Dear all,
We are now using zyxel USG 100’s to build a high availability solution but since the last firmwares its a complete disaster. We are now looking into a mikrotik solution.
We need two devices for an active/pasive HA solution. Every node should be the master/backup gateway (VRRP) for a couple of VLAN interfaces on a trunked port (10 ±).
I’ve a couple of questions:
- Is VRRP for VLAN interfaces stable?
2 ) Is there a sync mechanism available for RouterOS configuration (sync Firewall rules between active/passive node)
3 ) Is statefull NAT implemented in RouterOS, is the NAT table sync’ed after failover? Or are the connections dropped? - we have two 100mbit uplinks in the datacenter. Which RouterOS board do you guys advice for 100mbit firewall pass trough? Only 2-3 vpn’s are needed.
Thanks!