Manual:Metarouter: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
 
(75 intermediate revisions by 6 users not shown)
Line 1: Line 1:
{{Versions|v3, v4}}
== Overview ==
== Overview ==


MetaRouter is a new feature in RouterOS 4.0 beta 1.
MetaRouter is a new feature in RouterOS 4.0 beta 1 and RouterOS v3.21


MetaRouter is used for the RB400 series boards to create
Currently MetaRouter can be used on
virtual routers.
* '''RB400''', '''RB700 series''' except models with SPI flash, '''RB900 series''' except models with SPI flash, '''RB2011''' boards
* Listed PPC boards: '''RB1000, RB1100, RB1100AH and RB800'''.


== Requirements ==  
== Requirements ==  


Each Metarouter instance uses just as much resources as a stand-alone RouterOS installation. This means you need a minimum of 16Mb of RAM for each machine, plus some for the main Router that hosts it. 16Mb is the absolute minimum - it is suggested to have more memory available per each Metarouter. There is no limit to how many Metarouter instances, only main machine system CPU and RAM. In the main machine, you can create up to 8 virtual interfaces that will be connected to the metarouters. Currently the only way to add more, is to use VLAN. Currently it is not possible to use external storage devices (Store) in the metarouter virtual devices.  
Each Metarouter instance uses the same amount of resources as a stand-alone RouterOS installation. It means that you need a minimum of 24MB of RAM for each RouterOS virtual machine plus memory for the MetaROUTER host itself. It is suggested to have more than 24MB memory available for each Metarouter. Upcoming RouterOS versions will have ability to run virtual machines with less than 16MB per machine.  


== Uses ==
{{ Note | ''It is possible to run other virtual machines with less than 24MB RAM per machine if the virtual operating system is OpenWRT. The 24MB limitation is only for virtual RouterOS installations.'' }}


The MetaRouter function is useful for allowing clients or lower-privilege users access to their own 'router' and config to configure as they like, without the need for a complete second router, or giving them access to the main router configuration.
Currently on one host you can create up to '''8 virtual machines''' and up to '''8 virtual interfaces'''.  Workaround to have more than 8 interfaces in total is to use VLANs. In future versions it will be possible to add up to 16 virtual machines.  


For example; a WISP can create a virtual router for the clients ethernet port allowing them to define their own firewall settings, while leaving the WISP's wireless settings untouched.
Also it is not possible to use external storage devices (Store) in the metarouter virtual devices.


== Commands ==
== Where it can be used? ==


The /metarouter menu gives the following:
The MetaRouter function is useful for allowing clients or lower-privilege users access to their own 'router' and config to configure as they like, without the need for a complete second router, or giving them access to the main router configuration.


* add - allows you to create a new virtual router
For example; a WISP can create a virtual router for the clients ethernet port allowing them to define their own firewall settings, while leaving the WISP's wireless settings untouched.
* print - lets you list any virtual routers
* enable - to enable a virtual router
* disable - to disable a virtual router
* console - lets you access the console of a virtual router
* interface - lets you make network interface mappings


== Creating a Metarouter==
== Creating a Metarouter==
Line 35: Line 33:
   0  mr0                  16MiB      0kiB          377kiB        running       
   0  mr0                  16MiB      0kiB          377kiB        running       


*'''name''': the name of the virtual router  
As you can see, creating virtual router is quite easy, you just have to specify name of the router, how much RAM will be allocated for it and disk size that will be used by virtual router. Explanations of all other properties are available in [[#Reference | reference manual]].
*'''memory-size''': amount of RAM allocated to the virtual router
 
*'''disk-size''': amount of HDD in '''kiB''' allocated to the virtual router (if '''0''', size is dynamic)
''Note: * be careful when using dynamic HDD size for metarouters, a proxy could fill up all your hosts storage!''
*'''used-disk''': currently used disk space
 
*'''state''': identifies if the metarouter is running or disabled
==== Example with no settings ====
 
If you will add a new metarouter without specifying any parameters, it will be added with Dynamic HDD size, and 16MiB of RAM:
 
[admin@RB_Meta] /metarouter> add name=mr1
[admin@RB_Meta] /metarouter> print
Flags: X - disabled
  #  NAME                MEMORY-SIZE DISK-SIZE    USED-DISK    STATE
  1  mr1                  16MiB      0kiB          3kiB          running
 
== OpenWRT as virtual machine ==
 
Starting from v3.24 and v4.0beta3 MetaROUTER has the ability to import custom built images. As an example we will show how to patch and use OpenWRT as the virtual machine.
 
=== Importing image ===
 
If you don't have any specific needs, you can import our prebuilt OpenWRT image, which is downloadable [http://www.mikrotik.com/download/metarouter/openwrt-mr-mips-rootfs.tgz MIPS image], [http://www.mikrotik.com/download/metarouter/openwrt-mr-ppc-rootfs.tgz PPC image]. Upload openwrt image to the router and import it by ''import-image'' command:
 
[admin@MikroTik] /metarouter> import-image file-name=openwrt-mr-mips-rootfs.tgz
  imported: 100%
 
[admin@MikroTik] /metarouter> print
Flags: X - disabled
#  NAME      MEMORY-SIZE DISK-SIZE    USED-DISK    STATE
0  mr1      16MiB      unlimited    7383kiB      running
 
As you can see OpenWRT is running, now you can start configuration process, which is explained in sections [[#Adding_Interfaces|below]].
 
=== Building your own OpenWRT image ===
 
If you are not satisfied with our prebuilt version of OpenWRT, then you can build and use your own image.
 
First step is to install ''svn'' and get the latest source code from openwrt.org
 
{{Note|Patch 1.2 was made against older kernel then in current trunk and some extra steps should be taken to apply it to OpenWRT. For example r29684 can be used without modifications}}
 
svn checkout -r 29684 svn://svn.openwrt.org/openwrt/trunk/
 
Now you have to patch downloaded source with our [http://www.mikrotik.com/download/metarouter/openwrt-metarouter-1.2.patch patch]
 
{{ Note| Patch v1.2 adds newer kernel support which makes it possible to compile with latest OpenWRT revisions. This patch also adds PowerPC support (ability to run OpenWRT image on RB1000 and RB1100).  }}
 
<pre>
cd trunk/
wget http://www.mikrotik.com/download/metarouter/openwrt-metarouter-1.2.patch
patch -p0 <openwrt-metarouter-1.2.patch
</pre>
 
When source is patched, you have to set up configuration options
 
make menuconfig
 
Go to Target System menu and choose ''Mikrotik MetaROUTER MIPS'' or ''Mikrotik MetaROUTER PowerPC'' from the list depending for which platform you are building the image.
 
[[image:snapshot2.png]]
 
Other options depends on what is your requirements (include for example IPv6 and ppp support or not), you can also stick with defaults.
 
 
If you see any error messages while trying to launch ''menuconfig'', like
 
Build dependency: Please install ncurses. (Missing libncurses.so or ncurses.h)
 
It means that required libraries are not installed, check the output and install all required libraries.
 
When you are done with build configuration, type
make
 
It will take a while to build everything so you can go and have a cup of tea.
 
After the build process is done, upload newly built image to the router and import it as described in [[#Importing_image|section above]].
 
 
{{Warning|On newer GCC versions you may be required to add this patch from OpenWRT [https://dev.openwrt.org/attachment/ticket/12005/stdio.patch]}}
 
For more options and build instructions look in [http://kamikaze.openwrt.org/docs/openwrt.html#x1-410002.1.1 OpenWRT's documentation]
 
== Adding Interfaces ==
 
First, you need to add a new interface to your virtual router. This is done in the interface menu.


== Interfaces ==
The interface command has the following options:
The interface command has the following options:
   [admin@MikroTik] /metarouter> interface add  
   [admin@MikroTik] /metarouter> interface add  
Line 47: Line 123:
   copy-from  dynamic-bridge  static-interface    vm-mac-address
   copy-from  dynamic-bridge  static-interface    vm-mac-address


To add an interface, and reboot the virtual router
Description of each option can be found in [[#Interface | reference manual]].
  [admin@MikroTik] /metarouter> interface add virtual-machine=mr0
 
  [admin@MikroTik] /metarouter> reboot 0
Let's add one interface:
 
[admin@MikroTik] /metarouter> interface add virtual-machine=mr1 type=dynamic


Once connected to its console using /metarouter console 0 you can see the new interface:
On the '''host''' physical router the interface appears as a virtual interface:
  [admin@mr0] > interface print
  Flags: D - dynamic, X - disabled, R - running, S - slave
  #    NAME                                              TYPE            MTU 
  0  R  ether1                                            ether            1500
On the host physical router the interface appears as a virtual interface:
   [admin@MikroTik] > /interface print  
   [admin@MikroTik] > /interface print  
   Flags: D - dynamic, X - disabled, R - running, S - slave  
   Flags: D - dynamic, X - disabled, R - running, S - slave  
Line 62: Line 135:
   8  R  ether9                                            ether            1500  
   8  R  ether9                                            ether            1500  
   9  R  test                                              bridge          1500  
   9  R  test                                              bridge          1500  
  10 DR  vif1                                              vif              1500  
  '''10 DR  vif1                                              vif              1500
Creating a bridge between the virtual interface and a physical interface allows traffic to pass.
'''
 
== Connecting to the virtual machine ==
 
To connect to your virtual machine, use the console command:
 
/metarouter console 0
 
You will see your newly added virtual interface here: 
 
[admin@mr0] > interface print
  Flags: D - dynamic, X - disabled, R - running, S - slave
  #    NAME                                              TYPE            MTU 
  0  R  ether1                                            ether            1500
 
To disconnect from the metarouter virtual machine console, hit '''CTRL + A''' and then '''Q''' to Quit back to your '''Host''' console (if you are using minicom, hit '''CTRL + A''' twice):
 
[admin@MikroTik] >
[Q - quit connection]      [B - send break]
[A - send Ctrl-A prefix]  [R - autoconfigure rate]
 
  Q
 
  Welcome back!
 
== Configuring a virtual network ==
 
Right now you saw that the virtual interface is visible in the '''Host''' ''Interfaces'' menu as ''vif1'' and also in the '''metarouter ''' ''interfaces'' menu as ''ether1''. You can add an IP address on both interfaces, and set up networking. Creating a bridge between the virtual interface and a physical interface allows traffic to pass.
 
== Configuration examples ==
 
=== Creating isolated Metarouter for client ===
 
This Example will show how to use Metarouter feature to create a isolated router on top of the WISP client site router. The setup for the example is shown on the diagram below:
 
1. Adding a Metarouter for client:
[admin@RouterGW] /metarouter> add name=client1 memory-size=32   
[admin@RouterGW] /metarouter> print
Flags: X - disabled
  #  NAME                            MEMORY-SIZE DISK-SIZE    USED-DISK    STATE       
  0  client1                        32MiB      0kiB          189kiB        running     
[admin@RouterGW] /metarouter>
 
2. Adding Metarouter Interfaces for the new created Metarouter:
 
[admin@RouterGW] /metarouter interface> add virtual-machine=client1
[admin@RouterGW] /metarouter interface> add virtual-machine=client1
[admin@RouterGW] /metarouter interface> print
Flags: X - disabled, A - active
  #  VIRTUAL-MACHINE                                            TYPE    VM-MAC-ADDRESS 
  0 A client1                                                    dynamic 02:49:E8:55:8E:E8
  1 A client1                                                    dynamic 02:16:16:90:EF:0E
[admin@RouterGW] /metarouter interface>
 
3. Creating a Bridge Interface for bridging metarouter interface together with ethernet interface where the client is physically connected:
 
[admin@RouterGW] /interface bridge> add       
[admin@RouterGW] /interface bridge> print
Flags: X - disabled, R - running
  0  R name="bridge1" mtu=1500 arp=enabled mac-address=00:00:00:00:00:00 protocol-mode=none
      priority=0x8000 auto-mac=yes admin-mac=00:00:00:00:00:00 max-message-age=20s
      forward-delay=15s transmit-hold-count=6 ageing-time=5m
[admin@RouterGW] /interface bridge port> add interface=ether2 bridge=bridge1
[admin@RouterGW] /interface bridge port> add interface=vif2 bridge=bridge1
[admin@RouterGW] /interface bridge port> print
Flags: X - disabled, I - inactive, D - dynamic
  #    INTERFACE                    BRIDGE                  PRIORITY PATH-COST  HORIZON 
  0    ether2                      bridge1                  0x80    10        none     
  1    vif2                        bridge1                  0x80    10        none     
 
4. Adding IP configuration for the new Metarouter interface which will be used for connecting between Metarouter and Metarouter Host system:
 
[admin@RouterGW] /ip address> add address=10.0.1.1/24 interface=vif1
[admin@RouterGW] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic
  #  ADDRESS            NETWORK        BROADCAST      INTERFACE                       
  0 D 10.5.8.68/24      10.5.8.0        10.5.8.255      ether1                           
  1  10.0.1.1/24        10.0.1.0        10.0.1.255      vif1                             
[admin@RouterGW] /ip address>
 
5. Connecting to Metarouter using the Console
 
[admin@RouterGW] /metarouter> console client1
[Ctrl-A is the prefix key]
Starting...
Starting services...
MikroTik 3.21
MikroTik Login: admin
Password:
[admin@MikroTik] > /sys identity set name=Client1
 
6. Configuring Metarouter to make it easy for client to understand the configuration:
 
[admin@Client1] /interface ethernet> p
Flags: X - disabled, R - running, S - slave
  #    NAME                                              MTU  MAC-ADDRESS      ARP     
  0 R  ether1                                            1500  02:49:E8:55:8E:E8 enabled 
  1 R  ether2                                            1500  02:16:16:90:EF:0E enabled 
[admin@Client1] /interface ethernet> set 0 name=public
[admin@Client1] /interface ethernet> set 1 name=local
[admin@Client1] /interface ethernet> print
Flags: X - disabled, R - running, S - slave
  #    NAME                                              MTU  MAC-ADDRESS      ARP     
  0 R  public                                            1500  02:49:E8:55:8E:E8 enabled 
  1 R  local                                            1500  02:16:16:90:EF:0E enabled 
[admin@Client1] /interface ethernet>
[admin@Client1] /ip address> add address=10.0.1.2/24 interfae=public
[admin@Client1] /ip address> add address=10.0.2.1/24 interface=local
[admin@Client1] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic
  #  ADDRESS            NETWORK        BROADCAST      INTERFACE                       
  0  10.0.1.2/24        10.0.1.0        10.0.1.255      public                           
  1  10.0.2.1/24        10.0.2.0        10.0.2.255      local
[admin@Client1] /ip route> add gateway=10.0.1.1
[admin@Client1] /ip route> print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
  #      DST-ADDRESS        PREF-SRC        G GATEWAY                  DISTANCE INTERFACE
  0 A S  0.0.0.0/0                          r 10.0.1.1                  1        public   
  1 ADC  10.0.1.0/24        10.0.1.2                                    0        public   
  2 ADC  10.0.2.0/24        10.0.2.1                                    0        local   
[admin@Client1] /ip route>
[admin@Client1] /ip firewall nat> add action=masquerade out-interface=public chain=srcnat
 
== Reference ==
 
 
=== General ===
 
<b>Sub-menu:</b> <code>/metarouter</code>
 
Menu specific commands:
<table class="styled_table">
<tr>
  <th width="40%">Property</th>
  <th >Description</th>
</tr>
<tr>
    <td><var><b>console</b></var> <code>(console <vm-id>)</code></td>
    <td>connect to specified virtual machine's console</td>
</tr>
<tr>
    <td><var><b>import-image</b></var> <code>(import-image file-name=<image-file>)</code></td>
    <td>import [[#OpenWRT_as_virtual_machine | custom built image]] (available starting from v3.24 and v4.0b3)</td>
</tr>
<tr>
    <td><var><b>reboot</b></var> <code>(reboot <vm-id>)</code></td>
    <td>reboot specified virtual machine</td>
</tr>
<tr>
    <td><var><b>shut-down</b></var> <code>(shut-down <vm-id>)</code></td>
    <td>shut down specified virtual machine</td>
</tr>
<tr>
    <td><var><b>start</b></var> <code>(start <vm-id>)</code></td>
    <td>boot up specified virtual machine</td>
</tr>
</table>
 
Configurable properties:
<table class="styled_table">
<tr>
  <th width="40%">Property</th>
  <th >Description</th>
</tr>
<tr>
    <td><var><b>disk-size</b></var> <code>(<em>unlimited|0..4294967295[kiB] </em>; Default: <b>unlimited</b>)</code></td>
    <td>Disk size that will be allocated by virtual router.</td>
</tr>
<tr>
    <td><var><b>memory-size</b></var> <code>(<em>16..256[MiB] </em>; Default: <b>16</b>)</code></td>
    <td>Amount of memory that will be allocated by virtual router.</td>
</tr>
<tr>
    <td><var><b>name</b></var> <code>(<em>string </em>;)</code></td>
    <td>Name of the virtual machine.</td>
</tr>
</table>
 
 
Read only properties:
<table class="styled_table">
<tr>
  <th width="40%">Property</th>
  <th >Description</th>
</tr>
<tr>
    <td><var><b>used-disk</b></var> <code>(<em>integer[kiB] </em>;)</code></td>
    <td>currently used disk space by virtual router.</td>
</tr>
<tr>
    <td><var><b>disk-reads</b></var> <code>(<em>integer</em>;)</code></td>
    <td>number of disk reads </td>
</tr>
<tr>
    <td><var><b>disk-writes</b></var> <code>(<em>integer</em>;)</code></td>
    <td>number of disk writes</td>
</tr>
<tr>
    <td><var><b>state</b></var> <code>(<em>booting|running|rebooting|shutting-down|stopped|disabled</em>;)</code></td>
    <td>current state of virtual machine</td>
</tr>
</table>
 
=== Interface ===
 
<b>Sub-menu:</b> <code>/metarouter interface</code>
 
Configurable properties:
<table class="styled_table">
<tr>
  <th width="40%">Property</th>
  <th >Description</th>
</tr>
<tr>
    <td><var><b>dynamic-bridge</b></var> <code>(<em>string</em>;)</code></td>
    <td>If set, '''dynamic''' interface will be automatically added as port to specified bridge interface.</td>
</tr>
<tr>
    <td><var><b>dynamic-mac-address</b></var> <code>(<em>mac</em>;)</code></td>
    <td>mac address of dynamically created interface</td>
</tr>
<tr>
    <td><var><b>static-interface</b></var> <code>(<em>none|name-of-iface</em>;)</code></td>
    <td>Assign physical interface on the router to '''static''' virtual interface. This binds physical interface of the host directly to the guest instance.</td>
</tr>
<tr>
    <td><var><b>type</b></var> <code>(<em>dynamic|static</em>;)</code></td>
    <td>Set if interface is either static or dynamic.
* ''dynamic'' interface will add virtual-ethernet automatically when virtual machine starts.
* ''static'' interface have to have created virtual-ethernet interface at the time of creation of the entry.
Dynamic interface names cannot be altered by the user. It is possible to add new virtual interface via '/interface virtual-ethernet' menu if custom name is desired</td>
</tr>
<tr>
    <td><var><b>virtual-machine</b></var> <code>(<em>string</em>;)</code></td>
    <td>specifies to which virtual machine this interface will be bound</td>
</tr>
<tr>
    <td><var><b>vm-mac-address</b></var> <code>(<em>mac</em>;)</code></td>
    <td>interface mac address that appears in VM</td>
</tr>
</table>
 
==Known Issues==
 
===MIPS-BE===
 
Issues and possible workarounds for MetaROUTER feature on RouterBOARDs with MIPS-BE architecture
 
====Random freezing====
 
Issue has been resolved in RouterOS 6.x
 
===PPC===
Issues and possible workarounds for MetaROUTER feature on RouterBOARDs with PPC architecture
 
====Not enough resources====
 
Only listed routers are affected: RB1100AH
 
When attempt is made to create MetaROUTER guest on the router error message is given that there is not enough resources on the router to create guest.
 
This problem is resolved in 5.12 and later RouterOS releases. If you are using a newer release and still encounter the problem on the router you have to reinstall the router using Netinstall tool.
 
RouterBOARD RB1100AHx2 reports similar message, but MetaROUTER feature is not currently supported on this router.
 
All other routers form this architecture that support MetaROUTER feature are not affected.
 
Other issues that do not fit the description most probably are caused by RouterOS misconfiguration and do not have a common denominator and have to be checked case by case.
 
 
 
 


[[Category:Manual]]
[[Category:Manual|Meta]]
[[Category:Virtualization]]
[[Category:Virtualization|Meta]]
[[Category:Unfinished]]
[[Category:Unfinished]]

Latest revision as of 12:16, 12 July 2019

Applies to RouterOS: v3, v4

Overview

MetaRouter is a new feature in RouterOS 4.0 beta 1 and RouterOS v3.21

Currently MetaRouter can be used on

  • RB400, RB700 series except models with SPI flash, RB900 series except models with SPI flash, RB2011 boards
  • Listed PPC boards: RB1000, RB1100, RB1100AH and RB800.

Requirements

Each Metarouter instance uses the same amount of resources as a stand-alone RouterOS installation. It means that you need a minimum of 24MB of RAM for each RouterOS virtual machine plus memory for the MetaROUTER host itself. It is suggested to have more than 24MB memory available for each Metarouter. Upcoming RouterOS versions will have ability to run virtual machines with less than 16MB per machine.

Note: It is possible to run other virtual machines with less than 24MB RAM per machine if the virtual operating system is OpenWRT. The 24MB limitation is only for virtual RouterOS installations.


Currently on one host you can create up to 8 virtual machines and up to 8 virtual interfaces. Workaround to have more than 8 interfaces in total is to use VLANs. In future versions it will be possible to add up to 16 virtual machines.

Also it is not possible to use external storage devices (Store) in the metarouter virtual devices.

Where it can be used?

The MetaRouter function is useful for allowing clients or lower-privilege users access to their own 'router' and config to configure as they like, without the need for a complete second router, or giving them access to the main router configuration.

For example; a WISP can create a virtual router for the clients ethernet port allowing them to define their own firewall settings, while leaving the WISP's wireless settings untouched.

Creating a Metarouter

 [admin@RB_Meta] /metarouter> add name=mr0 memory-size=32 disk-size=32000  disabled=no
 [admin@RB_Meta] /metarouter> print
 Flags: X - disabled 
 #   NAME                 MEMORY-SIZE DISK-SIZE     USED-DISK     STATE        
 0   mr0                  16MiB       0kiB          377kiB        running      

As you can see, creating virtual router is quite easy, you just have to specify name of the router, how much RAM will be allocated for it and disk size that will be used by virtual router. Explanations of all other properties are available in reference manual.

Note: * be careful when using dynamic HDD size for metarouters, a proxy could fill up all your hosts storage!

Example with no settings

If you will add a new metarouter without specifying any parameters, it will be added with Dynamic HDD size, and 16MiB of RAM:

[admin@RB_Meta] /metarouter> add name=mr1
[admin@RB_Meta] /metarouter> print
Flags: X - disabled
 #   NAME                 MEMORY-SIZE DISK-SIZE     USED-DISK     STATE
 1   mr1                  16MiB       0kiB          3kiB          running

OpenWRT as virtual machine

Starting from v3.24 and v4.0beta3 MetaROUTER has the ability to import custom built images. As an example we will show how to patch and use OpenWRT as the virtual machine.

Importing image

If you don't have any specific needs, you can import our prebuilt OpenWRT image, which is downloadable MIPS image, PPC image. Upload openwrt image to the router and import it by import-image command:

[admin@MikroTik] /metarouter> import-image file-name=openwrt-mr-mips-rootfs.tgz
 imported: 100%
[admin@MikroTik] /metarouter> print
Flags: X - disabled
#   NAME      MEMORY-SIZE DISK-SIZE     USED-DISK     STATE
0   mr1       16MiB       unlimited     7383kiB       running

As you can see OpenWRT is running, now you can start configuration process, which is explained in sections below.

Building your own OpenWRT image

If you are not satisfied with our prebuilt version of OpenWRT, then you can build and use your own image.

First step is to install svn and get the latest source code from openwrt.org

Note: Patch 1.2 was made against older kernel then in current trunk and some extra steps should be taken to apply it to OpenWRT. For example r29684 can be used without modifications


svn checkout -r 29684 svn://svn.openwrt.org/openwrt/trunk/

Now you have to patch downloaded source with our patch

Note: Patch v1.2 adds newer kernel support which makes it possible to compile with latest OpenWRT revisions. This patch also adds PowerPC support (ability to run OpenWRT image on RB1000 and RB1100).


 cd trunk/
 wget http://www.mikrotik.com/download/metarouter/openwrt-metarouter-1.2.patch
 patch -p0 <openwrt-metarouter-1.2.patch

When source is patched, you have to set up configuration options

make menuconfig

Go to Target System menu and choose Mikrotik MetaROUTER MIPS or Mikrotik MetaROUTER PowerPC from the list depending for which platform you are building the image.

Other options depends on what is your requirements (include for example IPv6 and ppp support or not), you can also stick with defaults.


If you see any error messages while trying to launch menuconfig, like

Build dependency: Please install ncurses. (Missing libncurses.so or ncurses.h)

It means that required libraries are not installed, check the output and install all required libraries.

When you are done with build configuration, type

make

It will take a while to build everything so you can go and have a cup of tea.

After the build process is done, upload newly built image to the router and import it as described in section above.


Warning: On newer GCC versions you may be required to add this patch from OpenWRT [1]


For more options and build instructions look in OpenWRT's documentation

Adding Interfaces

First, you need to add a new interface to your virtual router. This is done in the interface menu.

The interface command has the following options:

 [admin@MikroTik] /metarouter> interface add 
 comment    disabled        dynamic-mac-address  type            virtual-machine
 copy-from  dynamic-bridge  static-interface     vm-mac-address

Description of each option can be found in reference manual.

Let's add one interface:

[admin@MikroTik] /metarouter> interface add virtual-machine=mr1 type=dynamic

On the host physical router the interface appears as a virtual interface:

 [admin@MikroTik] > /interface print 
 Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME                                              TYPE             MTU  
 8  R  ether9                                            ether            1500 
 9  R  test                                              bridge           1500 
10 DR  vif1                                              vif              1500

Connecting to the virtual machine

To connect to your virtual machine, use the console command:

/metarouter console 0

You will see your newly added virtual interface here:

[admin@mr0] > interface print 
 Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME                                              TYPE             MTU  
 0  R  ether1                                            ether            1500

To disconnect from the metarouter virtual machine console, hit CTRL + A and then Q to Quit back to your Host console (if you are using minicom, hit CTRL + A twice):

[admin@MikroTik] >
[Q - quit connection]      [B - send break]
[A - send Ctrl-A prefix]   [R - autoconfigure rate]
 
 Q
 
 Welcome back!

Configuring a virtual network

Right now you saw that the virtual interface is visible in the Host Interfaces menu as vif1 and also in the metarouter interfaces menu as ether1. You can add an IP address on both interfaces, and set up networking. Creating a bridge between the virtual interface and a physical interface allows traffic to pass.

Configuration examples

Creating isolated Metarouter for client

This Example will show how to use Metarouter feature to create a isolated router on top of the WISP client site router. The setup for the example is shown on the diagram below:

1. Adding a Metarouter for client:

[admin@RouterGW] /metarouter> add name=client1 memory-size=32     
[admin@RouterGW] /metarouter> print
Flags: X - disabled 
 #   NAME                            MEMORY-SIZE DISK-SIZE     USED-DISK     STATE        
 0   client1                         32MiB       0kiB          189kiB        running      
[admin@RouterGW] /metarouter>

2. Adding Metarouter Interfaces for the new created Metarouter:

[admin@RouterGW] /metarouter interface> add virtual-machine=client1
[admin@RouterGW] /metarouter interface> add virtual-machine=client1 
[admin@RouterGW] /metarouter interface> print
Flags: X - disabled, A - active 
 #   VIRTUAL-MACHINE                                             TYPE    VM-MAC-ADDRESS   
 0 A client1                                                     dynamic 02:49:E8:55:8E:E8
 1 A client1                                                     dynamic 02:16:16:90:EF:0E
[admin@RouterGW] /metarouter interface> 

3. Creating a Bridge Interface for bridging metarouter interface together with ethernet interface where the client is physically connected:

[admin@RouterGW] /interface bridge> add         
[admin@RouterGW] /interface bridge> print
Flags: X - disabled, R - running 
 0  R name="bridge1" mtu=1500 arp=enabled mac-address=00:00:00:00:00:00 protocol-mode=none 
      priority=0x8000 auto-mac=yes admin-mac=00:00:00:00:00:00 max-message-age=20s 
      forward-delay=15s transmit-hold-count=6 ageing-time=5m 

[admin@RouterGW] /interface bridge port> add interface=ether2 bridge=bridge1 
[admin@RouterGW] /interface bridge port> add interface=vif2 bridge=bridge1 
[admin@RouterGW] /interface bridge port> print
Flags: X - disabled, I - inactive, D - dynamic 
 #    INTERFACE                    BRIDGE                   PRIORITY PATH-COST  HORIZON   
 0    ether2                       bridge1                  0x80     10         none      
 1    vif2                         bridge1                  0x80     10         none      

4. Adding IP configuration for the new Metarouter interface which will be used for connecting between Metarouter and Metarouter Host system:

[admin@RouterGW] /ip address> add address=10.0.1.1/24 interface=vif1 
[admin@RouterGW] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         BROADCAST       INTERFACE                         
 0 D 10.5.8.68/24       10.5.8.0        10.5.8.255      ether1                            
 1   10.0.1.1/24        10.0.1.0        10.0.1.255      vif1                              
[admin@RouterGW] /ip address> 

5. Connecting to Metarouter using the Console

[admin@RouterGW] /metarouter> console client1

[Ctrl-A is the prefix key]


Starting...
Starting services...

MikroTik 3.21
MikroTik Login: admin
Password:

[admin@MikroTik] > /sys identity set name=Client1

6. Configuring Metarouter to make it easy for client to understand the configuration:

[admin@Client1] /interface ethernet> p
Flags: X - disabled, R - running, S - slave 
 #    NAME                                              MTU   MAC-ADDRESS       ARP       
 0 R  ether1                                            1500  02:49:E8:55:8E:E8 enabled   
 1 R  ether2                                            1500  02:16:16:90:EF:0E enabled   
[admin@Client1] /interface ethernet> set 0 name=public
[admin@Client1] /interface ethernet> set 1 name=local
[admin@Client1] /interface ethernet> print
Flags: X - disabled, R - running, S - slave 
 #    NAME                                              MTU   MAC-ADDRESS       ARP       
 0 R  public                                            1500  02:49:E8:55:8E:E8 enabled   
 1 R  local                                             1500  02:16:16:90:EF:0E enabled   
[admin@Client1] /interface ethernet> 

[admin@Client1] /ip address> add address=10.0.1.2/24 interfae=public
[admin@Client1] /ip address> add address=10.0.2.1/24 interface=local 
[admin@Client1] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         BROADCAST       INTERFACE                         
 0   10.0.1.2/24        10.0.1.0        10.0.1.255      public                            
 1   10.0.2.1/24        10.0.2.0        10.0.2.255      local

[admin@Client1] /ip route> add gateway=10.0.1.1
[admin@Client1] /ip route> print
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        G GATEWAY                   DISTANCE INTERFACE 
 0 A S  0.0.0.0/0                          r 10.0.1.1                  1        public    
 1 ADC  10.0.1.0/24        10.0.1.2                                    0        public    
 2 ADC  10.0.2.0/24        10.0.2.1                                    0        local     
[admin@Client1] /ip route> 

[admin@Client1] /ip firewall nat> add action=masquerade out-interface=public chain=srcnat

Reference

General

Sub-menu: /metarouter

Menu specific commands:

Property Description
console (console <vm-id>) connect to specified virtual machine's console
import-image (import-image file-name=<image-file>) import custom built image (available starting from v3.24 and v4.0b3)
reboot (reboot <vm-id>) reboot specified virtual machine
shut-down (shut-down <vm-id>) shut down specified virtual machine
start (start <vm-id>) boot up specified virtual machine

Configurable properties:

Property Description
disk-size (unlimited|0..4294967295[kiB] ; Default: unlimited) Disk size that will be allocated by virtual router.
memory-size (16..256[MiB] ; Default: 16) Amount of memory that will be allocated by virtual router.
name (string ;) Name of the virtual machine.


Read only properties:

Property Description
used-disk (integer[kiB] ;) currently used disk space by virtual router.
disk-reads (integer;) number of disk reads
disk-writes (integer;) number of disk writes
state (booting|running|rebooting|shutting-down|stopped|disabled;) current state of virtual machine

Interface

Sub-menu: /metarouter interface

Configurable properties:

Property Description
dynamic-bridge (string;) If set, dynamic interface will be automatically added as port to specified bridge interface.
dynamic-mac-address (mac;) mac address of dynamically created interface
static-interface (none|name-of-iface;) Assign physical interface on the router to static virtual interface. This binds physical interface of the host directly to the guest instance.
type (dynamic|static;) Set if interface is either static or dynamic.
  • dynamic interface will add virtual-ethernet automatically when virtual machine starts.
  • static interface have to have created virtual-ethernet interface at the time of creation of the entry.
Dynamic interface names cannot be altered by the user. It is possible to add new virtual interface via '/interface virtual-ethernet' menu if custom name is desired
virtual-machine (string;) specifies to which virtual machine this interface will be bound
vm-mac-address (mac;) interface mac address that appears in VM

Known Issues

MIPS-BE

Issues and possible workarounds for MetaROUTER feature on RouterBOARDs with MIPS-BE architecture

Random freezing

Issue has been resolved in RouterOS 6.x

PPC

Issues and possible workarounds for MetaROUTER feature on RouterBOARDs with PPC architecture

Not enough resources

Only listed routers are affected: RB1100AH

When attempt is made to create MetaROUTER guest on the router error message is given that there is not enough resources on the router to create guest.

This problem is resolved in 5.12 and later RouterOS releases. If you are using a newer release and still encounter the problem on the router you have to reinstall the router using Netinstall tool.

RouterBOARD RB1100AHx2 reports similar message, but MetaROUTER feature is not currently supported on this router.

All other routers form this architecture that support MetaROUTER feature are not affected.

Other issues that do not fit the description most probably are caused by RouterOS misconfiguration and do not have a common denominator and have to be checked case by case.