I’ve been reading up on high availabililty, I’m experienced with linux clusters, and HSRP in the past, but VRRP, and its VyOS implementation, is new.
I have a setup with two VyOS instances. Both have one interface ISP facing (connecting to the ISP’s layer 2), a config/state sync interface (cross-cable directly between the two instances, and a list of VLANs on a several 10G interfaces LAN facing.
As I only need to connect to these instances via the out-of-band management interface, I would like to only configure that interface with a physical IP address (and the cross-link so state/config can be synced), but don’t configure all other interfaces with anything but the VIP address.
The docs state “Every VRRP router has a physical IP/IPv6 address, and a virtual address.” but I don’t want all those redundant physical IP addresses.
Does VRRP support that?
If I understand the RFC correctly, it uses multicast for every interface VRRP is active on to check state, which means the answer is no, it needs a physical IP on every interface participating.
Which means I have to think about a plan B, I have 4 subnets on the ISP side, and I don’t want to lose 2 IP’s per subnet, even if I would have those available (which is not the case).
The current setup, a Sophos UTM cluster, does not have any active interfaces on the standby none, apart from the interlink/sync interface between the two nodes.
Am I correct in assuming that VRRP health-check scripts only run on the master? And if not, what is the best way to determine is the router is MASTER or BACKUP?
I dunno about the details of VRRP runned through keepalived (or whatever is being used in VyOS) but for example carpd (from FreeBSD world) have this thing that both primary and secondary device will monitor connectivity and it will only failover if the other box have 100% connectivity.
Like if you got 10 interfaces configured and on box1 then int5 goes down and on box2 then int7 goes down then it wont failover.
However carp works by just copying the single IP so there is no need for physical IP-addresses except for the mgmt-interface (or whatever you prefer) where the config will be exchanged. I think its like linkstate thats being monitored for the regular interfaces and for the mgmt-interfaces (who get one IP each) you can have healthscript running that like pings default gateway on the mgmt-network or such to figure out which box have proper connectivity and if its a viable option to failover onto (because again it wont failover if the partner does not have 100% connectivity on the monitored interfaces).