Today I replaced a hEX gr3 running 6.49 with a RB5009 with 7.12.1
One of the functions of the router is a backup via an LTE USB stick (HUAWEI).
When I plugged the stick from the old router to the new, a DHCP client was automatically created.
However, I want to edit the settings of that client. It is not possible because it is “dynamic”.
Now I seem to remember that a client was also automatically created in v6, however I was able to remove it and add a new one.
Is that no longer possible in v7? How can I edit parameters like “add default route” and “use DNS and NTP servers”?
In the LTE Profile, under /interface/lte/apn.
/interface/lte/apn/set [find name=default] default-route-distance=2 use-peer-dns=no add-default-route=no
Not sure if NTP over MBIM is even possible, but NTP not settable regardless.
FWIW, If you’re going to use routing tables, set a higher distance for LTE APN “DHCP-like stuff”, and then use lower distance “lte1” interface as gateway in the needed 0.0.0.0 /ip/route routes. That generally avoids need a script to set check-gateway=ping (which is NOT possible with DHCP-lite of APN Profiles)
Well, the HUAWEI stick just presents itself as a NAT router, it isn’t really an LTE device (no properties of LTE visible at all)…
So it would be sufficient to just to a DHCP request, you get IP 192.168.8.100/24 with gateway 192.168.8.1 and everything works.
As I want to use it only for a backup L2TP/IPsec tunnel, I do not want the default route to be set to LTE but I have a specific route for the L2TP server via 192.168.8.1.
Thanks for your info, it now works (with use-peer-dns=no add-default-route=no)
It is funny, when you set add-default-route=no the use-peer-dns=no is mandatory, which is of course nonsense (for this device) as the offered DNS server 192.168.8.1 is reachable just fine without a default route!
V7 support MBIM modems. I’d imagine you’d be able use an AT command to switch it from the “NAT-mode” (Linux ECM driver) to MBIM modem. That get the CGNAT address on the router.
If you google for your modem and MBIM (or if specs suggest Windows 8-11 support), I’d imagine there is some AT command that get it into MBIM mode, which get modem stats like RSSI too.
e.g. something “AT^SETMODE=1” – but you’d want to check for your specific modem.
Likely you’d be able use /system/serial to access the AT command line.
Ok, but I am not sure I want that… it is convenient in the config that the local address is always the same, and the double-NAT is no issue.
This link is not used for normal outgoing traffic, the L2TP tunnel is one of the BGP peerings to the central router, the usual traffic flows over GRE/IPsec via a VDSL line, and only when that is down the BGP switches the routes via the L2TP link only for remote access and to keep the LAN-LAN traffic up.
Of course when the LTE interface would be the main internet access it would all be different.
But we are looking at getting a 5G link for that, only we have to wait until the telco has finished the nearby 5G mast.
Fair enough. The double-NAT does offer a static config on Mikrotik side, so can see that’s being a plus. And L2TP is a different story for the NAT’ed CGNAT going on, than say WG/etc.
More note that, in most normal cases (not BGP+L2TP 
), likely better if modem operates in MBIM mode if possible in RouterOS as that removes the “extra” NAT from HUAWEI’s ECM/“NAT router” mode.
In my experience, managing dynamic DHCP clients can be a bit tricky, especially when you want to tweak specific settings. With the switch to v7, it’s possible that the process has changed a bit. Have you tried accessing the advanced settings or diving into the configuration files directly?
You can currently 7.15beta8 do the following, (it seems harder than it was)
Add a dhcp client for some other interface. (Make a bridge if necessary)
Save the new dhcp client and disable it.
Then with the lte device plugged in
Change the newly created dhcp client to use the lte1 interface (keep it disabled)
Change any other settings you want on the dhcp client.
Remove the lte device.
Hopefully the automatically created lte1 dhcp client will disappear.
However in 7.15beta8 mine didn’t disappear. (This seems to be new behavior), If it hasn’t disappeared, reboot the router,
the automatic dhcp client should be gone after reboot.
With the lte device still removed.
You should (hopefully) now be able to enable your custom lte dhcp client.
(Don’t attempt to edit it while the LTE device is unplugged)
Plug in the lte device, it should now use your custom dhcp client.
The only difference is the “LTE way” is there is no scripting actions on it. But if you didn’t have that need… I’m not sure what advantage to go through the trouble to “fool” routeros into creating an actual /ip/dhcp-client for an LTE interface? The APN Profile does mimic the other options of dhcp-client.
And while /ip/dhcp-client trick may work for ECM modem like @pe1chl’s Huawei that’s essentially a router-on-a-stick. But for a modern MBIM modem it sounds like a bad idea.
Haven’t tried in a while. But you can use passthough mode to a dedicated local VLAN (or perhaps MACVLAN or VXLAN) and then I suspect /ip/dhcp-client work directly on that.
Indeed it looks a lot more tricky, but maybe I have done it that way in the past…
I think I plugged the stick, the LTE1 device was created, then I unplugged it and made a DHCP client on the LTE1 device, then re-plugged the stick.
I can try to do that again… but will be during next working week.
The only advantage I can see right now is that it allowed me to use the offered DNS as a dynamic resolver without setting a default route.
The dynamic DNS resolver would be used only when the static ones configured on the VDSL all don’t respond. Now I had to configure 192.168.8.1 as a DNS resolver but I think it will be used all the time, I need to trace that when the network is in full operation monday.
I’m not sure the HUAWEI can operate in any other mode, it is an older type and no serial port is created.
When I plug in an LTE modem that’s in MBIM mode, I do not have the option to assign the DHCP client to it.
All of the advice here is only applicable if the LTE interface is in ECM mode, where the DHCP client can have the default route set.
When the LTE modem is in MBIM mode, and I try to use an L2TP tunnel, it will not pass traffic. If I have a modem in ECM mode, where I get a DHCP address from the modem, it will pass traffic.
If I put a hAP/etc behind an LTE enabled device, that second device will work just fine with L2TP, because the DHCP client is active.
So how do you get L2TP to work with an MBIM connection? How is the config different? Because you can’t just have a srcnat rule like v6, like before. So this tunnel config works perfect with a normal connection that uses DHCP, but completely stops working with an LTE interface set to WAN with MBIM in every version of v7 I’ve ever tried. And I’ve tried all of them.
It’s as if the OS isn’t updating default route information correctly. However, in Winbox, the route distances look correct, with the VPN coming before the LTE interface. It just won’t pass traffic.
I don’t know about MBIM mode, I don’t have it.
However, this setup works on the client side without any special tricks.
On the server side (also a MikroTik router) I needed to setup a manual IPsec configuration.
So in the L2TP server, IPsec is set to “no” and there is a IPsec policy and profile where in the “identity” the “generate policy” is set to “port override” instead of “port strict” as it would be by default.
I did this way in the past (under v6.xx) because L2TP/IPsec via double-nat would not work without it, and never removed it.
Likely it is still required.