Script for Load Balance with multiple LANs and with different WAN preference

samuelhanauer · Thu Jan 18, 2024 5:52 am

Hello everyone, everything good? Initially, I am using Google Translate for this topic. My native language is PT-BR.

I would like help, I developed and tried to create a script to generate high availability for a client, however, it has not been working correctly. Let's go:

2WAN:
* 1 Public PPPoE on the PPPoE_OSI interface
* 1 Public Static IP type /30 on the WAN_VET interface

Different LAN's with VLAN with the following network preferences:

ACADEMICA Network (10.0.0.0/22): Preference for "WAN_VET" (Primary), "PPPoE_OSI" (Secondary).
LAN Network (192.168.0.0/24): Preference for "WAN_VET" (Primary), "PPPoE_OSI" (Secondary).
GUEST Network (192.168.2.0/24): Preference for "PPPoE_OSI" (Primary), "WAN_VET" (Secondary).
RAMAIS_IP network (192.168.5.0/24): Preference for "PPPoE_OSI" (Primary), "WAN_VET" (Secondary).
MOBILE Network (192.168.10.0/24): Preference for "PPPoE_OSI" (Primary), "WAN_VET" (Secondary).
GERENCIA Network (192.168.20.0/24): Preference for "WAN_VET" (Primary), "PPPoE_OSI" (Secondary).

I'm managing the output/Route by /routing rules:

/routing rule
add action=lookup comment="ROTA TESTE LINK VET" disabled=no src-address=192.168.255.255/32 table=TESTA_VET
add action=lookup comment="ROTA TESTE LINK OSI" disabled=no src-address=192.168.244.244/32 table=TESTA_OSI
add action=lookup comment="LAN ROUTE" disabled=no src-address=192.168.0.0/24 table=VET_OSI
add action=lookup comment="ROTA ACADEMICA" disabled=no src-address=10.0.0.0/22 table=VET_OSI
add action=lookup comment="GUEST ROUTE" disabled=no src-address=192.168.2.0/24 table=OSI_VET
add action=lookup comment="ROTA RAMAIS" disabled=no src-address=192.168.5.0/24 table=OSI_VET
add action=lookup comment="ROTA MOBILE" disabled=no src-address=192.168.10.0/24 table=OSI_VET
add action=lookup comment="ROTA GERENCIA" disabled=no src-address=192.168.20.0/24 table=VET_OSI

I created two IP's on top of a bridge for each one to have a preferred outbound route through a different ISP based on /routing rule

These are the IPs:

192.168.255.255 routed to ISP VET
192.168.244.244 with route to ISP PPPoE_OSI

This way, the routes and failover have worked correctly manually.

/ip route
add comment="ROTA TESTES LINK" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=PPPoE_OSI pref-src="" routing-table=TESTA_OSI scope=30 suppress-hw-offload=no target-scope=10
add comment="ROTA TESTES LINK" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=123.123.123.123%1-WAN_VET pref-src="" routing-table=TESTA_VET scope=30 suppress-hw-offload=no target-scope=10
add comment="PRIMARIO OSI_VET" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=PPPoE_OSI pref-src="" routing-table=OSI_VET scope=30 suppress-hw-offload=no target-scope=10
add comment="PRIMARIO VET_OSI" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=123.123.123.123%1-WAN_VET pref-src="" routing-table=VET_OSI scope=30 suppress-hw-offload=no target-scope=10
add comment="SECUNDARIO VET_OSI" disabled=no distance=6 dst-address=0.0.0.0/0 gateway=PPPoE_OSI pref-src="" routing-table=VET_OSI scope=30 suppress-hw-offload=no target-scope=10
add comment="SECUNDARIO OSI_VET" disabled=no distance=6 dst-address=0.0.0.0/0 gateway=123.123.123.123%1-WAN_VET pref-src="" routing-table=OSI_VET scope=30 suppress-hw-offload=no target-scope=10
add disabled=yes distance=10 dst-address=0.0.0.0/0 gateway=PPPoE_OSI pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10

I don't want to use a rule in netwatch, as it only allows one host to be monitored at a time. I created a script to monitor 3 hosts "8.8.8.8, 1.1.1.1, 208.67.222.222", if there is a failure on all 3, you must make the change and deactivate the corresponding route in /ip route.
However, my script has not been working correctly.

# Configuracao de variaveis
:local primaryWAN "123.123.123.123%1-WAN_VET"
:local backupWAN "PPPoE_OSI"
:local pingTarget1 "8.8.8.8" 
:local pingTarget2 "1.1.1.1"
:local pingTarget3 "208.67.222.222" 
:local internalPingSrcWANVET "192.168.255.255"
:local internalPingSrcPPPoE "192.168.244.244"
:local pingCount 3
:local pingInterval 1s
:local maxFailures 2

# Funcao para verificar conectividade ICMP para WAN_VET
:global checkConnectivityWANVET do={
  :local result1 [/ping $pingTarget1 count=$pingCount interval=$pingInterval src-address=$internalPingSrcWANVET]
  :local result2 [/ping $pingTarget2 count=$pingCount interval=$pingInterval src-address=$internalPingSrcWANVET]
  :local result3 [/ping $pingTarget3 count=$pingCount interval=$pingInterval src-address=$internalPingSrcWANVET]
  :if ([:len $result1] >= $pingCount && [:len $result2] >= $pingCount && [:len $result3] >= $pingCount) do={
    :return true
  } else={
    :return false
  }
}

# Funcao para verificar conectividade ICMP para PPPoE_OSI
:global checkConnectivityPPPoE do={
  :local result1 [/ping $pingTarget1 count=$pingCount interval=$pingInterval src-address=$internalPingSrcPPPoE]
  :local result2 [/ping $pingTarget2 count=$pingCount interval=$pingInterval src-address=$internalPingSrcPPPoE]
  :local result3 [/ping $pingTarget3 count=$pingCount interval=$pingInterval src-address=$internalPingSrcPPPoE]
  :if ([:len $result1] >= $pingCount && [:len $result2] >= $pingCount && [:len $result3] >= $pingCount) do={
    :return true
  } else={
    :return false
  }
}

# Funcao para ativar/desativar rotas com base na conectividade
:global adjustRoutes do={
  :local connectivityStatusWANVET ($checkConnectivityWANVET)
  :local connectivityStatusPPPoE ($checkConnectivityPPPoE)
  :local primaryRouteStatusVET [ /ip route get [ find where dst-address=0.0.0.0/0 and gateway=$primaryWAN and routing-mark="VET_OSI" ] disabled ]
  :local backupRouteStatusVET [ /ip route get [ find where dst-address=0.0.0.0/0 and gateway=$backupWAN and routing-mark="VET_OSI" ] disabled ]
  :local primaryRouteStatusOSI [ /ip route get [ find where dst-address=0.0.0.0/0 and gateway=$primaryWAN and routing-mark="OSI_VET" ] disabled ]
  :local backupRouteStatusOSI [ /ip route get [ find where dst-address=0.0.0.0/0 and gateway=$backupWAN and routing-mark="OSI_VET" ] disabled ]

  # Ajustes para VET_OSI
  :if ($primaryRouteStatusVET) do={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$primaryWAN and routing-mark="VET_OSI" ] disabled=no
  } else={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$primaryWAN and routing-mark="VET_OSI" ] disabled=yes
  }
  :if ($backupRouteStatusVET) do={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$backupWAN and routing-mark="VET_OSI" ] disabled=no
  } else={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$backupWAN and routing-mark="VET_OSI" ] disabled=yes
  }

  # Ajustes para OSI_VET
  :if ($primaryRouteStatusOSI) do={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$primaryWAN and routing-mark="OSI_VET" ] disabled=no
  } else={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$primaryWAN and routing-mark="OSI_VET" ] disabled=yes
  }
  :if ($backupRouteStatusOSI) do={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$backupWAN and routing-mark="OSI_VET" ] disabled=no
  } else={
    /ip route set [ find where dst-address=0.0.0.0/0 and gateway=$backupWAN and routing-mark="OSI_VET" ] disabled=yes
  }
}

# Verifica e ajusta rotas no inicio do script
($adjustRoutes)

# Aguarde 45 segundos antes de comecar o loop do agendador
:delay 45s

# Monitoramento e ajuste de rotas
:if ($checkConnectivityWANVET || $checkConnectivityPPPoE) do={
  :global failureCount 0
} else={
  :global failureCount ($failureCount + 1)
  :if ($failureCount >= $maxFailures) do={
    # Se o numero maximo de falhas for atingido, ajusta as rotas
    ($adjustRoutes)
    :log info "Fail-over ativado: Alterando rotas para garantir conectividade."
    :set failureCount 0
  }
}

Script for Load Balance with multiple LANs and with different WAN preference

Script for Load Balance with multiple LANs and with different WAN preference

Who is online