Hello, I have an issue where I'm unsure what the "?" device is, I'm not even sure that it's an actual device or if there is an issue with the LLDP feature or even a result of how the network is built.
The latest addition to the network are the Warm-spare MX firewalls, per this: https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair they are physically cabled according to "Fully Redundant (Switch Stack)". I've also verified that STP treats the redundant links as they should be treated, both links to the 4x stack just prior to "internet" are blocked, and both links to the "L2 switch" are able to pass traffic. I should add that I didn't notice this problem in the following weeks of installing the warm-spare pair, they've been operating for just over a month. We did however connect the redundant links for the warm-spare MXs last week, after which I also didnt initially notice this problem. I'm not sure exactly when it happened but was alerted to it as of today.
"1" These links are actually directly connected between "L3 core" & "L2 switch", (asked a colleague to verify this since I'm not physically at the location). This is the only link information I've been able to collect from this view of all the ones connecting to the "?". Also when I look at the other devices which are supposedly connected to the "?" the uplinks to other switches are connected to actual devices within the network. This makes me wonder if the "?" device actually exist or if this view have failed for some reason?
When googling my issue there seems like others have had issues with the lldp and topology feature of the dashboard, any ideas as to why this is happening?
This logic only holds true is Meraki is following the implementation of LLDP as per 802.1AB-2016.
So to verify if "?" actually exists I downloaded a pcap file from "L3 core" and filtered for lldp. I found only two devices which transmitted LLDP packets on the interface "1" going from "L3 core". To determine how LLDP is propagated i had to look at the RFC 802.1AB-2016, as noted in the downloaded pcap file the destination address is "01:80:c2:00:00.0e" which according to the RFC means "nearest bridge". After reading the RFC, I interpret this as the packet will not be forwarded beyond the directly attached LAN segment. And as only the two stations "L3 core" & "L2 switch" was captured it can be concluded that no other device is sitting between these two devices, meaning that (if I'm not missing something) the "?" does not exist.
There can be other reasons that "?" is not showing in teh capture, LLDP could be turned of in the device, or it could be a "dumb device". But I find either of these possibilities unlikely. As I wrote in my initial post, several of the devices which by this view is stated to be connected to "?" shouldn't be, as I investigated all the ports of those devices through dashboard and found no evidence of any such link. It's also unlikely that it's a dumb device since the links "1" are fiber, although I'm still waiting to have this confirmed by someone in person.
Not sure if the fact that the "L3 core" is a warm-spare pair of Meraki MS devices is what is causing this weirdness.
On another note, pretty much every networking device in this network is Meraki, there are a couple of older 2960 switches, but those are not located any where near where the "?" is represented.
Since recent in most topologies, even with full stack Meraki the top of the tree is no longer the MX but some "other" device that then loops back to the MX which is then on the second level of the hierarchy.
If I'd make a wish I'd wish for the ability to customize how it is drawn (rearrange) and select your root of tree. And then having the ability to popup link information(physical tab, trunk and port-channel tab, spannin-tree tab) when you click on a link.