Hi, I’ve been using MikroTik for a number of years and never explored into OSPF too much, as I had no need with my simple setup.
The option for a second fiber connection into my network has left me wondering how to properly implement a fail over connection.
Should I use OSPF or a check gateway script?
Here is a simple diagram of how the network structure would be…
Is your 2 ISP are terminated in same location? if yes.
Use one Mikrotik as your Load Balance/Failover gateway separately, then implement OSPF protocol going to your other mikrotik gateway router.
No. They are separated by several miles and there is a wireless link in-between.
So, at location A, there currently is a fiber gateway & a MikroTik hEX S which acts as the network gateway / DHCP server & VLANs terminate at this router.
Location B will most likely be very similar setup with fiber gateway and then some sort of MikroTik behind it.
I would like to have Location A be primary and Location B be fail over / redundancy.
Location A can serve as the actual gateway router (with the 10.19.56.0/24 subnet & DHCP server), but routes to the internet should flop to Location B’s router if fiber gets cut at Location A.
I figured out how to do this, though it may not be best practice & I may have some settings incorrect…
I set this up with my current setup (a single fiber ISP) and my iPhone hotspot connected to a 4011 (as a second gateway router, in essence).
You may consider Location A (far left) of my diagram as Fiber ISP → Fiber Gateway (192.168.1.1/24) → hEX S (10.19.56.1/24)
You may consider Location B (far right) of my diagram as iPhone → wireless 2.4ghz to MikroTik 4011.
These two locations are separated by several miles, but connected via wireless links & switches…
The 4011 will serve as my “redundant fail over link”, for testing…
At Location A (hEX S), I created bridge named ‘loopback’, assigned IP 192.168.255.2
At Location B (4011), I created bridge named ‘loopback’, assigned IP 192.168.255.1
At Location A (hEX S), I created VLAN id “3”, named “vlan3-WAN.FAILOVER”, on an interface towards the 4011. (tagging this vlan thru all appropriate switches).
At Location B (4011), I created VLAN id “3” named “vlan3-WAN.FAILOVER”, on an interface towards the hEX S.
At Location A (hEX S), I assigned IP “10.0.0.9/29” to “vlan3-WAN.FAILOVER”
At Location B (4011), I assigned IP “10.0.0.10/29” to “vlan3-WAN.FAILOVER”
Performed a ping test to verify that Location A could reach Location B over 10.0.0.8/29 network.
At Location A (hEX S), I create OSPF instance “default” with Router ID: 192.168.255.2 (its loopback), redistribute default route - “never”.
At Location B (4011), I create OSPF instance “default” with Router ID: 192.168.255.1 (its loopback), redistribute default route - “always (as type 1)”
At Location A (hEX S), I add backbone networks 0.0.0.0/0 and 192.168.1.0/24
At Location B (4011), I add backbone networks 0.0.0.0/0 and 172.20.10.0/28 (This is the subnet I’m getting from the iPhone hotspot)
At Location A (hEX S), I add OSPF interface “vlan3-WAN.FAILOVER”, cost “200”, network type “point-to-point”.
At Location B (4011), I add OSPF interface “vlan3-WAN.FAILOVER”, cost “200”, network type “point-to-point”.
At this point, the OSPF point-to-point link comes up and I start to see the other side in the OSPF neighbors tab.
Now, If I look at IP → Routes table on Location A (hEX S), I see “Do (Dynamic - OSPF)” - 0.0.0.0/0 - 10.0.0.10 reachable via vlan3-WAN.FAILOVER - (Distance) 110
I verified that Location B (4011) has NAT Masq rule.
When I disable DHCP Client at Location A (hEX S), my default route “0.0.0.0/0 - 192.168.1.1 reachable ether5-WAN” disappears and traffic begins to flow thru vlan3-WAN.FAILOVER.
Re-enabling the DHCP Client brings back my default route and traffic is now re-routed back over fiber.
After thinking about it, this will only work if the Fiber Gateway router is down, not necessarily a cut fiber upstream of the fiber gateway router (192.168.1.1).
I assume I’ll have to find a check-gateway or netwatch script to facilitate the OSPF route change if the main fiber link is cut.