Hi,
For long time i’m using vrrp ip mask the same as for physical interface. If physical is /24, then vrrp too. Can anybody explain, what will or can happen, if I do so? In many topics I found text, that vrrp mask MUST be /32, but no any explanation. Is it really so? Do I need to reconfigure all my routers now?
Best Regards,
Ugis
Hi
I just came along this issue as mikrotik support told me to use /32 for the vrrp IP address netmask.
well, if I do this - at least on ROS 6.48.1 on a RB3011 - I can not ping the vrrp IP anymore from the connected subnet.
if I do set the netmask to the same value as the subnet (eg /24) then at least we can ping this IP from the connected subnet.
(we’re having other issues though related to mpls, but that’s another story)
so I’d be interested who is using /32 (as stated in the manual) and how do you get this working?
manual: https://wiki.mikrotik.com/wiki/Manual:Interface/VRRP#Configuring_VRRP
thx
hk
Why do you want to use a /32?
Do you want symmetrical routing so that you can do proper conntrack?
I did some testing recently, but I did the other way around, I was using /32 on the physical interfaces, and using /24 or whatever on the VRRP interfaces.
This way I was able to get symmetrical routing and have my conntrack/nat table work fine, because only the owner of the VRRP address was announcing the whole /24.
From what I know, VRRP only uses the physical address as source when sending multicast packets to the VRRP address (224.0.0.18), and the remote router doesnt look on the source address.