Slow failover - any timers/checks/pingers that can be turned down?


I was testing the failover of my internet connection from going via the main ISP to out via 4G/LTE.

I noticed that the ZT VPN which is going via my raspberry Pi was down for over 5 mins and manually pinging a ZT wan node from the Pi didn’t restart the VPN.

The only way I could force it back up was restarting the zerotier service.

All this was happening when the Internet connection had already successfully failed over and I was able to browse sites and ping external ip’s/domains from the pi4 but ZT wan was down.

Is there any timer or checks that can be tweaked to speed this up? It seems very slow at renegotiating the VPN connection when the internet fails over to, in this case, cgnat 4G/LTE.



Strangely enough, failing the internet back to the main ISP connection resulting in a quick VPN failover/renegotiation


Looks like when left to its own devices it fails over after 10 mins

I ran into the same situation when clients would fail or move networks, unfortunately some did NOT come back… ever.

As i was under a time constraint i created a script to check missed ICMP over a 10 second period to my main node and restart the ZT service if failed, it would be nice to find a more elegant solution than using a sledgehammer.

1 Like

yeah not ideal.

I’ll probably see if I can run two ZT VPNs one out of each internet connection and use BGP and BFD for failover. Also seems a lot of hassle for something that should be simple. Pretty sure wireguard isn’t this slow to reconverge

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.