New to peplink, questions on SFC

mikesev · February 22, 2021, 7:07am

Hi all,
I am a Starlink beta user. I have read some helpful posts from others who are also in this same situation. I agree with what I have read that Peplink is likely to see a surge in consumer interest resulting from Starlink becoming more widely available.

As it stands, Starlink is fantastic for a ‘better than nothing beta’, but when it comes to business use, a secondary WAN with as seamless of single-WAN-IP failover as possible really is necessary, specifically for video conferencing. Other contexts that will be similar would include gaming where a brief Starlink-esque interruption can easily lead to landing in a lobby.

Until my peplink showed up, I had been using Speedify, but know very little about that company and so was glad to be able to stop using them as a VPN provider.

I have been fumbling my way around Peplink and am currently trying out a few different options. First, I have a PepVPN tunnel setup with an AWS endpoint I created by following the tutorials on here. One of the challenges there is that ca-central-1 is on the wrong side of the country for me. Hopefully AWS decides to setup a ca-central-2 soon further west Anyhow, in my tests with PepVPN this is adding 30-40ms of latency to my ping.

I also am trialing SpeedFusion Cloud. Like AWS, the datacenters are on the wrong end of the country for me, adding latency to the equation. However, since SFC has the ability to do WAN smoothing and FEC, I think it is the preferable option for the time being. (Unless someone can correct me, it looks like WAN smoothing and FEC are not available for PepVPN / AWS deployments?)

Anyhow, I have a few questions for my setup. For context, besides Starlink I also have a “smart hub” from the telco which is LTE based. That connection, while honestly pretty rock solid, has several limitations: 1TB data/month, and 25Mbps down throttling. Notwithstanding that, it is apparent to me that the telco has QoS in place for business things because I have almost never encountered issues with zoom, teams, slack, etc. Anyhow, the questions:

Because of the increased latency, I do not want to route all my traffic, even all of my business computer’s traffic through the SFC. Because the use is narrow, I have setup my lone SFC tunnel to use “Normal” WAN smoothing and “Low” FEC. In fact, the only scenario in which I want to route traffic to SFC at all is for zoom, slack, and teams calls. But it is unclear how to achieve this. My understanding is if I associate my work machine through the Speedfusion Cloud portal’s device selector it will route all traffic from that device to SFC. Yet, if I try to use Outbound Policy to do this, I have no way of specifying application-level routing, and from what I’ve read on here using DNS isn’t going to cut it either.
Is using both WAN smoothing and FEC at the same time advisable? Or is it more of an either/or thing? I am fine with using more of my 1TB allowance if it means having that rock solid connection for presentations/conference talks/etc.
I noticed that Slack is not listed at all on the VOIP list. Besides DNS, is there any sure fire way of capturing Slack VOIP traffic in a rule?
The latency I’m getting through PepVPN/SFC is around 90-110ms on average (vs 40-50 on Starlink normally and 15-25 on LTE). Does anyone have any context for how much of an impact this will have on video meetings?
I do have the option of adding another WAN connection from a different cell provider hitting off a different tower. That connection is unlimited data, up to 50Mbps down and a godawful 2-3 Mbps up. I’ve also had periodic issues with pretty high latency on that connection. I cancelled it when we got Starlink but have been flirting with the idea of adding it for a triple redundancy. Would this be going overkill? I realize this is subjective but just curious on what other people are doing. I am an internet snob so it is honestly tempting to have as many redundancies available no matter what, and I could probably write off one of the connection costs as a business expense.
If any other Starlink user has figured out the static routing problem (described in this thread: Starlink and Peplink Balance ) please let me know. One thing I discovered, is that until the Starlink dish gets an actual IP from space it works with zero configuration (it defaults to a 192.168.100.* address) but as soon as it gets a WAN IP everything stops working.

I think this is all I have for now. Thank you all for your time.

tino8908 · April 7, 2021, 6:52pm

The static IP was figured out, and I have access to the Starlink statistics and app now! Peplink put out an add on to the firmware to allow static IP.

donnatedesco · May 4, 2021, 1:00pm

Hi Mikesev,

Have you been able to get answers/figure this out? I have a lot of the same questions. Specifically, your #1, #2, #3, and #5.

Thanks!

mikesev · May 4, 2021, 1:27pm

Hi there, while I never got specific answers I have settled on a few solutions that seem to work pretty well for me, namely

I still have the two SFC tunnels, one for ‘general’ SFC traffic (work computer) and one for ‘streaming’ SFC traffic.
for point 1, my streaming tunnel currently uses Medium WAN smoothing and Low FEC. I’ve dabbled with the buffer thing but ultimately don’t like the idea of adding explicit latency to every packet.
I attempt to capture zoom and teams (“office 365”) traffic network-wide using the SFC rules (“Optimize Cloud Application”)
I do NOT use the SFC “Connect Clients to Cloud” ui to route my work computer, instead, I do everything through outbound rules.
I have an additional outbound rule for teams that captures all traffic on UDP ports 3478-3481 from any client and sends it through the SFC streaming tunnel.

For the slack one - point 3 - my workaround for this or any other unsupported app (GTW, Webex, etc), if I have an important call where I want a seamless connection, I’ll temporarily enable a rule that routes ALL traffic from my work machine through the streaming tunnel. This sounds like a PITA but is actually really fast to turn on and off. You can also use it if you are in the middle of a call and it starts acting up.

I’ve also been known to go in and just manually disable Starlink WAN for a while if it’s having a moment. That is also fast and effective.

Overall though, the recent changes to Starlink seem to have had a massive impact on link stability. The ability to target any satellite now as opposed to the one it believes should be most visible has all but eliminated the ‘obstruction’ based outages. I’m seeing like 15-20 seconds of outages in a 12 hour period instead of 15-20 MINUTES.

Hope this helps!

donnatedesco · May 4, 2021, 1:40pm

Super helpful. Thanks so much!

jpslav · November 13, 2021, 3:52pm

Looks like I was able to get Slack automatically routed over SpeedFusion Cloud by creating an Outbound Policy in the Network tab. Slack seems to use AWS Chime under the covers for calls (see the top of this list of URLs Slack).

In the Outbound Policy window, I add a rule where the Source is “any”, the Destination is set to “Domain Name” and “chime.aws”, then the Algorithm is “Enforced” and the Enforced Connection is my SFC link.

When I watch the PepVPN status (“Status” tab, “PepVPN” menu item) I see the transmit rates jump when I start a Slack call, and then jump again when I turn on video in the Slack call.

Would be cool for PepLink to add Slack in as one of the listed cloud applications in the SFC setup (they already recognize the Slack traffic in the “Active Sessions” list), but hopefully this other approach will work for now.

scarleton · February 7, 2023, 2:45pm

jpslav, The link you provided isn’t working. I was wondering if the domain name of chime.aws still working for you or not.