Backup router with DHCP server

se232 · December 3, 2023, 5:00pm

Hello .

I have in my network a main router into the internet with 10.1.1.1. It also contains the DHCP-server providing addresses and the standard-gateway with 10.1.1.1). Works fine… until the power supply died and the one and only access to the internet was off.
To overcome this situation I set up a backup router (10.1.1.2) with DHCP server (providing standard-gateway as 10.1.1.2) to take over in the rare case the main router with DHCP server (10.1.1.1) is not working any more.
In general I do not want that the backup router/DHCP server is assigning addresses to devices, I set the delay threshold to 10 seconds. This did not work properly, some of the addresses had been assigned from the backup server reaching the internet over the backup line. Even increasing the delay threshold to 1 minute does not properly work. There are still addresses assigned from the backup router.

How can I make that the backup router provides only addresses in case the main router does not respond to the requests? Delay threshold is not working.

regards

se232

McGremlin · December 3, 2023, 9:08pm

Hi there.
You should check out VRRP:

It should be a “slave” interfaces for all vlans which you wants to “secure” when Master is unreachable,
You should use scripts for enable/disable interface where ISP is connected,
You can use scripts for cyclical copying configuration stuff like firewall rules between them (when Master works fine),
If you don’t want to script it you should be aware of doing any configuration changes ALWAYS on both devices.

PS.: Using two DHCP servers in one network isn’t a good idea.

se232 · December 4, 2023, 3:21pm

Hello McGremlin,

thanks for the quick answers!
according your points:

I have no vlans in my setup, or I am misunderstanding your answer
This I will work on (idea is to ping the master router, once not reachable the backup router will switch on the DHCP-server, which I will disable while the master-router is pingable)
3 and 4) This is already done manually

according your PS: Is there no possibility to have a backup DHCP-server in standby, which get’s active when the main one is out of order? This is what I understood I can handle easily with the Delay Threshold.

My setup is looking like this (hopefully my ascii art is readable):

                  Internet
                     |
    +----------------+--------------+
    |                               |
Main router                  Backup router
(10.1.1.1)                    (10.1.1.2)
    |                               |
    + ---------------+--------------+
                     |
                  network
                 (10.1.x.x)

regards

se232

McGremlin · December 4, 2023, 8:40pm

Hi.

If you want only the DHCP server feature on your backup router and have only one subnet then maybe it would be easier to add (on backup router) simple Netwatch rule looking at 10.1.1.1 and enabling DHCP server when it’s down (and disable it when it’s up). Not the “cutest” solution, but simple.

se232 · December 7, 2023, 12:40pm

Hello McGremlin,

this is what I already implemented. Backup router’s DHCP is disabled until the main router is not pingable any more.
Thanks for confirmation!

regards

se232

McGremlin · December 7, 2023, 7:52pm

No problem Mate

jayooo · January 18, 2024, 4:19am

I have found that if you set the dhcp server to use the vrrp interface, instead of the actual interface, then the dhcp server is automatically enabled/disabled with the vrrp interface itself getting enabled/disabled.

nichky · January 18, 2024, 4:41am

if u want dhcp as backup u probably need to play with /ip/dhcp-server/set delay-threshold=xs

se232 · January 18, 2024, 5:53am

Nichky,

this I was playing with, but the higher the threshold, the lower the probability that an address was provided incorrectly from the backup dhcp server.

Regards