That's a lot of fixes! 😎
Upgrading just now.
Edit: looking good so far!
Do you do any VPN or 1:1 I have rescheduled my update because the last time Meraki did a auto update it broke VPN and 1:1.
I updated two networks from 18.208 to 18.211 last night and one of them lost autovpn site to site connectivity completely. Rolled it back this morning.
Still a lot of stability issues, hopefully the fix list won't shrink...
MX18.2.11 was supposed to be the first 'stable' version. Wonder what happened.
It needs to reach at least 15% global network saturation prior to being promoted to stable (Meraki Firmware Release Process - Cisco Meraki Documentation). We've seen at least a dozen customer orgs have an auto-upgrade scheduled for this version overnight, so it seems Meraki will push this one out quite aggressively to reach this limit in order to get it to stable.
Yes you are right. forgot about that part.
Which also means that MX18.2.11 will be the only stable version. Other fixes will only be included in patches ( 18.2.11.X )
Yes 😄
18.210 has been pretty solid for us, hoping for the same from .211!
We still have a large number of devices that are 4G only on 16.16.9 due to mobile connectivity issues on 17.xxx
Is that resolved here or does it fall under this known issue?
I updated one of my test sites that had this similar issue on 18x running the 4G SIMs. Are you using static or dynamic APNs? I updated mine to 18.211 using a static APN and associated with the proper location and worked perfect. the 18.210 broke this
· West: WE01.VZWSTATIC
· Midwest: MW01.VZWSTATIC
· Northeast: NE01.VZWSTATIC
· South: SO01.VZWSTATIC
I had a customer that had to rollback to 18.210 this morning because 18.211 broke site-to-site AutoVPN.
He told me Meraki TAC told him that they have a number of customers experiencing issues with this version today.
I installed it on all of my company's MX and it is working fine for us and we have one AutoVPN connection that is also working
fine. My advice is to test it on non-production networks first to see if your environment is impacted.
I've installed it on an MX68 that is acting as an AutoVPN spoke and it seems to work okay, being stable and performing normally. It is only running the enterprise feature set, so issues might be related to advanced licensing?
It looks like MX86 isn't part of the issues with AutoVPN. MX75, 85, 95, 105,250, and 450 are the ones having issues.
We YOLO'd this update to our "test" site which is our corp office. MX95. So far so good...we got burned hard on the last "stable" RC so we're taking a bit of a gamble here but I liked the fix list.
For me, SNMP stopped working with this release.
What version of firmware were you using prior? I heard mention of possible snmp issues here. We are on 18.210.
Had to roll back to 18.210, had vpn issues on the site I tested it on.
I was on 18.210 and many other older versions. 18.211 is the version that broke SNMP for me. I have a ticket opened up on this version.
I have a scheduled upgrade for 4 sites for this weekend, are there any known issues with this present release MX 18.211 apart the one mentioned above. Thanks
@bdeen from the release notes the below are all known issues, hopefully there aren't too many more:
Ever since the upgrade to this version, all our Meraki switches' DNS entries were changed to 1.1.1.1 and 8.8.8.8. Causing intermittent disconnections across our switches now. Anyone have similar issues or how can I revert back to the older version?
After the upgrade to 18.211 large portion of our clients were not able to use internet because of DNS problems on the MX gateway: Client made a request to the DNS server, but it did not respond (no_dns_response).
We use DNS passthrough option: Client -> MX Gateway -> Google DNS. There are two gateway in hot-standby mode
We rolled back to 18.208 and the DNS issue seems to be gone.
Edit: We do have one high priority traffic shaping rule enabled.
Release notes have been updated with:
Wow @jimmyt234 that is a bit of a major bug! Glad we'd only updated a home user Z3 so far that doesn't have traffic priority rules set 😬
I have my downgrade scheduled in the am so I will follow up and let everyone know if it worked, but we started experiencing what seemed like intermittent route drops in inter vlan routing. We have been ripping out hair out ever it. The client does have traffic shaping going on. I will find out if rolling back worked in the morning.
UPDATE: I tried to revert traffic shaping rules to normal to see if issue resolves. No progress yet. I don't have a downtime window to reboot appliances right now, so I don't know if a reboot would help with the workaround. I will most likely find out post upgrade (in the AM) if this was the issue.
I did notice that the mx updated to 18.211 the same morning issues occurred.
The downgrade ended up working. Everything is up and running. I did have to do some micromanaging on the servers ... i.e. backtrack the troubleshooting steps that were done before the ticket was escalated to me. Therefore, I don't know if adjusting the traffic shaping rules to normal actually worked or not. But, it is all fixed now with rolling back the update.
Hey awesome people in the Community,
Thank you for the discussion and feedback here!
We have also provided some guidance regarding the issue with traffic being dropped in this post.
Please tag us here if there's anything else we can assist with, and make sure you raise a case with Support for tracking 🙂
Thank you!
Giac
The SNMP issue was caused by the routing issue as well according to the support team.
@GiacomoS If you need my ticket number I can DM you.
Hey @TyShawn ,
Please do drop me a message, I'll have a look and check if anything else is required.
Many thanks!
Giac
Folks,
We have released a hotfix, 18.211.0.1, which addresses the problem with traffic being dropped when you have traffic shaping rules with either a high or low priority set. If you are impacted by that, I would recommend upgrading.
Many thanks!
Giac
So far 18.211.0.1 looks to have resolved my issue. I will report back if things change.
Did this also impact the default shaping rules or only custom rules? We are just going back to make sure what we were seeing around that time was in fact due to this issue or not. Thanks in advance!
I upgraded to this ver and caused too many issues with my AnyConnect Clients so I rolled back. Now we have a new stable release MX 18.211.2 which I'm afraid of doing upgrade again and facing the same issues. Do you guys have tried MX 18.211.2 in prod environment yet? is there any thing we should know before upgrade?
Do you mind me asking if your using site to site VPN and 1:1 Network assignments ? Last time we did 18.211.1 it broke both of these. I keep pushing the deployment back to make sure this does not effect us again.
I do have site to site VPN across the org and using hub only for mesh. We don't do 1:1 nat though. I saw one site failed due to being spoke after upgrade and I had to make that one hub as well to resolve the issue. Even Meraki support couldn't figure out what caused the issue and I had to roll back on my corp MX that is used for AnyConnect. now with 18.211.2 I'm not feeling confidant to perform the firmware upgrade anymore.
I just updated two MX250 HA pairs at two sites and all looks good so far.
So for MX 84 no more update ?
There will possibly be security updates like 18.107.11 etc., but essentially that's it for MX84 and MX100.
and the appliance will remain working ?
Yes, guaranteed until the end of life, which is October 31st 2026. So almost two and a half years to go, with no updates...
we already baught licenses for 3 years how they sell us licences like that
You are supported and they should get security fixes until then, we have plenty and aren't looking to replace them yet.