Meraki recommended design?

Solved
Coo
Conversationalist

Meraki recommended design?

Hello,

I need a help with meraki design.

I have MX(2EA), MS_L3(2EA) and MS_L2(1EA).

I'm going to construct it as below. I want to know if it is the right design.
I want to get your advice.

 

 

Meraki_T.jpg

 -> I think... the above design has a problem when the link down.

 

How about the design below?

Meraki_TT.jpg

 

 

1 Accepted Solution
GIdenJoe
Kind of a big deal
Kind of a big deal

The warm spare automatically gets the same local VLAN and interface config.

In an L3 CORE design, just have a transit VLAN that is a /29 or lower because you need at least 3 IP's for your switches in a stacking scenario and 1 IP for the uplink MX.  Use access ports on the switches connecting to the MX'es.

In an L2 CORE design, use trunks between the switches and the MX'es and use one of the configured VLAN on the MX as native VLAN on those trunks because you should not "drop untagged" traffic because STP BPDU's are sent untagged and I have seen four links in forwarding state due to this.

View solution in original post

9 Replies 9
ww
Kind of a big deal
Kind of a big deal

Your 2nd  is the meraki recommended.

https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair#Recomme...

 

The other  option would be stacking the switches. 

Coo
Conversationalist

Hi,

I have already read this document.

However, there is no explanation for subnet separation in the document.

If I'm configured as a mesh, like a document, should I all take the same subnet.

If configured in the same subnet, two spanning tree block ports occur.

Is this right?

PhilipDAth
Kind of a big deal
Kind of a big deal

Personally I'd stack the L3 switches.  Then there is no VRRP and only a single spanning tree instance.

 

I no longer dual connect MXs.  So I'd be creating a single connection from each MX to its nearest switch, with no link between the MXs.  Then everything is 100% loop free.

I've had more failures due to loops than through single cable or port failures.

GIdenJoe
Kind of a big deal
Kind of a big deal

You should indeed stack those switches but the physical design you should pursue is the bottom picture.
Always, always, ALWAYS... build your topology using triangles, not squares!

This is especially true if you want to use the inside switches to use on an external VLAN for the WAN side of your MX'es since you don't want complete fate sharing between router and switch and mx appliance.

NolanHerring
Kind of a big deal


@PhilipDAth wrote:

Personally I'd stack the L3 switches.  Then there is no VRRP and only a single spanning tree instance.

 

I no longer dual connect MXs.  So I'd be creating a single connection from each MX to its nearest switch, with no link between the MXs.  Then everything is 100% loop free.

I've had more failures due to loops than through single cable or port failures.


I dual connect them when I have a single MX connected to 9K cores, in case one of the cores goes down for whatever nightmare reason, the MX will continue to function  =P

 

Spanning-Tree kicks in and have not had any issues, granted single MX again, so no VRRP worries on my side at least.

Nolan Herring | nolanwifi.com
TwitterLinkedIn
Coo
Conversationalist

Thanks for all the answers.
We are unable to configure the stack at customer's request.
So I'm going to do it with Muraka's recommended design ...
I am wondering if it is correct to use the same subnet for both MX and MS configuration.
Recently, everyone is designing to avoid stp structure ...
In Meraki's recommended design, two spanning-tree blockports occur when all are on the same subnet.
finally..
When configuring MX and MS, is it the same subnet or different subnets?

ww
Kind of a big deal
Kind of a big deal

Not sure  whats your question.  Mx  cant use different vlans  in warm spare. 

Ms  switches  don't do pvst  or hsrp to balance  vlans.  But  rstp and vrrp.  So  ports  will  go in blocking.

Coo
Conversationalist

I understand warm spare and rstp as you say.

I also understood that when configuring warm spares, all must be configured in the same subnet.

Thank you very much.

GIdenJoe
Kind of a big deal
Kind of a big deal

The warm spare automatically gets the same local VLAN and interface config.

In an L3 CORE design, just have a transit VLAN that is a /29 or lower because you need at least 3 IP's for your switches in a stacking scenario and 1 IP for the uplink MX.  Use access ports on the switches connecting to the MX'es.

In an L2 CORE design, use trunks between the switches and the MX'es and use one of the configured VLAN on the MX as native VLAN on those trunks because you should not "drop untagged" traffic because STP BPDU's are sent untagged and I have seen four links in forwarding state due to this.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels