Using 2 ISPs at home at the same time! Tomato MultiWAN – works great! (Video)

Why do you really need this? When Shibby first put out the firmware with MultiWAN support, I questioned why someone would pay for 2 service providers. Too much bandwidth utilization? If you need more bandwidth, just upgrade your line with your current ISP. It would be cheaper than getting a new line!

Do you need reliability? When you work from home and need to be connected to the Internet for your work and it’s not available, that’s when you might look into a solution like this one! I have Comcast Business. Does that help? No, not really when the problems is with the infrastructure and not a misconfiguration or something internal. It just means that when you call, you talk to someone a little more competent and you can get a person quicker than going through the phone system. You can have someone come on-site a little faster too. That said, the service is the same as that of all other consumers. After a few rains and a couple of Comcast outages (not exactly outages, but huge degradations in service), I started to think about getting a second provider. Luckily, in San Francisco, we have a few options for service providers here. I happen to be lucky enough to have access to 2 different cable providers, Comcast and Wave Broadband (formerly Astound). I used Astound before. It was not bad. My experience was not nearly as bad as what the Yelp reviews say. I’ve now had them for a couple of weeks and still have the same opinion. They seem to be just fine.

So, moving onto the implementation. As you can see from the screenshot, Shibby makes it easy! First configuration the VLAN. It points to a link for where to do it – in advanced settings. You can look at the next screenshot to see an example of the VLAN being set up. I’m using LAN port 1 for the 2nd WAN port.

In this screen however, You might notice my “Load Balance Weight”. The problem with my service providers is that Comcast gives me unlimited bandwidth. Wave Broadband does not. Because of this, I want more connections to go out of the first WAN link and Shibby gives us a couple of ways to do it. First is with “Load Balance Weight”. I’m just setting the 1st link to 2 and 2nd WAN link to 1. You can play with the numbers to try finding your desired balance.

Screen Shot 2016-04-29 at 6.43.42 PM

Screen Shot 2016-04-29 at 6.43.01 PM

Another place to do load balancing is by pinning a particular host to a particular WAN link. For example, I have some traffic I want out of 1 WAN link and some out of another. This way, I can tell my highest traffic hosts to go through WAN1 while some others through WAN2.

Screen Shot 2016-04-29 at 6.47.37 PM

Here’s a status window to show that I have both WANs connected.

Screen Shot 2016-05-01 at 4.23.59 PM

Lastly, you can see from different searches of what’s my IP, that both WAN links are being utilized.

Screen Shot 2016-05-01 at 4.29.15 PM Screen Shot 2016-05-01 at 4.29.26 PM

Please post your comments and share!

Drobo connected to Asus router running TomatoUSB

Simple – Don’t do it! This was from a couple of years ago when running TomatoUSB on an ASUS RT-N16 router. DD-WRT had issues where the wifi would drop off periodically. I found that TomatoUSB (Shibby or Toastman) were both very good alternatives. So good that I’ve since moved onto Tomato for almost all of my routers.

Anyways, some of the issues I ran into were:

Value too large for defined data type …

Sep 24 00:01:08 unknown daemon.err smbd[1539]: disk_free: sys_fsusage() failed.
Error was : Value too large for defined data type
Sep 24 00:01:08 unknown daemon.err smbd[1539]: disk_free: sys_fsusage() failed.
Error was : Value too large for defined data type

[email protected]:/tmp/etc# df -h
Filesystem Size Used Available Use% Mounted on
/dev/root 5.6M 5.6M 0 100% /
tmpfs 62.0M 400.0K 61.6M 1% /tmp
devfs 62.0M 0 62.0M 0% /dev
df: /tmp/mnt/Monster: Value too large for defined data type

Along with this, the CPU on that router just couldn’t handle NTFS-3G well – CPU utilization was going through the roof on writes. I think reads were okay.

It would be better to just build a cheap NAS.

if vCenter Server Heartbeat or Neverfail Heartbeat failover appears to be not working or taking a long time …

The main symptom of this problem would be that the vCenter Server Heartbeat console or Neverfail Management Client console would show that the services had failed over, but if you were to try to ping it, it wouldn’t respond.
Logically, there there are some hypotheses you could come up with:

1) Network packet filter isn’t revealed on the active server, so we can’t connect to it.
2) Something wrong w/ the service.
3) The console is wrong and on the backend, nothing failed over.

These would be all wrong.

What we found was that it was an issue with ARP caching on the switches. Because the VM or host abruptly fell off the network, the switches hadn’t expired the ARP entries and that they were stale. You would think that it would be fixed in a minute after the ARP entries expired, but I guess the chain could take a little longer.

Probably the best way to troubleshoot this would be to get on a host on the same network segment and try a ping. If that fails, you could run “arp -a” and check to see if you indeed have the right mac address of the host you want to connect to. If not, you could probably log into the switch to delete the entry or you can create a task to run the command during switchover:

“C:\Program Files\VMware\VMware vCenter Server Heartbeat\R2\bin>nfpktfltr.exe arp”

You should then see the switchover happen without the long delay.

What in the world is DDOS?

Recently, I set up my own DNS server. I hadn’t run a public DNS server in years. Since the tvpads recently had some DNS issues, I thought maybe I could help eliminate some support calls by running my own DNS server, pointing to the right servers. Boy was I wrong! For some reason, even though some others on comcast would point to my server as a DNS server, they would still get answers that were not the answers given from my server! It was so bizarre! I had never seen it before. If they ran nslookup and used “server <DNS Server IP>” and typed in the name they wanted to resolve, it’s almost as if the server statement prior was ignored and they were getting the IP that the ISP wanted to give them.

Anyways, that’s not the problem I’m writing about here. Surfing some websites became slow for some reason and I thought I would investigate. The first thing I went to see was what connections I had to the outside world. I went to the router and looked at the traffic. Here’s what I saw:
Obviously, that’s DNS traffic. Well, go to the DNS server and what do I see? This:

10-Oct-2013 15:34:14.228 queries: client query: IN ANY +E
10-Oct-2013 15:34:14.670 queries: client query: IN ANY +E

Many different lines of the same exact query. What is it? I have no idea. I’ve decided just to shut down DNS queries for now, but if anyone knows anything about this, I’d be happy to hear from you.


apt-get cheatsheet

nixCraft » Debian Linux apt-get package management cheat sheet » Print

– nixCraft –

Debian Linux apt-get package management cheat sheet

Posted By LinuxTitli On May 9, 2005 @ 12:21 pm In Debian Linux, Howto, Linux, Sys admin, Tips, Ubuntu Linux | 6 Comments


Both Debian and Ubuntu Linux provides a number of package management tools. This article summaries package management command along with it usage and examples for you.

(1) apt-get : APT is acronym for Advanced Package Tool. It supports installing packages over internet (ftp or http). You can also upgrade all packages in single operations, which makes it even more attractive.

(2) dpkg : Debian packaging tool which can be use to install, query, uninstall packages.

(3) Gui tools:

You can also try GUI based or high level interface to the Debian GNU/Linux package system. Following list summaries them:
(1) aptitude [2]: It is a text-based interface to the Debian GNU/Linux package system.
(2) synaptic [3]: GUI front end for APT

Red hat Linux package names generally end in .rpml similarly Debian package names end in .deb, for example:

apache : Package name
1.3.31-6 : Version number
i386 : Hardware Platform on which this package will run (i386 == intel x86 based system)
.deb : Extension that suggest it is a Debian package

Remember whenever I refer .deb file it signifies complete file name, and whenever I refer package name it must be first part of .deb file. For example when I refer to package sudo it means sudo only and not the .deb file i.e. sudo_1.6.7p5-2_i386.deb. However do not worry you can find out complete debian package list with the following command:

apt-cache search {package-name}

apt-get add a new package

Add a new package called samba
Syntax: apt-get install {package-name}

# apt-get install samba

apt-get remove the package called samba but keep the configuration files

Syntax: apt-get remove {package-name}

# apt-get remove samba

apt-get remove (erase) package and configuration file

Syntax: apt-get –purge remove {package-name}

# apt-get --purge remove samba

apt-get Update (upgrade) package

Syntax: apt-get upgrade

To upgrade individual package called sudo, enter:
# apt-get install sudo

apt-get display available software updates

Following command will display the list of all available upgrades (updates) using -u option, if you decided to upgrade all of the shown packages just hit ‘y’

# apt-get upgrade samba

However if you just wish to upgrade individual package then use apt-get command and it will take care of rest of your worries:
Syntax: apt-get install {package-name}

dpkg command to get package information such as description of package, version etc.

Syntax: dpkg –info {.deb-package-name}

# dpkg --info sudo_1.6.7p5-2_i386.deb | less

List all installed packages

Syntax: dpkg -l

# dpkg -l

To list individual package try such as apache

# dpkg -l apache

You can also use this command to see (verify) if package sudo is install or not (note that if package is installed then it displays package name along with small description):

# dpkg -l | grep -i 'sudo'

To list packages related to the apache:

# dpkg -l '*apache*'

List files provided (or owned) by the installed package (for example what files are provided by the installed samba package)
Syntax: dpkg -L {package-name}

# dpkg -L samba

(H) List files provided (or owned) by the package (for example what files are provided by the uninstalled sudo package)

Syntax: dpkg –contents {.deb-package-name}

# dpkg --contents sudo_1.6.7p5-2_i386.deb

Find, what package owns the file /bin/netstat?

Syntax: dpkg -S {/path/to/file}

# dpkg -S /bin/netstat

Search for package or package description

Some times you don’t know package name but aware of some keywords to search the package. Once you got package name you can install it using apt-get -i {package-name} command:
Syntax: apt-cache search “Text-to-search”

Find out all the Debian package which can be used for Intrusion Detection

# apt-cache search "Intrusion Detection"

Find out all sniffer packages

# apt-cache search sniffer

Find out if Debian package is installed or not (status)

Syntax: dpkg -s {package-name} | grep Status

# dpkg -s samba| grep Status

List ach dependency a package has…

Display a listing of each dependency a package has and all the possible other packages that can fulfill that dependency. You hardly use this command as apt-get does decent job fulfill all package dependencies.

Syntax: apt-cache depends package

Display dependencies for lsof and mysql-server packages:

# apt-cache depends lsof
# apt-cache depends mysql-server

Further reading

Article printed from nixCraft:

URL to article:

URLs in this post:

[1] Image:

[2] aptitude:

[3] synaptic:

[4] cheat sheet:

[5] cheat-sheet:

[6] APT and Dpkg Quick Reference Sheet:

Copyright © 2004-2009 nixCraft. All rights reserved.

UPnP Problems?

For some reason, on my home LAN, I have trouble playing Age of Empires. I know, it’s an old game, but I still like to play it. I’m connected at home via a Linksys WRT54G-L. I’ve also connected up a Netgear MR814 used as a hub, but I don’t think that’s the issue. I’m not using dhcp on either of those boxes – I have a separate machine as a dhcp server. Anyways, clicking “Show games” would never work! I thought initially it was some software issue, so I reinstalled Windows and it still didn’t work. I swapped out the WRT54G-L for a switch and then it worked! After some googling, I found that it might be the UPnP. Hopefully, this fixes it. It works now, but then again, it used to work before too. We’ll see.

DHCP server with DDNS

include “/etc/bind/rndc.key”;
ddns-domainname “”;
ddns-rev-domainname “”;
ddns-update-style interim;
ddns-updates on;
ignore client-updates;
zone {
key rndc-key;
default-lease-time 21600; # 6 hours
max-lease-time 43200; # 12 hours
option domain-name “”;
option domain-name-servers,;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet netmask {
option domain-name-servers,;
option domain-name “”;
option routers;
option broadcast-address;
default-lease-time 600;
max-lease-time 7200;
zone {
key rndc-key;
zone localdomain. {
key rndc-key;
/etc/named.conf –> I’m using Ubuntu 6, so it’s actually /etc/bind/named.conf and named.options, etc, but for the sake of simplicity, I’ll put them all together.
options {
directory “/var/cache/bind”;
auth-nxdomain no; # conform to RFC1035
zone “.” {
type hint;
file “/etc/bind/db.root”;
zone “localhost” {
type master;
file “/etc/bind/db.local”;
zone “” {
type master;
file “/etc/bind/db.127”;
zone “” {
type master;
file “/etc/bind/db.0”;
zone “” {
type master;
file “/etc/bind/db.255”;
controls {
inet allow {localhost; } keys { “rndc-key”; };
// Add local zone definitions here.
zone “” {
type master;
file “/etc/bind/”;
allow-update { key “rndc-key”; };
notify yes;
zone “” {
type master;
file “/etc/bind/”;
allow-update { key “rndc-key”; };
notify yes;
include “/etc/bind/rndc.key”; Some troubleshooting tips: 1) turn on logging for DNS:
logging {
category “default” { “debug”; };
file “/tmp/nameddbg” versions 2 size 50m;
print-time yes;
print-category yes;
}; That’s about it – it should give you all you need.]]>