MikroTik

Hi, I recently purchased a CRS326-24G-2S+RM to evaluate for use in our networks.

I have used Mikrotik's netinstall binary successfully to provision the switch. It works fine with some limitations (will only provision via the default gateway interface). However, we already have pxe/dhcp/tftp/http infrastructure for provisioning servers. I assume that the netinstall binary is a conveniently self-contained bundle of those services (correct me if I'm wrong).

Is there any documentation on serving RouterOS images manually using dhcp/tftp (plus any additional services that may be needed)? Is it not possible for some reason? Is the source code for the netinstall binary available somewhere?

Apologies if I overlooked the answer to this question somewhere here. I did look for it but was unsuccessful in finding anything.

Thanks

I guess it might be possible to somehow extract boot images from netinstall and have them served using external server. But you'd still need the part that communicates with booted system and tells it to install things. I'm not aware of this being open in any way (but I didn't search very hard). But main question is why? Netinstall is used primarily when something goes wrong and there's no better way how to communicate with device.

Is there a better way to automatically provision RouterOS? Netinstall can get us from a stock switch to a configured switch quickly with minimal, no-skill, no-privilege intervention (holding down the reset button). We never have to touch the serial console, web GUI or even use password authentication at all.

I understand the convenience of using the netinstall binary for recovery, but it's inflexible for auto-provisioning. It's a shame because all of the components appear to be in place, they're just obscured by the tooling.

It's possible to load netinstall kernel using regular BOOTP/DHCP+TFTP server, the kernels are stored as EXE resources, easy to extract. Just skip first 4 bytes from each as that's size/checksum/something else. I have more details here: https://www.r00t.cz/Misc/MikrotikNetinstallFromCF

But for next step you are on your own, as there is no commandline netinstall tool and this protocol is Mikrotik proprietary. But I expect it to be fairly simple, may be worth reverse-engineering it from wireshark captures....

Thank you @r00t, that is enlightening.

In your example, booting into the netinstall kernel from the CF card, how are you then getting the rest of the OS installed?

Where is the proper place to make a feature request? I see some in RouterOS/General but want to confirm that is the best place.

I did a quick search and only found one claim here that someone already did it, but no publicly available code. As for feature request, if you want an official response, best write to support. Ideally if you can tell them that you plan to buy their devices by thousands, that could help.

There's linux CLI netinstall with installation instructions.

It's better for Linux users, but it's still one big black box, not good if you want to integrate parts of it in your existing system.

Well, linux CLI is, as @sob rightfully noted, still good ole netinstall. Just wanted to mention it for two reasons: a) @r00t in his last post above wrote there's no command line netinstall and b) command line netinstall might help somehow to automate the provisioning process, not to the extent @OP wanted though

Yeah, while netinstall is functional for provisioning a switch, it has the following issues for us:

* Missing the ability to associate an image/config with a MAC address
* From my testing at least, it insists on using the default gateway interface (thus impossible to provision the switch from a gateway box without using a VM)
* Haven't tested this, but assuming that it would conflict with port assignments if it were run on the same box as other netbooting services
* No BSD binaries

I opened a feature request here: https://help.mikrotik.com/servicedesk/s ... /SUP-73052

Anyone else who is interested, please leave a comment on the feature request at the above link. That should increase the chances that it becomes accepted.

Hi, i would like to share my experiences, since i need to provisioning a hughe amount of boards.

The netinstall-cli tool does a god job installing a routerOS with a config-file. In my case this config is used as a "factory-reset".
To get this job done, i wrote a python-script around, to
a) run netinstall-cli with RouterOS + Config
b) after reboot detect MAC-Adress
c) push and deploy MAC-based Config via scp and ssh.

But i am looking for a more convinient solution aswell. Because the netinstall-cli-process is finished after one board is provisioned.
I need more a pxe-server-like service, that i can run the provisining-process parallel for several boards.

@weidmar please visit the feature request link above and mention that you are interested.

There's linux CLI netinstall with installation instructions.

Well, the statement "there is linux CLI netinstall" may evaluate as true (as there is something downloadable and called as such), but it does not WORK:
See here https://www.reddit.com/r/mikrotik/comme ... _on_linux/

In short:
- it segfaults
- it has no documentation (or source available, as then source could be documentation as in real OSS world)
- is quirky (why on earth disable/remove all interfaces? With -i and manually set IP you do implicitly say iface as well)
- the majority of site doco is about "how to set static IP on windows", not even mentioning how to invoke linux CLI

Is really a PITA.

Standards exist to implement them, and leave the rest of the work (that is pretty much done) to OSS world.

Nice way to revive an old post

I have not yet used netinstall using 7.11.2 but prior to that I have close to 100% success rate on Linux whereas with Windows, meh ... definitely below 10%, I would say.
Could be there is an issue with this specific version, you're not the first one mentioning this over here.
That doesn't change the fact there is a Linux version available, only this particular version seems to have a problem.

Interesting Reddit post BTW.
-r = reboot ? Really ?
Netinstall already reboots after successful install. So why use a parameter to do that ... again ?

-r

When the reinstallation process is performed, the configuration is reset, and for devices that have it, the default configuration will be applied. (optional)

And FWIW, netinstall is not by a long shot to be considered OSS.
It is a tool made by Mikrotik but not released as open source.

I do agree with you the tools themselves (both Linux and Windows) could be made a bit better, more documented and more fool-proof (e.g. more forgiving when multiple network interfaces are in use).
Until that is changed, we need to use what is available.

Am pretty much sure it segfaulted as i did not take "remove interfaces" step seriously...

Yes, robustness would be very welcome, as otherwise i had to tear down my work laptop (tailscale and docker are there for a reason of $work) only to netinstall, that does not make a lot of sense.

And at least -h that would explain me what does what.