RouterOS and Proxmox
After configuring a RouterOS virtual machine (VM) in VirtualBox, I wanted to configure the same on a Proxmox host at work for others to use for training. We have a test Proxmox system suitable for that.
Unlike the VirtualBox image, there are two ways to install RouterOS in Proxmox. One way is using the ISO image. While doable, this method triggers an immediate 23 hour and 49 minute trial license usage limit. The limit is actual usage and not calendar days. That is, using the system for 30 minutes results in 30 minutes of usage, even when the system is not used for another week. This is a more sane method than many proprietary systems that are based on calendar days. For training and evaluation purposes the 24-hour limit can be bypassed with a fresh install. There is no limit on the number of installations, but 24 hours? Seriously obtuse. The wiki seems to imply the 24 hour period can be extended to 60 days but only after creating an account.
A second method is to use the pre-built .img disk image available at the Mikrotik web site.
Using this method introduces several obstacles.
- How to configure the Proxmox guest to use the disk image file.
- How to change the password.
- How to configure a static IP address and gateway.
- How to disable unnecessary services, such as telnet and ftp.
The conundrum is that without a known IP address the system is not accessible with Winbox or the web browser Webfig interface. Unlike a physical Mikrotik device, there is no direct access to configure the VM. The default image presumes using DHCP but by default Proxmox is not configured to provide a DHCP server. The RouterOS console interface must be used to configure the VM. Use the Proxmox web interface and the Proxmox console tool to access the RouterOS console.
Per the wiki I copied the .img disk image to the Proxmox /var/lib/vz/images directory.
In /var/lib/vz/images I created a directory for the new guest using the new guest system ID ($VM_ID).
I converted the img file to qcow2 format:
cd /var/lib/vz/images
qemu-img convert -f raw -O qcow2 chr-6.41.4.img $VM_ID/vm-2202-disk-1.qcow2
I created a new guest system:
General:
VM ID: 2202
Name: RouterOS
OS:
Do not use any media
Hard Disk:
Bus/Device: VirtIO Block
Storage: local-lvm
Disk size: irrelevant — will be changed
CPU:
Sockets: 1
Cores: 2
Memory:
Use fixed size memory: Memory (MiB): 512 MB
Network:
Bridged mode: Bridge vmbr0
Model: VirtIO
The Proxmox interface provides no method of using the qcow2 image. Per the wiki the respective conf file has to be edited manually. The wiki is unclear how to edit the file. The Proxmox configuration showed the following:
virtio0: local-lvm:vm-2202-disk-1,size=1G
I edited the file:
virtio0: local:2202/vm-2202-disk-1.qcow2
I started the VM. I used the Proxmox console tool to view the VM.
The default RouterOS uses no password. According to the wiki, configuration should be possible using the setup command. That command results in a typical unhelpful message of bad command name setup (line 1 column 1). Typing ? reveals no such setup command. The list of commands did reveal a password command. With that command I was able to change the password.
Installing a DHCP server in Proxmox is doable but I did not want to do that. I needed to configure a static IP address because the device had to be accessible by others from anywhere within the infrastructure.
That requires using the RouterOS console. Not exactly for the feign-of-heart, especially a newbie. The Mikrotik wiki page leaves much to be desired. I found help from another web site. The following snippet is good only for my use case but the steps should help others with similar settings.
ip address add interface=ether1 address=W.X.94.173/28 broadcast=W.X.94.159
ip address add interface=ether1 address=W.X.94.173 network=W.X.94.163
ip route add dst-address=0.0.0.0/0 gateway=W.X.94.161
ip firewall nat add chain=srcnat out-interface=ether1 action=masquerade
The network= configuration is the address of the Proxmox host. The gateway= configuration is the same one used by the Proxmox host.
I then was able to access the VM with Winbox and Webfig.
Next was to disable unnecessary services.
ip service disable telnet,ftp,ssh,api,api-ssl
tool bandwidth-server set enabled=no
Despite the popularity of Proxmox and RouterOS, I found installing RouterOS on Proxmox frustrating. Perhaps there is an easier way to configure RouterOS on Proxmox. I had no such challenges with the VirtualBox image.
Posted: Category: Usability Tagged: General
Next: Dokuwiki
Previous: VirtualBox NAT Network