This is a used on an EdgeRouter X with three WAN connections. Only one is ever active at a time. They are all DHCP. The BASH script cycles between the three WAN connections until a stable VPN is made.
Script below:
#!/bin/bash
# /config/scripts/VTI-update.sh
source /opt/vyatta/etc/functions/script-template
run=/opt/vyatta/bin/vyatta-op-cmd-wrapper
inf="eth1"
if [[ -e /config/scripts/.VTI-inf ]]
then
inf="$(cat /config/scripts/.VTI-inf)"
fi
cnt="0"
if [[ -e /config/scripts/.VTI-cnt ]]
then
cnt="$(cat /config/scripts/.VTI-cnt)"
fi
current_ip="$(run show interfaces ethernet "$inf" | grep "global "$inf"" | sed 's/ inet //g' | cut -d "/" -f1 | tr -d '\n' | sed 's/^ *//')"
configured_ip="$(cat /opt/vyatta/config/active/vpn/ipsec/site-to-site/peer/123.123.123.123/local-address/node.val)"
if [[ -n $current_ip && $configured_ip != $current_ip ]]
then
echo $(date +"%Y-%m-%d %T") "Old IP: '$configured_ip'."
echo $(date +"%Y-%m-%d %T") "New IP: '$current_ip'."
configure
set vpn ipsec site-to-site peer 123.123.123.123 local-address ${current_ip}
commit
save
elif [[ -n $current_ip ]]
then
# ping the remote vti
/bin/ping -n -c 1 -W 1 -w1 10.6.101.1 >/dev/null 2>&1
if [ $? -ne 0 ]
then
if [[ $cnt -le 1 ]]
then
echo $(date +"%Y-%m-%d %T") "Restarting VPN."
run restart vpn
cnt=$[$cnt +1]
echo "$cnt" > /config/scripts/.VTI-cnt
else
case $inf in
"eth1")
echo "eth2" > /config/scripts/.VTI-inf
echo "0" > /config/scripts/.VTI-cnt
;;
"eth2")
echo "eth0" > /config/scripts/.VTI-inf
echo "0" > /config/scripts/.VTI-cnt
;;
*)
echo "eth1" > /config/scripts/.VTI-inf
echo "0" > /config/scripts/.VTI-cnt
;;
esac
fi
else
echo "0" > /config/scripts/.VTI-cnt
fi
fi
exit 0Category: