- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
MX Dual Active Issue
We want to deploy this kind of topology, MX HA using VRRP, but it seems will be causing Dual Active conditions, as drawn below :
and as captured below, said that Dual Active will causing another issue for DHCP client and so on ?
It's seems having HA option will causing another problem, rather than solving problem..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This isn't much different from any other vendor that uses VRRP for High Availability. If the standby does not see the advertisements from the active, the secondary assumes that it has failed, and will become the active device again, eventhough it's still alive.
This only happens if the heartbeat link fails, or for some other reason that makes the active controller unreachable by the standby.
Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂
All code examples are provided as is. Responsibility for Code execution lies solely your own.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
is that mean, traffic will flow through the MX-2 when heartbeat links fail between two MXs? and both MXs still having WAN connectivity established to the Cloud Meraki
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VRRP flows on the LAN ports.
In this image, that you refer to yourself, MX1 has lost connectivity to the downstream network. It's LAN ports are not connected to anything. Hence MX2 will miss the VRRP advertisements from MX1, and thus MX2 will become Active. However, since MX1 is still "up", it will continue to act as active, and therefore you end up in the Dual Active scenario.
They don't see the VRRP advertisements, so they have no idea of the state of one or another.
However, for downstream clients, the above scenario, won't influence operations that much. MX2 is now active, and will hand out DHCP etc, but MX1 will not do anything, since its downstream link is missing - it's simply not connected to anything further down the LAN. So while both MX'es are active, and in theory will hand out DHCP, you're really only connecting to MX2.
If you have configured a Virtual IP for Warm Spare, I might expect some internet-sourced traffic being dropped, but if not, all internet-bound traffic should just exit MX2, and return to same way.
VRRP advertisements flow on all configured vlans on the MX. So you must not prune vlans between MX1 and MX2. Otherwise, you'll have some unexpected behaviour, and might end up in Dual Active as well eventhough both MXes have connectivity to eachother.
Best practice deployment for Meraki Warm Spare, is besides the topology shown in the screengrab above, also have two connections, one going from MX1 to SW1 and the other to SW2.
Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂
All code examples are provided as is. Responsibility for Code execution lies solely your own.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
MX-1 should be connected to Switch.....
Please refer this document :
https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your spare MX is not connected to the switch. So it does not receive any VRRP messages from the primary MX and assumes it is dead. So yes in this setup it is normal to have a dual active scenario.
If your downstream switches are not stacked make sure your link between the switches are a lower number than the uplinks to the MX'es and uplink both switches to both MX'es.