vMX scale out

SOLVED
ByronZ
Here to help

vMX scale out

Hi,

 

We use MX64/67 in our branches, and they connect to our resources via AutoVPN to the vMX in Azure. Each branch has 2 ISP, configured as Active/Passive in the MX with AutoVPN. 

 

The vMX in Azure has a maximum number of VPN of 250. We are sure to surpass this maximum number of tunnels in the coming months. Now it is time to think about how I can scale it out. I am not able to find any documents on this scenario.

 

Does anyone have any suggestions on how I can design it? Thanks

 

BZ

1 ACCEPTED SOLUTION
Inderdeep
Kind of a big deal

@ByronZ : The "official" Meraki documentation says it can do 250 (but it is very conservative).  So if you feel you don't want to take on this small risk then you would need to get a pair of them, and put half the spokes on one and half on the other. Aaron also has a guide for doing this using templates.

https://www.willette.works/active-active-meraki-sd-wan-headends/

 

Check this post by @PhilipDAth 

https://community.meraki.com/t5/Security-SD-WAN/vMX-on-Azure/td-p/49232 

Regards
Inderdeep Singh
www.thenetworkdna.com ( Awarded by Cisco IT Blogs award 2020)

View solution in original post

3 REPLIES 3
Inderdeep
Kind of a big deal

@ByronZ : The "official" Meraki documentation says it can do 250 (but it is very conservative).  So if you feel you don't want to take on this small risk then you would need to get a pair of them, and put half the spokes on one and half on the other. Aaron also has a guide for doing this using templates.

https://www.willette.works/active-active-meraki-sd-wan-headends/

 

Check this post by @PhilipDAth 

https://community.meraki.com/t5/Security-SD-WAN/vMX-on-Azure/td-p/49232 

Regards
Inderdeep Singh
www.thenetworkdna.com ( Awarded by Cisco IT Blogs award 2020)

View solution in original post

Thanks Inderdeep for the quick response. Very nice article. Looks like it does support scaling out. 

 

BZ

PhilipDAth
Kind of a big deal

You could also get a single VMX Large if you want to keep the config simple.  Basically change no Meraki config, just the virtual appliance in Azure.  It is rated to 1,000 VPN tunnels.

https://meraki.cisco.com/product-collateral/mx-sizing-guide/?file 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels