If you need context, see here: http://forum.mikrotik.com/t/vrrp-1-mt-2-internet-connections/9246/12
Is there a way to tell a VRRP group to change to backup or master using scripts?
I say this since we are having a time making MT failover properly. We have two MTs and each has two interfaces (EXT and INT).
If I pull the plug on the EXT interface of MT1, MT2’s EXT interface will magically pick up the floating VRRP address. Works great, love it!
But, MT1’s INT interface does not switch over to MT2’s INT interface, which creates the problem. Devices are still attempting to communicate on MT1’s INT interface which no longer can route through MT1’s EXT interface. In this situation, VRRP just does not work.
Is there a way when one of MT1’s interfaces goes down (I’m assuming on-backup will catch this problem) to tell the other VRRP group on MT1 to switch to backup?
Thanks!
You could have MT1’s INT interface disable itself when MT1’s EXT interface is unusable. Or setup some netwatch to do that. Are you not routing between MT1 & 2 with an interconnect?
No interconnect. I suppose disabling a VRRP group would in effect cause the next VRRP interface in priority list to become master. I will try that tomorrow.
I believe using Netwatch would be somewhat redundant since VRRP should know when it is up/down. I am curious to know if an interconnect (I’m assuming that to be dedicated interfaces possibly using a crossover cable to link the two MTs) makes this setup easier? It might get cluttery if you need to do VRRP with more than two MT’s.
I’m interested to know if anyone is using VRRP in a production situation as I’ve described earlier.
Here’s the script I’m using. Each VRRP group (vr1 and vr2) has the same script for on-master and on-backup.
vr1 on-master:
/ip vrrp set [/ip vrrp find name=vr2] disabled=no
vr1 on-backup:
/ip vrrp set [/ip vrrp find name=vr2] disabled=yes
vr2 on-master:
/ip vrrp set [/ip vrrp find name=vr1] disabled=no
vr2 on-backup:
/ip vrrp set [/ip vrrp find name=vr1] disabled=yes
This does not do what I obviously intend it to do when I pull an ethernet cable from the master. The intent is to disable the second VRRP group if the first VRRP group goes into backup. This should cause both interfaces on the backup MT to become master is any interface on the master goes down. Preemptive mode is turned on, if that makes any difference.
Did I do something wrong in the scripts?