Mikrotik: automatic channel switching to backup and back
Write this post I was prompted by the situation with the disconnection of one of the Internet channels.
In the Internet itself, there are many answers on this question, but not everyone is a worker.
What I wanted to do if the main channel of the Internet is turned off:
1. Switch to the backup channel (after the "appearance", of course, return to the main one);
2. Send an email notification of the status change.
Who cares, I ask under the cat.
We are given:
- Mikrotik RB450G with firmware version 5.19;
- 2 Internet ports, one of which uses a PPPoE connection to connect.
')
First, add 2 scripts, one of which will switch to the backup channel, and the second will return the connection to the first one.
We create the first script that will activate the backup channel and call it " change-to-reserv " and contain the code:
(Note: IP address 1.1.1.1 is chosen as an example and symbolizes the backup channel)
That is, when detecting the absence of ping to the server (more on this later), we will turn off the route with the gateway pointing to " pppoe-main ".
PS: After the comment erazel, this scheme was improved, namely, the earlier script switched between two routes that failed, namely, if you run the command from the computer, for example, ping google.com -t , then when you change the route, the ping will go to the old interface, because the translation has not been updated. In the proposed method of changing only the gateway, translation cleaning is not required.
The next line in the same script will indicate:
Where:
/ tool e-mail send - send a notification to the administrator’s email about the status change
server = 192.168.1.1 - SMTP server. Since we use our own, I point it out;
port = 25 - in the version of RouterOS 5.x, the port is specified separately. In our case, it is by default 25;
user=robot@mysite.ru - user login for authorization on the SMTP server (if required);
password = 1PaSsW0rD1 - specify the password (if required);
tls = no - TLS traffic encryption. We don’t, put “no”, and if it will be - “yes”;
to=admin@mysite.ru - to which email address the notification will be sent ;
from = “ROBOT <robot@mysite.ru>” - from whom the notification will come (in my case it is the authorization login. In brackets indicate the sender's address, and the name displayed in the incoming mail);
subject = "MikroTik: $ [/ system clock get date], $ [/ system clock get time]" - specify the message header. In this case, it will look like “MikroTik: jul / 30/2014, 10:52:13” (date and time of sending the message);
body = "Switch to backup channel \ nDate: $ [/ system clock get date] \ nATime: $ [/ system clock get time]"; - accordingly, the message body itself, which will look like:
As a result, our script will look like (RouterOS 5.19):
And for RouterOS 6.17:
As I wrote above, save it under the name " change-to-reserv " and proceed to writing the second script:
Unlike the first script, in the body of the sent email-message, we will indicate “Switching to the main channel” and enable the previously disabled route.
Save our script as " change-to-main ".
Since the memory of Mikrotik is not rubber, we optimize our script for the task at hand.
To do this, we need to use the Netwatch utility, which works as a trigger. That is, if the connection status changes, then the status will change with the execution of the scripts we need.
In Netwatch we will add a new rule, where we specify the host 8.8.8.8 and the script names in the “Up” tabs - “change-to-main” and “change-to-reserv” in the “Down” tab , respectively.
You should also indicate the period of the status check. We have 1 minute .
This is followed by the final step - route forwarding. If this is not done, the script will trigger to switch to the backup channel and remain in this position. The reverse transition will be possible if the backup channel “falls”.
In general, we add a route with the following data:
Dst. Address = 8.8.8.8 // Specify that we will ping Google’s DNS server (for me it’s not critical, I’ll point it out);
Gateway = pppoe-main // That is the PPPoE connection to the main channel
Distance = 1
The remaining parameters are left as is.
Everything!
From now on, the principle of operation is as follows:
Netwatch through the main channel will check the ping to the Google DNS server. As soon as the ping disappears, the " change-to-reserv " script specified on the " Down " tab is executed . This script will disable the main route (PPPoE) and all packets will go through the backup channel. As soon as the ping on the main channel resumes, the script re-activates the route of the main channel (the Distance parameter is, of course, “ 1 ”, and the backup parameter is “ 2 ”). At the same time notifications will be sent to the email-address about the facts of the state change.
Profit!
ATTENTION!!! For scripts running under RouterOS 6.17, you need to make changes to the script for sending an email address, namely, to remove the " tls = " parameter.
That is, our code (for example, to switch to the backup channel) will look like:
UPDATED: Changed routes in scripts
UPDATED 2: To prevent the email address “robot@mysite.ru” as a sender from being displayed in the incoming mail, the “from” parameter was changed (corrections with comments were made to the code above)
In the Internet itself, there are many answers on this question, but not everyone is a worker.
What I wanted to do if the main channel of the Internet is turned off:
1. Switch to the backup channel (after the "appearance", of course, return to the main one);
2. Send an email notification of the status change.
Who cares, I ask under the cat.
We are given:
- Mikrotik RB450G with firmware version 5.19;
- 2 Internet ports, one of which uses a PPPoE connection to connect.
')
First, add 2 scripts, one of which will switch to the backup channel, and the second will return the connection to the first one.
We create the first script that will activate the backup channel and call it " change-to-reserv " and contain the code:
/ip route set gateway=1.1.1.1 [find dst-address=0.0.0.0/0]; (Note: IP address 1.1.1.1 is chosen as an example and symbolizes the backup channel)
That is, when detecting the absence of ping to the server (more on this later), we will turn off the route with the gateway pointing to " pppoe-main ".
PS: After the comment erazel, this scheme was improved, namely, the earlier script switched between two routes that failed, namely, if you run the command from the computer, for example, ping google.com -t , then when you change the route, the ping will go to the old interface, because the translation has not been updated. In the proposed method of changing only the gateway, translation cleaning is not required.
The next line in the same script will indicate:
/tool e-mail send server=192.168.1.1 port=25 user=robot@mysite.ru password=1PaSsW0rD1 tls=no to=admin@mysite.ru from="ROBOT<robot@mysite.ru>" \ subject="MikroTik: $[/system clock get date], $[/system clock get time]" \ body=" \n: $[/system clock get date]\nA: $[/system clock get time]"; Where:
/ tool e-mail send - send a notification to the administrator’s email about the status change
server = 192.168.1.1 - SMTP server. Since we use our own, I point it out;
port = 25 - in the version of RouterOS 5.x, the port is specified separately. In our case, it is by default 25;
user=robot@mysite.ru - user login for authorization on the SMTP server (if required);
password = 1PaSsW0rD1 - specify the password (if required);
tls = no - TLS traffic encryption. We don’t, put “no”, and if it will be - “yes”;
to=admin@mysite.ru - to which email address the notification will be sent ;
from = “ROBOT <robot@mysite.ru>” - from whom the notification will come (in my case it is the authorization login. In brackets indicate the sender's address, and the name displayed in the incoming mail);
subject = "MikroTik: $ [/ system clock get date], $ [/ system clock get time]" - specify the message header. In this case, it will look like “MikroTik: jul / 30/2014, 10:52:13” (date and time of sending the message);
body = "Switch to backup channel \ nDate: $ [/ system clock get date] \ nATime: $ [/ system clock get time]"; - accordingly, the message body itself, which will look like:
Switching the line to the backup channel
Date: jul / 30/2014
Time: 10:52:13
As a result, our script will look like (RouterOS 5.19):
/ip route set gateway=1.1.1.1 [find dst-address=0.0.0.0/0]; /tool e-mail send server=192.168.1.1 port=25 user=robot@mysite.ru password=1PaSsW0rD1 tls=no to=admin@mysite.ru from="ROBOT<robot@mysite.ru>" \ subject="MikroTik: $[/system clock get date], $[/system clock get time]" \ body=" \n: $[/system clock get date]\nA: $[/system clock get time]"; And for RouterOS 6.17:
/ip route set gateway=1.1.1.1 [find dst-address=0.0.0.0/0]; /tool e-mail send server=192.168.1.1 port=25 user=robot@mysite.ru password=1PaSsW0rD1 to=admin@mysite.ru from="ROBOT<robot@mysite.ru>" \ subject="MikroTik: $[/system clock get date], $[/system clock get time]" \ body=" \n: $[/system clock get date]\nA: $[/system clock get time]"; As I wrote above, save it under the name " change-to-reserv " and proceed to writing the second script:
/ip route set gateway=pppoe-main [find dst-address=0.0.0.0/0]; /tool e-mail send server=192.168.1.1 port=25 user=robot@mysite.ru password=1PaSsW0rD1 tls=no to=admin@mysite.ru from="ROBOT<robot@mysite.ru>" \ subject="MikroTik: $[/system clock get date], $[/system clock get time]" \ body=" \n: $[/system clock get date]\nA: $[/system clock get time]"; Unlike the first script, in the body of the sent email-message, we will indicate “Switching to the main channel” and enable the previously disabled route.
Save our script as " change-to-main ".
Since the memory of Mikrotik is not rubber, we optimize our script for the task at hand.
To do this, we need to use the Netwatch utility, which works as a trigger. That is, if the connection status changes, then the status will change with the execution of the scripts we need.
In Netwatch we will add a new rule, where we specify the host 8.8.8.8 and the script names in the “Up” tabs - “change-to-main” and “change-to-reserv” in the “Down” tab , respectively.
You should also indicate the period of the status check. We have 1 minute .
This is followed by the final step - route forwarding. If this is not done, the script will trigger to switch to the backup channel and remain in this position. The reverse transition will be possible if the backup channel “falls”.
In general, we add a route with the following data:
Dst. Address = 8.8.8.8 // Specify that we will ping Google’s DNS server (for me it’s not critical, I’ll point it out);
Gateway = pppoe-main // That is the PPPoE connection to the main channel
Distance = 1
The remaining parameters are left as is.
Everything!
From now on, the principle of operation is as follows:
Netwatch through the main channel will check the ping to the Google DNS server. As soon as the ping disappears, the " change-to-reserv " script specified on the " Down " tab is executed . This script will disable the main route (PPPoE) and all packets will go through the backup channel. As soon as the ping on the main channel resumes, the script re-activates the route of the main channel (the Distance parameter is, of course, “ 1 ”, and the backup parameter is “ 2 ”). At the same time notifications will be sent to the email-address about the facts of the state change.
Profit!
ATTENTION!!! For scripts running under RouterOS 6.17, you need to make changes to the script for sending an email address, namely, to remove the " tls = " parameter.
That is, our code (for example, to switch to the backup channel) will look like:
/ip route set gateway=1.1.1.1 [find dst-address=0.0.0.0/0]; /tool e-mail send server=192.168.1.1 port=25 user=robot@mysite.ru password=1PaSsW0rD1 to=admin@mysite.ru from="ROBOT<robot@mysite.ru>" \ subject="MikroTik: $[/system clock get date], $[/system clock get time]" \ body=" \n: $[/system clock get date]\nA: $[/system clock get time]"; UPDATED: Changed routes in scripts
UPDATED 2: To prevent the email address “robot@mysite.ru” as a sender from being displayed in the incoming mail, the “from” parameter was changed (corrections with comments were made to the code above)
Source: https://habr.com/ru/post/231565/
All Articles