Meraki

carlto

Hi Guys

we currently have 2 main datacentres, both on different subnets. These are the hubs in our Meraki environment and all the remote offices connect back to them.

In hub A we advertise 172.16.0.0/12 and in Hub B we advertise 172.20.128.0/18. There is a direct routed link between the datacentres.

Would it be possible to advertise 172.16.0.0/12 in out of both datacentres? the idea would be that if the internet in datacentre A went off, we could get to it via datacentre B and the intersite link, the only issue would be is how would datacentre A know how to return the traffic back via datacentre B in a failover scenario? does Meraki support dynamic routing? is this design supported?

Cheers

GIdenJoe

Normally when terminating AutoVPN hubs in datacenters you must run these in one armed concentrator mode. That way you can have the same subnet across multiple DC's and you can use the fancy BGP features like path prepending to influence how each branch goes to each Hub. You can even have an active-active design where some branches reach 1 DC while the others reach another DC. And only in failure scenario they all go to the same DC.

https://documentation.meraki.com/Architectures_and_Best_Practices/Auto_VPN_Hub_Deployment_Best_Pract...

GIdenJoe

Aditionally you the gateways in each DC must be a separate router that also has a direct path between the DC's. So basically the MX'es are the next hop from the DC router to reach the branches and BGP is used between the branch router and the MX there. It is eBGP between the DC mx and the local router and iBGP between the DC MX and branch MX'es.

PhilipDAth

I can't add much more except to say you tend to use BGP from the VMXs back to your layer 3 core switches to handle route redistribution.

https://documentation.meraki.com/MX/Networks_and_Routing/Border_Gateway_Protocol_(BGP)

Meraki

Community

Dual hub failover design

Dual hub failover design