Mulitcast traffic over Meraki MX VPN

Solved
Joe2112
Here to help

Mulitcast traffic over Meraki MX VPN

Greetings -

 

I have a scenario where a customer has two campuses - main and branch. The main campus has a primary 4GB Internet connection via a non-Meraki firewall and a backup Internet connection using business cable modem with a Meraki MX used here. The branch campus has a 10GB, point-to-point dark fiber back to the main campus and its own business cable connection with a Meraki MX connected to it. There is a 'backup' connection using a site-to-site VPN between the two sites using the cable connections and Meraki MX appliances. (see diagram).

 

The customer uses multicast traffic to send audio broadcasts from the main campus to the branch campus. This works fine until the 10GB fiber connection goes offline. Normal IP traffic works but we cannot get multicast traffic across the VPN connection using the Meraki MX appliances.

 

Is multicast traffic across a Meraki MX site-to-site VPN connection supported? If not could I use a GRE tunnel across the site-to-site VPN?

 

Any information/input is greatly appreciated.

 

Cheers

JoeMulticast_backup.jpg

1 Accepted Solution
jdsilva
Kind of a big deal

Hey @Joe2112 ,

 

Like @NolanHerring said the MX cannot route multicast traffic, so you cannot forward it over the AutoVPN. But yes, if you had another external device that could do multicast routing you could GRE tunnel it between two endpoints through the AutoVPN tunnel. This could be either a L2 or L3 GRE depending on how you wanted to do it. Unfortunately, Meraki does not support GRE, so you need to look elsewhere for that. 

View solution in original post

5 Replies 5
NolanHerring
Kind of a big deal

https://documentation.meraki.com/zGeneral_Administration/Other_Topics/Multicast_support

 

IGMP Support on the Cisco Meraki Security Appliance

MX Security Appliances will forward IGMP traffic for a single broadcast domain. It does not forward multicast traffic upstream, between VLANs, or over a VPN.

Nolan Herring | nolanwifi.com
TwitterLinkedIn
NolanHerring
Kind of a big deal

I suppose if you were able to encapsulate the traffic 'before' the MX, then the MX won't know what it is, so you could send it across that way. In theory...in my head. No clue if there is a way to do that though lol.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
jdsilva
Kind of a big deal

Hey @Joe2112 ,

 

Like @NolanHerring said the MX cannot route multicast traffic, so you cannot forward it over the AutoVPN. But yes, if you had another external device that could do multicast routing you could GRE tunnel it between two endpoints through the AutoVPN tunnel. This could be either a L2 or L3 GRE depending on how you wanted to do it. Unfortunately, Meraki does not support GRE, so you need to look elsewhere for that. 

Joe2112
Here to help

I am going to look further into what hardware the customer has deployed behind the Meraki MX appliances and see if they support GRE tunnels.

 

Thank you the information.

 

Cheers

Joe

Jhurford
New here

Buy Sonicwall...... They support multicast over VPN, I’m using them in a mission critical environment to send radio audio between a 911 center and a remote radio in the field about 30 miles away.... they have been in service for about 4 years and have never needed rebooted. I think its right up your alley! 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels