Understanding WAN Handoffs and Public IP Address Configuration

Here's an explanation of how we configure your service if you've ordered one or more optional routable public IP addresses.

For services without a routable public IP address, we provide a single gigabit copper handoff. This connection serves as your WAN interface for general user traffic. Simply connect this to the WAN interface of your router or firewall, and your users will access the internet through our service. Your interface will be provided a private IP address via DHCP, or you can statically configure this on your WAN interface if you prefer. Please refer to the hand-over document for the IP addressing of your service.

We provide separate dedicated bonding appliances to handle the different traffic types:

1. General User Traffic: This appliance handles your standard user traffic, and uses Deep Packet Inspection (DPI) to selectively bond only sensitive applications such as VoIP, video calls, and conferencing to ensure stability. This appliance has a dedicated static non-routable IP address that is suitable for whitelisting services.

2. Optional Public IP Traffic: This appliance handles traffic requiring a routable public IP address, ensuring optimal reliability for services like VPNs, remote access, and hosting. This appliance bonds 100% of all routable public IP traffic.

If you’ve ordered optional public IP(s), we present these separate (split tunnel) to normal user traffic to ensure optimal reliability:

• Dedicated Circuit or VLAN: Public IPs are provided individually either on a separate physical handoff or as a VLAN in a trunk (alongside your general user traffic VLAN). This approach segregates public-facing traffic from standard user traffic to improve the overall service performance.

• Individual IPs: You can order up to 5 public routable IP addresses per service. These are allocated as individual /32 addresses and are not part of a contiguous range. Each IP address is presented on a separate interface or VLAN.

• Dedicated Bonding for Routable IP Traffic: We provide a dedicated bonding appliance for the routable public IP addresses. This ensures reliability for services requiring direct public IP access.

To maximise bandwidth and responsiveness, general user traffic is sent using a mixture of load-balancing algorithms and DPI steered bonding for resiliency, whilst all routable public IP traffic is fully bonded on a dedicated separate appliance. 5G bonding incurs a throughput overhead, hence it is used sparingly wherever possible and as such we do not bond 100% of all user traffic but instead reserve it only for sensitive user services and the public routable IP addresses.

To make the most of our service, your router or firewall should ideally:

• Support a WAN connection for all general user traffic on a physical copper port or a VLAN presented in a trunk.

• Route all user traffic over the default general traffic interface where we will automatically perform DPI and steer sensitive user traffic through your general bonding appliance.

• For each routable public IP ordered, you will need the ability to accept either an additional physical copper port or an additional VLAN in a trunk.

• You should route your specific services (e.g., VPNs or public-facing applications) to the relevant public IP interface or VLAN.

We acknowledge that this set-up is somewhat unconventional compared to traditional fixed-line service where you might normally be assigned a small subnet of contiguous public IP addresses, however this split traffic approach ensures you can make full use of the 5G bandwidth available whilst minimising bonding overheads.

If you have any questions or need help with this set-up, please contact our support team and we'll be happy to help.