MX64 High Availability ISP IP issue

GaryShainberg
Building a reputation

MX64 High Availability ISP IP issue

Dear Friends,

 

I hope you are all staying safe in these trying times ?

 

I am building a deployment for a C19 project, that once installed, except for a major issue, we will not be able to visit the site, so I am trying to make the design as self healing as possible with the existing kit I have.

 

I am planning to use 2 MX64's as a HA pair but the issue I am going to have is that the primary ISP feed is unlikely to have more than 1 static IP or may even by dynamically assigned.

 

This means I will not be able to a known IP address t the secondary MX, obviously I could add another router into the equation and use this to distribute 2 IP address's to each MX, but this is another single point of failure and also gives me a NAT on NAT issue for the phones.

 

If I use a switch (MS220-8P) as its not a L3 switch I cant use this for supplying IP's - I have had an idea of using a vLAN for the 2 ports (as access ports) that feed the two MX's and use one port as. trunk port and loop this back to the main MX.

 

Do you think this will work ?

 

I am going to build a lab today for this but was interested in your thoughts and suggestions.

 

Thanks

 

Gary

 

#StayHomeStaySafe

CTO & Solutioneer
CMNA, CMNO, ECMS2
SNSA, SNSP
~~If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.~~
7 REPLIES 7
DarrenOC
Kind of a big deal
Kind of a big deal

From what you’re describing I believe it will work. A customer of ours did something very similar with their sd-wan deployment.  Thoughts @cmr ?

 

They terminated the ISP connections into a switch and then connected the switch into their MX’s.  Over difference may be that they’re using static IP’s.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
DarrenOC
Kind of a big deal
Kind of a big deal

From what you’re describing I believe it will work. A customer of ours did something very similar with their sd-wan deployment.  

 

They terminated the ISP connections into a switch and then connected the switch into their MX’s.  Over difference may be that they’re using static IP’s.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
ww
Kind of a big deal
Kind of a big deal

So  with 1 switch  your still  adding  one  more  spof.

 

Better add a meraki  MG or a second isp to connect  both  mx1 and mx2 wan2 ports.

GaryShainberg
Building a reputation

Hi there,

 

I was actually planning to use two switch's on in front of each MX so it would be ISP:MS220-8P:MX64:MS220-8P

 

with the first 220 linking back to the MX using the management vLAN

 

Regards

 

Gary

CTO & Solutioneer
CMNA, CMNO, ECMS2
SNSA, SNSP
~~If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.~~

How's the lab looking? Please let us know how you get on.
Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
GaryShainberg
Building a reputation

Whilst this question has not yet been solved, I have made another post on self healing network design that is sort of close to this discussion but deferent enough to seperate

CTO & Solutioneer
CMNA, CMNO, ECMS2
SNSA, SNSP
~~If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.~~
cmr
Kind of a big deal
Kind of a big deal

@DarrenOCI replied to the other, you are correct it is pretty similar though we use dumb unmanaged switches in front of the MXs as @GaryShainberg has indeed done in the lab.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels