Re: [AusNOG] Mikrotik routers in HA environments

[Mike Everest]

Darren,

 

As others have already confirmed, RouterOS is suitable for that kind of
application, but since you mentioned 'Cisco', I wanted to point out a very
significant difference from what you might be used to:  MikroTik do not
offer any kind of support contract

 

Now for some, that may be a good thing ;) but for others, it can constitute
what is essentially a total deal breaker.  The reason for that is that with
a Cisco support contract, if (or perhaps /when/) you encounter a software
bug that causes you some serious problem, you a direct channel to the vendor
engineering team.  In the MikroTik world, you need to either use your own
internal resources or hire a suitable consultant to run full packet level
diagnostics, develop repeatability steps and then go through MikroTik level
1 support channels to try to escalate it to their software engineering team.

 

Please don't take this as encouragement to NOT deploy MikroTik! :-D  As the
largest volume MikroTik distribution in our region, of course I think you
*should* deploy MT, but only when you are aware of the full 'TCO' :-}

 

As the leading MikroTik vendor in Australia, we also offer engineering
support in case your team does need some extra help when things go wrong,
and we also have some inside contacts with MikroTik support team to get
(sometimes slightly) faster escalation of unusual problems.

 

I'd be pleased to discuss further in more detail any time, if you'd like to!
;)

Cheers!  Mike Everest.

 

From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of Darren
Moss
Sent: Tuesday, 26 June 2018 11:58 AM
To: ausnog@lists.ausnog.net
Subject: [AusNOG] Mikrotik routers in HA environments

 

Hi All,

 

We are about to deploy a new location, which we normally do with our SOE
around Cisco router kit (2 of them for redundancy).

 

I was talking with another DC customer and they swear by Mikrotik router
gear over Cisco.

 

I've played with Mikrotik in a domestic/home fibre connection scenario, but
not in a DC environment.

 

What's the consensus from others?

 

Can a pair of Mikrotik routers be configured for a *reliable* HA scenario ?

 

Happy to chat offlist or share if this is of interest to others.

 

Cheers

 

 

Darren.

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Mikrotik routers in HA environments

[Matt Perkins]

hahahah RouterOS v7

Alien's will land, Unicorn horns will be found and there will be a 
steaming pile behind every rocking horse before we see that.


Matt.


On 26/6/18 12:18 pm, Joseph Goldman wrote:

Full table import is 2-5minutes.

Route table lookups, depends. If you are going for an actual route 
entry i.e. 1.2.3.0/24, it can be very quick, or even 'All routes in 
1.2.0.0/18' for instance and list anything within that route.


If you want to do show me best route for 1.2.3.4, its still very slow 
(to the point I dont use it in troubleshooting personally, just start 
at the /16 and filter down myself with the quicker lookups)


These are things reported to be better in the infamous RouterOS v7 
(Coming Soon(tm))


On 26/06/18 12:08, Brad Evans wrote:


Hey Cameron,

How long does it take to load full tables and also how do you find 
the speed of doing routing table lookups from the CLI?


Last time we investigated this, both of the above were painfully slow 
when taking full tables.


-Brad

*From:*AusNOG [mailto:ausnog-boun...@lists.ausnog.net] *On Behalf Of 
*Cameron Murray

*Sent:* Tuesday, 26 June 2018 12:05
*To:* darren.m...@cloud365.com.au
*Cc:*  
*Subject:* Re: [AusNOG] Mikrotik routers in HA environments

Hi Darren,

We use the CCR1072's with VRRP and have not skipped a beat in the 
last 372 days they have been online & installed.


We also run BGP + OSPF on both devices without issue holding 600,000+ 
routes.


Cheers

Cameron

On Tue, Jun 26, 2018 at 11:58 AM Darren Moss 
mailto:darren.m...@cloud365.com.au>> wrote:


Hi All,

We are about to deploy a new location, which we normally do with
our SOE around Cisco router kit (2 of them for redundancy).

I was talking with another DC customer and they swear by Mikrotik
router gear over Cisco.

I’ve played with Mikrotik in a domestic/home fibre connection
scenario, but not in a DC environment.

What’s the consensus from others?

Can a pair of Mikrotik routers be configured for a **reliable**
HA scenario ?

Happy to chat offlist or share if this is of interest to others.

Cheers

Darren.

___
AusNOG mailing list
AusNOG@lists.ausnog.net 
http://lists.ausnog.net/mailman/listinfo/ausnog



___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog




___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog



--
/* Matt Perkins
Direct 1300 137 379Spectrum Networks Ptd. Ltd.
Office 1300 133 299m...@spectrum.com.au
   Level 6, 350 George Street Sydney 2000
Spectrum Networks is a member of the Communications Alliance & TIO
*/

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Mikrotik routers in HA environments

[Rob Thomas]

>
>
> Can a pair of Mikrotik routers be configured for a **reliable** HA
> scenario ?
>
>
>

Yep, using VRRP, they work really well. You don't even need any 'tricky'
bits - for example, if you bind your BGP to the floating IP address, it
won't start the BGP session until the IP address is present.

One small warning: If you use VRRP (which puts the interface into
promiscuous mode), *and* you're using VMware to run them on, *AND* you're
using VDS for your switch configuration, you will get duplicate ICMP
responses when you ping the routers.

This is vaguely handwaved away by vmware in
https://kb.vmware.com/s/article/2144849 as 'expected', and it IS only ICMP,
normal TCP and UDP packets seem fine, and it's only to IP addresses that
terminate AT the router, not for traffic through it.

So, the quick runthrough is create a VRRP interface, bind it to a physical
(or vlan), assign a bogus IP address to each physical interface - I
habitually use rfc6598 address space of 100.64.0.0/10 - and then assign
(the same!) floating IP Address to the VRRP interface on both nodes.

There are VRRP triggers you can run (there's a 'scripts' value) so you can
do a webhook or something if the link changes.

I also recommend the CCR's - theyre' a great piece of hardware.

--Rob
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Mikrotik routers in HA environments

[Joseph Goldman]

Full table import is 2-5minutes.

Route table lookups, depends. If you are going for an actual route entry 
i.e. 1.2.3.0/24, it can be very quick, or even 'All routes in 
1.2.0.0/18' for instance and list anything within that route.


If you want to do show me best route for 1.2.3.4, its still very slow 
(to the point I dont use it in troubleshooting personally, just start at 
the /16 and filter down myself with the quicker lookups)


These are things reported to be better in the infamous RouterOS v7 
(Coming Soon(tm))


On 26/06/18 12:08, Brad Evans wrote:


Hey Cameron,

How long does it take to load full tables and also how do you find the 
speed of doing routing table lookups from the CLI?


Last time we investigated this, both of the above were painfully slow 
when taking full tables.


-Brad

*From:*AusNOG [mailto:ausnog-boun...@lists.ausnog.net] *On Behalf Of 
*Cameron Murray

*Sent:* Tuesday, 26 June 2018 12:05
*To:* darren.m...@cloud365.com.au
*Cc:*  
*Subject:* Re: [AusNOG] Mikrotik routers in HA environments

Hi Darren,

We use the CCR1072's with VRRP and have not skipped a beat in the last 
372 days they have been online & installed.


We also run BGP + OSPF on both devices without issue holding 600,000+ 
routes.


Cheers

Cameron

On Tue, Jun 26, 2018 at 11:58 AM Darren Moss 
mailto:darren.m...@cloud365.com.au>> wrote:


Hi All,

We are about to deploy a new location, which we normally do with
our SOE around Cisco router kit (2 of them for redundancy).

I was talking with another DC customer and they swear by Mikrotik
router gear over Cisco.

I’ve played with Mikrotik in a domestic/home fibre connection
scenario, but not in a DC environment.

What’s the consensus from others?

Can a pair of Mikrotik routers be configured for a **reliable** HA
scenario ?

Happy to chat offlist or share if this is of interest to others.

Cheers

Darren.

___
AusNOG mailing list
AusNOG@lists.ausnog.net 
http://lists.ausnog.net/mailman/listinfo/ausnog



___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Mikrotik routers in HA environments

[Brad Evans]

Hey Cameron,

How long does it take to load full tables and also how do you find the speed of 
doing routing table lookups from the CLI?

Last time we investigated this, both of the above were painfully slow when 
taking full tables.

-Brad



From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of Cameron 
Murray
Sent: Tuesday, 26 June 2018 12:05
To: darren.m...@cloud365.com.au
Cc:  
Subject: Re: [AusNOG] Mikrotik routers in HA environments

Hi Darren,

We use the CCR1072's with VRRP and have not skipped a beat in the last 372 days 
they have been online & installed.

We also run BGP + OSPF on both devices without issue holding 600,000+ routes.

Cheers

Cameron

On Tue, Jun 26, 2018 at 11:58 AM Darren Moss 
mailto:darren.m...@cloud365.com.au>> wrote:
Hi All,

We are about to deploy a new location, which we normally do with our SOE around 
Cisco router kit (2 of them for redundancy).

I was talking with another DC customer and they swear by Mikrotik router gear 
over Cisco.

I’ve played with Mikrotik in a domestic/home fibre connection scenario, but not 
in a DC environment.

What’s the consensus from others?

Can a pair of Mikrotik routers be configured for a *reliable* HA scenario ?

Happy to chat offlist or share if this is of interest to others.

Cheers


Darren.
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Mikrotik routers in HA environments

[Joseph Goldman]

>if you do go down this path, note that the CCR1036s are single PSU.

They do have dual power headers on the board though, so you can rip out 
the single PSU and build your own PSU for dual power. I run 2x CCR1036's 
at a site, with a 1RU box with 4 PSU's in it, 2 fed by A power, 2 fed by 
B power, and one of each going to each router. Bit of a muck around and 
takes up an extra 1RU but you can fit 3 or more 1036's in the cost of a 
single 1072 so it can be a good cost/benefit thing.


On 26/06/18 12:03, andrew khoo wrote:


we have deployed Mikrotiks in the field as PPPoE and LNS termination 
devices. they have been reliable for us.



however, we only use them for single purpose. no MPLS. no OSPF. no 
BGP. simple default routes.



i have seen people deploy them running all sort of functionality etc 
and anecdoctally those tend to melt down more often.



if you do go down this path, note that the CCR1036s are single PSU. 
the CCR1072 would be the more ideal choice (If loaded), but then you 
are close enough in the ballpark to the lower-end of the more 
established router purveyors.







On June 26, 2018 at 11:57 AM, Darren Moss (darren.m...@cloud365.com.au 
) wrote:




Hi All,


We are about to deploy a new location, which we normally do with our 
SOE around Cisco router kit (2 of them for redundancy).



I was talking with another DC customer and they swear by Mikrotik 
router gear over Cisco.



I’ve played with Mikrotik in a domestic/home fibre connection 
scenario, but not in a DC environment.



What’s the consensus from others?


Can a pair of Mikrotik routers be configured for a **reliable** HA 
scenario ?



Happy to chat offlist or share if this is of interest to others.


Cheers



Darren.

___
AusNOG mailing list
AusNOG@lists.ausnog.net 
http://lists.ausnog.net/mailman/listinfo/ausnog




___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog


___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Mikrotik routers in HA environments

[Cameron Murray]

Hi Darren,

We use the CCR1072's with VRRP and have not skipped a beat in the last 372
days they have been online & installed.

We also run BGP + OSPF on both devices without issue holding 600,000+
routes.

Cheers

Cameron

On Tue, Jun 26, 2018 at 11:58 AM Darren Moss 
wrote:

> Hi All,
>
>
>
> We are about to deploy a new location, which we normally do with our SOE
> around Cisco router kit (2 of them for redundancy).
>
>
>
> I was talking with another DC customer and they swear by Mikrotik router
> gear over Cisco.
>
>
>
> I’ve played with Mikrotik in a domestic/home fibre connection scenario,
> but not in a DC environment.
>
>
>
> What’s the consensus from others?
>
>
>
> Can a pair of Mikrotik routers be configured for a **reliable** HA
> scenario ?
>
>
>
> Happy to chat offlist or share if this is of interest to others.
>
>
>
> Cheers
>
>
>
>
>
> Darren.
> ___
> AusNOG mailing list
> AusNOG@lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Mikrotik routers in HA environments

[andrew khoo]

we have deployed Mikrotiks in the field as PPPoE and LNS
termination devices. they have been reliable for us.

however, we only use them for single purpose. no MPLS. no OSPF.
no BGP. simple default routes.

i have seen people deploy them running all sort of functionality
etc and anecdoctally those tend to melt down more often.

if you do go down this path, note that the CCR1036s are single
PSU. the CCR1072 would be the more ideal choice (If loaded), but
then you are close enough in the ballpark to the lower-end of the
more established router purveyors.







On June 26, 2018 at 11:57 AM, Darren Moss
(darren.m...@cloud365.com.au) wrote:

Hi All,

We are about to deploy a new location, which we normally do with
our SOE around Cisco router kit (2 of them for redundancy).

I was talking with another DC customer and they swear by Mikrotik
router gear over Cisco.

I’ve played with Mikrotik in a domestic/home fibre connection
scenario, but not in a DC environment.

What’s the consensus from others?

Can a pair of Mikrotik routers be configured for a *reliable* HA
scenario ?

Happy to chat offlist or share if this is of interest to others.

Cheers


Darren.
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

[AusNOG] Mikrotik routers in HA environments

[Darren Moss]

Hi All,

We are about to deploy a new location, which we normally do with our SOE around 
Cisco router kit (2 of them for redundancy).

I was talking with another DC customer and they swear by Mikrotik router gear 
over Cisco.

I've played with Mikrotik in a domestic/home fibre connection scenario, but not 
in a DC environment.

What's the consensus from others?

Can a pair of Mikrotik routers be configured for a *reliable* HA scenario ?

Happy to chat offlist or share if this is of interest to others.

Cheers


Darren.
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

Re: [AusNOG] Potential Optus outage

[Philip Loenneker]

Thanks everyone who confirmed it wasn't just us impacted.

For those interested, outage time for us was approximately 15:21 to 16:17.

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 1300 792 711
philip.loenne...@tasmanet.com.au
www.tasmanet.com.au

From: Michael Junek [mailto:mich...@juneks.com.au]
Sent: Monday, 25 June 2018 4:31 PM
To: Philip Loenneker ; ausnog@lists.ausnog.net
Subject: Re: Potential Optus outage


I've noticed a private Optus WAN links between our Melbourne DC and one of our 
customers dropped to 0% utilisation, with the Sydney peer taking all the 
traffic.

The client has had other connections of theirs on Optus also having issues.



M.










From: AusNOG 
mailto:ausnog-boun...@lists.ausnog.net>> on 
behalf of Philip Loenneker 
mailto:philip.loenne...@tasmanet.com.au>>
Sent: Monday, 25 June 2018 16:24
To: Philip Loenneker; ausnog@lists.ausnog.net
Subject: Re: [AusNOG] Potential Optus outage

BGP peers have now re-established, but traffic flows seem a little intermittent 
still. A colleague on Optus mobile had 4G issues as well.

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 1300 792 711
philip.loenne...@tasmanet.com.au
www.tasmanet.com.au

From: AusNOG [mailto:ausnog-boun...@lists.ausnog.net] On Behalf Of Philip 
Loenneker
Sent: Monday, 25 June 2018 4:08 PM
To: ausnog@lists.ausnog.net
Subject: [AusNOG] Potential Optus outage

Hi all,

We're having issues with an Optus 1G service terminating in a Melbourne DC.

3:24 was the first reported issue, and we currently have no traffic being 
received on the port. I've tried calling the Optus service desk a few times and 
keep having the call drop.

Optus Status pages show no issue.

We have other services so it's not crippling us or anything.

Anyone else having any issues with Optus this afternoon?

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 1300 792 711
philip.loenne...@tasmanet.com.au
www.tasmanet.com.au

___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

[AusNOG] Any Skymesh IPv6 engineers on this list?

[Jen Linkova]

Hello,

I'm looking for any Skymesh person who would care about their IPv6
deployment - it looks like smth weird is going on and I'd like to talk
to them off-list.
Their first like support does not seem to be very useful.

Thanks!

-- 
SY, Jen Linkova aka Furry
___
AusNOG mailing list
AusNOG@lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog