SpeedFusion Cloud vs FusionHub - tunnel profiles

I’ve watched all of the webinars and read as much as I could find on SpeedFusion Cloud. The one thing that seems to be a clear standout is the tunnel profiles for SpeedFusion Cloud - where you can pick a particular city/endpoint, such as SFO, and build multiple profiles, each with a different name, and enable/disable things like FEC and WAN Smoothing.

I love this idea specifically for remote working on boats and other mobile places where you want to use FEC for Zoom sessions, and WAN Smoothing for voice calls and the like, and maybe nothing at all for everything else, but still leverage a SpeedFusion bonding setup.

I have not been able to figure out how to do this with FusionHub. I have one running in AWS and have used it for a long time. It’s running 8.0.1 but I don’t think that matters that much, as it appears that the tunnel profiles are only something you can use with SpeedFusion Cloud?

Is there a way to create these for a standard FusionHub / PepVPN / SpeedFusion connection?

Here’s a post I wrote a few days ago which talks about creating multiple SpeedFusion profiles using FusionHub …

2 Likes

Thanks for the link to the other post, it was very helpful, and your thought process on FEC vs WAN Smoothing backs up my testing with Zoom and latency specific things.

I was able to configure several profiles but ran into a couple of things:

Since my FusionHub is hosted in AWS, I had to specify specific Data Ports for additional profiles other than the original, and open those ports in the AWS security group. Very straightforward for someone like me who uses AWS every day, all day, but might trip up someone else, so just noting that here.

The real reason I was trying to use this feature is still not working, though.

I’m trying to use Outbound rules specifically for Applications as I’ve seen in SpeedFusion Cloud demonstrations/webinars.

In particular, I want to catch VoIP/Zoom traffic with a rule and send it to a FEC enabled SpeedFusion tunnel profile. Just like you, I have multiple devices/people who use Zoom constantly, and I do not want to use WAN Smoothing, eating up tons of LTE bandwidth, when a FEC tunnel + 2 second failover time is more than adequate enough.

Here’s an example of an outbound rule that simply does not work, but should:

I’ve tried it both with the source being an IP address or MAC address, and neither works. In this example above, the machine is my laptop, and I have it intercepting traffic destined for the AWS SpeedFusion tunnel, looking at whether it is VoIP of any kind (I’ve tried this, Zoom specifically, etc. - none work).

Then using Priority to send it to the FEC profile, but it never goes there.

If I change the rule to send all traffic from the host to the FEC profile (and lose the Application option) then it works fine.

I even went as far as writing an outbound rule further up in the list to send everything to the SpeedFusion default profile (rule #2 in the list) but rule #3 never ever fires.

Are these supposed to work? Am I missing a setting somewhere?

1 Like

Peplink gave us the ability to change which tunnel an application is using utilizing deep packet inspection. BUT… As you are seeing… ONLY if a conversation is already headed down a tunnel via routing and not via outbound policy. This has limited use for most of us normal folks that still have a few applications outside of the tunnel (Netflix). It only works if ALL your traffic is headed down a tunnel.

The reason it works like this is a first packet problem… deep packet inspection is slow to figure out what something is and several packets will already have escaped before it detects that it’s zoom. So it can’t change all of a sudden where packets are originating from unless it controls every packet… ie inside a tunnel.

Bottom line if we want Netflix to work, we can’t use DPI to make traffic decisions, so it’s not a feature home users can take advantage of.

4 Likes

Ah good point, I didn’t think about that - having come from a router/firewall vendor that I’ve worked at for years, I should have thought about packet path.

Besides just having Netflix work, it also would be needless data sent to an endpoint that doesn’t need to be redundant or sent across a SpeedFusion bond.

Darn.

I have the same exact use case.

First, FEC is OK for Zoom? I thought the FEC v Smoothing info Peplink posted specifically said FEC only helps one-way traffic such as streaming Youtube or downloading a file, not two way, such as video conferencing, where Smoothing should be used.

What I did was a multi-prong approach:

  • Set all my security cameras and streaming TVs to operate on fastest response using WiFi as WAN first, only cellular if there is no WiFi as WAN available
  • Limited the max mbps bandwidth on my streaming TVs to 2mbps, so I’m not blowing through 15-30+ mbps of cellular when WiFi as WAN is not available (TV screens are small in size)
  • My primary Smoothing tunnel has cellular in priority 2 now (testing it this way instead of priority 1) and two WiFi as WANs in priority 1. I have Smoothing set to 100% and FEC set to low.
  • My secondary Smoothing tunnel is set to 200% and FEC low, and this is dedicated to WiFi calling. It uses all WANs in priority 1 (1x cellular, 2x WiFi as WAN)

My feature requests are:

  1. a way to set the bandwidth limitations for certain devices (or better streaming services) more gradually, by WAN (for example, only limit to 2mbps if on cellular, higher mbps or unlimited, on WiFi as WAN)
  2. a way to handle Netflix and similar streaming services, aside from directing an entire device in one way or another. for example, my streaming devices only work when not through my Speedfusion tunnel as my Speedfusion IP is blocked by most streaming services. i also dont want streaming services to eat my cellular bandwidth when there is WiFi as WAN available.
  3. a way to handle zoom/webex/teams/skype/etc so i can easily send them through this sub-tunnel that has all WANs in priority 1 and Smoothed at 200% so my work calls are smooth.

The primary reason I had to move cellular to priority 2 on my primary Speedfusion tunnel and create a sub-tunnel was because my primary devices (cell phones and computers) were eating a ton of bandwidth on the cellular link when streaming youtube, social media, etc, which is not a business priority.

I’ve seen contradicting information on this. In several webinars, Peplink have said that FEC should be used for Zoom because of the buffering already inherent in video conferencing applications where audio and video are kept in sync and WAN Smoothing should be used for much more latency sensitive things, such as WiFi calling.

@Legionetz has brought up good points about folks who are on tons of Zoom calls, and that WAN Smoothing would blow through tons of data if used all the time, and that FEC + fast failover time might be a better choice.

I’ve tried both, and WAN Smoothing does appear to be slightly better, but of course at a cost. Unlike you, I am 90% of the time on two LTE connections, no WiFi as WAN, so I do have to watch overall bandwidth.

What I am unclear on is if there is a benefit in having both FEC and WAN Smoothing on together? It seems like there is.

Given this, I think I might kill off the FEC only and WAN Smoothing only profiles and just end up with two total - one without any of that that can be for things that need the bond but no optimization, and one with WAN Smoothing and FEC for things that need it (Zoom, WiFi calling)

A few questions here:

When you say Smoothing is set to 100% - do you mean Normal? Same question on 200% - what setting are you using here?

How are you sending WiFi calling to the second profile? Are you using FusionHub or SpeedFusion Cloud?

I like this request - I would make it more of a percentage + amount sort of thing, like other products I’ve seen. If you’re on a connection that is flagged as WAN, use a percentage of overall bandwidth to limit them, that way they still don’t suck down a huge amount of stuff and slow down other folks. When on a bandwidth limited connection, like LTE, then revert to a Mbps level.

I think no matter what the application you are trying to adjust for… the best approach is to monitor the connection, make changes and see the affect. With 8.1 they have some great tools for seeing lost packets and out of order packets on the status page under SpeedFusion graphing.

When tuning my tunnel for the Xbox, I just used pings originating from the ping tool on the system page of the device and an in game monitor on The Division 2. When doing this I found that plain old WAN Smoothing did indeed give me the lowest latency when heading outbound. However when pinging from the FusionHub back towards my house (used for open NAT gaming) I noticed those pings were more linked to the keep alive rate that the WAN Smoothing rate. So with a fast failure detection / more keep alive packets, I was getting a better inbound latency for conversations originating from the internet. I did experiment with trying not to use WAN Smoothing for the gaming console, but it resulted in 10ms more latency on average and latency jumping around more. So the Xbox got WAN Smoothing with 2 Second Failover.

When tuning my wife’s Zoom calls, she was happy with WAN Smoothing, but I was not… 4.5GB doubled to 9GB each day was killing me. So I had to be careful in experimenting with her work calls, so I took a more measured approach of watching her sessions via the monitoring tools during the day while she was conducting calls (and still do). I started with Extreme failover timing one day after reading a post on the forum where someone said extreme failover uses 4GB of keep alives each month. That sounded good for me since she uses 4GB in a day. Once extreme worked well, I pushed my luck with fast and monitored the results. With her calls I noticed a lot of out of order packets and occasionally the line would loose packets for a 5-10 second period of time and then go back to looking clean. I turned on FEC Low and it was able to recover most of the packets(not all of them). Honestly I could turn off FEC and she probably wouldn’t notice because it just degrades the video rather causing issues, but on a different note… I was testing the bonded tunnel for throughput late in the night since a lot of other things use the bonded tunnel. I noticed with FEC enabled, the bonded algorithm would more quickly detect errors in my cellular connection and put more traffic down the “good” connection, resulting in a higher burst bandwidth for large transfers. So FEC is on set to Low for anything in the house doing large file transfers, not specifically for the Zoom calls (but it doesn’t hurt zoom at 13% overhead). For the Zoom calls specifically I think you only need the fast detection time so they don’t drop. The were dropping / entering one way audio when set to the default detection time of 15 seconds.

Like with a lot of things in IT… Make a change, monitor, revert/keep, repeat.

4 Likes

Yes, 100% = normal. I see 200, 300, 400%, and unlimited options in IC2.

I am sending WiFi calling to the sub-tunnel via Outbound policy. Currently by device MAC address and the UDP port. WiFi calling seems to use port 4500.

I am using FusionHub.

1 Like