Difference between revisions of "Upgrade rsc files"

From MikroTik Wiki
Jump to: navigation, search
(Mangle Rules and Queue Tree Setup)
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
== Introduction ==
 
== Introduction ==
 +
 +
Now that you have installed on all your CPE's, the rscfetch script and netwatch to trigger the script that will download the upgrade.rsc and import it into your CPE's, here are few examples of how it can be useful to do things you would not have thought of doing because of the pain of manually logging into every CPE, one by one by a few hundred.
  
 
The file upgrade.rsc is the key component to mass roll-outs of CPE setting changes and script additions. By creating this file and uploading to main mikrotik AP/router, changing hundreds of CPE's within a few seconds is only moments away. Enable the trigger IP (in our case 172.16.0.1), sit back and watch all your CPE's log in via ftp, collect the upgrade.rsc file and import it on all the CPE's.
 
The file upgrade.rsc is the key component to mass roll-outs of CPE setting changes and script additions. By creating this file and uploading to main mikrotik AP/router, changing hundreds of CPE's within a few seconds is only moments away. Enable the trigger IP (in our case 172.16.0.1), sit back and watch all your CPE's log in via ftp, collect the upgrade.rsc file and import it on all the CPE's.
Line 5: Line 7:
 
Below are few examples of upgrade.rsc files. You MUST test these on a single local CPE to see that no negative reactions occur, before rolling out for network wide implementation. As always, used at your own risk.
 
Below are few examples of upgrade.rsc files. You MUST test these on a single local CPE to see that no negative reactions occur, before rolling out for network wide implementation. As always, used at your own risk.
 
   
 
   
 
 
 
== Upgrade.rsc file header ==
 
== Upgrade.rsc file header ==
  
Line 20: Line 20:
 
== Mangle Rules and Queue Tree Setup ==
 
== Mangle Rules and Queue Tree Setup ==
  
This set of scripts will setup mangle rules and a queue tree on the CPE. WARNING all existing mangle rules and queues (tree) will be removed.
+
This set of scripts will setup mangle rules and a queue tree on the CPE. WARNING all existing mangle rules and queues (tree) will be removed. This would be used for simple traffic shaping on the CPE. You need to ensure that the interface setting matches what is on all CPE's.
  
 
  {:log info "Remove Mangle Rules - Script Start"
 
  {:log info "Remove Mangle Rules - Script Start"
Line 64: Line 64:
 
  add action=mark-packet chain=prerouting connection-mark=other_conn disabled=no new-packet-mark=other \
 
  add action=mark-packet chain=prerouting connection-mark=other_conn disabled=no new-packet-mark=other \
 
     passthrough=no
 
     passthrough=no
 
 
  {:log info "Remove Queue Tree - Script Start"
 
  {:log info "Remove Queue Tree - Script Start"
 
  :local counter 0
 
  :local counter 0
Line 80: Line 79:
 
  }
 
  }
 
  }
 
  }
/queue tree
+
/queue tree
 
   add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=Global_In \
 
   add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=Global_In \
 
     packet-mark="" parent=global-in priority=1
 
     packet-mark="" parent=global-in priority=1
Line 93: Line 92:
 
  add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=other_in \
 
  add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=other_in \
 
     packet-mark=other parent=Global_In priority=5 queue=default
 
     packet-mark=other parent=Global_In priority=5 queue=default
 +
 +
== Setting the CPE to check for ROS upgrade on startup ==
 +
 +
This script clears the script name "start_upgrade" if it exists, so that it can create it's own version under this name. What the scheduled routine will do everytime the CPE is powered up, is it will run the script called "upgrade" (created on the previous page), which will check the CPE's ROS version against the ROS files on the repository, and upgrade if neccessary. This is to catch those clients who have a habit of powering their units down and may miss the 172.16.0.2 trigger when you enable it for a network wide ROS upgrade.
 +
 +
  :if ([/system scheduler find name="start_upgrade"]!="") do={/system scheduler remove start_upgrade}
 +
  :if ([/system scheduler find name="start_upgrade"]="") do={/system scheduler add disabled=no  /
 +
      name=start_upgrade on-event=upgrade start-time=startup}
 +
 
 +
And that all for now, will add more as time permits...
  
  
And that...
+
* [[Semi-Automating_CPE_ROS/Firmware/script_updates_and_setting_changes| Go Back to Semi-Automating main page]]
 +
* [[Scripts| Go back to User Submitted Scripts]]
 +
* [[M:Scripting-examples |Go to Scripting Examples]]

Latest revision as of 21:26, 20 August 2012

Introduction

Now that you have installed on all your CPE's, the rscfetch script and netwatch to trigger the script that will download the upgrade.rsc and import it into your CPE's, here are few examples of how it can be useful to do things you would not have thought of doing because of the pain of manually logging into every CPE, one by one by a few hundred.

The file upgrade.rsc is the key component to mass roll-outs of CPE setting changes and script additions. By creating this file and uploading to main mikrotik AP/router, changing hundreds of CPE's within a few seconds is only moments away. Enable the trigger IP (in our case 172.16.0.1), sit back and watch all your CPE's log in via ftp, collect the upgrade.rsc file and import it on all the CPE's.

Below are few examples of upgrade.rsc files. You MUST test these on a single local CPE to see that no negative reactions occur, before rolling out for network wide implementation. As always, used at your own risk.

Upgrade.rsc file header

Every upgrade.rsc has the same first 6 lines. So we will not include these lines in each file. Please not ignore this, you do need to do maintenance of the number of files on your CPE's and this is the simplest method.

:if ([file find type=".rif file"]!="") do={/file remove [find type=".rif file"]}
:if ([file find type=".tar file"]!="") do={/file remove [find type=".tar file"]}
:if ([file find type="backup"]!="") do={/file remove [find type="backup"]}
:if ([file find type="script"]!="") do={/file remove [find type="script"]}
/system backup save;
:delay 10s;

Mangle Rules and Queue Tree Setup

This set of scripts will setup mangle rules and a queue tree on the CPE. WARNING all existing mangle rules and queues (tree) will be removed. This would be used for simple traffic shaping on the CPE. You need to ensure that the interface setting matches what is on all CPE's.

{:log info "Remove Mangle Rules - Script Start"
:local counter 0
:local delaytime 5
:local numloops 1
:while ($counter < $numloops) do={ \
:log info "Removing Mangle Rules"
:foreach i in=[/ip firewall mangle find] do={ \
/ip firewall mangle remove $i
:log info "Removed $i"
}
:set counter ($counter+1)
:log info "delaying..."
:delay $delaytime
   }
}
/ip firewall mangle
add action=mark-connection chain=prerouting comment="HTTP and E-Mail" disabled=no dst-port=\
 80,25,110,995,5222,8080,6600-6700,7000,9010,2086,443,465 new-connection-mark=http_conn passthrough=yes  \
   protocol=tcp
add action=mark-packet chain=prerouting connection-mark=http_conn disabled=no new-packet-mark=http \
   passthrough=no
add action=mark-connection chain=prerouting comment=Admin disabled=no dst-port=\
   22,23,53,123,161,162,2210,2211,8291 in-interface=ether1 new-connection-mark=admin_conn passthrough=yes \
   protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-port=53,123,161,162 in-interface=ether1 \
   new-connection-mark=admin_conn passthrough=yes protocol=udp
add action=mark-connection chain=prerouting disabled=no new-connection-mark=admin_conn passthrough=yes \
   protocol=icmp
add action=mark-packet chain=prerouting connection-mark=admin_conn disabled=no new-packet-mark=admin \
   passthrough=no
add action=mark-connection chain=prerouting comment=FTP disabled=no dst-port=21 in-interface=ether1 \
   new-connection-mark=ftp_conn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=ftp_conn disabled=no new-packet-mark=ftp \
   passthrough=no
add action=mark-connection chain=prerouting comment=P2P disabled=no in-interface=ether1 \
   new-connection-mark=p2p_conn p2p=all-p2p passthrough=yes
add action=mark-packet chain=prerouting connection-mark=p2p_conn disabled=no new-packet-mark=p2p \
   passthrough=no
add action=mark-connection chain=prerouting comment="Other Traffic" disabled=no in-interface=ether1 \
   new-connection-mark=other_conn passthrough=yes
add action=mark-packet chain=prerouting connection-mark=other_conn disabled=no new-packet-mark=other \
   passthrough=no
{:log info "Remove Queue Tree - Script Start"
:local counter 0
:local delaytime 5
:local numloops 1
:while ($counter < $numloops) do={ \
:log info "Removing Queue Trees"
:foreach i in=[/queue tree find] do={ \
/queue tree remove $i
:log info "Removed $i"
}
:set counter ($counter+1)
:log info "delaying..."
:delay $delaytime
}
}
/queue tree
 add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=Global_In \
   packet-mark="" parent=global-in priority=1
add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=admin_in \
   packet-mark=admin parent=Global_In priority=1 queue=default
add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=http_in \
   packet-mark=http parent=Global_In priority=2 queue=default
add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=ftp_in \
   packet-mark=ftp parent=Global_In priority=3 queue=default
add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=P2P_in \
   packet-mark=p2p parent=Global_In priority=8 queue=default
add burst-limit=50M burst-threshold=50M burst-time=3s disabled=no limit-at=50M max-limit=50M name=other_in \
   packet-mark=other parent=Global_In priority=5 queue=default

Setting the CPE to check for ROS upgrade on startup

This script clears the script name "start_upgrade" if it exists, so that it can create it's own version under this name. What the scheduled routine will do everytime the CPE is powered up, is it will run the script called "upgrade" (created on the previous page), which will check the CPE's ROS version against the ROS files on the repository, and upgrade if neccessary. This is to catch those clients who have a habit of powering their units down and may miss the 172.16.0.2 trigger when you enable it for a network wide ROS upgrade.

 :if ([/system scheduler find name="start_upgrade"]!="") do={/system scheduler remove start_upgrade}
 :if ([/system scheduler find name="start_upgrade"]="") do={/system scheduler add disabled=no  /
      name=start_upgrade on-event=upgrade start-time=startup}
 

And that all for now, will add more as time permits...