Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

vMX Deployment in AWS x 5 - Gotchas?

LeighH
Just browsing
‎Dec 8 2023 2:06 AM
‎Dec 8 2023 2:06 AM

vMX Deployment in AWS x 5 - Gotchas?

Hello folks,

 

We're looking at installing 5 x vMX into our 5 x AWS Availability Zones (3 prod, 2 dev).  The plan is to use SD-WAN from the remote sites to allow for circuit failure on site from WAN1 to WAN2 built with AutoVPN to the 5 AZs.

 

From what we can see all looks rather straightforward.  We'll deploy using using QuickStart (https://aws-quickstart.github.io/quickstart-cisco-meraki-sd-wan-vmx/) to get the scripting in place, and then integrate into Meraki Dashboard (https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(... , before putting the SD-WAN overlay together.

 

It all seems far too simple, so I'm expecting to face plant a few nasties along the way.  Has anyone done this type of deployment and would you be willing to share any Gotchas that we should look out for?

 

Best, Leigh

Labels:
0 Kudos
Subscribe
2 Replies 2
MyHomeNWLab
A model citizen
‎Dec 8 2023 3:50 AM
‎Dec 8 2023 3:50 AM

The AWS Quick Start scripts are designed for a Hub & Spoke architecture.

A Hub cannot learn the routes of other Hubs.

There are multiple environments, such as Prod and Dev, so there is a possibility of being affected by this constraint.

 

  Auto VPN Topology Limitation: AWS vMX does not learn the routes of other Hubs. · Issue #24 · aws-quickstart/quickstart-cisco-meraki-sd-wan-vmx
  https://github.com/aws-quickstart/quickstart-cisco-meraki-sd-wan-vmx/issues/24

 


The creation of a new AWS Transit Gateway is a prerequisite. Therefore, specifying an existing Transit Gateway is not possible.


  Make TGW creation optional · Issue #16 · aws-quickstart/quickstart-cisco-meraki-sd-wan-vmx
  https://github.com/aws-quickstart/quickstart-cisco-meraki-sd-wan-vmx/issues/16


If you plan to deploy Meraki vMX, it is recommended to review the script to ensure operational readiness.

Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 9 2023 11:03 AM
‎Dec 9 2023 11:03 AM

That is a little bit of an unusual design - a VMX per AZ - but if I get the jist of what you want to do - each VMX will be looking after a single subnet in a single AZ, and you don't need failover between the VMXs (as in, if a VMX goes down in one AZ you don't need a VMX in another AZ to take over its routing), because you'll simply do application failover between the AZs.

 

If this is the case, it will work fine.  You don't even need a transit gateway.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.