Warm Spare one ISP/30 config using switch stack as breakout switch
We are bringing a second MX84 online as a warm spare, the problem is that our ISP gives us one /30 address and we do not want to use a breakout switch in front of the MX84's but do it in the switch stack.
So, I created a new vlan 666, brought the ISP into port one of switch 1 with VLAN 666, then also included port 2 and 3 in switch one for VLAN 666 to wire into WAN 1 of each MX, essentially creating a hub to split the ISP. I'm unsure when creating the vlan if I should use "same or unique" setting in the subnetting. If I use same I need to enter the MX IP, is that the primary MX IP?
Not only is the usage of an internal infrastructure for your WAN-VLAN a very bad security practice, I assume that you will really run into problems when you do this with your template-based networks. But as this VLAN will never be routed outside the local site, you can use "same" here. For the IP, it is irrelevant as it will not work in a secure way. For a setup like this you would need an additional VRF on the MX what is not available. Your setup will bridge the internet into your internal network.
Do yourself a favour and place a small Ethernet-Router in front of the MXes and/or let the Provider assign a /29 network and use a small L2-switch. This could also be a cheap unmanaged switch.
Each MX needs its own IP address. You need at least a /29 from your ISP to make this work using a single ISP connection. You could also consider getting a second /30 connection from the ISP, one for each MX.
You could also plug the /30 into only the primary MX, and then get something like an MG21 cellular gateway, and plug both MX into that.