cancel
Showing results for 
Search instead for 
Did you mean: 

Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Getting noticed

Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Hi,

 

A few Meraki Switching in my Network has been sending out pings to Google DNS for at least the past 3 to 4 hours. 

 

I have tried to restart the switch, but it doesnt work.  The ping size would start to accumulate from 84b to 1.68kb, so on and so fro.  This is crippling all my networks as they start to experience slow internet connections.

 

I have never experienced this before having deployed so many meraki switches.

 

Is anyone experiencing the same issue?  

 

I have tried to call Meraki support but have been listening to the same tune for almost 2 hours now.

 

Experts, HELP PLEASE!!

 

ping results.jpegPing.jpeg

13 REPLIES 13
Kind of a big deal

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

This is 100% completely normal.  If 1.68kb is crippling your network you have another serious issue.

Kind of a big deal

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Getting noticed

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

@PhilipDAth 1.68kb isn't going to do much harm.  

Take a look at the picture i posted!  

 

70Mb worth of PING will!

Kind of a big deal ww
Kind of a big deal

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

maybe try antoher firmware and see what happens

Conversationalist

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Hey Felix, what's the time frame that the 70MB has occurred?

 

If that's 10 mins or a single minute, prob a concern.

 

More than likely though, that's over a longer period of time....

 

 

CMNO/CISSP/ITILv3Found/CEH/CHFI/MCSEx3/CCNA
Here to help

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

The Google DNS is connected for uplink statistics.

Menu Security & SD-WAN -> SD-WAN & Traffic Shaping there you find the following:

 

Uplink statistics
Test Connectivity to Description Actions
8.8.8.8Default

 

You can also add your own destination..

Getting noticed

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Hi Felix,

 

The first picture you posted shows one ping about every 2 seconds. That should have no effect on your network. I'm not sure what the second picture is showing because there is no elapsed time.

 

-P

 

 

Getting noticed

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Felix,

 

Taking a closer look at the second picture, it seems like you got 4.21GB of ping traffic over a period of 1 hour (which works out to about 70MB/sec.  Yeah, that is an issue. You are essentially seeing a ping flood. I assume that the device at 198.162.1.250 is your switch.  I would run a packet trace on the uplink port just to make sure all that traffic is being generated from the switch itself.

 

Did you ever get a hold of Meraki support?

 

-P

Getting noticed

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Hi @ph0t0g,

 

Nope i still havent got on the phone with Meraki support.

 

We created a rule to deny that Meraki Switch from ping-ing 8.8.8.8 .

 

That stopped everything, but the ping action is still continuing.

 

From the picture below, it shows that in the past hour, 3500+ pings were denied.

 

And if you allow the ping to build up, it would hit my threshold of 70Mb and boom, the whole network goes down. 

 

Am I experiencing a ping flood attack from Meraki?  Any recommendations on what to do next?

 

Picture1.png

 

 

 

 

 

 

 

 

 

 

 

Thanks in advance.

Felix

Getting noticed

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Hi Felix,

 

I would try emailing support if you can't reach them on the phone. 

 

3600 pings in an hour works out to 1 per second. I just can't see how that is generating 70MB/Sec because a ping is only 64bytes.

 

Again, I would grab a packet capture off of that uplink port (Network Wide -> Packet Capture) and post the .pcap file here.

 

-P

Getting noticed

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Hi @ph0t0g,

 

I will be emailing them with all the info I have gathered so far.

 

As for the packet capture file, I'll leave that till tonight when everyone is out of the office before disabling the policy that's currently in place to block the pings from going to Google DNS.

 

After that i'll post the packet capture here.

 

 

Here to help

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

Greetings - Did you ever hear from support? I to am seeing vast amounts of pings from my two switches, one 8 port and one 48 port 200 series from my fortigate firewall.

JLand, CMNO
Getting noticed

Re: Meraki Switch sending out pings to Google DNS, CONTINUOUSLY

I'm with Philp.  This is 100% normal.  I have the 1.2k pings to 8.8.8.8 almost constantly and it doesn't even register in the top 20 of things going through my firewall in terms of throughput.

 

For what it's worth, I have a 100Mbps Internet connection at my site.  The connection doesn't start to get saturated until the firewall is transferring over 10GB every 15 minutes as measured on my firewall (not Meraki MX).

 

If 70MB is causing issues, you either have a really slow Internet connection, or you have other network issues.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.