If you have Meraki MX security appliances chances are that you have seen the SD-WAN & traffic shaping option in the Meraki dashboard menu. Software-defined WAN (SD-WAN) can dynamically optimize your WAN without having to make manual adjustments when network conditions change. In a network with redundant uplinks if one uplink becomes degraded, SD-WAN allows the network to dynamically select the best path to the destination. This is especially important for latency sensitive services such voip and video. Meraki’s philosophy has always been about simplicity and their SD-WAN solution is no different.
Before enabling Meraki SD-WAN there are some prerequisites we must first meet:
Meraki has simplified the deployment of SD-WAN. To enable SD-WAN only requires a few easy steps.
Go to Security & SD-WAN > Monitor > Appliance Status
Adjust the actual speed of the circuits in Security & SD-WAN > Configure > SD-WAN & traffic shaping.
In Security & SD-WAN > SD-WAN & traffic shaping under Uplink>Global preferences enabled Active-Active Auto VPN
In Security & SD-WAN >Site-to-Site VPN, select Hub for the hub site. For a full mesh all remotes sites will be selected as hubs as well.
For a Hub and Spoke topology, select the spoke for the remote sites and then select the dedicated hub(s).
Select whether to advertise the local networks by turning on or off VPN participation
In Security & SD-WAN >Monitor>VPN Status
This page shows all the VPNs connected to this site. Here you can check average latency and usage. You can also find the uplink decision for each remote site and the SD-WAN policy it is using for the uplink decision.
Highlight a remote site and click on the connectivity bar on the right to see more statistics for the uplinks. This next page will show the Latency, Jitter and Packet Loss for both uplinks. It also provides a MOS score for VOIP. Using the information from this page flow preferences and SD-WAN polices can be configured
To create a SD-WAN uplink policy chose Add a Preference under SD-WAN policies and VPN traffic.
Here we can create a policy for voice traffic and the Preferred uplink is Best for Voip. SD-WAN will use the MOS score in the VPN status page to select the best path for voice traffic.
We can also create a Policy that favors a specific WAN connection and if performance becomes poor than failover over to another WAN connection. This is based on a Performance class which uses maximum latency, jitter and loss to determine when to failover over.
We can also create custom performance classes for use in the SD-WAN policies.
As always if you have any questions on any of the Meraki solutions above or would like to schedule a demo, please reach out to us at sales@lookingpoint.com and we’ll be happy to help!
Written By: Rick Wong, LookingPoint Principal Network Architect