You're reading the development documentation. Release version of the same page is here.

Building an Mikrotik RouterOS 7 CHR Libvirt Box

Mikrotik RouterOS 7 CHR is supported by the netlab libvirt package command. To build it:

  • Create an empty directory on a Ubuntu machine with libvirt and Vagrant.

  • Download the CHR 7 vmdk disk image into that directory

  • Convert the image to the qcow2 format (qemu-img convert -f vmdk -O qcow2 chr-7.5.vmdk chr-7.5.qcow2)

  • Execute netlab libvirt package routeros7 virtual-disk-file-name and follow the instructions


  • The ‌netlab libvirt package routeros7 command has been tested on Ubuntu 20.04 LTS and might not work on other Linux distros.

Initial Device Configuration

During the box-building process (inspired by the step-by-step instructions by Stefano Sasso) you’ll have to copy-paste initial device configuration. netlab libvirt config routeros7 command displays the build recipe:

Creating initial configuration for RouterOS 7

* Wait for the 'login' prompt
* Login as 'admin' (no password)
* Set the new 'admin' password as 'admin'
* From your Linux box, copy the "vagrant ssh key" to the RouterOS VM:
  * IP address here is just an example - use `/ip/address/print` from the VM to discover it
  * `scp ~/.vagrant.d/insecure_private_key admin@`
* Copy-paste the following configuration


/user add group=full name=vagrant password=vagrant
/user ssh-keys import public-key-file=insecure_private_key user=vagrant

/interface ethernet set 0 name=temp

/system scheduler
add name="boot" on-event=":delay 00:00:10 \r\n/ip dhcp-client set 0 interface=[/interface ethernet get 0 name]" start-time=startup interval=0s disabled=no


* Poweroff the VM with `/system/shutdown`

Hack for ether1 interface

The initial device configuration includes an hack for having a DHCP address on the first ethernet interface of the new VM (ether1).

RouterOS saves somewhere the existing network interfaces, together with their own names, checking for their existance on the subsequent boots. Every time it founds a new ethernet interface, this will be added to the list with a “sequence number”, i.e., ether2, ether3, and so on.

The network interface we are using during the installation won’t be present anymore on the next boot time, and the “new” first interface will be called ether2 - which we don’t like.

But, we can simply rename the current interface to something different than ether1. Doing so, the “new” first interface will be called exactly ether1. Much better!

At the same time, since any configuration about DHCP Client is linked to the current interface (and the configuration is referenced by ID, not by interface name), we need to change the DHCP Client config on every boot to use the new ether1 interface. This can be done using a system scheduler script at every system startup.