Hello,
We’re trying to build Speedfusion VPN with 2 x FusionHubs for redundancy. The purpose of the Hubs is only to provide Internet to the remote branches(CPEs)/ On remote CPE branches we determine the priority of the Hubs(master or slave) via Outbound Policy > Priority. So everything looks and working fine with this topology. But when decided to enable LAN interfaces on the both FusionHubs then one of the tunnels stucked on Route Conflict. We suggest the reason for this is that both LAN interfaces have IP addresses of the same subnet. We need to use LAN interface of each FusionHub only for management purposes. In fact although of that the tunnel is flagged as Route Conflict we noticed that it is running and forwarding traffic. We don’t any needs LAN subnet to be advertised through OSPF over SpeedFusion VPN. I have tried to find how to suppress of filter the LAN subnet via OSPF but without success. Seems that by default LAN subnet is always advertised and there is no option to disable. I will highly appreciate if someone can help us to fix this issue. To better understanding our topology I provide it in the attached photo.
You can exclude the LAN on the Fusionhub from OSPF advertisement in Advanced > Routing Protocols> ISPF& RIPv2
You would also need to set the OSPF costs higher on the tunnel to and from hub2-sof.
Default is 10, set it to 20.
Edit. Actually no you can’t. You can only exclude some static routes there… what about if you extend OSPF to the LAN of the fusionhub?
1 Like
Hello Martin,
Many thanks for your quick answer.
I have just tested your advise and can confirm that after setting different higher OSPF cost of hub2-sof on the remote CPE branch side only then the issue with Route Conflict seems permanently fixed and the tunnel status is of both tunnels is established. If would be great if Peplink implement in some next future firmware release the option for exclude (suppress) network under OSPF.
Many thanks once again.
1 Like
Hello,
I would like to provide further clarifications on this case. After running several WAN failover simulation tests, I can confirm that the Route Conflict issue is now resolved. However, I am now encountering a new problem: the SpeedFusion VPN remains stuck on Updating Routes on remote branch only. All tunnnels are working fine depite of the stuck state.
It seems that applying the OSPF cost fixed the original Route Conflict issue, but the Updating Routes state consistently appears whenever a WAN failover event occurs.
From my analysis, this behavior is caused by the same subnet being visible through multiple HUBs. Unfortunately, there is still no mechanism on FusionHub to filter or suppress LAN subnets from being advertised via OSPF over SpeedFusion VPN.
As a workaround I resolved the issue by assigning a unique LAN subnet to each FusionHub interface. Still, I believe the Peplink team could improve this by providing more granular control over OSPF advertisement options on FusionHub devices, similar to what is already available on other Peplink router models.
