Community discussions

MikroTik App
 
simonefil
newbie
Topic Author
Posts: 42
Joined: Tue Apr 13, 2021 9:22 pm
Location: Bergamo - Italy
Contact:

Create script to clean udp connections

Mon Apr 19, 2021 11:50 am

Hi everyone.
I'm testing a configuration with two WANs in failover mode. Currently when the main connection "WAN1" goes down, WAN2 is activated immediately and all data traffic runs smoothly, with the exception of the voice traffic which is interrupted. To restart the voice traffic too, I have to manually restart the routerboard or enter the firwall connections table and manually remove the udp connections present, in this way the phone immediately re-creates new udp connections routes on WAN2.
I'd like to automate this mechanism.
When WAN1 failover occurs -> clean all udp connections
When WAN1 is back up and running -> clean all udp connections
I know I'm asking for something complicated
I thank anyone who can help me.
This is my current configuration:
# apr/18/2021 00:14:18 by RouterOS 6.48.1
# software id = 
# model = RouterBOARD 941-2nD
# serial number =
/interface bridge
add name=bridge1
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=192.168.1.100-192.168.1.200
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 name=dhcp1
/queue simple
add max-limit=768k/10M name=Total target=""
/queue type
add kind=pcq name="BMG Voip Download" pcq-classifier=src-address,dst-address pcq-dst-address6-mask=64 pcq-rate=128k pcq-src-address6-mask=64
/queue simple
add max-limit=768k/10M name=VoIP packet-marks=3CX_packet parent=Total priority=1/1 queue="BMG Voip Download/BMG Voip Download" target="" total-queue="BMG Voip Download"
/interface bridge port
add bridge=bridge1 interface=ether3 multicast-router=disabled
add bridge=bridge1 interface=ether4 multicast-router=disabled
/ip address
add address=192.168.1.1/24 interface=bridge1 network=192.168.1.0
/ip dhcp-client
add disabled=no interface=ether1
add disabled=no interface=ether2
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.1.1
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=***.***.77.238 new-connection-mark=3CX_connection passthrough=yes
add action=mark-packet chain=prerouting connection-mark=3CX_connection new-packet-mark=3CX_packet passthrough=no
add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=WAN1 out-interface=ether1 passthrough=yes
add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=WAN2 out-interface=ether2 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1 new-routing-mark=to_WAN1 out-interface=ether1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2 new-routing-mark=to_WAN2 out-interface=ether2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
/ip firewall service-port
set sip disabled=yes
/ip route
add check-gateway=ping distance=1 gateway=192.168.3.75 routing-mark=to_WAN1
add check-gateway=ping distance=2 gateway=192.168.78.1 routing-mark=to_WAN2
/system clock
set time-zone-name=Europe/Rome
[admin@MikroTik] >
Thanks a lot to everyone
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Create script to clean udp connections

Mon Apr 19, 2021 4:46 pm

 
simonefil
newbie
Topic Author
Posts: 42
Joined: Tue Apr 13, 2021 9:22 pm
Location: Bergamo - Italy
Contact:

Re: Create script to clean udp connections

Mon Apr 19, 2021 5:16 pm

Thank you for reporting this thread already open to me.
Unfortunately, the link to farlock.org you report does not work.
I saw your function you posted to close connections without errors, I am trying to try it manually, entering it in the terminal
/ip fire conn
:foreach idc in=[find where timeout>60] do={
 :remove [find where .id=$idc]
}
but it does not accept it. Am I doing something wrong?
Thanks so much
I am Italian too and I have a very bad English grammar; I'm also a bad routerboard programmer, being new to this world :D
 
msatter
Forum Guru
Forum Guru
Posts: 2897
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Create script to clean udp connections

Mon Apr 19, 2021 7:12 pm

{
/ip firewall connections
remove [find where timeout>60s protocol=UDP]
}
edit: removed the semicolon
Last edited by msatter on Mon Apr 19, 2021 10:46 pm, edited 1 time in total.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Create script to clean udp connections

Mon Apr 19, 2021 7:41 pm

i'm not the user that post farlock.org link...
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Create script to clean udp connections

Mon Apr 19, 2021 7:44 pm

Thank you for reporting this thread already open to me.
Unfortunately, the link to farlock.org you report does not work.
I saw your function you posted to close connections without errors, I am trying to try it manually, entering it in the terminal
/ip fire conn
:foreach idc in=[find where timeout>60] do={
 :remove [find where .id=$idc]
}
but it does not accept it. Am I doing something wrong?
Thanks so much
I am Italian too and I have a very bad English grammar; I'm also a bad routerboard programmer, being new to this world :D
no ":" before "remove"...
/ip fire conn
:foreach idc in=[find where timeout>60] do={
 remove [find where .id=$idc]
}

Who is online

Users browsing this forum: GoogleOther [Bot] and 13 guests