Meraki

Community

PPPoE negotiation error (Mx-64 Appliance)

Solved
JpAlvesCroce22
Here to help
‎Oct 3 2024 10:51 AM
‎Oct 3 2024 10:51 AM

PPPoE negotiation error (Mx-64 Appliance)

Hello everyone, I am an administrator of an organization that has about 150 Spokes, in which we have a double WAN link.
Wan1 PPPoE with dynamic IP assignment and a renewal every 12 hours.It is important to mention that the ISP of Wan1 provides DHCP-IPV6

 

In Wan2 we have an ISP which provides us with the service through static IP on Radio link equipment.

The problem we are having is that when renegotiating the PPPoE (every 12 hours), the Spoke is affected generating interruptions of a few minutes, until it manages to negotiate correctly.

 

Currently our Spokes are with Mx64 with Firmware MX 18.107.10
I would appreciate if anyone has had this same problem or knows what may be happening.

Thanks and Greetings to all

Labels:
0 Kudos
1 Accepted Solution
JpAlvesCroce22
Here to help
3 weeks ago
3 weeks ago

Hello community, how are you?
I just wanted to tell you that we found the problem that caused interruptions when renegotiating PPPoE connections.

The problem was in the large number of IP objects assigned to the L3 Firewall of the Mx64 devices.
After optimizing the rules, we returned to normal behavior.

I proceed to end the thread

View solution in original post

3 Replies 3
Malwina
Meraki Employee
Meraki Employee
‎Oct 3 2024 10:31 PM
‎Oct 3 2024 10:31 PM

Do you have load balancing in place?  What is your WAN failover setting?
Could be worth looking into those so that the network remains more stable while PPPoE renegotiation takes place. 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Connection_Monitoring_for_WAN_Failo...

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...

0 Kudos
In response to Malwina
JpAlvesCroce22
Here to help
‎Oct 4 2024 5:30 AM
‎Oct 4 2024 5:30 AM

Malwina, thanks for the reply and the information.
Regarding failover, we have “Graceful” (default selection) configured on all our Spokes.


In addition, we have some SD-WAN policies, with which we route one of the Spoke segments to certain destinations through WAN2 (PPPoE) "Prefer WAN 2. Fail over if uplink down." We have this configuration that way, due to the performance of the WAN links.

 

What suggestion could you give us?
Use WAN failover and failback behavior "Immediate"?

 

On the other hand, I continue to verify the behavior of the PPPoE negotiation and I see that the Mx-64 devices take between 2 and 5 minutes in some cases, generating many VPN tunnel connectivity change true/false entries.

 

In addition, we have Mx-85 as Spoke in some locations and we see that the negotiation is a few seconds.

What could be the reason for that?

0 Kudos
JpAlvesCroce22
Here to help
3 weeks ago
3 weeks ago

Hello community, how are you?
I just wanted to tell you that we found the problem that caused interruptions when renegotiating PPPoE connections.

The problem was in the large number of IP objects assigned to the L3 Firewall of the Mx64 devices.
After optimizing the rules, we returned to normal behavior.

I proceed to end the thread

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.