Inherited this network from a previous engineer, I THINK I know what's going on but I need another set of eyes.
We have a small network, an MX95 firewall performing L3 duties, three switches direct-connected to it (A, B, and C), and two more switches downstream from A (A1 and A2). Switch A has access clients as well as the switch A1 and A2 trunks. RTSP is globally enabled, switch A is root-0 and no other device has bridge priority assigned to it, which I think is the root cause for what's going on: Switches B and C see every single device in the network as direct-connection devices, and when I go to check the physical path of a connection it almost always shows me that the device path is device-B/C-MX95 until I refresh a few times, at which point it gives me the correct path (usually something like device-AP-A1/A2-A-MX95).
Additionally, there is a LOT of mac flapping going on on the network, most of it occurring between AP ports on switch A and trunk ports either up to the MX or down to A1 or A2
If I'm correct and this is an RTSP issue?
What would help is if you made one switch the "core" switch. Plug that into the MX95, and then plug all other switches into that core switch.
Yeah at this point I've come to terms with that, but it's a warehouse environment and 'downtime' to make that kind of change is... hard to come by.
A wireless client roaming between APs will cause MAC flap events in the MS event log. It's normal.
Is MS uplink sampling disabled? https://documentation.meraki.com/MS/Monitoring_and_Reporting/MS_Client_Sampling_on_Uplink_Configurat...
Client sampling is set to all interfaces and client tracking on the MX95 is set to use MAC address. I know about the roaming devices thing, and that explains a lot of the events I see in the log, but others are from an AP port to a trunk port and back, or just trunk port to local port to trunk port, which I guess could be connecting a laptop to a hardline?
EDIT: I went ahead and swapped MS uplink sampling to exclude uplink interfaces, the B and C switches still see all devices but now they don't see their OWN devices
Are they all Meraki switches, or a mix of vendors?
All Meraki, MS series