Hello,
Currently, with VRRP, we have manual edit config on each physical router.
Suggestion: completely virtual router, visible in Winbox as one router (like RAID1(mirror) volume based on two HDD)
+1 I’m also interested in having this feature
+1 This is needed and would be very useful.
Just my 2 cents..
Clustering would indeed be very useful, Mikrotik essentially has no HA mode which makes it difficult to push into the enterprise environment. We have VRRP but its not hitless for anything statefull that you may be doing (firewall or tunnelling). Clustering like Junos does on the J and SRX series should be possible to achieve on the current hardware platform. Either that or start producing redundant chassis hardware designs like Cisco 6500 or Juniper MX series devices.
In either case you need to implement dual routing engines, so you need the ability to synchronise state information between devices and delegate a master routing engine. Just this work would make clustering possible, that same work can then be used to make a redundant chassis.
+1 This is a absolutely necessary for use in enterprise environment.
I got several installation with two CCRs, configured with VRRP and is quite hard to maintain this installation. Every change in configuration has to be done on both routers.
I’m using Fortinet FortiGate in my company which supports HA and two physical devices acts as a single logical device.
mIRO
Give this a go: https://github.com/svlsResearch/ha-mikrotik
It does exactly what you are asking for, except for stateful connection synchronization. I have been using it to run 6 pairs of CCR1036 for over a year now.
@nathan1 i was testing this on a lab using 2 450g, but for some reason on the first HA cyclce , the “B” became the active and the “A” the standby but the HA work normal only this Letter switch
do you have this problem ?
There is no affinity for a primary right now. So this works as designed. Did you want to have an affinity for one vs. the other? In my setup - they are equal in terms of choice, at some sites my B is currently the active one just due to order in which I upgraded/cycled.
i know that work
but since A and B i think that when A became online again, in my mind need to be Active again 
but it work very well
In theory, the VRRP could be adjusted to force A back to the primary when it is around. However, you will probably end up with extraneous reboots/connection breaks due to this. I simply treat them like one logical device in my head and the hostname that is currently active doesn’t really come in to play. The A and B simple give me a hint as to which one is currently physically active, if I happen to be on site and dealing with them physically, this is useful. Otherwise, I just ignore it entirely and address the active one with the floating IP/hostname.
If you end up really wanting to see A active, I can add the feature when I have some more time. You can always force A to become active again by rebooting B when A is back. (hint: do an $HASyncStandby until it is GOOD before doing this).
Oh
You are the creator of the scripts
Very good work, I like do read codes and try to understand them, but your is very complex for one that don’t made it,
Very good work
[emoji106]
Enviado de meu XT1580 usando Tapatalk
Yep, created it after years of frustration with maintaining pairs of routers. Happy to see that it might work for you. It has been rock solid for us but let me know if you run into any issues.
Dude, you should try to include this script you made in the Wiki.
It seems really solid and it solves one major need for enterprise needs.
I don’t think the Mikrotik wiki is actually community driven, unless I misunderstand something. Are you aware of a way to add an entry? The edit history also seems to suggest that it may be Mikrotik engineers only 
Send it to support and ask them to put the script on the wiki.
Many thanks to Nathan1 for this solution. I tested first on a pair of small RB925ui-5ac2nD. Didn’t succeed at first try because lack of instructions, but after 2 hours the pair was working as intended.
Then I installed the script on a pair of RB3011UiAS-RM and looks fine. It is still in my lab but next days will move them into production. The setup have 1 internet static IP Ethernet connection, 2 pppoe internet connections (static IP) one vlan connected to 2 RB925ui-5ac2nD providing guest wifi and separate LAN wifi and one wireless link to a remote connection using ubiquiti antennas.
Now I realized that I can connect antenna only to one router (I don’t have redundant switch) so to avoid problems the router A must be always master. (of course I don’t need fully redundant link to that ubiquiti since it is used only for nightly remote backups and anytime someone can plug the cable to router B )
Does anybody knows how to make always active the router A ?
Hey Ovidiu,
This is the first setup I’ve seen deployed using ha-mikrotik that has a physical reason for choosing A over B. In theory, I can add a feature that would force this but it does feel a little bit odd. You can temporarily “force” it to stay on one vs. the other by rebooting the primary, which will then obviously be sticky until another event occurs. The software is designed to have an exact pair such that they are basically indistinguishable.
Just so I can understand the use case…Are the RB925ui-5ac2nD the ones that you want to force a primary? There is a physical antenna you are connecting to the RB925ui-5ac2nD for which you only have one? I’m not following how a redundant switch would come into play here, if you had it.
PS: You are also the only one that I know of that I can recall that isn’t using CCRs with ha-mikrotik. Please let me know if you run into anything that feels odd.
Hi Nathan,
No, i used RB925ui-5ac2nD just for lab tests without activating wifi. They will be connected to the redundant RB3011UiAS-RM
Please understand that we are talking about a very small office with only about 15-16 people + some visitors quite often. There is no point to buy CCR. I agree that your script is perfect in a normal situation where everything should be redundant. As I explained, there is a wireless link for offsite copy of backups. To be fully redundant i should connect it through a redundant switch. But hey, I don’t care about offsite copy of backups. Of course I can plug it to the normal switch where all computers are connected, but I was thinking to block LAN access to the backup using the router.
I know I can remotely restart the master so the slave will take over and since we have good on-line UPS they won’t flip for long time.
So Nathan, if we can change something easy to your script would be excellent, but is not a must. I can live very happy the way it is.
Bty, in case of power fail, I found a solution: in System > Routerboard > Settings there is a menu “boot delay” witch seams that doesn’t synchronize. I set higher time for router B and now every time the router A start first as master.
No problem not using CCRs, they are definitely expensive for many deployments. I just wanted to let you know that you are the first one that I know of to test alternative platforms, so good for all of us. I would like to hear how well it works for you after you run for a while.
The boot delay sounds like a great solution if you just want one to always become primary when they are both booted nearly simultaneously (i.e. after power recovery). This wouldn’t force A to become primary again after A was primary and then rebooted but that is the feature I could add if you really wanted it. I think this could work based on a pretty simply change that enables VRRP preemption.
It sounds like you have found a pretty workable solution though. Maybe you run it for a while and then see if you generally find it stable and if you still want this feature after a while of running, I will add it. How does that sound?
Yes Nathan, I’m sure will be fine for long time. I will let you know when I will put them into production (now I run them at my home). I have to implement some VPN solution and hope to find a way to allow access only from some countries, geoip. After that I will plug them into the rack.
Some other feature would be great: to receive email in case that one router is out for more than few minutes. Suppose that one of the routers have a problem. I will never know without to manually check the state.