dual WAN, starlink and comcast … best practices?
-
Port 1: WAN/Comcast-"business"
Port 2: LAN/internal
Port 3: WAN2/StarlinkI left 1, 2 alone so if I do a factory reset I don't need to pull wires. Failover works exactly as one would expect. But there's no obvious load balancing going on. Of course, NOW Comcast is behaving, and is faster than starlink so not much traffic should go there ;>
Are there any good known / best practices for combing these two? Traffic shaping, load balancing, or ?
Also, disabling WAN1 doesn't seem to have the same effect as a wire pull ... whats the best software way to simulate WAN1 down?
-
@khb
Best on my experience, Starlink is a pure Internet connection only and even if you have up to 300mbps of download speed of Starlink the upload speed is less than 30mbps only, not like fiber connections are 1 is to 1 speed for download and upload. For my configuration in the routing, I put Tear 1 for WAN and Tear 2 for WAN2, that configuration is good for LoadBalance FailOver. Thank you -
@chris-doldolia thank you. Before reading your note I'd gone ahead and setup a gateway group, putting both on Tier 1, and set both the default LAN rules (up+down) to use that gateway group. I now see peak speeds of 2x (600odd mbps down and 300odd mbps up).
Based on your advice I'll try making starlink tier2, but even with it "on par" with Comcast (we can't get fiber here in the Village :<) the results are quite good.
For anyone interested, now that I have an explicit gateway group, enable/disable a WAN now works as I'd expected.
-
@khb did you try the speed test alone the Starlink? If the bandwidth is higher when you connect stand-alone may be due to the configuration of your rules. Thank you
-
@chris-doldolia yes. Alone my starlink download speed peak was a bit under 300mbps (usually lower, but I'm not motivated enough to run hundreds of runs across a few days and compute real statistics ;>). Download peak was about 150 (again, usually slower). Even the worst case starlink hasn't been observed to be too bad). And mostly our workload is dominated by video streaming (with various package and ISO downloads sometimes providing challenges). If/when I go back to having enough video conferences to justify special rules, I might want to steer those to Comcast (of course, Comcast unreliability is why we got a starlink ;>). Our comcast performance peaks at about 300/300 (paying for business grade service). But typically the Comcast upload is significantly slower ... so sometimes starlink is ahead, but Comcast is usually ahead.
I set the gateway group rule to {packetloss|high latency} which probably favors Comcast (their latency is typically significantly lower than starlink). What those precise values are isn't obvious to me (but no doubt documented somewhere in the FM!)
Rereading your last response, I've never seen the group result being worse than the starlink standalone ... and disabling Comcast and using only the gateway group the results are a wash with connecting directly (except for latency .. the starlink speedtest removes some of my LAN internal hops, or at least that's the most obvious explanation for what I observe).
-
I'm seeing better download performance with priority 1/1 .. but upload improves with 2/1 (possibly even better at 3/1 but I haven't run enough tests to have any confidence). Is there a way to have differing priorities based on direction as well as gateway itself?
-
FuboTV has a policy of allowing 10 streaming devices for "home", but they determine home by tracking IP address. With multi-WAN and load balancing, it seems likely that at some point we will trip their "you can't have that many roaming devices" logic.
Is there a way to tie specific macIDs to a specific gateway? (well that would break failover ... is there a way to make it go with a specific gateway unless that gateway is down?). I'm not spotting the right magic in the firewall rules GUI.
-
@chris-doldolia google baseball said in dual WAN, starlink and comcast … best practices?:
@khb did you try the speed test alone the Starlink? If the bandwidth is higher when you connect stand-alone may be due to the configuration of your rules. Thank you
Thank you for sharing your experience with Starlink!
What specific challenges have you faced with the upload speeds on Starlink, and how does your LoadBalance FailOver setup improve your overall internet experience? Have you noticed any significant differences in performance compared to fiber connections? -
@sailorsale I don't have fiber ... and it is unlikely it will ever be an option here (no overhead wires or light poles, fairly low density, despite being adjacent to Denver and Englewood the barriers to a build out are high).
Even with some experiments with routing, Fubo (but none of the other services) kept having random failures, which disappeared when I disabled one WAN (didn't matter which one). So I've changed my configuration to pure failover.
As for performance, I ran tests every 15m for many hours.... which seems to have triggered Comcast to limit me to the contracted speeds (so while at first I observed speed up to 780Mbps, it eventually reached a more or less steady state of 300/300. I suppose I should the same test on the starlink WAN alone (and probably will get around to it--and I'll post the results here). Based on the starlink "built in" speed test, I've observed speeds north of 250Mbps down, the uploads are lower than 50. I have to say, I've been pleasantly surprised at the Starlink performance. Despite being surrounded by large trees, we were able to find a good roof placement so that we have a pretty unobstructed view of the satellites.
My wife has a work entanglement with a site that, like Fubo, seems incredibly sensitive to requests coming from multiple WANs. If it was just that app, I'd just leave the Starlink wifi on and she could use that (less so for Fubo, which has some content she'd like to keep).
Anyone here have any experience using a VPN from two different WANs to handle this sort of case? Since I can't easily run a VPN on each TV, I think I'd need to run it on the Netgate ... which is kinda overkill (and to avoid triggering various streaming geo-logic, probably would have to be Denver adjacent). Failover is probably what I'll stick with, unfortunately.
-
@khb FWIW, I ran speedtest-go with the default options every 15min for a couple of days.
avg stdev. min max download 128.3 49.5 40.3 309 upload. 11.6 5.4 5.7 33The test was executed from the netgate, using only the starlink linked interface. A few sanity checks running the starlink native (naive, not advanced) test within a minute or so of the speedtest runs varied (sometimes matching a result from 15m before or after). The variability is large, which I expected, but varies faster than I'd have guessed.