Dear Forum,

I want to ask about the best practice (maybe just another topology is suitable) for my problem:

===
1 x dumb vlan switch (no ospf/bgp available)

2 x vyos routers with vrrp, both connected to the switch (eth0) and both connected to BGP upstream (eth1)

The servers (virtual machine hosts) get a single connected main IP like the following:

===
interface ethernet eth0 vif 10 vrrp vrrp-group 10 virtual-address 10.10.0.1/29 #first host server 10.10.0.2
interface ethernet eth0 vif 20 vrrp vrrp-group 20 virtual-address 10.10.1.1/29 #second host server 10.10.1.2

virtual machine IPs should be floating across those vlans by this configuration:

===
protocol static route 10.100.100.0/24 blackhole <- blackhole to be able to announce it by BGP
protocol static route 10.100.100.100 next-hop 10.10.0.2 #vhost 100 at moment on host 1
protocol static route 10.100.100.200 next-hop 10.10.1.2 #vhost 200 at moment on host 2

In the event of failure of eth0 on vyos router1, there is no path between the router and the connected vhost.

But still the router would send the route of the vhosts to the BGP neighbor, effectively blocking the failover szenario.

Thanks for enlightment!