I haven't seen a topic for this yet, which either means we have a really unique use case, or I'm missing something. SD-WAN functionality currently is baked into the Auto-VPN, which is great, except when it isn't. We have moved entirely away from a managed MPLS network to simply giving our sites 'business-class' high-speed cable/DSL connections. With this, connections to our vendors (i.e. payment processing, VoIP, etc.), all route directly over the public Internet and not through our Auto-VPN tunnel.
The problem is that our cable/DSL connections are not reliable. We've thrown USB cellular at the MX's to combat this, however we really need control over the fail-over logic, because what's built-in is not working. Countless times over the past year we've had soft failures with the primary uplinks, but the MX chooses not to fail-over to the cellular uplink.
Has anyone else dealt with something similar? Is there a better way to handle this? I'm really not in favor of re-routing traffic over the Auto-VPN, only to send it back out to the public Internet from our DC.