Yes. Say you want redundancy between two routers connecting to a single upstream that provides you a single /30. You connect all three to the same switch/VLAN, assign private addresses for VRRP to the provider-facing interfaces, and assign your single public /30 address to the VRRP interface. If the primary router fails, the backup router's VRRP interface will become active, as will the address, and traffic will commence to the backup router. On your network facing side, you'll need to have OSPF or something else setup to advertise a default route (or whatever is appropriate), but using the distribute-default=if-installed-as-... option, lest the backup/inactive router advertise the default route as well.
-Kristian On Thu, 2011-07-28 at 18:54 -0400, Josh Luthman wrote: > You can just use bs private IPs right? > > On Jul 28, 2011 6:43 PM, "Kristian Hoffmann" <[email protected]> > wrote: > > +1 > > > > The IP addresses used for VRRP don't have to be the ones involved in > > routing (i.e. the highly available one(s)). We've used the same > config > > you outline. Thanks for taking the time to describe it. > > > > -Kristian > > > > On Thu, 2011-07-28 at 15:58 -0400, David Sovereen wrote: > >> Hi Gino, > >> > >> > >> > >> It can be done. It isn't well-documented, however. > >> > >> > >> > >> On Mikrotik, for example, you put a management IP address on each > >> router's ethernet interface, used for speaking vrrp only, and then > put > >> the IP address(es) that deal with customers on the vrrp > subinterface. > >> For example: > >> > >> > >> > >> rtr-1 > >> > >> ether1 assigned 172.16.1.1/30 (management IP used to negotiate vrrp > >> only) > >> > >> vrrp1 = master > >> > >> 24.5.20.17/30 <-> 24.5.20.18/30 = cust-rtr-1 > >> > >> 24.5.21.1/30 <-> 24.5.21.1/30 = cust-rtr-2 > >> > >> etc > >> > >> > >> rtr-2 > >> > >> ether1 assigned 172.16.1.2/30 (management IP used to negotiate vrrp > >> only) > >> > >> vrrp1 = backup, configure same IP addresses as found on rtr-1's > >> vrrp1 interface > >> > >> > >> > >> In this configuration, the two rtr's use 172.16.1.0/30 to negotiate > >> vrrp master/backup only. > >> > >> > >> > >> While rtr-1 is up, only the vrrp1 interface on rtr-1 is active and > >> the /30s that are assigned between you and your customers are > active > >> only on rtr-1's vrrp1 interface. The vrrp1 interface on rtr-2 is > not > >> active, and the IP addresses configured there aren't doing > anything. > >> If rtr-1 fails, then the vrrp1 interface configured on rtr-2 > becomes > >> active and rtr-2 begins responding to the IP addresses that were > >> previously being responded to on rtr-1's vrrp interface. You do > need > >> to configure the same IPs on both router's vrrp1 interfaces. > >> > >> > >> > >> I use this as my preferred setup on Mikrotiks, as the documented > way > >> of having traffic go out the ether1 interface and in the vrrp1 > >> interface can make firewall configs and troubleshooting > unnecessarily > >> complicated. In this way, all traffic goes through the vrrp1 > >> interfaces and the ether1 interfaces are used exclusively for > >> management/vrrp traffic. > >> > >> > >> > >> Hope this helps, > >> > >> > >> Dave > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> From: [email protected] > [mailto:[email protected]] > >> On Behalf Of Gino Villarini > >> Sent: Thursday, July 28, 2011 3:36 PM > >> To: [email protected]; WISPA General List ([email protected]) > >> Subject: [WISPA] Router Redundancy and /30 Ip address > >> > >> > >> > >> > >> Anyone have a way of having Router Redundancy with /30 ip address… > all > >> methods that I have researched (VRRP,HSRP) call for various IP > >> addresses and are suitable for /26 or larger IP blocks… How could I > >> have a Router Backup with multiple /30 ip addresses facing our > >> customers? > >> > >> > >> > >> Gino A. Villarini > >> > >> [email protected] > >> > >> Aeronet Wireless Broadband Corp. > >> > >> 787.273.4143 > >> > >> > >> > >> > -------------------------------------------------------------------------------- > >> WISPA Wants You! Join today! > >> http://signup.wispa.org/ > >> > -------------------------------------------------------------------------------- > >> > >> WISPA Wireless List: [email protected] > >> > >> Subscribe/Unsubscribe: > >> http://lists.wispa.org/mailman/listinfo/wireless > >> > >> Archives: http://lists.wispa.org/pipermail/wireless/ > > > > > > > > > -------------------------------------------------------------------------------- > > WISPA Wants You! Join today! > > http://signup.wispa.org/ > > > -------------------------------------------------------------------------------- > > > > WISPA Wireless List: [email protected] > > > > Subscribe/Unsubscribe: > > http://lists.wispa.org/mailman/listinfo/wireless > > > > Archives: http://lists.wispa.org/pipermail/wireless/ > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: [email protected] > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
