Meraki

Pwellion

Hi There

Just wondering if someone could confirm is the below topology is supported. I have a client with 2 Independent ISP circuits delivered as /31s public ranges

Circuit 1 is on a 10Gb Bearer capped at 2Gb/s and Circuit 2 is a 1Gb bearer @1Gbs

Looking at the HA guide MX_Warm_Spare_-_High_Availability_Pair I cannot see anywhere where is specifies that the interfaces need to match on the MXs configured as a HA pair (unless I missed it). Only that VRRP is required across the LAN

Based on this, as only one circuit runs at 10Gb, could I use 1Gb Fibre, or indeed even 1Gb Copper for connectivity (LAN/WAN or both) for the Warm Spare firewall, as the ISP uplink is only 1Gb.

Obviously aware that a better approach would be 2 X /29 with WAN switches, to allow 2 X VIP sharing across both ISPs, but for now this is not in scope.

Appreciate any comments, thanks

Ryan_Miles

Yep, totally doable. As you stated you can't do a VIP on the WAN without the extra IPs. But basic HA will work fine.

View solution in original post

Ryan_Miles

Yep, totally doable. As you stated you can't do a VIP on the WAN without the extra IPs. But basic HA will work fine.

Pwellion

Hi Ryan, so theoretically to save even more I could indeed use Copper for all ports on the warm spare that would be handy.

Pwellion

Hi Ryan, so If you say we can use the Copper LAN ports on Standby MX, I assume I enable the required LAN ports, Both Fibre and Copper on the Primary MX. From a physical standpoint
Primary MX has 2 X Fibre Connections (LAN ports 9 and 10) and the Standby MX has 2 X Copper LAN connections 5 & 6)

Thanks

Ryan_Miles

You can use any of the LAN ports. Just ensure they have the same config (access or trunk, same VLAN config, etc).

Example from MX95

Meraki

Community

MX Warm Spare HA support with differing WAN/LAN speeds/Ports

MX Warm Spare HA support with differing WAN/LAN speeds/Ports