WAN Health Overview
The WAN Health feature is designed to monitor ISP uplinks across organization networks. In addition to monitoring, WAN Health helps proactively troubleshoot ISP uplink issues such as "Poor Performance" ISP or "High Usage." It also helps to keep track of primary, secondary, and LTE uplinks all together in one place. WAN Health gives more granularity in terms of uplink data compared to only knowing the status of the connection (up/down). The WAN connection information is presented in a simple, easy-to-read table format.
WAN Health Use Case
The WAN Health feature is useful when...
Multiple MX devices have been deployed in the organization
An SD-WAN deployment is being used, requiring monitoring of several networks
A network is using LTE as an uplink failover option
Network administrators prefer to do more proactive monitoring and troubleshooting
WAN Health will not only help with keeping the track of how ISP uplinks are performing across the organization, it will also help determine connection patterns with historical uplink records. By keeping track of this information, WAN Health can help administrators hold ISPs accountable for network uptime SLAs, and keep data on-hand that proves the cause of any uplink issues.
Activating WAN Health
WAN Health is a part of Meraki Insight, and any Insight deployment will have access to WAN Health without additional configuration/licensing. The WAN Health feature requires a Meraki Insight license enabled in the organization and activated for the network’s MX. The MX must be running on firmware version MX 14.20 or higher. For more information on Meraki Insight licenses, please refer to this Meraki Insight article.
WAN Health Dashboard
- When the last 2 hours is selected, the WAN Health dashboard will present the previous 2 hours' worth of data.
- When the last day is selected, the WAN Health dashboard will present the previous 24 hours' worth of data.
- When the last week is selected, the WAN Health dashboard will present the previous seven days' worth of data.
- When Custom Range is selected, the WAN Health dashboard will present a series of dates and times, going back to 30 days that you can select in the intervals of 15 minutes.
Explanation of Terms
- The Down number defines the number of uplinks that are down in the dashboard organization. This could be either multiple links in one network, or links across several networks, showing a “down” status for Primary WAN, Secondary WAN, or LTE. A down status could mean (but may not be limited to) cable issues, ISP modem issues, LTE modem issues, LTE provider issues, MX issues or L2 issues between the MX and ISP modem.
- Example: If the network is configured to send pings to 18.104.22.168, and see's 100% packet loss then it indicated that it is down. Now if the same network is configured to send pings to another destination besides 22.214.171.124 and see's loss but pings to 126.96.36.199 have no loss, we do indicate it as 'red' in the availability graph but do not show that under 'Down' on the banner. It will appear on the banner ONLY as a result of 100% ping loss to 188.8.131.52
- The Poor Performance number defines the number of uplinks that are having issues on the ISP side due to loss or latency. The measurement of this is based on the availability of bandwidth due to a loss or latency seen as a result of the pings sent to 184.108.40.206 every second to the default destination.
- Example: If there is a network having no performance issue, then the link has 0% loss and 0 ms latency. If this value increases significantly, the network will be seen to have poor performance.
- Loss and latency will be determined over the configured IP address under Security and SD-WAN > SD-WAN and Traffic Shaping > Uplink Statistics. If no IP is configured, these values will be measured against 220.127.116.11 by default. On the WAN Health page, all the configured IP address statistics can be reviewed by changing the destination under the "Ping Destination" column.
- High Usage defines the number of networks that are saturated due to high usage on the LAN side. If the bandwidth limit is reaching 80% or greater of the set value under Security Appliance > Traffic Shaping > Uplink Configuration for a particular WAN uplink, it will be considered High Usage. For more information on Traffic Shaping, please refer to this article.
- Example: If you have selected a window of 15 minutes and do see a high usage but expanding the window to 1 hour you notice networks do no show high usage, that indicates the high usage spiked a few times but the average of it was less than 80% over an hour and hence it is not indicated.
- The High Usage number indicates the number of uplinks that are saturated due to the high utilization of the available bandwidth. To accurately identify high utilization, users must set the ISP-provided bandwidth limits under Security and SD-WAN > SD-WAN and Traffic Shaping > Uplink Configuration for each uplink. If the bandwidth usage is higher than 80% of the defined limit, it will mark that uplink as High Usage.
You can search your organization’s uplinks by four different attributes:
Network Name: You can type a network name and any matching networks will appear with all the configured uplinks.
Network Tags: This will allow you to filter the uplinks by applied Network Tags.
ISP: This filter will allow you to search uplinks by ISP name.
Uplink: This will allow you to filter the list by primary, secondary, or LTE uplink types.
Uplink Status Colors
Green: Uplink is healthy without any issues.
Yellow: Either Poor Performance (WAN issue) or High Usage (LAN issue).
Red: Uplink is down; no connectivity or L1 issue.
Grey: Uplink is either not configured or has not been connected for a long time.
WAN 1: The physical connection for the WAN 1 uplink on the MX.
WAN 2: The physical connection for the WAN 2 uplink on the MX
LTE: Either a USB 3G/4G modem or built-in LTE (for MX67C/MX68CW only) will be detected as secondary, cellular.
Note: In the event that Load Balancing is enabled, the selected primary uplink under Traffic Shaping will be labeled as primary and remaining uplinks will show as secondary.
Uplink Status: If the SIM card is inserted and the device is trying to connect to its service provider but is not successful, WAN Health will show the LTE status in the Uplink Status column with a Red status indicator in Connecting mode. Fully connected LTE uplinks will show the Green status indicator.
Uplink Type: If the uplink listed is an LTE connection, the uplink will be listed with the tag cellular under the Uplink Type column.
ISP: If the WAN connection is a cellular connection, the ISP field will have the LTE provider name.
Signal (dBm): WAN Health will report the LTE uplink's signal strength in dBm.
How is the ISP detected?
We do a reverse lookup to the next-hop IP address which will give us which ISP the uplink belongs to. Alternatively, the Security Appliance > Appliance Status > Uplink tab status page would show the ISP. If the lookup is failing, it will show “unknown.”
How is current bandwidth measured?
Current bandwidth is measured from the current uplink traffic displayed on the Security Appliance > Appliance Status > Uplink tab status page.
How are current loss and latency measured?
Current loss and latency statistics are measured based on the responses we receive on the connectivity testing IP address configured on the Security Appliance > Traffic Shaping > Uplink Statistics page. By default, the IP address is set to 18.104.22.168. To change it for a different destination, you can set addresses on the Traffic Shaping page. For more information on configuring uplink statistics, please check our Traffic Shaping Settings document.
How are affected apps detected?
If there are tracked web applications set to be monitored on the Insight > Web Application Performance > Monitor tab, this data will be used to determine if the application is performing poorly on the WAN uplink.
If the performance score is less than 80% of its threshold, Insight will flag the application as “Affected.” From the WAN Health page, it will be easy to determine if the application performance is degraded due to a WAN uplink with Poor Performance or not. A Poor Performance indication could be caused by packet loss or high latency.
If the WAN shows no sign of issues, we can then check on the Web Application Performance page for that particular application. This will give more detail as to whether any issues are reported on the LAN side or the server-side. For more information on web application performance, check our main Meraki Insight document.
Recently updated(date updated)
Recently added(date created)