Discussion:
Best setup for redundant routers.
Shane McKinley
2007-12-06 16:43:24 UTC
Permalink
I am setting up 2 Vyatta routers that will serve as redundant failover
core routers out to the backbone of our ISP. They will be serving for
routing between other branches and the ISP and bandwidth management.

I am trying to differentiate between the plethora of information about
having redundant, automatic failover routers and pretty much decided on
VRRP for the IP address failover mechanism.

I am having a bit of a problem sorting out what will work best for
automatic routing propagation between the two units and have been
looking at the possibility of using OSPF to accomplish this to avoid
having to enter routes into two different routers.

Would OSPF work well for this? Are there better options?

Thanks for any info,

Shane McKinley
Grant Taylor
2007-12-06 17:15:54 UTC
Permalink
This looks to be a general routing related question rather than a "Linux
Advanced Routing and Traffic Control" (a.k.a. LARTC) question and thus
may be better answered elsewhere.
Post by Shane McKinley
I am setting up 2 Vyatta routers that will serve as redundant
failover core routers out to the backbone of our ISP. They will be
serving for routing between other branches and the ISP and bandwidth
management.
Ok...
Post by Shane McKinley
I am trying to differentiate between the plethora of information
about having redundant, automatic failover routers and pretty much
decided on VRRP for the IP address failover mechanism.
VRRP is a good idea. I don't think I'd rely on one virtual redundant
router through. I would make router B be redundant for router A *AND
router A be redundant for router B. This way, your branch offices can
see two different routers that have the same capabilities. This way you
could route some load through one router and the rest through the other
while having both be redundant for each other.
Post by Shane McKinley
I am having a bit of a problem sorting out what will work best for
automatic routing propagation between the two units and have been
looking at the possibility of using OSPF to accomplish this to avoid
having to enter routes into two different routers.
Yes, an interior routing protocol would be good. Based on my limited
experience I would recommend that you use either (preferably) OSPF or
possibly Interior BGP (a.k.a. IBGP).
Post by Shane McKinley
Would OSPF work well for this? Are there better options?
You could look at things like RIP or ISIS, but neither of them will be
as good or bandwidth friendly as either OSPF or IBGP.
Post by Shane McKinley
Thanks for any info,
You are welcome.



Grant. . . .
Mohan Sundaram
2007-12-07 02:18:56 UTC
Permalink
Post by Grant Taylor
This looks to be a general routing related question rather than a "Linux
Advanced Routing and Traffic Control" (a.k.a. LARTC) question and thus
may be better answered elsewhere.
*nod*
Post by Grant Taylor
Post by Shane McKinley
I am setting up 2 Vyatta routers that will serve as redundant
failover core routers out to the backbone of our ISP. They will be
serving for routing between other branches and the ISP and bandwidth
management.
Would be interesting to know how they perform.
Post by Grant Taylor
Yes, an interior routing protocol would be good. Based on my limited
experience I would recommend that you use either (preferably) OSPF or
possibly Interior BGP (a.k.a. IBGP).
Either is good. For just 2 routers, most dynamic protocols work well.
Older protocols failed in scaling to larger networks. AFAIR, OSPF
support discovered route cost propogation which is useful in route
selection/ load balancing/ECMP etc. Do not remember if IBGP does it. Has
been a while and so a little rusty on finer details.
Post by Grant Taylor
You could look at things like RIP or ISIS, but neither of them will be
as good or bandwidth friendly as either OSPF or IBGP.
For just 2 routers, the decision is pretty simple - any. I'd go with
OSPF or IBGP depending on comfort, skillset and support at locations needed.

Mohan
Grant Taylor
2007-12-07 02:19:39 UTC
Permalink
Wouldn't the redundant VRRP cause an IP address conflict?
No. Let me try to explain using pseudo IP addresses. For the sake of
discussion we will use the RFC test network of 192.0.2.0/24. (All IPs
below will be just the last octet in said subnet.)

Real routers A and B (RA and RB respectively) and virtual routers A and
B (VA and VB respectively) will make up the routers of the network.

Have RA be primary for VA's IP and backup for VB's IP. Then have RB be
backup for VA's IP and primary for VB's IP. So you would have four IPs
in use (RA, RB, VA, and VB). You would only have clients use VA and /
or VB as their default gateway(s).

So, if you have the following IPs used:

VA = .254
VB = .253
RA = .252
RB = .251

Real router A would have it's ""management IP of .252 and participate
(as the primary) in the VRRP virtual router A IP / MAC address of .254
and (as the secondary) in the VRRP virtual router B IP / MAC address of
.253.

Real router B would have it's ""management IP of .251 and participate
(as the secondary) in the VRRP virtual router A IP / MAC address of .254
and (as the primary) in the VRRP virtual router B IP / MAC address of .253.

As you can see there are four IP addresses used, two are what clients
would use as potential default gateways and two are for management of
the real routers.

With the two different IPs that you can hand out to clients, you could
do some load balancing by having some clients use one virtual router and
others use the other virtual router.

Heck, if you wanted to you could even add a third real router (RC) to be
a tertiary router for virtual routers.
If not, that would be sweet. I would have redundancy for my redundancy.
Start thinking about how sweet things can be....



Grant. . . .

Loading...