Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX450 loadbalancing

Solved
DukeAtreides
Conversationalist
‎Dec 7 2019 8:48 AM
‎Dec 7 2019 8:48 AM

MX450 loadbalancing

Hello!

 

I'm running into a little capacity issue:

I've a site with 3 internet connections 1 is 10gbps uplink and two are a 2gbps with burst upto 8 

 

We've bought two MX450 initially one as warm spare for the other; I've also a couple of MX84's (left over after combining the different sites we had)

I knew the max throughput of the 450 would be 6gbps but with security features enabled this rate would take a hit.

And it does, in real life the throughput is more like 3.7.
That would waste quite a bit of our total capacity, now I've been looking into load balancing (but the articles I've found are all about how to balance over two connections) and that's not the wish here.

I did a bit a quick and dirty solution of creation a 2nd site putting the MX84s on that and splitting the traffic so to say.
While this helps me a bit. In an ideal world I would like to at least combine the power of the two 450's and have a unified network that could take advantges of the 10gbps internet link.

So the real question is can there be two (or three) MX450s working together on one network? 
Or am I forced to create different sites, and split the network so to say?

 

My Meraki account manager came up empty, talked about High Availability, but nothing more.

 

0 Kudos
Subscribe
1 Accepted Solution
jdsilva
Kind of a big deal
‎Dec 7 2019 9:38 AM
‎Dec 7 2019 9:38 AM

Hey @DukeAtreides ,

 

No, there's a hard dashboard limitation that you can only have one MX in a network (except of course for Warm Spare). You could do something where you have MX appliances in two networks, but both physically connect to the same switching infrastructure. We've done this in the past and had some VLANs go to one MX, and other VLANs to the second, with a few routes between them to complete connectivity, but this was far from an ideal set up.

 

That said, I'll ask you the question I always ask when these sorts of questions come up here: Does it really matter? I know you are saying you have a 10gig service, but what are your users actually using? Is the problem that you're maxing out the capacity of the MX leading to dropped packets and poor user experience, or is the problem that you have a service that is well above what you're actually using? If it's the latter then my suggestion would be reduce your services to more appropriate level, and use it as an opportunity to save your business some money (and look good in the process).

 

 

http://blog.brokennetwork.ca | @jdsilva

View solution in original post

Subscribe
4 Replies 4
jdsilva
Kind of a big deal
‎Dec 7 2019 9:38 AM
‎Dec 7 2019 9:38 AM

Hey @DukeAtreides ,

 

No, there's a hard dashboard limitation that you can only have one MX in a network (except of course for Warm Spare). You could do something where you have MX appliances in two networks, but both physically connect to the same switching infrastructure. We've done this in the past and had some VLANs go to one MX, and other VLANs to the second, with a few routes between them to complete connectivity, but this was far from an ideal set up.

 

That said, I'll ask you the question I always ask when these sorts of questions come up here: Does it really matter? I know you are saying you have a 10gig service, but what are your users actually using? Is the problem that you're maxing out the capacity of the MX leading to dropped packets and poor user experience, or is the problem that you have a service that is well above what you're actually using? If it's the latter then my suggestion would be reduce your services to more appropriate level, and use it as an opportunity to save your business some money (and look good in the process).

 

 

http://blog.brokennetwork.ca | @jdsilva
Subscribe
In response to jdsilva
DukeAtreides
Conversationalist
‎Dec 7 2019 9:50 AM
‎Dec 7 2019 9:50 AM

Thanks for the answer, okay so that's quite what I imagined.

 

Build it and they'll come - we're anticipating for holographic calls.. 

Kidding, we are a very internet hungry company all the infra is in the cloud, and the users are a mix between young who deal with the data in the cloud and others who download compute half local and half on vms so lot of back and forth of data transfers.
That with a sales department that is using a voip application that really likes bandwidth to upscale the calls. 
Base usage is hitting the peak and while we have managed to prioritize the vital traffic and so are not directly seeing package loss, what we are seeing is reduced productivity due to longer download times.

And in all honesty the price difference between a 2gig connection and 10 is less than 100 bucks per month the company will not care one bit for saving money, they would however appreciate the faster download speeds.

 

But with this confirmation, I'll indeed look into setting up multiple networks.
I was a bit reluctant as, the usage isn't really properly spread,and balancing would be better.

 

 

Subscribe
In response to DukeAtreides
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 7 2019 12:24 PM
‎Dec 7 2019 12:24 PM

Are you only using the MX450's for client user traffic (as opposed to AutoVPN)?

 

What you may be able to do is split your users into VLANs.  Make MX1 the default gateway for VLAN1, MX2 for VLAN2, etc.  Create a transit link between them so that routing between VLANs still works.

Plug both of the MX450s into your fast Internet circuit (might need an extra switch).  You'll need a licence per MX.

 

In the dashboard create a network for each MX.

Subscribe
In response to PhilipDAth
DukeAtreides
Conversationalist
‎Dec 8 2019 3:52 AM
‎Dec 8 2019 3:52 AM

hi Philip,

 

Mostly client traffic there is a connection to a vMX100 but that one is already on it's own network and bridged.

So is the quest network, same internet connection but different IP and different network and it's own security appliance.
Till there it was simple. Guest network with 1gbps is fine.
vMX won't push too much either so he has his own copper connection to one of the routers.

 

 

Yes, exactly that's probably the way we will handle it.

It biggest negative on this is just that it doesn't really balance based on traffic but on users.

 

That would work lovely if all users have the same constant need, and we have no flux between them 
We could put 500 users on one and 500 on the other.
Unfortunately it's more dynamic then that, and so it could perfectly well happen that VLAN 1 is pushing 6-7 and VLAN 2 1 (simplified of course)

 

And would indeed most likely need a switch in between as the router of the ISPS have 1 10gbts fiber port and the rest is 1gbts copper.

 

 

 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.