Designing a coreless topology for internet traffic backbone

Solved
SahadSalmiT
Getting noticed

Designing a coreless topology for internet traffic backbone

I wish to create a topology that is similar to the below diagram, main use of this network will be the maximum utilization of internet traffic with a maximum of 200 devices. I know the MX 84 currently has a limitation of throughput and it will be replaced with a high-end version later. 

 

So topology looks like this 

 

  • Six MS250 series switches are connected with MX via cat6.
  • All uplinks from MS are configured as a trunk and allow all VLAN.
  • BPDU Guard is enabled in access ports.

 

 

Screen Shot 2022-07-26 at 5.54.19 PM.png

 

 

anything I need to be worried about apart from STP and the BPDU guard is enough to protect any unwanted topology changes. 

 

Let me know your comments and suggestion. 

1 Accepted Solution
KarstenI
Kind of a big deal
Kind of a big deal

The main "problem" is that the MX is like a Hub in this situation and all BPDUs are flooded throughout the network. If possible in your IP design, I would configure different IP networks (VLANs) on the MX for every switch and limit the connecting ports to these VLANs.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

7 Replies 7
KarstenI
Kind of a big deal
Kind of a big deal

The main "problem" is that the MX is like a Hub in this situation and all BPDUs are flooded throughout the network. If possible in your IP design, I would configure different IP networks (VLANs) on the MX for every switch and limit the connecting ports to these VLANs.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
SahadSalmiT
Getting noticed

Thanks, Karsteni for your reply, it seems to be interesting. Can I get a more explanation about it, definitely interested to study it and implement.  

 

 A few questions I have is

1. if I design that way then each client connecting to each MX will be a different VLAN right

2. What if I disable the spanning tree in the uplink to MX and BPDU guard on other ports, I don't require any switch to switch connection. 

cmr
Kind of a big deal
Kind of a big deal

Essentially what @KarstenI is saying is that with spanning tree you have to have a root bridge that controls the traffic.  In your design one of the switches will be this, as the MX has no STP feature or awareness.  At the very least you should set the priority of one of the switches to a lower value to reduce the elections.

 

How much bandwidth do you have / will you have?  I would link or stack the MS250s and just connect 1 or two of them to the MX at the moment.  If you get a larger MX then it will have SFP+ ports which you can then use in the same suggested topology as there is no MX that passes over 10Gb/s of WAN traffic.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
SahadSalmiT
Getting noticed

Thanks, @cmr , 

 

 I am planning to get 1 Gig from 2 ISP's and load balance, and warm spare with MX100. 

 

    if I stack all then as an uplink I would only get 1GB right from MX right and there is no way to get LACP between MX and MS for more bandwidth. 

 

 So if I created a switch with the lowest priority in the above design then I should be fine right?

cmr
Kind of a big deal
Kind of a big deal

An MX100 can only pass 500-750Mb/s of traffic so 1Gb/s LAN connections are adequate.  You will need a newer MX model to go over 1Gb/s and the ones that support 1Gb/s+ all have SFP+ LAN ports.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
cmr
Kind of a big deal
Kind of a big deal

The smallest MX to support 1Gb/s+ is the MX95 and that has two SFP+ ports.  Bear in mind that if you use the advanced or SDWAN features then you will need an MX105 or greater to go over 1Gb/s of throughput.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
SahadSalmiT
Getting noticed

Thanks, guys

 

 I got the idea about the firewall throughput, I will be really looking into that. But right now I need to get the best possible design for the time being, if this one works with the settings of STP without any bottleneck then I will go forward with that. If not let me know, please.

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.