Supervision of a VPN Tunnel

The built-in link supervision function of the NetModule Routers will not work with a host behind a VPN Tunnel. To have the avability to supervise a VPN Connection the ping_supervision_timeout.are SDK Script can be used.

Script Summary

This script pings a host defined as a parameter. In diffrence to the builtin supervision this script will send the ping based on the current valid routing information. E.g. via pushed default gateway from openvpn.

With default settings the script pings every 30 sec for 10 times and will reboot the router if there was no successfull ping.

Installation of the Script

Detailed step by step instructions how to install a sdk script can be found on this wiki page

Please use the script with these parameters:

Scriptparameter: Host to ping. It's recommend to use the IP instead of a hostname to avoid problems based on DNS.

Trigger: Use timebased ​trigger ​“​periodly”​ every XX minutes. With default parameters please use a period more than 5 min.

Check if the script is running

To be sure the script is running you can take a look on the System Log and watch for outputs like:

“8.8.8.8 is not reachable” or “8.8.8.8 is up”

The Script

ping_supervision_timeout.are
/* DESC: This script will supervise a specified host.
 * Copyright (C) 2015 NetModule AG, Switzerland
 */
 
void usage()
{
    printf("usage: ping-supervision.are <host>\n");
    exit(1);
}
 
if (argc < 2) {
    usage();
}
TIMEOUT = 4000;
HOST = argv[1];
INTERVAL = 30;
MAX_FAILURES = 10;
 
failures = 0;
while (1) {
    ret = nb_ping(HOST, TIMEOUT);
    if (ret != 1) {
        failures++;
        nb_syslog("%s is not reachable (%d failures)", HOST, failures);
        if (failures >= MAX_FAILURES) {
            nb_syslog("Initiating reboot after %d failures", failures);
            nb_reboot();
            break;
        }
    } else {
        nb_syslog("%s is up", HOST);
        failures = 0;
        exit(0);
    }
    sleep(INTERVAL);
}
 
exit(0);

Tune up the script

To optimize the script for your own needs you can customize following lines:

TIMEOUT = 4000;  #Time in milliseconds after a ping request will be defined as a timeout. Ping time can be up tu 7sec with EDGE 
HOST = argv[1];  #First Parameter of the Script will be used
INTERVAL = 30;  #Wait this time in seconds to try a new ping
MAX_FAILURES = 10; #Reboot the Router after this number of failed pings