Failover using VRRP, OSPF & BFD -...
Transcript of Failover using VRRP, OSPF & BFD -...
![Page 1: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/1.jpg)
Failover using VRRP, OSPF & BFD
Federico Martín Perdichizzi
October 17th, 2016
Second Dubai MUM, Emirates
![Page 2: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/2.jpg)
• Bachelor’s Degree in Organization’s Information Systems (In progress)
• MTCNA (1511NA064)
• MTCRE (1511RE099)
• MTCTCE (1511TCE030)
• MTCINE (1604INE052)
• 4 years working in networking with MikroTik
About me
2
![Page 3: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/3.jpg)
• VRRP, OSPF & BFD: Description and properties
• Steps for configuration
• Testing failover
• Final comments
• Q & A
Outline
3
![Page 4: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/4.jpg)
Original Network Topology
4
![Page 5: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/5.jpg)
• Time to coordinate replacements
• Only 1 IP address allowed and unique gateway
• Building only accessible during working hours
• Second router with VRRP, OSPF & BFD
5
![Page 6: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/6.jpg)
• Virtual Router Redundancy Protocol (RFC 3768)
• Virtual interface over physical
• Priorities (Master: 255, Backups: 1-254)
• Time of convergence
• IP address /32
VRRP
6
![Page 7: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/7.jpg)
How does it work?
• Multicast packets
VRRP
• Same IP Addresses
VRID in Hex
• MAC Address 00-00-5E-00-01-XX
7
![Page 8: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/8.jpg)
OSPF (Open Shortest Path First)• Internal Gateway Protocol
• Best path
Bidirectional Forwarding Detection• Session between two endpoints
• Hello packets each 200ms
• Wireless considerations
OSPF & BFD
8
![Page 9: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/9.jpg)
Original Network Topology
9
![Page 10: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/10.jpg)
Goal Network Topology
10
![Page 11: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/11.jpg)
• Custom’s network has only 1 IP as GW for ours
• Non static ARP entries
• Wireless distance: Less than 400 meters
• No connection tracking used in redundant routers
Things to consider
11
![Page 12: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/12.jpg)
Things to consider
Routes:Tunnels GW IP via VRRP
Routes:Customs subnets via VRRP
VRRP BACKUP
VRRP MASTER
Workout side Customs side
VRRP MASTER
VRRP BACKUP
NATNo connection tracking
12
![Page 13: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/13.jpg)
• Best Practice
• Management
• Bridge -> Add
Loopback
13
![Page 14: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/14.jpg)
Loopback
Lo IP= 10.255.255.1
Lo IP= 10.255.255.4Lo IP= 10.255.255.3
Lo IP= 10.255.255.2
14
![Page 15: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/15.jpg)
Loopback
Lo IP= 10.255.255.1
Lo IP= 10.255.255.4Lo IP= 10.255.255.3
Lo IP= 10.255.255.2
• Static routes between all routers to reach Loopback IP’s (not physical mesh)
15
![Page 16: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/16.jpg)
• How to
VRRP
16
![Page 17: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/17.jpg)
VRRP
VRRP Master Interface VRRP Backup Interface17
![Page 18: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/18.jpg)
• Assign Loopback IP to the default OSPF Instance on each router
OSPF
18
![Page 19: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/19.jpg)
• Add network to start running the protocol
OSPF
19
![Page 20: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/20.jpg)
• Make a customizable static interface
OSPF
20
![Page 21: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/21.jpg)
• Adjust parameters
OSPF
21
![Page 22: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/22.jpg)
• Default Setup• Check neighbors
BFD
22
![Page 23: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/23.jpg)
Server Farms
Normal Packet Flow
OSPF Routes (Distance 110)
TLS link, principalWireless link, secondary
Master Router
Master Router
23
![Page 24: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/24.jpg)
Server Farms
WKO TLS Router Fail
No route to host!
Master Router
Master Router
24
![Page 25: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/25.jpg)
Server Farms
WKO TLS Router Fail
Static Routes (Distance 200)
Master Router
Master Router
25
![Page 26: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/26.jpg)
Server Farms
TLS Failure
Master Router
Master Router
26
![Page 27: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/27.jpg)
• Check Gateway: Ping
• Avoid manually add static routes
Why OSPF ?
27
![Page 28: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/28.jpg)
• Very usefulEmail notification
VRRP Scripts
28
![Page 29: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints](https://reader034.fdocuments.us/reader034/viewer/2022042612/5f3c0dfe2926a831b774cd26/html5/thumbnails/29.jpg)
Thank you!
MUM Middle East, October 2016Federico Martín Perdichizzi
Any other question?
29