manual vrrp mikrotik

8/20/2019 Manual VRRP Mikrotik

1/29

High Availability on MikroTikRouterOS

GUILHERME RAMIRES


2/29

About me

Nome: Guilherme Ramires

System Analyst

CTO of Alive Solutions

Trainings, Consulting and Network Projects

CEO of Alive Store

Resale of Mikrotik Products

Mikrotik Consultant since 2009 MTCNA, MTCTCE, MTCWE, MTCRE, MTCUME and MTCINE

Mikrotik Training Partner since 2010

2


3/29

Index

Introduction

Resources to provide high avaibility

Virtual Routing – VRRP

ome xamp es o Resources available on RouterBoards

Final remarks

3


4/29

Introduction• High availability is a system ability to shape

physical or logic changes in order to maintain thenetwork UP the maximum possible time.

4

• It is possible to provide high avaibility on MikroTikRouterOS by using several protocols andtechniques. We also can find some interesting

resources on RouterBoards.


5/29

Let’s see what we can use toprovide high avaibility

Bonding

STP

tat c out ng Dynamic Routing

Virtual Routing (VRRP)

ByPass – On RouterBoards Redundant Power – On RouterBoards

5


6/29

Cont… All these resources you can use together or

maybe you can apply one of them according tothe problem you need to solve.

6

In most cases you need to use more than one toreach satisfactory results.

First step is understand the network topology.


7/29

Bridged network

7

ISP 1

• Only one ISP• Only one gateway LAN• No routing


8/29

Bonding

• Bonding works putting together two or more

interfaces in order to aggregate links or providerfailover.

• However in some cases the failover system can

8

a e more an secon s o wor .


9/29

Bonding

• Positives: Default configuration is very easy, several modes toaggregate and it is possible to use it with EoIP tunnels.

•

9

problems with excessive retransmissions in some modes.


10/29

(R)STP

• Spanning tree Protocol is used to provide loop free bridge networks.In the first moment the protocol elects a root bridge and than starts to

calculate loop free paths. If a loop is detect trough any port theprotocol disable this specific port or put it on standby mode.

10


11/29

STP

• Positives: You do not need to worry about L2 filters or useSplit Horizon to avoid loops. The protocol will analyze thetopology and do all the hard work to you.

11

• Negatives: If you have a huge network is important to makesome adjusts in order to make it work smoothly. Securityproblems too.

• More information about security problems with STP you can find here:http://mum.mikrotik.com/presentations/BR09/Seguranca_camada2_Maia.pdf


12/29

Routed network

BGP

OSPFRIP

12

ISP 1

ISP 2

BGP

• At least two ISP`s• Several gateways LAN• Segmented network


13/29

Static Routing

It is possible to provide high availability usingstatic routing too. However you need to forecastall possible problems that can happen.

13


14/29

Static Routing

• Positives: Can solve some specific problems that could be

more complicate to solve by changing your dynamicprotocol setup or even not possible to solve because thedynamic routing protocol just fail.

14

• Negatives: Human fail will happen on huge networks.Some failover solutions are very difficult to get in somecases.


15/29

Dynamic Routing

• We can solve the static routing hard working by using dynamicrouting protocols as: RIP, OSPF, MME, BGP, etc…

• The dynamic routing protocols are able to announce physicalor logical changes and according to their algorithms they canmake the necessary modifications on the routing table in order

15

.


16/29

Dynamic Routing

• Positives: These protocols can do the “hard work” for you.Easy to create one way flow to UPLOAD and other toDOWNLOAD without lose redundancy.

• Ne atives: These al orithms needs some c u usa e and

16

make changes to the routing table very often.


17/29

VRRP

• O Virtual Router Redundancy Protocol (VRRP) is a

network protocol that provides automatic assignment ofrouters available to participating hosts. This increases theavailability and confiability of routing paths by selecting

default atewa s automaticall .

17

• The protocol accomplishes this by creating virtual routergroups, which are an abstract representation of multiple

routers. The default gateway of a host participant isassigned to the virtual router instead of a physical router.


18/29

VRRP

• If the physical router that routes packets on behalf of

the virtual router fails, another physical router isautomatically selected to replace him. The physicalrouter that does the routing of packets in a given

18

.


19/29

VRRP Routers have priorities between 1-255 and the router

with the highest priority will be the master one. When a

planned withdrawal of a master router is about tohappen you may change its priority. Which means thatthe backup router will preempt the master router status

.

"black hole“ effect.

19


20/29

VRRP

• The default VRRP implementation isvery simple.

• Advanced parameters should beadjusted in order to get somedesired results like:

20

• Suppose you want the router R1 tobe always the master one. You haveto give it a bigger priority than R2and you must set “Preampetable

Mode=yes”.

• I have one live demonstration that can be found on tiktube page:http://www.tiktube.com/video/DEfH3aLmgGGHlICpIGqtpzpuDlEopEnI=


21/29

Soft configuration #1For Router R1:

/interface vrrp add interface=ether1 vrid=49 priority=150

/ip address add address=192.168.1.1/24 interface=ether1/ip address add address=192.168.1.254/2 interface=vrrp1

21

For Router R2:

/interface vrrp add interface=ether1 vrid=49 priority=100

/ip address add address=192.168.1.2/24 interface=ether1/ip address add address=192.168.1.254/2 interface=vrrp1


22/29

Soft configuration #2

Its is possible to make

load balance usingVRRP.

In this case you need

22

o crea e wo v r uarouting groups withdifferent IDs.


23/29

Soft configuration #2For Router R1:

/ip address add address=192.168.1.1/24 interface=ether1

/interface vrrp add interface=ether1 vrid=49 priority=150/interface vrrp add interface=ether1 vrid=!! priority=100

/ip address add address=192.168.1.25/2 interface=vrrp1


23

For Router R2:

/ip address add address=192.168.1.2/24 interface=ether1

/interface vrrp add interface=ether1 vrid=49 priority=100/interface vrrp add interface=ether1 vrid=!! priority=150




24/29

VRRP

• Positives: Fast response in case of physical failure, easy wayto replace devices without black hole periods and no routingtable modification.

24

• Negatives: In Nated networks some connections you willreset.


25/29

Resources on RouterBoards

ByPass

25

• Here you will find a great solution to redundant access pointsin your tower:

http://mum.mikrotik.com/presentations/PL12/grifonline.pdf


26/29

Power Redundancy

Resources on RouterBoards

• The RouterBoards can be fed simultaneously with DC jack andPOE Injector.

•

26

.

• The higher voltage is chosen.


27/29

Final considerations We conclude that a single redundancy feature may be

not enough not perform high availability.

However the mutual cooperation of all thesetechniques allows us to provide high availability.

27

All these features and techniques used in thispresentation are available in MikroTik RouterOS andthe RouterBoards.


28/29

Questions??

Guilherme [email protected]

www.fb.com/gmramireswww.fb.com/AliveSolutions

28


29/29

Thanks!!Hvala!!

manual vrrp mikrotik

Documents