Custom performance classes for Internet traffic

networkguy64512
Conversationalist

Custom performance classes for Internet traffic

According to what i have read, we can do Custom performance classes and apply for VPN Traffic under SD-WAN Policies. (https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...)

 

Do you know if there is a way to do the same on Internet traffic when selecting Uplinks?

Or maybe in Beta versions? 

 

This would be useful to identity ISP issues or when a cloud application works better in another ISP than the other.

 

8 REPLIES 8
PhilipDAth
Kind of a big deal

It can't be done for Internet traffic.

 

Performance classes over AutoVPN are done by generating articifial test traffic, which is easy to do when you have an MX at each end to generate and measure the data.

 

With an Internet circuit there is nothing to send simulated data to and get a measurement.  Consequently it can not be done.

Adoos
Building a reputation

If you had non critical VPN traffic over WAN2 (ADSL) and a performance class to fail this over to WAN1 (MPLS) should it hit 5%packet loss. 

 

Would your internet traffic continue to go out of WAN2?

 

  1. Active/Active VPN with no default route selected on hubs. 
  2. No internet flow preferences. 
  3. Primary uplink set to WAN2.
GLS
Conversationalist

Sorry to necro this thread, but why can the same test they use for uplink historical data not be used to do this? Meraki claims to have the latency and packet loss on every MX uplink page. Perhaps you cannot determine jitter, but that is not as important as making sure the site fails to backup on the internet side and not just VPN when there is 20% packet loss on WAN 1.

I too, apologize for reviving this old thread, but I would also like to have this capability added. 

Since we use a Cloud Hosted VoIP/PBX solution, I would love to have the ability to create Custom Performance Classes and Uplink Selection Policies for traffic going out to that Cloud Hosted Service Provider which resides out on the Internet. Currently it seems like this capability is limited to VPN traffic only.

 

This limitation is a huge concern for our business leaders as they are looking into other solutions which may have those SD-WAN features and capabilities. The challenge lies within maximizing the "ROI" for having redundant uplinks. Yes, having redundant uplinks would allow us to achieve Business Continuity if the primary uplink fails. But, is there a way to Dyanmically* utilize an uplink who's performance is the best for say, a Cloud Hosted VoIP Server that resides on the Internet?

 

I understand that without having a "Responder" device, this would be very difficult or even impossible to achieve as, even simulating RTP and UDP Jitter Based Operations for VoIP with traditional Cisco Routers require a 'Responder' running a similar IOS image on the other end.

 

I'm just not sure if the Cisco Viptela SD-WAN solution is able to perform Dynamic Path Selection between: Internet vs. WAN (let's say, MPLS for example) uplinks based on the "Best Performance" for a given application without the need of an identical peer device on the Destination end. I still have to look deeper into this. It (SD-WAN) is one of the topics on my agenda as I'm going working towards the CCIE EI Track.

 

I believe that "Velo Cloud" has a similar solution which they call "Link Steering and Remediation".

 

To quote them, the solution works as follows:

"On-demand, Per-packet link steering is performed automatically based on the measured performance metric, intelligent application learning, business priority of the application, and link cost. Delivers sub-second blackout and brownout protection to improve application availability. Remediates link degradation through forward error correction, activating jitter buffering and synthetic packet production."

 

Again, I'm still not sure if that solution requires an identical peer on the other end, in which to exchange simulated packets between each other for the purposes of measuring the packet RTT. Something I would have to look into.

 

**PLEASE NOTE! I am by NO means promoting other vendors or other intra-company solutions on this thread. What I'm simply trying to do is trying to start up a conversation on ways that this feature could be achieved within Meraki. We are happy with Meraki and prefer to continue using Meraki products however,the question I'd like to raise is; are we due for a review of the Meraki SD-WAN solution to see if there are ways to improve or possibly add more robust features to it? I know that Meraki has been on the forefront of SD-WAN, but it may be worth considering a revision for maturity purposes and adapting to today's SD-WAN standards?

 

Maybe there would be a way to achieve this by possibly collaborating with some of the popular Cloud Hosted VoIP Service Providers out there? I'm not sure how challenging that would be, or how much resources it would require to achieve that.

 

Please forgive my limited knowledge where SD-WAN is concerned, as I am still learning the nuances and intricacies of this technology beyond just a general overview.

 

Your thoughts and comments would be well appreciated.

 

Thank you.

 

 

Ok, so I dug a little deeper into SD-WAN and realized that the way I'm thinking of going about accomplishing this is not really feasible. It looks like, in general with SD-WAN, you need a Responder device on the other end, that would exchange probes with the Source device in order be able to measure the link's Latency/Jitter/Packet Loss, be it through BFD (which Cisco's Viptela "Application Aware Routing" does) or UDP RTP packets generated from an IP SLA.

 

I'm starting to see why the feature that I'm trying to implement requires another Meraki MX device on the other end, connected via an AutoVPN tunnel, because they need to send probes back and forth to each other in order to gather the metrics from the multiple links. This is how they can determine the best link/path; based on the metrics that were measured from the probes.

 

Now, that's fine for Site-to-Site VPN traffic...but then the question becomes, is there a solution for choosing the best path for Public Cloud Hosted Services, though? And I think the answer to that lies in subscribing to a "Cloud On-Ramp for SaaS" solution. Something like "MegaPort", for example. I know that Cisco's Viptela SD-WAN solution has this capability out of the box:

 

https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/CVD-SD-WAN-Cloud-onRamp-for-SaaS-Deplo...

 

And I think Meraki is about to roll out an On-Ramp solution to Microsoft Azure services soon, if I'm not mistaken:

 

https://www.networkworld.com/article/3574711/cisco-extends-meraki-sd-wan-to-microsoft-azure.html

 

I believe this might be the answer to what I'm trying to accomplish. With an implementation like that, we should be able to dynamically steer traffic across the link with the Best Performance for a given application. Maybe this can be accomplished by partnering with popular SaaS/IaaS providers (like Meraki is doing with Microsoft) to tack on Cloud On-Ramp Services within the MX?

 

I know that with MegaPort, you can form IPSec tunnels with the SaaS/IaaS providers and peer with them through BGP, except the only thing is, I think the MX would have to be running in "Passthrough or VPN Concentrator" mode in order to enable BGP.

 

Welp, just brainstorming here! I hope I'm heading in the right direction with this. I'd like to know what the community's thoughts on this are.

 

Thanks!

 

Bruce
Kind of a big deal

You’re correct in that the Cisco Viptela Cloud On-ramp solution allows the SD-WAN system as a whole to determine the best path to send traffic to reach an internet destination. That may be via a local direct internet access, or over a WAN link to a hub site and out via that internet circuit. This uses a combination of monitoring the SD-WAN itself as well a monitoring the TCP flows on the internet circuit, and likely soon potentially using Thousand Eyes technology too.

 

Meraki does some of this already. As you’ve noted it uses probes over SD-WAN, and coincidentally if you purchase the SD-WAN Plus license for an MX you also get the Meraki Insight license for the MX too. Meraki Insight provides monitoring of cloud traffic through TCP flows - a lot like the Cloud On-Ramp with Cisco Viptela. What it doesn’t have is the smarts to tie all this together and make ‘intelligent’ decisions about how to route internet/IaaS/SaaS traffic.

 

If I were to be a betting man (which generally I’m not) I’d be putting money on Meraki tying all this together to provide a better IaaS/SaaS solution with its SD-WAN solution, along the lines of the Cisco Viptela Cloud On-Ramp - but that is pure speculation. I also seem to remember that type of functionality being mentioned as a long-term goal for the MX when the SD-WAN Plus license was launched.


Maybe we’ll see more once MX16 code comes to public beta....

Hey Bruce,

 

Thanks for your response! I didn't even think about how the Thousand Eyes Acquisition could be leveraged for that! That would be pretty cool.

 

I did however, notice the Meraki Insights and I do agree; having the ability to make "intelligent" decisions on how/where to route IaaS/SaaS traffic on the internet would be awesome! It would also show some maturity to the Meraki platform in this new generation of "SD-WAN" and Cloud Networking/Computing. I think some competitors are already starting to implement similar features.

 

I hope your last statement comes true. That would be a huge plus! I attended the Cisco Live! 2020 Virtual Event last year and I don't recall hearing any specific mention of this feature on the Roadmap.

 

I did a "Make a Wish" for this, but I only received a blank pop-up window with no text, so I'm not sure if it actually went through or not 😅. I'm not sure if that was because of my Browser (Chrome), my machine is just in need of a reboot, or Meraki is letting me know that I'm just heading down a dead end 😳.

 

But I'm going to remain optimistic for now 😊

 

Thanks!

 

 

I too, apologize for reviving this old thread, but I would also like to have this capability added. 

Since we use a Cloud Hosted VoIP/PBX solution, I would love to have the ability to create Custom Performance Classes and Uplink Selection Policies for traffic going out to that Cloud Hosted Service Provider which resides out on the Internet. Currently it seems like this capability is limited to VPN traffic only.

 

This limitation is a huge concern for our business leaders as they are looking into other solutions which may have those SD-WAN features and capabilities. The challenge lies within maximizing the "ROI" for having redundant uplinks. Yes, having redundant uplinks would allow us to achieve Business Continuity if the primary uplink fails. But, is there a way to Dyanmically* utilize an uplink who's performance is the best for say, a Cloud Hosted VoIP Server that resides on the Internet?

 

I understand that without having a "Responder" device, this would be very difficult or even impossible to achieve as, even simulating RTP and UDP Jitter Based Operations for VoIP with traditional Cisco Routers require a 'Responder' running a similar IOS image on the other end.

 

I'm just not sure if the Cisco Viptela SD-WAN solution is able to perform Dynamic Path Selection between: Internet vs. WAN (let's say, MPLS for example) uplinks based on the "Best Performance" for a given application without the need of an identical peer device on the Destination end. I still have to look deeper into this. It (SD-WAN) is one of the topics on my agenda as I'm going working towards the CCIE EI Track.

 

I believe that "Velo Cloud" has a similar solution which they call "Link Steering and Remediation".

 

To quote them, the solution works as follows:

"On-demand, Per-packet link steering is performed automatically based on the measured performance metric, intelligent application learning, business priority of the application, and link cost. Delivers sub-second blackout and brownout protection to improve application availability. Remediates link degradation through forward error correction, activating jitter buffering and synthetic packet production."

 

Again, I'm still not sure if that solution requires an identical peer on the other end, in which to exchange simulated packets between each other. Something I would have to look into.

 

**PLEASE NOTE! I am by NO means promoting other vendors or other inter-company solutions on this thread. What I'm simply trying to do is trying to start up a conversation on ways that this feature could be achieved within Meraki. We are happy with Meraki and prefer to continue using Meraki products however,the question I'd like to raise is; are we due for a review of the Meraki SD-WAN solution to see if there are ways to improve or possibly add more robust features to it? I know that Meraki has been on the forefront of SD-WAN, but it may be worth considering a revision for maturity purposes and adapting to today's SD-WAN standards?

 

Maybe there would be a way to achieve this by possibly collaborating with some of the popular Cloud Hosted VoIP Service Providers out there? I'm not sure how challenging that would be, or how much resources it would require to achieve that.

 

Please forgive my limited knowledge where SD-WAN is concerned, as I am still learning the nuances and intricacies of this technology beyond just a general overview.

 

Your thoughts and comments would be well appreciated.

 

Thank you.

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels