Community discussions

MikroTik App
 
spazio
just joined
Topic Author
Posts: 7
Joined: Fri Aug 23, 2013 6:50 pm

Export and Import on backup and clone device problem !

Tue Jul 20, 2021 5:21 pm

Hi All!
I'm in a jam and can't figure out what's the problem...
I just landed a new job and have proposed mikrotik hardware to replace more closed minded vendor ( so to speak, hahaha )
For mikrotik product to be accepted.I have to do a proof of concept of a common remote office config with export/import/backup/restore to facilitate deployment and remote managing.
And IT JUST NOT WORKING!

So I began with CHR - https://wiki.mikrotik.com/wiki/Manual:CHR plateform on GNS3 and realise there was a bug with dhcp-client on reset-config.
Look here for bug details: viewtopic.php?t=130547

So /system reset-configuration no-defaults=yes run-after-reset=/flash/defaultscript.rsc
CAN'T BE USED! Any script with this way will stop and EXIT at the dhcp-client with message
failure: action already exists with such a name
That there is an interface or something else with this name or something like that ( sorry, I didn't copied the error message on every try last week! YES I've been over this for WEEEEEEEKKKKKSSSSS!

To bypass this bug! I manually remove the dhcp-client every time and try with
/import /flash/defaultscript.rsc

defaultscript.rsc is the default script from a rb2011 default script that I copied. Here it is:
#| Welcome to RouterOS!
#|    1) Set a strong router password in the System > Users menu
#|    2) Upgrade the software in the System > Packages menu
#|    3) Enable firewall on untrusted networks
#| -----------------------------------------------------------------------------
#| RouterMode:
#|  * WAN port is protected by firewall and enabled DHCP client
#|  * Ethernet interfaces (except WAN port/s) are part of LAN bridge
#| LAN Configuration:
#|     IP address 192.168.88.1/24 is set on bridge (LAN port)
#|     DHCP Server: enabled;
#|     DNS: enabled;
#| WAN (gateway) Configuration:
#|     gateway:  ether1 ;
#|     ip4 firewall:  enabled;
#|     NAT:   enabled;
#|     DHCP Client: enabled;

:global defconfMode;
:log info "Starting defconf script";
#-------------------------------------------------------------------------------
# Apply configuration.
# these commands are executed after installation or configuration reset
#-------------------------------------------------------------------------------
:if ($action = "apply") do={
  # wait for interfaces
  :local count 0;
  :while ([/interface ethernet find] = "") do={
    :if ($count = 30) do={
      :log warning "DefConf: Unable to find ethernet interfaces";
      /quit;
    }
    :delay 1s; :set count ($count +1); 
  };
 /interface list add name=WAN comment="defconf"
 /interface list add name=LAN comment="defconf"
 /interface bridge
   add name=bridge disabled=no auto-mac=yes protocol-mode=rstp comment=defconf;
 :local bMACIsSet 0;
 :foreach k in=[/interface find where !(slave=yes  || name="ether1" || name~"bridge")] do={
   :local tmpPortName [/interface get $k name];
   :if ($bMACIsSet = 0) do={
     :if ([/interface get $k type] = "ether") do={
       /interface bridge set "bridge" auto-mac=no admin-mac=[/interface ethernet get $tmpPortName mac-address];
       :set bMACIsSet 1;
     }
   }
   /interface bridge port
     add bridge=bridge interface=$tmpPortName comment=defconf;
 }
   /ip pool add name="default-dhcp" ranges=192.168.88.10-192.168.88.254;
   /ip dhcp-server
     add name=defconf address-pool="default-dhcp" interface=bridge lease-time=10m disabled=no;
   /ip dhcp-server network
     add address=192.168.88.0/24 gateway=192.168.88.1 comment="defconf";
  /ip address add address=192.168.88.1/24 interface=bridge comment="defconf";
 /ip dns {
     set allow-remote-requests=yes
     static add name=router.lan address=192.168.88.1 comment=defconf
 }

   /ip dhcp-client add interface=ether1 disabled=no comment="defconf";
 /interface list member add list=LAN interface=bridge comment="defconf"
 /interface list member add list=WAN interface=ether1 comment="defconf"
 /ip firewall nat add chain=srcnat out-interface-list=WAN ipsec-policy=out,none action=masquerade comment="defconf: masquerade"
 /ip firewall {
   filter add chain=input action=accept connection-state=established,related,untracked comment="defconf: accept established,related,untracked"
   filter add chain=input action=drop connection-state=invalid comment="defconf: drop invalid"
   filter add chain=input action=accept protocol=icmp comment="defconf: accept ICMP"
   filter add chain=input action=accept dst-address=127.0.0.1 comment="defconf: accept to local loopback (for CAPsMAN)"
   filter add chain=input action=drop in-interface-list=!LAN comment="defconf: drop all not coming from LAN"
   filter add chain=forward action=accept ipsec-policy=in,ipsec comment="defconf: accept in ipsec policy"
   filter add chain=forward action=accept ipsec-policy=out,ipsec comment="defconf: accept out ipsec policy"
   filter add chain=forward action=fasttrack-connection connection-state=established,related comment="defconf: fasttrack"
   filter add chain=forward action=accept connection-state=established,related,untracked comment="defconf: accept established,related, untracked"
   filter add chain=forward action=drop connection-state=invalid comment="defconf: drop invalid"
   filter add chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface-list=WAN comment="defconf: drop all from WAN not DSTNATed"
 }
   /ip neighbor discovery-settings set discover-interface-list=LAN
   /tool mac-server set allowed-interface-list=LAN
   /tool mac-server mac-winbox set allowed-interface-list=LAN
}
#-------------------------------------------------------------------------------
# Revert configuration.
# these commands are executed if user requests to remove default configuration
#-------------------------------------------------------------------------------
:if ($action = "revert") do={
/user set admin password=""
 /system routerboard mode-button set enabled=no
 /system routerboard mode-button set on-event=""
 /system script remove [find comment~"defconf"]
 /ip firewall filter remove [find comment~"defconf"]
 /ip firewall nat remove [find comment~"defconf"]
 /interface list member remove [find comment~"defconf"]
 /interface detect-internet set detect-interface-list=none
 /interface detect-internet set lan-interface-list=none
 /interface detect-internet set wan-interface-list=none
 /interface detect-internet set internet-interface-list=none
 /interface list remove [find comment~"defconf"]
 /tool mac-server set allowed-interface-list=all
 /tool mac-server mac-winbox set allowed-interface-list=all
 /ip neighbor discovery-settings set discover-interface-list=!dynamic
   :local o [/ip dhcp-server network find comment="defconf"]
   :if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }
   :local o [/ip dhcp-server find name="defconf" !disabled]
   :if ([:len $o] != 0) do={ /ip dhcp-server remove $o }
   /ip pool {
     :local o [find name="default-dhcp" ranges=192.168.88.10-192.168.88.254]
     :if ([:len $o] != 0) do={ remove $o }
   }
   :local o [/ip dhcp-client find comment="defconf"]
   :if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
 /ip dns {
   set allow-remote-requests=no
   :local o [static find comment="defconf"]
   :if ([:len $o] != 0) do={ static remove $o }
 }
 /ip address {
   :local o [find comment="defconf"]
   :if ([:len $o] != 0) do={ remove $o }
 }
 :foreach iface in=[/interface ethernet find] do={
   /interface ethernet set $iface name=[get $iface default-name]
 }
 /interface bridge port remove [find comment="defconf"]
 /interface bridge remove [find comment="defconf"]
 /interface bonding remove [find comment="defconf"]
 /interface wireless cap set enabled=no interfaces="" caps-man-addresses=""
  /caps-man manager set enabled=no
  /caps-man manager interface remove [find comment="defconf"]
  /caps-man manager interface set [ find default=yes ] forbid=no
  /caps-man provisioning remove [find comment="defconf"]
  /caps-man configuration remove [find comment="defconf"]
}
:log info Defconf_script_finished;
:set defconfMode;

The script finish but no config has change! It's not working!
I can see the comments in the log!
13:53:10 system,info,account user admin logged in from 10.1.1.208 via ssh
13:53:15 script,info Starting defconf script
13:53:15 script,info Defconf_script_finished
So I tried something else. I took a rb2011 and did a working configuration and did:
/export file=myrtrbackup
also
/export terse file=myrtrbackup
The config is pretty standard. One thing that I need is some custom script running on the router. One example of this is.
I have This script from the wiki:
https://wiki.mikrotik.com/wiki/Manual:I ... pt_example

Here the code to add the config script to the router.
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ether2 script="{\r\
    \n    :local rmark \"WAN1\"\r\
    \n    :local count [/ip route print count-only where comment=\"WAN1\"]\r\
    \n    :if (\$bound=1) do={\r\
    \n        :if (\$count = 0) do={\r\
    \n            /ip route add gateway=\$\"gateway-address\" comment=\"WAN1\" routing-mark=\$rmark\r\
    \n        } else={\r\
    \n            :if (\$count = 1) do={\r\
    \n                :local test [/ip route find where comment=\"WAN1\"]\r\
    \n                :if ([/ip route get \$test gateway] != \$\"gateway-address\") do={\r\
    \n                    /ip route set \$test gateway=\$\"gateway-address\"\r\
    \n                }\r\
    \n            } else={\r\
    \n                :error \"Multiple routes found\"\r\
    \n            }\r\
    \n        }\r\
    \n    } else={\r\
    \n        /ip route remove [find comment=\"WAN1\"]\r\
    \n    }\r\
    \n}\r\
    \n"

After exporting the WORKING config from the router to another hardware and trying with winbox in system reset-configuration
Or directly with cli trying to import the config
/system reset-configuration no-defaults=yes run-after-reset=flash/export.rsc
I get this message:
[admin@MikroTik] /file> /import flash/export.rsc

cannot open import file, \t\t    file does not exist
[admin@MikroTik] /file>

I'M stuck and not able to make config export and restore working. Since I'm on a limited time budget to demonstrate that mikrotik IS THE hardware road to take!
Anybody has been successful in exporting/importing configs with script?
Any help would be appreciated...

Thanks in advance
Spazio
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Export and Import on backup and clone device problem !

Tue Jul 20, 2021 6:05 pm

IT: E adesso che fai, ti rifai vivo tra qualche anno come il solito?
EN: And now what are you doing, will you come back in a few years as usual?
************************************

Everything you've written is just nonsense.

the "bug with dhcp-client on reset-config" it has nothing to do with it

The script finish but no config has change! It's not working!
if you not know how the things works, don't blame others
the script do not work runned from console, but only when you reset the device
[...]
#-------------------------------------------------------------------------------
# Apply configuration.
# these commands are executed after installation or configuration reset
#-------------------------------------------------------------------------------
:if ($action = "apply") do={
[...]
}
#-------------------------------------------------------------------------------
# Revert configuration.
# these commands are executed if user requests to remove default configuration
#-------------------------------------------------------------------------------
:if ($action = "revert") do={
[...]
}
 
spazio
just joined
Topic Author
Posts: 7
Joined: Fri Aug 23, 2013 6:50 pm

Re: Export and Import on backup and clone device problem !

Tue Jul 20, 2021 8:51 pm

LIKEWISE ! "rextended"

What you say just DOESN'T work on CHR !!! It's the first test on my post!
I Tested that script with a reset and IT DOESN' T WORK!!!
/system reset-configuration no-defaults=yes run-after-reset=flash/defaultscript.rsc  
And that's just one of the script that doesn't work!!!!

PLEASE READ THE POST COMPLETELY and UNDERSTAND IT before replying to it to part of it! Thinking you've solved it!
Just don't reply with partial comprehension of a problem or If you don't know! Some have tested thing before posting !!!!

Thanks anyway for the reply...
Last edited by spazio on Tue Jul 20, 2021 9:54 pm, edited 1 time in total.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Export and Import on backup and clone device problem !

Tue Jul 20, 2021 9:13 pm

READ THIS: I want help you, but you must post the "the WORKING config from the router" instead, only censored, not with deleted parts.

**************************************

you can only write "DOESN'T work"?

PLEASE READ THE POST COMPLETELY and UNDERSTAND IT before replying to it!
Is not what you do, from your reply.

Somehave tested thing before posting !!!!
there is nothing to test, you still to not understand what the script do.
:if ($action = "apply") do={

I don't say anything,

it's you who insist
you cannot import the original defconf script, neither run it from the command line.
the script work only on "his" hardware at reset-configuration time

I have read the post more than three times to understand the mess.
 
spazio
just joined
Topic Author
Posts: 7
Joined: Fri Aug 23, 2013 6:50 pm

Re: Export and Import on backup and clone device problem !

Tue Jul 20, 2021 10:59 pm

Either I was too close to see it or I didn't want to see it!
I'll start over and retry everything with the working exported configs from scratch!

Thanks!
:)

Who is online

Users browsing this forum: CJWW and 38 guests