Load balancer on a RB5009UPr+S+ for 3 connected devices

system · August 13, 2024, 10:37am

I would like to know if some kind of load balancer is possible on a RB5009UPr+S+. The goal is to have a single IP to connect to 3 K8s control plane nodes. These nodes are directly connected to the Mikrotik router. I saw some hacky suggestions by ChatGPT, by creating a ping check and based on that you set a floating IP. But I was hoping Mikrotik has something more native and robust. So far I don’t find any other solutions. Any help would be greatly appreciated!

holvoetn · August 13, 2024, 11:33am

And why would we provide better info then ChatGPT ??
In all seriousness …

system · August 18, 2024, 7:48am

ChatGPT is just a tool, just like search engines. I also skimmed the docs and the settings. I am just wondering if I’m missing anything. Or do you imply the answer from AI was already the answer? I am really hoping for a native solution Maybe something like a bond interface type of solution (I don’t mean that litterly, but something along those lines). Something to provide a floating IP with fail-over would be really nice.

Something like this was provided as a possible answer:

:local primaryIP "192.168.1.1"
:local secondaryIP "192.168.1.2"
:local floatingIP "192.168.1.100"
:local interface "ether1"  # Change to your WAN interface

# Check if primary IP is reachable
:if ([/ping $primaryIP count=3] = 0) do={
    # If primary is down, assign secondary IP
    /ip address add address=$floatingIP/24 interface=$interface
    /ip address remove [find address=$floatingIP/24]
    /ip address add address=$secondaryIP/24 interface=$interface
} else={
    # If primary is up, assign primary IP
    /ip address add address=$floatingIP/24 interface=$interface
    /ip address remove [find address=$secondaryIP/24]
}

So the question is, is this really the best I can do with an expensive RB5009UPr+S+ router?

Because this would not cut it I think. For a poor-man-solution it’s fine. But some kind of load balancing between all 3 connected devices would be best. With the intelligence to skip unreachable devices.

ros44 · August 20, 2024, 7:53pm

Currently I am working on HA cluster with two RB5009UPr+S+IN and I am exploring the possibilities of MikroTik RouterOS for all kind of balancing and redundancy.

Can you please explain with simple words what you are trying to achieve exactly? I am not familiar with K8s and I assume they are just 3 servers, what are you trying to achieve?

system · August 23, 2024, 11:25am

In simple terms, there will be 3 k8s nodes attached to this Mikrotik router. I will be sending API calls to this cluster with the help of kubectl. The intended setup is supposed to use one IP to connect to this cluster. So I’ll configure a floating IP for this cluster to send API calls to. This floating IP should be managed by the Mikrotik router. This single IP hides the 3 nodes behind it. So if one node goes down, it doesn’t matter, you can still communicate with the cluster. The API calls will still be received because the floating IP will direct the API calls to one of the 3 nodes in the cluster. Ideally I also want load balancing. But for at home this is not really required. But if Mikrotik has such a thing, it would be great. With load balancing I mean that one of the 3 available IPs would be used, not just one each time.

Does this make sense? So I’m looking for a way to transparently make 3 nodes available through one IP. But if one of those nodes is not available, it should not send API calls to that host anymore. Therefore, API call → floating IP → one of the 3 nodes (preferable with maybe round robin), if one node is down, skip that one until it’s available again.

jaclaz · August 23, 2024, 2:29pm

If I get this right, you are looking for some sort of failover (more than load balancing) among three target IP’s?

You only connect to 1 IP (IP#1) and you expect the Mikrotik to forward/route your connection to any of three other IP’s (IP#2, IP#3, IP#4) depending on the availability?

system · August 24, 2024, 10:11am

That is indeed correct, automatic fail-over is the #1 feature I’m looking for. Although load balancing would still be nice, so that not only one node would always get the requests. Of course the tasks are still handled by all 3 k8s control plane nodes. But it would just be better if all nodes are receiving API calls, then that functionality is also confirmed and you don’t get extra surprises once a node has to reboot.

jaclaz · August 24, 2024, 1:30pm

Well, whatever/whomever produced the snippet you posted did not understand the question, let alone provide a meaningful answer.
(actually it is wrong even as an answer to another question).
Once removed the abstraction level of the variables, it amounts to fiddling with IP addresses of a local port, all in the same subnet:

Check if primary IP is reachable > ← (i.e. check pings to 192.168.1.1)

:if ([/ping 192.168.1.1 count=3] = 0) do={

If primary is down, assign secondary IP

/ip address add address=192.168.1.100/24 interface=ether1 > ← add 100
/ip address remove [find address=192.168.1.100/24] > <-remove 100 (this and the above do nothing)
/ip address add address=192.168.1.2/24 interface=ether1 > ← add 2
} else={

If primary is up, assign primary IP

/ip address add address=192.168.1.100/24 interface=ether1 > < add 100 (which is NOT the primary 1)
/ip address remove [find address=192.168.1.2/24] > <-remove 2
}

It makes no sense (to me).

I think what you need is more like Sob’s proposed solution here:
http://forum.mikrotik.com/t/dst-nat-one-port-to-multiple-nat-ip-addresses-how-to-do/70264/1
making use of netwatch to check connectivity and enabling or disabling a dst-nat rule in firewall

A more complex method which takes into account PCC load balance can be - I believe - be adapted/derived from this approach:
http://forum.mikrotik.com/t/host-based-load-balancing-and-failover/177543/1