Have an internet connection and a layer-2 metro Ethernet connection. The metro Ethernet is purely a layer 2 - no routing, VLANs, etc. Currently there are 3x SonicWALLs connected and each one has 10.1.1.1, 10.1.1.2, and 10.1.1.3 for their IP addresses. Would a Meraki MX67 be configured the same way?
I would want the internet connection to be auto-VPN and I'm sure that is not an issue. Would I think be able to do auto-VPN on the metro Ethernet? Or is that even needed? Since there is voice and data going over these connections, I would love to utilize SD-WAN.
We run a load balanced dual connected SD-WAN over our two private WAN networks. One is a layer 2 metro Ethernet and the other is a routed MPLS network. You could do the same with direct internet connection replacing our MPLS WAN. In order that the MXs find the cloud you'll either need to have the internet as the primary WAN (for management, the L2 can be primary for the SD-WAN traffic) or have an extra MX as a concentrator at the main site to then route to the internet.
As the edge MXs will have an internet connection you'll be better off with the advanced license. You would use the same IP address concept as you have for the WAN port of the MXs that is on the L2 network. We have a single class C network with all our MXs on it. The default gateway is set as the main datacenter in our case as we have a central concentrator there.
Thanks @cmr I did figure WAN1 would be internet and the Metro-E would be WAN2. So WAN2 can still keep the Metro-E with a single subnet shared across the 3x different MXs and the MX will figure out all the SD-WAN bits?
Always buy Advanced licenses too 🙂
@mvalpreda that is exactly correct, as long as the MX on site 1 can see the internet on WAN1 and the MX on site 2 can also see the internet, they will form a connection (A). If MX1s WAN2 can see MX2s WAN2 then they will form a connection (B).
You can then set whether A or B are used as a failover pair, or are load balanced (from each end for outbound traffic).
As the internet and the Metro-Ethernet have no direct knowledge of each other then you also end up being able to choose the port the traffic comes in on (by setting where it goes out of at the other end).
Remember to set the bandwidth on each WAN port (both up and down if different) if you are using load balancing as it uses those values.
You can also set traffic class rules to, for example, send VoIP traffic over the lowest loss / jitter link and file server traffic to prefer the link over the internet.
The Metro-E is carrying voice, and the internet connection stinks.....so I'll set up rules accordingly.
I just wanted to make sure the MX will do what I was thinking it would do on the Metro-E side. If that can route VoIP and other traffic between the sites, that will be great.