Hi ppl,
How can I setup one VRRP Group in version 3.0rc5? I want to use one vrrp instance for many interfaces, to do the “box” redundancy and not the interface redundancy.
I have one machine with 4 ethernet cards, and I want if some cards fail the VRRP switch to the backup router.
Any help will be apreciated.
Thanks in advance.
VRRP = Virtual Router Redundancy Protocol
it sole purpose is that if one router fails other one takes over.
in 3.0rc6
add interface VRRP and set its master interface and configuration in /interface
and add ip address to VRRP interface in /ip address
I have various VRRP interfaces in this box, if one of then fail all the others are switched to the backup router?
IS there any ability to have two boxes, if one fails, the other takes over? I know thats the ideal of VRRP, but the configuration, etc, is not copied over. Or is it in v3?
VRRP does exactly this - if one router fails the other one takes over.
if you have multiple VRRP interfaces on the router then you have to ensure that other VRRP switch over too. usually one can achieve using up/down scripts when one of VRRP masters go down, so all the other VRRP masters go down on that router. as a result everything is switched to backups
VRRP works inside one IP network,
Usually routers are inside at least 2 different networks, so you need 2 VRRPs
If master box goes down - everything will be ok - both VRRP can will failover to second router (VRRP slave).
But what if only one of these VRRP fails??? - then you will need a script, that will disable all VRRP interfaces if at least on VRRP fails, and enable them if it comes back.
i’m more thinking physical failure of router with many configurations, such as packet shaping, lots of routes, things like that. All of this configuration is not in the second router, i understand that the ips move over, but what about the config.
you have to have exactly same configuration for backup router, so when it takes over it, configuration does not move.
I think what the question is, how do I have the exact same config on the backup router. Does the VRRP take care of migrating the configuration from the primary at a reoccurring basis? You know you can’t leave it to the engineers to modify both! lol
everything that cannot be done using up/down scripts of VRRP routers should be there. if it is gateway then VRRP will move its ip address. it can do a lot of different things.
and no VRRP just does that - moves ip addresses + some scripting when up/down event occurs. when you set up one box you should set up send the same way, also, note, that when master goes down in can be completely unavailable so you cannot retrieve anything from it. So when backup sees that master is down, it becomes master and start to serve on your network.
Ya, i understand that, I guess what I am missing is the these “scripts” that would run on the master or backup, and move the necessary configuration at regular times to the backup unit. This way, if the main unit did stop working, the backup comes up with the configuration. This configuration may be up to a few hours old depending on these scripts.
I have not found anything on the wiki for configuration move scripts.
these scripts can fail you, because of different situations, as an example, one router fails and goes off-line (power failure, hit by lightning) when you transfer configuration as a result you have one faulty router and one with faulty configuration. also sese up/down scripts occur when backup becomes a master so, at that moment the other router can be gone already
Yes, but like you said, if the master is not up, its not going to do us any good to get the configuration. Several other products, use a serial cable to keep the configuration exactly the same. They also use a heartbeat though the serial to monitor the primary.
Not saying thats what I want. I want a full failover including configuration. Most of these routers are not changed but every few days, so a script that can move the configuration or update it every few hours would be fine. They will have megabits connectivity so its not like a bunch of data. Then when the router fails, VRRP takes over and moves the IPs, the second router already has the configuration from a few hours ago, and starts routing!
read up on the VRRP protocol from the RFCs … there is nothing about moving / copying / restoring / applying configs to a backup box. It is only about ARPs and IP addresses, nothing else. VRRP creates a virtual IP address that either box can use when it’s master; nothing else. Some layer 3 switches even have VRRP built in. If you want to copy the configs you will need to make something homegrown for your specific application. Not everyone would want the configs copied, ie; using another production router for a vrrp failover and you can’t dedicate a mirrored router and it’s config.
I would agree that some people would not want that. And i do understand the VRRP is not setup for full failover. I was kinda hoping to suggest that MT create a full failover system, in conjunction with VRRP.