Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Warm Spare NAT mode

Sengly
New here
‎Mar 15 2021 6:53 PM
‎Mar 15 2021 6:53 PM

Warm Spare NAT mode

Hi team,

 

I try to read the document about Warm Spare NAT mode from here: https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair and this one provide good explanation but it didn't mention much about LAN part. And i have question below:

 

1. Will the MX secondary take over the role and use the IP that we assign as MX (both MX use the same IP)?

2. Connection from MX to Switch is control by STP like my attach picture?

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Picture1.png

 

 

3. For WAN port i can see that the recommend is to use 3 IP however, can we use only 1 IP if so what is the pros and cons?

0 Kudos
Subscribe
3 Replies 3
Bruce
Kind of a big deal
‎Mar 15 2021 7:01 PM
‎Mar 15 2021 7:01 PM

  1. Yes, when the secondary MX becomes active it uses the IP address of the primary MX, there is only one IP address for each VLAN on the LAN side.
  2. No, there will be one STP forwarding, and one STP blocking connection per MX. So in your diagram both links to Switch A would likely be 'STP Active'. The MXs communicate at Layer 2 all the time through VRRP frames.
  3. You can't use a single IP address on the outside for a HA pair of Meraki MX, you need a minimum of two - one for each MX, this is because the redundant MX still needs to communicate with the Meraki cloud. With three IP addresses the VPN shouldn't drop when you failover to the redundant MX (since one IP address is passed from the primary MX to the standby); with two IP addresses the VPN tunnels will be torn down and rebuilt as the IP address changes.
0 Kudos
Subscribe
In response to Bruce
Sengly
New here
‎Mar 15 2021 7:21 PM
‎Mar 15 2021 7:21 PM

Hi Bruce as you said both of the link from MX A to Switch A are active will it be loop in there? As we will use L2 on the stack switch and we don't have link aggregation on MX. 

0 Kudos
Subscribe
In response to Sengly
Bruce
Kind of a big deal
‎Mar 15 2021 9:17 PM
‎Mar 15 2021 9:17 PM

There will likely be an active link from MX A to Switch A, and an active link from MX B to Switch A; both the links to Switch B will be blocking. There won't be a loop (you are correct in saying that if both links to MX A were active then there would be a loop).

 

EDIT: I say 'likely' as you can never quite be sure which ports will get Blocked by spanning tree as you don't know the actual port costs; you can take a good guess, but sometimes an unexpected port gets blocked.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.