Meraki interfaces from MX100 to Core are getting 'route connection change' when more that 1 is up

Neal
Comes here often

Meraki interfaces from MX100 to Core are getting 'route connection change' when more that 1 is up

I have 3 LAN interfaces from the MX100 to our core switch. Any of the 3 interfaces work fine as long as the other

2 interfaces are shutdown from the core. If a second interface is brought up, both interfaces get 'route connection

change' errors which brings down the routes associated with them and the MX100 shows them as disconnected.

Note that both the Core and the Meraki interface never go down. Then 1 of the interfaces shows connected and

the other remains disconnected. This process go back and forth between the 2 interfaces. Could someone please

tell me how to correct this problem. So far Meraki tech is stumped.

 

peer_type: gateway, peer: 192.168.100.1, connection_status: disconnected

peer_type: gateway, peer: 192.168.100.1, connection_status: disconnected

12 Replies 12
trunolimit
Building a reputation

network.png

 

If I understand this correct, the picture above is your topology? Seems like the meraki is preventing a routing loop. Are you trying to use Link aggregation? Routers traditionally don't do Link Bonding. That's a Switch thing. And Load balancing I believe only works on the WAN ports. 

 

I think a little more info is needed. What's your goal in connecting 3 links between your MX and your Switch? The fact that your Meraki Tech is stumped leads me to believe this is a little more complex than I'm seeing. 

PhilipDAth
Kind of a big deal
Kind of a big deal

I'm also assuming that all three of the MX interface are configured the same, and likewise on the switch.  If not, let us know what the differences are.

Neal
Comes here often

All 3 are identical with the exception of the VRF that it's being used for

Neal
Comes here often

We have several VRF's in our Core switch. the 3 connections are simply there to connect to 3 of our VRF's.

What I don't get is that these are static routes so why would the MX100 think that there is a route connection

change?

PhilipDAth
Kind of a big deal
Kind of a big deal


@Nealwrote:

We have several VRF's in our Core switch. the 3 connections are simply there to connect to 3 of our VRF's.

What I don't get is that these are static routes so why would the MX100 think that there is a route connection

change?


On the MX side, are all three interfaces in the same VLAN?

trunolimit
Building a reputation

It seems that some loop prevention is going on. Do all of your VRFs share the same IP scheme? I agree with Philip in that you might need to put each port into a different VLAN. 

 

In order to answer why the MX would issue a route change we would have to know more about your topology and IP addressing scheme. 

 

Off the top of my head your VRFs share what looks to the MX like common paths to the same network so it's choosing what it thinks is the shortest path to that network and shutting down the other 2 paths. 

PhilipDAth
Kind of a big deal
Kind of a big deal

What kind of core switch do you have?

 

What is most likely happening is spanning tree is running.  You bring up additional redundant interfaces and spanning tree goes into learn mode and blocks the ports for 30s or so.

 

If you are using legacy spanning tree mode on your core switch try changing to MST mode.

 

 

The other easy option is this is likely to sort itself out after 30s.  So you could just bring up the interfaces and leave them up.

Neal
Comes here often

The core is a Cisco C6807-XL When I leave the interfaces up, all that happens is one disconnects and another connects. Note that this is internal to the MX100. The interfaces never go down on the core or the MX100

 

Neal
Comes here often

Does an MX100 store routing information aside from the routes that are defined in it? If so, can they be cleared out?

PhilipDAth
Kind of a big deal
Kind of a big deal

I would suggest you configure FlexLinks on your 68407 if you want multiple links like this. You do this using the "switchport backup interface ..." command.

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-2_25_see/configu...

 

The MX must have an internal routing table, but short of a power cycle there is no way to clear it.

MRCUR
Kind of a big deal

This seems like a repeat of your original thread in the MX forum (where it should be) here: https://community.meraki.com/t5/Security-SD-WAN/Route-connection-changes/m-p/16208#M3935

MRCUR | CMNO #12
CarolineS
Community Manager
Community Manager


@MRCUR wrote:

This seems like a repeat of your original thread in the MX forum (where it should be) here: https://community.meraki.com/t5/Security-SD-WAN/Route-connection-changes/m-p/16208#M3935


Hey @MRCUR - thanks for the heads up. I just moved this thread over to the Security board. Since both this and the original thread have replies, it's a bit awkward to merge them, so I'll just let them live independently.

 

Cheers!

Caroline S | Community Manager, Cisco Meraki
New to the community? Get started here
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels