Meraki

513gg · ‎Jun 25 2019

Thank you jdsilva. Noted on the /30 subnet front. I had naively assumed that the warm spare MX would pick up the same IP address schema as the active if the active failed. KB -https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS Really good KB, and my design is now based on the above, but ensuring the MPLS. Luckily the MPLS can connect out to the internet at a hub site, so it seems to be working so far.

513gg · ‎Jun 18 2019

Hi I am attempting a proof of concept for a new SD-WAN solution I am looking into and require some assistance on an issue I face with the Meraki MX devices, or possibly the MS switches in between them. Most standard MPLS / DIA providers only offer one RJ45 / SFP port from their router, and there is a requirement to ensure full resilience for the solution. I have two MX84 devices, HA pair. I have one cable from either internet provider and am following the below design. I have a transit VLAN (/30 subnet) between router and MX, using VLAN tagging. I have connected the routers into the MS switch on an access port on VLANX, and then connected the internet port of the MX to another port on the switch using the same VLAN. The MX is set with a static IP using VLAN tagging, however it just registers WAN2 as failed. If i plug the router directly into the internet port of primary MX, it works. I looked in the ARP table on both router and MX and neither has an APR entry for each other. I did a packet capture on the switches and I can see ARP requests for both IPs on router and MX but there is never an ARP reply. Has anyone managed to get a solution like the below working, or is there a better way of achieving redundancy without the need for human interaction to move cables?

Meraki

Community

About 513gg

513gg

Community Record

Badges

Re: SD-WAN - Resilience using downstream switch ports issue

SD-WAN - Resilience using downstream switch ports issue

Re: SD-WAN - Resilience using downstream switch ports issue