29
Failover using VRRP, OSPF & BFD Federico Martín Perdichizzi October 17 th , 2016 Second Dubai MUM, Emirates

Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

  • Upload
    others

  • View
    30

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Failover using VRRP, OSPF & BFD

Federico Martín Perdichizzi

October 17th, 2016

Second Dubai MUM, Emirates

Page 2: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Bachelor’s Degree in Organization’s Information Systems (In progress)

• MTCNA (1511NA064)

• MTCRE (1511RE099)

• MTCTCE (1511TCE030)

• MTCINE (1604INE052)

• 4 years working in networking with MikroTik

About me

2

Page 3: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• VRRP, OSPF & BFD: Description and properties

• Steps for configuration

• Testing failover

• Final comments

• Q & A

Outline

3

Page 4: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Original Network Topology

4

Page 5: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Time to coordinate replacements

• Only 1 IP address allowed and unique gateway

• Building only accessible during working hours

• Second router with VRRP, OSPF & BFD

5

Page 6: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Virtual Router Redundancy Protocol (RFC 3768)

• Virtual interface over physical

• Priorities (Master: 255, Backups: 1-254)

• Time of convergence

• IP address /32

VRRP

6

Page 7: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

How does it work?

• Multicast packets

VRRP

• Same IP Addresses

VRID in Hex

• MAC Address 00-00-5E-00-01-XX

7

Moderador
Notas de la presentación
Regarding the switch where these routers are connected, I must tell you that there are no static ARP entries configured, and that is why this configuration is possible without further considerations.
Page 8: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

OSPF (Open Shortest Path First)• Internal Gateway Protocol

• Best path

Bidirectional Forwarding Detection• Session between two endpoints

• Hello packets each 200ms

• Wireless considerations

OSPF & BFD

8

Page 9: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Original Network Topology

9

Page 10: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Goal Network Topology

10

Page 11: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Custom’s network has only 1 IP as GW for ours

• Non static ARP entries

• Wireless distance: Less than 400 meters

• No connection tracking used in redundant routers

Things to consider

11

Page 12: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Things to consider

Routes:Tunnels GW IP via VRRP

Routes:Customs subnets via VRRP

VRRP BACKUP

VRRP MASTER

Workout side Customs side

VRRP MASTER

VRRP BACKUP

NATNo connection tracking

12

Page 13: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Best Practice

• Management

• Bridge -> Add

Loopback

13

Page 14: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Loopback

Lo IP= 10.255.255.1

Lo IP= 10.255.255.4Lo IP= 10.255.255.3

Lo IP= 10.255.255.2

14

Moderador
Notas de la presentación
Here you can see what Loopback IP addresses I used on each router.
Page 15: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Loopback

Lo IP= 10.255.255.1

Lo IP= 10.255.255.4Lo IP= 10.255.255.3

Lo IP= 10.255.255.2

• Static routes between all routers to reach Loopback IP’s (not physical mesh)

15

Moderador
Notas de la presentación
Loopback IP’s allow us to access the router if there is any way to do so, if we configured it properly. In this case, everything is routed so any router can reach other on every way that’s possible.
Page 16: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• How to

VRRP

16

Page 17: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

VRRP

VRRP Master Interface VRRP Backup Interface17

Moderador
Notas de la presentación
On both sides, Workout and Customs, I did this with the two routers involved in this failover configuration.
Page 18: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Assign Loopback IP to the default OSPF Instance on each router

OSPF

18

Page 19: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Add network to start running the protocol

OSPF

19

Page 20: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Make a customizable static interface

OSPF

20

Page 21: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Adjust parameters

OSPF

21

Moderador
Notas de la presentación
Default 10, 40
Page 22: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Default Setup• Check neighbors

BFD

22

Moderador
Notas de la presentación
BLACK WINDOW: ANECDOTE!!!
Page 23: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Server Farms

Normal Packet Flow

OSPF Routes (Distance 110)

TLS link, principalWireless link, secondary

Master Router

Master Router

23

Moderador
Notas de la presentación
(After animation) Now, this Transparent Layer Service, or any router could fail. In any case, the secondary router or link will become active.
Page 24: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Server Farms

WKO TLS Router Fail

No route to host!

Master Router

Master Router

24

Page 25: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Server Farms

WKO TLS Router Fail

Static Routes (Distance 200)

Master Router

Master Router

25

Page 26: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Server Farms

TLS Failure

Master Router

Master Router

26

Page 27: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Check Gateway: Ping

• Avoid manually add static routes

Why OSPF ?

27

Moderador
Notas de la presentación
The second answer is that sometimes we need to grant access to new servers that are in a different subnet, so it is simpler to just add the new routes on both routers on the Customs side and let the routes propagate themselves.
Page 28: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

• Very usefulEmail notification

VRRP Scripts

28

Moderador
Notas de la presentación
That brings me to the end of my presentation. If anyone has any questions, I’d be happy to answer them.
Page 29: Failover using VRRP, OSPF & BFD - MikroTikmum.mikrotik.com/presentations/ME16/presentation_3912_1476763… · Bidirectional Forwarding Detection • Session between two endpoints

Thank you!

MUM Middle East, October 2016Federico Martín Perdichizzi

[email protected]

Any other question?

29

Moderador
Notas de la presentación
If you think of another question later, here it’s my email address. You can write me and I will reply you.

Zero Interruption Nokia VRRP Cluster Upgrade

Zero Interruption Nokia VRRP Cluster Upgrade

Documents
First Hop Redundancy Protocols - Willkommen bei … · First Hop Redundancy Protocols HSRP – VRRP - GLBP ... vrrp 1 authentication cisco vrrp 1 timers advertise 3 ... First Hop

First Hop Redundancy Protocols - Willkommen bei … · First Hop Redundancy Protocols HSRP – VRRP - GLBP ... vrrp 1 authentication cisco vrrp 1 timers advertise 3 ... First Hop

Documents
All Angels, Tonbridge Road, Maidstone, Kent ME16 8JS

All Angels, Tonbridge Road, Maidstone, Kent ME16 8JS

Documents
VRRP instructions

VRRP instructions

Documents
VRRP Protocol whitepaper

VRRP Protocol whitepaper

Documents
HSRP,VRRP,GLBP - Donutsdocshare01.docshare.tips/files/9945/99459177.pdf · HSRP,VRRP,GLBP . Nombre Alumno: Francisco Avalos T. ... Virtual Router Redundancy Protocol (VRRP) y Gateway

HSRP,VRRP,GLBP - Donutsdocshare01.docshare.tips/files/9945/99459177.pdf · HSRP,VRRP,GLBP . Nombre Alumno: Francisco Avalos T. ... Virtual Router Redundancy Protocol (VRRP) y Gateway

Documents
157 Upper Fant Road, , Maidstone, ME16 8BT £240,000 · Upper Fant Road Maidstone ME16 8BT ... and black granite effect working surfaces comprising :- Bowl and drainer stainless steel

157 Upper Fant Road, , Maidstone, ME16 8BT £240,000 · Upper Fant Road Maidstone ME16 8BT ... and black granite effect working surfaces comprising :- Bowl and drainer stainless steel

Documents
Configuring VRRP - - Get a Free Blog Here

Configuring VRRP - - Get a Free Blog Here

Documents
FOI Administrator Hermitage Lane Maidstone, Kent ME16 9QQ

FOI Administrator Hermitage Lane Maidstone, Kent ME16 9QQ

Documents
Guida Hsrp Vrrp

Guida Hsrp Vrrp

Documents
05 System Volume VRRP Configuration

05 System Volume VRRP Configuration

Documents
Xos Vrrp Config Guide 05920c

Xos Vrrp Config Guide 05920c

Documents
Manual VRRP Mikrotik

Manual VRRP Mikrotik

Documents
Configuring VRRP - Cisco - Global Home Page · Configuring VRRP TheVirtualRouterRedundancyProtocol(VRRP)isanelectionprotocolthatdynamicallyassigns responsibilityforoneormorevirtualrouterstotheVRRProutersonaLAN

Configuring VRRP - Cisco - Global Home Page · Configuring VRRP TheVirtualRouterRedundancyProtocol(VRRP)isanelectionprotocolthatdynamicallyassigns responsibilityforoneormorevirtualrouterstotheVRRProutersonaLAN

Documents
VRRP (virtual router redundancy protocol)

VRRP (virtual router redundancy protocol)

Technology
Ethernet hálózatok tervezéseHSRP, VRRP, GLBP lehet őségek Másodpercen belüli konvergencia VRRP-t más gyártók is implementálták GLBP uplink terhelés elosztás VRRP –

Ethernet hálózatok tervezéseHSRP, VRRP, GLBP lehet őségek Másodpercen belüli konvergencia VRRP-t más gyártók is implementálták GLBP uplink terhelés elosztás VRRP –

Documents
APPLICATION NOTE AN-004-WUK VRRP with VPN FAILOVER...VRRP With VPN Failover MRD-455: ENABLE VPN ONLY WHEN VRRP MASTER Browse to VPN IPSecNext configure the MRD-455 to only establish

APPLICATION NOTE AN-004-WUK VRRP with VPN FAILOVER...VRRP With VPN Failover MRD-455: ENABLE VPN ONLY WHEN VRRP MASTER Browse to VPN IPSecNext configure the MRD-455 to only establish

Documents
S5700-EI Series Gigabit Enterprise Switches - Bechtle · • The S5700-EI supports VRRP, and can set up VRRP groups with other Layer 3 switches. VRRP provides redundant routes to

S5700-EI Series Gigabit Enterprise Switches - Bechtle · • The S5700-EI supports VRRP, and can set up VRRP groups with other Layer 3 switches. VRRP provides redundant routes to

Documents
Chapter 16 Configuring VRRP and VRRPE

Chapter 16 Configuring VRRP and VRRPE

Documents
confirung VRRP

confirung VRRP

Documents
Configuring VRRP - community.cisco.com · Configuring VRRP Information About VRRP 2 Cisco IOS IP Application Services ... Clients such as the Hot Standby Router Protocol ... (GLBP),

Configuring VRRP - community.cisco.com · Configuring VRRP Information About VRRP 2 Cisco IOS IP Application Services ... Clients such as the Hot Standby Router Protocol ... (GLBP),

Documents
7 - Redundancia Con HSRP-VRRP-GLBP

7 - Redundancia Con HSRP-VRRP-GLBP

Documents
VRRP Protocol

VRRP Protocol

Documents
03 VRRP Configuration

03 VRRP Configuration

Documents
VRRP Technology White Paper.pdf

VRRP Technology White Paper.pdf

Documents
108° 114° 120° 126° 132° 138° 144° 150° 156° AUSTRALIAN … · 2020. 7. 13. · MEL 7 ME16 ME 1 3 ME 29 MEE 13 ME26 ME ME16 ME16 ME27 ME 1 ME7 MEb 15 ME16 ME16 ME16 ME26

108° 114° 120° 126° 132° 138° 144° 150° 156° AUSTRALIAN … · 2020. 7. 13. · MEL 7 ME16 ME 1 3 ME 29 MEE 13 ME26 ME ME16 ME16 ME27 ME 1 ME7 MEb 15 ME16 ME16 ME16 ME26

Documents
PPP HSRP Y VRRP

PPP HSRP Y VRRP

Documents
Configuring VRRP - Cisco - Global Home Page · First Hop Redundancy Protocols Configuration Guide, Cisco IOS Release 15M&T 8 Configuring VRRP VRRP Support for Stateful Switchover

Configuring VRRP - Cisco - Global Home Page · First Hop Redundancy Protocols Configuration Guide, Cisco IOS Release 15M&T 8 Configuring VRRP VRRP Support for Stateful Switchover

Documents
CISCO HSRP VRRP GLBP

CISCO HSRP VRRP GLBP

Education
show vrrp - Cisco · IP Application Services Commands show vrrp IAP-533 Cisco IOS IP Application Services Command Reference November 2010 show vrrp To display a brief or detailed

show vrrp - Cisco · IP Application Services Commands show vrrp IAP-533 Cisco IOS IP Application Services Command Reference November 2010 show vrrp To display a brief or detailed

Documents