Question to our users about controllers

I know we had a similar topic a while ago, but here there are some more specific questions. This is just to gather ideas and general opinions.
Please don’t just answer “yes, give us everything”. It is more about what you would actually use, what you actually need.

1) Are you interested in a central controller for MikroTik devices? If yes: 
   a) do you need it for wireless settings only (like a centralised capsman)
   b) or you are interested to manage all configuration of these MikroTik devices 
2) How would you like to run it? 
   a) "Cloud solution" hosted by MikroTik? 
   b) Self hosted server on X86 (*NIX)
   b) Self hosted server as package on a powerful MikroTik router
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
  1. yes. All configuration for as many devices I like to manage. Across network boundaries.

  2. Docker or Linux Container. So one has the freedom to run it anywhere. Powerful ROS device using container package, Raspberry Pi or whatever. But “cloud solution by mikrotik” could useful for regular home users. So basically all 3 options make sense in some regards.

  • Central configuration management with templates. Similar concept of CAPsMAN - just for whole ROS. e.g. manage scripts or scheduler scripts centrally, provision to selected devices.
  • Central provisioning of unconfigured devices. Think of netinstall - just easier. Just press reset-button e.g. 10sec and it will show up in the controller. In the controller I can decide how to provision the device: either manuall by selecting a device-preset (CAP, standalone AP, Home AP, etc.) or manually by custom configuration template (managed on controller) or by auto-provisioning rules (similar to how capsman works now).

I think many fundamental features can be determined by evaluating competitors controller solutions. That would be the “base line”. Add Mikrotik ecosystem specific features on top.

  1. This needs to be thought from scratch. Depends on the functionality that needs to be covered. Does not need to be modern looking.

I can speak for my use case.

Centralised controller would be a great thing as I have to manage over 40 ROS devices right now. I combine dude for monitoring etc and winbox for management.

So if you are going in that way then i would include:

Configuration of devices
Monitoring
Network map like dude (or look into Ubiquiti and how they created maps)
Push notifications, so mobile app perhaps ?
Various counters for traffic etc.
Mass upgrade would be great but not just ROS but FW upgrade also.

Cloud based solution would be nice but leave possibility of packages or maybe possibility to run it on VM or CT.

Edit: infabo was faster.

Also one note for monitoring, please include UPS monitoting if possible.

  1. a) yes please a centralized capsman would be nice
    b) maybe, this smells like an enterprise solution that I personally do not need
    2 a) NO, no cloud
    b) sounds OK, might be the best option if resources are needed
    c) sounds like a “Dude” construction, is a possibility
  2. monitoring, config and provisioning including upgrading is what I am looking for, wifi connections and event monitoring…
  3. a separate program with a modern UI would be great.
  1. Yes, Option B
  2. A mix of option A and B, Cloud for initial zero-touch provisioning then redirected to a self hosted instance (could be a Linux app or a docker container).
  3. auto-upgrade, configuration management, zero-touch provisioning and monitoring.
  4. modern webUI.

Recently I had to replaced a failed routerboard in the field, in another country and if we had zero-touch provisioning that would be very easy.

The idea of a cloud redirect based on SN (only working when the device is on initial factory state) that points to where the routerboard should try to connect to continue provisioning.

Hi normis,

1) yes, to manage all configuration of these MikroTik devices 
2) self hosted for MikroTik router, *nix and container
3) mass auto-upgrade, configuration, provisioning, monitoring, backups (diff history of exports)
4) doesn't really matter
  1. Are you interested in a central controller for MikroTik devices? If yes:
    Yes - b) or you are interested to manage all configuration of these MikroTik devices

    \

  2. How would you like to run it?
    b) Self hosted server on X86 (*NIX)
    A package that can be installed ( example Ubuntu apt-get install mikrotik-controler )

  3. What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
    I would be interested in something that can manage and bulk hundreds to thousands of Mikrotiks.

  • mass auto-upgrade ( by IP range / by ROS ver / sequentially one at a time - not bulk all at the same time /
  • *** monitoring ********************************* :slight_smile: :slight_smile: :slight_smile: :slight_smile:
  • Wireless APs
  • Wireless clients
  • Customer owned Mikrotik routers that we manage ( access via port-forwards )
  • Some fiber connected Mikrotik routers
  • Many different passwords
  • Scan & search & report the following : ROS version, wireless signal strengths, what AP a client is connected to , uptime
  • Something that can use telnet & ssh & winbox & snmp to all Mikroitks
  • Something that can not be used to scan/break/attack the internet
  • alerts ( http play a sound and send an email )
  • logs of alerts


    \
  1. How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
    something completely new, moden web based UI etc
  • *nix package
  • Possibly make it a “Network Monitor System” that can monitor ( similar to Zabbix , LibreNMS , Cacti , WhatsUp and other ---- "

EDIT - add more notes; network maps with toggels to show Layer-2 and/or Layer-3 for how all devices are connected ( and add notes for each device ) -also- check services on some devices ( DNS , http , snmp … )
-also- perform multiple checks on each device ( check/ping all IPv4 and IPv6 addresses on each device ) & and check interfaces up/down

  • Possibly a Dude on steroids’ replacement that runs on *nix and installs as a package

North Idaho Tom Jones

Just for my use case of someone who uses and administers about 100 mikrotik devices of variable capability.

  1. I don’t use any mikrotik wireless devices, so my main use case would be device management

  2. Self hosted server on X86 (*NIX), no other solution interests me.

  3. My primary use case would be to provision and more importantly to push configuration changes across many devices at once. (New firewall rules, new dns entries, etc). What I would love to see, which admittedly is probably only applicable to my particular use case, would be a way to easily set up, push and manage ipsec and wireguard configurations to connect a fleet of mikrotiks to a centralized mikrotik. That alone would save me hours of time.

  4. Brand new web based system.


    Off the top of my head, what would be nice is a way to set up remote provisioning. If we could get a MAC address of a device and have the device owner enter a generated code that would connect their device to our controller no matter where they are located so long as they have internet access. Obviously that kinda conflicts with my desire to be completely self-hosted, but for initial connections and setup I wouldn’t mind a mikrotik owned server to facilitate the connection.

  1. How would you like to run it?
    a) “Cloud solution” hosted by MikroTik?
    No, self hosted.

b) Self hosted server on X86 (*NIX)
Yes, in docker, possibility to run it in docker on RaspberryPi.

c) Self hosted server as package on a powerful MikroTik router
Not required.

  1. What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
    Have possibilty co configure how much data is stored in the controller and search in historical data or just have realtime view from the moment of connecting to controller via client, without storing the data.
    Multitenancy (one controller, different view & permissions for different users), have the functionality similar to skins - create limited and read only view for customer.

1-yes, for everything.. All mk device
2 - I think could be all 3 options,
But I think if you make possible to run the controler (core) in a mk device like in chr or ccr, x86 would be a plus plus as a diferencial from other brands
3 - same model, idea, we have from other brands like unifi and omada, but would nice and an diferencial if we could manage centralized also standalone mkt devices
Just pussing update config to them..
4 - I think could be router base style, but some Web interface
Some kind like was is the dude, you do could manage inside ros like but have an application with gui..

Maybe if you redesign the dude it might be a way to go..
Many people here already suggested that..

Yes, possibly to manage all MikroTik devices.

Definitely self-hosted on X86. Possibly a Docker container, which can also be installed on powerful MikroTik routers. No cloud.

I would start with passive monitoring (e.g. alerts, monitoring of parameters), like Zabbix. Then, it can evolve to manage the configuration (like CAPsMAN).

Tough question. It depends on the system. If it is only a passive monitoring system, then a modern web-based UI would be the best. If, instead, it is used to manage and push the configuration, it must be based in the RouterOS configuration.

  1. Yes: b (all configuration)
  2. b) self hosted as package (rb5009 and more powerful routers); where not feasible for the entire configuration I would like to see the features I mention sub 3 below for routers such as AX3 and more powerful routers as a package;
  3. at least wireless, mass-upgrade, provisioning, monitoring, backup
  4. modern web based UI preferable but WinBox 4 could be an option

Sure, mostly for wireless because that is commonly the case where one would find a lot of devices on the same network, but managing a bunch of SwOS would be good as well.
If we are talking about managing devices across different sites than it has to have options for managing ROS as well but it needs some secure protocol for authentication and communication between controller and sites.

Cloud Based if we are talking about sites, or self hosted on a CHR/CCR which would be handy for a smaller network.

The mass upgrade would be great but it needs some credibility of the process. It can have a hash controller which the remote device can check and authenticate and if the upgrade file fails to be delivered it needs a log so you can see which did not received the file correctly.
Configuration and provisioning are mostly needed.
Monitoring I am not so sure, it would require HDD space I assume and upgrade after upgrade I don’t know if it will always be compatible.
One thing that is not mentioned is a central SYSLOG, a server for collecting logs from devices and save it even if powered down or rebooted.
Another could be VPN management but not sure if it is feasible, maybe read only. Same for VLAN.

Web based could be nice but don’t know how you can jump from web to ROS configuration when you would need to.

I can’t stress it enough that it needs a secure protocol for authentication in case it will be cloud based or CHR/CCR and it will connect to different sites.

That’s my two cents :slight_smile:

  1. Definitely yes Mainly a) but b) would also be nice
  2. I would definitely prefer Version b). Probably on a server. If a) is offered I might think about this, but having b) as an option would always be good.
  3. Monitoring features (as with the “abandoned” Dude and auto-upgrade. Best would be direct distribution of upgrade npk’s over my management network which does not have internet access.
    Another important part would configuration provision for CAPs. As with wifi-qcom-ac driver no vlans can be assigned on virtual aps and thus each cAP need the manual configuration. A full (customizable) configuration distribution for cAPs would be very nice.
  4. Maybe integrated like CAPsMAN with additional features for non-wifi purposes. → Configuring vlan on switches and on cAPs and distributing. (Might be challenging as different switch chips, etc require completely different type of configuration)
    A monitoring solution I would personally prefer with a custom web-interface. But at least this would not need many features, more data exporting functions to e.g. prometheus, influxdb, grafana, …

I am interested in a central controller for managing MikroTik devices. I would need it to manage all device configurations, not just wireless settings (although integration with CAPsMAN would also be useful).

I prefer the option of self-hosting:

  • On an X86 server running Linux or another *NIX-based system for maximum flexibility and control.
  • Additionally, having the option to run the controller as a package on powerful MikroTik routers would be valuable for local installations without the need for external servers.

The key features I would like to see include:

  • Mass auto-upgrade of devices to simplify firmware management.
  • Centralized configuration with the ability to easily apply policies and templates to all devices or specific groups.
  • Provisioning for quick setup and deployment of new devices.
  • Monitoring with detailed reporting, alerts, and the ability to quickly respond to incidents or performance degradation.

As for the interface, it’s not as important to me since I primarily use the CLI for device management. The solution could be similar to the current CAPsMAN or something entirely new, as long as all key features are accessible via command

  1. Yes, b
  2. Self hosted
  3. monitoring.
  4. based in RouterOS configuration
  1. All device, as I have to manage almost 70 ROS devices at location and, for example, if I need to change one config to APs, I have to use something like Ansible. It does work, but to prepare playbook I still need to dedicate time.
  2. Self hosted, as if one needs a central controller, he can run CHR instance and link locations. A docker, multi arch, solution sounds like a interesting idea.
  3. As someone have mentioned, a template system sound like a good idea. Like APs, switches, routers etc. I would like to provision a device to controller, select its template and a config is pushed. If I change template it pushes those changes, but let it be a selectable option. For example, like capsman and caps - I do run my template on them, but TX power can differ. I dont want controller to overwrite my needed changes in specific location. But I like to see other changes pushed, like SSID changes. Auto update, aka version management is a must have (including packages sync). Monitoring system also, as Dude is old. I would like to see most popular monitoring parameters and be able to export charts per days, months, years etc. Be able to create location, alerting, also be able to monitor other vendor devices via basic ping and snmp, but do not go over board. Then it just sounds like Zabbix clone. Controller migration and backup should be included, also sync. For example I have multiple locations I would like to sync templates, selectively and have some defined changes like I mentioned before. For example two schools - one main template, but basically SSID whit pass changed. Whit backup I also mean redundant controller on location - if one goes down, secound one takes over main role. From monitoring stand point I would like to see interface real time data, also a bit more detailed STA info in wifi registry. Modulations, spatial streams active (as some modulation overlap), interface used (band), etc useful information to understand better how network is doing. Including information from AP, like ch utilization, how devices roam (can be a option to have a deeper look into network, not enabled all the time).
  4. New winbox style overal is fine, new capsman style as a functinal template is fine. Web version? It depends. Its much more work for You to maintain web based controller and new winbox (dedicated controller ap?).

One can dream, and it starts to sound like other vendors whit limited configuration options, but I would not like to see ROS loose its freedom and configurability, so there must be a balance. Make it easier to scale and manage, but dont cut features in realistic manner.

High level:

An update to The Dude server+client would be a great first step…

Big Lebowski is right: “That rug really tied the room together.”

Rational: All the underpinnings for a “controller” are already in the Dude server. And y’all’s native multiplatform client for WinBox4 seems to be a BIG HIT, so Dude2 make a lot of sense to me. And, in world of HTML UI for these things… some native client to “control the controller” be a novel approach (and like more responsive/rich and more easily extended). And, most importantly, allow rich Layer2 support for discovery (CDP/MDP/LLDP/RoMON/etc) which are hard from a web GUI.

So…specific answers below assume some “new Dude” (aka Dude2) approach – since I’m already using The Dude package+client as a “controller” today - with only some minor grips over years. And that’s what I’m really looking for — even if it was just a client that was a “copy” of the existing Dude client with NO new features :wink:


  1. Are you interested in a central controller for MikroTik devices? If yes:
    a) do you need it for wireless settings only (like a centralised capsman)
    b) or you are interested to manage all configuration of these MikroTik devices

Any RouterOS device — Wi-Fi should not be special.

CAPsMAN is flexible enough for Wi-Fi config. But it should NOT do the RouterOS system config stuff it does today – just push Wi-Fi params. The “new controller” should deal with all system level stuff like config/upgrade/initial setup - not CAPsMAN - but it should be able to set a “device” as a CAPsMAN server, but CAPsMAN config be applied same as any other RouterOS config in this theoretical new controller.


  1. How would you like to run it?
    a) “Cloud solution” hosted by MikroTik?
    b) Self hosted server on X86 (*NIX)
    b) Self hosted server as package on a powerful MikroTik router

A RouterOS .NPK package for the “server” — y’all have CHR for larger use cases to run the “new controller” NPK (i.e., dude2.npk ;)). And native WinBox4-like version of The Dude client to manage it.

Why mess around with testing/packaging to deal with some arbitrary OS environment? Not mention how to “monitor the monitoring server/software”… now requires more stuff on running non-RouterOS device to do that… contra., in the old Dude server, you could solve this easily running a 2nd dude to handle “monitoring the monitoring”.

While I don’t use Docker/Kubernetes/etc for these things, but a lot folks do. But perhaps documenting/supporting CHR under “Docker” be easier to cover the “docker” needs. In fact CHR can already runs under Docker.


  1. What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.

All the features of current The Dude server package, plus:

  • CLI for anything possible in the current Dude client…
  • Specifically, being able to exporting data as CSV and SVG from RouterOS CLI and/or web service from the SQLite the Dude uses
  • Direct support for RoMON as a transport and discovery mechanism within Dude.
  • ability to dynamic render maps, or other views, via HTML – for a dashboard (outside of webfig, so renderable as a view for NOC or customers)
  • have some “friendly name” for a device, which may include client devices on LANs

For upgrades, being able to “assign” a version on a Dude tracked router device - applied with via Dude2 client, or via CLI + /system/scheduler can be used to cause/check upgrades as desired within the controller (aka Dude2).

Now, for configuration, the existing Dude is lacking there… I’d like to see some complete configuration to be stored with a RouterOS device in Dude, ideally in some templated form to allow variable substitution. It be fine if config is applied as a whole similar to TR069 just simplier/built in to controller (i.e. require a reboot to be applied). While a richer configuration scheme be nice, that seems like it could a “version 2” thing once the basic of new controller is figured out.

Additionally, adding some “update” as RouterOS primitive config command (with some guid=xxxx…xxxx to identify it) that either adds OR updates any existing entry - that would go a long way to be able to create some “templated config” – today re-apply config is not an easy task… The current “set”/“add” scheme gets in the way of “applying a config” over an existing config. And why I suggest a “whole” config a la TR069 that get applied be better than nothing for remote provisioning of routers.


  1. How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.

For “client” or the UI side of the controller… instead HTML-based UI as the controller, a multiplatform client is what should work any OS (not the controller server). The WinBox4 framework applied to whatever controller be a nifty approach. And a native client is easier to L2-type discovery, to avoid IP stuff being need for setup/flashing/adopting/etc type stuff.

While, there should be some HTML/web server support — HTML should be limited for “dashboards” – with those dashboard defined in the purposed Dude2 multi-platform client, kinda like “skins”, but for status. Or more sophisticated “HTML components”/widgets that can be rendered in existing web pages as desired. But HTML5 for configuration seems like a backward step - especially with all the great work that’s gone into WinBox4 which likely could be partially reusable for a Dude2.

And to increase “easy-of-use”…

  • some config wizards in the client to create a config (and have that generated+templated config “assigned” to a device).
  • capturing more use cases as a “QuickSet profile” for more advanced configurations like multi-wan, VPN gateway, etc.
    & these could be used as the config to “assign” to a device in the Dude2 controller.

Hi:
YES.
Have a look at TP-LINK for omada series they have a BOX (oc200), you can download a server for you to run, and you can have cloud.
and it works fine on any option.
The extra BOX is a very good solution does not load routers and easy for non tech users.

There is already almost same topic from MT created 2 years ago. After 2 years you should already have something…