Meraki

Community

Failover not working as expected

yaypingworks
Here to help
3 weeks ago
3 weeks ago

Failover not working as expected

I have an MX84.

 

WAN 1 has IPv4 and IPv6 both are active. WAN 2 is IPv4 only (cellular backup).

 

We were having intermittent packet loss on WAN 1 which would cause WAN 2 to take and give up the active roll over and over. So I changed WAN 2 to be the primary uplink, and it said active. Yet looking at the traffic monitor, no traffic was traversing WAN 2 even though it was set as primary, traffic was still using WAN 1. This led to cellular WAN 2 being completely useless.

 

IPv6 on WAN 1 would still show as active, even if the connection would drop a few times. Do I need to change the failover from graceful to immediate or do I need to change the IPv6 address to something bogus? (So that if WAN 1 IPv4 fails maybe then it would finally use WAN 2?)

 

Thanks

0 Kudos
2 Replies 2
GIdenJoe
Kind of a big deal
Kind of a big deal
3 weeks ago
3 weeks ago

If the traffic was sourced from an IPv6 client and WAN2 does not have IPv6 then it is pretty logical it could only use the only IPv6 interface available.

If you would test on a client that is IPv4 you should see traffic going out the WAN2 port.  Try temporarily disabling IPv6 on the LAN or on your client and test again.

0 Kudos
RoshanS
Meraki Employee
Meraki Employee
3 weeks ago
3 weeks ago

Greetings,

It is possible that some existing traffic hasn't failed over solely with the configuration changes. Some traffic, especially sensitive traffic like voice/video calls or some streaming services for example, might not failover since that would break the connection completely. 

 

I would suggest testing with a new client, or at least a client that has been disconnected for at least five minutes from the network and then testing again. After that, if possible, I would physically disconnect WAN 1 to force the traffic to failover.

 

If some IPv4 traffic still egresses from WAN 1 - I would suggest contacting support and opening a case so that we can investigate further. 

 

Immediate failover/failback is also an option but we should troubleshoot prior to enabling that option.

 

https://documentation.meraki.com/General_Administration/Support/Contacting_Support

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Connection_Monitoring_for_WAN_Failo...

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.