New Title: Need assistance in Setting up Hot Failover

Specialized Market Starlink
1

Edits at the top: Continue to search for a solution to getting hot failover to work. Interestingly, in all my searches, including the firmware instructions, I can’t find anything that specifically is focused on “how to set up Hot Failover”. I still can’t get the 20X (or more specifically, Speedfusion) to send traffic just to the active/healthy/fast main WAN connection rather than the slow cell backup on any kind of consistent basis. As far as I can tell, I am sending all data through my SFC tunnels. I can’t understand why SF is using the slow connection at all.

This post seemed to have the same problem but no solution was mentioned: Peplink | Pepwave - Forum I have an even simpler outbound policy list that that one (I have nothing but the default “https persistence”). Paul_Mossip provides some good insight here: especially post #10, but not enough info for me to get it to work. These threads have promising titles: Minimum Setup for Hot Failover and Hot Failover configuration - #2 by sitloongs but either are not using SFC or did not provide a solution. I have read thoroughly Understanding and Configuring Outbound Policy but can figure out if an outbound policy is needed to get hot failover to work.

-------original post---------

I have two connections - a fast one to Starlink and a very slow one to AT&T (cellular) as backup. I want to use SFC to enable hot failover to the slow AT&T connection if Starlink goes down. My understanding is to do this, all I have to do is set the Starlink to priority 1 and the cellular to priority 2 in the SFC setup, like this:

screenshot-2022-07-02-214212.png
screenshot-2022-07-02-214212.png1410×1328 104 KB

Among the clients connecting to my 20X are two computers (as in windows 10 computers) and two cell phones. One of each for me and my wife.

The problem is that my computer always connects to the slow AT&T connection, which is meant to he a hot failover (Starlink is not down - it has been rock solid up). While the phone always correctly uses the Starlink WAN. Here is a picture of real time throughput:

screenshot-2022-07-02-213703.png
screenshot-2022-07-02-213703.png1401×1366 89.1 KB

I started loading a large web page on the computer and the 20X used the slow AT&T connection to load it. While that was loading, I ran a speed test on the phone (google speed test) and it correctly used the fast WAN to run it. The phone loads web pages and does other internet traffic fast (i.e. connects to the priority 1 WAN).

The computer happened to be connected by ethernet to the 20X, but I tested it also using its wifi connection and got similar results.

My wife reported anecdotally the same results - fast on her phone and slow on her computer.

Any idea why the computer is not using the priority connection?

I have no outbound policies set yet. Just the default “HTTPS persistence” that comes with the machine.

2

Replying rather than editting, as this seems very confusing.

I wanted to check to see if the persistence outbound rule was causing the problem, so I turned it off. But that gave me more confusing results. There were some cases where a speed test on the computer would primarily use the Starlink WAN, but not always. Or it would for the download part but not for the upload part.

But then using the phone, I got the “use the slow cell” connection problem. Again, very inconsistent.

I then went and re-enabled the stock persistence outbound policy and things returned to how I described it above. I can only run so many speed tests to generate data points, but it seemed like the phone would again primarily activate the Starlink, while the computer would activate the cell connection.

I would reiterate that all this testing is with SFC enabled, so when I say the “phone uses the Starlink WAN”, I mean that the SFC VPN is primarily using the Starlink WAN. All traffic is going through the SFC VPN.

3

This was solved after I opened a ticket and my “Certified Partner” (the folks who sold me my 20x).

Since I did a lot of searching on this without an answer, I thought a good idea to post the solution to future people looking for this answer.

It turns out you do need to add an outbound policy to get hot failover to work. This is the rule to add:

  1. Name: This can be whatever you would like, but I chose “Send All SFC”
  2. Enable: Must be checked
  3. Source: Any
  4. Destination: Any
  5. Protocol: Any
  6. Algorithm: Priority
  7. Priority Order: The SpeedFusion locations will be in the right hand not in use column and must be moved to the top of the highest priority list to the left. Use the dots to the left of the name to drag the location from the right to left columns. Note: Connections will be used from top to bottom order so if more than one tunnel is listed, the top one will have to fail before a second is used.
  8. When no connections are available: drop the traffic
  9. Terminate Sessions on Connection Recovery: Unchecked
1 Like