Failover

Failover routes are manually configured routes, but they only install to the routing table if the health-check target is alive. If the target is not alive the route is removed from the routing table until the target becomes available.

Failover Routes

set protocols failover route <subnet> next-hop <address> check target <target-address>

Configure next-hop <address> and <target-address> for an IPv4 static route. Specify the target IPv4 address for health checking.

set protocols failover route <subnet> next-hop <address> check timeout <timeout>

Timeout in seconds between health target checks.

Range is 1 to 300, default is 10.

set protocols failover route <subnet> next-hop <address> check type <protocol>

Defines protocols for checking ARP, ICMP, TCP

Default is icmp.

set protocols failover route <subnet> next-hop <address> check policy <policy>

Policy for checking targets

  • all-available all checking target addresses must be available to pass this check

  • any-available any of the checking target addresses must be available to pass this check

    Default is any-available.

set protocols failover route <subnet> next-hop <address> interface <interface>

Next-hop interface for the route

set protocols failover route <subnet> next-hop <address> metric <metric>

Route metric

Default 1.

Example

One gateway:

set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check target '192.0.2.1'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check timeout '5'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check type 'icmp'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 interface 'eth0'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 metric '10'

Show the route

vyos@vyos:~$ show ip route 203.0.113.1
  Routing entry for 203.0.113.1/32
  Known via "kernel", distance 0, metric 10, best
  Last update 00:00:39 ago
  * 192.0.2.1, via eth0

Two gateways and different metrics:

set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check target '192.0.2.1'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check timeout '5'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 check type 'icmp'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 interface 'eth0'
set protocols failover route 203.0.113.1/32 next-hop 192.0.2.1 metric '10'

set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 check target '198.51.100.99'
set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 check timeout '5'
set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 check type 'icmp'
set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 interface 'eth2'
set protocols failover route 203.0.113.1/32 next-hop 198.51.100.1 metric '20'

Show the route

vyos@vyos:~$ show ip route 203.0.113.1
Routing entry for 203.0.113.1/32
  Known via "kernel", distance 0, metric 10, best
  Last update 00:08:06 ago
  * 192.0.2.1, via eth0

Routing entry for 203.0.113.1/32
  Known via "kernel", distance 0, metric 20
  Last update 00:08:14 ago
  * 198.51.100.1, via eth2