All of these are in reference to the MX. I’ve tried looking in the documentation, but can’t find the answers to these questions. I’ve not had any specific problems that have generated these questions; I’m just trying to plan ahead. I assume that the better I understand it, the better I can prepare and setup to prevent problems from occurring. When setting a QoS value for traffic, is this applied to traffic exiting the LAN interface, WAN interface, or both? I would expect that applying it to traffic exiting the WAN interface would be useless since the ISP probably doesn’t trust the customer’s settings and will overwrite them with their own settings. However, on inbound traffic, is it marked before being placed on the LAN? If so, does it use the settings in the Group Policy for the destination VLAN or the General settings? This would be similar to #3 below. Where are the markings applied? On a Catalyst Switch or ISR router, it’s normal to apply them as traffic enters an interface so that they can then be used by the device to prioritize the traffic. If the markings are different for different VLANs, using Group Policy, which setting applies to the inter-VLAN traffic? Assuming they’re applied as traffic enters the LAN interface, I would expect the markings from the originating LAN to carry through to the receiving LAN. How many queues and thresholds per queue are there? Are any of these adjustable? Are the markings carried through on an IPSEC VPN? How does the MX handle traffic that’s already marked when inbound from a switch on the LAN interface (MS or another brand of switch)? When the packets leave the MX for the switch, are the marking still on the packet for the switch to trust and use? The setting for voice says Voice (SIP) 46 (EF). While this is correct for Voice, it's not for SIP. SIP is the signaling protocol, not the voice traffic. I'm guessing that SIP here is just to let us know that this is telephone voice, not actually SIP.
... View more
The MX has a FQDN for DDNS purposes. Why wouldn't you think that a non Meraki device at the other end isn't using DDNS also? The box will only accept an IP address. It should also accept a FQDN.
... View more