Meraki

Community

best practice for Meraki Hub and Spoke Topology

Solved
MirzaDz
Getting noticed
‎Oct 16 2024 4:21 AM
‎Oct 16 2024 4:21 AM

best practice for Meraki Hub and Spoke Topology

Hello,

 

Can anyone share experience regarding building Hub and Spoke topology with Meraki MX devices. Is it better on Hub location(where we have 2 MX device) create HA pair with VRRP and connect spokes and LAN to one virtual IP or use 2 separate devices without HA, and connect spokes to both Hubs and from Lan route traffic on Hub1 or Hub2 . 

 

Thank you,

Best regards 

Labels:
0 Kudos
1 Accepted Solution
GreenMan
Meraki Employee
Meraki Employee
‎Oct 16 2024 5:07 AM
‎Oct 16 2024 5:07 AM

If the two MXs are at a single Hub location, you may well find it better (certainly simpler) to deploy them as a warm spare pair.   Remember that you only need one MX license for that pair, too.  If you have them separately, in their own Network, you need to license both separately.

View solution in original post

6 Replies 6
GreenMan
Meraki Employee
Meraki Employee
‎Oct 16 2024 5:07 AM
‎Oct 16 2024 5:07 AM

If the two MXs are at a single Hub location, you may well find it better (certainly simpler) to deploy them as a warm spare pair.   Remember that you only need one MX license for that pair, too.  If you have them separately, in their own Network, you need to license both separately.

In response to GreenMan
MirzaDz
Getting noticed
‎Oct 16 2024 5:25 AM
‎Oct 16 2024 5:25 AM

Hello,

 

Thank you for your quick answer. Yes both MXs are at single Hub. For now it will have just one ISP and in future additioanl one. I guess than it is better if we create warm spare, on wan interface to use shared IP, so spokes point to that shared IP ?As i see VRRP is not active on WAN interface and in case of failure wan interface thorugh LAN VRRP message it sends smaller priority right?

 

Regarding the LAN(it will be 1 subnet/vlan with L3 switch) if the connection going on stack with 2 switches  do you have recommendation how to setup  active connections from both mxs and backup to be blocked because of STP ? 

 

Thank you,

Best regards,

0 Kudos
GreenMan
Meraki Employee
Meraki Employee
‎Oct 17 2024 2:08 AM
‎Oct 17 2024 2:08 AM

I'd recommend reading this in it's entirety.  From what you've described, take particular note of the Routed mode sections:   https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair

0 Kudos
In response to GreenMan
MirzaDz
Getting noticed
‎Oct 17 2024 2:41 AM
‎Oct 17 2024 2:41 AM

Hello,

 

Excatly i follow this document and above is what i concluded. Just wanted to hear from someone like you who already has experience is this good direction am i right

Thank you,

Best regards,

0 Kudos
GreenMan
Meraki Employee
Meraki Employee
‎Oct 17 2024 4:28 AM
‎Oct 17 2024 4:28 AM

If you have just a single subnet and a small network at the site in question, I'm wondering why you want that to be a Hub at all - it doesn't sound like a Data Centre type location..?   Remember that you almost always make an MX a Hub because there's something at that site that you want to be available from a number of remote sites via a secure connection (usually across the Internet).   Those remote sites then becomes Spokes, connected back to that Hub.

0 Kudos
In response to GreenMan
MirzaDz
Getting noticed
‎Oct 17 2024 11:45 AM
‎Oct 17 2024 11:45 AM

Hello,

 

Yes on HUB site is networks and application which needs to be available from a lot of remote location (spokes).

 

Best regards,

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.