Manual:VRRP-examples: Difference between revisions
(No difference)
|
Latest revision as of 13:39, 22 May 2018
Applies to RouterOS: v3, v4, v5, v6
VRRP Configuration Examples
This section contains several useful VRRP configuration examples
Basic Setup
This is the basic VRRP configuration example.
According to this configuration, as long as the master, R1, is functional, all traffic destined to the external network gets directed to R1. But as soon as R1 fails, R2 takes over as the master and starts handling packets forwarded to the interface associated with IP(R1). In this setup Router R2 is completely idle during Backup period.
Configuration
R1 configuration:
/ip address add address=192.168.1.1/24 interface=ether1 /interface vrrp add interface=ether1 vrid=49 priority=254 /ip address add address=192.168.1.254/32 interface=vrrp1
R2 configuration:
/ip address add address=192.168.1.2/24 interface=ether1 /interface vrrp add interface=ether1 vrid=49 /ip address add address=192.168.1.254/32 interface=vrrp1
Testing
First of all check if both routers have correct flags at vrrp interfaces. On router R1 it should look like this
/interface vrrp print detail 0 RM name="vrrp1" mtu=1500 mac-address=00:00:5E:00:01:31 arp=enabled interface=ether1 vrid=49 priority=254 interval=1 preemption-mode=yes authentication=none password="" on-backup="" on-master="" version=3 v3-protocol=ipv4
and on router R2:
/interface vrrp print detail 0 B name="vrrp1" mtu=1500 mac-address=00:00:5E:00:01:31 arp=enabled interface=ether1 vrid=49 priority=100 interval=1 preemption-mode=yes authentication=none password="" on-backup="" on-master=" version=3 v3-protocol=ipv4
As you can see vrrp interface mac addresses are identical on both routers. Now to check if vrrp is working correctly, try to ping virtual address from client and check arp entries:
[admin@client] > /ping 192.168.1.254 192.168.1.254 64 byte ping: ttl=64 time=10 ms 192.168.1.254 64 byte ping: ttl=64 time=8 ms 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 8/9.0/10 ms [admin@client] /ip arp> print Flags: X - disabled, I - invalid, H - DHCP, D - dynamic # ADDRESS MAC-ADDRESS INTERFACE ... 1 D 192.168.1.254 00:00:5E:00:01:31 bridge1
Now unplug ether1 cable on router R1. R2 will become VRRP master, ARP table on client will not change but traffic will start to flow over R2 router.
Note: In case VRRP is used with Reverse Path Filtering, then it is recommended that rp-filter
is set to loose
, otherwise the VRRP interface might not be reachable.
Load sharing
In the basic configuration example, R2 is completely idle during Backup state. This behaviour may be considered as a waste of valuable resources. In such circumstances R2 router can be set as the gateway for some clients.
The obvious advantage of this configuration is the establishment of a load-sharing scheme. But by doing so R2 router is not protected by current VRRP setup.
To make this setup work we need two virtual routers.
Configuration for V1 virtual router will be identical to configuration in basic example - R1 is the Master and R2 is Backup router. In V2 Master is R2 and Backup is R1.
With this configuration, we establish load-sharing between R1 and R2; moreover, we create a protection setup by having two routers acting as backups for each other.
Configuration
R1 configuration:
/ip address add address=192.168.1.1/24 interface=ether1 /interface vrrp add interface=ether1 vrid=49 priority=254 /interface vrrp add interface=ether1 vrid=77 /ip address add address=192.168.1.253/32 interface=vrrp1 /ip address add address=192.168.1.254/32 interface=vrrp2
R2 configuration:
/ip address add address=192.168.1.2/24 interface=ether1 /interface vrrp add interface=ether1 vrid=49 /interface vrrp add interface=ether1 vrid=77 priority=254 /ip address add address=192.168.1.253/32 interface=vrrp1 /ip address add address=192.168.1.254/32 interface=vrrp2
VRRP without Preemption
Each time when the router with a higher priority becomes available it becomes the Master router. Sometimes this is not the desired behaviour and can be turned off by setting preemption-mode=no
in vrrp configuration.
Configuration
We will be using the same setup as in basic example. Only difference is during configuration set preemption-mode=no. It can be done easily by modifying the existing configuration:
/interface vrrp set [find] preemption-mode=no
Testing
Try turning off R1 router, R2 will become Master router because it has the highest priority among available routers.
Now turn R1 router on and you will see that R2 router continues to be the Master even if R1 has the higher priority.
VRRP and scripts
Configuration
See Also
[ Top | Back to Content ]