MX100 WAN1 packet loss

VITDublin
Conversationalist

MX100 WAN1 packet loss

Newbie not too experienced, so any help really appreciated and sorry for long description
 
We have 2 x Meraki MX100 (primary and backup) both connecting to WAN1 (Virgin / Hitron modem) and WAN2 (EIR) with load sharing enabled
A few weeks ago WAN1 went down and Virgin replaced the Hitron router/modem
Ever since, we have been experiencing high latency and 50-75% packet loss on WAN 1 (VIRGIN )
 
if a laptop is plugged directly into Virgin/Hitron, we get perfect results, ping times of 1-2ms, no data loss, internet speeds of 250Mb
Virgin say their line and Hitron modem test fine and it has to be a Meraki problem or issue
 
We get the same results whether using the primary or secondary Meraki MX-100, so unlikely to be a port failure?
We have changed out WAN and LAN cables and consistently get packet loss on WAN1
Firmware was updated to latest stable version
 
Meraki tech support did packet capture on Wan 1 and Wan 2. The output shows that MX 100 is sending TCP SYN packets but not receiving anything back.
 
Has anyone experienced anything similar with Virgin Ireland (Hitron) recently or any suggestions as to what we could try? Any advice or troubleshooting/testing suggestions really appreciated - many thanks
6 Replies 6
Brash
Kind of a big deal
Kind of a big deal

Are you seeing alerts on the dashboard for the MX regarding DNS mis-configuration or disconnection to the cloud server?

Sounds like it could be a failure of one of the Meraki upstream connectivity tests. - https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Connection_Monitoring_for_WAN_Failover#Connectivity_Tests

 

Not sure if it's entirely helpful but I once hit an issue with my ISP connection which would only manifest on my MX. Packet captures indicated that the upstream was not returning the Meraki's ARP request for the default gateway and therefore it failed the WAN connectivity test. With this issue, I was seeing high packet loss reported in the dashboard

When swapping the MX for a computer or other 'dumb' router, I saw no issues.

 

From memory, mine was either an ISP end issue, or a factory reset on the modem sorted the issue.

VITDublin
Conversationalist

Hi Brash

thanks for the reply. No, absolutely no alerts on Dashboard! This configuration had been working without problem for 18 months, until suddenly WAN1 went down and Virgin replaced their modem. New modem tests fine & I believe it is ok.

Would Meraki upstream connectivity test affect MULTIPLE MX100's? - we're getting the same loss on both primary and secondary MX100 (tested individually) - I could try a factory reset on the modem. Didn't think of that as it's a brand new one and tested fine otherwise, but I could try that - thanks, 

Brash
Kind of a big deal
Kind of a big deal

If there was an issue with the upstream connectivity tests (eg. ISP not replying to ARP's), it's feasible that it would impact both. But if this were the case I'd expect alerts to show on the dashboard.

 

A couple of other things:

- Is WAN1 on the MX running at the expected speed and duplex?

- Are devices connecting behind the MX seeing high latency and packet loss, or is it  just the graphs on the dashboard?

VITDublin
Conversationalist

Thanks Brash and PhilipDAth - I'll check speed/duplex on WAN port and on ISP device when I get a chance as both of you suggested that -

Brash, the devices behind MS are also seeing high latency and packet loss too, it's not just the graphs,  - thanks for the advice - Hans

PhilipDAth
Kind of a big deal
Kind of a big deal

Is the speed/duplex on the WAN port on the MX set to auto/auto, and is the new ISP device configured the same way?

VITDublin
Conversationalist

Thanks Brash and PhilipDAth - I'll check speed/duplex on WAN port and on ISP device when I get a chance as both of you suggested that - thanks for the advice - Hans

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels