why is MK so developer unfriendly?

ctech4285 · Sat Feb 13, 2010 1:00 am

Router os is Linux, but why proprietary userspace management applications.
then no patches no source code nothing?
why not provide code and a wiki on how to build RouterOS and leave out all the proprietary package.
why if MikroTik only sells routeros with the routerboards they would worry about license fees, why not just put those fees on the proprietary packages?

I love RouterOS but now i need to do something that i can not do

dssmiktik · Sat Feb 13, 2010 2:30 am

What is it that you cannot do? Maybe someone on the forums may be able to help.

Mikrotik is a very feature-rich router operating system. It's basically a tool for you (the network engineer) to use however you wish. It can be as simple or complex as you like.

Again, what is it that you want to accomplish?

Chupaka · Sat Feb 13, 2010 6:48 pm

why not provide code and a wiki on how to build RouterOS and leave out all the proprietary package

let me guess... because routing core is proprietary, and RouterOS without routing is not RouterOS? =)

ctech4285 · Sat Feb 13, 2010 7:59 pm

et me guess... because routing core is proprietary, and RouterOS without routing is not RouterOS? =)

but i could install BATMAN witch is more then nothing
MK routing package could be installed with a license and everything else is there for people to play with

Chupaka · Sat Feb 13, 2010 9:27 pm

I mean, packet routing facility - whole subsystem, not only routing protocols

anyway, if you want Linux - use it =)

ctech4285 · Sat Feb 13, 2010 10:50 pm

I mean, packet routing facility - whole subsystem, not only routing protocols

there got to be a way to have the best of both worlds RouterOS and Linux

what is MK business model selling licenses or selling hardware?

miahac · Mon Feb 15, 2010 12:50 am

what is MK business model selling licenses or selling hardware?

YES!

But I wish there could be a way to add packages and drivers.... I really just want DS3 card on newer realease..

Mon Feb 15, 2010 8:53 am

1. Most of the important stuff is written by mikrotik (some routing programs, drivers, wireless part) and is not open source.
2. If you start adding random stuff to RouterOS, we can no longer vouch for stability, compatibility etc. Just use linux then.

ctech4285 · Tue Feb 16, 2010 2:20 am

1. Most of the important stuff is written by mikrotik (some routing programs, drivers, wireless part) and is not open source.

ok how about bash access then?

2. If you start adding random stuff to RouterOS, we can no longer vouch for stability, compatibility etc. Just use linux then.

according to your license you don't vouch for stability anyways, also you can always refuse support for anything but stock mikrotik software.

hci · Tue Feb 16, 2010 2:52 am

what is MK business model selling licenses or selling hardware?
YES!

But I wish there could be a way to add packages and drivers.... I really just want DS3 card on newer realease..

DS3 and OC3!!!

Matt

csickles · Tue Feb 16, 2010 7:02 am

The code is "closed" for one reason. (in my opinion as well as conversations with MANY)

STABILITY.

I dont see Cisco or Juniper with open driver structure...
Unless you know something I dont...

I understand the open structure of the underlying OS, but ...
To provide a uniform platform and the ability of a small company to support it all,
the system realy needs to be closed..

When a service failes but only for one driver version for one card, who's fault is it..
The driver, the service (ppp Etc) the OS?

Open development has its place, but I dont think it does in an "appliance" role...

RouterOS is a swiss army knife, with MANY features, but it is still a routing appliance application...

I too have drivers I would like to "add", but not being a heavy linux developer, I am happy to let thoes that can, do...

(802.11 N USB) hint hint....)

Just my two cents (US worth)...

Tue Feb 16, 2010 7:06 am

haha, DS3/OC3 are only relevant to the US and maybe French market. Everywhere else on the planet can get ethernet delivery, even in little ol NZ

csickles · Tue Feb 16, 2010 7:16 am

Here in AZ..
Most "handoffs" are still T1...
Some T3..

MOST medical are IDSL.....

NOT KIDDING....

Ts lots and lots of Ts.....

Try and light a pice of fiber and watch you wallet vaporize !!!

I have 5 12 pair fiber lines to my data center...
Three terminate to three different C.O.s in the area.
I have been trying to get ONE pair (ANY PAIR) lit for over 3 years...
I still use 5 Copper T1s...
Soo far it looks like puting cable in my other building 1/4 mile away and
shooting 802.11N over is the best solution... (for now)
Now isnt that sad.. !!!

Telcos... What fun !!

NAB · Tue Feb 16, 2010 10:45 am

The code is "closed" for one reason. (in my opinion as well as conversations with MANY)

STABILITY.

What complete tosh.

Whether the code is open or closed makes absolutely no difference to the stability of the core product (although some would, no doubt, argue that the stability would be increased).

How on earth can opening the code result in a less stable product?

Yes, somebody could take that code, hack it and make their own drivers and the result may well be less stable, but then that would be a completely new product. The Mikrotik product wouldn't have had its stability changed in any way by the release of the new product - if somebody wants stability, they stay with Mikrotik RouterOS. If somebody wants features (at the possible expense of stability) then they go with the third party derivative.

The reason the source is closed is because it belongs to Mikrotik and they can choose whether it's open or closed. There is absolutely nothing wrong with this. They may have all sorts of reasons for making that decision, but stability cannot possibly be one of them.

Tue Feb 16, 2010 10:50 am

NAB, you didn't get his point. if you add lots of untested software, your personal router can get more unstable and you would blame mikrotik. We release what we test. We can't test all combinations of software.

NAB · Tue Feb 16, 2010 11:05 am

NAB, you didn't get his point. if you add lots of untested software, your personal router can get more unstable and you would blame mikrotik.

1 - No I wouldn't (but I appreciate that others may)

2 - I was crediting you with more intelligence than to allow third party installations on core RouterOS. I had assumed that your product wouldn't allow third party installations, but that if you chose to release your code as open source, that open source product would allow third party installations.

It would make no sense at all, I agree, to allow third party installations under your core product, but then I thought I had made that clear.

Tue Feb 16, 2010 11:09 am

the above discussion was exactly about installing 3rd party programs. see above complaints.

NAB · Tue Feb 16, 2010 12:05 pm

the above discussion was exactly about installing 3rd party programs.

No it wasn't. The OP asked if the RouterOS code (without your proprietary bits) could be posted on the Wiki. It wasn't until the 6th post that somebody asked if they could install third party code/drivers.

'csickles' stated that the code was closed for one reason only - Stability. I claim that this is complete rubbish. There may well be lots of very good reasons to keep the code closed (and I'm not for a moment arguing that it should be opened), but the arguments csickles made depends entirely on the assumption that Mikrotik would be forced to provide interoperability with third party code. I claim that this is not necessary.

If I buy a RB from MT, I would expect it to come with a stable, MT supported ROS. That's a given.

If I want to install third party drivers, then I would have thought it perfectly acceptable to flash the RB with a ROS derivative which is not supported by MT. I would have thought that MT would make it quite clear that any such derivative would not be allowed to be called RouterOS.

The next logical step is to get into an argument about whether the code should (for moral or commercial reasons) be released as open source. Some may say that Mikrotik are a typical closed source company running scared of open source. This is absolutely fine if they are responsive to feature requests/bugs. However...

Others may suggest that they are not only a closed source company, but a closed ranks company too. They may cite the IPv6oPPPoE issue as an example.

Whether or not I believe that is a different matter. However, there has been a call for non-proprietary code to be released (presumably under the GPL) and I would second that call.

Tue Feb 16, 2010 12:07 pm

OK, I misread that. Anyway, I was talking about 3rd party stuff. I can't comment on other aspects

bazzer · Tue Feb 16, 2010 12:18 pm

OK, I misread that. Anyway, I was talking about 3rd party stuff. I can't comment on other aspects

Can anybody who does know, comment on the other aspects?

Tue Feb 16, 2010 12:28 pm

that's company policy and it will not be changed in near future

hci · Tue Feb 16, 2010 5:46 pm

1. Most of the important stuff is written by mikrotik (some routing programs, drivers, wireless part) and is not open source.
ok how about bash access then?

Speaking of bash what would be nice is to have grep available on command line. I would like to be able to do this:

print with |grep user_i_am_looking_for

Occasionally there will be a thousand lines or so and filtering the output would be nice. Or is there a way to do this already?

fewi · Tue Feb 16, 2010 5:55 pm

Speaking of bash what would be nice is to have grep available on command line. I would like to be able to do this:
print with |grep user_i_am_looking_for
Occasionally there will be a thousand lines or so and filtering the output would be nice. Or is there a way to do this already?

[admin@MikroTik] > /ip address print where address~"^10.1"
Flags: X - disabled, I - invalid, D - dynamic
 #   ADDRESS            NETWORK         BROADCAST       INTERFACE
 1   10.1.0.1/24        10.1.0.0        10.1.0.255      inside
[admin@MikroTik] > /ip address print where address="10.1.0.1/24"
Flags: X - disabled, I - invalid, D - dynamic
 #   ADDRESS            NETWORK         BROADCAST       INTERFACE
 1   10.1.0.1/24        10.1.0.0        10.1.0.255      inside

netrat · Tue Feb 16, 2010 5:56 pm

The code is "closed" for one reason. (in my opinion as well as conversations with MANY)

STABILITY.

Is the underlying linux kernel that is the core of RouterOS stable?

I'm not bashing (no pun intended) on RouterOS. I just wish there was a little more openness. Getting linux to run on the newer routerboards and be fully functional is a PITA.

ctech4285 · Tue Feb 16, 2010 8:41 pm

ok closed source thats Mikrotik right if the GPL violations allegations here http://lists.gpl-violations.org/piperma ... 01759.html are not true

i don't like it and the arguments by them are rubbish in my opinion
there is a RB433 in my collection that does not run stable should i blame Mikrotik for spilling coffee on it? after all they didn't put in a case.

what is the argument for not allowing bash access? stability? protecting users from them selfs (i always thought that was the governments job)

duoran · Tue Feb 16, 2010 8:43 pm

Getting linux to run on the newer routerboards and be fully functional is a PITA.

Yeah, I was hoping my request for booting from the microSD (thread) would have gathered more support.

I'm a bit confused by this thread. I understand that certain components of RouterOS (especially the userspace) are proprietary, and I'm totally fine with that. I just wonder why MT doesn't publish the parts concerning the Linux kernel somewhere, as they are required to by the GPL.

Hell, if I were MT, I'd submit all my hardware drivers and stuff for inclusion into the kernel upstream, with a handful of free RB450s for the driver & network maintainers (greg h-k, etc). I'd wager a large amount that that hardware investment would pay off well

Not only would you get the finest Linux kernel devs out there to help you solve issues with your product, you'd generate quite a bit of good publicity!

hci · Tue Feb 16, 2010 10:12 pm

Every router comes with a copy of the license.

http://your_router_ip/help/license.html

Honestly I do not think there is another product out there that compares to MikroikOS. Its amazing what it can all do.

ctech4285 · Tue Feb 16, 2010 10:24 pm

Every router comes with a copy of the license.

a copy of a license and being gpl compliant are two different things.

Honestly I do not think there is another product out there that compares to MikroikOS. Its amazing what it can all do.

YES it is awesome but it can be better!

hci · Tue Feb 16, 2010 10:52 pm

Did you read the GPL part of there license?

ctech4285 · Tue Feb 16, 2010 11:41 pm

Did you read the GPL part of there license?

does that mean they are complying?

according to some this is not enough to be compliant

i really don't know enough about this to have an opinion

Wed Feb 17, 2010 8:28 am

that above mailing list is referring to a document more than 10 years old. at least find a newer copy of the license, duh

ctech4285 · Thu Feb 18, 2010 2:26 am

that above mailing list is referring to a document more than 10 years old. at least find a newer copy of the license, duh

oops sorry

datawolf · Thu Apr 25, 2013 6:30 pm

This is disgusting.

I was looking for a decent Wifi router and got attention about mikrotik.
Because I also seek a router that should have firmware updated regularly, I had to look what OS it uses.

Then I saw all these registration codes, licenses, activation keys... I thought that era of dinosaur proprietary ended long ago. But no.
Curious about what kernel this router might use, I was surprised it uses GPL-licensed Linux.

So, what about source code? Because, if you deliver an binary image (in any form, including what a router runs), and some component uses GPL, you need to open up your whole stack.

IF you are so favorite of proprietary development, why didn't you base your router on ... windows? Because, according to your stability and security claims, it should have been most secure. It would be splendid to watch it crash and burn several times a day.

Security AND Stability top only for freedom software development.

Because you use Linux, and at same time imply that stability and security are only good for closed source, you contradict yourself.

What you currently do, is:
develop a illegal OS,
breaking the principles of free software, even if you use free software yourself (here - thats Ubuntu Unity you were using)
have limited manpower
you are insecure by definition, because you are small and proprietary
you discourage any external ideas
you discourage majority of security-aware userbase, because the product can be easily discontinued/EOLed just because you want it so

Regarding 3rd party packages: you can EASILY provide official releases in source code and hence any modification to them would nullify your responsiblity (which you nullify anyway in your proprietary license).
What would that give you, is love from hardware integrators that would be able to customize your solution to their needs and at same time being reassured that the software base will be supported, either by mikrotik or by external developers.
Problem solved.

Regarding running router on non-mikrotik hardware: you can change whole licensing model, opening up the code completely and instead requesting payment to support the development. As easy as that.
Users would have official download location for your software and developers would be able to improve your code and legally submit patches to you.

What a shame.

docmarius · Thu Apr 25, 2013 7:57 pm

Don't get my wrong, I fully support GPL, but it doesn't state you have to open anything. It just states you have to provide a mean to get the GPL parts in source code. Not the proprietary ones.
So, for compliance, there should be a Linux package available for download or on requests, capable to run on the device, without any proprietary code (proprietary drivers parts can be delivered in object code).
Nothing more. But even this would be a step forward.

EMOziko · Thu Apr 25, 2013 9:29 pm

Current politic have own pros and cons.

For this reason RouterOS is so secure and there is no exploits for system.

But users cant add own drivers and cant build own software for routerOS, that's very bed.

Maybe there is a way of using system API tu build custom RouterOS packages and drivers for it without releasing the code of RouterOS. That would be great.

datawolf · Fri Apr 26, 2013 5:20 am

Don't get my wrong, I fully support GPL, but it doesn't state you have to open anything. It just states you have to provide a mean to get the GPL parts in source code. Not the proprietary ones.

Incorrect. GPL states that if source code is modified, dynamically or statically linked to anything, the resulting product source code should be provided per request. Hereby all modified or added changes are to be released as GPL, not as proprietary. However, this is good, not bad. Read further why

Current politic have own pros and cons.
For this reason RouterOS is so secure and there is no exploits for system.
But users cant add own drivers and cant build own software for routerOS, that's very bed.

Incorrect.
Linux is secure because its open. Exactly because Linux is getting huge amount of testing and beat down, it has security. Exactly same applies to OpenBSD.
Security by obscurity does not work! Obscurity will repell novice attackers, but not professionals.
And a product from a smaller company, being targeted by professional, is much easier target than a opensource product that was tested by huge community and managed by a small company.
I see no reason for exploits to appear if Mikrotik opens up whole source code, while retaining the patent pool.
Even if some exploits will appear, it would be positive, because that would mean they have existed inside before and will be uncovered exactly by opening up.
Users will be reassured that there are no expoits in Mikrotik.
Users will be able to find exploits and submit them upstream.
They will be able to patch them, if Mikrotik crew is too busy as well.
They will be confident that their network is beat-down secure and containing no hidden backdoors.
They will be able to add support for devices, that Mikrotik can't due to limited resources.
All this without Mikrotik risking anything, due to support of only "official release".
Users will be confident that their devices are supported till users have interest, and not when Mikrotik thinks there is interest or has human resources to manage them.
The whole activation scheme will move out and become agreement instead of DRM. It will become more attractive to customers, as customers will be paying for development and not for ability to use binaries. We have a multi-million dollar living example for that, which was able to dissolve huge proprietary-only Sun -- RedHat. We have another upcoming examples, which will dissolve proprietary-only Microsoft -- Android and/or Ubuntu.

Lets take another examples, they are so popular that people are known to replace original firmware with them straight after purchase.
I don't think I will damage any reputation of Mikrotik if I mention them, because I need them as another examples. They are DDWRT and OpenWRT.
The first one was actually born due to GPL violation.
Notice, that pro-GPL field, unlike proprietary patent-trolls are always seeking ways to shift company to open development for its own benefit, instead of trying to rip the money away.
Never the less, imagine Mikrotik being forced to open up whole software stack, regardless of how catastrophycal or positive you take it....
Out of Linksys force-opened source code came a project, that is powering routers world-wide now and its hugely successfull. So it was a win for Linksys.
But because this project is not entirely using bazaar(distributed) open(its half-open) model, there is another project, which looks to be winning over it.
As you see, in the end, working with community is much more productive than working against or working in parallel.

Maybe there is a way of using system API tu build custom RouterOS packages and drivers for it without releasing the code of RouterOS. That would be great.

Small steps are great way to go. But for me personally, security never associates with blackbox. On the opposite, black box associates with pandora box.
Still,.. I am not obligating Mikrotik to anything. I just shared my own reasons as a potentual customer, who has NOT choosen Mikrotik for objective reasons.

EMOziko · Fri Apr 26, 2013 2:25 pm

Don't get my wrong, I fully support GPL, but it doesn't state you have to open anything. It just states you have to provide a mean to get the GPL parts in source code. Not the proprietary ones.
Incorrect. GPL states that if source code is modified, dynamically or statically linked to anything, the resulting product source code should be provided per request. Hereby all modified or added changes are to be released as GPL, not as proprietary. However, this is good, not bad. Read further why

Current politic have own pros and cons.
For this reason RouterOS is so secure and there is no exploits for system.
But users cant add own drivers and cant build own software for routerOS, that's very bed.
Incorrect.
Linux is secure because its open. Exactly because Linux is getting huge amount of testing and beat down, it has security. Exactly same applies to OpenBSD.
Security by obscurity does not work! Obscurity will repell novice attackers, but not professionals.
And a product from a smaller company, being targeted by professional, is much easier target than a opensource product that was tested by huge community and managed by a small company.
I see no reason for exploits to appear if Mikrotik opens up whole source code, while retaining the patent pool.
Even if some exploits will appear, it would be positive, because that would mean they have existed inside before and will be uncovered exactly by opening up.
Users will be reassured that there are no expoits in Mikrotik.
Users will be able to find exploits and submit them upstream.
They will be able to patch them, if Mikrotik crew is too busy as well.
They will be confident that their network is beat-down secure and containing no hidden backdoors.
They will be able to add support for devices, that Mikrotik can't due to limited resources.
All this without Mikrotik risking anything, due to support of only "official release".
Users will be confident that their devices are supported till users have interest, and not when Mikrotik thinks there is interest or has human resources to manage them.
The whole activation scheme will move out and become agreement instead of DRM. It will become more attractive to customers, as customers will be paying for development and not for ability to use binaries. We have a multi-million dollar living example for that, which was able to dissolve huge proprietary-only Sun -- RedHat. We have another upcoming examples, which will dissolve proprietary-only Microsoft -- Android and/or Ubuntu.

Lets take another examples, they are so popular that people are known to replace original firmware with them straight after purchase.
I don't think I will damage any reputation of Mikrotik if I mention them, because I need them as another examples. They are DDWRT and OpenWRT.
The first one was actually born due to GPL violation.
Notice, that pro-GPL field, unlike proprietary patent-trolls are always seeking ways to shift company to open development for its own benefit, instead of trying to rip the money away.
Never the less, imagine Mikrotik being forced to open up whole software stack, regardless of how catastrophycal or positive you take it....
Out of Linksys force-opened source code came a project, that is powering routers world-wide now and its hugely successfull. So it was a win for Linksys.
But because this project is not entirely using bazaar(distributed) open(its half-open) model, there is another project, which looks to be winning over it.
As you see, in the end, working with community is much more productive than working against or working in parallel.

Maybe there is a way of using system API tu build custom RouterOS packages and drivers for it without releasing the code of RouterOS. That would be great.
Small steps are great way to go. But for me personally, security never associates with blackbox. On the opposite, black box associates with pandora box.
Still,.. I am not obligating Mikrotik to anything. I just shared my own reasons as a potentual customer, who has NOT choosen Mikrotik for objective reasons.

Linux is not secure, I mean, code is not secure. maybe 1000 programmers could not see some security bug in code, but there always will be one in 1 year or in five year who will find that bug and will exploit it. Linux has very good and fast patching system, and that's why it is so secure. But i think RouterOS cant have such patching system, cant have centralised and trusted repositories for open source packages, and if it becomes open source, it no longer will be secure system.

ChipP · Thu Aug 03, 2017 6:37 am

As far as the GPL(v3) goes, I've done some work on that project as an advocate. I'm very familiar with the legalities of it. Before I get started here if anyone would like to request sources or citations, please do not hesitate to ask but I'll try and be as upfront and clear as possible.

So long as Mikrotik's programming can stand on its own feet (meaning it can be compiled and run on software that is not GPLv3) it is allowed (citation). What this means is, RouterOS's proprietary modules must not use any GPL library, even those built-into Linux. Also, in accordance with the GPLv3, the distro of Linux that RouterOS uses must be distributed with RouterOS -- the source code must be exposed unless MikroTik is offering their software only with hardware now as SaaS, which is an exemption to the clause.

As far as open-source vs proprietary -- some users here already perfectly hit the nail head. There is a very good reason why Mikrotik chose Linux to build their product and not Windows, it sure as hell isn't for the awesome visuals. The fact is, when a community of knowledgeable programmers can offer peer review on software, more vulnerabilities and bugs can be identified and squashed. The entire reason Windows has, for years, been plagued by bugs and security exploits, is because they go unnoticed by their relatively small team of programmers. And when a hacker finds it, it goes unknown until it has filtered out into the wild so much that the exploit hits their own systems. Open Souce doesn't necessarily fix bugs or offer any added benefits, but what it does do is encourage those that want to do the right thing to open dialogue with the developers.

And that's my two cents.

do you want developer support?

Who is online