Saturday, December 17, 2016

configure vrrp between cisco router and mikrotik router (HA)

*** diagram and information

                            --ether3 mikrotik ether2--
client---->  switch                                         switch ------internet
                            -----f0/1  cisco    f0/0-------



mikrotik vrrp priority: 150 (master)
              ether3 ip : 192.168.33.2
              vrrp ip: 192.168.33.254   (client gateway)

cisco       vrrp priority: 120 (backup)
               f0/1 ip : 192.168.33.1
               vrrp ip: 192.168.22.254


1- cisco configuration

interface FastEthernet0/0
 description *** Unused for Layer2 SW ***
 ip address 192.168.34.1 255.255.255.0
 ip nat outside
 ip nat enable
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description *** Unused for Layer2 SW ***
 ip address 192.168.33.1 255.255.255.0
 ip nat inside
 ip nat enable
 ip virtual-reassembly
 duplex auto
 speed auto
 vrrp 1 ip 192.168.33.254
 vrrp 1 timers learn
 vrrp 1 priority 120
!

ip nat source list 1 interface FastEthernet0/0 overload
!        
access-list 1 permit 192.168.33.0 0.0.0.255
!


2- mikrotik configuration

/interface vrrp add name=vrrp1 interface=ether3 vrid=1 priority=150 interval=1 version=2

/ip address add address=192.168.33.2/24 interface=ether3
/ip address add address=192.168.34.1/24 interface=ether2
/ip address add address=192.168.33.254/32 interface=vrrp1
/ip firewall nat add out-interface=ether2 chain=srcnat action=masquerade



3- testing
- on cisco router show vrrp all with show which one is master and slave, and we see the mikrotik is the master, so will handle all the traffic until it die out. the cisco will resume its work.

R1-SW#show vrrp all
FastEthernet0/1 - Group 1 
  State is Backup 
  Virtual IP address is 192.168.33.254
  Virtual MAC address is 0000.5e00.0101
  Advertisement interval is 1.000 sec
  Preemption enabled
  Priority is 120
  Master Router is 192.168.33.2, priority is 150
  Master Advertisement interval is 1.000 sec
  Master Down interval is 3.531 sec (expires in 3.127 sec) Learning


- when mikrotik stops workings the status of vrrp will display on cisco console message, like below

R1-SW#
*Mar  1 02:37:19.655: %SYS-5-CONFIG_I: Configured from console by console
R1-SW#
*Mar  1 02:37:27.643: %VRRP-6-STATECHANGE: Fa0/1 Grp 1 state Master -> Backup
R1-SW#
*Mar  1 02:37:47.483: %VRRP-6-STATECHANGE: Fa0/1 Grp 1 state Backup -> Master
R1-SW#


- snapshot of client's ping to 192.168.34.45, and it losts only one packets when vrrp master switch to cisco after the mikrotik router goes down

No comments:

Post a Comment