Site-to-Site VPN Connection Bouncing Between WAN Interfaces
I am seeing a site-to-site vpn connection bounce between wan interfaces. The reason given is 'wan performance' which makes me think it is seeing network latency and bouncing to the backup wan interface. I then see reason as 'primary uplink' which would be the performance issue clearing up and the vpn moving back to the primary interface.
The problem with this is that the "failover" is happening every minute or so. Also, we are unable to find any actual performance issues on either of our WAN interfaces, both are testing clean with good latency.
Is anyone familiar with how I can find more detailed information on why it is bouncing and possibly how to make it less sensitive...maybe make it stick to one WAN interface a bit more? I have thus far been unsuccessful in finding a configurable setting regarding VPN WAN interface failover.
On every uplink decision row, where it says WAN1 or 2, that is clickable and you will be able to see the latency, loss, jitter and mos statistics for each uplink towards the peer.
If your primary WAN is not behaving correctly you should check if you have problems due to a bad connection or you are trying to send too much data over that link and the ISP is dropping packets accordingly.
If you feel the connection is stable enough then you could make a custom performance class that has less strict requirements and apply that to your uplink decision.
The takeway however is that your VPN is not actually bouncing. You have continuous active active VPN links up. It's the traffic you send that can vary per packet.