Here is a script & netwatch to auto reboot if/when you can’t ping something

NOTES
:
Do this at your own risk.
I am not responsible for anything you do that breaks your nework.

Notes about this set of scripts :
** I have tested this on Mikrotik ROS version 7.18.2 ( I have not tested this on anything older than 7.18.2 )

There are two parts to this set of scripts

• a /system script
• a /tool netwatch script
  — You will need and use both of them for this to work properly

Instructions ; modify the following for your environment in the tool-netwatch section:

• addresstoping 192.0.2.254 ( globally change all 192.0.2.254 to be an IP address you want to check in/on your network
• maxcounter 120 ( optional - change this for how may test pings will fail b4 you want a reboot )
• sleepseconds 5 ( optional - how long to wait during ping failure to send additional test pings )
  ( Note - total seconds for an auto reboot when something does not ping is ((( maxcounter * sleepseconds ))) - in this case 120-seconds times 5-seconds = 600-seconds -aka- 10-minutes ).
  I keep the reboot delay long enough so that nothing happens when you are upgrading a man-in-the-middle device and allows upgrades & reboots .
• Optional – you can modify what these scripts put in your log , just look for lines that begin with → log error or log warning

Logs in Blue are good things
Logs in Red are bad things

– Now to put in this set of scripts
Open a telnet or ssh or winbox terminal ( you want to be in the CLI ). Then just copy and paste


/system script
add dont-require-permissions=yes name=RebootScript owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=“/system reboot\r
\n/system reboot\r
\n#”
add dont-require-permissions=yes name=NetwatchRebootedLog owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=“/file print file=flash/NetwatchRebootedLog\r
\n/file set NetwatchRebootedLog.txt contents="NetwatchRebootedLog.txt - Check the date this file was created to find the list Netwatch performed a reboot"”
add dont-require-permissions=yes name=all-reset-mac-address owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=“foreach i in=([/interface ethernet find]) do={\r
\nlocal cmd ("/interface ethernet reset-mac-address " . $i)\r
\n:execute $cmd\r
\n}”

/tool netwatch
add comment=“If-Can’t-Ping-192.0.2.254-then-reboot” disabled=no down-script=“# 2025-04-17-0830\r
\n:local addresstoping 192.0.2.254\r
\n:local continue true\r
\n:local counter 0\r
\n:local maxcounter 120\r
\n:local sleepseconds 5\r
\n:local goodpings 0\r
\n#\r
\n:log error "* DOWN - NetWatch -----> Ping testing for $maxcounter times every $sleepseconds seconds"\r
\n#\r
\n:while ($continue) do={\r
\n:set counter ($counter + 1)\r
\n:delay $sleepseconds\r
\n#\r
\n:if ([/ping $addresstoping interval=1 count=1] =0) do={\r
\n:log error "* DOWN - NetWatch - NotConnected ----->ping to $addresstoping failed on attempt $counter of $maxcounter – Will try again in $sleepseconds seconds"\r
\n} else {\r
\n:log warning "* RECOVERED - NetWatch - Connected -----> ping success on to $addresstoping attempt $counter of $maxcounter <----- No Further testing needed — Program will exit -----"\r
\n/quit\r
\n/break;\r
\n/break\r
\n#exit\r
\nquit\r
\n#end\r
\n:set continue false\r
\n:set goodpings ($goodpings +1)\r
\n}\r
\n:if ($counter=$maxcounter) do={:set continue false;}\r
\n}\r
\n#\r
\n:log error "* DOWN - NetWatch - I need to Reboot - I will attempt a → /system script run RebootScript — executing reboot script in 10 seconds"\r
\n:delay 10\r
\n/system script run RebootScript\r
\n:delay 10\r
\n:log error "* DOWN - NetWatch - I need to Reboot - I will attempt a → /system reboot — executing reboot script in 10 seconds"\r
\n:delay 10\r
\n/system reboot\r
\n:delay 10\r
\n:log error "* DOWN - NetWatch - WARNING - FAILURE - Netwatch should of rebooted this Mikrotik ****"\r
\n:delay 10\r
\nexit\r
\nquit\r
\nend\r
\n#\r
\n" host=192.0.2.254 http-codes=“” interval=1m name=“If-Can’t-Ping-192.0.2.254-then-reboot” start-delay=1m30s startup-delay=1m30s test-script=“” type=icmp up-script=":log warning " UP - Netwatch WatchDog Ping Check to 192.0.2.254 then reboot if necessary is now Loaded & Running *"”

** If you try or use this - please post a comment and any suggestions

Hmm , anybody notice the second script ( a goodie ). It will reset the mac address on your ethernet faces back to hardware-default. It’s a nice tool script for when you have restored a mikrotik backup made on one mikrotik to a different mikrotik.


North Idaho Tom Jones

Doesn’t

/system/watchdog

do the same thing?

From what I understand watchdog has less tweakable options, the number of failed pings that trigger the function is fixed as 6, while you can set ping-delay (i.e. the time interval in which the check is run) and the ping-timeout (i.e. the global time for the fixed 6 pings).
While it probably works just fine in (say) 99% of cases, there is always the 1% that may need a more tailored solution.

providing scripts in this way, is really a bad way and should not be trusted (but I don’t question the author of the OP)

dont-require-permissions=yes […] policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon
assigning ALL permissions to a script, especially if “pasted” from an internet post, is always a bad idea.

/system reboot
/system reboot

why write it twice, and then with the # at the end?

/file print file=flash/NetwatchRebootedLog
not all RouterBOARDs have flash, so the script is not universal and does not work correctly (for 50% of the devices?)
Ignoring flash, also missing “…” and file extension, like /file print file=“flash/NetwatchRebootedLog.txt”
However the script is not used.

foreach i in=([/interface ethernet find]) do={
local cmd ("/interface ethernet reset-mac-address " . $i)
:execute $cmd
}
why not simply
/interface ethernet reset-mac-address [find]
???
However, MAC addresses are not used exclusively by real Ethernet interfaces, but by bridges, virtual interfaces, and everything else,
including WiFi (which, if I’m not mistaken, can also be reset from 7.18)

/quit
/break;
/break
#exit
quit
#end
[…]
exit
quit
end

eh???..

Re the reboot script when things don’t ping.

First , I am not a programmer. ( I used to be really good with some advanced multi-user multi-tasking BASIC programming back in the 1970s ). When it comes to scripting these days , it takes me dozens/hundreds of failures to get something working.

I welcome others ( including rextended ) to post fixes and better script code that achieves the same thing. And please add some documentation and install/configuration instructions.

As for for me , here are some reasons I use this script.

• All/most customer CPE devices , when a customer looses a link to my ISP , I have better logs ( up/down ) and the customer CPE will reboot if needed.
• I use this on both ends of my wireless WDS point-to-point links.
• The IP address 192.0.2.254 is a non-Internet IP address. I have a 192.0.2.254 pingable address at my core network in my NOC. All of my customer devices test to 192.0.2.254 to verify all my customer networks can reach my ISP networks. Every Mikrotik I manage , even customer CPEs test to my core network.
• I have some devices that test to multiple IP addresses.
• Somewhere around here , I have a related script that tests to multiple IP addresses , and if all of them are down ( or a percent of them are down ) , then take an action such as bounce an interface or change a route or some other action.
• I like my blue/red log lines , quick to locate in the logs without reading hundreds/thousands of black only log lines.

And something also I like about this netwatch script —
Go into tools - netwatch ; right click to show-columns ; select everything RTT , done tests, failed tests , sent count , and related info.
You can get a pretty decent idea how the link to the device is performing.