cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX84's in HA Didn't Come Back Online

IT_Magician
Getting noticed

MX84's in HA Didn't Come Back Online

Hey Meraki Community,

 

I want to pick everyone's brain on an issue we had running Firmware 14.53 on 2 MX 84's in HA.

 

WAN 1 into TP Link edge switch

Edge switch into Ubiquiti firewall (separate network)

Edge switch into MX 01 (100% Meraki network)

Edge switch into MX 02 (100% Meraki network)

MX appliances are in HA in shared IP mode

 

Issue: We have a power outage for about 30 minutes. When power came online edge switch and Ubiquiti network came back online. The MX devices did not. They were not passing any traffic and not checking into dashboard. We had to send someone down to power cycle devices which brought them back up.

 

We have since upgraded to firmware 15.42 however Meraki support couldn't provide any reason why this happened.

 

IT_Magician_0-1613575851359.png

 

 

 

4 REPLIES 4
PhilipDAth
Kind of a big deal

Re: MX84's in HA Didn't Come Back Online

It won't be possible to determine the cause with the information given.

 

You would also have needed to look at what was providing the "WAN1" connection in the diagram to see what was in its arp cache, whether it was seeing traffic, etc.

Also information from the local status page on one of the MXs would be needed to see the reason it was reporting that it could not come online.

Owen
Getting noticed

Re: MX84's in HA Didn't Come Back Online

When MX devices reboot they bridge ports together temporarily until the configuration is applied to segragate ports from each other and to apply WAN settings. Slightly different behaviour between different models depending on port assignments. This can cause spanning tree and other issues upstream of the meraki environment. Meraki Engineering say this is "working as intended" but I find it amazing that a security appliance can bridge all ports with no configuration and that is fine from their point of view.

 

Check for spanning tree port blocks / inconsistancies or other logs on the TPLink stuff.

IT_Magician
Getting noticed

Re: MX84's in HA Didn't Come Back Online

Agreed, unfortunately we were in 911 mode. I had no technical person onsite and was able to get someone to reboot the firewalls.

IT_Magician
Getting noticed

Re: MX84's in HA Didn't Come Back Online

Interesting, do you think if we don't use a shared HA mode and instead just do basic failover the MX's have less chance to have a bug or not come online?

 

The TP Link switch is unmanaged and no spanning tree. The upstream device from that is your typical ISP WAN modem. If we didn't have the second Ubiquiti network I would have had no idea if this was MX or ISP issue. But because the Ubiquiti router came right up the information points to the MX's.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.