Hello everyone,
i need to deploy an HA hotspot environment to provide networking continuity to an hotspot installation.
I need a MASTER/SLAVE architecture with hot standby.
My setup requires public ip addresses are given to subscribers, so i need to match these requirements:
-
- TWO (or more) mikrotik: 1 active / 1+ hot standby
- a set of private IPs in the internal LAN (e.g. 192.168.25.0/24)
- a set of public IPs on the internet (e.g. 192.168.1.0/24) THESE NUMBERS ARE FOR EXAMPLE ONLY!
- NAT 1:1 private-public addresses
- hotspot setup on both mikrotik, with users configured (i’ll use Radius)
- VRRP
The entire network can be illustrated as in figure below:
I have set-up two VRRP interfaces:
both Ether1 are enslaved to VRRP-EXT
both Ether2 are enslaved to VRRP-INT
Master has priority 250 and Slave has priority 30, with preemption.
Now that’s what I need:
I need to be able to completely switch from master to slave (and back) and thus to have the two VRRPs switching together. In brief, if an interface goes down (Master-ether1, Master-ether2, Slave-ether1, Slave-ether2) i want to switch completely to the other mikrotik.
I cannot have only one VRRP because i need to mount the public ip addresses to the correct mikrotik interface, and it is possible only having VRRP mounted on the external interfaces too.
The only thing i figured out is to have some script that changes the VRRP priorities in order to switch simultaneously all interfaces.
Next question could be:
once i reach my HA goal, is it possible to transfer existing hotspot sessions to the other Mik? Or at least the active cookies? (just to limit the number of re-authentications…) it would be very appreciated
Thanks in advance,
Roberto