The problem has been going on for seven months.
We opened a ticket with Meraki support.
Packet captures were taken, and support noted the slowness on the VLANs from the core switches.
The following solution was proposed:

Our analysis of the captured traffic reveals several network-related issues that are likely contributing to the performance problems. Specifically, we observed the following:

TCP Retransmissions: The analysis of the traffic to both destination IPs shows significant TCP retransmissions. Retransmissions occur when a sender doesn't receive an acknowledgment for sent data, indicating packet loss or delays.

This is a primary cause of slowdowns, as data needs to be re-sent, consuming more bandwidth and increasing transfer time. Increased Latency/Time Deltas: We noted noticeable time delays between packets. This increased latency slows down communication, as devices must wait longer for responses, impacting the overall transfer rate. TCP Window Size Fluctuations:

The TCP window sizes vary, which can be a sign of congestion control mechanisms being triggered. While window size changes are normal, erratic or consistently small windows can further contribute to performance bottlenecks.

These observations strongly suggest that network-level issues are impeding the Nutanix update process. To resolve this issue, we recommend the following troubleshooting steps: Investigate Network Congestion:​​​​​​​

Uplink Utilization: Monitor the bandwidth usage of the switches' uplink(s) to identify any potential bottlenecks.

Network Path Analysis: Use traceroute or similar tools to map the network path between the Nutanix servers/clients and the update servers  to pinpoint potential congestion points.

Check Physical Layer: Ensure all network cables are properly connected and in good working order.

Quality of Service (QoS): Review your QoS configuration on other network devices to ensure that Nutanix update traffic is being prioritized appropriately.

Isolate Network Segments: If possible, try to isolate different network segments to determine if the issue is localized to a specific area. Switch Restart (Troubleshooting Step): As a troubleshooting step, consider performing a controlled restart of the core switches (MS425) during a maintenance window.

This can sometimes resolve transient software or hardware issues that might be contributing to the problem.

Which of these steps have you done and what were the results?

The problem has been going on for seven months.
We opened a ticket with Meraki support.
Packet captures were taken, and support noted the slowness on the VLANs from the core switches.
The following solution was proposed:

Our analysis of the captured traffic reveals several network-related issues that are likely contributing to the performance problems. Specifically, we observed the following: TCP Retransmissions: The analysis of the traffic to both destination IPs shows significant TCP retransmissions. Retransmissions occur when a sender doesn't receive an acknowledgment for sent data, indicating packet loss or delays. This is a primary cause of slowdowns, as data needs to be re-sent, consuming more bandwidth and increasing transfer time. Increased Latency/Time Deltas: We noted noticeable time delays between packets. This increased latency slows down communication, as devices must wait longer for responses, impacting the overall transfer rate. TCP Window Size Fluctuations: The TCP window sizes vary, which can be a sign of congestion control mechanisms being triggered. While window size changes are normal, erratic or consistently small windows can further contribute to performance bottlenecks. These observations strongly suggest that network-level issues are impeding the Nutanix update process. To resolve this issue, we recommend the following troubleshooting steps: Investigate Network Congestion:​​​​​​​Uplink Utilization: Monitor the bandwidth usage of the switches' uplink(s) to identify any potential bottlenecks. Network Path Analysis: Use traceroute or similar tools to map the network path between the Nutanix servers/clients and the update servers (Akamai) to pinpoint potential congestion points. Check Physical Layer: Ensure all network cables are properly connected and in good working order. Quality of Service (QoS): Review your QoS configuration on other network devices to ensure that Nutanix update traffic is being prioritized appropriately. Isolate Network Segments: If possible, try to isolate different network segments to determine if the issue is localized to a specific area. Switch Restart (Troubleshooting Step): As a troubleshooting step, consider performing a controlled restart of the core switches (MS425) during a maintenance window. This can sometimes resolve transient software or hardware issues that might be contributing to the problem.

WE have a firewall

with fai we have 46 MBPS , but when  connect on ms425  we have 20 MBPS OR 30

MS425 is STP Root

When you launch a web page, you have to restart it several times before it opens.
Plus, there's a lot of Mac address flapping.

What you have described is a relatively complex networking issue which most likely require a deeper investigation than the back and forth of posts in the community board.

What Meraki support have described isn't inaccurate. TCP retransmits can definitely lead to performance degradation. However, it is a symptom of the issue, not the cause.

If you know the issue is specifically when the MS425 is involved, I suggest following the path of a specific test and capture at all points. It should become pretty clear that there is either:

 - Packets missing from one of the captures (Eg. dropped packets)

 - Large delays in packets seen in one of the captures

Based on that, you should be able to trace the point of where the issue is. The next step would be to investigate whether it's congestion/oversubscription, faulty hardware, MTU mismatch etc.

Additionally, you've identified a lot of MAC flapping. I suggest investigating which ports MAC's are flapping between and the cause of that.

HELLO

MS425 is configure L3 ROUTING but the parameter bridge priority is 8192

@thierryncho1986 that will be fine, the main thing is that it has the lowest value and is the root.  If you go to the summary page for the MS425 and look down the left hand side do you see This switch, or a MAC address like below:

yes I see this option is the same one that is on my switch

Does it say 'This switch' or list a Mac address?

HELLo

for the DNS, should I keep my internal DNS or take Google's?

As a troubleshooting step, you can certainly test to see if one vs the other causes any difference in speed. That could point to something being problematic on your internal servers.

I would definitely change your MTU size.  You can see the blue highlighted note in the document specifically pertaining to the MS425.

Switch Settings 

Note: Some Devices Datasheet mentions MTU values including 22 Bytes for Ethernet Headers and Frame Check Sequence (FCS). Therefore, make sure you check and enter the correct value according to your switch.

Cisco Meraki Examples:

• The maximum MTU on MS425 is 9416 bytes (i.e.: 9394 + 22 = 9416). Therefore, enter MTU size 9394.
• The maximum MTU on MS390/C9300/C9300X/C9300L switches is 9198 bytes (i.e.: 9176 + 22= 9198). Therefore, enter MTU size 9176.

FINALY i choose mtu 9 416

When I connect to the firewall, there is no slowness
but i connect to the core switch there is a lot of slowness

What does your topology page show (any loops)?  Can you share a pic of the topology?

What does your routing table show?  Can you share a pic of our routing table?

Can you share how you have L3 configured?  What is the next hop?  Are you using a transit VLAN?  And part of the L3 setup would include verifying your management IP addressing is set correctly.  What VLAN is your management VLAN?

Are your SFP or SFP+ or CAT6 uplink and downlinks the same (all 1Gig, all 10Gig, etc)?

Your post indicates MS425 core switches.  Are they separate core switches or stacked?  If separate, does the STP Bridge priority for the second or third one have a HIGHER bridge priority than the main root bridge?

attached is the topology,

the switch is in l3 mode, the core switches are stacked, the sfp cables are 10g they interconnect the switch cores, switch distributions and the fw