being able to do it? The device has the kernel bonding module already, the CPU power, and the bandwidth. Surely it's just a matter of configuration?

If it's not possible I might get a NUC and bridge the connections from there.

 

[ColinTaylor]

What I meant was that there is no option to do that in the stock Asus firmware (the subject of this sub-forum).

If you were to install Merlin's firmware you'd have more possibilities but you'd have write your own scripts. I would imagine the performance would be pretty terrible on an RT-AC68U. There are some guides for link aggregation on the LAN ports but IIRC the CPU requirement is quite high. Given that both your CPU cores are likely to be running at 100% just for the VPN the added load for link aggregation is just going to make things worse. YMMV of course.

https://github.com/RMerl/asuswrt-merlin.ng/wiki/Link-Aggregation
https://www.snbforums.com/threads/how-to-link-aggregation-lacp-on-rt-ac68u-w-r-p.20441/

 

[RMerlin]

That's not possible because TCP/IP is a session-based protocol You cannot split packets from a given connection between two separate routes. The only thing bonding can do is allow to spread separate connections between multiple routes.

Just like having Dual WAN does not mean your Internet speed doubles. Only the capacity is increased, not the throughput.

 

[mxyz]

This project does just that on a raspberry pi running openwrt:
https://www.openmptcprouter.com/

 

[RMerlin]

Multipath TCP requires support at the remote end (for example, Apple's Music servers do). It won't automatically make all your connections suddenly become twice faster.

 

[mxyz]

Multipath TCP requires support at the remote end (for example, Apple's Music servers do). It won't automatically make all your connections suddenly become twice faster.

The remote end for the Open MPTCP Router project is typically a cloud VPN.
I used the client on a Raspberry Pi, connected to three 2.5 Mbs DSL connections. Installed the server on a Debian computer at my moms with a 210 down / 11 Mbps upload connection. Worked really well, could download single files ~6.5 Mbps.

 

[RMerlin]

The remote end for the Open MPTCP Router project is typically a cloud VPN.
I used the client on a Raspberry Pi, connected to three 2.5 Mbs DSL connections. Installed the server on a Debian computer at my moms with a 210 down / 11 Mbps upload connection. Worked really well, could download single files ~6.5 Mbps.

Right. So it will work with a very specific scenario. But it won't automatically allow you to double your download speed from all websites that you visit. Kinda like saying "Sure, you can have automatic failover without having to change IP... if you implement a BGP route in front of you".

But for Joe Average, having Multipath support in your router won't magically achieve what the original user expected to do.