During the past week, I had a client that observed UDP traffic inbound/outbound beyond the router stop working. It appears all IPsec tunnels went down 10 different remote location with 10 different remote providers, VoIP to the cloud based service

stopped, and it also appears DNS broke as well. What makes the outage interesting, it was effecting traffic sources from a.a.a.a/24 network block, while b.b.b.b/24 block was working. Both networks are advertised via BGP and working with looking Glasses and the ISP routing was forming correctly. In addition, no impact was observed with TCP traffic.

For 48 hours UDP traffic was not working; however, right at a 48hour mark - randomly all IPsec tunnels came up, DNS started working, and VoIP calls worked. The ISP is saying they did not do anything, but 15 mins right after the final email from ISP "everything looks good", everything became good. So - I am pointing fingers at the ISP.

However, that does not stop the ISP from doing something similar with UDP in future. Due to the latter, how could I monitor for successful UDP traffic? Would this be a case for SDWAN? I am not educated in SDWAN enough to know, so I am not sure.

Lucking for suggestions and ideas to limit this issue again. Looking over the case notes, in the past year, this client has had 5 unexplained network issues, which never left them hard-down, but gave network issues. I am suspected this might have happened in the past.