DC design questions

SOLVED
etalaveran
Conversationalist

DC design questions

Hi

 

I have some design questions regarding MX on DC

 

I see that performance is about clients and VPN throughput. But there is any info about the maximum number of VPN tunnels?

 

If I have in a DC 2 MX :

 

  • The only way to configure both devices to  concentrate the remote sites is HA in WarmSpare?
  • Active/Active HA is possible with 2 MX?
  • If one HA pair fails, whats the the convergence time to the Warm Spare?

 

Is possible for a remote site to access The Dashboard using MPLS links via DC internet access?

 

 Regards

 

1 ACCEPTED SOLUTION

Accepted Solutions
PhilipDAth
Kind of a big deal

Re: DC design questions

This guide lists the maximum number of VPN tunnels (page 2).

https://meraki.cisco.com/product-collateral/mx-sizing-guide/?file 

 

>If one HA pair fails, whats the the convergence time to the Warm Spare?

 

Depends on the type of failure.  Usually 10s to 30s.

 

Check out this DC to DC failover guide.  It uses an active/active design.  It uses a pair of MX in each DC (4 in total), but in your case you might only use two.  Note that they MUST have a seperate and unique stub network each for this to work.  You also need to use dynamic routing.

https://documentation.meraki.com/MX/Deployment_Guides/Datacenter_Redundancy_(DC-DC_Failover)_Deploym... 

 

BGP is the most popular routing protocol for this kind of design.

https://documentation.meraki.com/MX/Networks_and_Routing/BGP 

View solution in original post

2 REPLIES 2
PhilipDAth
Kind of a big deal

Re: DC design questions

This guide lists the maximum number of VPN tunnels (page 2).

https://meraki.cisco.com/product-collateral/mx-sizing-guide/?file 

 

>If one HA pair fails, whats the the convergence time to the Warm Spare?

 

Depends on the type of failure.  Usually 10s to 30s.

 

Check out this DC to DC failover guide.  It uses an active/active design.  It uses a pair of MX in each DC (4 in total), but in your case you might only use two.  Note that they MUST have a seperate and unique stub network each for this to work.  You also need to use dynamic routing.

https://documentation.meraki.com/MX/Deployment_Guides/Datacenter_Redundancy_(DC-DC_Failover)_Deploym... 

 

BGP is the most popular routing protocol for this kind of design.

https://documentation.meraki.com/MX/Networks_and_Routing/BGP 

View solution in original post

PhilipDAth
Kind of a big deal

Re: DC design questions

ps. Because of the complexity that active/active adds - I would always go up a model if I was able to use warm spare instead.

 

Aaron Willette wrote a good active/active guide as well.

https://www.willette.works/active-active-meraki-sd-wan-headends/ 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.