cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX84 active-active passing traffic question

Highlighted
Getting noticed

MX84 active-active passing traffic question

Ran across a few threads regarding active-active while troubleshooting an intermittent problem with voice.  Here's my setup.  I have a MX450 hub in the DC and MX84 at the remote side(only one hub configured in site-to-site) .   WAN1 is a 100/100 broadband connection and WAN2 is a Cradlepoint using 4G getting about 20M down and 10m up, with lots of jitter and latency compared to the BB connection.

 

Based on my config below I would expect the WAN2 vpn tunnel to have no internal LAN traffic even though I have active-active enabled.

  • load balancing = disabled
  • active-active = enabled
  • no flow preference or preference policies.

 

What I am seeing is when I packet capture and select "site-site VPN over Internet2", I some (not all) of my devices making connection to internal hosts using Inet2 VPN (which I thought should be dormant).  Now granted this is NOT a lot of packets but might be just enough to help me suggest that some of my voice packets are getting lost b/c they are traversing the secondary link with the slower 4G speeds and getting packets out of order on the handset.  

 

Now I know you will probably tell me to disable active-active and I have but I wanted to first see if anybody else has run into voice or application issues b/c of this type of situation where you have a fast connection on wan1 and a much slower connection on wan2.  Also just curious to know if having active-active enabled with load balancing disabled is/was a known issue i that it still passes SOME traffic and was resolved in later versions.  Currently seeing this behavior on version 14.39 & 14.40

 

2020-04-30 11_57_26-SD-WAN & traffic shaping - Meraki Dashboard.png

5 REPLIES 5
Highlighted
Kind of a big deal

Re: MX84 active-active passing traffic question

Add a preference for VoIP traffic (class is built-in) to use your 100/100 circuit.

Highlighted
Getting noticed

Re: MX84 active-active passing traffic question

@PhilipDAth  how does that algorithm work?  I mean what if I set a preference to use WAN1 for all voip, and WAN1 failed?  At what point would it ever get sent out WAN2?  Is the preference a mandated rule?  Meaning will it only be allowed to send out wan1?  I would think the preference is valid as long as there are two links active but if either link goes down the preferences will defer to the only link.

Kind of a big deal

Re: MX84 active-active passing traffic question

The built in VoIP class will automatically use the circuit with the lowest latency/jitter/loss.

 

Assuming WAN1 always has the best numbers it will use it.  As soon as WAN2 performs better than WAN1, WAN2 will be used.

Highlighted
Getting noticed

Re: MX84 active-active passing traffic question

Thanks for the great info!  one more question for clarification.    Did you mean a SD-WAN policy, and set a preference there?    Did not see a way to set any Internet flow preferences directly tied to Voip traffic unless I specify ports and hosts.  

Highlighted
Kind of a big deal

Re: MX84 active-active passing traffic question

Sorry, I meant this option:

 

1.PNG

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.