backup link with pptp server/client

RuncZ · June 8, 2007, 9:16am

so, now we have setup like this:

LAN1 ↔ MT1 ↔ internet ↔ MT2 ↔ LAN2

both LAN’s use the same subnet of ip’s (with nat to internet) and there are pptp/eoip/bridge link connecting them.
plan is to get one more internet connection for each of mt’s and use those as a backup links.

it is no problem to create such setup with working internet.. but about vpn.. well, i’m confused there.
ok, as i understand, there should be no problem with pptp server side.. just open the appropriate ports/protocols for appropriate ip’s and do not specify the caller id..

but what to do when pptp server’s primary connection dies.. how do i get the client to automatically connect to the server’s backup link ip ? or should i set up 2 simultaneous connections and somehow mangle with bridges and stp ?

mrz · June 8, 2007, 9:23am

You can write a scrit that checks your primary pptp link, if it fails - enable backup link.

RuncZ · June 8, 2007, 9:29am

well .. that was fast

i don’t exactly like scipting on mikrotik, since (from my personal experience) they pretty often stops working after upgrades, so i must rewrite them.

dunno, perhaps that has happened just to me, since i have some “exotic” hardware requirements and have to use beta versions really often..

anyway, i was wondering if there’s a way to do this without scripting (otherwise i would have posted in scripting section)

mrz · June 8, 2007, 11:31am

Then if i understood you correctly, You can create two EoIP tunnels and run bonding over them. If you need only backup set bonding mode to active backup. This should work.

maroon · June 10, 2007, 7:07pm

You can write a scrit that checks your primary pptp link, if it fails - enable backup link.
You can write a scrit that checks your primary pptp link, if it fails - enable backup link.

do u have the script that do a failover?

gmsmstr · June 12, 2007, 8:18pm

There are other options too. Depending on what you are doing. If you are routing all of your traffic, then simply adding static routes with differant default costs will do what you want. If one of hte connctions goes down, its static route is no longer active, so the second ,with a higher cost becomes active. Failover can be VERY fast, less than 30ms in most cases.

Multiple IPIP interfaces inside of a bond interface may work well too.

Dennis Burgess
St. Louis Network Engineering Services
http://www.mikrotikconsulting.com
dmburgess@mikrotikconsulting.com
Certified Mikrotik Engineer

illiniwireless · June 14, 2007, 3:16am

The only problem with with links with different costs is that if that line fails farther away than the first ip ( which is the one you would be pinging) then it doesn’t know that it is actually down until the ping quits which is because of congestion. Then it starts pinging after it switchs and back through the same proccess until you shut the lowest cost path off or the other line comes up. There has to be a better method.

gmsmstr · June 14, 2007, 4:03am

I have had very little issues with this as typically, the link drops extreamly fast if the connection drops. It sides with caution before keeping an unknown link up. PPTP is very suited for this, as it will drop with just a few packets dropped from either side.