Overlap Route in DC DC Failover

Solved
rahmad
Here to help

Overlap Route in DC DC Failover

Hi all,

 

I've question regarding overlap route in AutoVPN.

 

Recently i read this documentation : https://documentation.meraki.com/MX/Networks_and_Routing/MX_Routing_Behavior#DC-DC_Failover

Let's assume all those DC is Hub with NAT Mode.

 

1.Based on statement in that documentation, is it true that if DC 2 is down/unreachable by Branch MX, route failover to DC 1 will not happen for 10.1.0.0/16 ?

If so, i seems can't quite understand why that's the case.

I'm assuming once DC 2 is down, route for 10.1.0.0/16 will be deleted in AutoVPN, is this correct ?

2. Is there any other solution so 10.1.0.0/16 can failover to DC 1 ?

 

Any answer is appreciated, thank you.

 

rahmad_0-1585464834162.png

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

If you really do have two DCs with the same subnet, then those DCs are probably using layer 2 extension across the sites.  If they have that, then use the two MXs in warm spare mode.  They will then as a single unit, and which ever is up will get the traffic and route it appropriately.

 

Otherwise if you really want to run active/active, connect each MX to your layer 3 core using a stub network (I quite like /29's these days).  Then use BGP between your core switch and the MX and dynamically advertise routes into the MX and AutoVPN.  Then if a DC does die, the routes stopped getting advertised via BGP, and everything fails over nicely.

View solution in original post

4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal

If you really do have two DCs with the same subnet, then those DCs are probably using layer 2 extension across the sites.  If they have that, then use the two MXs in warm spare mode.  They will then as a single unit, and which ever is up will get the traffic and route it appropriately.

 

Otherwise if you really want to run active/active, connect each MX to your layer 3 core using a stub network (I quite like /29's these days).  Then use BGP between your core switch and the MX and dynamically advertise routes into the MX and AutoVPN.  Then if a DC does die, the routes stopped getting advertised via BGP, and everything fails over nicely.

rahmad
Here to help

Hi Phillip,

Thank you for your answer!
1 more question, i know if this is a bit more off topic, but can you deploy Passthrough Mode behind router not firewall ?
ww
Kind of a big deal
Kind of a big deal

You have a point here.  Why would it not failover.   When the spoke loses connectivity to the hub it also  removes  its  routes..?

SopheakMang
Building a reputation

Try to troubleshoot first , i also used to meet this case. I want you to check on routing table on each MX make sure no conflict subnet. Then can try to open case , ask merkai support to turn off layer3 summary feature from the back end , then let's see the result.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels