Meraki Community

As per your other reply, after disabling IPS and AMP we had 0 issues for 4 days until the packet loss returned worse than ever. I verified that the features were still disabled, and just this morning I was able to plug directly into the ISP hardware and still experienced drops that coincided with what the Meraki dashboard was indicating. So yeah it's looking like this is more on our ISP side; hopefully I can get ahold of someone who actually will listen to what I'm saying this time.

Having same issue. MX84 HA Pair, AT&T 250MB Fiber circuit. AT&T Intrusive testing comes back clean! Packet loss and latency spikes on the upload side only. We are pointed at 8.8.8.8 for DNS, so been wondering if that's contributing. Banging my head here. 

FYI. HA Pair is set up going through public vlan on MS225-48LP, then fed back into each WAN port on MX-84. Same way on Primary and backup carriers. 

Yeah each time I have them check on their end they say it's clean, but then mention that they can only see 5 minute intervals and tell me to call while the issues are occurring and request for a live test... only for them to keep repeating that same info despite me requesting them to run the live test now. I literally just hung up from the support line because after being transferred to the "specialist team" and providing the specialist rep with my case number, the line went silent while still connected and no one would answer for 10+ minutes. Might just say screw it and escalate the ticket so I can stop getting the runaround.

But yeah, we're also using 8.8.8.8 for DNS, and our primary 105 connects to a trunk port on one MS125-48LP, and the spare connects to a trunk on another identical switch, and then the switches themselves are connected to each other. 

When did you start experiencing the issues? And what firmware are your firewalls on?

I've been getting anecdotal reports for a few weeks, but it came to a head this last Monday, where almost all Zoom calls were unusable. FW's are on current version: MX 18.107.2. Switching over to backup circuit doesn't have same issue. 

Also have 2 locations using almost identical setups with the exception of a different model switch in between. 2nd location not having issue. 

Yeah we've got two other sites (also on 8.8.8.8), one that's using a single 105 and one using an 84; neither have the same issues, but they also don't have anywhere near the same amount of usage as the main site. A handful of users will join meetings while connected to the client VPN at the single 105 site, but don't seem to have any issues other than what you'd expect someone using a VPN to have. 

Our site also uses 8.8.8.8, only because the ISP"s DNS is garbage. It's an office location in Hong Kong. We had about 40 people join a group Zoom and latency and packet loss went to crap for the duration of the meeting, Then back to normal once it ended.

We've shut off IPS & AMP, and the spikes that were happening up until then look to have flattened out immediately. Tomorrow will tell if this actually had an effect.

The direct ISP connection was also brought up in the latest carousel of support rep calls, but given the early results of the security feature changes I may wait until Monday to keep an organized timeline.

We have a stack, passing through a Core switch then a pair of MX's

Spoke with Meraki Support last week regarding the above, and it looks to be an issue with the shard our organization's networks are hosted on. As of yesterday, the situation was partially improved for our secondary sites but our main is still not recording; in response to my follow up email, Support states they're still working on it.

Yeah ours is a fiber circuit. I don't recall the manufacturer of the router (especially since it's sandwiched by the MXs lol), but the switch immediately at the demarc is a Ciena device.