Need help creating a simple script.

Hello Guys ,

I currently have a LHG5 router and I have set up a L2TP VPN client on the router :

/interface l2tp-client
add add-default-route=yes connect-to=s1.l2tpserver.com disabled=no ipsec-secret=123456789 name=l2tp-out1 password=\
    7063 use-ipsec=yes user=7063

In order for the L2TP client to work , I have added the following Route :

/ip route
add distance=1 dst-address=62.62.62.62/32 gateway=192.168.1.1

Where 62.62.62.62 is the IP of the L2TP server .

Now , the issue is that the IP address behind domain s1.l2tpserver.com is not static and might change from time to time .

How can I create an script or schedule to check for the IP address of this domain s1.l2tpserver.com every 2 hours and replace the IP address behind the domain , in the following Route rule :

/ip route
add distance=1 dst-address=62.62.62.62/32 gateway=192.168.1.1

so if the IP of s1.l2tpserver.com is changed from 62.62.62.62 to 82.82.82.82 , on the next script run , the Route rule will be updated to the following :

/ip route
add distance=1 dst-address=82.82.82.82/32 gateway=192.168.1.1

Also will this process of running the script , interrupt my L2TP connection ? Thank you .

Using Grok , I got the following script . Can anyone confirm if this is correct? Also would this script interrupt my L2TP connection while it runs the process of replacing the Route ?

/system script
add name=updateRoute source={
    # Resolve the domain name to an IP address
    :local domain "s1.l2tpserver.com"
    :local resolvedIP
    :do {
        :set resolvedIP [:resolve $domain]
    } on-error={
        :log error "Failed to resolve $domain"
        :return
    }

    # Check if IP was resolved successfully, stop if not
    :if ([:len $resolvedIP] = 0) do={
        :log error "No IP resolved for $domain"
        :return
    }

    # Log successful resolution
    :log info "Resolved $domain to $resolvedIP"

    # Remove all existing IP routes
    /ip route
    remove [find]

    # Add the new route (example: set resolved IP as gateway)
    # Modify the dst-address, gateway, or other parameters as needed
    add distance=1 dst-address=$resolvedIP/32 gateway=192.168.1.1 comment="Route to $domain"

    :log info "Routes updated successfully"
}

I have to metion that the following route is the only route I have so removing all routes with the above script , won’t remove any other needed route:

/ip route
add distance=1 dst-address=62.62.62.62/32 gateway=192.168.1.1

There are many Solutions to the Problem…

A Basic Solution ist to add a Comment, to identify the IP/Route for the Script

For Exemple:

/ip/route add distance=1 dst-address=62.62.62.62/32 gateway=192.168.1.1 comment="Script Controlled Route to S1.l2tpserver.com"

/system scheduler
add interval=2h name="Script Controlled Route to S1.l2tpserver.com" on-event="ip/route/set dst-address=[:resolve S1.l2tpserver.com] [find where comment~\"Script Controlled Route to S1\"] " policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-time=startup

rko4all was a bit quicker than I was…

I tried his Script and can concure, that it works

1. Just be carefull, that the Script will remove ALL existing :lol:

2. I am no Scripting Guru, but i would Optimize the following as
   I don`t think the “/32” is necessary while adding the new Route

add distance=1 dst-address=[b]$resolvedIP/32[/b] gateway=192.168.1.1 comment="Route to $domain"

Thank you for your solution as well . This will do the job as well and you are right about removing all existing routes . That is no issue as there is only one route and there won’t be any more in the future. Using Grok , I tried to take it a step further and create 2 scenarios where the script will stop before proceeding with removing routes .

Scenario 1 is if the domain is not resolved and scenario 2 is if the IP returned is the same IP as the last time the script was run ! for this , got this script from Grok :

/system script
add name=updateRoute source={
    # Declare global variable to store the last resolved IP
    :global lastResolvedIP

    # Resolve the domain name to an IP address
    :local domain "s1.l2tpserver.com"
    :local resolvedIP
    :do {
        :set resolvedIP [:resolve $domain]
    } on-error={
        :log error "Failed to resolve $domain"
        :return
    }

    # Check if IP was resolved successfully, stop if not (Scenario 1)
    :if ([:len $resolvedIP] = 0) do={
        :log error "No IP resolved for $domain"
        :return
    }

    # Log the resolved IP
    :log info "Resolved $domain to $resolvedIP"

    # Check if the resolved IP is the same as last time, stop if true (Scenario 2)
    :if ([:len $lastResolvedIP] > 0 && $resolvedIP = $lastResolvedIP) do={
        :log info "Resolved IP ($resolvedIP) is the same as last time, no changes needed"
        :return
    }

    # Remove all existing IP routes
    /ip route
    remove [find]

    # Add the new route with resolvedIP as dst-address and 192.168.1.1 as gateway
    add distance=1 dst-address=$resolvedIP/32 gateway=192.168.1.1 comment="Route to $domain via 192.168.1.1"

    # Update the lastResolvedIP with the current resolved IP
    :set lastResolvedIP $resolvedIP

    :log info "Routes updated successfully with new IP $resolvedIP"
}

can you have a look and see if it makes sense? also that /32 is not necessary . I just added it for readability purposes.

Shouldn’t you try that script yourself? Ask Grok if the script is correct.

I asked Grok if the script was correct, and to tell me the truth, not to please me and not to give me satisfaction.
To these instructions he replied that the script immediately locks with an error,
because no one responds to “value:” and even if someone responds, to the first “remove [find]” it fail if there is an IP assigned to any interface,
because remove tries to delete even the dynamic routes “failure: can remove only static routes”.

In short, he confessed to me that since it is just a chatbot, its purpose is just to have a random chat, just satisfy the user with anything.
If the user asks it something, it means that it does not know it, so it can invent anything.


And a small parenthesis,
I ask what’s the point of all this
:if ([:len $lastResolvedIP] > 0 && $resolvedIP = $lastResolvedIP)
if it would have been enough
:if ($resolvedIP = $lastResolvedIP)
because the check if $lastResolvedIP is of length 0 has already been done,
and he replied that if I knew how to do it better, why did I ask him?

I once heard an expression take your grok and shove it!
Seems apropos… I personally avoid helping folks that ask me to fix a chatgpt config. They have done no work…

The solution contains only 3 not too long lines of code or 6 if a bit of selfexplaining pretty-printing is needed.

Thank you for your response. Although AI can help sometimes , I still try to verify the suggestions with experts as they know better.

Regarding "remove [find]" , I added a comment to that route so it would only target that route while executing the script.

Also since the check for $lastResolvedIP is of length 0 has already been done , I removed that check from the script.

I will see how this goes.

Yes , I will try it myself but I decided to ask here as well because I’m about to set this script in 50+ Mikrotik routers and I want to make sure that it won’t produce any unexpected behaviors in the long run. Thank you .

Don’t you have an impression that you should hire someone more skilled than you to have the task done for that fleet of routers?
You could trust LLM when you ask for “best taco foodtrack”, “current whether in …”, “what is the price of a ticket to … museum”.
Do not trust it when you have serious task and you want to get full working solution while you are unable to spot the obvious problems even if they were pointed out. You did not even try to run that script, as you state, to watch the “spectacular” results.

Lets analyze just the route part

Facts:

1. “…I have set up a L2TP VPN client on the router..”
2. You state: “That is no issue as there is only one route and there won’t be any more in the future.”
3. “The Script” removes all routes

Questions/problems:
0. We do not know what the LAN IP pool is and where 192.168.1.1 address is located? Locally? External? Behind NAT? etc.

1. There hast o be at least one route more, the default route to enable DNS communication and L2TP communication.
2. How there could be the only one route as you state
3. removing default routes kills Internet access
4. You consider if there would be glitches in communication … YES, could be if you kill all routes. It’s OBVIOUS.

How do you want to help users if they would need some changes to the script if you do not know how and what that script does?

There is a time to consult, when responsible for many customers routers and one is resorting to AI, because one does not know sheite about this part of the RoS…
Why AI ???..it smacks of trying to be cheap, vice actually going to the right place → https://mikrotik.com/consultants

Perhaps you should advertise on your company website. Disclaimer: Service may be interrupted because we use AI to help us guess what changes we should make to the configurations of the devices you use. AI is not perfect but it helps us keep our costs down to you.