Failover Script
Failover script for dual WAN failover setup which switches back to primary when connection restores
A script for monitoring network connections and switches traffic to a backup/secondary interface when the primary connection fails and switching back to the primary WAN after a failover involves detecting the restoration of the primary connection and then directing traffic back to it. This often involves monitoring the primary link's status (e.g., using ping checks) and then modifying routing rules or firewall configurations to ensure traffic flows through the primary interface again.
Here's a breakdown of the typical steps and considerations:1. Monitoring the Primary WAN:
Ping Checks:Regularly send ICMP (ping) requests to a known reliable destination through the primary WAN interface.
Interface Status:Check the operational status of the primary WAN interface to see if it's up and running.
Log Monitoring:Analyze system logs for any events related to the primary WAN interface, such as disconnections or errors.
2. Failback Logic:
Thresholds:Set thresholds for ping failures or other indicators to determine when the primary WAN is truly restored and not just experiencing temporary blips.
Timeouts:Implement timeouts to prevent the script from getting stuck in a loop if the primary WAN connection is unstable or experiences intermittent issues.
Prioritization:Ensure the script prioritizes the primary WAN connection when it becomes available again.
3. Script Actions:
Routing Table Updates:Modify the routing table to direct traffic to the primary WAN interface. This may involve changing default routes or creating specific routes for certain traffic types.
Firewall Rule Changes:Adjust firewall rules to ensure traffic is allowed on the primary WAN interface and potentially block or restrict traffic on the backup (secondary) WAN.
Session Management:If your system relies on maintaining active sessions, you may need to handle session failback gracefully. This might involve terminating sessions on the backup WAN and allowing them to re-establish on the primary when it's back online.
4. Script Implementation:
Script Language:Choose a scripting language supported by your operating system (e.g., Bash, Python).
Execution:Schedule the script to run periodically using a task scheduler like cron or a similar mechanism.
Error Handling:Implement robust error handling and logging to capture any issues during script execution and facilitate troubleshooting
Code:
#!/bin/bash
PRIMARY_WAN="eth0"
BACKUP_WAN="eth1"
PING_TARGET="8.8.8.8" # Google's public DNS
FAILOVER_THRESHOLD=3
PING_FAIL_COUNT=0
# Function to check primary WAN status
check_primary_wan() {
ping -c $FAILOVER_THRESHOLD -I $PRIMARY_WAN $PING_TARGET > /dev/null 2>&1
if [ $? -eq 0 ]; then
return 0 # Primary WAN is up
else
return 1 # Primary WAN is down
fi
}
# Function to failback to primary WAN
failback_to_primary() {
echo "Failing back to primary WAN: $PRIMARY_WAN"
# Update routing table (example - adjust based on your setup)
ip route replace default via $(ip route show | grep "default" | awk '{print $3}') dev $PRIMARY_WAN
# Optionally, adjust firewall rules to allow traffic on primary WAN
# ...
}
# Main script logic
if check_primary_wan; then
echo "Primary WAN is already up."
else
# Check if we are currently using the backup
if ip route show | grep -q "default via.*$BACKUP_WAN"; then
echo "Primary WAN is down, but backup is active."
# Check if the primary is now back up
if check_primary_wan; then
echo "Primary WAN has been restored."
failback_to_primary
else
echo "Primary WAN still down. "
fi
else
echo "Primary WAN is down and backup is not active. Waiting for primary."
fi
fi
Important Considerations:
System Specifics: The exact commands and configuration options will vary depending on your network equipment (e.g., routers, firewalls) and operating system.
Last updated