Hi group
I have around 10 subnets on various VLANs that I need to apply to my VRRP. I have put them all into the same VRRP ID. It all works. Is this an invalid scenario though?
Initially I did this as I thought it was the way to make them all failover/failback together, but I realise this is not the case and grouping does that.
I just want to be sure before I put the routers into production. Should I move all subnets to their own VRRP ID, or can they stay the way they are now?
Cheers
I put all VRRP subnets into their own VRRP-ID to be sure.
VRRP is scoped to each subnet/VLAN it’s attached. So the vrrp-id are not going to “overlap” across VLANs since each has their own broadcast scope. AFAIK RouterOS does not use the VRRP ID, other than in what’s send out via VRRP.
But setting VRRP ID to match the VLAN ID it’s listening on I think helps keep things organized & avoids potential misconfiguration later if say the interface is picked wrong.
Interesting you say this. We thought to do the same. However, there are only 256 VRIDs and 4094 VLAN IDs, so this only works if you keep the VLAN numbers down, which we didn’t LoL.
LOL, I was going to mention the more limited IDs.
I use scripts for config, so keep VLAN ID under 256 was helpful for subnetting/naming too (e.g. VLAN 100 = vlan100/vrrp100/dhcp100/pool100 = 10.100.0.0/192.168.100.0) so VRRP just follows same scheme.
I’m pretty sure all being vrrp-id=1 on separate VLANs isn’t a problem. I just never tested it – but the VRRP really should not escape its VLAN either & to the kernel/OS, their all separate interfaces.