vMX100 on Azure, configured as HUB

Solved
vgo
Comes here often

vMX100 on Azure, configured as HUB

Hello all,

 

Can vMX100 be configured as HUB in Azure? 

The network will have north of 100 spokes eventually.

 

If this is possible, can you share reference architecture?

If it is not possible or not advisable, can you share the reasoning behind this?

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

>How do you overcome the 500mbps throughput limitation?

 

I have clients with hundreds of spokes, and that has never been a limitation.

 

However you can deploy dual VMX appliances and run them active/active.  You typically use a pair of templates, and make half the sites use one VMX and half use the other.

Refer to this design guide:

https://www.willette.works/active-active-meraki-sd-wan-headends/ 

View solution in original post

8 Replies 8
PhilipDAth
Kind of a big deal
Kind of a big deal

It can only operates in VPN concentrator mode in Azure.  Consequently running in hub mode is the most common deployment.  You could also deploy it as a spoke of another hub, but this configuration would not be common.

 

This is the Azure deployment guide:

https://documentation.meraki.com/MX/Installation_Guides/vMX100_Setup_Guide_for_Microsoft_Azure 

vgo
Comes here often

Thanks. How do you overcome the 500mbps throughput limitation?

 

PhilipDAth
Kind of a big deal
Kind of a big deal

>How do you overcome the 500mbps throughput limitation?

 

I have clients with hundreds of spokes, and that has never been a limitation.

 

However you can deploy dual VMX appliances and run them active/active.  You typically use a pair of templates, and make half the sites use one VMX and half use the other.

Refer to this design guide:

https://www.willette.works/active-active-meraki-sd-wan-headends/ 

vgo
Comes here often

Thank you!

Guruprakash_M
Comes here often

Hi,

 

What would be the marketplace MX form factor to accommodate 1500+ clients to enable SD-WAN in public cloud like Azure/AWS/GCP?

 

I understand vMX100 is the current option for public cloud. Just wanted to know Meraki's view to meet such requirments.

PhilipDAth
Kind of a big deal
Kind of a big deal

You don't really get to choose the size in either Amazon or Azure.

 

And the VMX only terminates VPNs, so user count is not really a factor.

 

Check out this guide.

https://www.willette.works/meraki-mx-sizing/ 

 

Basically you can do up to 500 concurrent VPN tunnels.  If you need more than this you need to use multiple VMX appliances.

Guruprakash_M
Comes here often

Thanks for the quick reply Philip.

 

I am sorry if my question is wrong!!!

 

In such case, whether the vMX100 form factor can't be used in a SD-WAN use case? 

PhilipDAth
Kind of a big deal
Kind of a big deal

Another special note.

 

I don't know why, but a small percentage of the deployments I do into Azure have permanent 5% packet loss over AutoVPN.  So when I stand up the VMX in Azure I connect a spoke up ASAP, and leave a ping running to a server in Azure for an hour (interestingly if you leave the ping running to the VMX there is zero packet loss).

If you experience the packet loss the only solution is to delete the VMX and re-deploy it.  There is no other fix.

Get notified when there are additional replies to this discussion.