Hiring to write small script

coopertown · January 25, 2018, 7:48am

Small company / startup… decided to go with Mikrotik due to reliable hardware and economics. Hired extra help who claimed to be knowledgeable with MIkrotik who did good work, however, had an emergency and now we have a deadline to launch the network in two days, but are missing the last piece which was suppose to be delivered:

3 tunnel L2TP/IPSEC-client failover script:
Brief Overview:

WAN failovers set up via Netwatch which is a mixture of fiber cable (2 lines) and LTE (1 line)
L2TP/IPSEC-client failover layer is missing which suppose to entail:
a) every time system switches WAN line all 3 tunnels need to be enabled and whichever get the fastest ping and establishes the tunnel stays, the other 2 get disabled
b) enabled tunnel gets pinged every 15 seconds to make sure that packets are getting through
c) if the 1st tunnel stops sending packets, it has to be disabled and then the other 2 tunnels have to be enabled and whichever connects faster stays, the other one gets disabled and so on

Pretty basic for someone who know Mikrotik system. Anyone interest please e-mail 2468080@gmx.com (Terry)

pe1chl · January 25, 2018, 10:20am

I do that by setting up 3 tunnels in parallel and then use BGP to route the traffic, with BFD on the fast interface(s), and
with priorities set in such a way that the interfaces are handled in the wanted sequence.
It does not require scripting. But, for ease of configuration, it is nice when the central router has 3 available IP addresses
so the 3 tunnels can have different endpoints each with a separate route.