Closed enselerizer closed 8 months ago
Can you provide me with more infor about netwatch? best would be print terse outputs of your setup with explanation and what is important information to see. Routes are out of question. we tried that once, but there can be thousands on routes depending on device use. netwatch could be doable tho.
Plus 1 ask for enabled/disabled routes. I have a similar scenario: cable ISP as a primary provider + cellular as a backup, but use the recursive routing method for determining which route to activate.
I guess for such relatively simple routing scenarios the integration would need to poll the route list from Mikrotik (/ip/route print) and probably parse the statuses (even though it can be done in HA templates), The monitoring/notification itself can be done in HA automations.
BTW, as a workaround, I check my external IP address via DNS IP/myip integration. It helps in primary/backup route scenario when I know what IPs or IP ranges to expect, but probably won't help in the load balancing cases.
Can you provide me with more infor about netwatch? best would be print terse outputs of your setup with explanation and what is important information to see.
I'm sorry, I don't understand exactly what information is required. I'm using a Netwatch rule that regularly pings a certain known WAN address, such as 8.8.8.8. After that, the rule macro is executed, if the address becomes unavailable ("down" status), the following is executed:
/ip route disable [find comment="ISP-Main"]
/ip route enable [find comment="ISP-Backup"]
:foreach i in=[/ip firewall connection find protocol~"tcp"] do={ /ip firewall connection remove $i }
:foreach i in=[/ip firewall connection find protocol~"udp"] do={ /ip firewall connection remove $i }
If the address becomes available ("up" status), the following is performed:
/ip route disable [find comment="ISP-Backup"]
/ip route enable [find comment="ISP-Main"]
:foreach i in=[/ip firewall connection find protocol~"tcp"] do={ /ip firewall connection remove $i }
:foreach i in=[/ip firewall connection find protocol~"udp"] do={ /ip firewall connection remove $i }
The static routes mentioned in the macros are the default routes (0.0.0.0/0) directed either to the gateway of the first ISP or to the gateway of the second ISP. The firewall has a rule that only allows ICMP requests for address 8.8.8.8 to be sent through the first ISP.
Routes are out of question. we tried that once, but there can be thousands on routes depending on device use.
I'm only interested in the status of static routes, their number doesn't change over time without manual reconfiguration. Maybe that will be possible?
I have a similar scenario: cable ISP as a primary provider + cellular as a backup
Same.
BTW, as a workaround, I check my external IP address via DNS IP/myip integration. It helps in primary/backup route scenario when I know what IPs or IP ranges to expect, but probably won't help in the load balancing cases.
Unfortunately it won't work in my case. On my main ISP, I have a public IP address that is used for remote access to home assistant and other home services. But on the second ISP, I need a VPN connection to access home assistant. I want to use the received information to turn VPN on and off on my home server. But as long as the tunnel is up, any IP address check will show me the IP address of my VPN server.
P.S. sorry for the poor english, i use google translate
I didnt mean routes, but netwatch you mentioned. I dont know anythign about it, so I need to see output from configuration and live data to implement it properly.
Probably something like /tool/netwatch/print terse
or just /tool/netwatch/print
if terse wont work. You can mask (replace with stars or similar) any private data if there are some, I just need to know columns and what kind of relevant info I can find there. Also mark for me any of columns that are important/nice to have visible in HA.
For reference, here is documentation: https://help.mikrotik.com/docs/display/ROS/Netwatch
Problem with routes is that you need to query them. It was causing nonstop high load when it was implemented for ISP/semi-ISP setups as that query took long time and significant cpu resources. I may consider implementing as optional feature in future if there is demand for it. But lets focus on netwatch now, dont want to mix things up
Dont worry about english, its good.
The output looks like this:
[admin@Router - MikroTik hEX S] >> /tool netwatch print
Flags: X - disabled
# HOST TIMEOUT INTERVAL STATUS SINCE
0 ;;; Auto ISP change
8.8.8.8 1s 5s up jun/23/2023 05:45:05
I'm primarily interested in the STATUS and HOST columns, and also comment (if it is possible).
But on the second ISP, I need a VPN connection to access home assistant. I want to use the received information to turn VPN on and off on my home server. But as long as the tunnel is up, any IP address check will show me the IP address of my VPN server.
I use Home Assistant Cloud, it works fine via a cellular connection (including SSH to Mikrotik using internal IP). Another option would be ZeroTier VPN (or a similar service) - it would allow to access internal IPs in such scenario as well.
Sorry for offtopic :-)
But on the second ISP, I need a VPN connection to access home assistant. I want to use the received information to turn VPN on and off on my home server. But as long as the tunnel is up, any IP address check will show me the IP address of my VPN server.
I use Home Assistant Cloud, it works fine via a cellular connection (including SSH to Mikrotik using internal IP). Another option would be ZeroTier VPN (or a similar service) - it would allow to access internal IPs in such scenario as well.
Sorry for offtopic :-)
I use my personal VPS with OpenVPN server and iptables port forwarding, costs me about 1$/month, so it suits all my needs :).
The output looks like this:
[admin@Router - MikroTik hEX S] >> /tool netwatch print
Flags: X - disabled
# HOST TIMEOUT INTERVAL STATUS SINCE
0 ;;; Auto ISP change
8.8.8.8 1s 5s up jun/23/2023 05:45:05
I'm primarily interested in the STATUS and HOST columns, and also comment (if it is possible).
Here another example (/tool/netwatch/print terse
), has some scripts too:
0 host=10.11.10.1 type=icmp interval=2s up-script= down-script=:log warning "Restarting VPN"r
nrn/interface/wireguard/peers/disable [find interface="test"]rn/tool/netwatch/disable [find host=
"10.11.10.1"]rnrn:delay 60srnrn/interface/wireguard/peers/enable [find interface="test"]rn/tool/n
etwatch/enable [find host="10.11.10.1"] test-script= http-codes= status=up
1 host=192.168.150.1 type=icmp interval=10s up-script=:log warning "ANOTHER VPN UP" down-script=:log wa
rning "ANOTHER VPN DOWN" test-script= http-codes= status=down
that is what I was looking for, thanks. From looking at this, host (or comment if set) would be ideal as entity name, with status as value. in this case probably binary sensor since I think there can be only up and down. type and interval as attributes probably.
that is what I was looking for, thanks. From looking at this, host (or comment if set) would be ideal as entity name, with status as value. in this case probably binary sensor since I think there can be only up and down. type and interval as attributes probably.
There are another status, unknown
that is set when you start the netwatch.
e another status,
unknown
that is set when you start the net
can you give me more info on that?
e another status,
unknown
that is set when you start the netcan you give me more info on that?
When will the netwatch feature be included?
Hopefully soon, it would be very good for me too 8-).
@defaultsecurity @emilianogetino I guess you can safely install version from master, it contains only netwatch feature comparing to 2.1.4
@defaultsecurity @emilianogetinoSupongo que puedes instalar de forma segura la versión desde master, solo contiene la función netwatch en comparación con 2.1.4
Forgive my ignorance, I am still very new to homeasisstant, how can I install that master version? thank you
select "master" from version list in HACS
Is your feature request related to a problem? Please describe.
I have a multi-WAN setup with two ISPs (main and backup) and switch between them using Netwatch rule that enables and disables corresponding default routes. I want to use information about currently selected ISP in Home Assistant automations.
Describe the solution you'd like
An ability to monitor Netwatch rule status and\or to monitor enabled and disabled routes.