Join us for a month-long contest with heaps of swag to win!Learn More ›
Aaron Willette has posted a good design guide for doing an Active/Active AutoVPN deployment.
I wouldn't mind knowing a bit more about how active/active VPN returns traffic to branch sites. We have had sites send traffic through WAN1 and returning it over WAN/Internet2 which for us can impact performance if WAN/Internet2 has failed over to LTE (NBN with LTE backup). Support offered to turn active/active VPN off to resolve the issue but couldn't tell us what in Meraki says traffic should come back over WAN/Internet2.
The design looks great, but it only shows what the branches would look like not the hubs. I'm currently implementing (2) MX250 devices with local networks added plus OSPF enabled. During testing we are having issues with both hubs trying to distribute the traffic even when the spoke is set for say hub 1. The traffic will also try to route through hub 2.
Don't use OSPF. It is too retarded - for exactly the reasons you have given.
Use BGP instead. Open a ticket with support and ask them to enable the BGP support for you.
Althought the above web page says the feature is in "beta" it has been in beta for a very long time, and is used quite a bit (aka it is quite stable). I personally suspect we will see this feature released for everyone this year.
I just finished a POC using MX600's, Nexus edge device, and BGP. I'd be happy to answer questions if anyone has them. The lack of documentation on BGP available raised alot of questions for me so I lab'd it.
Our support engineer is in the process of enabling the BGP feature. Do you happen to have a diagram on what you lab'd out for the BGP and 2 opf the MX600's?