Swap primary mx250

Marsrock2021
Getting noticed

Swap primary mx250

Have 2 mx250 in primary/slave config. 

I had backup Internet link installed first connected to second mx250. I now have primary Internet connected to first mx250. If I swap primary is there much of down time for users during the switch over. 

 

If it goes bad what's the easiest way to swap back to the second as primary and the backup Internet connection. 

9 Replies 9
PhilipDAth
Kind of a big deal
Kind of a big deal

It depends on the type of failure.  Failover time can be 10s to 5 minutes.

Marsrock2021
Getting noticed

Thanks for that. 

 

It won't be a fail over. I want to swap the primary and the warm spare on the dashboard so the Internet connection on the current spare becomes the primary Internet for end users.

PhilipDAth
Kind of a big deal
Kind of a big deal

That is likely to have next to no outage.  Barely detectable.

Owen
Getting noticed

Not advisable for the middle of production hours.

 

If I'm not mistaken swapping the MX's over in the warm spare topology will induce a reboot of both firewalls. This will break all user sessions. Certainly noticable.

PhilipDAth
Kind of a big deal
Kind of a big deal

I don't believe it will cause a reboot.  When I have done it in the past no one has even noticed.

DarrenOC
Kind of a big deal
Kind of a big deal

I concur with @PhilipDAth. Your users shouldn’t notice and it won’t cause a reboot of both MXs.

 

Always best to be safe and action during an outage window. Gives yourself some breathing space and peace of mind should anything unexpected happen.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Marsrock2021
Getting noticed

Thanks guys. 

 

As both mx 250 are online with different public ip addresses (no vip) should users have any issue when switch over happens or will it just switch from one public ip to the other. 

 

We don't have vips setup as there are no spare ip addresses on a temporary link but plan to do that later. 

 

We haven't anything yet either that is coming back in on either public ip so OK there too. 

PhilipDAth
Kind of a big deal
Kind of a big deal

You don't need a VIP.

 

Anyone doing a long-lived stream (like a long download or watching a YouTube stream) will get interrupted.  Those doing things like web browsing, using Office 365, etc, might get a minor interruption and then it will just continue on.

Marsrock2021
Getting noticed

I switched them over at lunch time. 

 

Only dropped 2 pings. 

 

Dropped a zoom call for 5 seconds which was great. 

 

Thanks everyone. 

 

Ye all so helpful. 

 

 

Get notified when there are additional replies to this discussion.