Same IP addresses on WAN ports

suneq
Getting noticed

Same IP addresses on WAN ports

Hi,

 

I want to deploy around 100+ MX67W on remote sites (1 MX per site). Each site has always 2 Internet routers to which the MX67W will be connected. The WAN 1 and WAN 2 ports will be configured to obtain IP addresses with DHCP from the Internet routers. 

 

I tested with a quick lab and noticed that the MX67W worked fine with WAN 1 and WAN2 using the same IP adress 192.168.1.1 (provided by the Internet routers).

 

I have a few basic questions here 😊:

 

1. how it works (same IP on both uplinks) behind the scene? are WAN 1 and WAN2 ports on different VRF or something like that? Is it documented somewhere?

2. Is there any potential problem if we proceed the deployment like that (all uplinks of 100+ MX 67W will use the same IP 192.168.1.1)? 

 

Thanks for your advice.

 

3 Replies 3
KarstenI
Kind of a big deal
Kind of a big deal

I have never seen any documentation on it, but I assume that the MX is doing a VRF-like implementation. I still would use different IP-networks on WAN1 and WAN2. That way you can reach both WAN-devices from the internal network for troubleshooting (you also need Flow preferences for this).

Bruce
Kind of a big deal

Just to echo what @KarstenI said, even if it does work I’d keep things separate just from a troubleshooting standpoint, and if you need to connect to those WAN routers.

 

I can see why it would mostly work - since WAN1 never needs to know about WAN2 and vice-versa - and the upstream path only exists via a default route to the WAN interface, and it’s generally all NATed. But I’d still keep them in separate subnets.

suneq
Getting noticed

Thanks for your replies. I've noticed recently that I was mistaken from the beginning, my MX67 did not work with the same IP on WAN 1 and WAN 2, the WAN 2 status was failed.

I had a Meraki engineer on the phone and he confirmed that we can configure WAN 1 and WAN2 in the same subnet but they cannot share the same IP.

Sorry for the wrong information.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels