Well, safe mode just puts a marker in the change history and rolls back all changes when the
login session (telnet, webfig, winbox) is inadvertently closed. Powercycling apparently does not
count as inadvertently closing the session.
In my experience it works well, but I would like to see an additional mode where the rollback is not
initiated by the session close, but by a timer elapse. I frequently work on systems via a VPN and
it is sometimes unavoidable that the change that I make will reset and re-establish the VPN.
This makes it impossible to use safe mode for such changes. E.g. I have devices that have
a USB stick for 4G to connect back to the central office using L2TP/IPsec, and alternatively they
can use locally available WiFi at higher priority.
When the boxes have been brought to the location, I can login remotely via the 4G VPN and enter
the details of the WiFi, but it is risky because when the WiFi establishes and gets a route but turns
out to be not transparent for L2TP/IPsec I have locked myself out and have to go to the site.
I cannot use safe mode because the switchover will always close my login session.
It would be good to have “safe mode for 5 minutes”, then change the setting, and when I am unable
to login again within 5 minutes to “cancel safe mode”, it reverts to the previous setting.
This is how Cisco and some other manufacturers do it.
I like how with MikroTik you cannot forget to save the config and lose it months later when the power
is cycled. This is also a good thing for the consumer market.
However, it could be nice to have the capability for config changes that are not (immediately) saved
and will be lost on powercycle or watchdog reboot. Maybe similar to Safe Mode, a Volatile Mode that
can be enabled and disabled. Combined with a “reboot in 5 minutes” this can serve to implement what
I described.
+1
Power-cycle still commits changes made during Safe Mode as of 6.40.4 - I think it’s a bug, or at least very counter-intuitive (not as safe as one might think).
Not saving each individual change would have another benefit - less wear on flash memory,
It would be nice to see Mikrotik add commands to disable/re-enable config auto-save, and (if auto-save disabled) save manually.
Might be a good idea to be able to “export” either config version (startup vs. running) as well.
You need to read the documentation and not use your knowledge of other products that does not pertain to this one.
Safe mode does what is documented. Above I pictured how it could be better, but I disagree that one should powercycle the box to revert changes, that is just not how safe mode works.
Documentation only says: “All configuration changes that are made (also from other login sessions), while router is in safe mode, are automatically undone if safe mode session terminates abnormally.” - I don’t see anything specific about power failure case, I see it as another way to terminate session abnormally (but changes are not undone - so I think it’s a bug).
I agree i think that safe mode need to be more like time based than session based
since some times you need to change remotely a config and that maybe will obvious close the session but not necessary it a mistake
so it better to setup a timer
If you power cycle, it means that what you did before was good. So remove safe mode and then reboot.
If it’s a power failure, ok, uncool…
If you know that your next command will lock you out but it’s normal, then leave safe mode before entering the last command. Stop asking for code rewrites.
If you do get time based, I can see the problems right now. It’s been a long night, your safe mode timer expired and you type in that bad command and lock yourself out. Then what? Not an issue with current safe mode behavior.
That just means safe mode is useless for those cases! E.g. look at my example for two VPN connection alternatives. You want to remotely try to enable
the second VPN, and when it fails to establish just go back to the old one. This now cannot be done because switching the VPN always closes the session
and reverts the safe mode changes. By disablling safe mode first, the new config remains active and the router is unreachable over the VPN. That is
exactly why you want to have a safe mode.
If you do get time based, I can see the problems right now. It’s been a long night, your safe mode timer expired and you type in that bad command and lock yourself out. Then what? Not an issue with current safe mode behavior.
In the timer based safe mode, the early expiration of the timer would not lock you out but it would revert your changes.
If you do get time based, I can see the problems right now. It’s been a long night, your safe mode timer expired and you type in that bad command and lock yourself out. Then what? Not an issue with current safe mode behavior.
In the timer based safe mode, the early expiration of the timer would not lock you out but it would revert your changes.
Would that mean that you’d have to toggle safe mode regularly to not loose your work? If so, ouch!
You would use this safe mode only when you are making changes that are “risky”, like changing the routing or addresses on a remote router.
E.g. the case I described: you have a remote router that is connected to your central site (where you are located) over a VPN, and you try to
reconfigure the VPN to use another interface or connection method. Should that fail, you lose the access to the router.
It is not something you usually have enabled “all the time”. And if you do, it is certainly advisable to toggle it regularly so that it won’t roll back
into the distant past once you make a small mistake.
I would say toggle it between each step you make in some topology change after you have verified that you have not lost access.