Community discussions

MikroTik App
 
hafte
just joined
Topic Author
Posts: 11
Joined: Tue Jan 03, 2023 6:00 pm

Primary and Standby DHCP Gateway with Bridge Router Setup

Wed Jan 04, 2023 1:37 pm

Hello All,

Currently my home network is using virtual firewall (Sophos XG) , but this is not so practical when hosting server is down. All my home devices cannot connect to internet.
From other side mikrotik does not support some usefull things like reverse proxy so i can easily replace Sophos.

I'm trying to find way to have mikrotik router and keep Sophos VM, but to have redundancy if Sophos is down.

Active ISP-->Mikrotik-->Sophos-->LAN
Passive ISP-->Mikrotik-->LAN
Screenshot_2.png
Goal is to use Sophos as main gateway in bridge (or gateway mode as now), and in case it is down, clients to switch to Mikrotik as gateway

Is there a way to achieve this setup with Mikrotik?
Any advices and ideas are welcome.
You do not have the required permissions to view the files attached to this post.
Last edited by hafte on Thu Jan 05, 2023 3:19 pm, edited 2 times in total.
 
hafte
just joined
Topic Author
Posts: 11
Joined: Tue Jan 03, 2023 6:00 pm

Re: Advice for Primary + Bridge Router Setup

Thu Jan 05, 2023 9:24 am

Hello Again.

I have found a way how this can work, but it requires some scripting.
I'm not in deep with this part and will apprishiate if some can help me.

Tested it and if manualy change DHCP options, it works.

What is needed is script that can perform automaticaly:
1. Check if gateway 10.30.10.2 is reachable on ping and check current DHCP gateway
2. If reachable and IP is 10.30.10.2 do noting. If diffrerent apply ip dhcp-server option/ add code=3 name="Option 4" value="'10.30.10.2'"
3. If gateway is not reachable apply /ip dhcp-server option/ add code=3 name="Option 4" value="'10.30.10.1'"
4. Remove all leases so clients can reconnect and get updted DHCP config

/ip dhcp-server option
add code=3 name="Option 4" value="'10.30.10.1'"
add code=3 name="Option 3" value="'10.30.10.2'"
Last edited by hafte on Thu Jan 05, 2023 9:26 am, edited 1 time in total.
 
hafte
just joined
Topic Author
Posts: 11
Joined: Tue Jan 03, 2023 6:00 pm

Re: Advice for Primary + Bridge Router Setup

Thu Jan 05, 2023 3:17 pm

Hello All,

I was managed to fix the issue finaly.
For these who are interested, below is what was done.

1. Used Netwach on Mikrotik for ping monitoring on second gateway Sophos XG.
Netwatch have up and down option to execute the commands.

If Sophos XG is reachable up-script set gateway on DHCP server network to point Sohpos
if Sophos XG is down down-script set gateway on DHCP server network to point back to Mikrotik

Only disadvantage is that the new gateway will be populated on next dhcp lease cycle.
I have set DHCP lease time to 6 min, so on aproximately every 3 min gateway will be updated.
This means 3 min downtime for the network Clients.

Not sure if someting more can be done to force dhcp renew on clients from mikrotik.

/tool netwatch
add disabled=no down-script="/ip dhcp-server network set 0 gateway=10.30.10.1" host=10.30.10.2 http-codes="" interval=10s test-script="" type=\icmp up-script="/ip dhcp-server network set 0 gateway=10.30.10.2"

Who is online

Users browsing this forum: gigabyte091 and 12 guests