Hi everyone,
I use a RB750Gr3 running 6.42.6 for a home network. My ISP provides IPv4 only, so I use a Hurricane Electric tunnel to get IPv6. I configured IPv6 according to the instructions in the wiki. Since my IPv4 address is dynamic, the IPv6 tunnel goes down every time the IPv4 address changes. I need to bring it back up again by updating the tunnel broker endpoint, using the script taken from the wiki page here.
I would like to use Netwatch to automate this process. So I added a netwatch rule that should call the IPv6 endpoint updater script every time a defined IPv6 host is down. Here’ I use Hurricane Electric’s IPv6 DNS server (2001:470:20::2) that should be reachable whenever the link is up. However, the script never gets called, even though Netwatch reports the host in question as down.
There are no log entries, and the script run count does not increase. After a clean reboot, the script run count stands at “10”, as if the OS had called the script 10 times and decided to give up. (If I call the script manually, the tunnel goes up normally and the test host is reachable.)
What is the reason for this behaviour?
Here’s the configuration:
[admin@MikroTik] > /tool netwatch export
# aug/07/2018 03:29:49 by RouterOS 6.42.6
# software id = 7R0I-PYJV
#
# model = RouterBOARD 750G r3
# serial number = xxxx
/tool netwatch
add down-script="/system script run hurricane-ipv6-dynamic-update" host=2001:470:20::2 \
interval=2m
[admin@MikroTik] > /tool netwatch print
Flags: X - disabled
# HOST TIMEOUT INTERVAL STATUS
0 2001:470:20::2 1s 2m down
My IPv6 endpoint updater script is as follows. Script policies are “read”, “write” and “test”:
# Update Hurricane Electric IPv6 Tunnel Client IPv4 address
#--------------- Beginning of user defined variables ------------------
# This routers 6to4 Tunnel Interface
:local HEtunnelinterface "sit1"
# Hurricane Electric Tunnel ID
:local HEtunnelid "nnnnnn"
# Hurricane Electric Username
:local HEuserid "username"
# Hurricane Electric Tunnel Update Key
:local HEmd5key "secretkey"
# This routers WAN Interface
:local WANinterface "Beeline-L2TP"
#--------------- End of user defined variables -----------------------------
:local HEupdatehost "ipv4.tunnelbroker.net"
:local HEupdatepath "/nic/update"
:local outputfile ("HE-" . $HEtunnelid . ".txt")
# Internal processing below...
# ----------------------------------
:local HEipv4addr
# Get WAN interface IP address
:set HEipv4addr [/ip address get [/ip address find interface=$WANinterface] address]
:set HEipv4addr [:pick [:tostr $HEipv4addr] 0 [:find [:tostr $HEipv4addr] "/"]]
:if ([:len $HEipv4addr] = 0) do={
:log error ("Could not get IP for interface " . $WANinterface)
:error ("Could not get IP for interface " . $WANinterface)
}
# Update the HEtunnelinterface with WAN IP
/interface 6to4 {
:if ([get ($HEtunnelinterface) local-address] != $HEipv4addr) do={
:log info ("Updating " . $HEtunnelinterface . " local-address with new IP " . $HEipv4addr . "...")
set ($HEtunnelinterface) local-address=$HEipv4addr
} else={
:log info ("Interface " . $HEtunnelinterface . " address is still IP " . $HEipv4addr . ".")
}
}
:log info ("Updating IPv6 Tunnel " . $HEtunnelid . " Client IPv4 address to IP " . $HEipv4addr . "...")
/tool fetch mode=https \
host=($HEupdatehost) \
url=("https://" . $HEupdatehost . $HEupdatepath . \
"?hostname=" . $HEtunnelid . \
"&myip=" . $HEipv4addr) \
user=($HEuserid) \
password=($HEmd5key) \
dst-path=($outputfile)
:log info ([/file get ($outputfile) contents])
/file remove ($outputfile)