Two VRRP problem

  • Hello all,

    I have HQ site and remote site, both site between connecting OSPF with 4 routers, two routers on HQ site and another two routers on remote site, OSPF is for redundancy, because one line is 4MB and one line is 10MB, HQ site also have two LAN and that connected two LAN ports, we want route to 4MB line and route to 10MB line.

    We are trying to create two VRRP in two routers on HQ site, pfSense created another port called remote site port to connect two VRRP, VRRP1 and VRRP2, VRRP1 will route to 4MB line and VRRP2 will route to 10MB line, but we tried only can route to 4MB line, but can't route to 10MB line.

    We have tested one PC connected in remote site port subnet, this PC GW is that can route to 10MB line, also we tried Firewall Rules with GW on LAN still not working.

    Please can someone help?


  • @leiw Please post a network diagram and relevant ip addresses and configuration.

  • This post is deleted!

  • @netblues Please see below network diagram, thanks.

    alt text

  • I know how to do it, first remove default gateway VRRP (this will route to 10MB line) in Remote Site Lan (192.1682.254/24), and then add Firewall Rules with default gateway on LAN1, also add Firewall Rules with default gateway on LAN2.

  • In hq are you sure you have two lans? They overlapp. (/16) and are rather big.
    Yes, you can send specific traffic to specific gw with policy routing.
    As for the return packets, at remote site lan you also need to have some policy routing so packets return the same way.
    You can do it at the ospf level, but it is starting to get complicated.

    I would eliminate ospf altogheter, direct connect two pf at sites and do assymetric load balance for the two links.

Log in to reply