[Mikrotik] Script help
Pardon my lack of scripting I have several towers with multiple backhauls, all on a bridged network. So I have to keep the SSID changed on the backup backhaul to prevent an ethernet loop. Sometimes we don't catch problems fast enough. (Yes, I have a major link using OSPF, but this is on a large bridged network with a subnet spread out and can't be changed easily.) My thought was to put a RB532 or faster 3 ethernet board at a tower with the ether ports in a bridge- Ether1(to network switch) ON (was ether2) disable = no (to main backhaul) OFF (was ether3) disable =yes(to backup backhaul) The script could ping an IP on the other end of backhauls. If it fails, do this find interface disabled and rename ON find interface enabled and rename OFF find interface 'ON' and enable it find interface OFF and disable it. Might have to have a timer to keep it from switching back before pings start going through Might add a email to let us know it did it. I don't have a clue to thos if's etc in scripting!! Also, if this idea is bad, please feel free to tell me!!! Thanks in advance, Randall -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/91f61970/attachment.html
Re: [Mikrotik] Script help
Thanks! I was sitting here playing with it learning some - studying improved netwatch on wiki... Randall - Original Message - From: Sam Tetherow [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 5:34 PM Subject: Re: [Mikrotik] Script help /tool netwatch is probably what you want. I have not done this type of thing, but I did use it when testing some VRRP stuff /tool netwatch add host=HOST_TO_PING interval=10s \ down-script=/interface ethernet;set ON disabled=yes name=DOWN;set OFF disabled=no name=ON;set DOWN name=OFF Not sure if it is a good idea, but that should at least get you started down the road of mysterious network changes in the middle of the night ;) Sam Tetherow Sandhills Wireless Randall Roberts wrote: Pardon my lack of scripting I have several towers with multiple backhauls, all on a bridged network. So I have to keep the SSID changed on the backup backhaul to prevent an ethernet loop. Sometimes we don't catch problems fast enough. (Yes, I have a major link using OSPF, but this is on a large bridged network with a subnet spread out and can't be changed easily.) My thought was to put a RB532 or faster 3 ethernet board at a tower with the ether ports in a bridge- Ether1(to network switch) ON (was ether2) disable = no (to main backhaul) OFF (was ether3) disable =yes(to backup backhaul) The script could ping an IP on the other end of backhauls. If it fails, do this find interface disabled and rename ON find interface enabled and rename OFF find interface 'ON' and enable it find interface OFF and disable it. Might have to have a timer to keep it from switching back before pings start going through Might add a email to let us know it did it. I don't have a clue to thos if's etc in scripting!! Also, if this idea is bad, please feel free to tell me!!! Thanks in advance, Randall -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/91f61970/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- This message has been scanned for viruses and dangerous content by Basin Broadband, Inc., utilizing DefenderMX technology, and is believed to be clean. No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM
Re: [Mikrotik] Script help -- First Problem
I'm not really seeing a problem in your description... The UP tab should be the script that makes the route in question use the primary interface/connection. The DOWN tab should be the script that makes the route go to the secondary interface/connection. What I have had a lot myself is forgetting to force the host being pinged out of the primary interface - double check your route on this. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Thu, Oct 2, 2008 at 8:33 PM, Randall Roberts [EMAIL PROTECTED]wrote: Only problem I've found is - if the second interface is really down also when it switches to it, then it will stay there, even if the first interface comes back up. If there's someway to reset the status, maybe disable the netwatch rule, then re-enable it, to cause it to start pinging, and after failure switch again. Any ideas? Thanks, Randall - Original Message - From: Sam Tetherow [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 5:34 PM Subject: Re: [Mikrotik] Script help /tool netwatch is probably what you want. I have not done this type of thing, but I did use it when testing some VRRP stuff /tool netwatch add host=HOST_TO_PING interval=10s \ down-script=/interface ethernet;set ON disabled=yes name=DOWN;set OFF disabled=no name=ON;set DOWN name=OFF Not sure if it is a good idea, but that should at least get you started down the road of mysterious network changes in the middle of the night ;) Sam Tetherow Sandhills Wireless Randall Roberts wrote: Pardon my lack of scripting I have several towers with multiple backhauls, all on a bridged network. So I have to keep the SSID changed on the backup backhaul to prevent an ethernet loop. Sometimes we don't catch problems fast enough. (Yes, I have a major link using OSPF, but this is on a large bridged network with a subnet spread out and can't be changed easily.) My thought was to put a RB532 or faster 3 ethernet board at a tower with the ether ports in a bridge- Ether1(to network switch) ON (was ether2) disable = no (to main backhaul) OFF (was ether3) disable =yes(to backup backhaul) The script could ping an IP on the other end of backhauls. If it fails, do this find interface disabled and rename ON find interface enabled and rename OFF find interface 'ON' and enable it find interface OFF and disable it. Might have to have a timer to keep it from switching back before pings start going through Might add a email to let us know it did it. I don't have a clue to thos if's etc in scripting!! Also, if this idea is bad, please feel free to tell me!!! Thanks in advance, Randall -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/91f61970/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- This message has been scanned for viruses and dangerous content by Basin Broadband, Inc., utilizing DefenderMX technology, and is believed to be clean. No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/38aecdc9/attachment.html
Re: [Mikrotik] Script help -- First Problem
Once the netwatch runs the down script and toggles to the other interface, if it is also down, the status stays at 'down' -- it never goes back to up, so the script doesn't run again to toggle interface again. The ip-address of the bridge is set to the bridge1 interface. Randall - Original Message - From: Josh Luthman [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 7:45 PM Subject: Re: [Mikrotik] Script help -- First Problem I'm not really seeing a problem in your description... The UP tab should be the script that makes the route in question use the primary interface/connection. The DOWN tab should be the script that makes the route go to the secondary interface/connection. What I have had a lot myself is forgetting to force the host being pinged out of the primary interface - double check your route on this. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Thu, Oct 2, 2008 at 8:33 PM, Randall Roberts [EMAIL PROTECTED]wrote: Only problem I've found is - if the second interface is really down also when it switches to it, then it will stay there, even if the first interface comes back up. If there's someway to reset the status, maybe disable the netwatch rule, then re-enable it, to cause it to start pinging, and after failure switch again. Any ideas? Thanks, Randall - Original Message - From: Sam Tetherow [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 5:34 PM Subject: Re: [Mikrotik] Script help /tool netwatch is probably what you want. I have not done this type of thing, but I did use it when testing some VRRP stuff /tool netwatch add host=HOST_TO_PING interval=10s \ down-script=/interface ethernet;set ON disabled=yes name=DOWN;set OFF disabled=no name=ON;set DOWN name=OFF Not sure if it is a good idea, but that should at least get you started down the road of mysterious network changes in the middle of the night ;) Sam Tetherow Sandhills Wireless Randall Roberts wrote: Pardon my lack of scripting I have several towers with multiple backhauls, all on a bridged network. So I have to keep the SSID changed on the backup backhaul to prevent an ethernet loop. Sometimes we don't catch problems fast enough. (Yes, I have a major link using OSPF, but this is on a large bridged network with a subnet spread out and can't be changed easily.) My thought was to put a RB532 or faster 3 ethernet board at a tower with the ether ports in a bridge- Ether1(to network switch) ON (was ether2) disable = no (to main backhaul) OFF (was ether3) disable =yes(to backup backhaul) The script could ping an IP on the other end of backhauls. If it fails, do this find interface disabled and rename ON find interface enabled and rename OFF find interface 'ON' and enable it find interface OFF and disable it. Might have to have a timer to keep it from switching back before pings start going through Might add a email to let us know it did it. I don't have a clue to thos if's etc in scripting!! Also, if this idea is bad, please feel free to tell me!!! Thanks in advance, Randall -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/91f61970/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- This message has been scanned for viruses and dangerous content by Basin Broadband, Inc., utilizing DefenderMX technology, and is believed to be clean. No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/38aecdc9/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- This message has been scanned for viruses and dangerous content by Basin Broadband, Inc., utilizing DefenderMX technology, and is believed to be clean. No virus
Re: [Mikrotik] Script help -- First Problem
While the script is marked as down it does poll every interval set. The issue here is that the ping is not getting to your host. Maybe Butch's suggestion is why you're unable to? Do you know of another reason why you can't get to that host? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Thu, Oct 2, 2008 at 8:51 PM, Randall Roberts [EMAIL PROTECTED]wrote: Once the netwatch runs the down script and toggles to the other interface, if it is also down, the status stays at 'down' -- it never goes back to up, so the script doesn't run again to toggle interface again. The ip-address of the bridge is set to the bridge1 interface. Randall - Original Message - From: Josh Luthman [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 7:45 PM Subject: Re: [Mikrotik] Script help -- First Problem I'm not really seeing a problem in your description... The UP tab should be the script that makes the route in question use the primary interface/connection. The DOWN tab should be the script that makes the route go to the secondary interface/connection. What I have had a lot myself is forgetting to force the host being pinged out of the primary interface - double check your route on this. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Thu, Oct 2, 2008 at 8:33 PM, Randall Roberts [EMAIL PROTECTED]wrote: Only problem I've found is - if the second interface is really down also when it switches to it, then it will stay there, even if the first interface comes back up. If there's someway to reset the status, maybe disable the netwatch rule, then re-enable it, to cause it to start pinging, and after failure switch again. Any ideas? Thanks, Randall - Original Message - From: Sam Tetherow [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 5:34 PM Subject: Re: [Mikrotik] Script help /tool netwatch is probably what you want. I have not done this type of thing, but I did use it when testing some VRRP stuff /tool netwatch add host=HOST_TO_PING interval=10s \ down-script=/interface ethernet;set ON disabled=yes name=DOWN;set OFF disabled=no name=ON;set DOWN name=OFF Not sure if it is a good idea, but that should at least get you started down the road of mysterious network changes in the middle of the night ;) Sam Tetherow Sandhills Wireless Randall Roberts wrote: Pardon my lack of scripting I have several towers with multiple backhauls, all on a bridged network. So I have to keep the SSID changed on the backup backhaul to prevent an ethernet loop. Sometimes we don't catch problems fast enough. (Yes, I have a major link using OSPF, but this is on a large bridged network with a subnet spread out and can't be changed easily.) My thought was to put a RB532 or faster 3 ethernet board at a tower with the ether ports in a bridge- Ether1(to network switch) ON (was ether2) disable = no (to main backhaul) OFF (was ether3) disable =yes(to backup backhaul) The script could ping an IP on the other end of backhauls. If it fails, do this find interface disabled and rename ON find interface enabled and rename OFF find interface 'ON' and enable it find interface OFF and disable it. Might have to have a timer to keep it from switching back before pings start going through Might add a email to let us know it did it. I don't have a clue to thos if's etc in scripting!! Also, if this idea is bad, please feel free to tell me!!! Thanks in advance, Randall -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/91f61970/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- This message has been scanned for viruses and dangerous content by Basin Broadband, Inc., utilizing DefenderMX technology, and is believed to be clean. No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9
Re: [Mikrotik] Script help -- First Problem
I was under the impression that STP wasn't very reliable. (I haven't tried it in years...) I've always seen the STP button in Bridge setup. Didn't know about what to put for the settings, I'm going back to lab and try with the defaults. One other question- Is there a problem with turning this on all of the wireless bridged links? Will it then allow more of a 'mesh' with the different towers if say, A has link to B and to C, and B has a link to C? If A-B fails, B will get it from A-C-B? Thanks Butch - you're the man. as usual. Randall - Original Message - From: Butch Evans [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 7:46 PM Subject: Re: [Mikrotik] Script help -- First Problem On Thu, 2 Oct 2008, Randall Roberts wrote: Only problem I've found is - if the second interface is really down also when it switches to it, then it will stay there, even if the first interface comes back up. If there's someway to reset the status, maybe disable the netwatch rule, then re-enable it, to cause it to start pinging, and after failure switch again. Is the IP you are testing to reachable on the normally off interface? In other words, if you are testing to 10.10.10.1 and the normal interface is turned on you should be able to ping. If you, then, turn the normal interface off and turn on the backup interface, will you be able to ping 10.10.10.1? If so, then netwatch is not gonna work correctly. If bridge loops are the problem, why not set up STP? It's easy to enable in MT and it is very reliable. If a loop is detected, STP will fix it before the storm starts. -- *Butch Evans *Professional Network Consultation * *Network Engineering *MikroTik RouterOS* *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer* ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- This message has been scanned for viruses and dangerous content by Basin Broadband, Inc., utilizing DefenderMX technology, and is believed to be clean. No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus Database: 270.7.5/1704 - Release Date: 10/2/2008 9:35 PM
Re: [Mikrotik] Script help -- First Problem
On Thu, 2 Oct 2008, Randall Roberts wrote: I was under the impression that STP wasn't very reliable. (I haven't tried it in years...) It's not unreliable...just harder to engineer traffic than, for example, OSPF. I've always seen the STP button in Bridge setup. Didn't know about what to put for the settings, I'm going back to lab and try with the defaults. The defaults will work just fine for most applications. STP will use a least number of hops approach by default. If the hop count is equal, then it will at random pick one. One other question- Is there a problem with turning this on all of the wireless bridged links? Will it then allow more of a 'mesh' with the different towers if say, A has link to B and to C, and B has a link to C? If A-B fails, B will get it from A-C-B? If I understand your question, then the answer is no, there's no problem with this. In fact, it is advisable to turn it on for all of them. If you are running a mesh, then you may want to look into MME, which is documented (poorly, IMO) here: http://wiki.mikrotik.com/wiki/MME_wireless_routing_protocol In your shoes, I'd go with STP, as it is simple, low overhead and reliable. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Script help -- First Problem
That should be normal, read this subsection: http://en.wikipedia.org/wiki/Spanning_tree_protocol#Bridge_Protocol_Data_Units_.28BPDUs.29 Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Thu, Oct 2, 2008 at 10:01 PM, Randall Roberts [EMAIL PROTECTED] wrote: Butch- You've changed my life! I didn't realize that it would use the least hops. I did see the priority and played with changing that. I also took the times down to :01 to speed it up. Although I'm sure there's probably a side effect with that... I saw some arp problems when I turned it on for my 'back door feed' to a tower 2 hops away.. My monitoring workstation running whatsup saw several clients, even on towers elsewhere on this network, unable to ping for a minute. Thanks, Randall - Original Message - From: Butch Evans [EMAIL PROTECTED] To: Mikrotik discussions mikrotik@mail.butchevans.com Sent: Thursday, October 02, 2008 8:35 PM Subject: Re: [Mikrotik] Script help -- First Problem On Thu, 2 Oct 2008, Randall Roberts wrote: I was under the impression that STP wasn't very reliable. (I haven't tried it in years...) It's not unreliable...just harder to engineer traffic than, for example, OSPF. I've always seen the STP button in Bridge setup. Didn't know about what to put for the settings, I'm going back to lab and try with the defaults. The defaults will work just fine for most applications. STP will use a least number of hops approach by default. If the hop count is equal, then it will at random pick one. One other question- Is there a problem with turning this on all of the wireless bridged links? Will it then allow more of a 'mesh' with the different towers if say, A has link to B and to C, and B has a link to C? If A-B fails, B will get it from A-C-B? If I understand your question, then the answer is no, there's no problem with this. In fact, it is advisable to turn it on for all of them. If you are running a mesh, then you may want to look into MME, which is documented (poorly, IMO) here: http://wiki.mikrotik.com/wiki/MME_wireless_routing_protocol In your shoes, I'd go with STP, as it is simple, low overhead and reliable. -- *Butch Evans *Professional Network Consultation * *Network Engineering *MikroTik RouterOS* *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer* ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- This message has been scanned for viruses and dangerous content by Basin Broadband, Inc., utilizing DefenderMX technology, and is believed to be clean. No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus Database: 270.7.5/1704 - Release Date: 10/2/2008 9:35 PM ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik -- next part -- An HTML attachment was scrubbed... URL: http://www.butchevans.com/pipermail/mikrotik/attachments/20081002/262856a4/attachment.html
