New MX 16.16 stable firmware released - fixes MX100 SFP bug, a BGP issue and spurious DHCP events

Kind of a big deal
Kind of a big deal

New MX 16.16 stable firmware released - fixes MX100 SFP bug, a BGP issue and spurious DHCP events

Security appliance firmware versions MX 16.16.1 changelog

Important notice

  • While Meraki appliances have traditionally relied on UDP port 7351 for cloud communication and TCP ports 80 and 443 for backup communications, with MX 16 we are beginning a transition to using TCP port 443 as the primary means for cloud connectivity. In order to ensure proper connectivity to the Meraki cloud after this upgrade, please ensure that traffic using TCP port 443 between is allowed through any firewalls that may be deployed upstream of your Meraki appliances.
  • HTTP proxy, which allows default management traffic from MX appliances to be sent through a proxy, is deprecated on MX 16 and higher firmware versions.

Legacy products notice

  • When configured for this version, Z1, MX60, MX60W, MX80, and MX90 devices will run MX 14.56.

Bug fixes

  • Corrected a rare issue that could result in Z3(C) appliances failing a connectivity safety check after upgrading to MX 16 and falling back to their previous version.
  • Resolved an issue that could prevent BGP sessions from forming correctly when 1) the MX appliance was configured to operate in NAT mode and 2) only static routes were configured to participate in the VPN.
  • Fixed a link negotiation issue that could occur when connecting Ethernet ports on MX100 appliances to SFP ports on other devices.
  • Resolved an issue that resulted in spurious DHCP log messages.

Known issues

  • After making some configuration changes on MX84 appliances, a brief period of packet loss may occur. This will affect all MX84 appliances on all MX firmware versions
  • Due to MX 15 regressions, USB cellular connectivity may be less reliable on some modems
  • Due to an MX 15 regression, the management port on MX84 appliances does not provide access to the local status page
  • Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.
Here to help

Does this new firmware fix the problems that MX 16.16 already have (High device utilization and vpn interruption)? We already had in our production MX16.16 and we were suggested to downgrade to MX15.44. 

Getting noticed

I would say no, based on the fact that we just rolled all our Z3's back to 15.44.  Currently evaluating if we will roll back our MX84's as they seem stable (but see the performance increase). 

Here to help

16.16 proved to be extremely unstable for us on an MX250. Also had the same problems with 17.3 and I believe 16.5? Constant disconnects from the cloud. Woudl completely go out to lunch and have to be factory reset. We are finally stable after support locked us back to 15.44. I've been through 3 new RMA MX250s and done countless factory resets. What a mess. I have a bunch of MX65 and MX68 running 16x and they work fine but no way on earth I'd load this on a 250 after the last 3 weeks of problems I've been dealing with.

Kind of a big deal
Kind of a big deal

I know it does seem a bit risky these days, our MX250 pair have been running 16.15 since it came out and we haven't upgraded yet to 16.16 due to issues posted here...

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.