Monitoring Help

gabemangieri · August 27, 2015, 3:29pm

Hi all,

I’m not 100% sure if this is the proper board to post this, but here goes…

I have an issue with monitoring. I need to monitor when my primary link fails on the MikroTik router, then be able to alert based on that failure.

Here’s the topology:

Router is connected upstream to two different ISPs. ISP 1 is an Enterprise layer 2 link and ISP 2 is a Business class layer 3 link. With all running well the router routes all traffic across ISP 1, but when there’s a failure the traffic re-routes to ISP 2. Fail back works as well.

The problem is that if the ISP 1 connection fails upstream from the demarc point (meaning the physical connection is active, but there is a failure in the path further upstream), there is no way for me to currently alert on this. Everything works fine as long as the ISP 2 connection is running, but I have no way to currently monitor when the ISP 1 connection has this type of failure.

So here’s the question: How do I monitor and alert for an upstream path failure without needing to pay attention to the physical link (as this does not fail)?

I’m using SNMP to do all my monitoring currently.

Any help or suggestions would be greatly appreciated!

JJCinAZ · August 27, 2015, 4:40pm

I might suggest that you create a dummy loopback adapter which can be monitored for up/down state via SNMP:

/interface bridge add name=monitor1
/interface print oid

The “print oid” command will give you the interface ID number for your SNMP monitoring.

Next, use the Netwatch tool, some custom scripts, or a combination of the two to monitor access through your ISP1. When the Netwatch, or your scripts, detect a failure through ISP1, then disable the “monitor1” interface. Your SNMP system, presumably polling the router via SNMP, will see the interface down and can alert you.

For example, let’s say you monitor ping to 8.8.8.8 through ISP1 and your gateway for ISP1 is 1.2.3.4:

/ip route add dst-address=8.8.8.8/32 distance=1 gateway=1.2.3.4
/ip route add dst-address=8.8.8.8/32 distance=2 type=blackhole
/tool netwatch add down-script="/interface disable monitor1" host=8.8.8.8 up-script="/interface enable monitor1"

Note that the two routes ensure that your test only goes through your ISP1, even if the interface to ISP1 goes down. Without those, the route would switch over to ISP2 causing your netwatch to think ISP1 was back up and reenable the monitor1 interface.

Hope that gets you on the right track.