No, multihoming is not about your penthouse in London, the cabin in the Rockies, and your beach house in the Bahamas. Instead, it is all about connecting your computer or home network to multiple networks simultaneously to perform load-balancing, enhance throughput, provide redundancy, or establish gateway services.
Here we will introduce you to multihoming, show you where and why you may want to use it, and how you can set it up.
What is Multihoming?
Simply put, multihoming is giving your computing device or network a presence on more than one network. In fact, many people already have a multihomed device: the router connecting their home network to the Internet. It is also used in network bridges, repeaters, range extenders, firewalls, proxy servers, gateways, and when using a virtual machine configured to use network address translation (NAT).
Advantages of Multihoming
Let’s look at an example of multihoming your network as a whole. This would involve a connection from two ISPs. Now all of the machines on your network have two paths to the Internet. All of the traffic directed to the Internet can be sent via either link thereby providing load-balancing and relieving congestion along any single link. As long as both links are up, you can fully saturate both links increasing overall throughput. And if one of the links fails, the other still carries traffic so you have redundancy.
Another instance where I use multihomed hosts is for network backups. Since I do not want these backups to cause congestion on my production network, my computers all have two network cards. One is connected to a switch or router on the production network, and the second is connected to a switch on my dedicated backup network. All network backups happen over this second network keeping the production network clear for the “real work” even if I am working during the scheduled backups.
In order to multihome a host device, you need either one wired network interface card (NIC) or any combination of wired and/or wireless adapters.
You cannot truly multihome your computer with only one wireless adapter since it can only connect to one wireless network at a time. If you wish to connect your computer to two disparate wireless networks you must have two wireless adapters although it is more common to have one wired and one wireless connection.
To multihome a network, one modem for each ISP is needed. If you can get a simple modem from the provider rather than a combination modem/router, I would recommend you do so. It will simplify the setup, they are normally less expensive, and you won’t have as many potential attack surfaces.
You will also need a router to attach the modems to the network. Keep in mind the port count for any other devices that will be directly connected to the router. An edge router that supports Border Gateway Protocol (BGP) is best since it will automatically load-balance the traffic on all attached modems based on the BGP configuration rules. It will also handle failover in the event a single link drops.
The term address space as used in these descriptions means one or more of the appropriate addresses for the transport protocol being used on the network or media access control (MAC) addresses for the device. In almost all cases, the transport protocol will be Internet Protocol (IP) unless you are setting up a protocol gateway which uses a different transport protocol depending on which network segment it is connecting. This type of application is not normally used outside of business contexts.
The key thing to remember is the address space may be a single MAC address or a block of 2, 4, 8, or more IP or other transport protocol addresses.
Single NIC, Multiple address spaces
This is sometimes used to assign multiple addresses to a single web server with each address representing an individual domain on the server. This is why some older sources call multi-hosting or multi-tenancy servers multihomed, even though this configuration is rarely used any longer.
In the example diagram, I have listed addresses associated with a sample web server as obtained from DNS. If a web browser requests the site at www.example.com, it will resolve to the address 184.108.40.206. When the web server sees this request, it will return the data for the domain www.example.com since it arrived on the server’s 220.127.116.11 address and not one of the others. Keep in mind that all 4 of these addresses are all associated with the same network adapter in the server.
With the combination of the exhaustion of IPv4 addresses and other methods of accessing individual domains on the server from a single IP address — such as using the domain name to connect virtual hosts — this specific use seems to have fallen out of favor outside of a few private networks. Since there is only a single network adapter, this configuration cannot provide load-balancing, redundancy, or throughput benefits.
On Microsoft Windows machines, this configuration can only be used with static addresses; you cannot do this if Dynamic Host Configuration Protocol (DHCP) is enabled on the adapter.
Setting it up is straightforward:
- Go to Control Panel > Network and Sharing Center or right-click on the network icon in the notification area and select Open Network and Sharing Center.
- Click on Change adapter settings.
- Right-click on the adapter you want to modify and select Properties > Internet Protocol Version 4 > Properties.
- Select the Use the following IP address: radio button and enter the appropriate primary IP address, subnet mask, and default gateway. You should also manually set the DNS server appropriately for this network connection.
Once the primary connection is configured, click on the Advanced… button. On the Advanced TCP/IP Settings dialog, you will be able to add additional IP addresses and subnet masks in the upper portion and default gateways beneath it. By allowing Windows to automatically assign metrics, it will determine the metric for each link based on the link speed with the fastest ones having the lowest metric (higher priority).
In most cases, you will not need to define additional gateways so don’t do it unless you have a particular need for it.
For Linux systems, you can modify /etc/network/interfaces to create virtual interfaces by placing multiple IP addresses on a single interface like this:
auto eth0 allow-hotplug eth0 iface eth0 inet static address 192.168.1.42 netmask 255.255.255.0 gateway 192.168.1.1 auto eth0:0 allow-hotplug eth0:0 iface eth0:0 inet static address 192.168.1.43 netmask 255.255.255.0 auto eth0:1 allow-hotplug eth0:1 iface eth0:1 inet static address 10.10.2.24 netmask 255.0.0.0
Linux machines can use DHCP for the default assignment.
Multiple NICs, Single address per interface
The most common use of this configuration has one or more internal interfaces and one or more external interfaces, each having its own MAC and IP addresses that connect the local network to the rest of the world. Some may immediately recognize this as their router configuration, although it is also used for gateways, proxies, firewalls, and other security appliances.
Note: In the diagram above, both the desktop and mini have two network adapters with one connecting it to the primary network which is where the day-to-day work happens and the other to the network where the backups to the server occur.
By default, a Windows machine uses this type of configuration when it encounters multiple NICs. It can use DHCP on all networks that support it unlike the previous configuration where it can only use static addressing.
This is also the type of configuration used for virtual machines running under Virtualbox or VMware. The hosted hypervisor creates a virtual private network for the VM instance. The hypervisor itself has its own IP address that is used as the default gateway by the VM instances to get out to other networks via the host machine’s network adapter using NAT and turning it into its own software router.
Multiple NICs, Single address space
If the address space is a single IP or MAC address, this would be more commonly referred to as link aggregation but there are other equivalent terms such as port trunking, link bundling, NIC bonding, or NIC teaming. This is a method to increase throughput between the device (normally a server) to and from the rest of the network as well as provide a bit of redundancy. The network traffic is load-balanced between all of the teamed NICs and if one of the teamed NICs fails, the remaining NICs still continue to function normally keeping the device available on the network.
A frequent use of this is to allow more traffic to/from servers on existing infrastructure instead of having to replace the infrastructure itself. By simply adding teamed network adapters to the server and bonding them across the switches in order to provide a fatter pipe for the bits to travel through throughput is increased while providing redundancy in the event of a failure of a network adapter. This can be done for a fraction of the cost of upgrading the network switches, routers, and cabling that would otherwise be required.
This can still be used if the network switches can’t handle the bonding. In this case, setting up a round-robin DNS will perform a simple level of load-balancing for the server. As each DNS request is processed, it cycles through the addresses for each card spreading out the work between each of the network adapters although specific resolver behavior on client machines and caching DNS servers will interfere with the process.
When performed at the site or network level, a routing protocol such as BGP is used to provide aggregation and failover capabilities. In other words, when the routers notice that one of the links has failed, the routers on both ends will no longer send traffic over the failed link.
Multiple NICs, Multiple address spaces
Frequently used for load-balancing with specialized hardware for high-availability systems, this is the type of solution used by high volume Internet sites such as Google which are serving tens of thousands of transactions per second. It is also used to multihome entire networks. For example, connecting a single network to two different ISPs for redundancy would fall into this category.
While some home users may like to consider this type of option, it does not come without its drawbacks.
First, you are looking at contracts with two ISPs since two connections from the same source will not provide redundancy especially in residential areas where both connections are almost guaranteed to run over the exact same hardware. The failure of a device in this single path still brings down both connections.
Second, for true failover capability a more expensive edge router is required that supports BGP for link failure detection and isolation as well as link aggregation. These are normally business-class routers as their pricing beyond $300 clearly indicates. Companies such as Ubiquiti do offer cheaper units targeted at small office/home office (SOHO) environments but have mixed reviews regarding their reliability and user-friendliness even from experienced network administrators.
Third, it requires cooperation from both ISPs in order to properly configure BGP on both ends of each link. Depending on the level of cooperation and competition among your local ISPs, this may be the biggest hurdle.
While multihoming of a home network is still possible without these edge routers, it is not without its problems:
- Failover is not smooth.
- Every open connection will be abruptly terminated while an edge router with BGP provides a smoother transition and some upper-level protocols may encounter a slight hiccup then continue as if nothing happened.
- Throughput is not likely to be affected without playing games with the route configuration of all of the machines on the network. For example, running all of the traffic to specific sites through one connection and all other sites through the second connection. Even so, any gains would likely be minimal while running the risk of potentially decreasing network performance.
- A link failure may end up causing more problems such as frequent timeouts when the preferred path set up in the routing table is not available.
Without the edge routers, matters become overly complicated for little if any gain. In my opinion, the additional hassle just isn’t worth it.
While multihoming a computer is a fairly simple process and can be effectively utilized for a multitude of purposes, doing the same for a home or SOHO network may not provide enough benefit to justify the expense.
How do you use multihomed hosts? Have you multihomed a network? Were all of the your expected benefits realized? Where did it excel and how did it fall short? Let us know in the comments below.
Image Credits: D-link DFE-528TX 10/100Mbps Fast Ethernet PCI network adapter (CC BY 2.0) by Tim Gillin, Quagga Prefix List (CC BY 2.0) by Linux Screenshots