Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About Marcelino
Marcelino
Comes here often
Member since Oct 25, 2018
09-23-2019
Community Record
6
Posts
0
Kudos
0
Solutions
Badges
@PhilipDAth wrote: Did you have spare Internet bandwdith at the time - or did your Internet circuit get flat lined? What model MX do you have, and what as the total number of clients you have? If you go Organisation/Overview and select just the network for your appliance - what was the device utilisation like? Also the utilization from MX peeked at 25%, mostly at 15% ish
... View more
@PhilipDAth wrote: Did you have spare Internet bandwdith at the time - or did your Internet circuit get flat lined? What model MX do you have, and what as the total number of clients you have? If you go Organisation/Overview and select just the network for your appliance - what was the device utilisation like? We have a 500/500M fiber connection with abaut 297 client devices at the time using MX84 with balanced threat protection rule sets. Max peek being at 60Mb/s and usually below 20Mb/s.
... View more
Problem start and ended with the group, I think they were using alot of VPN connections to their server. We did a live packet capture with Meraki support, only pings were sometimes unable to reach DNS servers. I dont think that DNS is the problem, its the cause. Also ISP checked their fiber connections and router and found no errors. The thing is, what could cause it? Multible VPN connections from WLAN to the US causes Meraki switches to go bonkers?
... View more
Yes, the main meraki MS220-48LP right after firewall is set up as bridge priority 0 - likely root. RSTP is enabled but while I was testing I disabled RSTP from Ruckus AP ports, problem still persisted.
... View more
All of the customers with problems we're directly connected to APs (Ruckus and Meraki MR) behind Meraki PoE switches, lets say that the HP switches etc. are behind a fiber link elsewhere and leave them for now. We also checked that the IP settings were up to date locally on each switch without duplicates.
... View more
Hey all, so we have this problem in a network where we have Meraki MX and behind MX Meraki switches and behind those HP / cisco etc. switches and many Meraki and Ruckus APs in a hotel This is the 2nd time this has happened, when a group of usually Americans come and start hosting meetings all the Meraki switches start going into Disabled switch (bad DNS) mode and what happens is that anyone connected to any switches or APs behind them has working DNS, so basically "no internet access", even though the actual VLANs are using different DNS addresses on different VLANs than the switches management etc. Disabled switch (bad DNS) occurs every 10-15 minutes and stays for 2-5 in Disabled switch (bad DNS) mode and while in Disabled switch (bad DNS) mode, no DNS queries work so the customer says "no internet access" Close up of the pumping DNS: - I found nothing unusual from clients or traffic, except maybe 20-40 clients connecting to their VPN - I have swapped the switched management DNS settings from ISP -> Google -> Internal but the problem persists - I have switches management static and DHCP but the problem persists - I have changed switch MTU from default to 1500 but the problem persists - I found no other DHCP servers within the network - I found no new devices connected to LAN via ethernet, so it must be via WLAN (Ruckus and/or Meraki MR) - I disabled RSTP on Ruckus AP ports but the problem persists - I have tried IGMP snooping and flood unkown multicast traffic enabled / disabled but the problem persists - Firmwares are up to date and meraki support has gone through the settings and found nothing, only that it is "ISP problem", which it is not. Problem starts and ends as soon as the group starts working. So what seems to happen is something is causing all of the DNS traffic to pump in 10-15 minute cycles and it seems to affect only up to switches (MS-220 series) (not MX) and everything behind switches. Management VLAN 2 (where the switches are) and also all traffic VLANs. Has anyone come across this or anything like it?
... View more
