Performance-Based DPS – MX SD-WAN Best Practices – Cisco Meraki

The configuration in Figure 6-9 shows one of our critical business applications, Office 365, selected as the traffic type with the default Best for VoIP uplink selection policy configured. The Best for VoIP policy will result in the device choosing only one path out of multiple available transport paths to route the application traffic based on the current highest MOS score across available transport paths.

Figure 6-9 Uplink Selection Policy Configured to Use the Uplink Marked Best for VoIP

With our example deployment, we would expect this policy to typically choose WAN 1. However, in the event the performance of WAN 1 drops below that of WAN 2, this policy would route Office 365 traffic over WAN 2 so long as that link has a higher MOS.

Policy Routing with Performance-Based DPS

This example takes the previous scenario one step further by adding a custom performance class. With this example configuration, shown in Figure 6-10, path selection will now only select between transport paths that satisfy the custom performance class o365. Office 365 application traffic is again selected as the traffic filter and will now flow over the preferred uplink of WAN 1 and fail over only if the link performance does not satisfy the custom performance class O365.

Figure 6-10 Uplink Selection Policy Configured to Route Traffic over WAN1 Unless Failing to Meet the Performance Metrics of the Chosen Custom Performance Class

SD-WAN over Cellular

Some Meraki security appliance models, such as the MX67C and MX68CW, have an embedded LTE modem to allow for cellular failover in the event of failure of the traditional wired uplinks. In addition to this traditional application as a backup connection for WAN failover, these models also have the capability to utilize both the wired and cellular connections concurrently. The option is located on the SD-WAN & Traffic Shaping page on the Dashboard. As shown in Figure 6-11, navigate to the Uplink Configuration section and set the Cellular Active Uplink option to Enabled.

Figure 6-11 Cellular Uplink Selected to Be an Always Active Part of the SD-WAN Decision Tree

Pro Tip

The Cellular Active Uplink feature is only available for devices with integrated cellular modems. This logic does not work for USB modems.

When enabled, this feature configures the built-in cellular modem to take the place of the standard WAN 2 uplink, allowing for load balancing and active-active uplink SD-WAN deployments over the cellular uplink and a wired uplink, instead of requiring two wired uplinks. This enables additional flexibility in SD-WAN deployments, as it reduces the requirement from two local ISPs to a single ISP and a cellular service provider for each location. That provides more options when deploying a widespread SD-WAN implementation. In essence, the last-mile paths are different (i.e., one wired and one wireless), providing an additional layer of redundancy. In many cases, when using two terrestrial ISPs, they may be coming over the same conduit into a building, thus eliminating your Layer 1 path resiliency.

For more information about using SD-WAN over a cellular uplink, open the “Meraki SD-WAN” article on https://documentation.meraki.com and refer to the section “SD-WAN over Cellular Active Uplink.”

Pro Tip

Enabling cellular SD-WAN disables the physical WAN 2 connection. Ensure that your cellular signal is good before you consider using this alternative SD-WAN path.

For administrators looking for the best cellular performance or to add a cellular uplink to an existing deployment, the Meraki MG series of devices are designed as dedicated cellular gateways with options for outdoor mounting for optimal placement and performance. The Meraki MG series is a multi-carrier solution that can provide high-speed, cellular-based, wireless WAN Ethernet connectivity not only to Meraki appliances but also to any L3 firewall or gateway router.