Manual VRRP Mikrotik
Transcript of Manual VRRP Mikrotik
-
8/20/2019 Manual VRRP Mikrotik
1/29
High Availability on MikroTikRouterOS
GUILHERME RAMIRES
-
8/20/2019 Manual VRRP Mikrotik
2/29
About me
Nome: Guilherme Ramires
System Analyst
CTO of Alive Solutions
Trainings, Consulting and Network Projects
CEO of Alive Store
Resale of Mikrotik Products
Mikrotik Consultant since 2009 MTCNA, MTCTCE, MTCWE, MTCRE, MTCUME and MTCINE
Mikrotik Training Partner since 2010
2
-
8/20/2019 Manual VRRP Mikrotik
3/29
Index
Introduction
Resources to provide high avaibility
Virtual Routing – VRRP
ome xamp es o Resources available on RouterBoards
Final remarks
3
-
8/20/2019 Manual VRRP Mikrotik
4/29
Introduction• High availability is a system ability to shape
physical or logic changes in order to maintain thenetwork UP the maximum possible time.
4
• It is possible to provide high avaibility on MikroTikRouterOS by using several protocols andtechniques. We also can find some interesting
resources on RouterBoards.
-
8/20/2019 Manual VRRP Mikrotik
5/29
Let’s see what we can use toprovide high avaibility
Bonding
STP
tat c out ng Dynamic Routing
Virtual Routing (VRRP)
ByPass – On RouterBoards Redundant Power – On RouterBoards
5
-
8/20/2019 Manual VRRP Mikrotik
6/29
Cont… All these resources you can use together or
maybe you can apply one of them according tothe problem you need to solve.
6
In most cases you need to use more than one toreach satisfactory results.
First step is understand the network topology.
-
8/20/2019 Manual VRRP Mikrotik
7/29
Bridged network
7
ISP 1
• Only one ISP• Only one gateway LAN• No routing
-
8/20/2019 Manual VRRP Mikrotik
8/29
Bonding
• Bonding works putting together two or more
interfaces in order to aggregate links or providerfailover.
• However in some cases the failover system can
8
a e more an secon s o wor .
-
8/20/2019 Manual VRRP Mikrotik
9/29
Bonding
• Positives: Default configuration is very easy, several modes toaggregate and it is possible to use it with EoIP tunnels.
•
9
problems with excessive retransmissions in some modes.
-
8/20/2019 Manual VRRP Mikrotik
10/29
(R)STP
• Spanning tree Protocol is used to provide loop free bridge networks.In the first moment the protocol elects a root bridge and than starts to
calculate loop free paths. If a loop is detect trough any port theprotocol disable this specific port or put it on standby mode.
10
-
8/20/2019 Manual VRRP Mikrotik
11/29
STP
• Positives: You do not need to worry about L2 filters or useSplit Horizon to avoid loops. The protocol will analyze thetopology and do all the hard work to you.
11
• Negatives: If you have a huge network is important to makesome adjusts in order to make it work smoothly. Securityproblems too.
• More information about security problems with STP you can find here:http://mum.mikrotik.com/presentations/BR09/Seguranca_camada2_Maia.pdf
-
8/20/2019 Manual VRRP Mikrotik
12/29
Routed network
BGP
OSPFRIP
12
ISP 1
ISP 2
BGP
• At least two ISP`s• Several gateways LAN• Segmented network
-
8/20/2019 Manual VRRP Mikrotik
13/29
Static Routing
It is possible to provide high availability usingstatic routing too. However you need to forecastall possible problems that can happen.
13
-
8/20/2019 Manual VRRP Mikrotik
14/29
Static Routing
• Positives: Can solve some specific problems that could be
more complicate to solve by changing your dynamicprotocol setup or even not possible to solve because thedynamic routing protocol just fail.
14
• Negatives: Human fail will happen on huge networks.Some failover solutions are very difficult to get in somecases.
-
8/20/2019 Manual VRRP Mikrotik
15/29
Dynamic Routing
• We can solve the static routing hard working by using dynamicrouting protocols as: RIP, OSPF, MME, BGP, etc…
• The dynamic routing protocols are able to announce physicalor logical changes and according to their algorithms they canmake the necessary modifications on the routing table in order
15
.
-
8/20/2019 Manual VRRP Mikrotik
16/29
Dynamic Routing
• Positives: These protocols can do the “hard work” for you.Easy to create one way flow to UPLOAD and other toDOWNLOAD without lose redundancy.
• Ne atives: These al orithms needs some c u usa e and
16
make changes to the routing table very often.
-
8/20/2019 Manual VRRP Mikrotik
17/29
VRRP
• O Virtual Router Redundancy Protocol (VRRP) is a
network protocol that provides automatic assignment ofrouters available to participating hosts. This increases theavailability and confiability of routing paths by selecting
default atewa s automaticall .
17
• The protocol accomplishes this by creating virtual routergroups, which are an abstract representation of multiple
routers. The default gateway of a host participant isassigned to the virtual router instead of a physical router.
-
8/20/2019 Manual VRRP Mikrotik
18/29
VRRP
• If the physical router that routes packets on behalf of
the virtual router fails, another physical router isautomatically selected to replace him. The physicalrouter that does the routing of packets in a given
18
.
-
8/20/2019 Manual VRRP Mikrotik
19/29
VRRP Routers have priorities between 1-255 and the router
with the highest priority will be the master one. When a
planned withdrawal of a master router is about tohappen you may change its priority. Which means thatthe backup router will preempt the master router status
.
"black hole“ effect.
19
-
8/20/2019 Manual VRRP Mikrotik
20/29
VRRP
• The default VRRP implementation isvery simple.
• Advanced parameters should beadjusted in order to get somedesired results like:
20
• Suppose you want the router R1 tobe always the master one. You haveto give it a bigger priority than R2and you must set “Preampetable
Mode=yes”.
• I have one live demonstration that can be found on tiktube page:http://www.tiktube.com/video/DEfH3aLmgGGHlICpIGqtpzpuDlEopEnI=
-
8/20/2019 Manual VRRP Mikrotik
21/29
Soft configuration #1For Router R1:
/interface vrrp add interface=ether1 vrid=49 priority=150
/ip address add address=192.168.1.1/24 interface=ether1/ip address add address=192.168.1.254/2 interface=vrrp1
21
For Router R2:
/interface vrrp add interface=ether1 vrid=49 priority=100
/ip address add address=192.168.1.2/24 interface=ether1/ip address add address=192.168.1.254/2 interface=vrrp1
-
8/20/2019 Manual VRRP Mikrotik
22/29
Soft configuration #2
Its is possible to make
load balance usingVRRP.
In this case you need
22
o crea e wo v r uarouting groups withdifferent IDs.
-
8/20/2019 Manual VRRP Mikrotik
23/29
Soft configuration #2For Router R1:
/ip address add address=192.168.1.1/24 interface=ether1
/interface vrrp add interface=ether1 vrid=49 priority=150/interface vrrp add interface=ether1 vrid=!! priority=100
/ip address add address=192.168.1.25/2 interface=vrrp1
/ip address add address=192.168.1.254/2 interface=vrrp2
23
For Router R2:
/ip address add address=192.168.1.2/24 interface=ether1
/interface vrrp add interface=ether1 vrid=49 priority=100/interface vrrp add interface=ether1 vrid=!! priority=150
/ip address add address=192.168.1.25/2 interface=vrrp1
/ip address add address=192.168.1.254/2 interface=vrrp2
-
8/20/2019 Manual VRRP Mikrotik
24/29
VRRP
• Positives: Fast response in case of physical failure, easy wayto replace devices without black hole periods and no routingtable modification.
24
• Negatives: In Nated networks some connections you willreset.
-
8/20/2019 Manual VRRP Mikrotik
25/29
Resources on RouterBoards
ByPass
25
• Here you will find a great solution to redundant access pointsin your tower:
http://mum.mikrotik.com/presentations/PL12/grifonline.pdf
-
8/20/2019 Manual VRRP Mikrotik
26/29
Power Redundancy
Resources on RouterBoards
• The RouterBoards can be fed simultaneously with DC jack andPOE Injector.
•
26
.
• The higher voltage is chosen.
-
8/20/2019 Manual VRRP Mikrotik
27/29
Final considerations We conclude that a single redundancy feature may be
not enough not perform high availability.
However the mutual cooperation of all thesetechniques allows us to provide high availability.
27
All these features and techniques used in thispresentation are available in MikroTik RouterOS andthe RouterBoards.
-
8/20/2019 Manual VRRP Mikrotik
28/29
Questions??
Guilherme [email protected]
www.fb.com/gmramireswww.fb.com/AliveSolutions
28
-
8/20/2019 Manual VRRP Mikrotik
29/29
Thanks!!Hvala!!