We are a full stack Meraki site. We have a network bottleneck on our main internet line of 150/150Mbps.
We have 2 SSIDs Guest Network and Corporate Network. We also have a Wired Corporate Network Infrastructure.
Guest network is in MR NAT Mode while corporate network is VLAN'd
I want to enable Traffic Shaping so the Guest network can use as much bandwidth as possible but on a low priority, so it does not affect corporate wireless and wired services.
Should Traffic Shaping be applied in the MR SSID Policies or on the MX SDWAN and Traffic Shaping Policy? If MX what rule should I use to target Guest Traffic as it's NAT'd by the MR?
Solved! Go to solution.
Note that while you can apply traffic priorities to outbound traffic, nothing is applied to inbound traffic (only your ISP can decide the priority here as they are the ones sending it).
A guest could send a 100 byte request to download 10GB of data.
You can apply the priority to the 100 bytes. You can't assign a priority to that 10GB that gets downloaded.
As already mentioned, SSID bandwidth limits are often a better option for this case. A hard limit of how much bandwidth that can be used.
https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Traffic_and_Bandwidth_Shaping
Also note you can apply both a per-user limit and an SSID limit. Using the per-user limit as well prevents one person from making the performance suck for every other user.
When you use NAT, a 10.0.0.0/8 network is delivered, I believe that what you want to do using this network will not work, but it should work if you use the IP of the APs, since it is the IP that the client uses to communicate when in NAT mode.
Thank you that's what I was thinking. Follow up questions, since I am targeting MR IPs would Meraki be smart enough not to throttle it's own Cloud Traffic or would I need to make an exception for Meraki Cloud Communications.
In my understanding you would have to create an exception.
Any reason why you wouldn't prefer a per-SSID bandwidth limit on the Wireless setup? While it would be applied by each AP separately, you wouldn't have to think about how it targets specific source IPs.
Note that while you can apply traffic priorities to outbound traffic, nothing is applied to inbound traffic (only your ISP can decide the priority here as they are the ones sending it).
A guest could send a 100 byte request to download 10GB of data.
You can apply the priority to the 100 bytes. You can't assign a priority to that 10GB that gets downloaded.
As already mentioned, SSID bandwidth limits are often a better option for this case. A hard limit of how much bandwidth that can be used.
https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Traffic_and_Bandwidth_Shaping
Also note you can apply both a per-user limit and an SSID limit. Using the per-user limit as well prevents one person from making the performance suck for every other user.