Community discussions

MikroTik App
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 26897
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Question to our users about controllers

Wed Sep 18, 2024 4:47 pm

I know we had a similar topic a while ago, but here there are some more specific questions. This is just to gather ideas and general opinions.
Please don't just answer "yes, give us everything". It is more about what you would actually use, what you actually need.
1) Are you interested in a central controller for MikroTik devices? If yes: 
   a) do you need it for wireless settings only (like a centralised capsman)
   b) or you are interested to manage all configuration of these MikroTik devices 
2) How would you like to run it? 
   a) "Cloud solution" hosted by MikroTik? 
   b) Self hosted server on X86 (*NIX)
   b) Self hosted server as package on a powerful MikroTik router
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1459
Joined: Thu Nov 12, 2020 12:07 pm

Re: Question to our users about controllers

Wed Sep 18, 2024 5:15 pm

1) yes. All configuration for as many devices I like to manage. Across network boundaries.

2) Docker or Linux Container. So one has the freedom to run it anywhere. Powerful ROS device using container package, Raspberry Pi or whatever. But "cloud solution by mikrotik" could useful for regular home users. So basically all 3 options make sense in some regards.

3)

- Central configuration management with templates. Similar concept of CAPsMAN - just for whole ROS. e.g. manage scripts or scheduler scripts centrally, provision to selected devices.
- Central provisioning of unconfigured devices. Think of netinstall - just easier. Just press reset-button e.g. 10sec and it will show up in the controller. In the controller I can decide how to provision the device: either manuall by selecting a device-preset (CAP, standalone AP, Home AP, etc.) or manually by custom configuration template (managed on controller) or by auto-provisioning rules (similar to how capsman works now).

I think many fundamental features can be determined by evaluating competitors controller solutions. That would be the "base line". Add Mikrotik ecosystem specific features on top.

4) This needs to be thought from scratch. Depends on the functionality that needs to be covered. Does not need to be modern looking.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1501
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Question to our users about controllers

Wed Sep 18, 2024 5:22 pm

I can speak for my use case.

Centralised controller would be a great thing as I have to manage over 40 ROS devices right now. I combine dude for monitoring etc and winbox for management.

So if you are going in that way then i would include:

Configuration of devices
Monitoring
Network map like dude (or look into Ubiquiti and how they created maps)
Push notifications, so mobile app perhaps ?
Various counters for traffic etc.
Mass upgrade would be great but not just ROS but FW upgrade also.

Cloud based solution would be nice but leave possibility of packages or maybe possibility to run it on VM or CT.

Edit: infabo was faster.

Also one note for monitoring, please include UPS monitoting if possible.
 
eddieb
Member
Member
Posts: 353
Joined: Thu Aug 28, 2014 10:53 am
Location: Netherlands

Re: Question to our users about controllers

Wed Sep 18, 2024 5:56 pm

1) a) yes please a centralized capsman would be nice
b) maybe, this smells like an enterprise solution that I personally do not need
2 a) NO, no cloud
b) sounds OK, might be the best option if resources are needed
c) sounds like a "Dude" construction, is a possibility
3) monitoring, config and provisioning including upgrading is what I am looking for, wifi connections and event monitoring...
4) a separate program with a modern UI would be great.
 
jookraw
Member Candidate
Member Candidate
Posts: 146
Joined: Mon Aug 19, 2019 3:06 pm

Re: Question to our users about controllers

Wed Sep 18, 2024 6:20 pm

1. Yes, Option B
2. A mix of option A and B, Cloud for initial zero-touch provisioning then redirected to a self hosted instance (could be a Linux app or a docker container).
3. auto-upgrade, configuration management, zero-touch provisioning and monitoring.
4. modern webUI.

Recently I had to replaced a failed routerboard in the field, in another country and if we had zero-touch provisioning that would be very easy.

The idea of a cloud redirect based on SN (only working when the device is on initial factory state) that points to where the routerboard should try to connect to continue provisioning.
 
User avatar
baragoon
Member
Member
Posts: 376
Joined: Thu Jan 05, 2017 10:38 am
Location: Kyiv, UA
Contact:

Re: Question to our users about controllers

Wed Sep 18, 2024 7:24 pm

Hi normis,
1) yes, to manage all configuration of these MikroTik devices 
2) self hosted for MikroTik router, *nix and container
3) mass auto-upgrade, configuration, provisioning, monitoring, backups (diff history of exports)
4) doesn't really matter
 
User avatar
TomjNorthIdaho
Forum Guru
Forum Guru
Posts: 1549
Joined: Mon Oct 04, 2010 11:25 pm
Location: North Idaho
Contact:

Re: Question to our users about controllers

Wed Sep 18, 2024 7:35 pm

1) Are you interested in a central controller for MikroTik devices? If yes:
Yes - b) or you are interested to manage all configuration of these MikroTik devices


2) How would you like to run it?
b) Self hosted server on X86 (*NIX)
A package that can be installed ( example Ubuntu apt-get install mikrotik-controler )

3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
I would be interested in something that can manage and bulk hundreds to thousands of Mikrotiks.
- mass auto-upgrade ( by IP range / by ROS ver / sequentially one at a time - not bulk all at the same time /
- *** monitoring ********************************* :) :) :) :)
- Wireless APs
- Wireless clients
- Customer owned Mikrotik routers that we manage ( access via port-forwards )
- Some fiber connected Mikrotik routers
- Many different passwords
- Scan & search & report the following : ROS version, wireless signal strengths, what AP a client is connected to , uptime
- Something that can use telnet & ssh & winbox & snmp to all Mikroitks
- Something that can not be used to scan/break/attack the internet
- alerts ( http play a sound and send an email )
- logs of alerts



4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
something completely new, moden web based UI etc
- *nix package
- Possibly make it a "Network Monitor System" that can monitor ( similar to Zabbix , LibreNMS , Cacti , WhatsUp and other ---- "

EDIT - add more notes; network maps with toggels to show Layer-2 and/or Layer-3 for how all devices are connected ( and add notes for each device ) -also- check services on some devices ( DNS , http , snmp ... )
-also- perform multiple checks on each device ( check/ping all IPv4 and IPv6 addresses on each device ) & and check interfaces up/down
* Possibly a Dude on steroids' replacement that runs on *nix and installs as a package

North Idaho Tom Jones
 
hapoo
Frequent Visitor
Frequent Visitor
Posts: 59
Joined: Wed Apr 24, 2019 1:35 am

Re: Question to our users about controllers

Wed Sep 18, 2024 8:05 pm

Just for my use case of someone who uses and administers about 100 mikrotik devices of variable capability.

1. I don't use any mikrotik wireless devices, so my main use case would be device management

2. Self hosted server on X86 (*NIX), no other solution interests me.

3. My primary use case would be to provision and more importantly to push configuration changes across many devices at once. (New firewall rules, new dns entries, etc). What I would love to see, which admittedly is probably only applicable to my particular use case, would be a way to easily set up, push and manage ipsec and wireguard configurations to connect a fleet of mikrotiks to a centralized mikrotik. That alone would save me hours of time.

4. Brand new web based system.


Off the top of my head, what would be nice is a way to set up remote provisioning. If we could get a MAC address of a device and have the device owner enter a generated code that would connect their device to our controller no matter where they are located so long as they have internet access. Obviously that kinda conflicts with my desire to be completely self-hosted, but for initial connections and setup I wouldn't mind a mikrotik owned server to facilitate the connection.
 
DjM
Member Candidate
Member Candidate
Posts: 116
Joined: Sun Dec 27, 2009 2:44 pm

Re: Question to our users about controllers

Wed Sep 18, 2024 8:06 pm

2) How would you like to run it?
a) "Cloud solution" hosted by MikroTik?
No, self hosted.

b) Self hosted server on X86 (*NIX)
Yes, in docker, possibility to run it in docker on RaspberryPi.

c) Self hosted server as package on a powerful MikroTik router
Not required.

3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
Have possibilty co configure how much data is stored in the controller and search in historical data or just have realtime view from the moment of connecting to controller via client, without storing the data.
Multitenancy (one controller, different view & permissions for different users), have the functionality similar to skins - create limited and read only view for customer.
 
raffav
Member
Member
Posts: 345
Joined: Wed Oct 24, 2012 4:40 am

Re: Question to our users about controllers

Wed Sep 18, 2024 8:20 pm

1-yes, for everything.. All mk device
2 - I think could be all 3 options,
But I think if you make possible to run the controler (core) in a mk device like in chr or ccr, x86 would be a plus plus as a diferencial from other brands
3 - same model, idea, we have from other brands like unifi and omada, but would nice and an diferencial if we could manage centralized also standalone mkt devices
Just pussing update config to them..
4 - I think could be router base style, but some Web interface
Some kind like was is the dude, you do could manage inside ros like but have an application with gui..

Maybe if you redesign the dude it might be a way to go..
Many people here already suggested that..
 
dapilori90
just joined
Posts: 2
Joined: Tue May 26, 2015 8:54 pm

Re: Question to our users about controllers

Wed Sep 18, 2024 8:24 pm

1) Are you interested in a central controller for MikroTik devices? If yes:
a) do you need it for wireless settings only (like a centralised capsman)
b) or you are interested to manage all configuration of these MikroTik devices
Yes, possibly to manage all MikroTik devices.
2) How would you like to run it?
a) "Cloud solution" hosted by MikroTik?
b) Self hosted server on X86 (*NIX)
c) Self hosted server as package on a powerful MikroTik router
Definitely self-hosted on X86. Possibly a Docker container, which can also be installed on powerful MikroTik routers. No cloud.
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
I would start with passive monitoring (e.g. alerts, monitoring of parameters), like Zabbix. Then, it can evolve to manage the configuration (like CAPsMAN).
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
Tough question. It depends on the system. If it is only a passive monitoring system, then a modern web-based UI would be the best. If, instead, it is used to manage and push the configuration, it must be based in the RouterOS configuration.
 
vinalopo
just joined
Posts: 4
Joined: Tue Jun 06, 2023 5:56 pm

Re: Question to our users about controllers

Wed Sep 18, 2024 8:28 pm

1) Yes: b (all configuration)
2) b) self hosted as package (rb5009 and more powerful routers); where not feasible for the entire configuration I would like to see the features I mention sub 3 below for routers such as AX3 and more powerful routers as a package;
3) at least wireless, mass-upgrade, provisioning, monitoring, backup
4) modern web based UI preferable but WinBox 4 could be an option
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1076
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Question to our users about controllers

Wed Sep 18, 2024 9:23 pm

1) Are you interested in a central controller for MikroTik devices?
Sure, mostly for wireless because that is commonly the case where one would find a lot of devices on the same network, but managing a bunch of SwOS would be good as well.
If we are talking about managing devices across different sites than it has to have options for managing ROS as well but it needs some secure protocol for authentication and communication between controller and sites.
2) How would you like to run it?
Cloud Based if we are talking about sites, or self hosted on a CHR/CCR which would be handy for a smaller network.
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)?
The mass upgrade would be great but it needs some credibility of the process. It can have a hash controller which the remote device can check and authenticate and if the upgrade file fails to be delivered it needs a log so you can see which did not received the file correctly.
Configuration and provisioning are mostly needed.
Monitoring I am not so sure, it would require HDD space I assume and upgrade after upgrade I don't know if it will always be compatible.
One thing that is not mentioned is a central SYSLOG, a server for collecting logs from devices and save it even if powered down or rebooted.
Another could be VPN management but not sure if it is feasible, maybe read only. Same for VLAN.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI
Web based could be nice but don't know how you can jump from web to ROS configuration when you would need to.

I can't stress it enough that it needs a secure protocol for authentication in case it will be cloud based or CHR/CCR and it will connect to different sites.

That's my two cents :)
 
User avatar
robtor
Frequent Visitor
Frequent Visitor
Posts: 95
Joined: Sat Dec 09, 2023 3:27 pm
Location: Germany, Hessen
Contact:

Re: Question to our users about controllers

Wed Sep 18, 2024 9:45 pm

1) Definitely yes Mainly a) but b) would also be nice
2) I would definitely prefer Version b). Probably on a server. If a) is offered I might think about this, but having b) as an option would always be good.
3) Monitoring features (as with the "abandoned" Dude and auto-upgrade. Best would be direct distribution of upgrade npk's over my management network which does not have internet access.
Another important part would configuration provision for CAPs. As with wifi-qcom-ac driver no vlans can be assigned on virtual aps and thus each cAP need the manual configuration. A full (customizable) configuration distribution for cAPs would be very nice.
4) Maybe integrated like CAPsMAN with additional features for non-wifi purposes. -> Configuring vlan on switches and on cAPs and distributing. (Might be challenging as different switch chips, etc require completely different type of configuration)
A monitoring solution I would personally prefer with a custom web-interface. But at least this would not need many features, more data exporting functions to e.g. prometheus, influxdb, grafana, ...
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: Question to our users about controllers

Wed Sep 18, 2024 10:20 pm

I am interested in a central controller for managing MikroTik devices. I would need it to manage **all device configurations**, not just wireless settings (although integration with CAPsMAN would also be useful).

I prefer the option of **self-hosting**:
- On an **X86 server running Linux** or another *NIX-based system for maximum flexibility and control.
- Additionally, having the option to run the controller as a **package on powerful MikroTik routers** would be valuable for local installations without the need for external servers.

The key features I would like to see include:
- **Mass auto-upgrade** of devices to simplify firmware management.
- **Centralized configuration** with the ability to easily apply policies and templates to all devices or specific groups.
- **Provisioning** for quick setup and deployment of new devices.
- **Monitoring** with detailed reporting, alerts, and the ability to quickly respond to incidents or performance degradation.

As for the interface, it's not as important to me since I primarily use the **CLI** for device management. The solution could be similar to the current CAPsMAN or something entirely new, as long as all key features are accessible via command
 
nicolap
just joined
Posts: 19
Joined: Mon Sep 09, 2019 12:16 am

Re: Question to our users about controllers

Wed Sep 18, 2024 10:57 pm

1) Yes, b
2) Self hosted
3) monitoring.
4) based in RouterOS configuration
 
maigonis
Member Candidate
Member Candidate
Posts: 206
Joined: Sat Jul 20, 2019 8:16 pm

Re: Question to our users about controllers

Wed Sep 18, 2024 11:45 pm

1) All device, as I have to manage almost 70 ROS devices at location and, for example, if I need to change one config to APs, I have to use something like Ansible. It does work, but to prepare playbook I still need to dedicate time.
2) Self hosted, as if one needs a central controller, he can run CHR instance and link locations. A docker, multi arch, solution sounds like a interesting idea.
3) As someone have mentioned, a template system sound like a good idea. Like APs, switches, routers etc. I would like to provision a device to controller, select its template and a config is pushed. If I change template it pushes those changes, but let it be a selectable option. For example, like capsman and caps - I do run my template on them, but TX power can differ. I dont want controller to overwrite my needed changes in specific location. But I like to see other changes pushed, like SSID changes. Auto update, aka version management is a must have (including packages sync). Monitoring system also, as Dude is old. I would like to see most popular monitoring parameters and be able to export charts per days, months, years etc. Be able to create location, alerting, also be able to monitor other vendor devices via basic ping and snmp, but do not go over board. Then it just sounds like Zabbix clone. Controller migration and backup should be included, also sync. For example I have multiple locations I would like to sync templates, selectively and have some defined changes like I mentioned before. For example two schools - one main template, but basically SSID whit pass changed. Whit backup I also mean redundant controller on location - if one goes down, secound one takes over main role. From monitoring stand point I would like to see interface real time data, also a bit more detailed STA info in wifi registry. Modulations, spatial streams active (as some modulation overlap), interface used (band), etc useful information to understand better how network is doing. Including information from AP, like ch utilization, how devices roam (can be a option to have a deeper look into network, not enabled all the time).
4) New winbox style overal is fine, new capsman style as a functinal template is fine. Web version? It depends. Its much more work for You to maintain web based controller and new winbox (dedicated controller ap?).

One can dream, and it starts to sound like other vendors whit limited configuration options, but I would not like to see ROS loose its freedom and configurability, so there must be a balance. Make it easier to scale and manage, but dont cut features in realistic manner.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4286
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Question to our users about controllers

Thu Sep 19, 2024 4:17 am

It is more about what you would actually use, what you actually need.
High level:

An update to The Dude server+client would be a great first step...

Big Lebowski is right: “That rug really tied the room together.”

Rational: All the underpinnings for a "controller" are already in the Dude server. And y'all's native multiplatform client for WinBox4 seems to be a BIG HIT, so Dude2 make a lot of sense to me. And, in world of HTML UI for these things... some native client to "control the controller" be a novel approach (and like more responsive/rich and more easily extended). And, most importantly, allow rich Layer2 support for discovery (CDP/MDP/LLDP/RoMON/etc) which are hard from a web GUI.

So...specific answers below assume some "new Dude" (aka Dude2) approach – since I'm already using The Dude package+client as a "controller" today - with only some minor grips over years. And that's what I'm really looking for — even if it was just a client that was a "copy" of the existing Dude client with NO new features ;)

1) Are you interested in a central controller for MikroTik devices? If yes:
a) do you need it for wireless settings only (like a centralised capsman)
b) or you are interested to manage all configuration of these MikroTik devices

Any RouterOS device — Wi-Fi should not be special.

CAPsMAN is flexible enough for Wi-Fi config. But it should NOT do the RouterOS system config stuff it does today – just push Wi-Fi params. The "new controller" should deal with all system level stuff like config/upgrade/initial setup - not CAPsMAN - but it should be able to set a "device" as a CAPsMAN server, but CAPsMAN config be applied same as any other RouterOS config in this theoretical new controller.

2) How would you like to run it?
a) "Cloud solution" hosted by MikroTik?
b) Self hosted server on X86 (*NIX)
b) Self hosted server as package on a powerful MikroTik router
A RouterOS .NPK package for the "server" — y'all have CHR for larger use cases to run the "new controller" NPK (i.e., dude2.npk ;)). And native WinBox4-like version of The Dude client to manage it.

Why mess around with testing/packaging to deal with some arbitrary OS environment? Not mention how to "monitor the monitoring server/software"... now requires more stuff on running non-RouterOS device to do that... contra., in the old Dude server, you could solve this easily running a 2nd dude to handle "monitoring the monitoring".

While I don't use Docker/Kubernetes/etc for these things, but a lot folks do. But perhaps documenting/supporting CHR under "Docker" be easier to cover the "docker" needs. In fact CHR can already runs under Docker.

3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
All the features of current The Dude server package, plus:
* CLI for anything possible in the current Dude client...
* Specifically, being able to exporting data as CSV and SVG from RouterOS CLI and/or web service from the SQLite the Dude uses
* Direct support for RoMON as a transport and discovery mechanism within Dude.
* ability to dynamic render maps, or other views, via HTML – for a dashboard (outside of webfig, so renderable as a view for NOC or customers)
* have some "friendly name" for a device, which may include client devices on LANs

For upgrades, being able to "assign" a version on a Dude tracked router device - applied with via Dude2 client, or via CLI + /system/scheduler can be used to cause/check upgrades as desired within the controller (aka Dude2).

Now, for configuration, the existing Dude is lacking there... I'd like to see some complete configuration to be stored with a RouterOS device in Dude, ideally in some templated form to allow variable substitution. It be fine if config is applied as a whole similar to TR069 just simplier/built in to controller (i.e. require a reboot to be applied). While a richer configuration scheme be nice, that seems like it could a "version 2" thing once the basic of new controller is figured out.

Additionally, adding some "update" as RouterOS primitive config command (with some guid=xxxx...xxxx to identify it) that either adds OR updates any existing entry - that would go a long way to be able to create some "templated config" – today re-apply config is not an easy task... The current "set"/"add" scheme gets in the way of "applying a config" over an existing config. And why I suggest a "whole" config a la TR069 that get applied be better than nothing for remote provisioning of routers.

4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
For "client" or the UI side of the controller... instead HTML-based UI as the controller, a multiplatform client is what should work any OS (not the controller server). The WinBox4 framework applied to whatever controller be a nifty approach. And a native client is easier to L2-type discovery, to avoid IP stuff being need for setup/flashing/adopting/etc type stuff.

While, there should be some HTML/web server support — HTML should be limited for "dashboards" – with those dashboard defined in the purposed Dude2 multi-platform client, kinda like "skins", but for status. Or more sophisticated "HTML components"/widgets that can be rendered in existing web pages as desired. But HTML5 for configuration seems like a backward step - especially with all the great work that's gone into WinBox4 which likely could be partially reusable for a Dude2.

And to increase "easy-of-use"...
- some config wizards in the client to create a config (and have that generated+templated config "assigned" to a device).
- capturing more use cases as a "QuickSet profile" for more advanced configurations like multi-wan, VPN gateway, etc.
& these could be used as the config to "assign" to a device in the Dude2 controller.
 
brandaoeb
just joined
Posts: 6
Joined: Fri Jan 27, 2017 9:06 am

Re: Question to our users about controllers

Thu Sep 19, 2024 9:40 am

Hi:
YES.
Have a look at TP-LINK for omada series they have a BOX (oc200), you can download a server for you to run, and you can have cloud.
and it works fine on any option.
The extra BOX is a very good solution does not load routers and easy for non tech users.
 
Rox169
Member
Member
Posts: 467
Joined: Sat Sep 04, 2021 1:47 am

Re: Question to our users about controllers

Thu Sep 19, 2024 1:59 pm

There is already almost same topic from MT created 2 years ago. After 2 years you should already have something...
Last edited by Rox169 on Thu Sep 19, 2024 3:40 pm, edited 1 time in total.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: Question to our users about controllers

Thu Sep 19, 2024 2:41 pm

Do we not think that 3MB Winbox 3 vs 50MB Winbox4 = Controller already buit-in Winbox4 but dissabled ??
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1501
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Question to our users about controllers

Thu Sep 19, 2024 2:42 pm

Who knows... Mikrotik is full of surprises lately... :D
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4286
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Question to our users about controllers

Thu Sep 19, 2024 3:26 pm

I like the hope...
Do we not think that 3MB Winbox 3 vs 50MB Winbox4 = Controller already buit-in Winbox4 but dissabled ??
But... the size difference is because winbox3 uses Windows GDI, so the UI rendering comes from an existing Window's DLL that dynamically loaded and not "inside" of winbox.exe. In WinBox4, the entire UI library/rendering code is built-in to Winbox4 executable - this is why you see the complaints about the "statically linked QT" in WinBox4 thread.
 
mada3k
Forum Veteran
Forum Veteran
Posts: 740
Joined: Mon Jul 13, 2015 10:53 am
Location: Sweden

Re: Question to our users about controllers

Thu Sep 19, 2024 5:20 pm

1) b) manage all configuration of MikroTik devices
2) b) Self hosted server on X86 (*NIX) - running on routers doesn't scale.
3) mass auto-upgrade, configuration, provisioning, monitoring, "SD-WAN" manager for tunnels and VRFs, end-to-end service provisioning, central VPN management
4) modern web based UI yes please
 
HenryChinaski
just joined
Posts: 11
Joined: Mon Sep 25, 2017 10:00 pm

Re: Question to our users about controllers

Thu Sep 19, 2024 6:53 pm

Make it "dude" and better!

1) b) manage all configuration of MikroTik devices
2) b) Self hosted server
3) mass auto-upgrade, configuration, provisioning, monitoring, "SD-WAN" manager for tunnels and VRFs, end-to-end service provisioning, central VPN management
4) modern web based UI yes please
 
avacha
newbie
Posts: 32
Joined: Thu Jan 25, 2018 9:12 pm

Re: Question to our users about controllers

Thu Sep 19, 2024 8:40 pm

1) b
2) Most large commercial organizations have an information security division. The guys in this division really dislike software that can't reside inside the perimeter. Even more they don't like devices with built-in potential backdoor..., sorry, I meant cloud connectivity without the ability to disable that feature. Yes, if you thought about one manufacturer with subscription firmware - such are also used only on peripherals - nothing more serious than a hot dog stand such devices are not trusted.
So any variants, but NO cloud management please. However... Perhaps a good idea would be to add the ability to initiate a connection via the cloud, then connect directly to the controller. Of course, this feature should be user-adjustable - on or off. Maybe container as most simple solutiuon - run at powerful MT router, self-hosted or VPS server, etc..
3) RouterOS and bootloader upgrades, centralized management, provisioning, VPN auto-provisioning (something like DMVPN)
4) Please, no bells and whistlers! MT users not equal home users, why do you think we are really need transparency and curved window board? Better do some more for functionality and stability.
 
User avatar
wia754
Trainer
Trainer
Posts: 6
Joined: Mon Apr 30, 2012 7:09 pm

Re: Question to our users about controllers

Thu Sep 19, 2024 9:06 pm

1) Are you interested in a central controller for MikroTik devices?
Yes, option B ( manage all configuration )

2) How would you like to run it?
b) Self hosted server on X86 (*NIX)

3) What features would you like to see mostly?
Answer: The most important features include configuration, provisioning, monitoring, SD-WAN management, and end-to-end service provisioning.
Configuration Management: The ability to create, edit, and deploy configurations to multiple devices simultaneously. This would include templated configurations, version control, and the ability to push configurations based on device groups or roles.
Provisioning: Automated provisioning for new devices would streamline onboarding. As soon as a device is added to the network, it should automatically receive the correct configuration based on predefined templates.
End-to-End Service Provisioning: The ability to provision services end-to-end is essential. This includes managing QoS policies, VLANs, VPNs, and other network services from a single interface.

4) How do you imagine this service would look?
Answer: I envision a modern web-based UI.
The service should be built around a modern, responsive web-based interface that is easy to navigate. A dashboard with a clear overview of the network status, alerts, and essential KPIs (e.g., device health, traffic flows) should be the first thing users see.
 
dakobg
Member Candidate
Member Candidate
Posts: 120
Joined: Mon Nov 06, 2017 8:58 am

Re: Question to our users about controllers

Thu Sep 19, 2024 10:19 pm

1) b) or you are interested to manage all configuration of these MikroTik devices

2) b) Self hosted server on X86 (*NIX) (docker (this will allow it to be hosted on more powerfull mk device if someone want to do that :) ), k8s, linux src, linux pkg)

3) (mass auto-upgrade, configuration, provisioning, monitoring) including option to do per device configuration from central place , api

4) something completely new, moden web based UI etc. focused on MULTIPLE device managment > can be similar to the new winbox ( look/design ) in order to keep consitance between diferent tools with similar go

5) bonus :) please add multi sesion switch option to the new winbox (aka dropdown menu which can switch between several connected devices to the same winbox instance/app ) < if is posible will be greate (also I belive is not so hard to be implemented ) until we waiit for the central managment tool

6) bonus :) please include existing DUDE abilities like maps etc ..
 
User avatar
spippan
Member
Member
Posts: 460
Joined: Wed Nov 12, 2014 1:00 pm

Re: Question to our users about controllers

Thu Sep 19, 2024 11:14 pm

1) a + b as maybe 2 seperate installments or a as a subcategory in b

2) self hosted on X86 preferably

3) main features (for a start):
  • firmware revision with up/downgrade of many devices maybe also in groups/sites (like the UISP from U)
  • config push and backup with diff (change management) archive
  • monitoring with dashboard
  • netflow collector and analyzer (!) would be a killer
  • maybe an inventory to manage a stock
4) all the way webgui (html5) !! maybe connecting via API-SSL and/or SSH
 
User avatar
sirbryan
Member
Member
Posts: 394
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: Question to our users about controllers

Fri Sep 20, 2024 3:31 am

As an internet Service Provider, that also is considering more of a Managed Service Provider role:

For my own stuff, locally-hosted servers are a must, and containers (or an NPK on a CCR2xxx/CHR would be cool).

I like how Ubiquiti keeps UniFi separate from UISP. I use UniFi to manage customer's internal networks and WiFi, and UISP to manage all the radios on the houses and towers. If there was a way in this monolithic controller app you're proposing to separate private user/business networks from my ISP network, specifically with internal WiFi functions managed separately from the outdoor wireless (since MikroTik devices can do both), that would be helpful.

I like the idea of building on what the Dude can already do. As it is a utility, I prefer function over form. Pretty whitespace leads to poorly-collapsing web fields on small form-factor browsers (phones/tablets).
 
sff
just joined
Posts: 17
Joined: Fri Aug 13, 2010 5:15 pm

Re: Question to our users about controllers

Fri Sep 20, 2024 2:33 pm

I have been doing this for years, although I do a lot more than some of the things I saw mentioned. I have an environment where I support at the moment about 400 or so MikroTiks across a couple of dozen locations and customers.

Capsman is not a viable option, because there are roughly 50 different SSIDS, and some customers have access points that could have as many as four or five virtual wireless interfaces in different VLANS (one customer has about two dozen internal networks). Most, but not all, are devices that do not face the Internet, and in many cases for legal reasons cannot reach the Internet themselves, although traffic passing through them does, either directly or through a VPN somewhere to the main network for that customer.

Since not all customers let you update things anytime you want, I have to track maintenance windows for various sites for when things can be worked on. And since many of my customers have people on staff that can make local changes, I have to know when something is updated so that if we lose a device (rare), we have a valid backup. Again, most devices cannot reach the Internet so I cannot use any of the built-in backup systems and I also want to be able to do comparisons to see what changed or search for settings across multiple devices. So the server is tracking updates on the MikroTik site and downloading new versions of router OS for all the hardware models I have in the field (which is everything except X86), and devices can be scheduled to update based upon the noted maintenance window for a particular customer or a particular location of theirs.

Every device needs to be audited at least once a week, and the backup updated if there were any changes made locally. Detection of things like storage errors on older devices to predict equipment failure is of course necessary. There is a web interface and each user can only see their devices when they login.

Sort of a fun project that has saved me many many hundreds of hours and saved customers multiple times over the past decade or so because I had a back up of their devices and they didn’t. Or I can login and see what they changed from my web interface and tell them why they should not have done what they did.

I thought about making it commercially available several times over the years, and that could be easily done. But to be honest, there’s no profit in it. People don’t want to pay for really good management systems, and it isn’t worth supporting customers where I don’t actually get paid to fix things or install new equipment. My understanding is there are several out there providing this kind of service, and I have been told some of them are great and some of them are horrible.

My guess is that there are probably at least 100 other long-term Mikrotik users that have their own systems developed as well. I would be shocked if there are not.
 
User avatar
spippan
Member
Member
Posts: 460
Joined: Wed Nov 12, 2014 1:00 pm

Re: Question to our users about controllers

Fri Sep 20, 2024 3:28 pm

As an internet Service Provider, that also is considering more of a Managed Service Provider role:

For my own stuff, locally-hosted servers are a must, and containers (or an NPK on a CCR2xxx/CHR would be cool).

I like how Ubiquiti keeps UniFi separate from UISP. I use UniFi to manage customer's internal networks and WiFi, and UISP to manage all the radios on the houses and towers. If there was a way in this monolithic controller app you're proposing to separate private user/business networks from my ISP network, specifically with internal WiFi functions managed separately from the outdoor wireless (since MikroTik devices can do both), that would be helpful.

I like the idea of building on what the Dude can already do. As it is a utility, I prefer function over form. Pretty whitespace leads to poorly-collapsing web fields on small form-factor browsers (phones/tablets).
+1
 
adam234
just joined
Posts: 2
Joined: Thu Mar 04, 2021 12:16 pm

Re: Question to our users about controllers

Fri Sep 20, 2024 4:14 pm

  1. b
  2. b

  3. - connecting remote devices over secured channel into central manager (possible through NAT)
    - list of connected devices and their status (up/down, model, version OS, version FW)
    - centralised logs, history and graphs (CPU, memory, interface bandwidth)
    - centralised backups, sending batch configurations
    - saving dataretention information
    - remote connection (terminal, web, winbox)
    - centralized terminal/winbox/webui (remote console) with user management and priveleges (like Bastillion for SSH)
  4. WebUI with API
 
ormandj
just joined
Posts: 18
Joined: Tue Jun 15, 2021 12:25 am

Re: Question to our users about controllers

Fri Sep 20, 2024 10:14 pm

Self hosted is most important but NOT just x86, please ensure arm* builds are available too. Containers at a minimum so it can be run regardless of distribution. I'd love something that was easy to deploy in kubernetes via a manifest (please no helm if avoidable, kustomize is great if you need some functionality like templating without the 1000lb gorilla).
 
KillerOPS
Member Candidate
Member Candidate
Posts: 152
Joined: Sat Oct 31, 2009 9:27 pm

Re: Question to our users about controllers

Sat Sep 21, 2024 1:13 am

I won't answer your questions directly, but rather advise you to check out nokia eda, get in touch with those guys and make routeros compatible with that system.
Why reinvent the wheel when there are some good ones already rolling? Make your cart use them :)

ps. let's not have another ubnt, mikrotik can do much better than that ;)
If people need pointing and clicking, they can just use ubnt
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: Question to our users about controllers

Sat Sep 21, 2024 4:16 pm

I won't answer your questions directly, but rather advise you to check out nokia eda, get in touch with those guys and make routeros compatible with that system.
Why reinvent the wheel when there are some good ones already rolling? Make your cart use them :)

ps. let's not have another ubnt, mikrotik can do much better than that ;)
If people need pointing and clicking, they can just use ubnt
Besides watching shiny and colorful advertisement I doubt you actually had a chance to work with it before giving advise here... since EDA was released only a couple of days ago...
I also very much doubt you have any idea on how much EDA costs and is it actually viable solution for lower cost gear like Mikrotik?
 
Wheelhousemarine
just joined
Posts: 10
Joined: Thu Sep 19, 2024 5:20 pm

Re: Question to our users about controllers

Sat Sep 21, 2024 7:09 pm


1) Are you interested in a central controller for MikroTik devices? If yes:
a) do you need it for wireless settings only (like a centralised capsman)
b) or you are interested to manage all configuration of these MikroTik devices
2) How would you like to run it?
a) "Cloud solution" hosted by MikroTik?
b) Self hosted server on X86 (*NIX)
b) Self hosted server as package on a powerful MikroTik router
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
1. Yes, b
2. a and b.
3. i like configuration and provisioning.
4. Moden web base ui.
 
KillerOPS
Member Candidate
Member Candidate
Posts: 152
Joined: Sat Oct 31, 2009 9:27 pm

Re: Question to our users about controllers

Sat Sep 21, 2024 10:37 pm

I won't answer your questions directly, but rather advise you to check out nokia eda, get in touch with those guys and make routeros compatible with that system.
Why reinvent the wheel when there are some good ones already rolling? Make your cart use them :)

ps. let's not have another ubnt, mikrotik can do much better than that ;)
If people need pointing and clicking, they can just use ubnt
Besides watching shiny and colorful advertisement I doubt you actually had a chance to work with it before giving advise here... since EDA was released only a couple of days ago...
I also very much doubt you have any idea on how much EDA costs and is it actually viable solution for lower cost gear like Mikrotik?
Let's say I know quite a bit about what's under the hood and how it works and I was quietly waiting for this announcement :) And it's not only a shiny presentation, it's a game-changer.
If it's viable or not for Mikrotik - it all depends on the Mikrotik team making RouterOS play nicely with it or not.
Regarding cost, you are right, but maybe we should wait and see.
I don't want to turn this topic into a discussion about something else, I just wanted to point the mikrotik-guys to some new exciting developments in the industry.

And to answer the questions:
1 b
2 c (or maybe b if c is not feasible)
3 all of them, and for monitoring I would like to see streaming telemetry
4 definitely a web based UI as winbox is good for its current use-case, but pretty limited for a full-fledged UI

Thanks!
 
TuxPowered
just joined
Posts: 19
Joined: Mon May 23, 2022 12:35 pm

Re: Question to our users about controllers

Sun Sep 22, 2024 12:25 am

> 1) Are you interested in a central controller for MikroTik devices? If yes:
> a) do you need it for wireless settings only (like a centralised capsman)
> b) or you are interested to manage all configuration of these MikroTik devices

Wireless, DHCP and firewall: I'm interested in a central place for managing clients' connectivity. Currently information and configuration for a single client is spread between:
- /ip/arp
- /ip/firewall
- /ipv6/neighbour
- /ipv6/firewall
- /interface/wifi/access-list
- /interface/wifi/registration-table
- /log

> 2) How would you like to run it?
> a) "Cloud solution" hosted by MikroTik?
> b) Self hosted server on X86 (*NIX)
> b) Self hosted server as package on a powerful MikroTik router

What's the definition of "powerful"? At one of my locations where I've built a network based on Mikrotik devices I have hAP ac³ as the central device. I expect the features to work as a separate package possible to install on devices with 128MB storage. I would prefer to not have anything depend on "cloud".

> 3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.

Let's start with some other systems I also use apart from Mikrotik and using them shows me where Mikrotik lacks.

At my home I use a FritzBox router. The web UI of the router offers me a single place to see or manage:
- MAC address / ARP / NDP
- IPv4 port forwarding (DNAT)
- IPv6 port opening, automagically working when my ISP changes my prefix. As far as I understand this is done by using IPv6 interface ID.
- IPv4 address
- All IPv6 addresses, GUA, ULA, LL
- WiFi connection parameters (signal, throughput, which AP), although it seems there's no history
- Wake on Lan when when inbound traffic is detected.

At work I have Meraki WiFi with tens of APs in a 6-floor building. The single most useful feature of Meraki is a single point to see client's WiFi connectivity:
- Roaming history
- Signal history
- I think I've seen client bandwidth graph, not 100% sure though and I can't access it right now to check.

Those are the features I'd love to see in Mikrotik. Have a single menu for clients, connected over WiFi or LAN. Each client is one MAC address known to WiFi, bridge, ARP or NDP. I want to give this client a description. `/client/print` would print default columns: description, MAC address, IPv4 addresses, IPv6 addresses, CAPsMAN interface the client is connected to, signal strength and wifi speed (when of WiFi) and used bandwidth. When accessed by UI (WebFig or Winbox) I could click on such client and in detailed windows there would be graphs: client bandwidth, wifi signal strength, wifi connection bandwidth. The WiFi graphs would get vertical lines (like grafana annotations) each time the client roams to another CAPsMAN. I don't think graphs need to be stored on flash, having live view might be enough. However having something like `/client/print X roaming-history` would be awesome, as a shortcut to filtered logs.

I expect firewall rules would not be as trivial to set as in my Fritzbox example above, because I don't want this interface to override the whole firewall. But maybe it would be enough for clients to auto generate and update address lists? Maybe that would be enough? I'm not 100% sure, I'm just thinking out loud here. Each client would get an address list named by the client name / description / id, and then I could just make a rule "allow inbound IPv6 to this client".

Please note: the features I'm proposing are useful (and present in other vendors' hardware) for *home* users.

> 4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.

I'm fine with using the current UI: console, WebFig, Winbox. In this order.
 
Naecken
just joined
Posts: 9
Joined: Tue Dec 05, 2023 11:11 pm

Re: Question to our users about controllers

Sun Sep 22, 2024 10:19 pm

1) b) is more acceptable.
2) b) or c), cloud is not a way, not every device is not opened to the internet
3) Devices should be possible to mass update, providing shortcut to the configuration (direct changes or access to terminal/winbox/webbox), capability to create configuration templates, mass configuration, graph logging (cpu, memory, interfaces or custom),device log agregation, notifications, network maps...
4) Web service is more acceptable, because you can access it anytime and anywhere. As ISP, I love simplicity of Dude (network maps, tools in few clicks), accessibility of mass configuration in Aircontrol, carefree update system of UISP, customization and power of Zabbix.

These days, everybody loves dashboards, data agregation, tables... I think, topic is not how it should work, but what is your customer/target market. Do you want to provide this tool mainly to the SOHO market (few diveces) or ICT administrators (dozen of sites and devices) or to the ISPs (thousand of routers and CPEs)?
 
KillerOPS
Member Candidate
Member Candidate
Posts: 152
Joined: Sat Oct 31, 2009 9:27 pm

Re: Question to our users about controllers

Sun Sep 22, 2024 11:27 pm

Oh, I almost forgot: please give us a unitary and easy way of setting switch ports across all 1xx/2xx/3xx/5xx
1) as a trunk port, with vlan x,y,z
2) as an acces port, with vlan X

I know several techs who just uses different switches than yours just because of this.
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 26897
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: Question to our users about controllers

Mon Sep 23, 2024 8:33 am

========== NEW QUESTION ==========

Thank you all for input. New question. What specific features would you like to provision in these controller type of setups. What is your #1 use case, which config is most often needed to apply "en masse" or to multiple devices?

P.S: it seems nearly all of your wishes can already be accomplished by The Dude. It has groups and mass upgrade and runs on a router. So why not Dude until now?
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1501
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Question to our users about controllers

Mon Sep 23, 2024 8:46 am

Honestly, I'm running dude and for my use case is great. Only thing I would like is mobile app and little UI modernisation. For me, its much more useful than MikroWizard.

As someone suggested already, just modernize dude.
 
eddieb
Member
Member
Posts: 353
Joined: Thu Aug 28, 2014 10:53 am
Location: Netherlands

Re: Question to our users about controllers

Mon Sep 23, 2024 9:20 am

I am running dude for a couple of years and that does a lot of the things I need.
Except the wifi stuff ...
some capsman integration and wifi monitoring would be great
Of course we are all waiting on a new dude client, just like the new winbox, so I can finally ditch wine/crossover.
Some additional upgrades to dude would be nice too
 
olivier2831
Member
Member
Posts: 312
Joined: Fri Sep 08, 2017 6:53 pm

Re: Question to our users about controllers

Mon Sep 23, 2024 10:03 am

I would highly appreciate an improved Ansible compliance.
I don't know much about Ansible internals but maybe, simply enabling python3 on RouterOS would be enough to get Ansible compliance.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1501
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Question to our users about controllers

Mon Sep 23, 2024 12:07 pm

@normis

If Mikrotik has alpha or beta version i'm sure a lot of us would be interested in testing :D
 
gtj0
just joined
Posts: 15
Joined: Wed Sep 23, 2020 8:08 pm

Re: Question to our users about controllers

Mon Sep 23, 2024 4:01 pm

1) Are you interested in a central controller for MikroTik devices? If yes:
YES! It should manage all configuration settings

2) How would you like to run it?
b) Self hosted server on X86 (*NIX) Yes. Docker is fine but x86 and ARM builds

3) What features would you like to see mostly?
Most stuff already mentioned.

4) How do you imagine this service would look?
The UI MUST be web based. No thick clients. A good place to start might be a hosted WebFig that gives you SSO to all devices. I'd kill for that. Then expand to all the other stuff like...
[*] Mass upgrades with a customizable device sequence so you can upgrade devices in a specific order.
[*] Same for configuration updates, clone device, individual settings, backup and restore device, edit offline config then push, etc.
[*] Monitoring and performance overviews, Maybe a list of devices with configurable columns where you can select specific parameters to monitor including selecting specific parameters on specific interfaces to monitor.
[*] Grouping devices by user-assignable labels
 
bergonz
just joined
Posts: 16
Joined: Fri Oct 16, 2015 3:01 pm

Re: Question to our users about controllers

Tue Sep 24, 2024 11:21 am

> 1) Are you interested in a central controller for MikroTik devices?

Yes, for wifi, and the main reason for us is tunneling traffic. We have APs in the WAN and now we tunnel wifi traffic through EoIP. I understand that the old capsman could tunnel traffic but the new one does not. We actually bought two CHRs for this reason, but we discovered that with the newest APs capsman with tunneling is not straightforward, and are still runing a pair of Linux VMs with a Linux EoIP implementation.

A second reason, still quite important, is what other vendors call Radio Resource Management, i.e. having the APs adjust their frequency and power based on scan results and on how they see each other, for dense deployments. This of course can be done manually, but I guess that a controller programmed by Mikrotik could do it much better than me, and could do it periodically to adapt to changing environment.

Whenever people ask me what are the important differences between mikrotik wifi and top-right Gartner quadrant vendors (and their price tag, of course), this is what I can tell, that actually impact the service and the user experience. Configuration deployment, software upgrades, are useful but they are something I can automate, arrange, workaround, keep away from user experience.

> a) do you need it for wireless settings only (like a centralised capsman)
> b) or you are interested to manage all configuration of these MikroTik devices

Both useful, but not a game changer for us. Anyway a) is better for me than b) because I am somewhat more used to it.

> 2) How would you like to run it?
> a) "Cloud solution" hosted by MikroTik?
> b) Self hosted server on X86 (*NIX)
> b) Self hosted server as package on a powerful MikroTik router

In our environment best would be a VM like CHR. We are not as security sensitive as military, banks, etc. but anyway I believe that a hosted solution would probably be discarded.

> 3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.

As I said, 1) tunneling of wifi traffic 2) radio resource management. Then: 3) provisioning (pull the new AP from the factory box, plug it where DHCP is present with appropriate configuration, see it appear in the controller), 4) configuration, software upgrade.

Monitoring is very important for us, but it is perfectly OK to monitor the AP via its onboard SNMP, as long as the counters are actually present... now in the new APs we are badly missing the counter of connected clients.

> 4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.

CLI and web are both ok to us, I am a CLI guy and I like to script, copy-paste, commit it in SVN every day, etc. but I can live with a web interface.

Please no more windows executables if possible.

Thank you very much for you interest in our opinion.

Regards,
Bergonz
 
dot02
Member Candidate
Member Candidate
Posts: 132
Joined: Tue Jun 15, 2021 1:23 am

Re: Question to our users about controllers

Tue Sep 24, 2024 12:05 pm

1) yes, (a) would be very convenient, [(b) nice to have, but not mandatory for me]
2) (c) Self-hosted server as package on a powerful MikroTik router would fit me best, (b) Self-hosted on x86 is a close second choice. Cloud (a) is a no-go for me, but I can imagine that some users would appreciate it.
3) package repo for all devices, SCHEDULED mass upgrade (no auto-upgrade), config backup & restore, out-of-the-box initial provisioning, Wifi Controller features (SSIDs, clients, Radios, channels...)
4) if it's embedded on a MT device, I'd like it to be sleek and functional (saves CPU and RAM). If it's on x86, a fancy dashboard would be nice.

cheers

Denis
 
kleshki
Member Candidate
Member Candidate
Posts: 285
Joined: Tue Mar 10, 2020 6:37 am

Re: Question to our users about controllers

Tue Sep 24, 2024 10:42 pm

1. b
2. b and b (which seems to be "c"). Either CHR package or docker container. Would be nice to see native Windows service, not just *nix, since I use MikroTiks in Windows environments much.
3.
-Active Directory integration for service itself (to split device configuration/monitoring permissions per AD-group) - would be nice and not so hard to implement
-Clustering setup for devices (CAPsMAN, VRRP, MLAG, working conntrack sync and so on)
-Config provision
-Maybe some kind of simple PtP tunnels establishment between devices. Would be nice to have it with Wireguard (i.e. auto key-exchange from interfaces, peer creation and address assign on both devices).
-Centralized routing management: monitor routes between devices, maybe some OSPF-provision, very connected with previous easy-PtP
-Per-group updates (similar to windows update server) - so you can set which devices/device groups use which firmware and whether they should upgrade or not and schedule it to a downtime
4. I feel both. Some sort of service defo should be dedicated from router devices themselves, has it's own DB and so on which is hardly usable with just USB. But can still provide some management interface web-ish style. I feel like you can create an opportunity to allow anyone create their own management environment when all ROS7 devices already has REST working nice and maybe implement WebSocket further so you don't have to long-poll things to monitor.
========== NEW QUESTION ==========
Mostly some management and security stuff at start - new user and remove default, management vlan, NTP, RADIUS client for login, IP/MAC services disable, Neighbor Discovery adjust/disable, basic firewall rules to restrict access for further config, download certificates. Then it depends per device - for APs enable CAPsMAN and bridge interfaces and my AP is already pretty configured at this point.
 
JustAnAccount
just joined
Posts: 12
Joined: Mon Jun 20, 2022 4:02 pm

Re: Question to our users about controllers

Wed Sep 25, 2024 1:49 pm

1) Yes for everything
2) Ideally multiple options like other vendors do. In the cloud, self hosted on MT device router/controller, self hosted on Server
3) Auto upgrade, configuration, monitoring, provisioning. Nice layout and integration like unifi has.
4) brand new web ui
 
ksteink
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Thu Mar 31, 2016 6:54 pm

Re: Question to our users about controllers

Wed Sep 25, 2024 4:59 pm

I know we had a similar topic a while ago, but here there are some more specific questions. This is just to gather ideas and general opinions.
Please don't just answer "yes, give us everything". It is more about what you would actually use, what you actually need.
1) Are you interested in a central controller for MikroTik devices? If yes: 
   a) do you need it for wireless settings only (like a centralised capsman)
   b) or you are interested to manage all configuration of these MikroTik devices 
2) How would you like to run it? 
   a) "Cloud solution" hosted by MikroTik? 
   b) Self hosted server on X86 (*NIX)
   b) Self hosted server as package on a powerful MikroTik router
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.

Let me provide my feedback:

1) Are you interested in a central controller for MikroTik devices? If yes:

--> YES!!

a) do you need it for wireless settings only (like a centralised capsman)

--> NO!!! I want to manage multiple devices end-to-end.

b) or you are interested to manage all configuration of these MikroTik devices

--> YES!!!

2) How would you like to run it?
a) "Cloud solution" hosted by MikroTik?

--> Leave it as optional but it's not my main use case.

b) Self hosted server on X86 (*NIX)

--> YES!!! via Docker !

b) Self hosted server as package on a powerful MikroTik router

--> Not interested or fit my use cases.

3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.

--> See the list of the features:

- Mass auto-upgrade and downgrade
- configuration management from a central console (SDN)
- Zero touch provisioning: I like to dispatch a device with default configuration and be able to remotely provision it with no human intervention if possible.
- Enable VPNs site to site from a single click or simple wizard. That includes enable SD-WAN overlays and do application steering.
- Network topology maps (Layer 2 and Layer 3)
- Device physical ports overview
- Applications traffic overview (NBAR or Netflow)
- Web Management with the option to jump to the specific console of the target Mikrotik.
- Have configuration templates (provided by Mikrotik and be able to add my own)
- Analytics and AI Built-in for self-healing capabilities.
- Modern UI and easy to use without loosing all the power of configuration flexibility that Mikrotik has!


4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc

- Completely New!!!. Honestly I am not big fan of CAPsMAN interfaces. They do work but they are zero user and eye friendly.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4286
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Question to our users about controllers

Thu Sep 26, 2024 4:44 am

P.S: it seems nearly all of your wishes can already be accomplished by The Dude. It has groups and mass upgrade and runs on a router. So why not Dude until now?
I'll add that Dude's mass upgrade still works, docs are here:
https://wiki.mikrotik.com/wiki/Upgradin ... _with_Dude
with an addendum: current Dude client does NOT do file upload - so you need to add upgrade package to Dude's file directory using using WinBox (or SCP/SMB) but rest of docs still applies.

And to install Dude, just add it like any other extra-package to RouterOS (* on >16MB flash device, except MIPSBE) - some kinda disk/ROSE is needed for files/database, but Dude does not usemuch per device... so a USB stick could be fine for testing/home.
EnableDudeWinbox4.png
You do need the 32-bit Dude client to do any monitoring/alerting and most things. While limited, WinBox3/4 does support showing the Dude "Devices" view in WinBox3/4 half-solves the "device view" / "friendly names" problem (and storing all the relevant/multiple MAC/IP/DNS for a deivce). "Devices" list supports non-RouterOS things, and even clients which can be "auto-discovered" with setup in the Dude client. The "MAC Mapping" also does work, and sometimes handy.
DudeDevicesInWinbox4.png

One suggestion for WinBox4 is add the "Upgrade" and "Force Upgrade" to WinBox4's Dude > Device list as an right-click/context or "Action" - that kick off the Dude upgrade request, same as if you were using the Dude client. That would avoid needing the Dude client, if all that's needed is "mass upgrade"... since it's Dude server running on RouterOS that initiates the upgrade (AFAIK) & WinBox can add a Dude Device already.
You do not have the required permissions to view the files attached to this post.
 
User avatar
pmh
just joined
Posts: 7
Joined: Thu Mar 28, 2024 3:58 pm
Location: Karlsruhe, Germany
Contact:

Re: Question to our users about controllers

Thu Sep 26, 2024 7:32 pm

Hi all,
1) Are you interested in a central controller for MikroTik devices? If yes:
a) do you need it for wireless settings only (like a centralised capsman)
b) or you are interested to manage all configuration of these MikroTik devices
All configuration and management.
2) How would you like to run it?
a) "Cloud solution" hosted by MikroTik?
b) Self hosted server on X86 (*NIX)
b) Self hosted server as package on a powerful MikroTik router
Self hosted on server. In a perfect world there would be e.g. a Java application deployable on some Java runtime container like Tomcat or JBoss, so I could run it on FreeBSD, but I am perfectly fine with an apt repository for Debian/Ubuntu or a Docker Compose file.
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
All of these? ;) Global management of VLANs and SSIDs, port management for switches. Bridge, LACP, all aspects of layer 2 ... II run Mikrotik for layer 2, only.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.[/code]
No proprietary client, give up the Windows look and feel. Modern web UI, 100% of the application running on the server, browser only.

Thanks for asking :)
Patrick
 
mp3turbo
newbie
Posts: 30
Joined: Fri May 29, 2009 9:24 pm

Re: Question to our users about controllers

Fri Sep 27, 2024 9:54 pm

>> 1) Are you interested in a central controller for MikroTik devices?

sure. Interested in Option B) = "to manage all configuration of these MikroTik devices". It would be perfect if you can mark a number of devices and push some configuration to them (instead of having to SSH into each of them, enter the same command, quit, yes I know scripting exists).


>> 2) How would you like to run it?

definitely not any form of Cloud solution. Surprisingly, there still are people/corporations that value their data, don't like to expose anything they have...
Self hosted server on X86 would be nice. Linux/Windows pre-configured pre-installed appliances, distributed in major formats (OVA...)

Could also be a self hosted server as package on a powerful MikroTik router, but everyone has x86 virtualization under his hands for a decade. Easy to back up, easy to move, easy to... anything.



>> 3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.

this could be extension/blend to Dude. Mass upgrades definitely. Take inspiration from other vendors, and don't look at Ubnt - what about Cambium, for example ? Look what their system does.



I would love to see it named "Mikrotik Armada" . Don't know why. Let me make this a free suggestion ; if you decide to use the name, I don't want any money for it. No copyright, nothing.
 
kleshki
Member Candidate
Member Candidate
Posts: 285
Joined: Tue Mar 10, 2020 6:37 am

Re: Question to our users about controllers

Sat Sep 28, 2024 4:00 pm

a Java application deployable on some Java runtime container like Tomcat or JBoss
This should be a docker container or a self-contained app, not a java application. Unifi has its controller with java dependency and it's annoying af.
 
User avatar
spippan
Member
Member
Posts: 460
Joined: Wed Nov 12, 2014 1:00 pm

Re: Question to our users about controllers

Sun Sep 29, 2024 8:46 pm

========== NEW QUESTION ==========

Thank you all for input. New question. What specific features would you like to provision in these controller type of setups. What is your #1 use case, which config is most often needed to apply "en masse" or to multiple devices?

P.S: it seems nearly all of your wishes can already be accomplished by The Dude. It has groups and mass upgrade and runs on a router. So why not Dude until now?
- config archiving and versioning
- mass changes which mostly would come up are like VLAN and firewall changes (especially identical firewall changes on VRRP systems)

dude is not available as a (linux) standalone package as e.g. unifi-ctrl is and is a bit of seamingly unorganized in todays standards i'd say
 
Dataaja95
just joined
Posts: 15
Joined: Fri Nov 10, 2023 6:36 pm

Re: Question to our users about controllers

Mon Sep 30, 2024 1:04 pm

1, definitely, this would simplify the management of complex networks and configurations
2, docker or another linux container solution, for straightforward installation you could offer a virtual machine as an .ova image, then it could run easily in proxmox or another virtualization environment
3, configuration management of the entire ros with templates, similar to capsman, but combined with the management of the entire routeros, in addition, network monitoring and data transmission to e.g. zabbix or other monitoring solutions, centralized updating of routerOS versions
4, the user interface should not be a web interface, but I think a working command line would be enough, of course in the future this could be integrated into winbox if the user wants it
 
nexx
just joined
Posts: 1
Joined: Wed Sep 04, 2024 4:37 pm

Re: Question to our users about controllers

Tue Oct 08, 2024 10:49 am

Hi,

1) Yes absolutly (I'm currently managing devices with scripts and remote python app)
b) a cenralized capsman is nice (as Ubiquiti networks provide) but my first use would be for non wireless devices
2) How would you like to run it?
b or c) Self hosted solution for me is better with a preference with the C option
3)
upgrade firmware (and routerboard firmware) to selected device
remote device configurations versioning, exports, backups
configuration templates
centralized firewall address Lists that could be pushed to remote device with a sync mechanism to maintain lists identical to multiple devices
centralized firewall rules that could be pushed to remote device with a sync mechanism to maintain them identical to multiple devices
topology maps (L2 and L3)
physical ports overview
vlan ports overview

4) In a first time CAPSMAn like would be ok
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4286
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Question to our users about controllers

Tue Oct 08, 2024 3:38 pm

@normis asked a 2nd question here...
========== NEW QUESTION ==========
Thank you all for input. New question. What specific features would you like to provision in these controller type of setups. What is your #1 use case, which config is most often needed to apply "en masse" or to multiple devices?
Good question — really boxing us in here. Given Dude+CAPsMAN largely just need new UI, it's config management where Mikrotik tools really leave you hanging.

If I had to pick one... it actually /system/script that most often need updating. With that, any other config changes would be possible.

But pushing templated entire config was more what I was expected in the controller (with graceful fallback to old config if failed) – basically some lightweight built-in TR-069-like scheme without XML.
 
jaxed7
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Wed May 17, 2023 11:15 pm

Re: Question to our users about controllers

Wed Oct 09, 2024 7:38 am

1) Are you interested in a central controller for MikroTik devices? If yes:

I want to be able to manage all configurations of different MikroTik devices including x86 and CHR and be able to see general data on a dashboard to have it always open and monitor various parameters. (Maybe you can implement Grafana in your controller dashboard/user interface so you won't have to reinvent the wheel). Like:

https://grafana.com/grafana/dashboards/ ... onitoring/
https://github.com/IgorKha/Grafana-Mikrotik
https://grafana.com/grafana/dashboards/ ... -exporter/
https://github.com/M0r13n/mikrotik_monitoring

2) How would you like to run it?

Of course, a self-hosted server on X86 (Please make it open source)

3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.

One of the most time-consuming tasks while troubleshooting or updating the configuration of multiple routers is that you have to use Winbox to go back and forth or use scripts (However, each router might need only part of the change of the other one or its own unique one). I want to have something like the following whether with Winbox windows or more like the following picture and solely text-based where I can drag and drop and change things on the fly. For example, I drag a firewall filter rule from router A and want to add it to routers B, C, and F which I already have open in Config Editor or Config Magician (You can name it that). While dragging, I hold down Ctrl+A and when I drop it, it will add it to all of them. Or if I want to add it to only B and D, I'll open those two alongside router A and then when I drag the config line and press down Ctrl+A, it'll add it to those two. If I want to add such a line to only router B while router D or other routers are open in the editor, I'll simply drag and drop it on the desired router box.

Ideally, I want Config Magician to have a compare option where I can open multiple routers in it and it'll compare their configurations and show me their differences as follows:

Address-list box/vault would be crucial as well since I want to have a single address-list synced between multiple routers (maybe not in real-time - even a 24h interval is fine for me (adjustable sync time can be nice)) and such address-lists can have up to hundreds of thousands of static addresses. Since currently RouterOS doesn't support individual address-list exporting, every time I want to sync them I have to export all address-lists and then edit the .rsc file and manually remove the unwanted address-lists and then upload the file to routers I want them to sync and remove the outdated address-list from them manually (by Ctrl+A and deleting them, and since they are so enormous in numbers, Winbox crashes multiple times during this process) and then import the address-list.

Image

Logging base to be able to see all the routers' logs (specific number or color to differentiate each router's log) and be able to search and view through all of them, ideally be able to store logs via the controller on a separate path/storage.

4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, modern web-based UI etc.

You guys showed with the new Winbox and new WebFig design that you are all well-capable of designing modern-looking nice GUIs, so why not one more time build something nice that is self-hostable and open-source and can be Docker-based and easily opened in our browsers to show us its different sections which are Config Magician / Monitoring / Dashboard (Overall overview) / Logging base / etc.
 
Edified
newbie
Posts: 38
Joined: Thu Sep 16, 2010 9:02 am

Re: Question to our users about controllers

Thu Oct 10, 2024 6:20 pm

Docker Please (Ideally provided with a Compose/Portainer friendly docker compose template)

I would love to config management arrive as a versioned config script with diff support. So every time a config made (Save/Apply) is changed, it just commits a version. That way we can see/compare the whole history of changes. There should be a commit log with commit comments that automatically includes the author/time and optionally a comment.

Imagine config scripts in git (or just literally do that and then build whatever web GUI you want for editing, provisioning etc.).

Stats should be chartable, so everywhere there's a number there should be the option to chart it as a time series but no need to chart everything (keep it lean). Values can update slowly but there should be an inspector view with realtime (1Hz) data from the inspected subsystem- this model allows for scalability.

There should be a realtime log with category filters. If I unplug a particular port, I'd like to see that at the controller level within 5s.

Stats should allow for grouping/culling to lower time-resolution using any or all of min/max/average. For instance say we're looking at a port's Rx bps at 1Hz, but after 1h, we only want to keep 1m resolution we can look at max() to see the max 1s in that minute. This is more interesting than avg() since it preserves the peaks and we can see things like if we're maxing out our ISP provided bandwidth. There are timeseries DBs that have these functions built-in or it can be done with very simple scripts.
 
teslasystems
just joined
Posts: 21
Joined: Sun Aug 09, 2015 3:00 pm

Re: Question to our users about controllers

Thu Oct 17, 2024 10:16 pm

P.S: it seems nearly all of your wishes can already be accomplished by The Dude. It has groups and mass upgrade and runs on a router. So why not Dude until now?
The Dude is a good monitoring and management tool. Why not just improve it and add new features to it? Why no any work conducted to improve and support it? You don't even fix the bugs, though there are lots of them. In response to bug reports related to Dude, you always say like "We will look into it when we will be working on the Dude client...". And it is the only answer for many-many years. What is the problem with it?
 
fifrak
just joined
Posts: 22
Joined: Sun Jan 31, 2021 2:27 pm
Location: Poland

Re: Question to our users about controllers

Mon Oct 21, 2024 1:11 pm

1) Are you interested in a central controller for MikroTik devices? If yes:
a) do you need it for wireless settings only (like a centralised capsman)
b) or you are interested to manage all configuration of these MikroTik devices
B - Management all of the MIKROTIK devices and its configuration in network will be perfect!
2) How would you like to run it?
a) "Cloud solution" hosted by MikroTik?
b) Self hosted server on X86 (*NIX)
b) Self hosted server as package on a powerful MikroTik router
Option A or B - as powerfull MIKROTIK router. Not everyone has extra selfhoster server, but if it will run like home assistant on RPi, why not ;)
Or make it as separate small PoE device, which will connect to the current network.
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
I would like to have possibility of completely configuration of each MT device, from one place, that I don't have to jump from device to device in Winbox for instance. Also it will be nice to have something, like copy paste configuration from one AP, to another one, just assigning it different ID/Identity.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
I never had a possibility to configure and work with Unify devices, but as I saw some materials in internet, or config training on YT, I must say that I love their GUI, doesn't matter is it page, or special app, like Winbox, but what I really like that is just on first screen some nice graphs about traffic, firewall, active users, so do devices, really nice thing is network map also.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4286
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Question to our users about controllers

Mon Oct 21, 2024 7:30 pm

P.S: it seems nearly all of your wishes can already be accomplished by The Dude
Why not just improve it [...]
i.e. @fifrak #4 answer, some "dashboard" could be relatively simply: i.e. using The Dude's existing device discovery on the defconf LAN 192.168.88.1/whatever, combined with new feature in winbox4 to actually render the The Dude's map SVG maps produced by existing Dude auto-discovery. Skipping the 32-bit Dude app part. Not UBNT, but some be dashboard by default.
 
patrlind
just joined
Posts: 15
Joined: Mon Oct 19, 2020 11:48 am

Re: Question to our users about controllers

Thu Oct 31, 2024 12:42 pm

1. Yes, I'm interested in a central controller. I would use it for managing updates, network wide settings and network wide monitoring. A centralized capsman would fall under that umbrella.

2. I would run it as a self hosted server on either my VM platform or as part of a central powerful MikroTik router. I would not like to run it in the public cloid or in a MikroTik cloud.

3. The following features is what I would like:
Automatic handling of updates (firmware and ROS). Either fully automatic (nightly) or at least so I can manually select a version to update/downgrade a selected number of routers to. I would also like to be able to create groups of routers to act on.
For configuration, anything system wide. Such as wireless APs (capsman/multiple capsmans). But actually not much. Easy way to log in to a specific router though.
For monitoring I would like a system wide overview where I can see active ports, VLAN assignments, VLAN names, routes, etc. Perhaps a way to follow a traffic flow (some kind of global packet capture/Torch function).

4. I would like for it to be a totally new thing. Perhaps a web UI / backend API server combo that can talk to all MikrotTik devices. Perhaps the MikroTik devices can connect to this central API and keep a connection to it at all times. Some kind of mutual TLS certificates would probably be needed for security.
 
User avatar
ksx4system
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Sat Nov 13, 2010 7:08 pm
Location: Poland
Contact:

Re: Question to our users about controllers

Mon Nov 11, 2024 12:10 am

1) Yes I do, it would be nice to manage all devices (routers, switches, APs) on a per-site basis using a non-cloud solution.

2) Yes I do but only if it's a local, non-cloud solution that could be deployed either on a MikroTik box or FreeBSD, NetBSD or in worst case scenario GNU/Linux server (preferably with both options supported).

3) I'd love to be able to deploy devices via user created templates (and possibly mass change settings on boxes deployed that way).

4) Both WebUI and CLI interfaces should be available. If there is any interaction possible from WinBox it has to be backported to 3.x version family (version 4 is useless).
 
Johann1525
just joined
Posts: 2
Joined: Fri Oct 27, 2023 12:00 am

Re: Question to our users about controllers

Sat Nov 16, 2024 2:51 am

Hi,

i do not want to repeat all the good Ideas. So i just wanted to add how i would like a controller to look:
It should be secure by design. For this i wish to see protocols like OIDC,Webauthn etc. for authentication. Any local management on the devices should be disabled. Except for a emergency ssh login with for example key authentication.
Also for audits i'd like to see who did what <= could be a log facility like already in routeros but logging the actions which only appear on the controller. like changing some templates which might not necessarily result in a config change on the routers. Or changing IDP provider.

Interface: I know a lot of the folks like their native clients. And i love Winbox too. But in this case i vote for a good Web interface. :) I do not think a CLI on a controller makes a ton of sense. I'd rather want to see some kind of API.

For the question what is the most urgent config i would like to manage centrally:
- firewall aliases (maybe even with some api. so i can feed it with external data)
- VLANs
- scripts (maybe directly with git integration)
- config backups and versioning

In my imagination a first controller could look more like a git with web text editor where routers can be adopted to get their config. So even with a minimal first version you could manage the whole feature set of any adopted device. Then add functionality as you go. Build a GUI for Wifi management then a GUI for firewall rules, centralized vpn management. And so on...

Take your time do it well. I love the idea of a controller to selfhost on some vm. +1

And thank you very much for asking the community. +1
 
hooyao
newbie
Posts: 44
Joined: Mon Feb 20, 2017 6:11 pm

Re: Question to our users about controllers

Sat Nov 16, 2024 11:16 am

I recently switched from MikroTik switches and routers to UniFi for my home network, primarily because UniFi offers a centralized controller. Setting up VLANs with MikroTik took me three days and multiple device resets. In contrast, configuring the same VLAN with UniFi only took me five minutes.
 
esaym
just joined
Posts: 8
Joined: Thu Feb 23, 2017 5:44 am

Re: Question to our users about controllers

Thu Nov 21, 2024 4:20 pm

Personally, I am happy with mikrotik as of right now. I am a home user with a few access points. I go with mikrotik specifically because a "controller" setup is not forced on us like so many other manufacturers. So what ever the outcome, please don't take the ability to be fully standalone and controller-less away from us!
 
User avatar
dlynes
newbie
Posts: 41
Joined: Tue Apr 12, 2016 9:08 pm
Location: Hamilton, Canada
Contact:

Re: Question to our users about controllers

Fri Nov 22, 2024 5:06 am

I know we had a similar topic a while ago, but here there are some more specific questions. This is just to gather ideas and general opinions.
Please don't just answer "yes, give us everything". It is more about what you would actually use, what you actually need.
1) Are you interested in a central controller for MikroTik devices? If yes: 
   a) do you need it for wireless settings only (like a centralised capsman)
   
  This already exists; you can use CAPSMAN or CAPSMAN v2 on a server in the cloud and have the remote wireless devices access that as a remote CAPSMAN.
   
   b) or you are interested to manage all configuration of these MikroTik devices 
   
  Yes
   
2) How would you like to run it? 
   a) "Cloud solution" hosted by MikroTik? 
   
   Yes
   
   b) Self hosted server on X86 (*NIX)
   
   Yes
   
   b) Self hosted server as package on a powerful MikroTik router
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.

Mass auto-upgrade (but allow us to do a staged rollout), configuration/provisioning, if you're offering monitoring it's only useful if it's better than TheDude, sflow/openflow management and graphing, ...

4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
Something similar to the GUI that existed for Aerohive access points when they were still a thing.
 
chatmo
just joined
Posts: 1
Joined: Wed Aug 09, 2023 1:29 pm

Re: Question to our users about controllers

Sun Dec 01, 2024 6:09 pm

1) interested to manage and monitor all configuration of these MikroTik devices
2) Self hosted server on X86 similar to CHR eg HyperV image or Windows service
3) Monitering / dashboard, and maintaince eg. mass auto-upgrade, configuration, provisioning,
4) A service than accepts incomming connections from RouterOS instances to be mangede on port Y (MT Private protocol), and Port X for webbrowser access (HTTP or HTTPS) for web dashboard.
the MT private protocol need to be simpel/harddened enough to be used over WAN. Its important that the connection is initalized from the manged devices to the controler (Devices behind CGNAT)
 
Scorcerer
just joined
Posts: 3
Joined: Tue Nov 22, 2022 11:23 am
Location: Poland

Re: Question to our users about controllers

Sat Dec 07, 2024 10:43 pm

I know we had a similar topic a while ago, but here there are some more specific questions. This is just to gather ideas and general opinions.
Please don't just answer "yes, give us everything". It is more about what you would actually use, what you actually need.
1) Are you interested in a central controller for MikroTik devices? If yes: 
   a) do you need it for wireless settings only (like a centralised capsman)
   b) or you are interested to manage all configuration of these MikroTik devices
Definitely yes, lack of a management tool that would simplify managing of highly available sets of devices is a pain (one has to remember to do the same steps twice...)
2) How would you like to run it? 
   a) "Cloud solution" hosted by MikroTik? 
   b) Self hosted server on X86 (*NIX)
   b) Self hosted server as package on a powerful MikroTik router
Self hosted on x86 or whatever other platform would be available
3) What features would you like to see mostly? (mass auto-upgrade, configuration, provisioning, monitoring)? Please provide as much detail as possible.
An ability to have an uniform export and transaction-based import/replace of a subset of options.
4) How do you imagine this service would look? Similar to current CAPsMAN, based in RouterOS configuration, or something completely new, moden web based UI etc.
As there are a lot of standards for managing network devices (https://xkcd.com/927/) my suggestion is to KISS and use whatever is there already - ansible for those who can code, API for those who can use what someone else built. The major gripes I have with ROS at the moment are that it can't really do a proper, always-the-same export and that no transaction-based config change is possible. Let me explain:
1. I have 2 physically identical devices, but since I'm managing them via WinBox, the order of actions is sometimes different. If I do an /export now on both of them and DIFF the results, it'll be a bit different here and there (major offenders: DHCP leases, DNS static entries, IPSec policies, IP Firewall Address Lists). What I'd love to have is some internal magic that would ALWAYS sort the export by a predictable field (ID? number? name? anything!) so that the output can be compared to each other.
2. The transaction system would be very useful with a REPLACE function: your management tool of choice jumps in, starts REPLACE inside, let's say IP>Interfaces, and then after an explicit COMMIT, the configuration is fully replaced.
These 2 changes would already make tools like Ansible or Napalm go from "maybe it works for you" to "the platform is 99% supported" in no time flat. If it has to be a GUI tool, well, I believe that with such functionality as a base, any tool could be built as somebody sees fit.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4286
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: Question to our users about controllers

Sat Dec 07, 2024 11:11 pm

I know we had a similar topic a while ago, but here there are some more specific questions.
[...]
As there are a lot of standards for managing network devices (https://xkcd.com/927/) my suggestion is to KISS and use whatever is there already - ansible for those who can code, API for those who can use what someone else built. The major gripes I have with ROS at the moment are that it can't really do a proper, always-the-same export and that no transaction-based config change is possible. Let me explain:
1. I have 2 physically identical devices, but since I'm managing them via WinBox, the order of actions is sometimes different. If I do an /export now on both of them and DIFF the results, it'll be a bit different here and there (major offenders: DHCP leases, DNS static entries, IPSec policies, IP Firewall Address Lists). What I'd love to have is some internal magic that would ALWAYS sort the export by a predictable field (ID? number? name? anything!) so that the output can be compared to each other.
2. The transaction system would be very useful with a REPLACE function: your management tool of choice jumps in, starts REPLACE inside, let's say IP>Interfaces, and then after an explicit COMMIT, the configuration is fully replaced.
These 2 changes would already make tools like Ansible or Napalm go from "maybe it works for you" to "the platform is 99% supported" in no time flat. If it has to be a GUI tool, well, I believe that with such functionality as a base, any tool could be built as somebody sees fit.
100% spot on. This "transactions" topic was common in the older thread about the "new controller". IMO the above are more fundamentally needed, than worrying about UIs and packaging...

Without these concepts, I'm not sure how any controller could work... And what makes it difficult today is there are no primitives to "update" a config item (e.g. either do "add" or "set" as needed), or more formally, an idempotence config. The solution could be as simple as having an "update" operator that let you set the .id= field directly, rather than it be autogenerated by an "add".
 
User avatar
atomicduck
Member Candidate
Member Candidate
Posts: 254
Joined: Fri Oct 02, 2020 1:42 pm

Re: Question to our users about controllers

Wed Dec 11, 2024 11:24 am

I currently manage a network of approximately 250 MikroTik routers and access points. A cloud-based solution that allows the organization of devices by site, with status monitoring (online/offline and general performance), would be highly beneficial.

Remote upgrades are a key requirement, but mass upgrades should be carefully designed and implemented, both on the RouterOS devices themselves and the cloud solution. The upgrade process must include multiple checkpoints and execute sequentially, rather than in bulk. A major challenge with upgrades is the potential for failure, such as when power is lost or an error occurs during the process. Each step must be deliberate and methodical, as device failures—especially for remote units located 15 meters in the air—are costly and problematic. Currently, I perform upgrades rarely and on a per-device basis, including subsequent RouterBOARD upgrades, to minimize the risk of failure. Repairing failed APs often requires hiring lifting equipment, which is both time-consuming and expensive.

While The Dude works well for local management, it introduces significant configuration overhead, making it impractical for anything beyond local sites. As a result, I limit its usage to on-site deployments. (Meaning: it can be done, but it is very hard to do reliably.)

A RouterOS-based solution is unnecessary, as such functionality is already available in Dude.

Regarding the interface, it should prioritize delivering the maximum amount of information in a single visual layout—an "engineering approach" that emphasizes functionality and detail over minimalism.
 
bergonz
just joined
Posts: 16
Joined: Fri Oct 16, 2015 3:01 pm

Re: Question to our users about controllers

Wed Dec 11, 2024 12:25 pm

2. The transaction system would be very useful [....] after an explicit COMMIT, the configuration is fully replaced.
Yes, this is (maybe off-topic but) 100% true: "commit", and "commit confirmed <minutes/seconds>" for not cutting yourself out (a la Junos). I have devices that I would like to reconfigure but I cannot, even with safe mode, without physical access.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: Question to our users about controllers

Thu Dec 12, 2024 3:56 pm

If you want to make something truly beneficial, then a look at the concept of FortiManager would provide a good start.
If something like this would materialize even only in a form of VM images to host on site or in NOC, then it would be usable both for "on-premises" or remote management.

Who is online

Users browsing this forum: bschapendonk and 10 guests