Troubles with VRRP on VLANs

RouterOS General
1

Hi everyone,

We have 2 x CCR2004-16G-2S+ routers running RouterOS v7.10. I am trying to set up VRRP on each of the VLANs, but hitting issues where RouterOS is reporting looped packets. The setup works fine without VLANs (VRRP interface directly on the bridge).

I’m getting this on Router 2 when I enable the VRRP interface:

sfp-sfpplus1: bridge RX looped packet - MAC 00:00:5e:00:01:0f -> 01:00:5e:00:00:12 ETHERTYPE 0x0800 IP PROTO 112 172.30.15.251 -> 224.0.0.18

Configs as follows:

Router 1:

/interface bridge
add name=bridge priority=0x6000

/interface vlan
add interface=bridge name=vlan15-cameras vlan-id=15

/interface vrrp
add interface=vlan15-cameras name=vrrp-vlan15-cameras priority=254 vrid=15

/ip address
add address=172.30.15.251/24 interface=vlan15-cameras network=172.30.15.0
add address=172.30.15.254 interface=vrrp-vlan15-cameras network=172.30.15.254

Router 2:

/interface bridge
add name=bridge priority=0x7000

/interface vlan
add interface=bridge name=vlan15-cameras vlan-id=15

/interface vrrp
add interface=vlan15-cameras name=vrrp-vlan15-cameras vrid=15

/ip address
add address=172.30.15.252/24 interface=vlan15-cameras network=172.30.15.0
add address=172.30.15.254 interface=vrrp-vlan15-cameras network=172.30.15.254

Can anyone spot anything I’m doing wrong here?

Thanks!

2

What does your bridge, bridge VLAN, and port/connectivity look like? Is VLAN filtering enabled on the bridge, and what is the EtherType for the bridge?

3

On the 2216’s I manage, RTSP is enabled, VLAN filtering is enabled on the bridge, with the EtherType set to 0x8100. PVID on bridge and on connected ports is 1, and Frame Types is set to “all” on both as well. Priority of both bridges is also identical.

4

Limited info here. But are both showing as VRRP masters?

Maybe the VRRP interface is being blocked by firewall e.g. some drop !LAN but VRRP interface isn’t in the LAN interface-list?

There were some VRRP bugs in the 7.8-7.9-ish area, so might want to make sure at current stable at least.

5

Identical setup here, except I have one bridge with higher priority than the other.

6

Yes actually I’ve just realised the second router thinks its master when it shouldn’t, so might have to go trawling through my firewall rules a bit I think…thanks for the tip.