Meraki

Community

Uplink/Port settings from L3 Core to (L3?) MX

Solved
JackShep
Here to help
‎Jan 18 2024 7:10 AM
‎Jan 18 2024 7:10 AM

Uplink/Port settings from L3 Core to (L3?) MX

Hello Everyone, 

 

1.) We have an MX105 Pair connecting to an MS425-32 stack thats acting as our core at a site.

2.) The MS425 stack is handling all layer 3 and has OSPF running

3.) the MX105 only has a transit VLAN on it

 

My questions are:

 

How would you configure the uplinks/Transit VLAN between the MX and Core? 

 

On the MX should I even define VLANs or should we use the default Single LAN ? The Single LAN option shows as VLAN 0, so what should the port settings on the switch side be?

 

Should I be allowing all VLANs to pass for the Merakis to track clients correctly?

 

Should I be using Storm Control on the MX uplink ports?

 

Screenshot 2024-01-18 at 9.52.51 AM.pngScreenshot 2024-01-18 at 9.59.51 AM.pngScreenshot 2024-01-18 at 10.01.44 AM.pngScreenshot 2024-01-18 at 10.02.36 AM.pngScreenshot 2024-01-18 at 10.04.28 AM.png

Labels:
0 Kudos
1 Accepted Solution
DarrenOC
Kind of a big deal
Kind of a big deal
‎Jan 18 2024 9:05 AM
‎Jan 18 2024 9:05 AM

Hi @JackShep , i would configure both sides as Access ports and route between the two devices.  This is described in the link provided above using Vlan 50 and a /29 subnet configured on both the Mx and switch

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

View solution in original post

5 Replies 5
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 18 2024 7:44 AM
‎Jan 18 2024 7:44 AM

Maybe it will help you.

 

https://documentation.meraki.com/Architectures_and_Best_Practices/Recommended_Topologies/MX_and_MS_B...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
JackShep
Here to help
‎Jan 18 2024 8:27 AM
‎Jan 18 2024 8:27 AM

Thank you, I just noticed that they are using access ports between the MX and the L3 Stack. I had everything using trunk. Wonder if thats part of the problem. 

0 Kudos
DarrenOC
Kind of a big deal
Kind of a big deal
‎Jan 18 2024 9:05 AM
‎Jan 18 2024 9:05 AM

Hi @JackShep , i would configure both sides as Access ports and route between the two devices.  This is described in the link provided above using Vlan 50 and a /29 subnet configured on both the Mx and switch

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 18 2024 12:16 PM
‎Jan 18 2024 12:16 PM

>On the MX should I even define VLANs or should we use the default Single LAN ?

 

Personally, I always use VLANs.  And even when I use access ports between two devices, I still use the same VLAN number on both sides.

 

Then I know, no matter what device I am looking at, if I see vlan "x", what the intention or purpose is/was.

 

Fault finding can be much harder than building a network, so I want solutions to help me with the on-going operation of the network.

In response to PhilipDAth
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 18 2024 12:20 PM
‎Jan 18 2024 12:20 PM

I personally don't like routing in the Firewall, I always prefer to use an L3 switch for this and just create a link between the Core and the firewall.
 
Of course, this depends a lot on the project or client's needs, and also on the size of the site. On small sites, often only the firewall already meets the client's needs.
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.