Some web sites actually use the IP address as a security measure, to make sure someone isn't hijacking the session they require the IP address to stay the same. Your load balancer, of course, isn't doing that and causing the problem. It doesn't actually have anything to do with SSL, though I doubt you'd ever find a site doing this kind of security that DIDN'T have SSL.
Child labour in indiagradelasopa. I just selected Dual WAN, Load balancing, put in the ratios and it started working immediately with no fusses. I kept both WANs behind their own respective routers (no bridged mode) and Asus' firmware didn't even blink. Load balancing would also fail over from one WAN to the other after a while, but Failover mode reduces the time this can take. I have a dual wan setup in a load balance configuration and have added some routing rules for my TV(Netflix etc.) to force it to constantly use only my Primary WAN (DSL Connection). I have set All Source IP's to the TV to use the Primary WAN but it's still not the case.
So, you need to tell your Linksys that whenever you're access the IP addresses associated with that bank to stay on one or the other ISP. Use NSLOOKUP, then type in the host FQDN (secure.thatbank.com) that the user uses to access that site. That'll give up all the IP addresses used for that DNS entry.
They are usefull in environments with multiple simultaneous connections, where different transfers can be routed over different external IP addresses, effectively doubling the combined speed of all simultaneous transfers. One notable exception is using P2P software, or other similar programs that open multiple connections for the same download.
The most common load balancing routers support per-destination or per-packet balancing. Per-destination load balancing means the router distributes the packets based on the destination address. Given two paths to the same network, all packets for destination1 on that network go over the first path, all packets for destination2 on that network go over the second path, and so on. This preserves packet order, with potential unequal usage of the links. If one host receives the majority of the traffic all packets use one link, which leaves bandwidth on other links unused.
Per-packet load-balancing means that the router sends one packet for destination1 over the first path, the second packet for (the same) destination1 over the second path, and so on. Per-packetload balancing guarantees equal load across all links. However, there is potential that the packets may arrive out of order at the destination because differential delay may exist within the network.
Some business grade routers may also support unequal cost load-balancing (IGRP and EIGRP routing processes), setting preferred routes, OSPF cost, BGP path selection algorithm, etc.
Note: Reportedly, some older residential dual-wan routers may have buggy implementations, causing some issues with VoIP,VPN and even SSL connections, especially if using per-packet balancing.
Asus Enable Load Balance
rate: avg: I have a 'limited' dual WAN setup working with BitTorrent. A torrent client should be assigned to one WAN interface exclusively for it to work well. I use source local IP and source port ranges (set in advanced settings of µTorrent) to accomplish this, and have two clients seeding for each IP. Automatic load balancing where the client can establish connections via both WANs didn't work well enough. Remote peers eventually saw both of my IPs and tried to establish new connections to the one that was currently not connected to them. When my peer received the new connection, the previous one having the same peer-id was terminated, the peer was 'kicked' by my client, and the new connection took its time to ramp up to full speed (subject to latency and TCP slow start). The WAN interfaces kept switching around like this every few minutes. I use MikroTik 'Per Connection Classifier' to distribute other connections (not bittorrent). The 'both addresses' mode is the safest. A pair of hosts local and remote always use the same interface. |
