Netwatch tool, that monitors the status of a network or a link. At a certain point in time, this tool Netwatch tool, that monitors the status of a network or a link. At a certain point in time, this tool sends a ping request to a predefined network or a link. If for some reason this tool does not receive a ping response from that link or network, it sends a notification in the form of email or SMS to the system admin or user. Or maybe re-route the traffic to a different ISP or gateway.
Whenever there is a change detected in the status of the link, related action will be taken. The Netwatch tool performs this task with the help of some scripts. Whenever there is a change in the status of the link, the script related to that status will be started.
In this tutorial, we will discuss how to re-route traffic to a secondary ISP or gateway if the primary ISP or gateway gets down. At the same time, we will be discussing how to get back to the primary ISP or gateway if it comes back.
At this point, we already know that the “Netwatch” tool can monitor a gateway status or a server link by pinging that device that is located on the internet. If for any reason that link or server goes down, then this tool will disable the failed gateway link and at the same, it will enable the secondary gateway link. All the things will be done by executing the script which we have to be configured into the Netwatch tool.
In this case, no matter which link is down, it may be our router to ISP-1 link or it may be ISP-1 to their gateway link, the router will switch to secondary ISP automatically.
Now we will discuss the script that, the “Netwatch” tool will execute if the primary gateway goes down. We assume that our primary ISP gateway address is 1.1.1.1 and our secondary ISP gateway address is 2.2.2.2. We are assuming more that, the Netwatch tool will continuously send ping requests to the 8.8.8.8 server that is located on the internet using the primary ISP gateway. Also, it will send a ping request to the 8.8.4.4 server using a secondary ISP gateway. If for some reason, it didn’t get any ping response from those servers between specific periods of time, then it will disable that specific gateway. Means, If the Netwatch tool didn't get a response from the 8.8.8.8 server, then it will disable the ISP-1 gateway which is 1.1.1.1 and in the same way, if it didn't get a response from the 8.8.4.4 server, then it will disable the second ISP gateway, which is 2.2.2.2. After getting a response, it will enable it automatically.
At this point, we will add two more routes to trace the link status of ISP-1 and ISP-2. We will send 8.8.8.8 traffic via ISP-1 and 8.8.4.4 traffic via ISP-2.
To trace the ISP-1 link we will add the following route
Now we will go for a script.
The script for disabling primary route:-
ip route disable [find gateway="1.1.1.1"]
[Note:- If we use any comment for primary gateway entry than here we can use that comment for disabling that gateway]
ip route disable [find comment=”write_your_comment”]
For example:- ip route disable [find comment=”backup route”]
or
ip route disable [/ip route find
comment="my comment"]
For example:- ip route disable [/ip route find
comment="backup route"]
In the same way, the script for enabling secondary route:-
ip route enable [find gateway="2.2.2.2"]
or
ip route enable [find
comment=”write_your_comment”]
For example:- ip route enable [find comment=”backup route”]
or
ip route enable [/ip route find
comment="my comment"]
For example:- ip route enable [/ip route find
comment="backup route"]
How to configure those script into the Netwatch tool, is shown using the picture below:-
First of all, we will open the Netwatch tool and create a rule.
Now we will create a rule and there we have to write our target server address 8.8.8.8 at the “Host” field. The rest of the things will be the default. It will send requests using our primary gateway means 1.1.1.1.
Now click on the “Down” tab and
there we have to write the below code:-
ip route disable [find gateway="1.1.1.1"]
When the Netwatch tool didn't get a response from the 8.8.8.8 server, then this script will be executed. As a script, 1.1.1.1 gateway will be disabled.
Now we will go to the “Up” tab and have to write the below code:-
ip route enable [find gateway="1.1.1.1"]
When it starts getting a response from the 8.8.8.8 server, then this script will be executed. As a script, 1.1.1.1 gateway will be activated.
One more thing that we have to do is, disable the associate NAT entry for that route. Because, if the NAT entry is enabled for that route, all requested traffic is going to be translated, and then it will forward to the gateway that is already disabled by the Netwatch script. As a result, all traffic should be dropped.
To disable the associate NAT we have to run another script as a part of Netwach action. We can run multiple scripts for a single Netwatch entry or we can add multiple Netwatch entries for associating that multiple scripts. Here we will use the multiple Netwach entries method.
Now we will add another entry for the 8.8.8.8 server.
No comments:
Post a Comment