Fully redundant MX/MS Architecture - With fiber ?

SOLVED
ThibaultH
Here to help

Fully redundant MX/MS Architecture - With fiber ?

Good morning folks,

 

I'm today looking for feedback on the recommended MX/MS fully redundant architecture provided by Meraki documentation

 

recommended_HA_design

 

What I'm looking to achieve with a customer is to split this into two distinct server room 400 meters from each other, and to interconnect them through fiber, using transceivers (blue link on my below schema)

 

It would look like this : 

 

recommended_HA_design.png

 

Does anyone previously experienced this situation ? Is that a fully supported architecture ?

Any advice or warning on this ?

 

Thanks for your reply and have a great day 

🤘

Linkedin |Twitter@ThibaultHenry
Ch'timi from the heart
1 ACCEPTED SOLUTION
jdsilva
Kind of a big deal

Yes, you can do this. Just make sure the MX's have a L2 connection between them and this will work. 

 

And I'm sure you've got this covered, but if you're doing SX then make sure you have OM3/4 for your fibre run. SX on OM1/2 doesn't support that distance. 

View solution in original post

5 REPLIES 5
jdsilva
Kind of a big deal

Yes, you can do this. Just make sure the MX's have a L2 connection between them and this will work. 

 

And I'm sure you've got this covered, but if you're doing SX then make sure you have OM3/4 for your fibre run. SX on OM1/2 doesn't support that distance. 

GIdenJoe
Kind of a big deal
Kind of a big deal

Afew important considerations you need to make:

For HA MX'es don't forget your WAN1 and WAN2 on both appliances need to connect to the same respective upstream ISP circuits.

So you'll need to have one ISP come in building 1 and connect that one first on the switch there on an external VLAN and then have two ports connecting to both the WAN1's of the MX'es, so the third link will also be going over the fiberlink.  And then the reverse of ISP2. That one will connect first to switch 2 and then back up to the MX'es WAN2.

However I'm considering you might need separate links from the switch to the MX on the other side.  There are some fate sharing scenarios that could lead to black holes.  Hmm this setup needs to be thought through.

Secondly you will have a blocked link due to spanning-tree with this design.
Alternatively but way more expensive is doing a pair of 425's with flexible stacking so you can have both downlinks forwarding at the same time

jdsilva
Kind of a big deal


@GIdenJoe wrote:


For HA MX'es don't forget your WAN1 and WAN2 on both appliances need to connect to the same respective upstream ISP circuits.

So you'll need to have one ISP come in building 1 and connect that one first on the switch there on an external VLAN and then have two ports connecting to both the WAN1's of the MX'es, so the third link will also be going over the fiberlink.  And then the reverse of ISP2. That one will connect first to switch 2 and then back up to the MX'es WAN2.


Only if you need to use a VIP. You don't need to do this if you just use the MX IP's. 

 

image.png

PhilipDAth
Kind of a big deal
Kind of a big deal

Personally I'd only connect the MX to the MS in the same building (I'd only use a single cable if it was me).

 

I would use dual fibres between the MS in the different buildings using LACP.

 

This will make it loop free.  More stable.

 

@jdsilva is correct.  You don't have to use common ISPs if you are not using VIP.

GIdenJoe
Kind of a big deal
Kind of a big deal

OK thanks for clarifying that 🙂

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels