This is a short guide for everyone who wants to avoid the trouble I have been through when updating an ATL device which is difficult to access physically.
Disclaimer: I am not an expert. Just sharing some recent experience. Hopefully it will be helpful for others.
Huge thanks to @infabo and @Amm0 who helped!
Info, on which this guide is based
http://forum.mikrotik.com/t/trouble-cant-connect-to-atl-after-update/178987/1
https://help.mikrotik.com/docs/display/ROS/RouterBOARD#RouterBOARD-Prebootetherboot
It is also assumed you use a GNU/Linux system.
Before running any update
- In NetworkManager, configure an Ethernet connection:
IP address: 192.168.188.2/24
Gateway: 192.168.188.1
Set it to autoconnect
-
Download the netinstall-cli software and the appropriate NPK.
IMPORTANT: Verify sha256 checksums of downloaded files. -
On the ATL:
/system/routerboard/settings/set preboot-etherboot=10s preboot-etherboot-server=192.168.188.2
Check the result:
[admin@MikroTik] > /system/routerboard/settings/print
auto-upgrade: no
boot-device: nand-if-fail-then-ethernet
preboot-etherboot: 10s
preboot-etherboot-server: 192.168.188.2
boot-protocol: bootp
force-backup-booter: no
silent-boot: no
protected-routerboot: disabled
reformat-hold-button: 20s
reformat-hold-button-max: 10m
It won’t hurt to reboot the ATL - the preboot-etherboot configuration is stored in the BIOS.
/system/reboot
Updating
- Update packages
/system/package/update/check-for-updates
/system/package/update/download
/system/reboot
- Upgrade routerboard firmware
/system/routerboard/print
If upgrade-firmware version is newer than current-firmware and matches that of the packages:
/system/routerboard/upgrade
/system/reboot
- Upgrade LTE modem firmware
/interface/lte/firmware-upgrade lte1
If the above shows there is a newer version:
/interface/lte/firmware-upgrade lte1 upgrade=yes
-
Reboot and check if everything works. If it does, skip to last step.
In case of a problem (e.g. you can’t connect to the device after updating) -
Connect to the ATL and run:
sudo nft flush ruleset; sudo ./netinstall-cli -a 192.168.188.1 routeros-7.16-arm64.npk
This should show:
Version: 7.16(2024-09-20 14:05:37)
Using interface eth0
Using interface eth0
Waiting for Link-UP on eth0
Waiting for RouterBOARD...
- Restart the ATL from power and watch what happens in netinstall:
Assigned 192.168.188.1 to 12:34:56:78:9A:BC
Booting device 12:34:56:78:9A:BC into setup mode
Formatting device 12:34:56:78:9A:BC
Sending packages to device 12:34:56:78:9A:BC
Packages sent to device 12:34:56:78:9A:BC
Rebooting device 12:34:56:78:9A:BC
Successfully finished installing the device with MAC address 12:34:56:78:9A:BC
^C
IMPORTANT: After the success message, press CTRL+C to terminate the process. Otherwise the ATL will reboot and netinstall will repeat again and again.
- Check if everything works.
- If you think there are newer versions, try updating again (steps 4-7).
- Disable preboot-etherboot, thus ensuring nobody with physical access to your cable will netinstall your device:
/system/routerboard/settings/set preboot-etherboot=disabled preboot-etherboot-server=any
Comments and suggestions are welcome!