Multiple default routes dual datacenter

RouterOS Forwarding Protocols
1

Hi,

I have a setup where we have 2 datacenters that are in 2 geographic locations. Between them we have a layer 2 1Gbit connection. Over this connection we have OSPF running to advertise the networks that live on both sides.
In both locations we have an uplink to the internet which are configured using static routes.

We would like to route all traffic to the internet from the internal networks in DC2 (behind mikrotik device) via the router (vyatta) in DC1. Reason for this is that we want to keep the banswith in DC2 reseverd for incoming traffic from clients. In the other datacenter (DC1) we also have greater bandwith.

I first looked at policy based routing, but that only works with static routing. I’m a bit lost here so i hope someone can point me in the right direction

[admin@R1DCG] > ip route print
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          214.224.x.x            1
 1  Do  0.0.0.0/0                          192.168.44.12           110
 2 ADC  10.255.255.1/32    10.255.255.1    loopback                  0
 3 ADo  10.255.255.2/32                    192.168.44.12           110
 4 ADo  81.95.x.x/26                    192.168.44.12           110
 5 ADo  172.16.0.0/22                      192.168.44.12           110
 6 ADo  172.16.4.0/22                      192.168.44.12           110
 7 ADo  172.16.8.0/22                      192.168.44.12           110
 8 ADC  172.20.8.0/21      172.20.8.1      VL_mgmt                   0
 9 ADC  172.20.16.0/21     172.20.16.1     dcg-prod-infra            0
10 ADC  172.20.24.0/21     172.20.24.1     dcg-prod-dmz              0
11 ADC  172.20.32.0/21     172.20.32.1     dcg-prod-saas-pub         0
12 ADC  172.20.40.0/21     172.20.40.1     dcg-prod-saas-back        0
13 ADC  172.20.56.0/21     172.20.56.1     dcg-test-dev              0
14 ADC  172.20.64.0/21     172.20.64.1     dcg-test-impl             0
15 ADC  172.20.72.0/21     172.20.72.1     dcg-test-saas-pub         0
16 ADC  172.20.80.0/21     172.20.80.1     dcg-test-saas-back        0
17 ADo  192.168.0.0/24                     192.168.44.12           110
18 ADo  192.168.1.0/24                     192.168.44.12           110
19 ADo  192.168.2.0/24                     192.168.44.12           110
20 ADo  192.168.11.0/24                    192.168.44.12           110
21 ADC  192.168.44.0/24    192.168.44.10   ether7                    0
22  DC  192.168.88.0/24    192.168.88.1    ether1                  255
23 ADo  192.168.200.0/24                   192.168.44.12           110
24 ADo  192.168.252.0/24                   192.168.44.12           110
25 ADo  192.168.253.0/24                   192.168.44.12           110
26 ADC  213.88.x.x/29   213.88.x.x   ether6                    0
27 ADC  214.224.x.x/30  214.224.x.x  ether6

thx

2

One thing I do for something similar is to have OSPF on both sides advertise a default route “if installed” – if the Ethernet port goes down or the route is marked unavailable due to “check gateway” failing, then OSPF stops advertising the default route. (Note: this will work the best if the Vyatta at DC1 is participating in OSPF, or gets replaced by something that can).

You can then have your outbound default route at DC1 with a weight lower than 110, so that it has precedence over the OSPF default route from DC2 (if it is being injected). At DC2, you set the outbound default route to a weight higher than 110, which means it won’t be used unless the OSPF default route from DC1 drops offline (but traffic will failover automatically if necessary).

The one drawback to this approach that I’ve seen is that, at least as of v6.5, if the OSPF route at DC2 goes away such that DC2 fails over to its local static route, DC2 won’t “fail back” to the OSPF route without manual intervention to disable and then re-enable the local static route. I probably should get around to testing that customer with the newest version of RouterOS and then filing a ticket…

3

:open_mouth:
Thank you!! I was going nuts wondering why my router wasn’t going back to the “primary” default route. I know it’s an old post, but anything new on this issue? I’m runnning 6.34.2 and I still have to disable the local static defaut route for the router to get the OSPF announced one. But, on the up side, other routers on my network get the proper Default route.