We currently have a single MX in our topology, but would like to upgrade to an HA deployment. I have some vague memories around VRRP but get a little confused with the WAN configuration. I've devoured the Meraki documentation on the HA feature, and this is what I am left with.
Facts:
- Currently our ISP modems are set to 'passthrough', meaning the public IPs are physically assigned to the MX
- One ISP is a cable provider who also provides us with a static public IP (set as static on MX)
- The other ISP is a cellphone carrier which we access through a MG21E modem
Questions:
1. For the HA setup to work, does the modem need to own the public IP instead of the MXs? I assume this, given that at least a VIP setup requires non-public IPs on the WAN interfaces. If we ditched VIPs, could the modems remain in 'passthroug' mode?
2. It is recommended to use VIPs to make failovers as seemless as possible. What exactly makes a non-VIP setup less seemless? Would not the secondary MX take on the static IP settings from the primary, and thus start to communicate with the modem imitating the primary?
3. Why do some people suggest we need multiple public IPs for the VIP solution to work? Assuming modem owns the public IP and forwards relevant traffic to the VIP shared between the MXs, why would we need 3 public IPs per ISP (I've seen people suggest that each MX requires a public IP as well as the VIP interface - how can an IP need an IP?)
4. Can HA even work with an MG21E? I know the MG21E has two lan ports, so perhaps it can work withoug a VIP setup. But I seem to be unable to create internal subnets and VLANs on the gateway- so a VIP setup seems impossible for sure...?
Probably not great to ask 4 questions at once, but I assume some answers will have bearing on all three. Any info/suggestion/clarifcation will be of help!