i agree about home users. i do see cases where a business would like to have, or may get some advantage from, higher availability and increased bandwidth. many businesses are located where broadband providers do not have the infrastructure for anything more than what they typically sell to homes. so some businesses are limited to that. where i live and work, if i wanted anything more than what they provide to homes, i'd have to pre-pay all the costs of laying about 3 miles of fiber about 6 months before i'd even get to use it.

and i agree with "even Cisco has never gotten right" from personal experience. although we did manage to get it up, it was never stable by the time i left there. a test with OpenVPN worked quickly, solidly, and always.

as far as i know, whatever the solution for using two internet connections together, especially with separate providers (good for higher availability), something needs to join the remote endpoints. what do your solutions do in that regard?

i have yet to finish and test the scheme i have in mind. i am planning to use an AWS EC2 instance as the remote endpoint. it uses OpenVPN. it is a totally software solution, at least for Linux users. i'll see what i can do to get it to work on those other OSes if it works on Linux.

I cannot speak to all of the different perimeter solutions that support multiple upstream providers. I CAN speak to Cisco and ASG (Astaro Security Gateway). Our Cisco NEVER worked in this configuration, and Cisco support did NOT help: they simply said "you cannot do that" at the time.

With ASG already working for a single upstream: you just defined the one (or more) additional upstream interfaces, combined the upstream interfaces in the multipath settings, picked some default traffic rules (traffic responded on the interface of the original traffic, priority for outbound traffic on this interface, etc.) to turn on and defined your own at need. Set them for failover so if one stopped working the other upstream interfaces took over the traffic, and it all just worked. Not only worked, but easier and faster than any other device I have used.

Cisco has improved things every year, but has kept their basic administrator interface. They excel at expensive training programs. Astaro focused on excellent engineering and making it easy and fast for the network engineer to administrate, and it shows. HOWEVER: Both are difficult to support ($$$) for a home user. There are complete open source firewall distributions that are supposed to have the functionality, I simply have not had time to try them all.

Some of the suggestions already made should work well enough, but I must return to one point: why would this ever be a good investment for a home user? What information are we missing that would make this make sense for a non-business network?

i am curious how ASG handled the remote peer. i see 4 possibilities:

1. you set up a remote peer somewhere, which could be a leased/rented/VPS server or owned hardware you put in colocation or another place you have high-end bandwidth and/or reliability. presumable they (ASG) would include instructions how to set this up. maybe their hardware could serve that end, too.

2. they (or someone else) provide a service you subscribe to that acts as your remote end.

3. it just switches over when there is a need to do so. the masqueraded IP address changes and existing connections hang and timeout.

4. they came up with some "magical" solution to all of the issues of doing this. i'd have quite many questions about it.

if the idea i have works, it could be either a cheap/free all software thing for small businesses, homes and others, or maybe require adding a PC to run Linux (if i cannot get it to run on Windows and Mac OSX).