Hi, I have a network that has 4 internet connections and what I would like to do is have 2 RB750 as gateway in failover, which means that one of the RB750 would be running as master and the other would be on standby until the master breaks.
I was thinking on attaching all four internet connection to the first ethernet on the RB, the LAN to the second ethernet and make a third connection between both RB. All the internet connections would be on DMZ sending all the traffic to the master RB ether1 IPs so here is the question, How sould I setup both RB so there act as one ? I read about VRRP but I don't know if it would work for this scenario or if there is any other solution, more stable or easy to setup for that matter.
I've this setup already working. What I did was, using an smartswitch between the WAN connections an the RBs, I setup one vLan for each WAN and configured the same vLans on the RB. For the failover what I did was setup a Netwatch script that checks if the Master RB is alive and if isn't the it enable all the interfaces on the RB Slave.
Also I wrote a script that does a config backup between the Routers every 24H so both of them have the same configuration and another script that checks the mac address of the ether1 of the router on startup and decides if the router is Master or Slave.
As for the failover providers, what I did was setup the main route of the RB with multiple gateways with weights so if ISP1 fails then ISP2 will be used and so on.
BTW I use a smartswitch to set the vLans because two of my WAN connections only work using a specific ethernet port and my ISP say that it can be changed. If this wasn't like this I will problably go for two RB2011 instead of the two RB750.
Joined: Tue May 17, 2011 8:19 am Posts: 79
for my (little) experience I'm sure you are talking about two things, that both I do on my customer's firewalls:
1. a VRRP cluster to guarantee that the hardware failure of one firewall will not block company activities http://wiki.mikrotik.com/wiki/Manual:Interface/VRRP Once you understood the logic, is not so difficult to implement, just you must know that in case of failover there will be a disconnection of some seconds.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum