Meraki

Community

Find computers that are causing data spikes

Solved
JordanCN
Getting noticed
‎Oct 28 2023 8:36 AM
‎Oct 28 2023 8:36 AM

Find computers that are causing data spikes

Occasionally we have an issue where every minute or two a user/device will have a huge spike in bandwidth for just a second or two.  Even though we have our VoIP devices on a separate VLAN and QoS configured these spike can cause some noticable issues.

 

What is the best way to find a user/device that is causing the spike for brief moments.  I tried to using the data usage history, but it does not appear the culprit is using all that much data all together. 

Labels:
0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 29 2023 12:24 PM
‎Oct 29 2023 12:24 PM

I tend to use Wireshark when I get horrible ones like this.  Perform a capture over a period when this is happening, and then look at the graphs in Wireshark and what was generally happening.

View solution in original post

4 Replies 4
ww
Kind of a big deal
Kind of a big deal
‎Oct 28 2023 10:17 AM
‎Oct 28 2023 10:17 AM

I dont know exactly.  You could look at the traffic analytics around the time of the problem, but that wouldnt solve your problem.

 

You have to set max client limit for the data vlan way below the max wan bandwidth.

 

Also make sure your voip devices mark the traffic with dscp EF themself so that mx would use the low-latency queue

0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 28 2023 10:35 AM
‎Oct 28 2023 10:35 AM

You can enabletraffic analysis as well

Network -> General

 

Afterwards, under Clients you can see which applications/https content etc. were used and by clicking on "Youtube" you can see which device used it and how much bandwidth was used by the device.

 

alemabrahao_0-1698514456006.png

 

 

https://documentation.meraki.com/General_Administration/Tools_and_Troubleshooting

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 29 2023 12:24 PM
‎Oct 29 2023 12:24 PM

I tend to use Wireshark when I get horrible ones like this.  Perform a capture over a period when this is happening, and then look at the graphs in Wireshark and what was generally happening.

In response to PhilipDAth
Crocker
A model citizen
‎Oct 31 2023 9:06 AM
‎Oct 31 2023 9:06 AM

+1 for wireshark/packet captures for this. Meraki's traffic analysis leaves much to be desired when digging into specific bandwidth spikes. Much better to gather up the raw packets and use Wireshark's analysis tools to figure out your top talkers (and what they're talking about).

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.