Setting VRRP MikroTik – GNS3 LAB64

Setting VRRP (Virtual Router Redundancy Protocol) MikroTik – GNS3 LAB64

  • MikroTik-1 ether2: 192.168.250.10/24
  • MikroTik-1 ether3: 192.168.1.1/24 – VRRP ID: 1 – Priority: 200
  • MikroTik-1 VRRP: 192.168.1.3/24 (Master)
  • MikroTik-2 ether2: 192.168.250.20/24
  • MikroTik-2 ether3: 192.168.1.2/24 – VRRP ID: 1 – Priority: 100
  • MikroTik-2 VRRP: 192.168.1.3/24 (Backup)

Setting MikroTik-1

  • Setting VRRP
  • Interface > VRRP > Add (+) > Interface: ether3 > priority: 200 > VRRP ID: 1 > Name: VRRP
/interface vrrp 
add interface=ether3 name=VRRP vrid=1 priority=200 interval=1 preemption-mode=yes authentication=none version=3 v3-protocol=ipv4
  • Setting IP Address, IP Route, IP Pool, NAT
/ip address
add address=192.168.1.1/24 interface=ether3 network=192.168.1.0
add address=192.168.250.10/24 interface=ether2 network=192.168.250.0
add address=192.168.1.3/24 interface=VRRP network=192.168.1.0

/ip route
add distance=1 gateway=192.168.250.2

/ip pool
add name=dhcp_pool1 ranges=192.168.1.4-192.168.1.254

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether2
  • Setting DHCP Server
  • Gateway LAN menggunakan IP VRRP: 192.168.1.3
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether3 name=dhcp1

/ip dhcp-server network
add address=192.168.1.0/24 dns-server=8.8.8.8 gateway=192.168.1.3

Setting MikroTik-2

  • Setting VRRP
  • Interface > VRRP > Add (+) > Interface: ether3 > priority: 200 > VRRP ID: 1 > Name: VRRP
/interface vrrp 
add interface=ether3 name=VRRP vrid=1 priority=100 interval=1 preemption-mode=yes authentication=none version=3 v3-protocol=ipv4
  • Setting IP Address, IP Route, IP Pool, NAT
/ip address
add address=192.168.1.2/24 interface=ether3 network=192.168.1.0
add address=192.168.250.20/24 interface=ether2 network=192.168.250.0
add address=192.168.1.3/24 interface=VRRP network=192.168.1.0

/ip route
add distance=1 gateway=192.168.250.2

/ip pool
add name=dhcp_pool1 ranges=192.168.1.4-192.168.1.254

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether2
  • Setting DHCP Server
  • Gateway LAN menggunakan IP VRRP: 192.168.1.3
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=ether3 name=dhcp1

/ip dhcp-server network
add address=192.168.1.0/24 dns-server=8.8.8.8 gateway=192.168.1.3

Opsional

  • Setting Netwatch pada MikroTik-1 untuk cek koneksi internet jika terdapat masalah pada interface yang mengarah ke internet (ether2) di MikroTik-1 maka secara otomatis interface ether3 akan disable sehingga IP VRRP berpindah ke MikroTik-2, jika status internet pada MikroTik-1 sudah kembali UP, maka IP VRRP akan kembali ke MikroTik-1. Pengcekan dengan cara ping ke host 8.8.8.8
/tool netwatch
add host=8.8.8.8 interval=5s timeout=3s down-script="/interface disable ether3" up-script="/interface enable ether3"

Pengujian

  • Cek IP address pada User-X, pastikan sudah terhubung ke internet
  • User-X mengunakan DHCP Server dari MikroTik-1 (192.168.1.1) dengan gateway 192.168.1.3
  • Cek traceroute ke IP gateway internet (192.168.250.2)
  • Ping ke internet (ping sys-ops.id)
  • Disable Interface ether3 pada MikroTik-1
  • Cek kembali traceroute ke IP gateway internet (192.168.250.2
  • Hasil Pengujian
  • Sebelum interface ether3 pada MikroTik-1 disable, koneksi User-X diarahkan ke MikroTik-1 (192.168.1.1)
  • Setelah interface ether3 pada MikroTik-1 disable, koneksi User-X diarahkan ke MikroTik-2 (192.168.1.2)
  • Akan terdapat timeout ketika proses perpindahan Master VRRP dari MikroTik-1 ke MikroTik-2

herdiana3389

A system administrator with skills in system administration, virtualization, linux, windows, networking, cloud computing, container, etc.