Facebook  -  Twitter      

Questo forum fa uso dei cookie
Questo forum utilizza i cookie per memorizzare i dettagli del tuo login o della tua ultima visita. I cookie sono piccoli files di testo salvati nel computer; i cookie da noi utilizzati sono relativi unicamente ai servizi da noi forniti direttamente o dai banner pubblicitari. I cookie su questo forum salvano inoltre i dettagli relativi alle discussioni lette e alle tue preferenze personali. Sei pregato di selezionare il tasto OKAY se sei consapevole della presenza di questi files e ci autorizzi ad utilizarli per le informazioni specificate.

Indipendentemente dalla tua scelta un cookie verrà salvato per memorizzare nel tuo pc la risposta a questo form. Puoi modificare le impostazioni relative ai cookie nelle preferenze del tuo browser.

  • 0 voto(i) - 0 media
  • 1
  • 2
  • 3
  • 4
  • 5
[Mikrotik] Semi-Automating CPE ROS/Firmware/script updates and setting changes

#1
Information 
Introduction
Imagine this scenario. You have numerous AP's and hundreds of CPE's, and you want to add a script or change a setting, or upgrade the RouterOS to the newest version, or check the firmware is at the latest available version. If you don't have a way of rolling this out automatically, then you are going to spend many hours logging into each CPE and doing it manually. So why not log in once more, implement this solution, and never have to log into a CPE's again to do these tasks?
By following the process below you will only have to manually access your existing client units one last time, to load the scripts below. Once the CPE's are loaded with the scripts they will automatically update their ROS versions and Firmwares when you trigger the scripts by enabling on the relevant IP's that the CPE netwatch routines will detect and run the update scripts. For your own peace of mind and general security considerations, you manually control when this happens.

At a Central Point

1. On a Mikrotik AP or Edge/Gateway Router - this is where you place upgrade script file and ROS update files in future.
Create IP addresses (a unique subnet) on an ethernet port as per the example below. These IP's do not have to be on a dedicated ethernet port,as Mikrotik allows creation multiple IP's/subnets on a single interface. Please note that these IP address's are disabled. They are only enabled when you wish to trigger the update routines on the CPE's.

Codice:
/ip address
add address=172.16.0.1/24 comment="CPE File Upgrade" disabled=yes interface=ether1 network=172.16.0.0
add address=172.16.0.2/24 comment="RouterOS Upgrade" disabled=yes interface=ether1 network=172.16.0.0
add address=172.16.0.3/24 comment="Firmware Upgrade" disabled=yes interface=ether1 network=172.16.0.0
add address=172.16.0.4/24 comment="Force CPE Reboot" disabled=yes interface=ether1 network=172.16.0.0
You will need to ensure that your network routing tables at each AP, know where to find the IP subnet created above, so the CPE's Netwatch routines you will soon create, will know where to find the trigger IP's.
On Each CPE
2. Now we create to script that fetches the client unit upgrade file (always called upgrade.rsc, unless you change it in the script below). This needs to be done ONCE on every CPR. It will be useful to add this script to the config.rsc file you use to setup new CPE's.
The "Upgrade Script" to be installed on all your CPE's:

Codice:
system script

Codice:
add name=rscfetch policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api source="{\r\

Codice:
\n:global ftpserver\r\

Codice:
\n:global usrnme\r\

Codice:
\n:global passwd\r\

Codice:
\n:global pckgname\r\

Codice:
\n\r\

Codice:
\n:set pckgname (\"upgrade.rsc\")\r\

Codice:
\n###########################################\r\

Codice:
\n# Set the package name above as you wish. Remember that your upgrade file (NOT the ROS files) must in \r\

Codice:
\n#       future, have the same name as what you set here.\r\

Codice:
\n# Set the IP below, to exactly the same as the trigger IP you added with the comment "CPE File Upgrade"\r\

Codice:
\n# in step 1. Replace "admin" and "password" below with the correct settings to allow ftp access to \r\

Codice:
\n# the server.\r\

Codice:
\n###########################################\r\

Codice:
\n:set ftpserver \"172.16.0.1\"\r\

Codice:
\n:set usrnme \"admin\"\r\

Codice:
\n:set passwd \"password\"\r\

Codice:
\n\r\

Codice:
\n:if ([:len [/file find name=\"upgrade\"]] = 0) do={:log error \"Downloading Upgrade File - \$pckgname\"\r\

Codice:
\n ;/tool fetch address=\"\$ftpserver\" src-path=\"\$pckgname\" user=\"\$usrnme\" \r\

Codice:
password=\"\$passwd\" mode=ftp;/import upgrade.rsc} else={:log error \"No Upgrade File Found\";}\r\

Codice:
  \n}"


3. Now add a netwatch routine to the CPE to trigger the script to fetch and load the upgrade.rsc file.
Codice:
tool netwatch

Codice:
add disabled=no down-script="" host=172.16.0.1 interval=1m timeout=1s up-script=rscfetch;


4. Add the source for future ROS upgrades. In our case we use the same IP as the trigger IP set in step 1 with the comment ""RouterOS Upgrade". You will be prompted for the password when you add this, it cannot be coded into the script.
Codice:
/system upgrade upgrade-package-source

Codice:
add address=172.16.0.2 user=admin


Summary of Steps 2 to 4, a single cut 'n paste, to terminal window on the CPE.
5. Summing up the required CPE scripts above, you can edit and load the following onto each CPE in one routine (cut and paste to a terminal window)
Summary CPE Code
Codice:
/system script

Codice:
 add name=rscfetch policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api source="{\r\

Codice:
  \n:global ftpserver\r\

Codice:
  \n:global usrnme\r\

Codice:
  \n:global passwd\r\

Codice:
  \n:global pckgname\r\

Codice:
  \n\r\

Codice:
  \n:set pckgname (\"upgrade.rsc\")\r\

Codice:
  \n:set ftpserver \"172.16.0.1\"\r\

Codice:
  \n:set usrnme \"admin\"\r\

Codice:
  \n:set passwd \"password\"\r\

Codice:
  \n\r\

Codice:
  \n:if ([:len [/file find name=\"upgrade\"]] = 0) do={:log error \"Downloading Upgrade File - \$pckgname\" \r\

Codice:
  \n;/tool fetch address=\"\$ftpserver\" src-path=\"\$pckgname\" user=\"\$usrnme\" \r\

Codice:
  \n password=\"\$passwd\" mode=ftp;/import upgrade.rsc} else={:log error \"No Upgrade File Found\";}\r\

Codice:
  \n}"

Codice:
 /tool netwatch

Codice:
 add disabled=no down-script="" host=172.16.0.1 interval=1m timeout=1s up-script=rscfetch;

Codice:
 /system upgrade upgrade-package-source

Codice:
 add address=172.16.0.2 user=admin;

Cita messaggio


[-]
Condividi/Segnala (Mostra tutti)
Facebook Linkedin Twitter

Discussioni simili
Discussione Autore Risposte Letto Ultimo messaggio
Exclamation Script: Notifica sovraccarico CPU hamtarociaoo 1 904 10-09-2016, 01:18
Ultimo messaggio: hunte88
Information [Mikrotik] SXT 5HnD Alignment Script berryberry 0 943 17-06-2015, 11:47
Ultimo messaggio: berryberry
Information [Mikrotik] Yet Another Alignment Script With LEDs And Sound berryberry 0 988 17-06-2015, 11:07
Ultimo messaggio: berryberry
  [Mikrotik] Improved auto upgrade script v3.X berryberry 0 592 17-06-2015, 10:53
Ultimo messaggio: berryberry
Information [Mikrotik] Automated Upgrade/Downgrade script V3.9+ berryberry 0 571 17-06-2015, 10:51
Ultimo messaggio: berryberry
Information [Mikrotik] Auto upgrade script V3.x berryberry 0 368 17-06-2015, 10:34
Ultimo messaggio: berryberry
Information [Mikrotik] Monitor logs, send email alert / run script berryberry 0 717 16-06-2015, 10:55
Ultimo messaggio: berryberry
Information [Mikrotik] Resilience /Monitoring -ECMP Failover Script berryberry 0 531 16-06-2015, 09:45
Ultimo messaggio: berryberry
Information [Mikrotik] Resilience/Monitoring- Monitoring Script berryberry 0 417 16-06-2015, 08:56
Ultimo messaggio: berryberry
Information [Mikrotik] Log Parser - Event Trigger Script berryberry 0 476 11-06-2015, 09:52
Ultimo messaggio: berryberry

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Utenti che stanno guardando questa discussione:
1 Ospite(i)


Powered by MyBB, © 2002-2017 MyBB Group.