This is just a simple reference guide on howto display maintenance notice page for client when the the main internet link is down. You can add many advance functions in it, but I shared this method just to give you an idea that how it an be done. The result is that It can greatly help in reducing clients calls to help line in event of internet downtime.
As someone asked from the FB, I decided to make it public so those who don’t know about it should get a idea on how simple it is to achieve. I implemented this technique at a local network which had a fewer number of clients with an unstable PTCL DSL connectivity. It helped the operator to keep informed about the connectivity status via sms status (GSM modem was attached with mirkotik and the netwatch script also sends sms to the operator about the link status)
The theory is simple, First create a NAT rule that redirects http port 80 requests to your local/external proxy service which deny all requests and redirect to local web server page which shows the MAINTENANCE PAGE. make sure to disable this rule after its creation.
Now create a NETWATCH rule that can keep monitoring any reliable HOST on internet , probably your ISP DNS or GOOGLE DNS , if the link is down, then DOWN script should be triggered which enables the NAT Rule, so in case of any link down all users will be routed to maintenance page, and when the link gets UP, the up script will disable the NAT rule, and internet will start work at user end normally.
Example:
First the NAT rule which actually redirects port 80 requests to internet/external proxy server.
[Make sure the comments remains same in all rules of nat / netwatch, otherwise script will not work.
/ip firewall nat add action=redirect chain=dstnat comment="Redirect to Proxy" disabled=yes dst-port=80 protocol=tcp to-ports=8080
/ip proxy set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=unlimited max-client-connections=600 \ max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no src-address=0.0.0.0 /ip proxy access add action=deny disabled=no dst-port="" redirect-to=10.0.0.1/netdown.html
Now the Netwatch script which will keep monitoring the internet, and act accordingly
/tool netwatch add disabled=no down-script=":log error \"ISP Link seems to be DOWN , ENABLING redirection to proxy so users will see mainteneace page / zaib\"\r\ \n/ip firewall nat enable [find comment=\"Redirect to Proxy\"]" host=8.8.8.8 interval=5s timeout=1s up-script=":log error \"ISP Link seems to be UP again , Disa\ bling redirection to proxy so users internet will start work again. / zaib\"\r\ \n/ip firewall nat disable [find comment=\"Redirect to Proxy\"]\r\ \n"
↓
↓
Result [when the internet link is down]:
↓
You can achieve the same task with more elegance , more controlled way by using SCRIPTS to do various functions like frequency control , ping multiple hosts instead of single destination, Act according to latency load results, email / sms function, and much much more,
as someone said
Quote:
” SKY IS THE ONLY LIMIT “
Syed Jahanzaib
thanks man you are the boss
جزاك الله خير
LikeLike
Comment by mctnetwork — March 14, 2014 @ 2:32 PM
but when open any site not save in dns cache in mikrotik show page not internet found
how can fix this
LikeLike
Comment by sfaregshady — April 6, 2014 @ 11:59 PM
syed what is a script when we are using external proxy
LikeLike
Comment by kamal — April 12, 2014 @ 2:23 AM
I showed some example in the article. read plz
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — April 13, 2014 @ 1:02 PM
the script is not working , it show syntax error on /ip proxy step
LikeLike
Comment by Clara Evan — April 25, 2014 @ 8:02 PM
sorry bro, its the wordpress coding issue 😦 it always messes with the code i post on blog 😥
anyway I have corrected it. please check and do let me know.
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — April 26, 2014 @ 10:16 AM
First of all thanks a lot for sharing your experience and knowledge with us for free
can i apply this with hotspot ?
LikeLike
Comment by Ahmed Gamal — May 17, 2014 @ 3:02 PM
yes
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — May 17, 2014 @ 8:14 PM
Thanks for your sharing…
I have a problem when i put the netdown.html on mikrotik,
Error 404:File Not Found
what’s the problem actually.
Thankyou…
LikeLike
Comment by rizaru — July 16, 2014 @ 9:02 AM
netdown.html should be placed on your local web server placed on LAN.
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — July 17, 2014 @ 11:15 AM
not work with me
/ip firewall nat
add action=redirect chain=dstnat comment=”Redirect to Proxy” disabled=yes dst-port=80 protocol=tcp to-ports=8080
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=unlimited max-client-connections=600 \
max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no src-address=0.0.0.0
/ip proxy access
add action=deny disabled=no dst-port=”” redirect-to=8.8.8.1/netdown.htm
/tool netwatch
add disabled=no down-script=”:log error \”ISP Link seems to be DOWN , ENABLING redirection to proxy so users will see mainteneace page / zaib\”\r\
\n/ip firewall nat enable [find comment=\”Redirect to Proxy\”]” host=41.128.225.225 interval=5s timeout=1s up-script=”:log error \”ISP Link seems to be UP again , Disa\
bling redirection to proxy so users internet will start work again. / zaib\”\r\
\n/ip firewall nat disable [find comment=\”Redirect to Proxy\”]\r\
\n”
LikeLike
Comment by Hima Magdy — August 11, 2014 @ 7:13 AM
This method have some flaws and can produce false results sometimes, better to use at least two different internet host to confirm the connectivity and act accordingly, This will not be done with NETWATCH approach, use SCRIPT,
to get start read following.
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — August 14, 2014 @ 4:04 PM
Hi,
We have ip phones in our network, in Mikrotik Router i want to prioritize Voice traffic for the ip addresses of IP phones? is it possible in Mikrotik….? could you please guide me how to configure rules to achieve this requirement.
Please reply me….
LikeLike
Comment by Umer — January 18, 2015 @ 2:32 PM
How to assign dedicated bandwidth to specific rang of ip addresses in Mikrotik?
we have total 30Mbps bandwidth for LAN 192.168.0.0 users , i want to assign 5Mbps dedicated bancdwidth to specific range of ip addresses from 192.168.0.0 subnet.
LikeLike
Comment by Omar — January 18, 2015 @ 2:36 PM
Various ways to do it.
Example if you want to hard code it, then simply create 1 with 5mb and target should be your specific range,
then create second queue, for other users ip range.
or you can use priority as well. depend on the network structure.
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — January 21, 2015 @ 9:52 AM
How to configure priority (QOS) for voice traffic in Mikrotik router??
i want to prioritize all voice traffic passing through Mikrotik Router,,..Please help me to configure it !
LikeLike
Comment by uazeem — January 21, 2015 @ 10:15 AM
I have two ISP connections which are terminated in Mikrotik Router.
ISP1:
ISP2:
And two LAN’s are connected with Mikrotik Router.
LAN1: 192.168.0.0/24
LAN2: 192.168.1.0/24
I want LAN1 users go through ISP1 and LAN2 users go through ISP2.
How to configure in Mikrotik Router? Please help !
LikeLike
Comment by uazeem — January 23, 2015 @ 6:41 PM
Dears friends i want to setup an iptv setting with my hotspot and ppoe running servers on mikrotik rb450g. Now i want to give access to watch my iptv some of client whoom i give permission to watch iptv along with internet and some of clients deny iptv access. How this is possible. When i activate upstreaming using igmp proxy iptv starts working on all clients pc. how to stop some clients and allow some clients.
LikeLike
Comment by Tahir — February 7, 2015 @ 1:44 AM
Hi dear Zaib, Where shall I put the netdown.html file and my lan ip is 172.16.0.1/16 please guide me
LikeLike
Comment by Ahmad — March 5, 2015 @ 9:05 PM
You can put it in any local web server, or in mikrotik metarouter by hosting apache in it too.
LikeLike
Comment by Syed Jahanzaib / Pinochio~:) — March 6, 2015 @ 3:53 PM