Wrong client tracking in Azure's vMX

TestingGuy
Here to help

Wrong client tracking in Azure's vMX

After several months of using a vMX on Azure, we discovered that the client tracking has been done incorrectly all this time leading to misinterpretations of the client traffic; such as assigning to an IP address traffic done by a different IP, displaying traffic from different clients to the same client, changing the IP address of a client after a couple of minutes, etc.

 

Virtual networks in Azure are "special", so to communicate components in different networks, it has a bogus emulation of layer 2 where among others, ARP protocol assigns IP addresses from different devices to the same mac: 12:34:56:78:9a:bc. You won't find this mac address belonging to any vendor since it's just a bogus numbering: 123456789abc. Well, I don't like that "special" implementation, but it's a fact for Azure's virtual networks.

 

Taking into consideration that fact, a client tracking using MAC address instead of IP address is completely wrong in Azure, you will never see the real usage of the networks, something that Meraki has been always proud of, the "visibility".

 

I have opened a technical case regarding this issue to fix the way client tracking is done. MXs have the option to change the client tracking to IP but the vMXs don't have that option enabled in the dashboard, however, something could be done in the backend, but the escalation responsible for the case claims that this is a "New feature" and there's nothing to fix.

 

I'm writing this post to see if more people are waiting for this "Old feature" to be enabled in Azure's vMXs and push Meraki's development team to include that fix in new firmware updates or just give the instruction to their support engineers to change it by request in the backend when a client is raising a ticket about that problem if that's possible.

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal

You used to be able to enable the "Track by IP" option quite a while ago (maybe several years ago).  And then they removed the whole IP addressing page so it is no longer possible to get to this option.

 

For a while, you could go to another network with an MX, go to that page, and then change to the network with the VMX and then configure the track by IP - but that option doesn't work anymore either.

 

Now, it looks like it is a forgotten feature by Meraki.  I think it had some use.

TestingGuy
Here to help

Indeed it has a use, I wonder why they have removed that feature and cannot enable it back on the backend. Thanks for your comment. Cheers!

Get notified when there are additional replies to this discussion.