MS425 Two stack redundancy options

Mac1
Comes here often

MS425 Two stack redundancy options

Hello everyone. I have a Low level design doc that composes of Two layer two switch stacks containing say four switches each.

 

They then go up two MS425s. Looking at the diagram, these also are in a stack, but a stack of two.

 

We will need redundancy for the two layer two switch stacks. Ordinarily we would use some form of VRRP or warm spare in Meraki parlance i believe? However, because the MS425s are stacked, surely this rules out VRRP/Warm Spare?

 

 

How do I achieve redundancy for my lan going to this MS425 stack, when I am unable to use VRRP/Warm spare?

11 Replies 11
teampicnic
Conversationalist

Hello Mac1

You need to create a port channeling between all the stacks. Let's say that the 425s are the core stack, the L2 switches 1 and 2 are stack 1, and L2 3 and 4 are stack 2. You will have a port channeling between core stack-stack 1 and core stack-stack 2. It will be treated as a single switch with 2 different switches down. 
You could enable Spanning Tree in that case for a failover if the port-channeling breaks for some reason, but that's a bit risky.

Mac1
Comes here often

So you would have TWO port channels on the Core stack with One port from each of the L2 stacks below yes?

 

This would just be one port channel configured on each of the L2 stacks with a single port going to each member of the core stack, yes?

 

 

So if you lost one of the switches in the core stack, the L2 stacks  would automatically failover to the other member of the core stack, yes, is that exactly what you mean?

ww
Kind of a big deal
Kind of a big deal

Convert Ms425-1 port1 and ms425-2 port 1 to a channel

That makes aggregate port 0

 

Convert Ms425-1 port2 and ms425-2 port 2 to a channel

That makes aggregate port 1

 

Convert access stack1  switch1-port 49 and switch2-port 49 to a channel 

This makes aggregate port 0. 

 

Connect these two access  ports(aggregate0) to ms425 aggregate0 port(ms425-1port1 and ms425-2port1)

 

Then do the same for access stack 2 and connect that to ms425 aggregate1 ports

Mac1
Comes here often

Hello and thank you.

 

So  is the traffic equally load balanced from the lan up to the Ms425s?

 

If I lose one of the Ms425s the failover to the other is automatic yes?

Mac1
Comes here often

Is the traffic equally load balanced from the lan up to the Ms425s?

 

If I lose one of the Ms425s the failover to the other is automatic yes?

cmr
Kind of a big deal
Kind of a big deal

@Mac1 in a portchannel the traffic is pretty evenly balanced, yes.  With the stack of two 425s, if either fail the other will continue to route traffic.  There may be a momentary blip if the one that fails is the stack master, but it is very quick.

Mac1
Comes here often

Hello and thanks you. I'm now told that the SVI's will sit on an SD-WAN router above the MS425 Stack.

 

The MS425 will be for distribution only and the Lan switches (MS225s) will be below the distribution switch.

 

1. So, I run Layer two trunks between the lan and the MS425 through the port channels, yes?

 

 

2. How do i get from the distribution switch to the SDWAN, something has to point to the VRRP vip doesn't it?

 

3. Where should the Default gateway for my LAN switches point? To the VRRP address of the SD_WAN router, or the management address of the Distribtion switch?

 

4.Should the connection between the Distribtion switch and the SVI router be layer three or layer two trunk?   

 

T

cmr
Kind of a big deal
Kind of a big deal

@Mac1 if all the SVIs are on the SD-WAN devices then the switches are simple L2 devices.  All you need is a management interface and trunks between them.  No VRRP needed as you aren't using them for routing (the first R in VRRP).

teampicnic
Conversationalist

If the 425's are not going to provide Layer 3 services, the design is pretty simple, as the other friend explained. But then, will you have a single Layer 3 SD-WAN equipment? In that case, you are keeping the Single Point of Failure anyway, so the 425s are not really a good idea. You might achieve the same results with 355s or even lower if you don't need the 40Gb ports. 

Mac1
Comes here often

Hello and thanks again.

 

So if the 425's are layer two only, what about the connection between the 425's and the SD-Wan?

 

1. The SD-WAN is actually TWO boxes, so this is will be two layer 2 trunks from the distribution, yes?

 

2. The Access switch Gateways is still  pointing to the SVI's which now sit on on the sd wan, yes?

teampicnic
Conversationalist

The SD-Wan runs in a "out-of-band management" interface. That is a pre-configured VLAN that will try to get a DHCP address. This is configured on the "Switch Settings" sections of the "Switch" tab of the Meraki Dashboard. 
If this interface doesn't get Internet connection, it will try to go via any of the trunked VLANs configured in the switch. The switch will try any method to reach the Meraki DCs. Therefore, you need to make sure that this Management VLAN has internet access, but the rest is all layer 2.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.