All Meraki MX security appliances have a second uplink that can be used for load balancing and redundancy purposes. This article will show you how to Enable and configure the second uplink, load balancing between uplinks.
1. How to Enable and configure WAN 2:
– Some MX models (MX250, MX400, MX450, MX600) have a dedicated second uplink port (WAN 2). To be able to use this port you need to configure it on the page MX’s local status. On other MX models, the LAN port can be configured as a second internet port for use as WAN 2.
– To enable and configure WAN 2 on MX devices that do not have a dedicated WAN 2 port:
- Access MX’s local status by the device’s LAN IP address, which is the default serial number of the device is the username and password, leave blank.
- Select Configure tab at the top of the page.
- Under Port 1, 2, or 4 (depending on MX model), move Role to Internet.
– Configure WAN port according to your needs.
- VLAN tagging – Assign VLAN tag to all traffic sent out from this port. If set Don’t use VLAN taggingoutgoing traffic will not be tagged.
- Connection Type – Select PPPoE if necessary. If not, please choose Direct.
- IP assignment – If you want the interface to receive a dynamic address, select DHCP settings. If not, select Static and configure Address, Netmask, Gateway, and DNS servers.
– Once WAN 2 is configured and connection is complete, options for it will appear Security & SD-WAN > Configure > SD-WAN & Traffic shaping.
2. Configure Load Balancing:
– MX devices can be configured to use both uplinks for load balancing. When load balancing is enabled at Security & SD-WAN > Configure > SD-WAN & Traffic shaping, traffic will be distributed between two uplinks. Load distribution is based on WAN 1 and WAN 2 throughput configured in section Uplink configurationuplinks with higher throughput will deliver more flows.
– In the example below, WAN 1 is configured for 50Mb/s and WAN 2 is configured for 10Mb/s. Since the ratio is 5/1, for every five flows sent over WAN 1, one flow will be sent over WAN 2.
3. Flow Preferences:
– By default (without load balancing) internet traffic will use primary uplink. MX devices can be configured to send traffic out a specific interface based on the type of traffic (policy-based routing) or based on the quality of each uplink (performance-based routing).
– Flow options for internet connections can be configured to force traffic through specific uplinks based on source and/or destination.
– To create Flow Preferences for internet traffic:
+ Go to Security & SD-WAN > Configure > SD-WAN & Traffic shaping.
+ At Flow preferencesin section Internet trafficselect Add a preference.
.
+ Specify the amount of traffic using a specific uplink using the options below:
- Protocol – TCP, UDP, or Any.
- Source – Source IP, use CIDR.
- Src port – Source port, or “Any”.
- Destination – Destination IP, using CIDR
- Dst port – Destination port, or “Any”.
- Preferred uplink – Uplink to which this traffic will be sent.
+ Select Save Changes.
!!! Thank you for following this article!!!
Xem tiếp...