Skip to main content
Cisco Meraki Documentation

Mesh Deployment Guide

A key factor in determining network design is whether Meraki’s unique mesh networking capabilities need to be used. Mesh networks allow several access points to wirelessly share a single Internet connection. There are several key terms and guidelines that should be understood to ensure successful deployment of a Cisco Meraki mesh network. The Cisco Meraki mesh documentation is good reference outlining the main components, algorithm and the monitoring tools available. 

Mesh Network Components

In a mesh network, access points can be in one of two states: Gateway, or Repeater.


Gateway access points are connected directly to the wired network, granting it an uplink to the Internet. If a gateway loses its Internet connection, it will look for a nearby gateway and automatically fail over to acting as a repeater, without dropping active wireless client connections.


Meraki determines whether a device should be a repeater or a gateway on boot when the unit sends out a DHCP request. If it receives a DHCP reply from a device on the wired network, it assumes that it has a valid LAN connection and will become a gateway access point. If a gateway access point is unable to reach the LAN gateway/upstream router, the access point will fail over to repeater mode.


Repeater access points are not directly connected to the wired network, instead relying on wireless mesh links to reach the Internet. As long as the repeater has power and a strong (unobstructed, line-of-sight) wireless connection to another repeater or gateway, it will form a mesh link.


Please note, it is not possible to configure a static IP address for a repeater access point; doing so will automatically designate the device as a gateway instead of a repeater.

Note: Both gateways and repeaters can serve wireless clients. It is possible to have multiple gateways in a mesh network, and repeaters will automatically choose the gateway to which it has the strongest connection.

Note: Only Cisco Meraki access points can function as repeaters and gateways. Wireless MX security appliances, Z-Series teleworker gateways, and third-party access points cannot participate in a wireless mesh.

Site Preparation and Planning

Site survey

We recommend that you perform a radio site survey before installing the equipment. A site survey reveals characteristics such as interference, Fresnel zone, or logistics problems. A proper site survey involves temporarily setting up mesh links and taking measurements to determine whether your antenna calculations are accurate. Determine the correct location and antenna before drilling holes, routing cables, and mounting equipment.

Note: When power is not readily available, we recommend the use of an uninterruptible power supply (UPS) to temporarily power the mesh link.

Antenna selection

Selecting the appropriate external antenna for each access point in the mesh design is an important part of the design process. There are a number of external antenna options available from Cisco Meraki. In most cases, antennas with very narrow beam-widths are ideal for backhaul connections spanning long distances. The datasheet for the antenna will define the Half Power Beam-Width (HPBW) and the gains of the antenna. The information on the datasheet will help identify the best antenna for the application, however it is always recommended to have a Cisco Meraki Partner assist and verify the RF design of the mesh network. 

Maximize RF line of sight

A wireless signal travels most effectively through open space. As such, an AP with an omni-directional antenna should be positioned to maximize its line of sight both to wireless users and all needed coverage areas. "RF line of sight" is different than "visual line of sight" due to the way RF propagates though the air. 

Fresnel zones

A Fresnel zone is an imaginary ellipse encompassing the visual line of sight between the transmitter and receiver. As radio signals travel through free space to their intended target, they could encounter an obstruction in the Fresnel zone, degrading the signal. Best performance and range are attained when there is no obstruction of this Fresnel zone. Fresnel zone, free space loss, antenna gain, cable loss, data rate, link distance, transmitter power, receiver sensitivity, and other variables play a role in determining the throughput and reach of your mesh link goes. Functional links can still be made as long as 60% to 70% of the Fresnel zone is unobstructed, as illustrated in the figure below. A Cisco Meraki Partner can help assess a network design for appropriate clearance of the Fresnel zone.


Screen Shot 2015-09-14 at 4.30.00 PM.png


In addition to free space path loss and line of sight, weather can also degrade a mesh link. Rain, snow, fog, and any high humidity condition can slightly obstruct or affect the line of sight, introducing a small loss (sometimes referred to as rain fade or fade margin), which can have a small effect on the mesh link. If you have established a stable mesh link, the weather should not be a problem; however, if the link is poor to begin with, bad weather can degrade performance or cause loss of link.

Ideally, you need a line of sight; a white-out snow storm does not allow a line of sight. Also, while storms may make the rain or snow itself appear to be the problem, many times it might be additional conditions caused by the adverse weather. For example, perhaps the antenna is on a mast pipe and the storm is blowing the mast pipe or antenna structure and that movement is causing the link to come and go, or there might be a large build-up of ice or snow on the antenna.

Typical Deployment Models 


In the point-to-point mesh scenario, one gateway access point provides access to one repeater access point. By default, the repeater access point will broadcast and serve all of the same SSIDs as the gateway access point. "AP tagging" may be used to disable specific SSIDs on the repeater. The repeater can extend an Ethernet segment from the gateway access point at the same time as providing wireless access to clients. Further discussion on Ethernet bridging is found below. 


Applications for which this deployment scenario is appropriate include:

  • Bridge link between a main office and a remote temporary office

  • Extend the reach of infrastructure-based wireless network at a campus to less critical, hard-to-reach areas like sports fields or parking lots

  • Extend a secure network from an industrial core to a non-mission-critical or temporary roadhouse or satellite building 


Screen Shot 2015-09-14 at 7.09.17 PM.png

Point to multi-point / Multi-point to multi-point

In the point to multi-point scenario, one or more gateways serve multiple repeaters. All gateways and repeaters may broadcast the same SSIDs and serve wireless clients.


Applications that these deployment scenarios are appropriate for include:

  • Provide backhaul for multiple temporary buildings

  • Reach remote wireless access point clusters

  • Cover low bandwidth subscribers over a large area


Note: Any gateway may be used by a mesh repeater in the same dashboard network if more control is required a separate network may be used. 

Access Point Capabilities

All Cisco Meraki MR access points support mesh without any additional configuration or licensing. The most successful mesh deployments undergo both pre-deployment design and post-design testing phases.

Independent of general technology specifications listed on the datasheet, each access point has unique mesh characteristics. A Cisco Meraki Systems Engineer is the best resource to ensure that the access point's capabilities match the desired design targets. The Cisco Meraki Trial Program allows customers to run a real world proof of concept to test the design. It is best practice to reach out to a Cisco Meraki account representative to discuss the design with a Cisco Meraki Systems Engineer and to arrange a trial for a proof of concept.

Note: It is recommended to stage access points before deploying to ensure that they update to the latest firmware and download the proper configuration from the Meraki Dashboard. Once deployed, firmware and configuration updates may occur over the mesh network. 

Deployment Considerations

There are several guidelines that should be followed to ensure a successful mesh deployment:

Wireless client handling on a repeater

VLANs and other SSID settings like firewall and traffic shaping settings will be maintained on SSIDs that are served by repeater access points. 

Gateway-to-repeater ratio 

In general, it is desirable to have as many gateway access points as possible to maximize overall network performance and reliability. As a general guideline, it is recommended to plan for no more than two repeater access points attached to each gateway access point.

Maximum mesh hops 

There will be a throughput reduction (~50% reduction) with each “hop” in a mesh. It is recommended that a mesh network be designed for no more than one mesh hop from the gateway to client device.

Multi-path mesh 

In order to ensure that there are multiple failover paths, it is recommended that each mesh access point has at least three strong “neighbors”, or other access points in the mesh that the access point can “see”. The Mesh Documentation gives an overview of the different monitoring tools available on the Meraki Dashboard, including an overview of the Neighbors Table. 

Ethernet bridging

The gateway access point may be configured to connect to a trunk port and trunk SSIDs to different VLANs. Repeaters will also serve SSIDs trunked on different VLANs. However, only one SSID & associated VLAN may be configured to bridge wired clients across a mesh link on a repeater access point's Ethernet port. A mixture of wired clients and Cisco Meraki access points attached to one MR repeater interface is not a supported deployment configuration. This is due to the auto detection mechanisms that Cisco Meraki access points use to infer when they should function as a gateway or a repeater.

Mesh wired access may be treated like a traditional point-to-point link with a router on the remote site. Access points may connected to a repeater with a Layer 3 router separating the broadcast domains. For further discussion on this design, see Extending the LAN with a Wireless Mesh Link documentation article. 

Note: Wired clients are not subject to the same authentication requirements that wireless clients are subject to. Wired clients will bypass authentication methods such as PSK and RADIUS and gain network connectivity as though they had associated to the SSID.

Wireless mesh data rate

Wireless data rate selection is an important mechanism for effective use of the available RF spectrum. The data rate can also affect the throughput of client devices, and throughput is an important metric used by industry publications to evaluate vendor devices.

Dynamic Rate Adaptation (DRA) introduces a process to estimate the optimal rate for packet transmissions. It is important to select rates correctly. If the rate is too high, packet transmissions fail, causing communication failure. If the rate is too low, the available channel bandwidth is not used efficiently, creating the potential for network congestion and collapsed links. Cisco Meraki access points use a customized, fully-automatic Dynamic Rate Adaptation algorithm when establishing mesh links. 

Frequency/radio usage

Any channel that a Cisco Meraki access point is permitted to operate on can be used for mesh. The channel availability for a particular access point model is subject to regulatory domain restrictions and certification. The access points do not prefer one band over another, as described in the algorithm section of the mesh documentation. Both radios on a Cisco Meraki access point may be used concurrently for mesh while also serving wireless clients. 

Note: A given mesh backhaul link will only be on one radio, either 2.4 or 5GHz, not both in parallel.  It will be either a 2.4GHz mesh link or a 5GHz mesh link, one or the other but not both concurrently.  However, the mesh and/or repeater AP can concurrently serve clients in addition to providing mesh connectivity.  However to help maximize performance, the recommendation is to not use mesh links/radios to also serve clients, but remain dedicated for mesh. 

An access point in repeater mode may not always honor manual channel settings; more details on manually influencing the mesh channel can be found in this documentation article

DFS Recommendation 

It is recommended to avoid DFS channels using the "Exclude DFS channels" option on the Wireless > Configure > Radio settings page for greatest reliability. A DFS event will cause access points to silence communication on the affected channel and temporarily move to another channel as described in the DFS documentation article.

Mesh convergence time 

The Cisco Meraki mesh algorithm is designed for stationary access points with variable links. The algorithm sends out periodic discovery frames of varying sizes on the 2.4 GHz and 5 GHz data radios to discover mesh neighbors. More discussion on neighbor discovery and gateway selection can be found in the Mesh documentation article. After one neighbor is selected as the gateway, new routes are passively identified on the same operating channel. A mesh link may take a couple minutes to establish and may not always be used for every data flow as a newer route with better link metrics may become available. 

Note: The Cisco Meraki mesh algorithm is not optimized for access points that are moving. 

Multi-VLAN support over Mesh 

Cisco Meraki APs will allow traffic from multiple VLANs over Mesh links. This feature can be enabled by calling in our support team. There are a couple of conditions that need to be met in order to support this functionality:

1. Clients wired directly into Meraki APs need to be enabled for a specific SSID where multiple VLANs are used. This option is found in Network Wide > General option.

Screen Shot 2021-05-14 at 2.23.57 PM.png

2. SSID configuration has to be Bridge Mode. This option is found in Wireless > Access Control > Client IP assignment option.

Screen Shot 2021-05-14 at 2.28.02 PM.png

Note: Multi-VLAN support over Mesh is support with 28.1 and higher firmware version only.

If you plan to have one or more access points behind the repeater, you need to have a L3 device separating them as stated on this KB. 

  • Was this article helpful?