MikroTik

Posted: **Wed Apr 08, 2015 12:59 am**

Hello everybody,

currently RouterOS supports adding dhcp options and it does send these only when requested from client. What I need is to send conditional options based on information the client sends.

My first example is PXE booting. Depending on what the client is, supports or what architecture it is based on I need to send different options. This is configuration snippet for ISC dhcpd:

# Declare the iPXE option space
option space ipxe;
option ipxe-encap-opts code 175 = encapsulate ipxe;

# iPXE feature flags, set in DHCP request packet
option ipxe.http      code 19 = unsigned integer 8;
option ipxe.bzimage   code 24 = unsigned integer 8;
option ipxe.pxe       code 33 = unsigned integer 8;
option ipxe.elf       code 34 = unsigned integer 8;
option ipxe.efi       code 36 = unsigned integer 8;
option ipxe.menu      code 39 = unsigned integer 8;

# Other useful general options
option arch code 93 = unsigned integer 16;

class "PXEClient" {
        match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
        
        allow booting;
        allow bootp;

        next-server 10.0.0.1;

        # Make sure the iPXE we're loading supports what we need,
        # if not load a full-featured version.
        if exists ipxe.http
          and exists ipxe.menu
          and ((exists ipxe.pxe
              and exists ipxe.bzimage
              and exists ipxe.elf)
            or (exists ipxe.efi)) {
                # Everything is fine, just send the boot configuration file.
                filename "http://10.0.0.1:3928/default.ipxe";
        } elsif exists user-class and option user-class = "iPXE" {
                # We're already using iPXE, but not a feature-full version,
                # and possibly an out-of-date version from ROM, so load a more
                # complete version with native drivers.
                if option arch = 00:06 {
                        filename "/ipxe/efi-i386.efi";
                } elsif option arch = 00:07 {
                        filename "/ipxe/efi-x86_64.efi";
                } else {
                        filename "/ipxe/ipxe.pxe";
                }
        } elsif exists user-class and option user-class = "gPXE" {
                # If someone has an old version of gPXE burned into their ROM,
                # load a more recent iPXE
                filename "/ipxe/ipxe.pxe";
        } elsif option arch = 00:06 {
                filename "/ipxe/efi-i386.efi";
        } elsif option arch = 00:07 {
                filename "/ipxe/efi-x86_64.efi";
        } else {
                filename "/ipxe/ipxe.pxe";
        }
}

This is kind of complex... It uses information from vendor-class-identifier, ipxe option space and architecture (general option code 93). But having a solution for that in RouterOS would be really great.

Another example is a mix of VoIP phones. Depending on the manufacturer I have to send different options...

# Siemens Opti Stage IP Phones
class "OptiIpPhone" {
        match if option vendor-class-identifier = "OptiIpPhone";
        option vendor-encapsulated-options 01:07:53:69:65:6D:65:6E:73:02:...;
}
 
 # Lync Phone
class "CPE-OCPHONE" {
        match if option vendor-class-identifier = "CPE-OCPHONE";
        option vendor-encapsulated-options 01:0B:43:50:45:...;
}
class "MS-UC-Client" {
        match if option vendor-class-identifier = "MS-UC-Client";
        option vendor-encapsulated-options 01:0C:4d:53:2d:...;

Thanks for your excellent devices and a great operating system for routers!

Best regards,
Chris

Posted: **Sun Nov 22, 2015 12:49 pm**

Hi, I have simular custom DHCP options too.

If DHCP->Leases has static item of DHCP client and this item has custom DHCP options, DHCP Server could offer this custom DHCP options to DHCP client even if DHCP client didn't send these options during DHCP Discovery package.

Thanks!

Posted: **Mon Jan 18, 2016 1:51 am**

I have a simmilar, all be it simplified requirement that this would be great for.

I want to be able to PXEboot systems with traditional BIOS and systems with EFI. Each needs a different boot file. You would usually enable this with

if option arch = 00:06 {
filename "pxelinux/bootia32.efi";
} else {
filename "pxelinux/pxelinux.0";
}

I would lover RouterOS to support this

Posted: **Wed Feb 08, 2017 9:50 pm**

Hi,

Is there any progress with this issue ? I'm also will be grateful for possibility returning different boot file depends of pxeboot system.

Posted: **Mon Mar 13, 2017 9:30 am**

Anything ever came out of it?

sebus

Posted: **Wed Mar 15, 2017 3:29 pm**

Nobody?

Posted: **Sun Mar 19, 2017 3:13 pm**

This is one attitude i dislike about mikrotik. They won't reply even when faced with important bugs. Maybe they only communicate with people they know. Disappointing.

But I'm so much so looking forward to this feature. We should have modern networking booting for modern times.

dnsmasq supports conditions, isc dhcpd supports it, even microsoft dhcp probably supports it.

Posted: **Mon Mar 20, 2017 8:42 am**

This is one attitude i dislike about mikrotik. They won't reply even when faced with important bugs. Maybe they only communicate with people they know. Disappointing.

Did you shoot them a mail at support@mikrotik.com? They always answer those mails and that's the address to turn to when you have:

found a bug
a feature request
questions not suitable for the forum
the need for a defintive answer

greetings, Daniel

Posted: **Tue Mar 21, 2017 12:25 am**

This is one attitude i dislike about mikrotik. They won't reply even when faced with important bugs. Maybe they only communicate with people they know. Disappointing.
Did you shoot them a mail at support@mikrotik.com? They always answer those mails and that's the address to turn to when you have:
found a bug
a feature request
questions not suitable for the forum
the need for a defintive answer
greetings, Daniel

On conditional dhcp? no. Did send a mail on issues prevalent with bridge+vlan on 6.38.5 to which i havent received a reply after a week. How about you send them an email on this on 'our' behalf and see if they do actually reply. (Since they always reply to you) You could then let us know of the wonderful news.

Posted: **Fri Mar 24, 2017 12:47 pm**

Hey!

On conditional dhcp? no. Did send a mail on issues prevalent with bridge+vlan on 6.38.5 to which i havent received a reply after a week. How about you send them an email on this on 'our' behalf and see if they do actually reply. (Since they always reply to you) You could then let us know of the wonderful news.

I did write to them and they answered in less than a day. They told me the same jinzhanhua did some posts above. "DHCP lease menu allows you to set different DHCP option or option set for specific client."
Well, I wasn't pleased with the answer and asked more specifically for "rule-based conditional DHCP options". They replied "We will see what we can do about it."

So this is probably not the "wonderful news" you were looking for, but they replied.

If you want to refer to my inquiry you may use the following ticket number: Ticket#2017032222001004. If they see more people requesting certain features it helps them decide what to implement next.

greetings, Daniel

Posted: **Mon Mar 27, 2017 1:06 pm**

Hey!

On conditional dhcp? no. Did send a mail on issues prevalent with bridge+vlan on 6.38.5 to which i havent received a reply after a week. How about you send them an email on this on 'our' behalf and see if they do actually reply. (Since they always reply to you) You could then let us know of the wonderful news.
I did write to them and they answered in less than a day. They told me the same jinzhanhua did some posts above. "DHCP lease menu allows you to set different DHCP option or option set for specific client."
Well, I wasn't pleased with the answer and asked more specifically for "rule-based conditional DHCP options". They replied "We will see what we can do about it."

So this is probably not the "wonderful news" you were looking for, but they replied.

If you want to refer to my inquiry you may use the following ticket number: Ticket#2017032222001004. If they see more people requesting certain features it helps them decide what to implement next.

greetings, Daniel

Heh I don't know, but that's great that they do reply to you promptly. Thanks for helping those of us here who wish to see this feature.

So dear mikrotik, hoping to see a more complete dhcp/dns server package in routeros, like dnsmasq/isc dhcpd.

Posted: **Mon Mar 27, 2017 1:12 pm**

Heh I don't know, but that's great that they do reply to you promptly. Thanks for helping those of us here who wish to see this feature.

So dear mikrotik, hoping to see a more complete dhcp/dns server package in routeros, like dnsmasq/isc dhcpd.

As I mentioned before: write them an email. Refere to the ticketnumber. It has much more of an effect.

greetings, Daniel

Posted: **Sat Jun 30, 2018 10:58 am**

Any solution?
I think so, because I managed with these configurations, boot via legacy and uefi in a virtual machine, without having to manually change the d boot file.
Sorry for the English, by google translator.

/ip dhcp-server
add address-pool=dhcp_pool0 bootp-support=dynamic disabled=no interface=\
ether5 lease-time=8h10m name=dhcp1
/ip dhcp-server option
add code=67 name=bios value="'undionly.kpxe'"
add code=67 name=uefi value="'ipxe.efi'"
/ip dhcp-server option sets
add name=legacy options=bios
/ip dhcp-server network
add address=10.100.100.0/24 boot-file-name=undionly.kpxe dhcp-option=uefi \
dns-server=10.100.100.1 domain=mkhome.lan.br gateway=10.100.100.1 \
next-server=10.100.100.252

Posted: **Fri Dec 14, 2018 1:09 am**

You define an option set named "legacy", but it is not used anywhere. I do not think this works.

Posted: **Fri Dec 28, 2018 11:29 pm**

You can use DHCP option 67 to change the boot file name, in fact ive been using that to easily change PXE and UEFI boot mode from winbox, and yes you can set a dhcp option to one filename and having a dhcp option set pointing to the other one(what i think he was missing on the last command) active at the same time on a network but it dosent work.

Posted: **Mon Jul 08, 2019 1:21 pm**

Hey, for those coming across this post, see the latest (at this time) changelog for RouterOS:

dhcpv4-server - added "vendor-class-id" matcher (CLI only);

source: https://mikrotik.com/download/changelog ... 486e7f63b5

Your wishes might have been fulfilled. (haven't tested it myself).

Posted: **Mon Jul 08, 2019 3:35 pm**

That's a step forward, but not a solution. We need the matcher for the architecture.

Posted: **Sun Aug 18, 2019 1:25 pm**

I am also looking forward this feature so I can network boot EFI, BIOS and amd64/i386/arm64 architectures.

Posted: **Tue Oct 15, 2019 8:38 am**

I am also looking forward this feature so I can network boot EFI, BIOS and amd64/i386/arm64 architectures.

so am i

Posted: **Mon Oct 21, 2019 8:55 pm**

I am also looking forward this feature so I can network boot EFI , BIOS

Posted: **Thu Apr 02, 2020 12:25 am**

If it change something, I also would like to ask for this feature.

Right now some of computers in my network cannot start without UEFI and I cannot make configuration depending on architectures for my administration/maintenance tools (like clonezilla).

Please consider add this feature.

Posted: **Tue Apr 28, 2020 2:04 am**

+1, wanting to netboot uefi machines.

Posted: **Mon May 04, 2020 6:05 am**

I am also after this.

We need something like the following way we do in bind. Still using bind

if exists user-class and option user-class = "iPXE" {
filename "";
option root-path "iscsi:iscsi.example.com::::iqn.1992-01.com.example.iscsi:target";
} else {
filename "undionly.kpxe";
}

Posted: **Mon Apr 12, 2021 12:33 am**

Our prayers have been answered! RouterOS 7 has support for vendor-class option-sets.

What's new in 7.0beta4 (2019-Dec-06 13:21):

!) included all features and fixes from 6.46 version;
!) implemented completely new User Manager package;
*) dhcpv4-server - added "option-set" parameter for each "vendor-class-id";
*) dhcpv4-server - added "radius-password' parameter under "config" menu;
*) dhcpv6-client - allow reading passed options in script;
*) dhcpv6-relay - include client's Link-Layer address in option 79;
*) interface - improved support for Intel, Mellanox and other generic network cards;
*) ipsec - fixed action=none policies;
*) ipv6 - added "disable-ipv6" parameter;
*) lte - added support for Quectel EC25-E;
*) lte - added support for Sierra Wireless MC7304;
*) lte - improved system stability when resetting modem;
*) package - fixed USB and CD-ROM installs;
*) ssh - improved key exchange algorithm support;
*) system - fixed port duplication on each system reboot;

Posted: **Sat Sep 24, 2022 12:25 pm**

As of RouterOS 7.4beta4 a generic matcher was implemented. See the manual at https://help.mikrotik.com/docs/display/ ... ricmatcher .
I have the same usecase as some posters above, where I wanted to load iPXE from a servers UEFI PXE implementation, and then break the loop, as based on the ISC dhcpd instructions on the iPXE site here: https://ipxe.org/howto/dhcpd#pxe_chainloading
I tried setting different option-sets for options 66/67 but I'm not sure that those options are even usable this way. This is because the next-server and boot-file-name options have to be set on the DHCP network in MikroTik. No matter what I tried to match using the generic matcher feature, the option sets were not applied by my MikroTik RB4011 running RouterOS 7.5.

However it turns out that there is a badly-documented feature for new versions of iPXE that allowed me to break the loop: even when ipxe.efi is loaded through PXE/TFTP, it will request a file called 'autoexec.ipxe' using TFTP from the same server. So the solution is simply to add that file to the existing MikroTik TFTP configuration alongside ipxe.efi and let it chainload to an ipxe script on a webserver, basically using the script from the iPXE chainloading page here: https://ipxe.org/howto/chainloading

The question left is whether the generic matching feature is supposed to only vary the address-pool, or whether it is also possible to vary the option-set when matched. For now I don't have a need to use it anymore.

Hope this helps anyone trying to use the built-in MikroTik DHCP/TFTP server and breaking the iPXE boot loop.

EDIT: Apparently there is some fix for the matcher functionality coming in 7.6, see viewtopic.php?t=188907#p958429 .

MikroTik

[Feature request] conditional dhcp options

[Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options

Re: [Feature request] conditional dhcp options