lunes, 3 de marzo de 2014

FailOver de 2 WAN con Gateway reversible en RouterOS

Este post mejora el script encontrado en http://wiki.mikrotik.com/wiki/Failover_Scripting  corrigiendo los errores:
- Tener una WAN principal que siempre esté activa si el enlace está activo con salida a internet.
- Tener una WAN secundaria que solo actúa como backup si la WAN principal cae.
- Volver automáticamente a la WAN principal cuando vuelva a tener salida a internet.

Topología:

Se elijen 2 IP para hacer ping (8.8.8.8 y 8.8.4.4), cada una por una interfaz WAN diferenten:


/ip route
add disabled=no distance=2 dst-address=8.8.4.4/32 gateway=172.16.0.1 scope=30 target-scope=10
add disabled=no distance=1 dst-address=8.8.8.8/32 gateway=10.10.0.1 pref-src=0.0.0.0 scope=30 target-scope=10

add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=172.16.0.1 scope=30 target-scope=10


add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.10.0.1 pref-src=0.0.0.0 scope=30 target-scope=10

****************
Modifiqué el script para que se comporte con las IPs:
# ------------------- header -------------------
# Script by Tomas Kirnak, version 1.0.7
# If you use this script, or edit and
# re-use it, please keep the header intact.
#
# For more information and details about
# this script please visit the wiki page at
# http://wiki.mikrotik.com/wiki/Failover_Scripting
# ------------------- header -------------------
# ------------- start editing here -------------

#:log warning "HOLA."

:local InterfaceISP1 ether1
:local InterfaceISP2 ether5

:local GatewayISP1 10.10.0.1
:local GatewayISP2 172.16.0.1

:local PingTarget1 8.8.8.8
:local PingTarget2 8.8.4.4

:global PingFailCountISP1
:global PingFailCountISP2

:if ([:typeof $PingFailCountISP1] = "nothing") do={:set PingFailCountISP1 0}
:if ([:typeof $PingFailCountISP2] = "nothing") do={:set PingFailCountISP2 0}

:local PingResult

:set PingResult [ping $PingTarget1 count=1]
#:log warning "HOLA ping."
:put $PingResult
#:log warning $PingResult


:if ( $PingResult=0) do={
#  :log warning "ping fallo"
#  :log warning $PingFailCountISP1
 :if ($PingFailCountISP1 < 5) do={
  :set PingFailCountISP1 ($PingFailCountISP1 + 1)
 
  :if ($PingFailCountISP1 = 3) do={
   :log warning "ISP1 has a problem en route to $PingTarget1 - increasing distance of routes."
   :foreach i in=[/ip route find gateway=$GatewayISP1 && static] do=\
    {/ip route set $i distance=([/ip route get $i distance] + 2)}
   :log warning "Route distance increase finished."
  }
 }
}
:if ($PingResult = 1) do={
 :if ($PingFailCountISP1 > 0) do={
  :set PingFailCountISP1 ($PingFailCountISP1 - 1)
 
  :if ($PingFailCountISP1 = 2) do={
   :log warning "ISP1 can reach $PingTarget1 again - bringing back original distance of routes."
   :foreach i in=[/ip route find gateway=$GatewayISP1 && static] do=\
    {/ip route set $i distance=([/ip route get $i distance] - 2)}
   :log warning "Route distance decrease finished."
  }
 }
}

:set PingResult [ping $PingTarget2 count=1]
#:log warning "haciendo ping 2"
:put $PingResult
#:log warning $PingResult

:if ( $PingResult=0) do={
 :if ($PingFailCountISP2 < 5) do={
  :set PingFailCountISP2 ($PingFailCountISP2 + 1)
 
  :if ($PingFailCountISP2 = 3) do={
   :log warning "ISP2 has a problem en route to $PingTarget2 - increasing distance of routes."
   :foreach i in=[/ip route find gateway=$GatewayISP2 && static] do=\
    {/ip route set $i distance=([/ip route get $i distance] + 2)}
   :log warning "Route distance increase finished."
  }
 }
}
:if ($PingResult = 1) do={
 :if ($PingFailCountISP2 > 0) do={
  :set PingFailCountISP2 ($PingFailCountISP2 - 1)
 
  :if ($PingFailCountISP2 = 2) do={
   :log warning "ISP2 can reach $PingTarget2 again - bringing back original distance of routes."
   :foreach i in=[/ip route find gateway=$GatewayISP2 && static] do=\
    {/ip route set $i distance=([/ip route get $i distance] - 2)}
   :log warning "Route distance decrease finished."
  }
 }
}

2 comentarios:

  1. Estimado:

    Buenos dias, Muchas Gracias por el aporte, tengo una duda, este script donde se carga? Se carga como script y se realiza un netwatch para su ejecucion? Muchas Gracias.

    ResponderEliminar
  2. buenos dias si tengo un ip dinamico y un ip fijo como logo hacer FailOver mikrotik

    ResponderEliminar