Community discussions

MUM Europe 2020
 
lotnybartek
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 95
Joined: Wed Apr 16, 2014 3:22 pm

[SOLVED] Failover script for 2xWAN (PPPoE Client and USB 4G LTE) with E-Mail Notification

Thu Jul 14, 2016 9:24 am

Hi

In our office, we have now USB LTE dongle (Huawei E3372h-153 LTE - HiLink) which works great with RB2011UiAS-2HnD-IN.

So: RB2011 is connected via ETHER1 to VDSL2 modem which is in bridge mode. RB2011 act as PPPOE Client.

Now, I configured LTE modem as usual. So, I added DHCP Client and did NAT on lte1 Interface. Everything works great.

Normally, lte1 interface is disabled. When I enable it, I don't need to switch off pppoe-out1 interface, because RB2011 is automatically giving lte1 interface route distance 0 and pppoe-out1 is always at route distance 1. So, when I'm enabling lte1 interface - all office works on lte connection. When I disable it, all office works on normal VDSL2 connection. It think this is the reason why it's working this way.

Now, I wanted to do a Failover thing, so in case my main VDSL2 connection is dead, RB2011 will switch on lte1 interface and voilla, I now have lte Internet in the office.

So this is my script:
# Following script is copied from the Mikrotik forum.
# Thanks to mainTAP and rextended for sharing
# http://forum.mikrotik.com/viewtopic.php?f=9&t=85505
# Modified few contents to suite local requirements and added descriptions
# Regard's / Syed Jahanzaib / https://aacable.wordpress.com
 
# Script Starts here...
# Internet Host to be checked You can modify them as per required, JZ
:local host1   "8.8.8.8"
:local host2   "8.8.4.4"
 
# Do not modify data below without proper understanding.
:local i 0;
:local F 0;
:local date;
:local time;
:global InternetStatus;
:global InternetLastChange;
 
# PING each host 5 times
:for i from=1 to=5 do={
if ([/ping $host1 count=1]=0) do={:set F ($F + 1)}
if ([/ping $host2 count=1]=0) do={:set F ($F + 1)}
:delay 1;
};
 
# If both links are down and all replies are timedout, then link is considered down
:if (($F=10)) do={
:if (($InternetStatus="UP")) do={
:log error "WARNING : The INTERNET link seems to be DOWN. Please Check";
:set InternetStatus "DOWN";
 
##      ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ...
/interface enable lte1
##     /ip route set [find comment="Default Route"] distance=3
##     /ip firewall nat disable [find comment="Your Rules, Example"]
 
:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
} else={:set InternetStatus "DOWN";}
} else={
 
##      If reply is received , then consider the Link is UP
:if (($InternetStatus="DOWN")) do={
:log warning "WARNING :The INTERNET link have been restored";
:set InternetStatus "UP";
 
##      ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ...
/interface disable lte1
##     /ip route set [find comment="Default Route"] distance=1
##     /ip firewall nat enable  [find comment="Your Rules, Example"]
 
:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
} else={:set InternetStatus "UP";}
}
 
# Script Ends Here.
# Thank you
So, this script half works - actually with this settings inside - it creates a loop. When main connection is down, it enables LTE1 interface - which is fine - and backup link works fine. But after let's say 5 minutes (let's assume script execute every 5 mins) when script in executing again, it's disabling LTE1 interface and it's falling back to VDSL2 connection (which is DEAD) because it can ping host with LTE1 interface.

Of course, I can edit the script here:
##      If reply is received , then consider the Link is UP
:if (($InternetStatus="DOWN")) do={
:log warning "WARNING :The INTERNET link have been restored";
:set InternetStatus "UP";
 
##      ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ...
/interface disable lte1
##     /ip route set [find comment="Default Route"] distance=1
##     /ip firewall nat enable  [find comment="Your Rules, Example"]

and prevent the script to disable LTE1 interface.
=========================================================================================

Main question is: How to adjust the script so it'll check (ping few hosts) with VDSL2 connection (which may be dead or not), not LTE1?

So:

1) VDSL2 is dead.
2) Script enables LTE1 interface.
3) Script checks few host using VDSL2 connection:
    a) if can ping them - script just disable LTE1 and it auto fall back to VDSL2
    b) if still can't ping them - do nothing.

Or maybe there is another way to do it?

Sorry for long writing.

Bart
Last edited by lotnybartek on Mon Jul 18, 2016 12:42 pm, edited 2 times in total.
 
lotnybartek
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 95
Joined: Wed Apr 16, 2014 3:22 pm

Re: Failover script do not switch from backup link to normal link (script inside)

Thu Jul 14, 2016 8:41 pm

Ok so after I read tons of posts here, there is one nice workaround posted by "aacable" user - but still don't know if I'm doing it properly.

You can simply create a route for target host, for example if you are monitoring 8.8.8.8 , then create a route for 8.8.8.8 that should always goes via WAN1. This way monitoring to 8.8.8.8 will always goes via WAN1. For example
/ip route add comment="Static ROUTE for 8.8.8.8 so it should always go from WAN 1" disabled=no distance=1 dst-address=8.8.8.8/32 gateway=pppoe-out1 scope=30 target-scope=1
This one would be perfect for me.

I applied it - but it doesn't seem to work. Mind, that my main DNS's in router configuration are also Google ones. So, what is happening.

1) I unpluged internet cable from modem - from this point modem (bridge mode) and router doesn't have internet connection.
2) I execute script from my first post.
3) Script ping two hosts (8.8.8.8 and 8.8.4.4) and fails - so it's enables LTE1 interface.
4) Now I have Internet from LTE1 interface - so far so good.
5) With Internet cable still unplugged I execute my script again - IT SHOULD ping above two hosts with WAN1 interface because of recursive route lookup (the one with unplugged cable) - so it's should fail.
6) Don't know why, but it probably pings above two hosts with LTE1 interface, because script reaches 8.8.8.8 and 8.8.4.4 and it's disabling LTE1 interface as mentioned in script.
7) Now I do not have Internet, because main connection does not have Internet - cable is unplugged.

Why it doesn't work. It would be so perfect!
 
jarda
Forum Guru
Forum Guru
Posts: 7602
Joined: Mon Oct 22, 2012 4:46 pm

Re: Failover script do not switch from backup link to normal link (recursive route lookup fails?)

Fri Jul 15, 2016 11:13 pm

Static route with interface down is invalid. Put there the same route again with high metric and blackhole type. It will become active and discard the packets when wan1 is down. Sure you need to use other ip for testing than you are using for whatever else reason.
 
lotnybartek
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 95
Joined: Wed Apr 16, 2014 3:22 pm

Re: Failover script do not switch from backup link to normal link (recursive route lookup fails?)

Sat Jul 16, 2016 12:57 am

yeah blackhole was the thing I needed. Works now.

Ip route export:
/ip route add comment="ISP1 MONITORING FOR 8.8.4.4" distance=1 \ dst-address=8.8.4.4/32 gateway=pppoe-out1 
add comment="ISP1 BLACKHOLE FOR 8.8.4.4" distance=2 dst-address=\ 8.8.4.4/32 type=blackhole 
add comment="ISP1 MONITORING FOR 8.8.8.8" distance=1 \ dst-address=8.8.8.8/32 gateway=pppoe-out1 
add comment="ISP1 BLACKHOLE FOR 8.8.8.8" distance=2 dst-address=\ 8.8.8.8/32 type=blackhole
Script:
# Following script is copied from the Mikrotik forum.
# Thanks to mainTAP and rextended for sharing
# http://forum.mikrotik.com/viewtopic.php?f=9&t=85505
# Modified few contents to suite local requirements and added descriptions
# Regard's / Syed Jahanzaib / https://aacable.wordpress.com
 
# Script Starts here...
# Internet Host to be checked You can modify them as per required, JZ
:local host1   "8.8.8.8"
:local host2   "8.8.4.4"
 
# Do not modify data below without proper understanding.
:local i 0;
:local F 0;
:local date;
:local time;
:global InternetStatus;
:global InternetLastChange;
 
# PING each host 5 times
:for i from=1 to=5 do={
if ([/ping $host1 count=1]=0) do={:set F ($F + 1)}
if ([/ping $host2 count=1]=0) do={:set F ($F + 1)}
:delay 1;
};
 
# If both links are down and all replies are timedout, then link is considered down
:if (($F=10)) do={
:if (($InternetStatus="UP")) do={
:log error "Warning : ISP1 IS DOWN, ENABLING LTE1 INTERFACE";
:set InternetStatus "DOWN";
 
##      ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ...
/interface enable lte1
##     /ip route set [find comment="Default Route"] distance=3
##     /ip firewall nat disable [find comment="Your Rules, Example"]

:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
} else={:set InternetStatus "DOWN";}
} else={

##      If reply is received , then consider the Link is UP
:if (($InternetStatus="DOWN")) do={
:log warning "WARNING: ISP1 IS NOW UP, DISABLING LTE1 INTERFACE";
:set InternetStatus "UP";
 
##      ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ...
/interface disable lte1
##     /ip route set [find comment="Default Route"] distance=1
##     /ip firewall nat enable  [find comment="Your Rules, Example"]

:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
} else={:set InternetStatus "UP";}
}

# Script Ends Here.
# Thank you
What in script should I add, to send e-mails with status for Internet UP and DOWN?
 
jarda
Forum Guru
Forum Guru
Posts: 7602
Joined: Mon Oct 22, 2012 4:46 pm

Re: Failover script do not switch from backup link to normal link (recursive route lookup fails?)

Sat Jul 16, 2016 7:35 am

I wouldn't put emailing into this script because you would just make delays in it. Just set some public variable and make another independent script that sends email when such variable has its value.
 
lotnybartek
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 95
Joined: Wed Apr 16, 2014 3:22 pm

Re: Failover script do not switch from backup link to normal link (recursive route lookup fails?)

Mon Jul 18, 2016 9:09 am

Thank you jarda for your suggestions.

I made this script (do not laugh, It's first time I wrote it from A-Z):
#Set variables
:global InternetStatus;
:global SentUpFlag;
:global SentDownFlag;

#Match condition
:if (($InternetStatus = "UP") && ($SentUpFlag = "FALSE")) do={
/tool e-mail send to="XXX@XXX.PL" subject="MY SUBJECT !!!" body="MY BODY"}
:set SentUpFlag "TRUE"
:set SentDownFlag "FALSE"

} else={

#Match condition
:if (($InternetStatus = "DOWN") && ($SentDownFlag = "FALSE")) do={
/tool e-mail send to="XXX@XXX.PL" subject="MY SUBJECT !!!" body="MY BODY"}
:set SentDownFlag "TRUE"
:set SentUpFlag "FALSE"
 
When I run it (connection is UP), first half of the code works (variables changes once, after another run they stay the same so it's OK), when connection goes DOWN, second half of the code do nothing. Can someone help me and explain what is wrong here? -
 
lotnybartek
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 95
Joined: Wed Apr 16, 2014 3:22 pm

Re: Failover script do not switch from backup link to normal link (recursive route lookup fails?)

Mon Jul 18, 2016 12:39 pm

This one works:

BEFORE you run it, set manually SentUpFlag and SetDownFlag to FALSE.
#Set variables
:global InternetStatus;
:global SentUpFlag;
:global SentDownFlag;

#Match condition
:if (($InternetStatus = "UP") && ($SentUpFlag = "FALSE")) do={

:set SentUpFlag "TRUE"
:set SentDownFlag "FALSE"
:delay 15;

/tool e-mail send to="XXX@XXX.XX" subject="YOUR SUBJECT !!!" body="YOUR BODY."}

#####################################################################

#Match condition
:if (($InternetStatus = "DOWN") && ($SentDownFlag = "FALSE")) do={

:set SentDownFlag "TRUE"
:set SentUpFlag "FALSE"
:delay 15;

/tool e-mail send to="XXX@XXX.XX" subject="YOUR SUBJECT !!!" body="YOUR BODY."}
 
User avatar
webor
newbie
Posts: 38
Joined: Sat Dec 20, 2008 2:33 am
Location: Europe

Re: [SOLVED] Failover script for 2xWAN (PPPoE Client and USB 4G LTE) with E-Mail Notification

Thu Oct 05, 2017 11:46 am

Hy! Thank you for this post, It was very useful for me.
Regrading the setup of routes in this example, and from what I have experienced testing this, for me those two blackholes are not needed. I am using latest bugfix v6.38.7. For me everything works perfect without blackholes routes.
The only open issue and downside of this setup is that if LTE1 interface is up then it is impossible to connect to google dns servers 8.8.8.8 or 8.8.4.4, so this config when it is in "Failover mode" (LTE1 interface enabled) strictly prevents the use of google dns serversin this network. Has anyone found a solution for that?

Beside the script, the only additional config was:
/ip route
add comment="ISP1 MONITORING FOR 8.8.4.4" distance=1 dst-address=8.8.4.4/32 gateway=pppoe-out1
add comment="ISP1 MONITORING FOR 8.8.8.8" distance=1 dst-address=8.8.8.8/32 gateway=pppoe-out1
Else is redundant:
# add comment="ISP1 BLACKHOLE FOR 8.8.4.4" distance=2 dst-address=8.8.4.4/32 type=blackhole
# add comment="ISP1 BLACKHOLE FOR 8.8.8.8" distance=2 dst-address=8.8.8.8/32 type=blackhole
Am I missing something?
That is my signature

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], mbovenka, mkx and 114 guests