2MX in HA mode, 4 ISPs?

ahmadtat
Getting noticed

2MX in HA mode, 4 ISPs?

Hi,

is there anyway this scenario will be applicable for MX84 models (or any other MX model )?

MX1 , WAN1 = ISP A

MX1 , WAN2 = ISP B

 

MX2 , WAN1 = ISP C

MX2 , WAN2 = ISP D

 

Much appreciated. 

8 REPLIES 8
ww
Kind of a big deal
Kind of a big deal

Yes. On all models.

Note mx2 device is standby  only

ahmadtat
Getting noticed

Great!

how will the WAN failover work in case WAN1 in the Active MX (MX1) fails?

is there anyway the (standby) MX WAN 1 will go active if the MX1 is still reachable?

 

plz share as much details as possible.

CptnCrnch
Kind of a big deal
Kind of a big deal

https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair#Require...

 

In a nutshell:

  • MX1 will fail over to WAN 2 if WAN 1 is failing
  • If WAN 2 on MX 1 also fails, it will switch over to MX 2
  • MX2 will fail over to WAN 2 if WAN 1 is failing
Tore
Getting noticed

Please note if a Virtual IP Address (VIP) is to be used then each uplink of the two MXs must share the same broadcast domain on the WAN side.

ahmadtat
Getting noticed

anyway we can load balance between the 2 MXs in case of WAN1 in MX1 failed?

since WAN links are configured as load balancing...

my point is to utalize the WAN connections in MX2 in case any of the WAN links failed in MX1 (in case of load balancing)

Tore
Getting noticed

Load Balancing occurs on the active MX in a HA Pair. The other MX would be a Warm Spare (not active).

 

JimmyPhelan
Getting noticed

Just to chime in here with something that caught us unawares, the WAN failover is not instant. There is a timeout and algorithm that runs that determines based on DNS responses if a WAN port is up and functional. This can take from 5 to 10 minutes.

 

A physical failure i believe is instant, but its been a while since i tested that.

 

What you might be able to leverage is a DIA style connection from your WAN Providers, where they will present perhaps a HSRP backed gateway to your MX's.

Nice input @JimmyPhelan 

Here is the document explaining the connection monitoring mechanisms.

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Connection_Monitoring_for_WAN_Failo...

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels