The Virtual Router Redundancy Protocol (VRRP) - Solution Examples

Download The Virtual Router Redundancy Protocol (VRRP) - Solution Examples

Post on 19-May-2015

1.476 views

Category:

Documents

8 download

Embed Size (px)

DESCRIPTION

VRRP - Configuration Examples

TRANSCRIPT

<ul><li> 1. Manual:VRRP-examples1Manual:VRRP-examplesApplies to RouterOS: v3, v4VRRP Configuration ExamplesThis section contains several useful VRRP configuration examplesBasic SetupThis is the basic VRRP configuration example.According to this configuration, as long as the master, R1, is functional, all traffic destined to the external networkgets directed to R1. But as soon as R1 fails, R2 takes over as the master and starts handling packets forwarded to theinterface associated with IP(R1). In this setup Router R2 is completely idle during Backup period.</li></ul> <p> 2. Manual:VRRP-examples2ConfigurationR1 configuration:/ip address add address=192.168.1.1/24 interface=ether1/interface vrrp add interface=ether1 vrid=49 priority=254/ip address add address=192.168.1.254/32 interface=vrrp1R2 configuration:/ip address add address=192.168.1.2/24 interface=ether1/interface vrrp add interface=ether1 vrid=49/ip address add address=192.168.1.254/32 interface=vrrp1TestingFirst of all check if both routers have correct flags at vrrp interfaces. On router R1 it should look like this/interface vrrp print 0RM name="vrrp1" mtu=1500 mac-address=00:00:5E:00:01:31 arp=enabled interface=ether1 vrid=49priority=254 interval=1 preemption-mode=yes authentication=none password="" on-backup=""on-master=""and on router R2:/interface vrrp print 0 B name="vrrp1" mtu=1500 mac-address=00:00:5E:00:01:31 arp=enabled interface=ether1 vrid=49priority=100 interval=1 preemption-mode=yes authentication=none password=""on-backup="" on-master="As you can see vrrp interface mac addresses are identical on both routers. Now to check if vrrp is working correctly,try to ping virtual address from client and check arp entries:[admin@client] &gt; /ping 192.168.1.254192.168.1.254 64 byte ping: ttl=64 time=10 ms192.168.1.254 64 byte ping: ttl=64 time=8 ms2 packets transmitted, 2 packets received, 0% packet lossround-trip min/avg/max = 8/9.0/10 ms[admin@client] /ip arp&gt; printFlags: X - disabled, I - invalid, H - DHCP, D - dynamic # ADDRESS MAC-ADDRESS INTERFACE ... 1 D 192.168.1.254 00:00:5E:00:01:31 bridge1Now unplug ether1 cable on router R1. R2 will become VRRP master, ARP table on client will not change buttraffic will start to flow over R2 router.Load sharingIn basic configuration example R2 is completely idle during Backup state. This behavior may be considered as wasteof valuable resources. In such circumstances R2 router can be set as gateway for some clients.The obvious advantage of this configuration is the establishment of a load-sharing scheme. But by doing so R2router is not protected by current VRRP setup.To make this setup work we need two virtual routers. 3. Manual:VRRP-examples 3Configuration for V1 virtual router will be identical to configuration in basic example - R1 is the Master and R2 isBackup router. In V2 Master is R2 and Backup is R1.With this configuration, we establish a load-sharing between R1 and R2; moreover, we create protection setup byhaving two routers acting as backups for each other.ConfigurationR1 configuration:/ip address addaddress=192.168.1.1/24 interface=ether1/interface vrrpadd interface=ether1 vrid=49 priority=254/interface vrrpadd interface=ether1 vrid=77/ip address addaddress=192.168.1.253/32 interface=vrrp1/ip address addaddress=192.168.1.254/32 interface=vrrp2R2 configuration:/ip address addaddress=192.168.1.2/24 interface=ether1/interface vrrpadd interface=ether1 vrid=49/interface vrrpadd interface=ether1 vrid=77 priority=254/ip address addaddress=192.168.1.253/32 interface=vrrp1/ip address addaddress=192.168.1.254/32 interface=vrrp2 4. Manual:VRRP-examples 4VRRP without PreemptionEach time when router with higher priority becomes available it becomes Master router. Sometimes it is not desiredbehavior which can be turned off by setting preemption-mode=no in vrrp configuration.ConfiguratonWe will be using the same setup as in basic example. Only difference is during configuration setpreemption-mode=no. It can be done easily modifying existing configuration:/interface vrrp set [find] preemption-mode=noTestingTry turning off R1 router, R2 will become Master router because it has highest priority among available routers.Now turn R1 router on and you will see that R2 router continues to be Master even if R1 has higher priority.VRRP and scriptsSee Also VRRP Scripting[ Top | Back to Content ] 5. Article Sources and Contributors 5Article Sources and ContributorsManual:VRRP-examples Source: http://wiki.mikrotik.com/index.php?oldid=21961 Contributors: Janisk, MarisbImage Sources, Licenses and ContributorsImage:Version.png Source: http://wiki.mikrotik.com/index.php?title=File:Version.png License: unknown Contributors: NormisImage:vrrp-basic.png Source: http://wiki.mikrotik.com/index.php?title=File:Vrrp-basic.png License: unknown Contributors: MarisbImage:vrrp-load-sharing.png Source: http://wiki.mikrotik.com/index.php?title=File:Vrrp-load-sharing.png License: unknown Contributors: Marisb</p>