Syed Jahanzaib Personal Blog to Share Knowledge !

June 12, 2014

Mikrotik WAN monitoring script with multiple host check

Filed under: Mikrotik Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 2:31 PM

eagle_map

Recently I added a mikrotik’s base netwatch script on a network to monitor WAN link , and if no ping received from the the WAN host (Example: 8.8.8.8), the down script changes the backup link route to take priority over primary link. But the issue is NETWATCH is kind of un reliable method to check internet connectivity, because it can check only single host at a time, also if your wan link is week or heavily used resulting in few ping timed out which is sometimes common (for example 3 out of 10 replies misses) Netwatch sometimes consider the target link DOWN. the Netwatch gives a “DOWN” status immediately upon a missed ping – irregardless of the Timeout setting.

So to prevent that we must use a method via which we can check at least two or more hosts on Internet like IPS Gateway IP and any other reliable host like 8.8.8.8 (or any other host in your particular region) , if it fails to receive at least 5 replies from each of host, then it will consider the link DOWN. If one host is working and second is down, it will also consider it as UP. kind of cross verification.If 2 out of 5 ping misses, it will still consider the link UP.

Multiple HOST check is recommended, Because if you are using single host check script or netwatch,then some times it can happen that 8.8.8.8 ping reply is not receiving dueto various reason (either its down or isp have blocked ), but rest of internet is working fine, but even then the script/netwatch will consider the LINK is down dueto its single host check. That’s why multi host check is recommended.

 

ROS SCRIPT CODE: (Script name= monitor)


# Following script is copied from the Mikrotik forum.
# Thanks to mainTAP and rextended for sharing
# http://forum.mikrotik.com/viewtopic.php?f=9&t=85505
# Modified few contents to suite local requirements and added descriptions
# Regard's / Syed Jahanzaib / https://aacable.wordpress.com

# Script Starts here...
# Internet Host to be checked You can modify them as per required, JZ
:local host1   "8.8.8.8"
:local host2   "208.67.222.123"

# Do not modify data below without proper understanding.
:local i 0;
:local F 0;
:local date;
:local time;
:global InternetStatus;
:global InternetLastChange;

# PING each host 5 times
:for i from=1 to=5 do={
if ([/ping $host1 count=1]=0) do={:set F ($F + 1)}
if ([/ping $host2 count=1]=0) do={:set F ($F + 1)}
:delay 1;
};

# If both links are down and all replies are timedout, then link is considered down
:if (($F=10)) do={
:if (($InternetStatus="UP")) do={
:log error "WARNING : The INTERNET link seems to be DOWN. Please Check";
:set InternetStatus "DOWN";

##      ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ...
##     /ip route set [find comment="Default Route"] distance=3
##     /ip firewall nat disable [find comment="Your Rules, Example"]

:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
} else={:set InternetStatus "DOWN";}
} else={

##      If reply is received , then consider the Link is UP
:if (($InternetStatus="DOWN")) do={
:log warning "WARNING :The INTERNET link have been restored";
:set InternetStatus "UP";

##      ADD YOUR RULES HERE, LIKE ROUTE CHANGE OR WHAT EVER IS REQUIRED, Example is below ...
##     /ip route set [find comment="Default Route"] distance=1
##     /ip firewall nat enable  [find comment="Your Rules, Example"]

:set date [/system clock get date];
:set time [/system clock get time];
:set InternetLastChange ($time . " " . $date);
} else={:set InternetStatus "UP";}
}

# Script Ends Here.
# Thank you

.

Scheduler to run script auto

To add scheduler to run script after every 5 minutes (or as required), use following code


/system scheduler
add disabled=no interval=5m name="Monitor WAN connectivity Scheduler / JZ" on-event=monitor policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api start-date=jun/12/2014 start-time=\
00:00:00

Don’t forget to change the script name monitor in above scheduler to match the name you set for the script.
Example: on-event=monitor

.

Define Static Routes for Monitoring Host – for Route Changing

If  you are using this script to change internet route to backup link, then you must define static routes for the host you are monitoring. So that your monitored hosts should always (forcefully) go via Primary Link.


/ip route
add comment="Force this HOST via Primary Link" disabled=no distance=1 dst-address=8.8.8.8/32 gateway=192.168.1.1 scope=30 target-scope=10
add comment="Force this HOST via Primary Link" disabled=no distance=1 dst-address=208.67.222.123/32 gateway=192.168.1.1 scope=30 target-scope=10

Note: Make sure to change gateway 192.168.1.1 to primary internet link gateway.

.

.

Regard’s
Syed Jahanzaib

15 Comments »

  1. A.A Jehanzaib Bhai,

    You have proven that “sharing is caring for others”. In country like Pakistan where no true policies / procedures are there to stop internet “PORN”, it is the responsibility of SysAdmins to start this on their own to educate others and provide these services free of cost. So we need more Articles from you for stopping “PORN” in our home / office and everywhere.

    Kind Regards,

    Mian Asif Riaz

    Comment by Mian Asif Riaz — June 12, 2014 @ 4:06 PM

  2. sir ji apna email address de do mujhe snat ke baaren main aapse discussion kerna hain

    Comment by parveen — June 27, 2014 @ 5:50 PM

  3. Aoa ,sir main nay script try kia hai.mujhay aik problem hai is main ,jab main kise aik interface to disable karta hon to ya script kam karta hay,aur agar main check karnay kay liya apnay fiber media converter say fiber nikalta hon to ya route change nae karta aur routes main ip ko reachable he show karta hai.please help me

    Comment by sohail — July 25, 2014 @ 12:26 AM

  4. Dear, sir
    its pleasure to meet you, i have Question Regarding to Fail Over link. i have two types of client on is Public ip and second is Private ip, can i configure Fail Over link in to my Mikrotik router which works for my both types clients.
    thanks.

    Comment by Paiman — January 22, 2015 @ 12:37 PM

  5. I have a question. Suppose you have multiple internet lines connected to mikrotik, how do you check each line if there is internet connection with this script? Some of the modems are in routing mode since 2 modems have the same gateway and it will conflict thats why they are set on routing mode. I believe in routing mode, miktorik will always make a particular line UP since its only monitoring the ip address of the modem in routing mode. How do we come by this?

    Comment by MT — January 29, 2015 @ 1:54 PM

  6. Please i have 2 ISPs connection to a Mikrotik router, one ISP provided a /29 IP address block for private use, routable to their own gateway. can you me with the config for load balancing and auto fail-over with Netwatch for the WAN links including the /29 IP block provided by the second ISP.

    Comment by Donald — February 17, 2016 @ 5:54 PM

  7. […] WAN1MON = it checks for DSL 1 status and update variable ‘wan1staus’ […]

    Pingback by Multiple IF statement matching with Mikrotik Script | Syed Jahanzaib Personal Blog to Share Knowledge ! — April 4, 2016 @ 4:08 PM

  8. […] you can run your own script here to make variable after successful or failed ping results # Ref: https://aacable.wordpress.com/2014/06/12/mikrotik-wan-monitoring-script-with-multiple-host-check/ :local DSL1 [/system script environment get [/system script environment find name="DSL1netstatus"] […]

    Pingback by [For Reference] Quick Script for Mikrotik Daily Info via SMS or Email ! | PakWarez — May 17, 2016 @ 1:05 PM

  9. Thanks for this script. I used it as the starting point for my solution.
    I changed it to consider link down on >= 80% packet loss and link up <= 20%. Outside these ranges the script doesn't make any routing changes.
    Also I used the comment for the main gateway to reflect the down date time stamp rather than your global InternetLastChange.
    So when it goes down i change the "Main Gateway" comment to "Main Gateway – down since ” and when it comes back, i restore the comment back to “Main Gateway”.
    This way i can immediately see from the route list when the switch happened. To do this the find command needs to be changed to use wildcard so it becomes: find comment ~ “Main Gateway”.

    Thanks again.. I have been struggling with a reliable approach after failing on advanced routing scripts and netwatch, this looks like it might work! 🙂

    Comment by Royce Lithgo — January 11, 2017 @ 3:46 AM

    • I am glad it helped.
      and yes by using scripts, we can acquire out tasks which are generally not possible with standard workout. what we refer to ‘out of the box’ solution 🙂

      Comment by Syed Jahanzaib / Pinochio~:) — January 11, 2017 @ 8:24 AM


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: