cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki MPLS private and public interfaces

SOLVED
Conversationalist

Meraki MPLS private and public interfaces

We are setting up a Meraki SD-WAN across MPLS network. 

  • The spoke is attached to the MPLS with interface IP (172.16.10.10) which gets NATed to a public IP (100.100.100.100)
  • The hub is running in one-armed concentrator mode with MPLS attached. Hub interface IP is (172.16.1.1) and the IP is NATed to a different public IP (200.200.200.200).

My question is, in this case, will there be tunnels built over the public IP or interface IP, or both? If both, which one has a higher priority?

 

I have done lots of reading on this but haven't found a concrete answer. The Meraki doc only says the private IP will be used if both ends use the same public IP. 

Annotation 2019-11-15 174515.png

Many thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Kind of a big deal

Re: Meraki MPLS private and public interfaces

Because the two AutoVPN nodes present to the Internet using different public IP addresses it will build AutoVPN over the Internet - or between those two public IP addreses.

 

Only nodes that present using the same public IP address will build AutoVPN between those private IP addresses.

View solution in original post

3 REPLIES 3
Highlighted
Kind of a big deal

Re: Meraki MPLS private and public interfaces

Because the two AutoVPN nodes present to the Internet using different public IP addresses it will build AutoVPN over the Internet - or between those two public IP addreses.

 

Only nodes that present using the same public IP address will build AutoVPN between those private IP addresses.

View solution in original post

Conversationalist

Re: Meraki MPLS private and public interfaces

Thanks for the response.

 

In this case, I can see this is a flaw in Meraki as this will lead to traffic using less-optimal paths when you have two sites connected to each other perfectly over MPLS but tunnels are built over Internet due to different public IPs. It would be nice if admins are given the freedom to choose how the tunnels are built.

Kind of a big deal

Re: Meraki MPLS private and public interfaces

Touche.  The network design does not meet the Meraki guidelines.  You can't expect it to work optimally if you don't follow the manufacturer design guides.  🙂

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.