Using the MX Live tools
The Live tools available under Security & SD-WAN > Monitor > Appliance Status > Tools provide useful information for troubleshooting network issues on the WAN Appliance. Each of these tools is able to pull information from, or interact with, the WAN appliance in real-time. Each section below will provide information regarding the different tools and how they can be used.
Learn more with these free online training courses on the Meraki Learning Hub:
Live Uplink Traffic
This is the live tool that is selected by default. The Internet traffic graph provides a real-time view of combined upload/download usage on the active Internet/WAN link(s). If both Internet links are being used, their usage will be individually color-coded. This is useful for getting an idea of how much data is going in and out of your network at present.
Historical information can be found under Network-wide > Monitor > Clients.
DHCP Leases
DHCP Leases provides a table of clients which have active DHCP leases on the WAN appliance. This tool will not keep track of DHCP leases given by a third-party server on the LAN. This can be used for confirming that client devices receiving IP addresses and what addresses they have received. For more information, visit the article on Configuring DHCP services on the MX.
Ping
Ping will initiate a series of ICMP Echo requests to the designated IP. Based on the responses, it will graph the round trip time (RTT) latency. Click the X to remove a ping test or the || (pause) symbol to stop a test. The ping test is helpful for verifying remote connectivity to internal clients, remote endpoints over static routes, VPN, or the Internet, from the WAN appliance itself. For more information regarding the ping tool, please refer to Using the Ping Live Tool document.
Traceroute
Traceroute begins to continuously send ICMP echo requests to the designated IP with an increasing TTL (time to live). Each router along the path should then respond, thus identifying itself and the latency to that point in the path. This can then be useful to see what path traffic is taking over the network to reach a particular destination, and the latency to each of those hops. However, it is important to note that some hops, such as firewalls, may not respond to this type of test and will not appear in the results.
- Hop - The hop indicates how may layer 3 devices (such as router) the traffic has passed though. Thus 1 would be the first router along the path. Multiple hosts at the same hop number can indicate multiple paths.
- Host - The IP address of this particular hop.
- Count - The number of times this hop has responded during the test.
- Latency - The average round trip time for responses from this hop. This number will typically increase as the number of hops increases.
WAN appliances running MX 16.X+ firmware will use UDP Traceroutes over UDP port 33447 instead of ICMP Traceroutes, when users intitate traceroutes via the traceroute tool.
MTR
A MTR test combines ICMP and Traceroute functionalities to perform a more detailed reachability test. This test performs a hop by hop analysis of reachability. This is commonly utilized for identifying potential causes for loss or delays to a destination from the WAN appliance's WAN IP. This destination may be a FQDN or IP address.
Note: Some hops likely will not respond to ICMP as they may de-prioritize or drop ICMP. Interpretation of this data can be difficult as a result.
DNS
The DNS tool attempts to resolve the IP address of a given hostname using the DNS primary server configured on the WAN appliance. This test will not use the DNS servers configured for DHCP. This can be useful for diagnosing connectivity problems when it is believed that the DNS server may not be functioning correctly, or to remotely confirm is a hostname is able to resolve.
In the below test, a lookup is performed for "google.com". The QUESTION SECTION specifies what the lookup is searching for (google.com's IP address) The ANSWER SECTION provides the response response. In this case there are multiple IP addresses for google.com, which is a normal load balancing technique. The query time indicates how long the response took to arrive
Throughput
Throughput performs a one-time download speed test from Dashboard. This is most useful for generating additional traffic on an Internet link and testing the speed at which information can be retrieved from Dashboard. However, it should not be used to confirm the actual speed of an Internet link and is not a traditional speed test utility. Traffic generated during this test must pass through potentially multiple ISPs to reach Dashboard, which adds many additional points of contention that can reduce the throughput speed.
If looking to test the actual throughput of the Internet link, it is recommended to test from a whitelisted client wired directly to the WAN appliance and use a speed test service such as one provided by the ISP, SpeedOf.me, or Ookla.
Blink LEDs
Use Blink LEDs to repeatedly blink all of the LEDs on the front of the WAN appliance. All ports will continue to blink in unison until the tool is stopped. This is most useful for identifying the WAN appliance, within a stack of other equipment, to a local user when coordinating remotely.
Reboot Appliance
Pressing the Reboot button will remotely reboot the WAN appliance. This provides the same effect as disconnecting and then reconnecting the power cable. In general, a complete reboot should take less than 3 minutes. This will allow the device to retain all of its settings, while clearing any caches and restarting the ports/services. This is most useful with clearing some transient issues or allowing faster updates after replacing an upstream/downstream networking device (like a modem). It is not the same as performing a factory reset.
When the WAN appliance is in an HA pair the "Reboot WAN appliance" button only reboots the current appliance and not both.
Umbrella Connectivity
This tool is only visible when integrating Cisco Umbrella with Meraki.
Pressing the Run button will test whether the WAN appliance is able to communicate with the Cisco Umbrella cloud service.