How to prevent a "loop" with 2 connections to and from same sources

First of all I know the theories about network loops, 2 physical connections between the same 2 hosts. I know the theory about the loop on layer 2 will create broadcast storms, multicast can't be set with TTL as layer 2 doesn't support that. But I also know for redundancy some companies managed to implement loops even on layer 2.
I also know with ebtables you can drop packets you don't want and there should be a possibility to use this to my advantage on loops. I also know the theories about SPB and STP but I have no knowledge how I can use this, if I can use this, for my request.

So the theory I'm aware of, but I have NO practical information or experience how to set this up right.

REASON: when I create a VPN connection from Asia(Client) to Russia(Host) my download Russia->Asia is 100Mbps but upstream is only 8Mbps to Russia.
The other way around, when I am in Russia(client) and download from Asia (host) the download is 150Mbps and the upstream is 15Mbps.
So in download from A to B or download from B to A it's 150/100Mbps
But Upload from A to B or upload from B to A it's 15/7Mbps

So my thought is I create 2 connections VPN.. and have some sort of filtering to make sure I practically always "download" and never "upload"

Like teaming both connections and at the same time filter the packets marked as "upstream"

I know this is fancy and not standard.
I know this theoretical should be possible.

But how to pull this off with openWRT in practical application, is it possible with openWRT? Maybe no one ever created the proper implementation to pull this off anyway then it won't help me of course.

But I mean, theoretically this should be possible right?

would kmod-bonding be my friend here? Could it bond 2 interfaces established from different locations to each other.

1 Like

Are you sure that it wasn't your ISP that capped your upload speed?

You can set TTLs on multicast. Totally unrelated to Layer 2. Not sure why you'd want to, though.

you can pbr ( policy route ) on a session level. which is applied based on the normal filters....

in your case as uploads are pretty rare, you might look into ipset connmarking common outgoing upstream ( upload ) sites.... they can then be routed via a certain vpn.

you have to be carefull though because this can interfere with two way regular connections, so it's best done on a host by host basis ( i.e. from my lan server to xyz internet domain is always UPLOAD )....

so in essence while your intent is to trap uploads, you are really trapping that whole connection which is usually uploads....

1 Like

"Are you sure that it wasn't your ISP that capped your upload speed?"

That's a definitive "NO"

I already figured from local forums that support is telling people they don't cap anything but
then someone who worked there saying they are told to say that but in reality they do cap.

But that was related to torrents. I don't do torrents. I don't do anything illegal. Only private data over secured connection. No illegal data. So I wouldn't know why they would cap upload

You can set TTLs on multicast. Totally unrelated to Layer 2. Not sure why you'd want to, though.

Well because having a loop in a network can create weird things including totally killing your network..

You're talking about loops.


  • The TTL of a multicast packet is usually 1
  • a TTL of 1 won't loop
  • you need other routers for that to have affect

Maybe you mean Spanning Tree?