Meraki

Community

MX75 HA

CedricMX
Here to help
Monday
Monday

MX75 HA

Hello team !

 

Need your help to clarify a point.

I will install 2 MX75 (primary and spare) on my locations. 

I will use the LAN side for VRRP messages. Each LAN MX75 port will be connected to a switch.

 

On the WAN side, i will use the virtual uplinks ips.

Can you help me to define the number of public ip address i will need.

 

From my understanding, i need these ip address :

MX1 :

WAN 1 (connected to ISP 1 router port 1)

  • IP address : X.X.X.3
  • Gateway : X.X.X.1

WAN 2 (connected to ISP 2 router port 1)

  • IP address : Y.Y.Y.3
  • Gateway : Y.Y.Y.1

 

MX2 :

WAN 1 (connected to ISP 1 router port 2)

  • IP address : X.X.X.4
  • Gateway : X.X.X.2

WAN 2 (connected to ISP 2 router port 2)

  • IP address : Y.Y.Y.4
  • Gateway : Y.Y.Y.2

 

ISP 1 VIP : X.X.X.5

ISP 2 VIP : Y.Y.Y.5

 

Do you think i need 5 public ip address per ISP for a transparent HA failover and failback ?

Many thanks for clarifying these point.

Regards.

0 Kudos
8 Replies 8
Mloraditch
Head in the Cloud
Monday
Monday

Yes generally on most ISPs you will need a block of 5 or a /29 if talking in subnets. Some ISPs do sell them individually and you could get away with just 3. Generally that's smaller, rural ISPs, but it does exist. I always go with 5 so I have extras available for vendor needs.


If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
CedricMX
Here to help
Monday
Monday

Thanks for your reply.

I will pay for a /29 subnet on each ISP.

 

Is it the correct configuration ?

1 shared VIP from ISP 1 + 4 IP (2 for WAN1 MX1 + 2 for WAN1 MX2).

1 shared VIP from ISP 2 + 4 IP (2 for WAN2 MX1 + 2 for WAN2 MX2).

 

Many thanks.

 

In response to CedricMX
Mloraditch
Head in the Cloud
Monday
Monday

Each MX will only need 1 IP for each ISP and then the shared VIP IP between both.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
CedricMX
Here to help
Monday
Monday

Hi,

 

Finally, from my understanding :

- for the 2 MX i will need 3 public IP address.

- for the ISP 1 router i will need 2 public IP address

 

In conclusion, ISP 1 must provide a total of 5 public ip address.

 

Correct ?

 

Many thanks

prabhulkars
Meraki Employee
Meraki Employee
Monday
Monday

Hello,

 

Per ISP you would need 4 IPs:
1 for MX 1 WAN
1 for MX 2 WAN
1 for the Gateway for both
1 for the shared VIP

Hope this helps!

If you found this post helpful, please give it Kudos!
0 Kudos
CedricMX
Here to help
Monday
Monday

so a /29 subnet would be great.

@prabhulkars For VRRP, do you suggest using LAN side ? Each MX will be connected to the LAN switch ?

 

Many thanks

0 Kudos
In response to CedricMX
cmr
Kind of a big deal
Kind of a big deal
Monday
Monday

The HA is automatic and does use the LAN side.  So yes, each MX needs to connect to the same LAN (or VLAN).

If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to CedricMX
prabhulkars
Meraki Employee
Meraki Employee
Monday
Monday

Yes, /29 would work for you.
VRRP is by default sent over LAN and it uses the LAN VLANs for VRRP traffic. Please check the following documentation on more details regarding High Availability pair:

https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair

If you found this post helpful, please give it Kudos!
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.