Hi, I recently purchased a CRS326-24G-2S+RM to evaluate for use in our networks.
I have used Mikrotik’s netinstall binary successfully to provision the switch. It works fine with some limitations (will only provision via the default gateway interface). However, we already have pxe/dhcp/tftp/http infrastructure for provisioning servers. I assume that the netinstall binary is a conveniently self-contained bundle of those services (correct me if I’m wrong).
Is there any documentation on serving RouterOS images manually using dhcp/tftp (plus any additional services that may be needed)? Is it not possible for some reason? Is the source code for the netinstall binary available somewhere?
Apologies if I overlooked the answer to this question somewhere here. I did look for it but was unsuccessful in finding anything.
I guess it might be possible to somehow extract boot images from netinstall and have them served using external server. But you’d still need the part that communicates with booted system and tells it to install things. I’m not aware of this being open in any way (but I didn’t search very hard). But main question is why? Netinstall is used primarily when something goes wrong and there’s no better way how to communicate with device.
Is there a better way to automatically provision RouterOS? Netinstall can get us from a stock switch to a configured switch quickly with minimal, no-skill, no-privilege intervention (holding down the reset button). We never have to touch the serial console, web GUI or even use password authentication at all.
I understand the convenience of using the netinstall binary for recovery, but it’s inflexible for auto-provisioning. It’s a shame because all of the components appear to be in place, they’re just obscured by the tooling.
It’s possible to load netinstall kernel using regular BOOTP/DHCP+TFTP server, the kernels are stored as EXE resources, easy to extract. Just skip first 4 bytes from each as that’s size/checksum/something else. I have more details here: https://www.r00t.cz/Misc/MikrotikNetinstallFromCF
But for next step you are on your own, as there is no commandline netinstall tool and this protocol is Mikrotik proprietary. But I expect it to be fairly simple, may be worth reverse-engineering it from wireshark captures…
I did a quick search and only found one claim here that someone already did it, but no publicly available code. As for feature request, if you want an official response, best write to support. Ideally if you can tell them that you plan to buy their devices by thousands, that could help.
Well, linux CLI is, as @sob rightfully noted, still good ole netinstall. Just wanted to mention it for two reasons: a) @r00t in his last post above wrote there’s no command line netinstall and b) command line netinstall might help somehow to automate the provisioning process, not to the extent @OP wanted though
Yeah, while netinstall is functional for provisioning a switch, it has the following issues for us:
Missing the ability to associate an image/config with a MAC address
From my testing at least, it insists on using the default gateway interface (thus impossible to provision the switch from a gateway box without using a VM)
Haven’t tested this, but assuming that it would conflict with port assignments if it were run on the same box as other netbooting services
Anyone else who is interested, please leave a comment on the feature request at the above link. That should increase the chances that it becomes accepted.
Hi, i would like to share my experiences, since i need to provisioning a hughe amount of boards.
The netinstall-cli tool does a god job installing a routerOS with a config-file. In my case this config is used as a “factory-reset”.
To get this job done, i wrote a python-script around, to
a) run netinstall-cli with RouterOS + Config
b) after reboot detect MAC-Adress
c) push and deploy MAC-based Config via scp and ssh.
But i am looking for a more convinient solution aswell. Because the netinstall-cli-process is finished after one board is provisioned.
I need more a pxe-server-like service, that i can run the provisining-process parallel for several boards.
I have not yet used netinstall using 7.11.2 but prior to that I have close to 100% success rate on Linux whereas with Windows, meh … definitely below 10%, I would say.
Could be there is an issue with this specific version, you’re not the first one mentioning this over here.
That doesn’t change the fact there is a Linux version available, only this particular version seems to have a problem.
Interesting Reddit post BTW.
-r = reboot ? Really ?
Netinstall already reboots after successful install. So why use a parameter to do that … again ?
-r
When the reinstallation process is performed, the > configuration is reset> , and for devices that have it, the default configuration will be applied. (optional)
And FWIW, netinstall is not by a long shot to be considered OSS.
It is a tool made by Mikrotik but not released as open source.
I do agree with you the tools themselves (both Linux and Windows) could be made a bit better, more documented and more fool-proof (e.g. more forgiving when multiple network interfaces are in use).
Until that is changed, we need to use what is available.
Am pretty much sure it segfaulted as i did not take “remove interfaces” step seriously…
Yes, robustness would be very welcome, as otherwise i had to tear down my work laptop (tailscale and docker are there for a reason of $work) only to netinstall, that does not make a lot of sense.
And at least -h that would explain me what does what.
