Apparently there is no way to have an Outbound Policy rule that combines both a “By Application” and by “MAC/IP/SSID” (I just created a feature request for this)
so I came up with this crazy idea:
create rules to trap any and all devices except for one device, put these rules above the “SpeedFusion” rules (which becomes visible when you select “expert” mode)
each policy has two rules, one for 443/Persistance, followed by ANY/fastest response
I assumed that I do not need 443/persistence rule for SFC routes, since they will always use the IP of the Peplink SpeedFusion Hub datacenter.
create rules via the SpeedFusion Connect configuration for Zoom/Teams
the only thing that I do not yet know how to do is direct “soft phone” calls from the work computer via SFC.
how do I “identify” soft phone calls coming from a computer? port? destination domain/ip? not critical, since my wife prefers to use her VOIP desktop phone over soft phone. but I would still like to have rule(s) to route all voice calls made from her computer via SFC smoothing.
example outbound policy rules:
Main SSID443 - source SSID1, dest Any, port 443, persistence
Main SSID - source SSID1, dest Any, port any, fastest response time
Guest SSID443 - source SSID2, dest Any, port 443, persistence
Guest SSID - source SSID2, dest Any, port any, fastest response time
NonCritical Wired 443 - source NonCritical IP range (IP reserved by MAC), dest Any, port 443, persistence
NonCritical Wired - source NonCriticalIP range, dest Any, port any, fastest response time
SFC SSID - source SSID3, dest any, port any, Priority, SFC FEC (no smoothing) [note, no 443/Persistence rule]
VOIP Phone - source MAC (IP not in the nonCritical IP range) dest any, port any, Priority SFC Smoothing and FEC
any devices except for the critical work computer should be trapped by one of the rules above
[the “expert” mode SpeedFusion Connect Routes] which has only “by application” configutred for Zoom and Teams
the “standard” HTTPS Persistence rule, source any, dest any, port 443, persistence
the “default” rule using fastest response.
If I did this correctly, then any wireless device on the main or guest SSID will route via WAN1 or WAN2 but not SFC
any wired device in the “nonCritical IP range” will also use WAN1 or WAN2 but not SFC
any devices connected to SFC SSID will use SFC
VOIP phone will use SFC with smoothing
the above should trap all devices with the exception of the critical work device, which should then use the SpeedFusion “By Application” rule for Zoom/Teams, followed by HTTPS Persistence, followed by the default rule.
notes:
I am not using latency algorithm since Starlink always have lowest latency, yet I do not want Starlink to always be used
I am not using “least used” since Starlink can have speeds over 500mbps, yet most often average around 100. by using “least used” the router will probably abuse Starlink and will try to push too much data through it, since it believes that it has capacity of 500mbps
WARNING
learned it the hard way.
DO NOT set up lower than absolute maximum upload/download bandwidth values in the WAN connection settings
if you do, as I did, set Starlink for the “avg” value of say 50/5, the Peplink router with throttle down the Starlink WAN to no more that 50/5!
I did not expect this. I assumed that Peplink will still push as many packet as it can via Starlink, and use the upload/download speeds only for making decision for the algorithms that need bandwidth.
but by setting Starlink to 500/50, it will “confuse” the router to believe that it can push 500/50 via Starlink, which will mess up the algorithms that use upload/download bandwidth values
which is why I opted to use Fastest Response as my algorithm of choice.