Republic of the Philippines

NUEVA VIZCAYA STATE UNIVERSITY

Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021

College: COLLEGE OF INDUSTRIAL TECHNOLOGY

Campus: Bambang

DEGREE PROGRAM BSInTe COURSE NO. SAM101

SPECIALIZATION Networking COURSE TITLE System Administration and Maintenance
YEAR LEVEL IV TIME FRAME 5hrs. WK NO. 4 IM NO. 4

I. UNIT TITLE/CHAPTER TITLE

Package Management / Upgrading & Downgrading Systems

II. LESSON TITLE / (OUTLINE)

Package Management / Upgrading & Downgrading Systems

III. LESSON OVERVIEW

RouterOS is the network operating system that powers physical and virtual MikroTik devices.
Upgrading, downgrading, managing software packages, and making configuration changes are typical
parts of any MTCNA candidate’s duties. Fortunately, RouterOS looks and feels much the same across
different networks and devices. As long as you have a good working knowledge of how RouterOS
functions, you can work at a WISP, an MSP, or in an enterprise that uses MikroTik and feel at-home.

IV. DESIRED LEARNING OUTCOMES

At the end of the module, the student will be able to
• perform OS upgrading;
• perform OS downgrading;
• install packages;

V. LESSON CONTENT

RouterBOARDs come from MikroTik preloaded with RouterOS. MikroTik recommends that you
upgrade your board to the latest version of RouterOS before beginning any configuration. The operating
system is in constant development and new features or bug fixes are frequently available, sometimes
even monthly. The decision to do an upgrade on a production system on the other hand should be based
on some basic logical reasoning such as:
1. Is there a feature I want to add to my device that the new OS will provide?
2. Is there a security vulnerability this version solves?
3. Is there a bug fix this version provides?
4. Do I need to upgrade to provide support for some new hardware?

RouterOS Installations
RouterOS and its components arrive in a number of formats for MikroTik users:
✓ Pre-installed on RouterBOARD units
✓ Pre-packaged in virtual hard disk files
✓ .iso images
✓ .npk software packages

Regardless of the installation, type functionality is largely the same from a network administrator’s
perspective. This makes RouterOS skills very portable across platforms and organizations.

Pre-Installed RouterOS
The pre-installed copy of RouterOS on each RouterBOARD is ready to go immediately without
any further installation or licensing. The license level can be raised if necessary to enable additional
functionality. To view the license level use the ”/system license print” command,

[admin@MikroTik] > /system license print

software-id: ABCD-1234
level: 4
features:
[admin@MikroTik] > _
NVSU-FR-ICD-05-00 (081220) Page 1 of __
 Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021

RouterOS Virtual Hard Disks

The CHR is available pre-loaded in virtual hard disk, RAW disk, and OVA formats. Access these
files for your respective virtualization platform from the MikroTik download page at the following URL:
https://www.mikrotik.com/download
As of early 2017, downloadable file formats include the following:
• VHDX (Microsoft Hyper-V)
• VMDK (VMware products, Oracle VirtualBox)
• VDI (Oracle VirtualBox)
• Raw Disk Image
A CHR VM is easily brought online by adding the basic Linux-compatible virtual hardware,
attaching the Virtual Hard Disk (VHD), and booting the VM.

RouterOS Packages
MikroTik routers all come with the default set
of packages for doing basic routing and other
functions. Additional packages can be installed to
extend functionality with more advanced features
like Multiprotocol Label Switching (MPLS), Internet
Protocol v6 (IPv6), CALEA1, etc. By default, the
system package is always checked (and cannot be
unchecked) during an installation, and other
packages can be selected.

Each package includes different software

capabilities for the router. These packages are
available and include the following features:
a) Advanced Tools: Network monitoring, IP scanning, Wake on LAN (WOL) & complex Ping tools.
b) Communications Assistance for Law Enforcement Act (CALEA): Tools for collecting
subscriber data pursuant to the Communications Assistance for Law Enforcement Act in the
United States.
c) Dynamic Host Configuration Protocol (DHCP): This package allows the router to run as a
DHCP client, server, and relay.
d) GPS: MikroTik devices can use an attached Global Positioning System (GPS) receiver to get
position and time updates with this package.
e) Hotspot: Includes software to run a paid captive portal for public network access.
f) IPv6: All the software needed to run an IPv6 router.
g) Multiprotocol Label Switching (MPLS): This package allows the router to participate in MPLS
switching, including Virtual Private LAN Service (VPLS) tunnels.
h) Multicast: With this package a router can rum Protocol Independent Multicast (PIM) and Internet
Group Management Protocol (IGMP) proxying.
i) Network Time Protocol (NTP): The router can run as an NTP client or server with this package.
j) OpenFlow: Provisional support for the OpenFlow Software Defined Network (SDN) standard is
included in this package. It should be noted that support for OpenFlow is still in limbo at this point
while SDN technology evolves in the market.
k) Point-to-Point Protocol (PPP): The router can run PPP, Point-to-Point Tunnel Protocol (PPTP),
Layer Two Tunneling Protocol (L2TP), and PPP over Ethernet (PPPoE) server and client services
with this package.
l) RouterBOARD: This package has hardware-specific functionality for RouterBOOT and
RouterBOARD management.
m) Routing: Dynamic routing including Open Shortest Path First (OSPF), Routing Information
Protocol (RIP), BGP, and more. RouterOS can run without this package as long as only static
routes are used.
n) Security: This package includes software for IPSEC, SSH, and other encrypted connections.
o) System: This is the bare-bones software component for RouterOS. Includes basic functionality
like static routing, telnet, firewalling, Domain Name Service (DNS), bridging, etc. This package is
always installed and necessary, regardless of the RouterOS instance type.
p) UPS: This package allows a router to communicate with APC-brand UPS units.
q) User Manager: When using a Hotspot, the User Manager package allows for more centralized
administration.
r) Wireless: This package provides support for wireless interfaces and connections.
NVSU-FR-ICD-05-00 (081220) Page 2 of __
 Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021

For more information about each package and links to relevant resources visit the MikroTik
package documentation page at the following URL:
https://wiki.mikrotik.com/wiki/Manual:System/Packages

Installed Packages
The ”/system package print” command
lists all installed packages, including their
version and the
current status. The results, with some packages
already disabled and marked with an ”X”.

The same information is available in

Winbox under System > Packages. There is
easy access to buttons on the same screen for
package enabling and disabling, downgrades,
and installation checking.

Package Format
Packages are downloaded in a compressed Zip file and extracted into a directory with individual
package files. Each package is an .npk-format file that is digitally signed by MikroTik. As of late 2017 it
is not possible to generate your own packages for RouterOS or easily view the contents of existing
package files. It is also not possible to upload custom or proprietary drivers for third-party hardware.

Downloading Packages
Download additional packages if you need their featured capabilities (p. 25) from the MikroTik download
page at the following URL: https://mikrotik.com/download

The downloaded package files can be dragged into the Winbox File window or uploaded via FTP
or SSH. A reboot of the device will force RouterOS to detect and install the newly-uploaded files. Once
packages are installed the built-in package manager can update them in-place. Consult the guidance on
package releases in the next section to ensure you’re using the software branch that’s right for your
networks.

RouterOS Releases
Four RouterOS software branches are available for download on the MikroTik download page.
Each of the following release branches has its place in enterprise and provider networks:
• Current
• Bugfix Only
• Legacy
• Release Candidate (RC)
For many MikroTik users the current branch will always be the most appropriate.

Current
The current branch is the latest stable version of RouterOS. This includes the latest tested
features, bugfixes, and patches. It is recommended for production environments that you run the current
software branch available for your devices. Be sure to test the new version first on non-production devices
before widespread implementation when upgrades for this branch are available.

Bugfix Only
The bugfix only branch for a given release is a roll-up of bug fixes with none of the additional
functionality that has been subsequently released. If you’re stuck on a particular release for whatever
reason and can’t upgrade but still require a bug fix then this is the release for you.

Legacy
The legacy branch is a past milestone release that was considered stable at the time. While it
was stable at the time of release, this branch does not receive any bug fixes. Compatibility issues with
hardware, known issues with a particular architecture, or other unique circumstances could warrant use
of the Legacy branch. Running this branch in production would be a last resort and you should engage
MikroTik support in the meantime. Unless there is a very specific reason to remain on the legacy branch
it’s recommended you upgrade to current.
NVSU-FR-ICD-05-00 (081220) Page 3 of __
 Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021
Release Candidate
The Release Candidate (RC) branch is for those who want to test ”bleeding edge” software
features and improvements. This branch is meant for testing only, and it is not officially supported for
production use like the current branch is. The RC branch should not be run in production networks outside
of limited, well-controlled tests. Typically the MikroTik staff will announce new RC versions on the forum
and ask for feedback from those doing testing. If you deploy RC for testing in your networks and discover
a bug you should report it in the forum thread so it can be addressed.

Updating RouterOS
It’s important
to keep abreast of
changes in the
Changelog and
subscribe to the
MikroTik newsletter
for the latest
information about
software updates
and features.
Attackers won’t
hesitate to take
advantage of bugs or
other vulnerabilities
in outdated software.
Keeping RouterOS
updated is another
layer in your DiD
security strategy. in
Winbox under
System > Packages,
see figure below:

On figure above, the current software loaded is from the Release Candidate branch but the
Current branch is selected. For that reason the ”Download & Install” button is clickable even though the
Current software version is lower than the RC version. Running ”check-for-updates” at the console or
clicking the ”Check for Updates” button will reach out to the MikroTik download servers and check for any
available updates.

Downgrading Software
Upload the older
.npk files to the router
then click the
Downgrade button
shown in figure below:

NVSU-FR-ICD-05-00 (081220) Page 4 of __

 Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021

VI. LEARNING ACTIVITIES

RouterOS Upgrade
If you are already running RouterOS v6, upgrading to the latest version is simple. Just one click,
and RouterOS will find the latest version, show you the changelog, and offer to upgrade. You can do this
from Winbox, console, Webfig or QuickSet.

Simply click “Check for updates” in QuickSet, Webfig or Winbox packages menu.

Open Winbox
• go to "System/Packages" menu (Step 1 and 2 from image below) new window "Package List" will
open. Click on "Check for Updates" button (step 3 in the image)

• New window
"Check For
Updates" will
open, where you
will be able to see
currently installed
version and latest
available version
as well as latest
available
Changelog.

• Click on
"Download" or
Download &
Upgrade" button.

After download is complete

you will see in status bar
message that Download
was successful.

If you clicked on
"Download" button then
you will need to reboot
router manually to
complete installation, but if
"download & Upgrade"
was clicked then router will reboot automatically after files are downloaded.

RouterBOARD Firmware Upgrade

• Next step after the
RouterOS upgrade is
firmware (bootloader)
upgrade.
• Open Winbox and go to
"System/Routerboard"
menu (step 1 and 2
from image below).
• New window
"Routerboard" will pop
up, where you can see
current and latest
available firmware.
• Click on "Update"
button (step 3 from the
image)

NVSU-FR-ICD-05-00 (081220) Page 5 of __

 Republic of the Philippines
NUEVA VIZCAYA STATE UNIVERSITY
Bayombong, Nueva Vizcaya
INSTRUCTIONAL MODULE
IM No.: SAM101-1st-SY2020-2021
RouterOS will ask for upgrade confirmation, click on "yes".

Note: After firmware upgrade, still old version is used until you reboot the router

SwOS device upgrade

For RouterBOARD Switches, the upgrade procedure is as follows: in the System tab, scroll to
"Firmware upgrade".

Firmware can be upgraded/downgraded by selecting firmware file and pressing upgrade button.
Switch will reboot automatically after successful upgrade. New firmware can be downloaded from our
webpage: http://www.mikrotik.com/download

Source: https://wiki.mikrotik.com/wiki/Manual:Upgrading

VII. EVALUATION (Note: Not to be included in the student’s copy of the IM)

VIII. ASSIGNMENT
1. Review you lessons on DNS Servers
2. Read the following web article below to further understand Domain Name systems.

https://www.cloudflare.com/learning/dns/what-is-dns/
https://www.networkworld.com/article/3268449/what-is-dns-and-how-does-it-work.html

IX. REFERENCES
Discher, S. R. W. (2011). RouterOS by example: understanding MikroTik RouterOS through real life
applications. MicroTik.

Sayeed, A. (2019, December 18). MikroTik User Management (RouterOS User). System Zone.
https://systemzone.net/mikrotik-user-management-routeros-user/.

Manual:Upgrading. Manual:Upgrading - MikroTik Wiki.

https://wiki.mikrotik.com/wiki/Manual:Upgrading.

System zone. https://www.youtube.com/watch?v=Cgod63HD-zw: Upgrading MikroTik RouterOS

and Firmware using Winbox

NVSU-FR-ICD-05-00 (081220) Page 6 of __