Community discussions

MikroTik App
 
afalck
just joined
Topic Author
Posts: 3
Joined: Tue Jan 26, 2021 3:58 pm

WAN failover not working as expected

Mon Oct 18, 2021 10:19 pm

Hi!
I've been following https://help.mikrotik.com/docs/pages/vi ... d=26476608 to create a WAN failover in case that the primary network connection fails.

The gateway is a CCR1009-7G-1C-1S+, connected with 10 Gbit to a primary switch with a trunk, containing WAN VLAN:s and local LAN VLAN:s. When using the primary connection, everything works just as expected. To try the configuration "sharp", I'm disabling the access port for the Primary WAN, expecting the traffic to use the secondary WAN instead. Unfortunately, the gateway isn't detecting the connection as unusable, but still tries to send the data that way.

As I'm using the trunk for the connection, I'm not using the physical interfaces, but the VLAN:s which is contained in the bridge on the interface. This means that I've replaced the physical interfaces with the VLAN:s in the WAN failover guide. When I'm disabling the primary WAN VLAN in the Interface List, all traffic are immediately being rerouted to the secondary WAN. In my eyes, this means that the setup is working correctly, but the CCR can't recognize that the route has changed. When the physical port is disabled, all routes for WAN Primary still looks as they're running.

Am I missing something, or doesn't the VLAN configuraton in my case support the WAN failover? I'm happy for good thoughts! :)

Attached is the topology of the network (downsized to the actual network devices) and the route list with the primary VLAN disabled.

VLAN 80: Primary WAN
VLAN 81: Secondary WAN
VLAN 85: WAN
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: WAN failover not working as expected

Tue Oct 19, 2021 2:04 pm

/export hide-sensitive file=anynameyouwish
 
afalck
just joined
Topic Author
Posts: 3
Joined: Tue Jan 26, 2021 3:58 pm

Re: WAN failover not working as expected

Tue Oct 19, 2021 11:52 pm

Config dump attached. Thanks!
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: WAN failover not working as expected

Wed Oct 20, 2021 2:34 am

Can you provide a network diagram having a devil of a time understanding it.
Seems like your ISP are providing WAN connections with vlans??

Why is vlan 99 part of the bridge itself??
What is the purpose of vlan 99

Once the network is clear it should be simple to fix up.
 
afalck
just joined
Topic Author
Posts: 3
Joined: Tue Jan 26, 2021 3:58 pm

Re: WAN failover not working as expected

Fri Oct 22, 2021 4:27 pm

Hi!
Let's clarify! :) I've attached a network map of all network devices including switches and gateway. Please tell if it makes it easier.

Both incoming WAN:s are untagged from each ISP. WAN Primary from ISP 1 comes directly from the media converter to the switch core-car-sw02. On the switch access port where it's connected, it's being tagged as VLAN 80. The same goes with WAN Secondary, with the exception that the connection goes via an enterprise network I'm not taking care of. The WAN Secondary goes within a trunk where the WAN is untagged from the enterprise network (but with my VLAN 87, making it possible for me to use the already existing WiFi infrastructure in the building after the firewall). VLAN 80 and 81 are switched to the car-router.

VLAN 99 is used as management interface for switches and gateway (each switch has their IP assigned to VLAN 99). To be able to configure other switches by jumping in between them or even be able to ping them, my only solution was to add VLAN 99 to the bridge.

Thanks for all help!
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: Ahrefs [Bot], hatred and 75 guests