Redundancy without loops

RouterOS Forwarding Protocols
1

Hi,

I’m trying to add our new Mikrotik CRS518-16XS-2XQ-RM switches to our network in a way that we have full redundancy, while avoiding loops, but I’m not sure what the best approach is. Maybe someone here can provide some pointers.

Current situation

  • We have 2 ISPs, connected through BGP with 2 routers (Edge1 and Edge2)
  • Between the 2 routers we have a small subnet (let’s say 200.0.0.248/29) on which they share iBGP and on which traffic can be forwarded → green line in diagram
  • We have 2 switches (called Core1 and Core 2) that are Ubiquiti EdgeSwitch 16 XG
  • There’s a connection from Edge1 to Core1 and Edge2 to Core2 and also between Core1 and Core2 → blue lines in diagram
  • The servers are connected (using a linux bond in active-backup) to both Core1 and Core2
  • The blue network has IP subnet 200.0.0.0/25
  • Edge1 and Edge2 have VRRP running on the blue network, so they share 200.0.0.1
  • The result is all servers can reach the default gateway 200.0.0.1 and from there traffic is routed to the ISPs

With the Mikrotik switches

  • Ideally we’d like to add the Mikrotik switches behind the Ubiquiti switches, since we don’t have enough ports on them to simply replace them outright
  • We need to interconnect the Mikrotik switches with 100Gbps because we’ll be using the 25Gbps connections between a set of new servers

STP ?

  • I was first thinking of using RSTP or MSTP to cut any loops between Core1 and Mik1 or Core2 and Mik2, so the high speed link between Mik1 and Mik2 would not be cut and the one betwen Core1 and Core2 would also not be cut. This way traffic would go smoothly from all servers to all other servers and to the Internet
  • However when trying this, as soon as I complete the loop, it simply won’t stop looping, even though RSTP was enabled on Core1, Core2, Mik1 and Mik2 and all root bridge and priority settings seem to be correct
  • I’m not sure if this is the way to go, even though it seems the easiest solution

Other options

  • OSPF seemed like another option, but sadly the Ubiquiti switches don’t support it
  • I could swap the Ubiquiti and Mikrotik switches around, but that still won’t solve the problem, unless I create a separate routed network on that side as well and then use VRRP on the Mikrotik switches, but it makes things a lot more complicated

Maybe I’m just missing the most obvious solution here ?

Any help most appreciated !

2

hello,

Maybe I’m just missing the most obvious solution here ?

the loop problem already there between those 4 devices : edge1,2 and core1,2.

how did you manage to get those devices running? do edge1 and edge2 vrrp inside interfaces as active - backup?

if the existing core1,2 don’t support ospf - then maybe the best way is to put the new devices in between the edge and core (or as core replacement) - while you pull the existing core as distribution/access.

that will make edge1,2 and mt1,2 run ospf. and the mt1,2 run the vrrp for the old core1,2.

3

For draft 2 rstp/mstp is the best solution.
I’m afraid the implementation problem is due to UBI, in a similar environment ubi with cisco I wasn’t able to run it correctly.
too many blinking iscons in this ubiquity

4

Any ideas to be taken from MC-LAG MLAG , replacing L2 redundancy loops with RSTP to cut the loops, with bonded interfaces and no loops.?
Bonding protocol will handle the local loop created by the bonded interfaces
Starts to be interesting with “multi-chassis link aggregation links”, replacing the inter-chassis loops.

With MT See: https://www.youtube.com/watch?v=xvb7Nd1xvRw
MC-LAG multivendor deployment … who knows.

5

Can I ask why each internet connection is not linked to each edge router? Its extremely unlikely but if ISP1 failed and edge 2 failed, you’d be without connectivity?

6
  • Make proper L2 design ( run redundancy protocol: STP, ERPS ),
  • Do not mix Switch vendors in the same L2 Domain,
  • Use same vendor and same software version on all the Switches,
  • Use proper monitoring ( SNMP , OOBM/BMC ),

If you need 100G LAN, I do not recommend Mikrotik,
use something “proper vendor”: EdgeCore, FS.COM, Juniper, …

Example redesign:
Screenshot from 2024-12-30 17-50-47.png