Routed mode , HUB/Spoke

SOLVED
GregLiu
Here to help

Routed mode , HUB/Spoke

Hi Guys,

 

Just wondering that any technical reason the routed mode with NATed enabled MX, the bgp autovpn can not support EBGP peering with IOS based devices? it seems only support static for the current released code.

 

 

Cheers,

Greg

 

 

 

1 ACCEPTED SOLUTION
Bruce
Kind of a big deal

The technical reason (if you can call it that) is because it was designed that way. The whole idea of the Meraki Hub is to run it in concentrator mode behind a firewall so that it can provide paths across both MPLS and internet based carriage. That all said, you can obviously run a MX in routed mode as a hub too, it just depends on your requirements.

 

As you point out, the OSPF and eBGP dynamic routing are intended to be used in concentrator mode to pass routes to the DC core (and also receiver them in the case of eBGP).

 

The interesting part is that you can also use OSPF in routed mode too, although you have to have the MX running in Single VLAN addressing mode. Then you form an OSPF neighbour relationship on the internal interface of the MX. There is a document that actually states that this is supported.

 

Now what you won’t find listed as supported in any Meraki document is using a MX in routed mode, in Single VLAN addressing mode, running eBGP from the internal interface. I have heard however that this can be enabled through a call to support, although they may be reluctant to do it. Never tried it myself, but it’s worth a try - and it’s definitely ‘beta’.


In both cases you need to be on the MX15 code.

View solution in original post

3 REPLIES 3
Bruce
Kind of a big deal

The technical reason (if you can call it that) is because it was designed that way. The whole idea of the Meraki Hub is to run it in concentrator mode behind a firewall so that it can provide paths across both MPLS and internet based carriage. That all said, you can obviously run a MX in routed mode as a hub too, it just depends on your requirements.

 

As you point out, the OSPF and eBGP dynamic routing are intended to be used in concentrator mode to pass routes to the DC core (and also receiver them in the case of eBGP).

 

The interesting part is that you can also use OSPF in routed mode too, although you have to have the MX running in Single VLAN addressing mode. Then you form an OSPF neighbour relationship on the internal interface of the MX. There is a document that actually states that this is supported.

 

Now what you won’t find listed as supported in any Meraki document is using a MX in routed mode, in Single VLAN addressing mode, running eBGP from the internal interface. I have heard however that this can be enabled through a call to support, although they may be reluctant to do it. Never tried it myself, but it’s worth a try - and it’s definitely ‘beta’.


In both cases you need to be on the MX15 code.

🙂

 

This is make sense solution, as it is support ospf and static with route mode :);

 

the ebgp support will make some network migration more smooth as so much feature sets, and easy to scale out;

like the idea on talking to support get the bgp enabled for testing only, not production until it is officially supported and CVD verified it. 

 

just some thought, it would be nice if the MX able to converge these Routed, NATing, security and routing protocol ebgp, regardless the fate-sharing drawback;

 

However, the modular design from  CVD is nice!

 

anyway, thanks a lot for these info.

 

Cheers,

Zsombor
Comes here often

The fact that this is the only comment i can find mentioning "you can obviously run a MX in routed mode as a hub too" bothers me..

 

We are planning an SD-WAN network for a costumer, where we want to use an MX as the VPN hub, perimeter firewall and LAN GW. Plus there are some low traffic public services that needs 1:1 NAT to a public IP pool.

 

Because of the lack of BGP option on the WAN port, a Cisco router would be the CE handling the two Inet uplinks and the public IP pool advertisement to the PE.

 

As far as I see, it should work, even with warm spare redundancy if there's an SVI in the CE , but I cannot find any confirmation. Only this sentence..

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels