NAT mode MX and OSPF advertisement

SOLVED
GIdenJoe
Kind of a big deal
Kind of a big deal

NAT mode MX and OSPF advertisement

According to the documentation like this one:
https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/...

 

, OSPF is only available in concentrator mode.

 

However I have an org in our MSP list where I have a HA pair of MX-es that are in NAT mode in a datacenter but the OSPF configuration is available.  The tooltip mentions that it is available for MX'es in AutoVPN that are in HUB mode.

 

Is it correct to assume the feature is available to use or is this some weird dashboard bug?

GIdenJoe_0-1603742964094.png

 

1 ACCEPTED SOLUTION
ww
Kind of a big deal
Kind of a big deal

In nat mode its available if you dont use vlans

View solution in original post

7 REPLIES 7
ww
Kind of a big deal
Kind of a big deal

In nat mode its available if you dont use vlans

GIdenJoe
Kind of a big deal
Kind of a big deal

Oh I didn't know that.  Is that written in the documentation somewhere?

 

So if I follow the logic:
The limitation of the OSPF implementation on MX is that they don't support multiple interfaces.
Since concentrator mode only has one interface and NAT mode without VLANs basically has one inside interface.
So it's not just some weird rule that you had to use concentrator mode for OSPF.

PhilipDAth
Kind of a big deal
Kind of a big deal

https://documentation.meraki.com/MX/Site-to-site_VPN/Using_OSPF_to_Advertise_Remote_VPN_Subnets 

 

"Note: MX devices in Routed mode only support OSPF on firmware versions 13.4+, with VLANs disabled. OSPF is otherwise supported when the MX is in passthrough mode on any available firmware version. This can be set under Security & SD-WAN > Configure > Addressing & VLANs

 

Note: Please note that the MX will only advertise Meraki Auto VPN routes (including static routes shared into Auto VPN) with OSPF. The MX will need static routes configured for any other local subnets."

Timbo
Here to help

Hi All,

Does anyone know whether a branch NAT-Mode MX will advertise routes (to its OSPF neighbour) which originated in the data centre from a concentrator's BGP neighbour?

The documentation around this lacks detail

Timbo
Here to help

Update:  lab tested and found that the BGP learned routes were not redistributed.

Called support; there is an NFO that can be applied to enable IBGP > OSPF redistribuiton.

Confirmed working in lab MX68 OSPF to 3750.

In this case, our branch MX is configured as a NAT Mode Hub (not spoke); it has full mesh tunnels to all the DC One-Armed concentrators, which are BGP peered to DC core router.

GIdenJoe
Kind of a big deal
Kind of a big deal

Cool setup there 😉

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels