Community discussions

MikroTik App
 
t4thfavor
just joined
Topic Author
Posts: 18
Joined: Tue Apr 13, 2021 4:40 pm

DNS Healthcheck script in progress

Sun Aug 28, 2022 6:44 pm

Hello Everyone,

I'm working through a problem that I don't currently have so I can learn more about the scripting language used on the Mikrotik platform.

I have begun implementing a DNS Healthcheck for multi-wan failover script. I'm pretty close to done, but I figured I would ask for input from people who already know what they are doing.

The premise is that I have two wans, when dns fails to resolve on one of them, I want it shut off. The method of failover is automatic, all we need to do is detect when dns isn't working, and disable the routing table associated with this wan.

I have the first few parts done.
1. Setup - I set the dns servers we want to check, and we set the hostnames we want to check. We also set the failover threshold for when a wan should be downed.
2. I loop through the dns servers, and then through the hostnames looking for failures
3. I detect failures over the count, and then we call a function to determine the appropriate wan routing table, and disable it.

The script relies on two static routes for the dns servers forcing them out the correct wan. I don't like this approach, but I couldn't think of any other way to ensure that I could check for the wan to come back up.

I'd like input from the community on how to determine the correct routing table for the wan that is currently not resolving dns. I can't seem to figure out how to find the gateway of the route being used for the dns lookup, and then use that to determine the name of the routing table being used for the default route (0.0.0.0/0) with that same gateway.

I'm already using netwatch and pinging those dns servers on schedule to determine which lan is up/down, and it's working well. I'm just trying to implement something similar to what other vendors have for dns based failover of wan connections.

Script is attached.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: DNS Healthcheck script in progress

Sun Aug 28, 2022 10:29 pm

I do not see any script, you forget to post it???
 
t4thfavor
just joined
Topic Author
Posts: 18
Joined: Tue Apr 13, 2021 4:40 pm

Re: DNS Healthcheck script in progress

Mon Aug 29, 2022 5:12 am

I tried, did it get blocked by the forum or something?
###### Make sure you have static routes to force your dns queries out a given wan (WAN1 and WAN2)
###### define variables
:local sysname [/system identity get name];

:local dnsServers {"8.8.8.8" ; "8.8.4.4"}
:local TestDomains {"mikrotik.com" ; "google.com" ; "srrtiop.com"}
:local numDomains [:len $TestDomains]
:local failCount
:local failoverthreshold 2
:global retval
:global counter 0

:global DNSFail do={
    :put $DnsServer
    :local routeID [/ip route find where dst-address=$DnsServer]
    :put $routeID
};

:global TestDNS do={

    :do { 
		:put "entered function with args $DnsServer and $Domain"
        ###### test resolution
        :put [:resolve $Domain server $DnsServer];

        ###### generate syslog messages
        /log info "Primary DNS $DnsServer healthcheck completed, no issues";
        #Enable the routing table for WAN1
        :return (1)
    } on-error={ 
        :put "resolver failed"; 

        ###### generate syslog messages
        /log info "name resolution using primary DNS $DnsServer failed";
        /log info "we would generally disable this WAN connection";

        #take down the routing tabe for WAN1
        :return (0)
    }
};



:put "Number of domains to check $$numDomains"

:foreach dnsServer in=$dnsServers do={  
    :foreach TestDomain in=$TestDomains do={
            :set retval [$TestDNS DnsServer=$dnsServer Domain=$TestDomain]
			:if ($retval=0) do={
				:set failCount ($failCount + 1)
			};
			:put $failCount
			:if ($failcount>$failoverthreshold) do={
				$DNSFail DnsServer=$dnsServer
			} else={
				:put "Dns healthcheck complete for $dnsServer"
			};
			#reset the fail counter for the next address
			:set failCount 0            
        };
};

You do not have the required permissions to view the files attached to this post.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: DNS Healthcheck script in progress

Mon Aug 29, 2022 12:42 pm

I tried, did it get blocked by the forum or something?
:? There is no reason, probably software error????
 
tomislav91
Member
Member
Posts: 303
Joined: Fri May 26, 2017 12:47 pm

Re: DNS Healthcheck script in progress

Sun Sep 18, 2022 1:10 am

when you finish please attach it :)

Who is online

Users browsing this forum: ko00000000001 and 21 guests