Advice transitioning from /30 to /29 subnet but with HA

Eds89
Here to help

Advice transitioning from /30 to /29 subnet but with HA

Hi,

 

We have a /30 subnet with only 1 usable host address in it, which is assigned to our current Meraki MX appliance.

We want to transition our inbound NATs to the virtual IP of an HA configuration, using our new /29 subnet.

 

As the dashboard only allows us to configure virtual IP settings for both interfaces at once, it doesn't seem like it will be possible for me to configure the virtual IP before transitioning the NATs, as I don't have sufficient IPs in the /30 subnet in order to assign that interface a virtual IP.

 

It looks like I will have to setup the new subnet without HA, transition the services to the new IP of the Meraki, then decomission the old subnet and configure HA.

Once HA is configured and I have a virtual IP for the HA cluster, I will need to transition the services a second time from the primary Meraki IP to the virtual.

 

Can anyone think of any way around this, so I can have the virtual IP configured first, allowing just a one step inbound NAT transition?

 

Cheers

James

5 Replies 5
ww
Kind of a big deal
Kind of a big deal

Officially not supported.

But you can connect the new subnet to wan2 of both devices.  Then swap primary with spare. Set the vip for wan2.  Then swap back. (You will have some outages)

Eds89
Here to help

Sorry but I don't quite follow the process?

 

You mean physically swap the primary and secondary appliances over?

I don't quite see how this would allow me to configure the VIP for WAN2, as surely WAN1 would still be configured on the spare and also expect me to assign a VIP to it?

ww
Kind of a big deal
Kind of a big deal

You can use the swap button

 

https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair#MX_Warm...

 

Because the "new" primary then only has 1 active wan(wan2) it let you configure the vip.

 

 

 

Eds89
Here to help

Ah I see.

So configure old and new subnets on primary device,

Configure new subnet only on secondary device,

Configure HA setup with just the "Use MX Uplink IP" option,

Use swap button to make secondary the active device which only has new subnet configured,

Change HA config to use virtual IP on the new subnet interface,

Use swap button to make the orignal device the primary.

 

This should leave it with new subnet configured using virtual IP, and old subnet using MX uplink IP?

 

Many thanks

James

Eds89
Here to help

Is another option to simply add the IP from my subnet I want to use as my virtual IP, as an extra IP under 1:Many NAT.

Configure my rules and migrate my services, decomission the old subnet, then configure the virtual IP?

I'm not sure what happens to that NAT rule if the IP becomes in use by the virtual IP?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels