Dual WAN Failover Script

[rlj2]

That should be correct, the first 2 conditions are together with the { ;} brackets and the second is a command to run with a single &

Just so we know, obviously there are some differences. What router are you using?

 

[Ranger802004]

Just so we know, obviously there are some differences. What router are you using?

AX-11000, I think the issue is because you had DNS2 blank for WAN1 so when it tries to grep for it with the variable | awk ‘{print $2}’ it will return nothing. Like I said, I’ll add some logic to verify that is there because the check now just checks if the variable is blank or not, not if there is 2 entries or just 1. Test with the DNS2 and let me know.

 

[dave14305]

That should be correct, the first 2 conditions are together with the { ;} brackets and the second is a command to run with a single &

That lone & forks the first set of conditions into the background. Is that the intention?

 

[Ranger802004]

That lone & forks the first set of conditions into the background. Is that the intention?

Yes, when I originally tested changing those variables they did not like to set properly and actually switch the WAN until I piped it that way.

I'm pretty sure his problem is because DNS2 is empty, see the example if I try and run a similar command for '{print $3}' knowing it doesn't actually exist.

Now I run the command with '{print $2}' in which I have a second DNS server set and I get the returned value I need.

As you can see here, my validation is just looking for if the variable is set and not if there is 2 entries. (Will fix in next update)

# Switch DNS
# Change Automatic ISP DNS Settings
if [ ! -z "$(echo $(nvram get "$ACTIVEWAN"_dns))" ] >/dev/null;then
# Change Automatic ISP DNS Settings
  echo $(date "+%D @ %T"): $0 - Setting Automatic DNS Settings from ISP: $(nvram get "$ACTIVEWAN"_dns)... >> $LOGPATH
nvram set wan_dns="$(echo $(nvram get "$ACTIVEWAN"_dns))"
if [[ "$(cat "$DNSRESOLVFILE" | grep -e $(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $1}') | wc -l)" == "0" ]] >/dev/null;then
sed -i '1i nameserver '$(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $1}')'' $DNSRESOLVFILE
sed -i '/nameserver '$(echo $(nvram get "$INACTIVEWAN"_dns) | awk '{print $1}')'/d' $DNSRESOLVFILE
else
  echo $(date "+%D @ %T"): $0 - $DNSRESOLVFILE already updated for DNS1... >> $LOGPATH
fi
if [[ "$(cat "$DNSRESOLVFILE" | grep -e $(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $2}') | wc -l)" == "0" ]] >/dev/null;then
sed -i '2i nameserver '$(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $2}')'' $DNSRESOLVFILE
sed -i '/nameserver '$(echo $(nvram get "$INACTIVEWAN"_dns) | awk '{print $2}')'/d' $DNSRESOLVFILE
else
  echo $(date "+%D @ %T"): $0 - $DNSRESOLVFILE already updated for DNS2... >> $LOGPATH
fi
else
  echo $(date "+%D @ %T"): $0 - No Automatic DNS Settings from ISP... >> $LOGPATH
fi

 

[rlj2]

Yes, when I originally tested changing those variables they did not like to set properly and actually switch the WAN until I piped it that way.

I'm pretty sure his problem is because DNS2 is empty, see the example if I try and run a similar command for '{print $3}' knowing it doesn't actually exist.
View attachment 41337

Now I run the command with '{print $2}' in which I have a second DNS server set and I get the returned value I need.
View attachment 41338

As you can see here, my validation is just looking for if the variable is set and not if there is 2 entries. (Will fix in next update)

# Switch DNS
# Change Automatic ISP DNS Settings
if [ ! -z "$(echo $(nvram get "$ACTIVEWAN"_dns))" ] >/dev/null;then
# Change Automatic ISP DNS Settings
  echo $(date "+%D @ %T"): $0 - Setting Automatic DNS Settings from ISP: $(nvram get "$ACTIVEWAN"_dns)... >> $LOGPATH
nvram set wan_dns="$(echo $(nvram get "$ACTIVEWAN"_dns))"
if [[ "$(cat "$DNSRESOLVFILE" | grep -e $(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $1}') | wc -l)" == "0" ]] >/dev/null;then
sed -i '1i nameserver '$(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $1}')'' $DNSRESOLVFILE
sed -i '/nameserver '$(echo $(nvram get "$INACTIVEWAN"_dns) | awk '{print $1}')'/d' $DNSRESOLVFILE
else
  echo $(date "+%D @ %T"): $0 - $DNSRESOLVFILE already updated for DNS1... >> $LOGPATH
fi
if [[ "$(cat "$DNSRESOLVFILE" | grep -e $(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $2}') | wc -l)" == "0" ]] >/dev/null;then
sed -i '2i nameserver '$(echo $(nvram get "$ACTIVEWAN"_dns) | awk '{print $2}')'' $DNSRESOLVFILE
sed -i '/nameserver '$(echo $(nvram get "$INACTIVEWAN"_dns) | awk '{print $2}')'/d' $DNSRESOLVFILE
else
  echo $(date "+%D @ %T"): $0 - $DNSRESOLVFILE already updated for DNS2... >> $LOGPATH
fi
else
  echo $(date "+%D @ %T"): $0 - No Automatic DNS Settings from ISP... >> $LOGPATH
fi

@Ranger802004 Do you know why your nvram dns2 is occupied when mine isnt? I just have basic settings on the router. obviously I could do a nvram set and commit if needed. Just curious

 

[Ranger802004]

@Ranger802004 Do you know why your nvram dns2 is occupied when mine isnt? I just have basic settings on the router. obviously I could do a nvram set and commit if needed. Just curious

It looks your connected behind another LAN network for WAN1 and the only DNS entry in the DHCP server for it is the router itself for it maybe?

 

[rlj2]

It looks your connected behind another LAN network for WAN1 and the only DNS entry in the DHCP server for it is the router itself for it maybe?

wan1 (secondary backup) is in a double-nat situation
backup:
DSL modem (with wifi shutoff, in bridged mode though) > asus router > network cable to the main asus router for fallback.

 

[Ranger802004]

wan1 (secondary backup) is in a double-nat situation
backup:
DSL modem (with wifi shutoff, in bridged mode though) > asus router > network cable to the main asus router for fallback.

Does it not have some form of IGMP like IP Passthrough?

 

[rlj2]

Does it not have some form of IGMP like IP Passthrough?

Here is the scenerio, my son actually uses the dsl with passthrough enabled to a asus router. I use the dsl for backup. So at that point its dsl modem > asus router (the sons) > to my main asus router.. I use a media bridge for the backup to his.. otherwise If I just ran a cable to the dsl modem for backup it would still be in doublenat without passthrough..
Does that make a bit of since....Think I just confused myself

 

[Ranger802004]

Here is the scenerio, my son actually uses the dsl with passthrough enabled to a asus router. I use the dsl for backup. So at that point its dsl modem > asus router (the sons) > to my main asus router.. I use a media bridge for the backup to his.. otherwise If I just ran a cable to the dsl modem for backup it would still be in doublenat without passthrough..
Does that make a bit of since....Think I just confused myself

Makes sense, well better than nothing if your primary WAN goes down, I already could tell it was double NAT.

 

[Ranger802004]

@rlj2 script has been updated, I updated the link in the original post. These are the items I fixed.

- DNS Logic Update to account for missing variables.
- DNS Manual Settings are checked before Automatic ISP Settings.
- Check if wan-event script exists before calling it.
- Changed Switch WAN Until Loop to && instead of & for checking Primary WAN and Default Route.
- Will check WAN Status such as being in Cold Standby mode and if it is will restart interface before attempting to get Packet Loss in WAN Status.
- Added Log Maintainer to delete older records in the /tmp/ log file created.


In addition, here is the email script I use
https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-event-email-notification.sh

You will need to set these variables as well, my examples are using GMAIL, also you will have to download the certificate to use and place it where the CAFILE variable is set.

SMTPSERVER="smtp.gmail.com"
SMTPPORT="587"
FROM="username@gmail.com"
AUTH="Username"
PASS="Password"
FROMNAME="$(nvram get ddns_hostname_x)"
TO="username@email.com"
CAFILE="/jffs/configs/google_root.pem"
TIMEOUT="30"

 

[Ranger802004]

That lone & forks the first set of conditions into the background. Is that the intention?

So I retested this and it works with the && now, wonder if something else was throwing me off early on when testing, a lot of the logic took a good bit of discovery to find everything to switch and how to detect that the switch actually took place. Script has been updated.

 

[rlj2]

@rlj2 script has been updated, I updated the link in the original post. These are the items I fixed.

- DNS Logic Update to account for missing variables.
- DNS Manual Settings are checked before Automatic ISP Settings.
- Check if wan-event script exists before calling it.
- Changed Switch WAN Until Loop to && instead of & for checking Primary WAN and Default Route.
- Will check WAN Status such as being in Cold Standby mode and if it is will restart interface before attempting to get Packet Loss in WAN Status.
- Added Log Maintainer to delete older records in the /tmp/ log file created.


In addition, here is the email script I use
https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-event-email-notification.sh

You will need to set these variables as well, my examples are using GMAIL, also you will have to download the certificate to use and place it where the CAFILE variable is set.

SMTPSERVER="smtp.gmail.com"
SMTPPORT="587"
FROM="username@gmail.com"
AUTH="Username"
PASS="Password"
FROMNAME="$(nvram get ddns_hostname_x)"
TO="username@email.com"
CAFILE="/jffs/configs/google_root.pem"
TIMEOUT="30"

Seems to be working decent so far, fyi service "restart_wan_if 1" including the other instance needs the quotes. You might add wanevent to wan0restoremonitor or switchwan.

 

[Ubimo]

Please help, how do I install this script?
In which folder do I copy this script?
How do I execute it? So that it is continuously running?
How do I add it to startup?
As failover I use a LTE-Stick.
Does this script also privide failback?

 

[rlj2]

Please help, how do I install this script?
In which folder do I copy this script?
How do I execute it? So that it is continuously running?
How do I add it to startup?
As failover I use a LTE-Stick.
Does this script also privide failback?

Its provides fallback, create the script in /jffs/scripts , then do chmod +x scriptname. You can add it to /jffs/scripts/post-mount to start up automatically

 

[Ranger802004]

Please help, how do I install this script?
In which folder do I copy this script?
How do I execute it? So that it is continuously running?
How do I add it to startup?
As failover I use a LTE-Stick.
Does this script also privide failback?

@rlj2 gave a good response to this already, I would review the variables section and adjust what you need such as ping targets, QoS settings, etc.

 

[Ranger802004]

Seems to be working decent so far, fyi service "restart_wan_if 1" including the other instance needs the quotes. You might add wanevent to wan0restoremonitor or switchwan.

Sorry, was late and I forgot to type those in on my public version of the script. It is fixed.

 

[rlj2]

Sorry, was late and I forgot to type those in on my public version of the script. It is fixed.

I noticed one of your posts was like at 2:30am .. gotta love playing with stuff late at night (that sounds bad)

 

[Ranger802004]

I noticed one of your posts was like at 2:30am .. gotta love playing with stuff late at night (that sounds bad)

Couldn't sleep so figured I'd knock out the fixes for the issues you guys found, lol.

 

[Ranger802004]

Please help, how do I install this script?
In which folder do I copy this script?
How do I execute it? So that it is continuously running?
How do I add it to startup?
As failover I use a LTE-Stick.
Does this script also privide failback?

Just a heads up, I'm working on the next version of this script that will have run options to help install and configure it.