Recently I deployed OpenVPN with UDP on RouterOS 7 [beta4] with using UDP and client on Android 8 (https://play.google.com/store/apps/deta ... kt.openvpn).
All works perfect, but sometimes OpenVPN leaves dead tunnel with 0 incoming bytes rate (0 packet in per second), but ROS still send traffic over this tunnel. Then when client reconnected ROS create new one dynamic interfaces and over this interface I can see that traffic comes to router, but router still respond over dead tunnel.
As workaround I wrote script which monitor amount off traffic received from last check time and if last 7 deltas equal to 0 kill tunnel. Then schedule this script run even 10 seconds. So as result if no one byte was received over the tunnel within 70 seconds tunnel will killed. This parameter can be adjusted
Version info:
ROS: RouterOS beta 4
Device: RB433GL
So script here:
Code: Select all
####################
# Parameters #
####################
:local checksTreshold 7;
######################
#info per one connection:
# 1 - id (key)
# 2 - prev Rx amount
# 3 - deltas (array)
:global oVPNstat;
:local actualIfs [/interface ovpn-server find];
:local actualIfStats [ :toarray "" ];
:local oldInfo;
:local cInfo;
:local newStat [ :toarray "" ];
:local newDelta;
:local nonZeroActivity;
#loading ifs stats
:foreach ifId in=$actualIfs do={
:set ($actualIfStats->([:tostr $ifId])) [/interface get number=$ifId];
};
:foreach ifStrId,ifInfo in=$actualIfStats do={
:set oldInfo ($oVPNstat->$ifStrId);
:set cInfo [ :toarray "" ];
:set ($cInfo->"Rx") ($ifInfo->"rx-byte");
:set ($cInfo->"deltas") [ :toarray "" ];
:if ([:len $oldInfo] = 0) do={
#This mean that we are neeeded to create new frame
:set ($newStat->$ifStrId) $cInfo;
} else={
:set $newDelta (($cInfo ->"Rx") - ($oldInfo ->"Rx"));
:if ([:len ($oldInfo->"deltas")] < $checksTreshold) do={
:set ($cInfo->"deltas") (($oldInfo->"deltas"), $newDelta);
:set ($newStat->$ifStrId) $cInfo;
} else={
:for i from=1 to=($checksTreshold-1) do={
:set ($cInfo->"deltas") (($cInfo->"deltas"), (($oldInfo->"deltas")->$i));
};
:set ($cInfo->"deltas") (($cInfo->"deltas"), $newDelta);
:set nonZeroActivity false;
:for i from=0 to=($checksTreshold-1) do={
:if ((($cInfo->"deltas")->$i) > 0) do={
:set nonZeroActivity true;
};
};
:if ($nonZeroActivity = false) do={
/interface/ovpn-server/remove numbers=[:toid $ifStrId];
} else={
:set ($newStat->$ifStrId) $cInfo;
}
};
};
};
:set oVPNstat $newStat;
[code]
May be it will helpful to someone
Thanks