MX84 active-active passing traffic question

Charlie
Getting noticed

MX84 active-active passing traffic question

Ran across a few threads regarding active-active while troubleshooting an intermittent problem with voice.  Here's my setup.  I have a MX450 hub in the DC and MX84 at the remote side(only one hub configured in site-to-site) .   WAN1 is a 100/100 broadband connection and WAN2 is a Cradlepoint using 4G getting about 20M down and 10m up, with lots of jitter and latency compared to the BB connection.

 

Based on my config below I would expect the WAN2 vpn tunnel to have no internal LAN traffic even though I have active-active enabled.

  • load balancing = disabled
  • active-active = enabled
  • no flow preference or preference policies.

 

What I am seeing is when I packet capture and select "site-site VPN over Internet2", I some (not all) of my devices making connection to internal hosts using Inet2 VPN (which I thought should be dormant).  Now granted this is NOT a lot of packets but might be just enough to help me suggest that some of my voice packets are getting lost b/c they are traversing the secondary link with the slower 4G speeds and getting packets out of order on the handset.  

 

Now I know you will probably tell me to disable active-active and I have but I wanted to first see if anybody else has run into voice or application issues b/c of this type of situation where you have a fast connection on wan1 and a much slower connection on wan2.  Also just curious to know if having active-active enabled with load balancing disabled is/was a known issue i that it still passes SOME traffic and was resolved in later versions.  Currently seeing this behavior on version 14.39 & 14.40

 

2020-04-30 11_57_26-SD-WAN & traffic shaping - Meraki Dashboard.png

5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal

Add a preference for VoIP traffic (class is built-in) to use your 100/100 circuit.

Charlie
Getting noticed

@PhilipDAth  how does that algorithm work?  I mean what if I set a preference to use WAN1 for all voip, and WAN1 failed?  At what point would it ever get sent out WAN2?  Is the preference a mandated rule?  Meaning will it only be allowed to send out wan1?  I would think the preference is valid as long as there are two links active but if either link goes down the preferences will defer to the only link.

PhilipDAth
Kind of a big deal
Kind of a big deal

The built in VoIP class will automatically use the circuit with the lowest latency/jitter/loss.

 

Assuming WAN1 always has the best numbers it will use it.  As soon as WAN2 performs better than WAN1, WAN2 will be used.

Charlie
Getting noticed

Thanks for the great info!  one more question for clarification.    Did you mean a SD-WAN policy, and set a preference there?    Did not see a way to set any Internet flow preferences directly tied to Voip traffic unless I specify ports and hosts.  

PhilipDAth
Kind of a big deal
Kind of a big deal

Sorry, I meant this option:

 

1.PNG

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels