Hi.
Looking for some expert advice on the best design for a large system comprising of:
2 x Starlink Maritime Packages (4 High Performance starlink antennas)
1 x HD4 MBX
This is for a large yacht/ship.
*disclaimer: this is not a real life system. Im only hypothetically trying to figure out the correct way to bond multiple 200mbps+ WAN links... (Just in case the Starlink fair use police are watching).
So…
The location of the HD4 MBX will be at the top of the ship to limit coax runs to the antennas.
The Starlink routers are below deck connected to the ships network and run to the bonding router on 4 separate VLANS as 4 individual WAN links.
So I have 5 separate VLANS:
VLAN1 SL1
VLAN2 SL2
VLAN3 SL3
VLAN4 SL4
VLAN5 MBX
I am confused as to what the best practice would be to provide maximum throughput combined with the added benefits of SpeedFusion…
My thought is to use a balance 580X and run the 4 x starlink and 1 x MBX feed into there and bond everything through 1 Speedfusion VPN. But as far as I understand, a speedfusion link has a maximum throughput of 200mbps. So with 4 x starlink terminals each capable of doing well over 200mbps I am not sure if speedfusion is the right option.
Also the VLAN from the MBX to the 580X will just be a load balanced link. Unless I bond the 4 x modems in one speedfusion tunnel in the MBX and connect the already bonded feed from the MBX to the 580x that way. But then I need a separate speedfusion subscription to bond the starlink terminals with the (bonded) MBX link. Is it even possible (or recommended) to bond an already bonded link?
Perhaps it’s possible to run each modem from the MBX as a separate VLAN into the bonding router (This will give me 8 WAN links in total so the 580X is not the right piece of equipment in this case).
Some advice would be much appreciated.
1 Like
Not sure where you get that idea from, maybe if you are using the Speedfusion Connect service from Peplink but if you hosted your own hub then the limits are significantly higher - I’ve benchmarked a 580X doing SF VPN to a low cost VM hosted in Vultr at nearly 800Mbit/s and the limiting factor was most likely the CPU on the 580X at that point.
No matter what way you do this that MBX4 is not really going to get used to its full potential, via a single VLAN and load balancing on the MBX4 the SF tunnel from the 580X would establish via 1 of the modems and that’s it, it will not magically load balance multiple PepVPN sessions across the 4 modems in the MBX.
Bonding on the MBX4 and then handing bonded connectivity to the 580X is also a bad idea in my experience, tunnels within tunnels are generally sub par performance.
This is an approach we take, using things like the HD Domes into something like the 580X, in your instance though as you say the 580X really isn’t the best fit here, to get the most use out of everything you really want something like the SDX / SDX Pro with the 8 port WAN/LAN module loaded into it so all the modems of the MBX can be added into the PepVPN bond.
A bit of food for thought though:
-
I’d suggest that you look into running your own FusionHub Solo for the “bonding router” to connect to, it will likely be better performance and value than using the hosted service from Peplink in this instance.
-
You’re looking at some relatively high ticket price boxes here, find a decent partner to work with on this as they will be able to guide you with regards to configuration and possibly what hardware combination may best meet your needs.
-
In my experience Starlink + SF VPN will not generally result in the throughput you get directly from the Starlink routers, I’ve seen it be substantially less than what is delivered by routing traffic straight out the WAN so you may be better off load balancing most traffic flows out of the bonding router and only using SF for traffic where hitless failover is necessary (such as voice).
-
Hosting a FusionHub Solo is simple, but where you host it will matter, you may need a few scattered around the place for geo purposes as the boat moves about, you may also find that some content services simply do not work from a hub hosted in the public cloud providers like Vultr, DO, GCP, AWS etc. - again this is where load balancing traffic and sending only what is necessary to the SF tunnel is a good approach.
2 Likes