I got some question about some networking stuff.
Here is my situation,
ISP-A provide 5Mbps Internet Speed along with 100Mbps IX (Local Bandwidth) ISP-B provide 50Mbps Internet Speed along with 100Mbps IX (Local Bandwidth) ISP-C provide 100Mbps Internet Speed.
Here ISP A & B are in the same region, In that region, Government blocked most of the sites. ISP C is hosted in another country where is no internet restrictions.
The issue is, ISP - A is my primary internet connection. I use it to connect ISP - B, so I can get higher bandwidth using VPN. The problem is both ISP blocked most of the sites. So I need to connect ISP-C from ISP-A. If I use this, my connection speed capped to 5Mbps. But If setup ISP-B as a VPN wifi router and connect my android as a client, then I can connect ISP - C. This I got everything, I can get maximum internet speed as ISP-B allowed along with no restrictions.
Now my question is, How can I setup this thing in OpenWRT? I setup VPN server in each (ISP-B & ISP-C) end. I installed the SoftEther VPN and ShadowShockr. SoftEther provides L2TP, IPSec, OpenVPN, SSTP, MS-SSTP.
Right now, I'm using Raspberry Pi as hostapd with SoftEther VPN Client, I did bridge both interface so it can work like DHCP router.
It would be great If I able to setup it in OpenWRT.
This is a real case.
In my country internet cost is so versatile depending on the place. Like if you stay in the city you will get 5Mbps internet for 6$/Month, also 12Mbps for 12$/Month. On the other side people living in the village has to pay 12$ for 512Kbps/Month !!!
But both users are getting a good amount of local speed, so I able to make a bypass to the high-speed server. Example, A village user rent an internet connection for 12$ (512Kbps Global, and 30Mbps Local) meantime he purchased a VPN from an ISP in the city for 12$ (12Mbps Global, 100Mbps Local). So that's a win situation. Because ISP in the village is not allowing city ISP to provide internet access thought wire, they got huge corrupted syndication.
I have made a research paper about this, and working to make an upgrade of my current project. This project might help people in Asia and Africa a lot.
For my user case, I got GL-MT300N v1. I can use any high ended OpenWRT router. Right now I'm trying to build the prototype.
No, it's not about load balancer I guess. If you check my post, If I pass my traffic to ISP-C vpn I will not get good speed. But If I able to make ISP-A > ISP-B > ISP-C that case I will get maximum internet speed. Other word, I have to pass internet using ISP - B .
Well, I can't answer your specific question, as I haven't played enough with VPN myself, but I still suggest that you do with ISP A --> ISP B for your case. 50 Mbps is already good enough, and probably the extra speed is not worth complicating things.
are you saying that he only needs VPN at his end point (i.e. global VPN subscription), then force his routing to go through ISP-A (naturally), ISP-B and ISP-C before it makes its way to the VPN server?
If I properly understand what he said, he was accessing connecting form a device at Location A on ISP-A to a device at Location B on ISP-B (via VPN provided by ISP-B, to unblock blocked sites), and then at the same Location B he is making another VPN tunnel to Location C.
And he wants to use OpenWrt at location B, where there is a VPN tunnel to the down stream, going to Location A, and another to the upstream going to Location C.
What I don't understand, however, is what kind of connection is provided by ISP-B. Because if we are talking about VDSL, then the upload bandwidth (which effectively be the download bandwidth of Location A) would be limited.
Basically I got home internet connection aka ISP-A. Where I used Raspberry Pi to connect ISP-B aka A datacenter VPS.
So if I use hostapd in RPi, I can use ISP-B internet will 50Mbps speed. Now I got ISP - B internet in my Andoird, I can use any VPN app on android to connect any outside VPN outside my region. Which mean I used (ISP A > ISB- B) > Wifi > ISP-C(VPN)
My question is, I'm sitting at home, and I like to make a Wifi or Lan where I will be connected ISP-C. ISP-C connection will be passthought ISP-B and ISP-B will be initiated from ISP-A.
Setup a VPN from Openwrt to the VPS/B.
In VPS/B setup another VPN to VPS/C.
In Openwrt at home force all traffic via the tunnel with VPS/B
In VPS/B forward all traffic from one tunnel to the other.
In VPS/C masquerade and forward to Internet.
You'll need static routes everywhere. That means that VPS/C needs to know that the network you have at home is reachable via VPS/B. The same for VPS/B.
Parent connection - provides the medium for the child connection.
Child connection - depends on the parent connection medium, but becomes a parent for every new child connection.
So, every child connection should:
Provide a route to its own remote gateway via the parent connection gateway and interface.
Override/remove default route of the parent connection.
Considering you have 3-generation tree and assuming that the 2-rd connection behaves according to the described above logic, you likely need to fix only the 3-rd connection behavior.
But, I'm afraid, there's no guide and the implementation depends on the VPN type you use, so it will likely require some scripting and debugging skills.