Manual:RouterBOARD settings: Difference between revisions
No edit summary |
|||
(One intermediate revision by the same user not shown) | |||
Line 3: | Line 3: | ||
</p> | </p> | ||
On RouterBOARD devices, the following menu exists which gives you some basic information about your device: | |||
[admin@demo.mt.lv] /system routerboard> print | [admin@demo.mt.lv] /system routerboard> print | ||
Line 35: | Line 35: | ||
|arg=current-firmware | |arg=current-firmware | ||
|type=string | |type=string | ||
|desc= | |desc=The version of the RouterBOOT loader that is currently in use. Not to be confused with RouterOS operating system version | ||
}} | }} | ||
Line 41: | Line 41: | ||
|arg=upgrade-firmware | |arg=upgrade-firmware | ||
|type=string | |type=string | ||
|desc=RouterOS upgrades also include new RouterBOOT version files, but they have to be applied manually. This line shows if | |desc=RouterOS upgrades also include new RouterBOOT version files, but they have to be applied manually. This line shows if a new RouterBOOT file has been found in the device. The file can either be included via a recent RouterOS upgrade, or a FWF file which has been manually uploaded to the router. In either case, the newest found version will be shown here | ||
}} | }} | ||
Line 61: | Line 61: | ||
<p id="shbox"><b>Sub-menu level:</b> <code> /system RouterBOARD settings</code> | <p id="shbox"><b>Sub-menu level:</b> <code> /system RouterBOARD settings</code> | ||
</p> | </p> | ||
baud-rate: 115200 | |||
boot-device: nand-if-fail-then-ethernet | boot-delay: 2s | ||
enter-setup-on: any-key | |||
boot-device: nand-if-fail-then-ethernet | |||
cpu-frequency: 1200MHz | |||
memory-frequency: 1066DDR | |||
boot-protocol: bootp | |||
enable-jumper-reset: yes | |||
force-backup-booter: no | |||
silent-boot: no | |||
{{Mr-arg-table-h | {{Mr-arg-table-h | ||
|prop=Property | |prop=Property | ||
|desc=Description | |desc=Description | ||
}} | |||
{{Mr-arg-table | |||
|arg=baud-rate | |||
|type=integer | |||
|default=115200 | |||
|desc=Choose the onboard RS232 speed in bits per second (if installed) | |||
}} | |||
{{Mr-arg-table | |||
|arg=boot-delay | |||
|type=time | |||
|default=1s | |||
|desc=How much time to wait for a key stroke while booting | |||
}} | }} | ||
Line 96: | Line 113: | ||
{{Mr-arg-table | {{Mr-arg-table | ||
|arg= | |arg=cpu-frequency | ||
|type= depends on model | |type= depends on model | ||
|default=depends on model | |default=depends on model | ||
|desc=This option allows | |desc=This option allows for changing the CPU frequency of the device. Values depend on model, to see available options, hit [?] button on the keyboard at this prompt | ||
}} | |||
{{Mr-arg-table | |||
|arg=cpu-mode | |||
|type= power-save {{!}} regular | |||
|default=power-save | |||
|desc=Whether to enter CPU suspend mode in HTL instruction. Most OSs use HLT instruction during CPU idle cycle. When CPU is in suspend mode, it consumes less power, but in low-temperatire conditions it is recommended to choose regular mode, so that overall system temperature would be greater | |||
}} | |||
{{Mr-arg-table | |||
|arg=enable-jumper-reset | |||
|type= yes {{!}} no | |||
|default=yes | |||
|desc=Disable this to avoid accidental setting reset via the onboard jumper | |||
}} | }} | ||
{{Mr-arg-table | {{Mr-arg-table | ||
|arg= | |arg=enter-setup-on | ||
|type= | |type= any-key {{!}} delete-key | ||
|default= | |default=any-key | ||
|desc= | |desc=Which key will cause the BIOS to enter configuration mode during boot delay. Note that in some serial terminal programs, it is impossible to use Delete key to enter the setup - in this case it might be possible to do this with the Backspace key | ||
}} | }} | ||
Line 113: | Line 144: | ||
|type=yes {{!}} no | |type=yes {{!}} no | ||
|default=no | |default=no | ||
|desc=If to use the backup RouterBOOT. This only useful if | |desc=If to use the backup RouterBOOT. This is only useful if the main loader has become corrupted somehow and cannot be fixed. So that you don't have to boot the device with a pushed reset button (which loads backup loader), you can use this setting to load it every time | ||
* <var>yes</var> - backup loader will be used always | * <var>yes</var> - backup loader will be used always | ||
* <var>no</var> - main booter will be used | * <var>no</var> - main booter will be used | ||
}} | |||
{{Mr-arg-table | |||
|arg=memory-frequency | |||
|type= depends on model | |||
|default=depends on model | |||
|desc=This option allows to change the memory frequency of the device. Values depend on model, to see available options, hit [?] button on the keyboard at this prompt | |||
}} | |||
{{Mr-arg-table | |||
|arg=regulatory-domain-ce | |||
|type=yes {{!}} no | |||
|default= | |||
|desc= | |||
}} | }} | ||
Line 122: | Line 167: | ||
|type=yes {{!}} no | |type=yes {{!}} no | ||
|default=no | |default=no | ||
|desc= This option disables output on the serial console, to avoid the text output interrupting a connected device. Useful if you have some temperature monitor or modem connected to the serial port | |desc= This option disables output on the serial console and beeping sounds during booting, to avoid the text output interrupting a connected device. Useful if you have some temperature monitor or modem connected to the serial port | ||
* <var>yes</var> - no output on the serial console | * <var>yes</var> - no output on the serial console and no booting beeps (does not disable the RouterOS :beep command) | ||
* <var>no</var> - regular info and option menu on serial console | * <var>no</var> - regular info and option menu on serial console | ||
}} | }} | ||
Line 129: | Line 174: | ||
=== Protected bootloader === | === Protected bootloader === | ||
This is a new feature which allows the protection of RouterOS configuration and files from a physical attacker by disabling etherboot. It is called "Protected RouterBOOT". This feature can be enabled and disabled only from within RouterOS after login, i.e., there is no RouterBOOT setting to enable/disable this feature. These extra options appear only under certain conditions. When this setting is enabled - both the reset button and the reset pin-hole is disabled. Console access is also disabled. The only ability to change boot mode or RouterBOOT settings is through RouterOS. If you do not know the RouterOS password - only a complete format is possible. | |||
* | * The backup RouterBOOT version can not be older than v3.22 version. A special package is provided to upgrade the backup RouterBOOT ('''DANGEROUS'''). Newer devices will have this new backup loader already installed at the factory. Download the package [http://www.mikrotik.com/download/share/protected_routerboot_v3_22_enable_6_27.dpk] | ||
* RouterOS version 6.26 is required to enable this feature | * RouterOS version 6.26 is required to enable this feature | ||
Line 143: | Line 188: | ||
|type= enabled {{!}} disabled | |type= enabled {{!}} disabled | ||
|default= disabled | |default= disabled | ||
|desc= This setting disables any access to RouterBOOT configuration settings over console cable and disables operation of the reset button to change boot mode ('''Netinstall will be disabled'''). Access to RouterOS will only be possible with a known RouterOS admin password. | |desc= This setting disables any access to the RouterBOOT configuration settings over a console cable and disables operation of the reset button to change the boot mode ('''Netinstall will be disabled'''). Access to RouterOS will only be possible with a known RouterOS admin password. Unsetting of this option is only possible from RouterOS. If you forget the RouterOS password, the only option is to perform a complete reformat of both NAND and RAM with the following method, but you '''have''' to know the reset button hold time in seconds. | ||
* <var> enabled </var> - secure mode, only RouterOS can be accessed with a RouterOS admin password. Any user input from serial port is ignored. Etherboot is not available, RouterBOOT setting change is not possible. | * <var> enabled </var> - secure mode, only RouterOS can be accessed with a RouterOS admin password. Any user input from serial port is ignored. Etherboot is not available, RouterBOOT setting change is not possible. | ||
* <var> disabled </var> - regular operation, RouterBOOT settings available with serial console and reset button can be used to launch Netinstall | * <var> disabled </var> - regular operation, RouterBOOT settings available with serial console and reset button can be used to launch Netinstall | ||
Line 152: | Line 197: | ||
|type=5s .. 300s | |type=5s .. 300s | ||
|default=20s | |default=20s | ||
|desc= As an emergency recovery option, it is possible to reset everything by pressing the button at power-on for reformat-hold-button time. You will have to remember this setting, otherwise even reformat will not be possible and device will not be recoverable. When you use the button for complete reset, following actions are taken: | |desc= As an emergency recovery option, it is possible to reset everything by pressing the button at power-on for a set reformat-hold-button time. You will have to remember this setting, otherwise even a reformat will not be possible and the device will not be recoverable. When you use the button for a complete reset, following actions are taken: | ||
'''EXTREMELY DANGEROUS'''. Use this only if you have lost access to device. | '''EXTREMELY DANGEROUS'''. Use this only if you have lost all access to the device. | ||
#RouterOS, all of its files and configuration is completely and irreversibly erased by nand re-format; | #RouterOS, all of its files and configuration is completely and irreversibly erased by nand re-format; | ||
#all RouterBOOT settings are reset to defaults; | #all RouterBOOT settings are reset to defaults; | ||
# | #Board is rebooted; | ||
# | #As boot from NAND fails, it goes to etherboot automatically; | ||
#Netinstall is required to reinstall RouterOS. | #Netinstall is required to reinstall RouterOS. | ||
}} | }} |
Revision as of 19:41, 8 March 2015
General
Sub-menu level: /system resource
On RouterBOARD devices, the following menu exists which gives you some basic information about your device:
[admin@demo.mt.lv] /system routerboard> print routerboard: yes model: 433 serial-number: 185C01FCA958 current-firmware: 3.25 upgrade-firmware: 3.25
Properties
All properties are read-only
Property | Description |
---|---|
model (string) | If this device is a MikroTik RouterBOARD, this describes the model name |
serial-number (string) | Serial number of this particular device |
current-firmware (string) | The version of the RouterBOOT loader that is currently in use. Not to be confused with RouterOS operating system version |
upgrade-firmware (string) | RouterOS upgrades also include new RouterBOOT version files, but they have to be applied manually. This line shows if a new RouterBOOT file has been found in the device. The file can either be included via a recent RouterOS upgrade, or a FWF file which has been manually uploaded to the router. In either case, the newest found version will be shown here |
Upgrading RouterBOOT
RouterBOOT upgrades usually include minor improvements to overall RouterBOARD operation. It is recommended to keep this version upgraded. If you see that upgrade-firmware value is bigger than current-firmware, you simply need to perform the upgrade command, accept it with y and then reboot with /system reboot
[admin@mikrotik] /system routerboard> upgrade Do you really want to upgrade firmware? [y/n] y echo: system,info,critical Firmware upgraded successfully, please reboot for changes to take effect!
After rebooting, the current-firmware value should become identical with upgrade-firmware
Settings
Sub-menu level: /system RouterBOARD settings
baud-rate: 115200 boot-delay: 2s enter-setup-on: any-key boot-device: nand-if-fail-then-ethernet cpu-frequency: 1200MHz memory-frequency: 1066DDR boot-protocol: bootp enable-jumper-reset: yes force-backup-booter: no silent-boot: no
Property | Description |
---|---|
baud-rate (integer; Default: 115200) | Choose the onboard RS232 speed in bits per second (if installed) |
boot-delay (time; Default: 1s) | How much time to wait for a key stroke while booting |
boot-device (nand-if-fail-then-ethernet ...; Default: nand-if-fail-then-ethernet) | Choose the way RouterBOOT loads the operating system:
|
boot-protocol (bootp |dhcp ...; Default: bootp) | Boot protocol to use:
|
cpu-frequency (depends on model; Default: depends on model) | This option allows for changing the CPU frequency of the device. Values depend on model, to see available options, hit [?] button on the keyboard at this prompt |
cpu-mode (power-save | regular; Default: power-save) | Whether to enter CPU suspend mode in HTL instruction. Most OSs use HLT instruction during CPU idle cycle. When CPU is in suspend mode, it consumes less power, but in low-temperatire conditions it is recommended to choose regular mode, so that overall system temperature would be greater |
enable-jumper-reset (yes | no; Default: yes) | Disable this to avoid accidental setting reset via the onboard jumper |
enter-setup-on (any-key | delete-key; Default: any-key) | Which key will cause the BIOS to enter configuration mode during boot delay. Note that in some serial terminal programs, it is impossible to use Delete key to enter the setup - in this case it might be possible to do this with the Backspace key |
force-backup-booter (yes | no; Default: no) | If to use the backup RouterBOOT. This is only useful if the main loader has become corrupted somehow and cannot be fixed. So that you don't have to boot the device with a pushed reset button (which loads backup loader), you can use this setting to load it every time
|
memory-frequency (depends on model; Default: depends on model) | This option allows to change the memory frequency of the device. Values depend on model, to see available options, hit [?] button on the keyboard at this prompt |
regulatory-domain-ce (yes | no; Default: ) | |
silent-boot (yes | no; Default: no) | This option disables output on the serial console and beeping sounds during booting, to avoid the text output interrupting a connected device. Useful if you have some temperature monitor or modem connected to the serial port
|
Protected bootloader
This is a new feature which allows the protection of RouterOS configuration and files from a physical attacker by disabling etherboot. It is called "Protected RouterBOOT". This feature can be enabled and disabled only from within RouterOS after login, i.e., there is no RouterBOOT setting to enable/disable this feature. These extra options appear only under certain conditions. When this setting is enabled - both the reset button and the reset pin-hole is disabled. Console access is also disabled. The only ability to change boot mode or RouterBOOT settings is through RouterOS. If you do not know the RouterOS password - only a complete format is possible.
- The backup RouterBOOT version can not be older than v3.22 version. A special package is provided to upgrade the backup RouterBOOT (DANGEROUS). Newer devices will have this new backup loader already installed at the factory. Download the package [1]
- RouterOS version 6.26 is required to enable this feature
Property | Description |
---|---|
protected-routerboot (enabled | disabled; Default: disabled) | This setting disables any access to the RouterBOOT configuration settings over a console cable and disables operation of the reset button to change the boot mode (Netinstall will be disabled). Access to RouterOS will only be possible with a known RouterOS admin password. Unsetting of this option is only possible from RouterOS. If you forget the RouterOS password, the only option is to perform a complete reformat of both NAND and RAM with the following method, but you have to know the reset button hold time in seconds.
|
reformat-hold-button (5s .. 300s; Default: 20s) | As an emergency recovery option, it is possible to reset everything by pressing the button at power-on for a set reformat-hold-button time. You will have to remember this setting, otherwise even a reformat will not be possible and the device will not be recoverable. When you use the button for a complete reset, following actions are taken:
EXTREMELY DANGEROUS. Use this only if you have lost all access to the device.
|