Community discussions

MikroTik App
 
briannbach
just joined
Topic Author
Posts: 1
Joined: Sat May 13, 2023 3:55 pm

Send same income packets to different servers

Sat May 13, 2023 4:18 pm

Hello. We have three separate virtual servers with their respective fixed IP.

Two of them are windows server, and the last one is a virtualized MikroTik router.

The idea is simple, but we don't know if it's possible.

We want both windows servers to receive the same packets. That is, that the information reaches the MikroTik IP and is redirected to more than one IP. On the other hand the information can arrive from different ports, and should point to those same ports on the servers.

Currently only one of the servers receives the information, and we did this by creating a rule in Firewall --> NAT. We still couldn't duplicate the delivery to the other server.

And you could ask ¿why would you need this? The idea of ​​this is to be able to do "hot" tests and modifications on one of the servers, without compromising the use of the other server. And also as a kind of RAID 1 style backup of the incoming data.

What can we do?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11383
Joined: Thu Mar 03, 2016 10:23 pm

Re: Send same income packets to different servers

Fri May 19, 2023 6:57 pm

Simply duplicating ingress packets and delivering them to both servers is not a valid way of creating High Availability cluster. For one, both servers are likely not in sync so they will both try to reply ... and client will receive two (slightly) different replies to every packet sent, with difference large enough to trip connection reset at some point. There are a few ways of doing it properly, one of them is using some sort of reverse proxy (e.g. HAproxy) which then ballances connections between available backend servers.
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: Send same income packets to different servers

Fri May 19, 2023 10:47 pm

Please explain what *service* is behind the Windows machines ? What are you trying to accomplish ?
Perhaps NLB between the 2 Windows servers might be a good approach.
The MikroTik then can have a DNAT pointing to the NLB-VIP and NLB will sort it out.

https://learn.microsoft.com/en-us/windo ... -balancing

Who is online

Users browsing this forum: Ahrefs [Bot], baragoon, GoogleOther [Bot] and 82 guests