Dear Friends,
I hope you are all staying safe in these trying times ?
I am building a deployment for a C19 project, that once installed, except for a major issue, we will not be able to visit the site, so I am trying to make the design as self healing as possible with the existing kit I have.
I am planning to use 2 MX64's as a HA pair but the issue I am going to have is that the primary ISP feed is unlikely to have more than 1 static IP or may even by dynamically assigned.
This means I will not be able to a known IP address t the secondary MX, obviously I could add another router into the equation and use this to distribute 2 IP address's to each MX, but this is another single point of failure and also gives me a NAT on NAT issue for the phones.
If I use a switch (MS220-8P) as its not a L3 switch I cant use this for supplying IP's - I have had an idea of using a vLAN for the 2 ports (as access ports) that feed the two MX's and use one port as. trunk port and loop this back to the main MX.
Do you think this will work ?
I am going to build a lab today for this but was interested in your thoughts and suggestions.
Thanks
Gary
#StayHomeStaySafe
From what you’re describing I believe it will work. A customer of ours did something very similar with their sd-wan deployment. Thoughts @cmr ?
They terminated the ISP connections into a switch and then connected the switch into their MX’s. Over difference may be that they’re using static IP’s.
From what you’re describing I believe it will work. A customer of ours did something very similar with their sd-wan deployment.
They terminated the ISP connections into a switch and then connected the switch into their MX’s. Over difference may be that they’re using static IP’s.
So with 1 switch your still adding one more spof.
Better add a meraki MG or a second isp to connect both mx1 and mx2 wan2 ports.
Hi there,
I was actually planning to use two switch's on in front of each MX so it would be ISP:MS220-8P:MX64:MS220-8P
with the first 220 linking back to the MX using the management vLAN
Regards
Gary
Whilst this question has not yet been solved, I have made another post on self healing network design that is sort of close to this discussion but deferent enough to seperate
@DarrenOCI replied to the other, you are correct it is pretty similar though we use dumb unmanaged switches in front of the MXs as @GaryShainberg has indeed done in the lab.