Personal gripes about MX traffic shaping page options

GIdenJoe
Kind of a big deal
Kind of a big deal

Personal gripes about MX traffic shaping page options

Hey everyone, as usual I'm curious about what my peers and people working in Meraki think about an opinion/remark.

 

So you have the MX that can do deep packet inspection to detect applications which can be acted upon in several ways.  However instead of using this to it's fullest extent there are weird shortcomings/omissions that make no sense to me.

 

1) The internet traffic uplink selection.
With dual AutoVPN to other sites you can leverage dpi to select which egress WAN port the traffic should exit.

However for internet traffic you can only do so based on layer 3/4 information.
Why is there a disparity between these, I mean you can perfectly identify the application, why not use it for that purpose.  I realize you cannot leverage best for voip/or custom application performance profile but you could at least provide the option to use WAN2 unless it is down.  Having said that if you couple with Insight, you could build a feedback that also uses the latency to public cloud applications like o365 or a SIP provider to choose uplink that way.

 

2) In both uplink selection for SD-WAN or traffic shaping matching rules you cannot make use of existing DSCP markings (except for the implicit default rules).  It would be awesome if you could just leverage already present specific DSCP markings for these purposes.

 

3) In both uplink selection for SD-WAN or traffic shaping matching rules custom definitions you can only do OR but not AND.  You could for example allow localnet + destination net and destination port to be AND'ed to match a specific application.  Or a specific subnet and DSCP marking...

 

4) The realtime queue is implicit if or if you not enable the default traffic shaping rules.  I personally hate implicit stuff because you cannot predict the exact behavior.  For example you want to combine a maximum bandwidth with the realtime egress queue for certain traffic like voice.  You can't do this, you can only match voice and set it to high and then do the limitation.  In this case, will that traffic be real time q'd or just receive the 4/7th's of bandwidth egress scheduling.  This is not clear at all.

 

5) There is no way to see the statistics or state of the queues as far as I know.

 

Please leave some comments, tell me what you think.

2 REPLIES 2
cmr
Kind of a big deal
Kind of a big deal

@GIdenJoe we use 1) a lot on our SD-WAN and you're absolutely right, it should be available on internet connections, particularly in combination with insight, perhaps this is the next feature going into the SD-WAN plus license?

GIdenJoe
Kind of a big deal
Kind of a big deal

Thanks for your response, I was hoping for some more response though 😉  It seems that critique posts aren't responded to much.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels