Hi
i have made a failover at my mikrotik RB750Gr3. It works well but i want to improve it. After i plug the main connection its up in few seconds. I want to do a script which will ping for example 8.8.8.8 for 10 minutes and if packet send are same like received then ip/route should change for main connection. Any idea how to do that?
You can simplify using netwatch instead scripting
Here the router will be pinging 8.8.8.8 and when it fail will shutdown the route with comment=wan1
Play a little bit and tell me
Actually i have working failover but when 8.8.8.8 is UP through main gateway its up in few seconds. I need to be sure that main connection is stable thats why i want to ping it for 10 mins before main connection gets all of traffic
How ? You play with distance in /ip/route ?
theres my configuration
netwatch
add down-script=“/system script run e-down\r
\ndelay 10\r
\n/ip firewall nat disable 0\r
\ndelay 1\r
\n/ip firewall nat enable 1\r
\ndelay 1” host=8.8.8.8 interval=20s timeout=300ms up-script=“/system script
_run e-up\r
\ndelay 10\r
\n/ip firewall nat disable 1\r
\ndelay 1\r
\n/ip firewall nat enable 0\r
\ndelay 0\r
\n”
firewall
add action=accept chain=input comment=“defconf: accept ICMP” protocol=icmp
add action=accept chain=input comment=“defconf: accept established,related”
connection-state=established,related
add action=fasttrack-connection chain=forward comment=“defconf: fasttrack”
connection-state=established,related
add action=accept chain=forward comment=“defconf: accept established,related”
connection-state=established,related
add action=drop chain=forward comment=“defconf: drop invalid” connection-state=
invalid
add action=drop chain=output dst-address=8.8.8.8 log=yes protocol=icmp
src-address=!85.14.96.94
add action=accept chain=output
/ip firewall nat
add action=masquerade chain=srcnat out-interface=InterfaceISP2
add action=masquerade chain=srcnat disabled=yes out-interface=InterfaceISP1
system script
add name=e-up owner=admin policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=“/ip
_route set [find dst-address="0.0.0.0/0"] gateway=85.14.96.93\r
\n/ ip firewall connection {remove [find]}”
add name=e-down owner=admin policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=“/ip
_route set [find dst-address="0.0.0.0/0"] gateway=192.168.20.1\r
\n/ ip firewall connection {remove [find]}”
add name=remove owner=admin policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=
“/ ip firewall connection {remove [find]}”
Holy cow, that looks incredibly complex to me.
First of all, I’m assuming (you failed to clarify) you have a main connection and a backup and that you run ALL traffic through your main unless it fails.
If this is the case: add two default routes 0.0.0.0/0 with distance 1 and 2. Set gateway of your main and backup connections respectively and enable check gateway. If ping fails, failover will be automatic. No need to enable or disable firewall rules at all!
Now, if you want additional insurance, schedule a script that invokes the netwatch tool. On down, just disable the interface for your main connection and again, failover will be automatic.
Hi
i have made a failover pppoe and 3g with distance
I am using the 3G USB Dongle (PPP) as a backup line, in the event the main ADSL (PPPOE) fails.
add dst-address=0.0.0.0/0 gateway=PPPOE distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=PPP distance=2
i appreciate if someone can publicate a script that send a mail to “mail@example” when the ppoe goes down