General • Re: VRRP and ISP failover?

I recommend to configure Router A ( RB3011) and Router B (RB450)
before even starting with the VRRP-Setting.

Step 1: Configure Basic LAN-Network (IP-Address)

Router A: ether10 --> 172.16.15.251/20
Router B: ether5 --> 172.16.15.252/20

Step 2: Configure Main-ISP
Configure Router A and Cable-ISP
Configure Router B and Fiber-ISP
*like you would normally do ...

Step 3: Configure Backup-ISP

Configure Router A with Router B as Backup-ISP
Config-Exemple: /ip route add distance=100 gateway=172.16.15.252

Configure Router B with Router A as Backup-ISP
Config-Exemple: /ip route add distance=100 gateway=172.16.15.251

Step 4: Test ISP-Backup

Check if Failover works!

Exemple:
Ping 8.8.8.8 via Router A
Disconnect Cable-ISP from Router A
If should switch over to Router B
(some Ping's may fail during the failover)


Step 5: VRRP

Router A:
/interface vrrp add interface=ether10 name=vrrp1 priority=200 vrid=55
/ip address add address=172.16.15.254 interface=vrrp1 network=172.16.15.254

Router B:
/interface vrrp add interface=ether5 name=vrrp1 priority=100 vrid=55
/ip address add address=172.16.15.254 interface=vrrp1 network=172.16.15.254



Résumé:
Router A is always the Main VRRP-Router
When Router A is active (vrrp) Cable-ISP is primary and Fiber-ISP is failover
When Router B is active (vrrp) Fiber-ISP is primary and Cable-ISP is failover
After everything works , simply repeat the process for every LAN-Network

/ip firewall filter add action=drop chain=forward connection-state=invalid

Statistics: Posted by alexv305 — Fri Feb 09, 2024 11:41 pm