Tag Archives: failover

Mikrotik Dual Wan

ip firewall mangle add src-address=192.168.57.0/24 action=mark-routing new-routing-mark=net1 chain=prerouting

ip firewall mangle add src-address=192.168.56.2 action=mark-routing new-routing-mark=wan1 chain=output
ip route add gateway=192.168.56.1 routing-mark=wan1

ip firewall mangle add src-address=192.168.58.2 action=mark-routing new-routing-mark=wan2 chain=output
ip route add gateway=192.168.58.1 routing-mark=wan2

-----

NAT
ip firewall nat add chain=src-nat out-interface=ether1 action masquerade
ip firewall nat add chain=src-nat out-interface=ether2 action masquerade
ip firewall nat add chain=src-nat out-interface=ether3 action masquerade

MANGLE
ip firewall mangle add src-address=192.168.59.0/24 action=mark-routing new-routing-mark=admin chain=prerouting
ip firewall mangle add src-address=192.168.56.2 action=mark-routing new-routing-mark=canal_primario chain=output
ip route add gateway=192.168.56.1 routing-mark=canal_primario
ip firewall mangle add src-address=192.168.57.2 action=mark-routing new-routing-mark=canal_secundario chain=output
ip route add gateway=192.168.57.1 routing-mark=canal_secundario
ip firewall mangle add src-address=192.168.58.2 action=mark-routing new-routing-mark=canal_terciario chain=output
ip route add gateway=192.168.58.1 routing-mark=canal_terciario

ROUTE
ip route rule add dst-address=0.0.0.0/0 routing-mark=admin table=canal_primario action=lookup
ip route rule add dst-address=0.0.0.0/0 routing-mark=admin2 table=canal_secundario action=lookup
ip route rule add dst-address=0.0.0.0/0 routing-mark=admin3 table=canal_primario action=lookup

Change relay routing and postfix parameter perl script for postfix (failover relay)

change_relay.pl

#!/usr/bin/perl

use Term::ANSIColor;

my $relay_04_gw = "10.24.0.1";
my $relay_03_gw = "10.24.25.1";
my $relay_04_gw_interface = "eth0";
my $relay_03_gw_interface = "eth1";
my @file = split( " ", qx+cat /etc/postfix/main.cf | grep ^myhostname+);
my $hostname = $file[2];
chomp $hostname;

print color("green"), "Estado: ".$hostname."\n", color("reset");
print "Escoja la opción:\n";
print "1. Cambiar a relay-03.xxx.com\n";
print "2. Cambiar a relay-04.xxx.com\n";
my $answer = <>;
chomp $answer;

if ( $answer eq "1" ){
 my $new_hostname = "relay-03.xxx.com";
 check_hostname($new_hostname);
 change_iptables("25", "tcp", "drop");
 change_routing("delete", $relay_04_gw, $relay_04_gw_interface);
 change_routing("add", $relay_03_gw, $relay_03_gw_interface);
 system("sed -i s/$hostname/$new_hostname/g /etc/postfix/main.cf");
 system("/etc/init.d/postfix restart");
 change_iptables("25", "tcp", "accept");
 print color("red"), "Cambiado a ".$new_hostname."\n", color("reset");
}

if ( $answer eq "2" ){
 my $new_hostname = "relay-04.xxx.com";
 check_hostname($new_hostname);
 change_iptables("25", "tcp", "drop");
 change_routing("delete", $relay_03_gw, $relay_03_gw_interface);
 change_routing("add", $relay_04_gw, $relay_04_gw_interface);
 system("sed -i s/$hostname/$new_hostname/g /etc/postfix/main.cf");
 system("/etc/init.d/postfix restart");
 change_iptables("25", "tcp", "accept");
 print color("red"), "Cambiado a ".$new_hostname."\n", color("reset");
}

sub change_routing() {
 my $action = $_[0];
 my $gateway = $_[1];
 my $interface = $_[2];
 if ( $action eq "add" ){
 system("ip route add default via $gateway dev $interface");
 }
 if ( $action eq "delete" ){
 system("ip route del default via $gateway dev $interface");
 }
}

sub change_iptables() {
 my $port = $_[0];
 my $protocol = $_[1];
 my $action = $_[2];
 if ( $action eq "drop" ){
 system("iptables -I INPUT -p $protocol --dport $port -j DROP");
 }
 if ( $action eq "accept"){
 system("iptables -D INPUT -p $protocol --dport $port -j DROP");
 }
}

sub check_hostname() {
 my $new_hostname = $_[0];
 if ( $new_hostname eq $hostname ){
 die "$hostname ya se encuentra asignado\n";
 }
}