Automated Server Failover for Remote Stations

-

 



Overview

Here's a cool trick for anyone with a remote station that wants to have an automated computer failover. This router setup will allow you to have multiple redundant computers on site and if one fails, your remote users will automatically be sent to the backup machine.  When the primary comes back online, users are sent back there.  Any failures can be emailed to you from the router, so you can troubleshoot.


What you need

2 computers - can be Windows, Linux (Raspberry Pi, etc) or Mac

Mikrotik Router - In my case I'm using the hAP ac3 - which goes for about $110 on Amazon


Step By Step Setup (using the Mikrotik Web Gui or Winbox) - this is the IP you give to your users

1. Add a Virtual Service IP

This is the “VIP” your LAN clients will always use (e.g. 192.168.1.100).

    A. Open IP → Addresses

    B. Click Add New

        •  Address: 192.168.1.100/24

        • Interface: bridge (your LAN bridge, sometimes called bridge1)

        • Add a comment: ex. Node-RED VIP

   C. Click OK


2. Create NAT Rules

You’ll make two port-forward rules: one for the primary server (e.g. Node-RED-A), one for the backup (disabled until needed). In this example, the primary server is at 192.168.1.10 and the backup is at 192.168.1.11.

    A. Go to IP → Firewall → NAT

    B. Click Add New

        • Chain: dstnat

        • Dst. Address: 192.168.1.100

        • Protocol: tcp

        • Dst. Port: 1880 (e.g. Node-RED port number)

        • Action: dst-nat → To Addresses: 192.168.1.10

        • Add a commente.gPrimary Node-RED

        • Click OK


     C. Add another NAT rule for your second server (e.g. Node-RED-B)

        • Chain: dstnat

        • Dst. Address: 192.168.1.100

        • Protocol: tcp

        • Dst. Port: 1880 (e.g. Node-RED port number)

        • Action: dst-nat → To Addresses: 192.168.1.11

        • Add a commente.gBackup Node-RED

        • Click OK

3. Configure Netwatch - This tells MikroTik router to monitor the primary Node-RED                     (192.168.1.10) and switch NAT rules if it goes down. This will send your users to the backup     server.

    A. Go to Tools → Netwatch

    B. Click Add New

        • Host: 192.168.1.10

        • Interval: 00:00:10 (check every 10 seconds)

    C. In the Down tab (script to run if .10 is unreachable), paste (make sure these match your             comment labels from above):

        /ip firewall nat disable [find comment="Primary Node-RED"];

        /ip firewall nat enable [find comment="Backup Node-RED"];

    D. In the Up tab (script to run when .10 comes back), paste:

        /ip firewall nat enable [find comment="Primary Node-RED"];

        /ip firewall nat disable [find comment="Backup Node-RED"];

    E. Click OK

4. Add Hairpin NAT - This allows clients that are in the same subnet as the servers to route correctly, you’ll need a srcnat masquerade to handle “hairpin NAT” (required when client and server are on the same network and traffic goes through the router).

    A. Open IP → Firewall → NAT

    B. Click Add New

    C. On the General section:

        • Chain: srcnat

        • Src. Address: 192.168.1.0/24

        • Dst. Address: 192.168.1.0/24

    D. Switch to the Action section:

        • Action: masquerade

        • Add a Comment: e.g. Hairpin NAT for Node-RED

     E. Click OK

5. From another computer on the router, go to 192.168.1.100:1880 and then plug and unplug your primary and backup servers from the router to test the failover. You can also see it enable and disable routing rules on the router screen by going to IP → Firewall → NAT.

Setting Up Email Alerts (optional)

When a server goes down, you might want to be notified. The router also has the ability to send emails to you when a server fails.

1. (optional) Configure Email App Password Settings - Gmail (if this is your provider/you have 2-Step Verification on)

          • Go to your Google Account (myaccount.google.com)

          • Select Secuirty (left hand column)

          • Under "How you sign in to Google" select 2-Step Verification
        
          • Scroll down to App passwords

          • At the bottom of the page, enter a name for the App password (e.g. Node-RED)

          • Click Create

          • A screen will not pop up saying - Your app password for your device - with a password

          • Copy this into a file as you will not ever see it again and will need to make a new one if              you lose it

          • Click Done

2. Configure Email Settings

    A. Go to: Tools → Email

    B. Enter in (for the example settings, we'll use Gmail):

        • Server: smtp.gmail.com

        • Port: 587

        • TLS: start tls

        • From: the email address you be sending from (e.g. dave@gmail.com)

        • User: your email address at Gmail (e.g. dave@gmail.com)

        • Password: the application password you set up above

        • Click Apply

3. Create a Netwatch Monitor

     A. Go to Tools → Netwatch

    B. Click Add New

        • (optional) Type: httpd-get (if you want to test for a specific service (e.g., Node-RED) -                 otherwise leave as default

        • Host: Enter the IP/hostname you want to monitor (e.g. 192.168.1.10 from above)

        • Interval: How often to check (e.g., 00:10:00 = every 10 minuntes)

        • Timeout: How long before it’s considered “down” in seconds (e.g., 30.00) 

        • (optional) Port: 1880 (if you want to test for a specific service (e.g., Node-RED)

        • In the Up second (script to run when .10 comes back), paste - adjust what's in quotes to              your preferences:

 /tool e-mail send to="dave@yahoo.com" subject=".10 Host UP" body="The host 192.168.1.10 is now reachable."

        • In the Down section (script to run if .10 is unreachable), paste - adjust what's in quotes              to your preferences:

/tool e-mail send to="dave@yahoo.com" subject=".10 Host Down" body="The host 192.168.1.10 is DOWN."

Do this for each server you want to monitor.

4. Test - plug and unplug servers and you should receive the corresponding up and down emails.

If you've made it this far, you now have a highly available server setup for Node-RED or any other important application.








     



    




Comments

Post a Comment

Popular posts from this blog

How To Get Precise Time Outside Your Shack

-
Image
  Often when I decide to do Parks on the Air (POTA), I just grab my gear and go forgetting to sync my laptop’s time.  When I get to the park, sometimes my system clock is 5-30 seconds off which means I’m not able to do FT8. I have found some inexpensive solutions to help fix this issue.  First, you’ll need a GPS dongle to capture accurate time signals.  These dongles are great and can get time almost anywhere, if they have a good view of the sky.  Here is the one I like since I can move it around if I need to and can keep it away from my radio to reduce RFI. It is called the “VFAN USB GPS Receiver Antenna Gmouse for Laptop PC Car Marine Navigation Magnetic Base” and available on Amazon for $20.  If you want something less expensive ($12) and smaller, I’ve heard good things about this unit (although I have never used it) – “HiLetgo VK172 G-Mouse USB GPS/GLONASS USB GPS Receiver for Windows 10/8/7/VISTA/XP”. Next, you’ll need software to allow your computer t...
Read more

How To Set Up Your Own Remote Station

-
Image
  I’m going to share with you an inexpensive way you can control your station from a web browser on your home network.  This is the first step in setting up a remote station for yourself.  Once you have the radio  working locally, you can explore more advanced access solutions like Tailscale or Zerotier VPNs for operation outside of your home network. I found a great free program to remote control radios from F4HTB called “Universal_HamRadio_Remote_HTML5”.  Here is a link to his Github with more information - https://github.com/F4HTB/Universal_HamRadio_Remote_HTML5. Since there are a lot of steps to setting it up manually, I have put together a script that will do a large portion of the work for you.  I have tested the script with an Icom IC-705 and Yaesu FTDX10 utilizing both radio soundcards so there is no need to construct the hardware interface for these radios that he mentions.  The difference between the two radios is which version of Hamlib is u...
Read more

Wifi Network Clock Review: Great Features <$40 With A Security Concern

-
Image
  I have many clocks in my home which all seem to show different time no matter how often I try to sync them to an accurate time source.  I was looking for something inexpensive that I could have in the living room that would auto correct itself often so I had one clock I could depend on there.   I decided to stay away from radio clocks that needed to be able to receive WWV to reset themselves as I knew that would work maybe once a week, if I was lucky. I used to have a WWV correcting watch and I had to remember to put by a window at night to get updates. Ideally, I wanted something that would reset hourly so it could be accurate to within a second or two.   After searching around, I found this clock on Amazon and thought I’d give it a try.  It can be set to synchronize over wifi with any time server worldwide or even a local one if you have your own NTP server. It is customizable via a web browser to display any time zone (including UTC – great for lo...
Read more

Ham RSS News Feeds

Amateur Radio Daily

Loading...

ARRL News

Loading...

Zero Retries

Loading...