Static DNS intermittent

RouterOS General
1

Static DNS intermittent

I have set up a static IP for a homeassistant.local to IP 10.0.1.169.

But ping and Trace route to homeassistant.local I keep picking up external IP when I test from the Router.

When I test from a PC on the LAN i get a response from homeassistant.local as 10.0.1.169 and other times an external IP but does not change unless i restart the ping test in terminal it’s one or the other.

Also I need to configure http://homeassistant.local:8123/ with port 8123 to route to 10.0.1.169 and every config I have tried has failed. But it works as 10.0.1.169:8123 every time.

I have tried clearing the connection and flushing the cache along with reboots the router no luck.

Any suggestions?
Screenshot from 2024-12-01 20-38-50.png
Screenshot from 2024-12-01 20-40-27.png
Screenshot from 2024-12-01 20-42-23.png

# 2024-12-01 20:34:49 by RouterOS 7.16.1
# software id = Q2V4-JJB5
#
# model = CCR2116-12G-4S+
# serial number = HG209RH6MCX
/interface bridge
add mtu=8000 name=LAN_Bridge port-cost-mode=short priority=0x1000
/interface ethernet
set [ find default-name=ether1 ] advertise=1G-baseT-full comment=gateway001a l2mtu=8154 mtu=8000
set [ find default-name=ether2 ] advertise=1G-baseT-full comment=gateway001b l2mtu=8154 mtu=8000
set [ find default-name=ether3 ] advertise=1G-baseT-full comment=gateway002a l2mtu=8154 mtu=8000
set [ find default-name=ether4 ] advertise=1G-baseT-full comment=gateway002b l2mtu=8154 mtu=8000
set [ find default-name=ether5 ] advertise=1G-baseT-full comment=gateway003a l2mtu=8154 mtu=8000
set [ find default-name=ether6 ] advertise=1G-baseT-full comment=gateway003b l2mtu=8154 mtu=8000
set [ find default-name=ether7 ] advertise=1G-baseT-full comment=gateway004a l2mtu=8154 mtu=8000
set [ find default-name=ether8 ] advertise=1G-baseT-full comment=gateway004b l2mtu=8154 mtu=8000
set [ find default-name=ether9 ] advertise=1G-baseT-full comment=gateway005_tor disabled=yes l2mtu=8154 mtu=8000
set [ find default-name=ether10 ] advertise=1G-baseT-full comment=grandmaster_clock_001 disabled=yes l2mtu=8154 mtu=8000
set [ find default-name=ether11 ] advertise=1G-baseT-full disabled=yes l2mtu=8154 mtu=8000
set [ find default-name=ether12 ] advertise=1G-baseT-full disabled=yes l2mtu=8154 mtu=8000
set [ find default-name=ether13 ] advertise=1G-baseT-full comment=management l2mtu=8154 mtu=8000
set [ find default-name=sfp-sfpplus1 ] advertise=10G-baseT,10G-baseSR-LR,10G-baseCR comment="core switch 001a" l2mtu=8154 mtu=8000
set [ find default-name=sfp-sfpplus2 ] advertise=10G-baseT,10G-baseSR-LR,10G-baseCR comment="core switch 001b" l2mtu=8154 mtu=8000
set [ find default-name=sfp-sfpplus3 ] advertise=10G-baseT,10G-baseSR-LR,10G-baseCR comment="core switch 002a" l2mtu=8154 mtu=8000
set [ find default-name=sfp-sfpplus4 ] advertise=10G-baseT,10G-baseSR-LR,10G-baseCR comment="core switch 002b" l2mtu=8154 mtu=8000
/interface vlan
add comment="Guest Network" interface=LAN_Bridge mtu=8000 name=VLAN2_Guest vlan-id=2
/interface bonding
add mode=802.3ad mtu=8000 name="core switch 001" slaves=sfp-sfpplus1,sfp-sfpplus2 transmit-hash-policy=layer-2-and-3
add mode=802.3ad mtu=8000 name="core switch 002" slaves=sfp-sfpplus3,sfp-sfpplus4 transmit-hash-policy=layer-2-and-3
add mode=802.3ad mtu=8000 name=gateway001_lumen slaves=ether1,ether2 transmit-hash-policy=layer-2-and-3
add mode=802.3ad mtu=8000 name=gateway002_centurylink slaves=ether3,ether4 transmit-hash-policy=layer-2-and-3
add mode=802.3ad mtu=8000 name=gateway003_t-mobile slaves=ether5,ether6 transmit-hash-policy=layer-2-and-3
add mode=802.3ad mtu=8000 name=gateway004 slaves=ether7,ether8 transmit-hash-policy=layer-2-and-3
/interface wifi channel
add band=2ghz-ax disabled=no name="2.4GHz AX" skip-dfs-channels=disabled width=20mhz
add band=5ghz-ax disabled=no name="5.0GHz AX" skip-dfs-channels=disabled width=20/40/80mhz
/interface wifi datapath
add bridge=LAN_Bridge bridge-cost=4 disabled=no name="datapath1 main"
add bridge=LAN_Bridge bridge-cost=4 client-isolation=yes disabled=no name="datapath2 guest" vlan-id=2
/interface wifi security
add authentication-types=wpa2-psk,wpa3-psk disabled=no name=Main wps=disable
add authentication-types=wpa2-psk,wpa3-psk connect-group="" disabled=no name=Guest wps=disable
/interface wifi configuration
add channel="2.4GHz AX" country="United States" datapath="datapath1 main" disabled=no name=TrekGalactic_2.4Ghz security=Main ssid=TrekGalactic_2.4Ghz
add channel="5.0GHz AX" country="United States" datapath="datapath1 main" disabled=no name=TrekGalactic_5.0Ghz security=Main ssid=TrekGalactic_5.0Ghz
add channel="5.0GHz AX" country="United States" datapath="datapath2 guest" disabled=no name=TrekGalactic_5.0Ghz_Guest security=Guest ssid=TrekGalactic_5.0Ghz_Guest
add channel="2.4GHz AX" country="United States" datapath="datapath2 guest" disabled=no name=TrekGalactic_2.4Ghz_Guest security=Guest ssid=TrekGalactic_2.4Ghz_Guest
/ip firewall layer7-protocol
add name=snapchat regexp="^.+(feelinsonice.appspot.com|appspot.l.google.com|data.flurry.com|appspot.com|.appspot|appspot.|feelinsonice-hrd.appspot.com|data.flurry.com|snapchat.com|snap.net|www.snapchat.com|www.feelinsonice.com|feelinsonice.com|www.snap.net|.snap.net.).*\$\r\
    \n\r\
    \n"
add name=youtube regexp="^.+(ytstatic.l.google.com|youtube-ui.l.google.com|youtubei.googleapis.com|youtube.googleapis.com|youtube.com|www.youtube.com|m.youtube.|.m.youtube.|ytimg.com|s.ytimg.com|ytimg.l.google.com|youtube.l.google.com|i.google.com|googlevideo.com|youtu.be|youtube-nocookie.com).*\$"
add name=facebook regexp="^.+(www.facebook.com|facebook.com|login.facebook.com|www.login.facebook.com|fbcdn.net|www.fbcdn.net|fbcdn.com|www.fbcdn.com|static.ak.fbcdn.net|static.ak.connect.facebook.com|connect.facebook.net|www.connect.facebook.net|apps.facebook.com|m.facebook.com|fbsbx.com).*\$\r\
    \n"
add name=tiktok regexp="^.+(myqcloud.com|wsdvs.com|worldfcdn.com|footprint.net|byteoversea.|ibyteimg.|.ibyteimg|ibyteimg.com|musemuse.cn|muscdn.com|.byteoversea|byted.org|bytecdn.cn|byteoversea.com|.musical|musical.|musical.ly|tiktokcdn.com|tiktokv.com|tiktokcdn.com|.tiktokv|tiktokv.|tiktokcdn-com|.akamaized|akamaized.net|akamaized.|tiktok.com|www.tiktok.com|m.tiktok.com|tiktok.|tiktok|.zhiliaoapp|.musically|zhiliaoapp.|musically.).*\$\r\
    \n\r\
    \n"
add name=instagram regexp="^.+(instagram.com|cdninstagram.com|.cdninstagram.com|.instagram.com|instagram.|.instagram|.cdninstagram|cdninstagram.).*\$"
add name=netflix regexp="^.+(netflix.com|netflix.net|nflxext.com|nflximg.com|nflximg.net|nflxso.net|nflxvideo.net|.netflix.).*\$"
add name=twitter regexp="^.+(.twitter.|ads-twitter.com|twimg.com|twitter.com|twttr.com|twimg.com.akahost.net|twitter.map.fastly.net).*\$"
add name=whatsapp regexp="^.+(whatsapp.com|whatsapp.net|.whatsapp.|.whatsapp).*\$"
/ip hotspot profile
add hotspot-address=10.0.2.1 name=hsprof1
/ip pool
add name=pool1_LAN ranges=10.0.1.51-10.0.1.200
add name=pool2_Guest ranges=10.0.2.51-10.0.2.200
/ip dhcp-server
add add-arp=yes address-pool=pool1_LAN always-broadcast=yes authoritative=after-2sec-delay interface=LAN_Bridge name=Local_LAN_DHCP1
add add-arp=yes address-pool=pool2_Guest always-broadcast=yes authoritative=after-2sec-delay interface=VLAN2_Guest name=Local_VLAN2_Guest
/ip hotspot
add address-pool=pool2_Guest interface=VLAN2_Guest name=hotspot1 profile=hsprof1
/port
set 0 name=serial0
/queue simple
add bucket-size=1/1 disabled=yes max-limit=465M/465M name=lumen_uplink priority=1/1 queue=default/default target=ether12 total-queue=default
add bucket-size=1/1 disabled=yes max-limit=465M/465M name=gateway001_lumen priority=1/1 queue=default/default target=gateway001_lumen total-queue=default
add bucket-size=1/1 disabled=yes max-limit=80M/40M name=gateway002_centurylink queue=default/default target=gateway002_centurylink total-queue=default
add bucket-size=1/1 disabled=yes max-limit=3M/3M name=gateway003_t-mobile queue=default/default target=gateway003_t-mobile total-queue=default
add bucket-size=1/1 max-limit=100M/100M name=guest_wifi queue=default/default target=VLAN2_Guest total-queue=default
/system ptp
add disabled=yes name=ptp1
/ip smb
set domain=omeganet enabled=yes interfaces=LAN_Bridge
/interface bridge port
add bridge=LAN_Bridge interface="core switch 001" path-cost=1 priority=0x90 trusted=yes
add auto-isolate=yes bridge=LAN_Bridge interface="core switch 002" path-cost=6 priority=0x70 trusted=yes
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=all
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set max-neighbor-entries=8192
/interface wifi access-list
add action=accept allow-signal-out-of-range=always disabled=yes signal-range=-80..120
add action=reject allow-signal-out-of-range=always disabled=no signal-range=-120..-81
/interface wifi capsman
set ca-certificate=WiFi-CAPsMAN-CA-D401C30EA189 certificate=WiFi-CAPsMAN-CA-D401C30EA189 enabled=yes interfaces=LAN_Bridge package-path="" require-peer-certificate=yes upgrade-policy=require-same-version
/interface wifi provisioning
add action=create-dynamic-enabled disabled=no master-configuration=TrekGalactic_5.0Ghz slave-configurations=TrekGalactic_5.0Ghz_Guest supported-bands=5ghz-ax,5ghz-ac,5ghz-n
add action=create-dynamic-enabled disabled=no master-configuration=TrekGalactic_2.4Ghz slave-configurations=TrekGalactic_2.4Ghz_Guest supported-bands=2ghz-ax,2ghz-n
/ip address
add address=10.0.1.1/24 interface=LAN_Bridge network=10.0.1.0
add address=10.0.2.1/24 interface=VLAN2_Guest network=10.0.2.0
add address=10.0.13.1/29 interface=ether13 network=10.0.13.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1m
/ip dhcp-client
add interface=gateway001_lumen use-peer-dns=no
add default-route-distance=2 interface=gateway002_centurylink use-peer-dns=no
add default-route-distance=3 interface=gateway003_t-mobile use-peer-dns=no
add default-route-distance=5 disabled=yes interface=gateway004 use-peer-dns=no
add disabled=yes interface=ether12 use-peer-dns=no
/ip dhcp-server config
set accounting=no
/ip dhcp-server lease
add address=10.0.1.87 client-id=1:84:c0:ef:85:6b:27 mac-address=84:C0:EF:85:6B:27 server=Local_LAN_DHCP1
add address=10.0.1.90 client-id=1:c:c4:13:27:d0:a3 mac-address=0C:C4:13:27:D0:A3 server=Local_LAN_DHCP1
add address=10.0.1.169 always-broadcast=yes client-id=1:0:1e:6:42:a1:10 mac-address=00:1E:06:42:A1:10 server=Local_LAN_DHCP1
/ip dhcp-server network
add address=10.0.1.0/24 caps-manager=10.0.1.1 dns-server=10.0.1.1 domain=omeganet.local gateway=10.0.1.1 netmask=24 ntp-server=10.0.1.1
add address=10.0.2.0/24 comment="hotspot network" dns-server=10.0.1.1 gateway=10.0.2.1 netmask=24 ntp-server=10.0.1.1
/ip dns
set allow-remote-requests=yes cache-size=53687KiB max-udp-packet-size=8000 servers=1.0.0.2,1.0.0.1,1.1.1.1,1.1.1.2,208.67.220.220,208.67.222.222,208.67.222.2,208.67.220.2
/ip dns adlist
add disabled=yes ssl-verify=no url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
add ssl-verify=no url=https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/gambling/hosts
add disabled=yes ssl-verify=no url=https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/gambling-social/hosts
/ip dns static
add address=10.0.1.169 name=homeassistant.local ttl=1w type=A
add cname=http://homeassistant.local/ name=homeassistant.local ttl=1w type=CNAME
/ip firewall address-list
add address=0.0.0.0/8 comment="Self-Identification [RFC 3330]" list=bogons
add address=10.0.0.0/24 comment="Private[RFC 1918] - CLASS A # Check if you need this subnet before enable it" disabled=yes list=bogons
add address=127.0.0.0/8 comment="Loopback [RFC 3330]" list=bogons
add address=169.254.0.0/16 comment="Link Local [RFC 3330]" list=bogons
add address=172.16.0.0/12 comment="Private[RFC 1918] - CLASS B # Check if you need this subnet before enable it" disabled=yes list=bogons
add address=192.168.0.0/16 comment="Private[RFC 1918] - CLASS C # Check if you need this subnet before enable it" disabled=yes list=bogons
add address=192.0.2.0/24 comment="Reserved - IANA - TestNet1" list=bogons
add address=192.88.99.0/24 comment="6to4 Relay Anycast [RFC 3068]" list=bogons
add address=198.18.0.0/15 comment="NIDB Testing" list=bogons
add address=198.51.100.0/24 comment="Reserved - IANA - TestNet2" list=bogons
add address=203.0.113.0/24 comment="Reserved - IANA - TestNet3" list=bogons
add address=224.0.0.0/4 comment="MC, Class D, IANA # Check if you need this subnet before enable it" disabled=yes list=bogons
/ip firewall filter
add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=yes
add action=accept chain=forward connection-state=established,related
add action=add-src-to-address-list address-list=Syn_Flooder address-list-timeout=30m chain=input comment="Add Syn Flood IP to the list" connection-limit=30,32 protocol=tcp tcp-flags=syn
add action=drop chain=input comment="Drop to syn flood list" src-address-list=Syn_Flooder
add action=add-src-to-address-list address-list=Port_Scanner address-list-timeout=1w chain=input comment="Port Scanner Detect" protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="Drop to port scan list" src-address-list=Port_Scanner
add action=jump chain=input comment="Jump for icmp input flow" jump-target=ICMP protocol=icmp
add action=jump chain=forward comment="Jump for icmp forward flow" jump-target=ICMP protocol=icmp
add action=jump chain=output comment="Jump for icmp output" jump-target=ICMP protocol=icmp
add action=drop chain=forward comment="Drop to bogon list" dst-address-list=bogons
add action=add-src-to-address-list address-list=spammers address-list-timeout=3h chain=forward comment="Add Spammers to the list for 3 hours" connection-limit=30,32 dst-port=25,587 limit=30/1m,0:packet protocol=tcp
add action=drop chain=forward comment="Avoid spammers action" dst-port=25,587 protocol=tcp src-address-list=spammers
add action=accept chain=input comment="Accept DNS - UDP" port=53 protocol=udp
add action=accept chain=input comment="Accept DNS - TCP" port=53 protocol=tcp
add action=accept chain=input comment="Accept to established connections" connection-state=established
add action=accept chain=input comment="Accept to related connections" connection-state=related
add action=accept chain=input comment="Full access to SUPPORT address list" src-address-list=support
add action=accept chain=ICMP comment="Echo request - Avoiding Ping Flood, adjust the limit as needed" icmp-options=8:0 limit=2,5:packet protocol=icmp
add action=accept chain=ICMP comment="Echo reply" icmp-options=0:0 protocol=icmp
add action=accept chain=ICMP comment="Time Exceeded" icmp-options=11:0 protocol=icmp
add action=accept chain=ICMP comment="Destination unreachable" icmp-options=3:0-1 protocol=icmp
add action=accept chain=ICMP comment=PMTUD icmp-options=3:4 protocol=icmp
add action=accept chain=ICMP comment="homeassistant.local Ping" dst-address=10.0.1.169 protocol=icmp
add action=drop chain=ICMP comment="Drop to the other ICMPs" disabled=yes protocol=icmp
/ip firewall mangle
add action=change-ttl chain=prerouting disabled=yes new-ttl=set:64 passthrough=yes
add action=mark-connection chain=forward connection-mark=no-mark disabled=yes new-connection-mark=lumen out-interface=gateway001_lumen passthrough=yes
add action=mark-connection chain=forward connection-mark=no-mark disabled=yes new-connection-mark=centurylink out-interface=gateway002_centurylink passthrough=yes
add action=mark-connection chain=forward connection-mark=no-mark disabled=yes new-connection-mark=t-mobile out-interface=gateway003_t-mobile passthrough=yes
add action=mark-connection chain=forward connection-mark=no-mark disabled=yes new-connection-mark=gateway004 out-interface=gateway004 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=gateway001_lumen
add action=masquerade chain=srcnat out-interface=gateway002_centurylink
add action=masquerade chain=srcnat out-interface=gateway003_t-mobile
add action=masquerade chain=srcnat disabled=yes out-interface=gateway004
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=tcp to-addresses=10.0.1.1 to-ports=53
add action=dst-nat chain=dstnat disabled=yes dst-port=53 protocol=udp to-addresses=10.0.1.1 to-ports=53
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
/ip hotspot user
add name=jonathanyoung2010
/ip ipsec profile
set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5
/ip route
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=10.2.12.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 vrf-interface=gateway002_centurylink
add check-gateway=ping disabled=no distance=3 dst-address=0.0.0.0/0 gateway=10.3.12.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 vrf-interface=gateway003_t-mobile
add check-gateway=ping disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=32 vrf-interface=gateway001_lumen
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.12.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 vrf-interface=gateway001_lumen
add check-gateway=ping disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.4.12.1 routing-table=main scope=30 suppress-hw-offload=no target-scope=10 vrf-interface=gateway004
add check-gateway=ping disabled=yes distance=2 dst-address=0.0.0.0/0 gateway=8.8.8.8 routing-table=main scope=30 suppress-hw-offload=no target-scope=32 vrf-interface=gateway001_lumen
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes port=2200
set www-ssl disabled=no
/ip smb shares
set [ find default=yes ] directory=/pub disabled=no
/ip ssh
set strong-crypto=yes
/ip upnp
set allow-disable-external-interface=yes enabled=yes
/ip upnp interfaces
add interface=LAN_Bridge type=internal
add interface=gateway001_lumen type=external
add interface=gateway002_centurylink type=external
add interface=gateway003_t-mobile type=external
add interface=gateway004 type=external
add interface=*19 type=external
/ipv6 firewall filter
add action=accept chain=input comment="allow established and related" connection-state=established,related
add action=accept chain=input comment="accept ICMPv6" protocol=icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=33434-33534 protocol=udp
add action=accept chain=input comment="accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp src-address=fe80::/16
add action=accept chain=input comment="allow allowed addresses" src-address-list=allowed
add action=drop chain=input
add action=accept chain=forward comment=established,related connection-state=established,related
add action=drop chain=forward comment=invalid connection-state=invalid log=yes log-prefix=ipv6,invalid
add action=drop chain=forward log-prefix=IPV6
/snmp
set enabled=yes
/system clock
set time-zone-name=America/Chicago
/system identity
set name=core_firewall_001
/system note
set note="Welcome to the OmegaNet by Simplified Media LLC\r\
    \n\r\
    \nThe Network Admin is watching you!" show-at-cli-login=yes
/system ntp client
set enabled=yes
/system ntp server
set enabled=yes manycast=yes multicast=yes
/system ntp client servers
add address=time.cloudflare.com
add address=time.google.com
add address=time.aws.com
add address=time.windows.com
add address=time.nist.gov
add address=us.pool.ntp.org
add address=204.147.80.24
add address=209.244.0.5
/system ptp port
add interface=ether10 ptp=ptp1
add interface=ether11 ptp=ptp1
/system routerboard settings
set auto-upgrade=yes enter-setup-on=delete-key
/system scheduler
add interval=1w name=Reboot on-event="system reboot" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2018-09-18 start-time=04:40:00
add interval=1w name=Package_upgrade on-event="system package update install" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2018-09-18 start-time=02:35:00
add interval=1w name=Routerboard_Upgrade on-event="system routerboard upgrade" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2018-09-18 start-time=03:40:00
add interval=1w name=Backup on-event=RouterBackup policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2018-09-18 start-time=02:00:00
/tool e-mail
set from=jonathanyoung2161@gmail.com port=465 server=smtp.gmail.com tls=yes user=jonathanyoung2161
/tool netwatch
add disabled=no down-script=":log info \"8.53.141.186 ERROR\"\r\
    \n" host=8.53.141.186 http-codes="" interval=1s name="Lumen (8.53.141.186)" packet-size=1400 src-address=10.1.12.2 startup-delay=1m test-script="\r\
    \n" thr-loss-percent=5% type=icmp up-script=""
add disabled=no down-script=":log info \"1.1.1.1 ERROR\"" host=1.1.1.1 http-codes="" interval=1s name="Lumen (1.1.1.1)" packet-size=1400 src-address=10.1.12.2 startup-delay=1m test-script="" thr-loss-percent=5% type=icmp up-script=""
add disabled=no down-script=":log info \"8.8.8.8 ERROR\"" host=8.8.8.8 http-codes="" interval=1s name="Lumen (8.8.8.8)" packet-size=1400 src-address=10.1.12.2 startup-delay=1m test-script="" thr-loss-percent=5% type=icmp up-script=""
/tool romon
set enabled=yes
/user group
add name=homeassistant policy=read,test,api,!local,!telnet,!ssh,!ftp,!reboot,!write,!policy,!winbox,!password,!web,!sniff,!sensitive,!romon,!rest-api