Saturday, December 17, 2016

configure vrrp between cisco router and mikrotik router (HA)

*** diagram and information

                            --ether3 mikrotik ether2--
client---->  switch                                         switch ------internet
                            -----f0/1  cisco    f0/0-------

mikrotik vrrp priority: 150 (master)
              ether3 ip :
              vrrp ip:   (client gateway)

cisco       vrrp priority: 120 (backup)
               f0/1 ip :
               vrrp ip:

1- cisco configuration

interface FastEthernet0/0
 description *** Unused for Layer2 SW ***
 ip address
 ip nat outside
 ip nat enable
 ip virtual-reassembly
 duplex auto
 speed auto
interface FastEthernet0/1
 description *** Unused for Layer2 SW ***
 ip address
 ip nat inside
 ip nat enable
 ip virtual-reassembly
 duplex auto
 speed auto
 vrrp 1 ip
 vrrp 1 timers learn
 vrrp 1 priority 120

ip nat source list 1 interface FastEthernet0/0 overload
access-list 1 permit

2- mikrotik configuration

/interface vrrp add name=vrrp1 interface=ether3 vrid=1 priority=150 interval=1 version=2

/ip address add address= interface=ether3
/ip address add address= interface=ether2
/ip address add address= interface=vrrp1
/ip firewall nat add out-interface=ether2 chain=srcnat action=masquerade

3- testing
- on cisco router show vrrp all with show which one is master and slave, and we see the mikrotik is the master, so will handle all the traffic until it die out. the cisco will resume its work.

R1-SW#show vrrp all
FastEthernet0/1 - Group 1 
  State is Backup 
  Virtual IP address is
  Virtual MAC address is 0000.5e00.0101
  Advertisement interval is 1.000 sec
  Preemption enabled
  Priority is 120
  Master Router is, priority is 150
  Master Advertisement interval is 1.000 sec
  Master Down interval is 3.531 sec (expires in 3.127 sec) Learning

- when mikrotik stops workings the status of vrrp will display on cisco console message, like below

*Mar  1 02:37:19.655: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 02:37:27.643: %VRRP-6-STATECHANGE: Fa0/1 Grp 1 state Master -> Backup
*Mar  1 02:37:47.483: %VRRP-6-STATECHANGE: Fa0/1 Grp 1 state Backup -> Master

- snapshot of client's ping to, and it losts only one packets when vrrp master switch to cisco after the mikrotik router goes down

No comments:

Post a Comment