Community Record
17
Posts
0
Kudos
0
Solutions
Badges
3 weeks ago
Hi Michalc, The flapping is happening to many ports across all switches. End users are complaining about slow download speeds, and the dashboard throughput tests to the core switch (SW-MS225-1) only show 10Mbps when the MX84 dashboard throughput test shows 250Mbps, which prompted me to review the event logs. The only other thing I can think of is these end user ports are connected to Microsoft Surface docks - could the flapping be happening when users disconnect or connect their laptops to the docks?
... View more
3 weeks ago
We're experiencing frequent RSTP role changes, but no BPDU events are logged anywhere in the Dashboard. All of my client access ports have RSTP & BPDU enabled, example config: The links between switches are set to trunk ports, example config: We have some additional trunk ports for devices that need to access multiple VLANs, e.g., wireless access points, meeting room devices, NAS, hypervisors, example config: Network Setup: Core Switch: MS225-1 (STP Root, Priority 4096) Other Switches: MS225-2, MS130-2, MS250-1 Client VLANs: VLAN 10 (Management), VLAN 30 (Desktops), VLAN 50 (Guest Wi-Fi), VLAN 90 (Staff Wi-Fi) What I’ve Checked: No BPDU Guard events in network-wide logs VLANs match on switches Uplinks are stable, no flapping or CRC errors
... View more
Labels:
- Labels:
-
Layer 2
Sep 18 2023
10:48 PM
What should the configuration of the MX lan ports look like instead?
... View more
Sep 18 2023
9:26 PM
Recently inherited this network with no documentation and have no experience with Meraki or design VLANs prior to this, very limited networking experience (currently studying for my CCNA). Currently we have an MX84 with a bunch of switches. The first thing I noticed that seemed odd is that every single port on every single switch is set to trunk with all VLANs allowed and a native VLAN of 1. I noted that our only defined VLAN for our primary LAN is ID: 10 (10.0.10.0/24). There are no static routes defined. I tested out switching the port for my desk to an access port for VLAN 10, but this broke internet access. If I change the access port to VLAN 1, I can access the internet and still ping devices on the 10.0.10.0/24 subnet. Am I misunderstanding how this works or is something else misconfigured? Why do I need to have my access ports set to VLAN 1 when our subnet is defined on VLAN 10? I'm also aware that using VLAN 1 is considered poor design, and would like to work towards implementing more segmentation in our network. Any thoughts on the design below would be appreciated - I'm unsure if I need to create new DHCP servers for each VLAN though or how to go about configuring DHCP in this scenario. Proposed changes: VLAN 90 - Management VLAN Purpose: This VLAN will primarily be used to manage network infrastructure devices such as switches and access points - servers could also go here or be put on another dedicated VLAN. Details: Subnet: 10.0.90.0/24 MX IP (Gateway): 10.0.90.1 Switches IP Range: 10.0.90.2 to 10.0.90.10 Access Points IP Range: 10.0.90.10 to 10.0.90.20 VLAN 84 - MX84 Appliance VLAN Purpose: A dedicated VLAN for the MX84 appliance to isolate it and secure the network management traffic. Details: Subnet: 10.0.84.0/24 MX IP (Gateway): 10.0.84.1 MX84 Appliance IP: 10.0.84.2 VLAN 30 - General Devices VLAN Purpose: This VLAN will host general devices such as computers, printers, and other user-end devices. Details: Subnet: 10.0.30.0/24 MX IP (Gateway): 10.0.30.1 Reservations: 10.0.30.2 to 10.0.30.10 (for printers and other user-end devices.) DHCP Pool: 10.0.30.10 to 10.0.30.254 (will be assigned dynamically to computers, phones etc.)
... View more
Sep 17 2023
10:34 PM
As another update to this, I managed to get the link working by forcing both ports to 1Gbps. From my understanding we should be able to use 10Gbps as both switches have SFP+ ports, and we're using SFP+ transceiver modules. Can anyone shed some light on why this only works when it's forced to 1Gbps fdx?
... View more
Sep 16 2023
11:03 PM
How can I verify if that was the case? The SFP+ port on the primary switch still shows as enabled: I've also tried multiple SFP ports on the secondary switch to no avail. The primary switch is set as bridge priority 4096 in switch settings. All other switches would have default bridge priority.
... View more
Sep 15 2023
12:41 AM
Both ports are set to trunk with all vlans allowed, native vlan is the same on both. The link LED came on after inverting the polarity of the LC fiber in the patch panel of the second building. At that stage I could see it connected in meraki dashboard and locally via the management port of the new switch. This dropped after a few minutes and I've been unable to get it back after trying different SFP ports and rebooting the switch several times. Distance is maybe 150 metres max. The SFP transceiver modules are MA-SFP-10Gb-LR
... View more
Sep 14 2023
11:36 PM
Hey guys, I'm having an issue linking the two switches via fiber. I've installed the SFP modules and they show up on in each respective port in the meraki dashboard, but there's no link being established. I tried inverting the polarity of the fiber where it comes out of the patch panel in the second building and it linked for a few seconds, was able to see the switch in Meraki dashboard but then it suddenly dropped off. Have tried other ports and swapping it around again to no avail, unable to get it to link up again. We've run a cable test on the fiber link and it's OK but no matter what SFP port or transceiver we use it won't link. I have tested the same SFP ports using RJ45 transceivers and they work fine. Any ideas? I did notice some RSTP events in the event log in between the time the link first came up and before it dropped off. The new switch shows as it's own root for RSTP but all of the other switches in the main building have the primary switch (the same one that the fiber link is going to for the switch in the second building) as their root. Is there some configuration I need to make to get this to work? From my understanding I should at least be getting a link light coming on so I'm not sure what would have caused it to work briefly then suddenly drop off and not work again.
... View more
Sep 14 2023
11:32 PM
Hey guys, I'm having the same issue here. Inverted the polarity of the fiber and it linked for a few seconds, was able to see the switch in Meraki dashboard but then it suddenly dropped off. Have tried other ports and swapping it around again to no avail, unable to get it to link up again. We've run a cable test on the fiber link and it's OK but no matter what SFP port or transceiver we use it won't link. I have tested the same SFP ports using RJ45 transceivers and they work fine. Any ideas? I did notice some RSTP events in the event log in between the time the link first came up and before it dropped off.
... View more
Sep 3 2023
11:29 PM
Late reply as the switch only just arrived - so we should configure the SFP port on our primary switch as a trunk port for VLAN 1, then hook up the fiber links. Do we need to then configure the SFP port on the new Layer 3 switch as a trunk port, then configure all other ports as access ports for VLAN 1?
... View more
Aug 15 2023
3:45 PM
Thanks for the detailed response. I realize I'm probably making a fool of myself for asking such simple questions, but I'm still relatively new to networking and have never used Meraki gear or fiber connections prior to inheriting this network with zero documentation about 3 weeks ago. You are correct, we are separate and have our own ISP link at our building but are piggybacking off the campus fiber links between buildings to expand our LAN into another building. I'm planning to use a MS250-24P L3 switch with the above linked transceivers. Currently we only have one primary VLAN (All ports on our current primary switch read "Trunk: Native VLAN1) for the internal network, there are others in use but won't be required for the staff in this secondary building. Can I clarify what you mean by trunking in all the right places? My plan is basically this:
... View more
Aug 14 2023
10:30 PM
0s2 12 Core SMF with LC-LC connectors, from my understanding we should use something like this: Cisco Meraki MA-SFP-10GB-LR 10GBASE-LR SFP+ Transceiver
... View more
Aug 14 2023
5:49 PM
Hey, thanks for the reply. The fiber link between buildings is 12 core SMF.
... View more
Aug 14 2023
5:10 PM
Seeking some advice on how best to expand our network into an external building on a university campus. Currently our topology is like this: Essentially just a MX84 firewall connected to an AARNET Network Termination Unit, a couple of L2 switches, mostly going to desks, and some Wireless AP's throughout the building. The university campus staff advise that they can "patch us into" the other building via fiber optic, which is daisy chained through a couple buildings, and that we should just be able to put in a switch at the other building with a trunk for all traffic. There should only be about 8 x staff at this other building at any given time, and there are patch panels in the existing rack to connect our switch to the desks. I've never done this type of design or worked with a fiber connection before, so seeking any and all advise on how to set up and configure this and get it working.
... View more
