Showing results for 
Search instead for 
Did you mean: 

SDWAN Service VPN- Business Hours Packet Losses

Hi Guys.

We have a weird problem where there is huge amount of packet losses noted on the network during normal working hours. We did the changeover to SDWAN in the weekend and everything was fine. However, things went really bad once Monday business hours started. There major disruption in service to no service at all on the service VPNs but we can confirm that the Transport IPs are reachable.

Some of the isolations carried out includes:

1. Installation of HSEC license. The Spoke has a WAN Link at 200Mbps synchronous.

2. The WAN connectivity is stable but the Service VPNs are not during the normal hours.

3. Security policies removed for isolation but problem continues.

4. Routers rebooted at the Hub and Spoke. Hub also has the HSEC license installed.

5. We operate other sites on SDWAN with the bandwidth of 80Mbps synchronous, but do not have this issue.

6. The speed tests hits only around 6.5Mbps

When we revert the site to Autonomous mode, everything works fine and zero issues noted on the LAN. Thus, it basically rules out the Spanning Tree loops, rogue DHCP etc in the LAN. The speed tests on the Autonomous mode hits around 190Mbps.

We have run out of ideas on what could be the problem here. Please requesting for someone to advice us on this.






3 Replies 3


how did you verify that WAN is OK and service-side is not? In this type of cases, I think there is need to see configuration (share without confidentials) and mainly statistics. Do you have monitoring to track interface utilization? Do you hit 200M frequently? Did you try ping from LAN to remote LAN and WAN to WAN, what about bfd drops etc.

Please rate and mark as an accepted solution if you have found any of the information provided useful.

Thanks Kanan

The following was used to verify the WAN.

1. The ping tests to the edge was fine without any packet drops. Ping from WAN to WAN was fine without any drops. Ping from LAN to Remote LAN had a lot of packet drops to even losing the remote lan completely many a time. For example, in the weekend after changeover, the services will be fine. On Monday morning, at about 7AM, when people start coming in, the drops will start and by 9AM, when maximum of the staff are in, the drops are so much that it is no longer possible to use any of the services.

2. Change to the Autonomous mode also had ping to the Remote site fine.

Unfortunately, we did not have the interface utilization monitoring and due to the significant issue, we had to revert the site

Please if you can advice.



I believe nobody can help in this case with exact answer, there is need to do analyze when something works but poorly.

There is need for statistics to find out what happens and where.

Is remote site something hub location? When you revert config to autonomous mode, do you do for remote also or what?

Please rate and mark as an accepted solution if you have found any of the information provided useful.