MikroTik Solutions

Hex Artifact Content
Login

Hex Artifact Content

Download

Artifact 813921cdd39d04f80616d1bf964c8a0914dea5901820a74b6053f7f7226f1eae:

Wiki page [NetInstall on EL9] by tangent 2024-08-20 02:27:24. 
0000: 44 20 32 30 32 34 2d 30 38 2d 32 30 54 30 32 3a  D 2024-08-20T02:
0010: 32 37 3a 32 34 2e 33 36 36 0a 4c 20 4e 65 74 49  27:24.366.L NetI
0020: 6e 73 74 61 6c 6c 5c 73 6f 6e 5c 73 45 4c 39 0a  nstall\son\sEL9.
0030: 4e 20 74 65 78 74 2f 78 2d 6d 61 72 6b 64 6f 77  N text/x-markdow
0040: 6e 0a 50 20 63 39 39 36 30 37 38 30 32 65 36 63  n.P c99607802e6c
0050: 32 33 32 62 35 33 35 30 39 37 64 32 39 36 32 32  232b535097d29622
0060: 34 61 61 36 61 35 61 61 36 30 34 61 30 65 31 38  4aa6a5aa604a0e18
0070: 38 62 36 36 61 31 30 66 35 35 34 62 64 39 33 65  8b66a10f554bd93e
0080: 34 32 34 64 0a 55 20 74 61 6e 67 65 6e 74 0a 57  424d.U tangent.W
0090: 20 31 32 30 38 35 0a 23 23 20 4d 6f 74 69 76 61   12085.## Motiva
00a0: 74 69 6f 6e 0d 0a 0d 0a 49 e2 80 99 6d 20 77 72  tion....I’m wr
00b0: 69 74 69 6e 67 20 74 68 69 73 20 62 65 63 61 75  iting this becau
00c0: 73 65 20 5b 74 68 65 20 6f 66 66 69 63 69 61 6c  se [the official
00d0: 20 64 6f 63 73 5d 28 68 74 74 70 73 3a 2f 2f 68   docs](https://h
00e0: 65 6c 70 2e 6d 69 6b 72 6f 74 69 6b 2e 63 6f 6d  elp.mikrotik.com
00f0: 2f 64 6f 63 73 2f 64 69 73 70 6c 61 79 2f 52 4f  /docs/display/RO
0100: 53 2f 4e 65 74 69 6e 73 74 61 6c 6c 29 20 61 72  S/Netinstall) ar
0110: 65 20 74 68 69 6e 20 6f 6e 20 64 65 74 61 69 6c  e thin on detail
0120: 73 20 66 6f 72 20 74 68 69 73 20 75 73 65 20 63  s for this use c
0130: 61 73 65 2e 28 5e 54 68 65 79 e2 80 99 64 20 72  ase.(^They’d r
0140: 61 74 68 65 72 20 62 75 72 6e 20 62 61 6e 64 77  ather burn bandw
0150: 69 64 74 68 20 74 65 6c 6c 69 6e 67 20 79 6f 75  idth telling you
0160: 20 74 68 65 20 31 34 20 73 74 65 70 73 20 6e 65   the 14 steps ne
0170: 63 65 73 73 61 72 79 20 74 6f 20 61 72 6d 2d 74  cessary to arm-t
0180: 77 69 73 74 20 57 69 6e 64 6f 77 73 20 69 6e 74  wist Windows int
0190: 6f 20 74 68 69 73 20 72 6f 6c 65 20 62 79 20 77  o this role by w
01a0: 61 79 20 6f 66 20 74 77 65 6e 74 79 2d 73 65 76  ay of twenty-sev
01b0: 65 6e 20 38 30 30 2d 62 79 2d 34 30 30 20 63 6f  en 800-by-400 co
01c0: 6c 6f 72 20 67 6c 6f 73 73 79 20 73 63 72 65 65  lor glossy scree
01d0: 6e 73 68 6f 74 73 20 77 69 74 68 20 63 69 72 63  nshots with circ
01e0: 6c 65 73 20 61 6e 64 20 61 72 72 6f 77 73 20 61  les and arrows a
01f0: 6e 64 20 61 20 70 61 72 61 67 72 61 70 68 20 6f  nd a paragraph o
0200: 6e 20 74 68 65 20 62 6f 74 74 6f 6d 20 6f 66 20  n the bottom of 
0210: 65 61 63 68 20 6f 6e 65 2e 20 41 6c 77 61 79 73  each one. Always
0220: 20 6b 65 65 70 20 74 65 6c 6c 69 6e 67 20 79 6f   keep telling yo
0230: 75 72 73 65 6c 66 20 74 68 61 74 20 57 69 6e 64  urself that Wind
0240: 6f 77 73 20 69 73 20 74 68 65 20 e2 80 9c 65 61  ows is the “ea
0250: 73 79 e2 80 9d 20 4f 53 2e 20 59 6f 75 e2 80 99  sy” OS. You’
0260: 6c 6c 20 63 6f 6d 65 20 74 6f 20 62 65 6c 69 65  ll come to belie
0270: 76 65 20 69 74 2c 20 65 76 65 6e 74 75 61 6c 6c  ve it, eventuall
0280: 79 2c 20 6e 6f 20 6d 61 74 74 65 72 20 68 6f 77  y, no matter how
0290: 20 6d 75 63 68 20 65 76 69 64 65 6e 63 65 20 6d   much evidence m
02a0: 6f 75 6e 74 73 20 75 70 20 74 6f 20 74 68 65 20  ounts up to the 
02b0: 63 6f 6e 74 72 61 72 79 2e 29 0d 0a 0d 0a 49 74  contrary.)....It
02c0: 20 64 6f 63 75 6d 65 6e 74 73 20 77 68 61 74 20   documents what 
02d0: 77 6f 72 6b 65 64 20 66 6f 72 20 6d 65 2e 0d 0a  worked for me...
02e0: 0d 0a 0d 0a 23 23 20 3c 61 20 69 64 3d 22 76 6d  ....## <a id="vm
02f0: 73 22 3e 3c 2f 61 3e 54 68 65 20 56 61 6c 75 65  s"></a>The Value
0300: 20 6f 66 20 56 4d 73 0d 0a 0d 0a 4e 65 74 49 6e   of VMs....NetIn
0310: 73 74 61 6c 6c 20 6e 65 65 64 73 20 74 6f 20 66  stall needs to f
0320: 6f 72 63 65 20 49 2f 4f 20 74 68 72 6f 75 67 68  orce I/O through
0330: 20 61 20 73 69 6e 67 6c 65 20 6e 65 74 77 6f 72   a single networ
0340: 6b 20 70 61 74 68 20 75 6e 64 65 72 20 61 6c 6c  k path under all
0350: 20 63 6f 6e 64 69 74 69 6f 6e 73 20 69 6e 20 6f   conditions in o
0360: 72 64 65 72 20 74 6f 20 64 6f 20 77 68 61 74 20  rder to do what 
0370: 69 74 20 64 6f 65 73 2e 20 54 68 69 73 20 6d 69  it does. This mi
0380: 67 68 74 20 73 65 65 6d 20 6c 69 6b 65 20 61 6e  ght seem like an
0390: 20 65 61 73 79 20 74 68 69 6e 67 20 74 6f 20 61   easy thing to a
03a0: 63 63 6f 6d 70 6c 69 73 68 2c 20 62 75 74 20 74  ccomplish, but t
03b0: 68 65 6e 20 72 65 61 6c 69 7a 65 20 74 68 61 74  hen realize that
03c0: 20 4e 65 74 49 6e 73 74 61 6c 6c 20 6f 70 65 72   NetInstall oper
03d0: 61 74 65 73 20 61 74 20 61 20 76 65 72 79 20 6c  ates at a very l
03e0: 6f 77 20 6c 65 76 65 6c 2c 20 61 6e 64 20 74 68  ow level, and th
03f0: 65 72 65 20 61 72 65 20 6d 75 6c 74 69 70 6c 65  ere are multiple
0400: 20 73 74 61 67 65 73 20 74 6f 20 74 68 65 20 63   stages to the c
0410: 6f 6e 76 65 72 73 61 74 69 6f 6e 2c 20 65 61 63  onversation, eac
0420: 68 20 6f 66 20 77 68 69 63 68 20 6d 61 79 20 68  h of which may h
0430: 61 76 65 20 64 69 66 66 65 72 65 6e 74 20 72 75  ave different ru
0440: 6c 65 73 20 61 70 70 6c 69 65 64 20 62 79 20 74  les applied by t
0450: 68 65 20 4f 53 e2 80 99 73 20 6e 65 74 77 6f 72  he OS’s networ
0460: 6b 20 73 74 61 63 6b 2e 0d 0a 0d 0a 4f 6e 63 65  k stack.....Once
0470: 20 75 70 6f 6e 20 61 20 74 69 6d 65 2c 20 61 20   upon a time, a 
0480: 74 79 70 69 63 61 6c 20 63 6f 6d 70 75 74 65 72  typical computer
0490: 20 77 6f 75 6c 64 20 68 61 76 65 20 6f 6e 6c 79   would have only
04a0: 20 6f 6e 65 20 e2 80 9c 72 65 61 6c e2 80 9d 20   one “real” 
04b0: 6e 65 74 77 6f 72 6b 20 69 6e 74 65 72 66 61 63  network interfac
04c0: 65 20 70 6c 75 73 20 74 68 65 20 6c 6f 6f 70 62  e plus the loopb
04d0: 61 63 6b 20 69 6e 74 65 72 66 61 63 65 2c 20 67  ack interface, g
04e0: 69 76 69 6e 67 20 74 68 65 20 4f 53 20 72 75 6e  iving the OS run
04f0: 6e 69 6e 67 20 4e 65 74 49 6e 73 74 61 6c 6c 20  ning NetInstall 
0500: 6f 6e 6c 79 20 6f 6e 65 20 6c 6f 67 69 63 61 6c  only one logical
0510: 20 63 68 6f 69 63 65 20 66 6f 72 20 61 6c 6c 20   choice for all 
0520: 6f 75 74 62 6f 75 6e 64 20 49 2f 4f 2c 20 62 75  outbound I/O, bu
0530: 74 20 6d 6f 64 65 72 6e 20 73 79 73 74 65 6d 73  t modern systems
0540: 20 61 72 65 20 66 61 72 20 6d 6f 72 65 20 63 6f   are far more co
0550: 6d 70 6c 69 63 61 74 65 64 2e 20 54 68 65 20 6f  mplicated. The o
0560: 6e 65 20 49 e2 80 99 6d 20 74 79 70 69 6e 67 20  ne I’m typing 
0570: 74 68 69 73 20 6f 6e 20 68 61 73 20 2a 74 77 65  this on has *twe
0580: 6e 74 79 2d 66 69 76 65 2a 20 6e 65 74 77 6f 72  nty-five* networ
0590: 6b 20 69 6e 74 65 72 66 61 63 65 73 20 64 65 66  k interfaces def
05a0: 69 6e 65 64 2e 20 57 68 69 6c 65 20 6d 6f 73 74  ined. While most
05b0: 20 6f 66 20 74 68 65 6d 20 61 72 65 20 76 69 72   of them are vir
05c0: 74 75 61 6c 69 7a 65 64 20 69 6e 74 65 72 66 61  tualized interfa
05d0: 63 65 73 20 6f 66 20 73 6f 6d 65 20 74 79 70 65  ces of some type
05e0: 2c 28 5e 53 6f 66 74 77 61 72 65 20 62 72 69 64  ,(^Software brid
05f0: 67 65 73 2c 20 74 75 6e 6e 65 6c 73 2c 20 70 68  ges, tunnels, ph
0600: 6f 6e 79 20 56 4d 20 4e 49 43 73 2c 20 65 74 63  ony VM NICs, etc
0610: 2e 29 20 65 61 63 68 20 6f 6e 65 20 69 73 20 63  .) each one is c
0620: 61 70 61 62 6c 65 20 6f 66 20 63 68 61 6e 67 69  apable of changi
0630: 6e 67 20 74 68 65 20 68 6f 73 74 20 4f 53 e2 80  ng the host OS
0640: 99 73 20 72 6f 75 74 69 6e 67 20 74 61 62 6c 65  s routing table
0650: 2c 20 61 66 66 65 63 74 69 6e 67 20 70 61 63 6b  , affecting pack
0660: 65 74 20 66 6c 6f 77 2e 20 49 66 20 79 6f 75 20  et flow. If you 
0670: 74 68 69 6e 6b 20 79 6f 75 20 6b 6e 6f 77 20 61  think you know a
0680: 6c 6c 20 74 68 65 20 72 6f 75 74 69 6e 67 20 72  ll the routing r
0690: 75 6c 65 73 20 6f 6e 20 73 75 63 68 20 61 20 73  ules on such a s
06a0: 79 73 74 65 6d 20 77 69 74 68 6f 75 74 20 63 61  ystem without ca
06b0: 72 65 66 75 6c 20 69 6e 73 70 65 63 74 69 6f 6e  reful inspection
06c0: 20 61 6e 64 20 74 65 73 74 69 6e 67 2c 20 79 6f   and testing, yo
06d0: 75 e2 80 99 72 65 20 70 72 6f 62 61 62 6c 79 20  u’re probably 
06e0: 77 72 6f 6e 67 2e 0d 0a 0d 0a 56 4d 73 20 67 69  wrong.....VMs gi
06f0: 76 65 20 75 73 20 61 20 77 61 79 20 74 6f 20 72  ve us a way to r
0700: 65 74 75 72 6e 20 74 6f 20 74 68 6f 73 65 20 67  eturn to those g
0710: 6f 6f 64 20 6f 6c 64 20 64 61 79 73 20 77 69 74  ood old days wit
0720: 68 6f 75 74 20 61 66 66 65 63 74 69 6e 67 20 74  hout affecting t
0730: 68 65 20 68 6f 73 74 20 73 79 73 74 65 6d 3a 20  he host system: 
0740: 63 6f 6e 66 69 67 75 72 65 20 74 68 69 73 20 4e  configure this N
0750: 65 74 49 6e 73 74 61 6c 6c 20 56 4d 20 77 69 74  etInstall VM wit
0760: 68 20 61 20 73 69 6e 67 6c 65 20 76 69 72 74 75  h a single virtu
0770: 61 6c 20 6e 65 74 77 6f 72 6b 20 69 6e 74 65 72  al network inter
0780: 66 61 63 65 2c 20 74 68 65 6e 20 62 72 69 64 67  face, then bridg
0790: 65 20 74 68 61 74 20 74 6f 20 61 20 73 70 65 63  e that to a spec
07a0: 69 66 69 63 20 68 61 72 64 77 61 72 65 20 69 6e  ific hardware in
07b0: 74 65 72 66 61 63 65 20 6f 75 74 20 6f 6e 20 74  terface out on t
07c0: 68 65 20 68 6f 73 74 2e 0d 0a 0d 0a 54 68 69 73  he host.....This
07d0: 20 72 65 63 6f 6d 6d 65 6e 64 61 74 69 6f 6e 20   recommendation 
07e0: 68 6f 6c 64 73 20 65 76 65 6e 20 66 6f 72 20 74  holds even for t
07f0: 68 6f 73 65 20 72 75 6e 6e 69 6e 67 20 4c 69 6e  hose running Lin
0800: 75 78 20 6e 61 74 69 76 65 6c 79 20 6f 6e 20 74  ux natively on t
0810: 68 65 20 68 6f 73 74 20 73 79 73 74 65 6d 2e 20  he host system. 
0820: 57 68 69 6c 65 20 79 6f 75 20 5f 63 61 6e 5f 20  While you _can_ 
0830: 72 75 6e 20 60 6e 65 74 69 6e 73 74 61 6c 6c 2d  run `netinstall-
0840: 63 6c 69 60 20 64 69 72 65 63 74 6c 79 20 69 6e  cli` directly in
0850: 20 74 68 61 74 20 63 61 73 65 2c 20 73 65 74 74   that case, sett
0860: 69 6e 67 20 61 20 73 75 62 6f 72 64 69 6e 61 74  ing a subordinat
0870: 65 20 56 4d 20 75 70 20 66 6f 72 20 74 68 65 20  e VM up for the 
0880: 73 6f 6c 65 20 70 75 72 70 6f 73 65 20 6f 66 20  sole purpose of 
0890: 66 6f 72 63 69 6e 67 20 74 72 61 66 66 69 63 20  forcing traffic 
08a0: 64 6f 77 6e 20 61 20 73 69 6e 67 6c 65 20 70 61  down a single pa
08b0: 74 68 20 69 73 20 65 61 73 69 65 72 20 74 68 61  th is easier tha
08c0: 6e 20 74 72 79 69 6e 67 20 74 6f 20 77 6f 72 6b  n trying to work
08d0: 20 6f 75 74 20 77 68 79 20 4e 65 74 49 6e 73 74   out why NetInst
08e0: 61 6c 6c 20 69 73 20 66 61 69 6c 69 6e 67 20 61  all is failing a
08f0: 74 6f 70 20 74 68 65 20 68 6f 73 74 20 4f 53 2e  top the host OS.
0900: 20 4c 69 6b 65 20 61 73 20 6e 6f 74 2c 20 74 68   Like as not, th
0910: 65 20 73 6f 6c 75 74 69 6f 6e 20 77 69 6c 6c 20  e solution will 
0920: 69 6e 76 6f 6c 76 65 20 72 65 63 6f 6e 66 69 67  involve reconfig
0930: 75 72 69 6e 67 20 74 68 65 20 68 6f 73 74 20 74  uring the host t
0940: 6f 20 70 6c 61 63 61 74 65 20 4e 65 74 49 6e 73  o placate NetIns
0950: 74 61 6c 6c 2c 20 74 68 65 6e 20 72 65 76 65 72  tall, then rever
0960: 74 69 6e 67 20 74 68 6f 73 65 20 63 68 61 6e 67  ting those chang
0970: 65 73 20 77 68 65 6e 20 79 6f 75 e2 80 99 72 65  es when you’re
0980: 20 64 6f 6e 65 20 77 69 74 68 20 4e 65 74 49 6e   done with NetIn
0990: 73 74 61 6c 6c 20 69 6e 20 6f 72 64 65 72 20 74  stall in order t
09a0: 6f 20 67 65 74 20 6f 6e 20 77 69 74 68 20 77 68  o get on with wh
09b0: 61 74 20 79 6f 75 20 77 65 72 65 20 64 6f 69 6e  at you were doin
09c0: 67 20 62 65 66 6f 72 65 2e 20 49 66 20 79 6f 75  g before. If you
09d0: 20 69 6e 73 74 65 61 64 20 61 62 73 74 72 61 63   instead abstrac
09e0: 74 20 74 68 65 20 70 72 6f 62 6c 65 6d 20 61 77  t the problem aw
09f0: 61 79 20 77 69 74 68 20 61 20 56 4d 20 6c 69 6b  ay with a VM lik
0a00: 65 20 74 68 69 73 2c 20 74 68 65 20 63 6f 6e 66  e this, the conf
0a10: 69 67 75 72 61 74 69 6f 6e 20 69 73 20 69 73 6f  iguration is iso
0a20: 6c 61 74 65 64 20 74 6f 20 74 68 61 74 20 6f 6e  lated to that on
0a30: 65 20 56 4d 2c 20 72 65 71 75 69 72 69 6e 67 20  e VM, requiring 
0a40: 6e 6f 20 63 68 61 6e 67 65 73 20 74 6f 20 74 68  no changes to th
0a50: 65 20 68 6f 73 74 20 4f 53 e2 80 99 73 20 63 6f  e host OS’s co
0a60: 6e 66 69 67 75 72 61 74 69 6f 6e 2e 0d 0a 0d 0a  nfiguration.....
0a70: 41 6c 74 68 6f 75 67 68 20 49 20 68 61 70 70 65  Although I happe
0a80: 6e 65 64 20 74 6f 20 70 72 6f 76 65 20 74 68 69  ned to prove thi
0a90: 73 20 73 65 74 75 70 20 6f 75 74 20 77 69 74 68  s setup out with
0aa0: 20 61 20 43 65 6e 74 4f 53 20 53 74 72 65 61 6d   a CentOS Stream
0ab0: 20 39 20 56 4d 20 72 75 6e 6e 69 6e 67 20 69 6e   9 VM running in
0ac0: 73 69 64 65 20 74 68 65 20 6c 61 74 65 73 74 20  side the latest 
0ad0: 76 65 72 73 69 6f 6e 20 6f 66 20 74 68 65 20 50  version of the P
0ae0: 61 72 61 6c 6c 65 6c 73 20 76 69 72 74 75 61 6c  arallels virtual
0af0: 20 6d 61 63 68 69 6e 65 20 6d 61 6e 61 67 65 72   machine manager
0b00: 20 61 74 6f 70 20 74 68 65 20 6c 61 74 65 73 74   atop the latest
0b10: 20 76 65 72 73 69 6f 6e 20 6f 66 20 6d 61 63 4f   version of macO
0b20: 53 2c 20 49 20 64 6f 6e e2 80 99 74 20 62 65 6c  S, I don’t bel
0b30: 69 65 76 65 20 61 6e 79 20 6f 66 20 74 68 65 73  ieve any of thes
0b40: 65 20 64 65 74 61 69 6c 73 20 74 6f 20 62 65 20  e details to be 
0b50: 63 72 69 74 69 63 61 6c 2e 20 59 6f 75 20 73 68  critical. You sh
0b60: 6f 75 6c 64 20 62 65 20 61 62 6c 65 20 74 6f 20  ould be able to 
0b70: 64 6f 20 74 68 65 20 73 61 6d 65 20 74 68 69 6e  do the same thin
0b80: 67 20 61 74 6f 70 20 57 69 6e 64 6f 77 73 20 77  g atop Windows w
0b90: 69 74 68 20 48 79 70 65 72 2d 56 20 72 75 6e 6e  ith Hyper-V runn
0ba0: 69 6e 67 20 44 65 62 69 61 6e 2c 20 6f 72 20 61  ing Debian, or a
0bb0: 74 6f 70 20 41 72 63 68 20 4c 69 6e 75 78 20 77  top Arch Linux w
0bc0: 69 74 68 20 4b 56 4d 20 72 75 6e 6e 69 6e 67 20  ith KVM running 
0bd0: 55 62 75 6e 74 75 2c 20 6f 72 20 77 68 61 74 65  Ubuntu, or whate
0be0: 76 65 72 2e 0d 0a 0d 0a 54 68 65 20 6f 6e 6c 79  ver.....The only
0bf0: 20 6b 65 79 20 63 6f 6e 66 69 67 75 72 61 74 69   key configurati
0c00: 6f 6e 20 63 68 6f 69 63 65 20 69 73 20 2a 62 72  on choice is *br
0c10: 69 64 67 69 6e 67 2a 20 74 68 65 20 76 69 72 74  idging* the virt
0c20: 75 61 6c 20 6e 65 74 77 6f 72 6b 20 61 64 61 70  ual network adap
0c30: 74 65 72 20 74 6f 20 74 68 65 20 6f 6e 65 2d 61  ter to the one-a
0c40: 6e 64 2d 6f 6e 6c 79 20 68 6f 73 74 2d 73 69 64  nd-only host-sid
0c50: 65 20 45 74 68 65 72 6e 65 74 20 61 64 61 70 74  e Ethernet adapt
0c60: 65 72 20 74 68 61 74 20 60 6e 65 74 69 6e 73 74  er that `netinst
0c70: 61 6c 6c 2d 63 6c 69 60 20 77 69 6c 6c 20 63 6f  all-cli` will co
0c80: 6d 6d 75 6e 69 63 61 74 65 20 6f 76 65 72 2e 28  mmunicate over.(
0c90: 5e 49 6e 20 50 61 72 61 6c 6c 65 6c 73 2c 20 79  ^In Parallels, y
0ca0: 6f 75 20 64 6f 20 74 68 61 74 20 76 69 61 20 74  ou do that via t
0cb0: 68 65 20 44 65 76 69 63 65 73 20 e2 86 92 20 4e  he Devices → N
0cc0: 65 74 77 6f 72 6b 20 e2 86 92 20 42 72 69 64 67  etwork → Bridg
0cd0: 65 64 20 4e 65 74 77 6f 72 6b 20 e2 86 92 20 45  ed Network → E
0ce0: 74 68 65 72 6e 65 74 20 6d 65 6e 75 20 63 68 6f  thernet menu cho
0cf0: 69 63 65 2e 20 4f 74 68 65 72 20 73 75 69 74 61  ice. Other suita
0d00: 62 6c 79 20 70 6f 77 65 72 66 75 6c 20 68 79 70  bly powerful hyp
0d10: 65 72 76 69 73 6f 72 73 20 e2 80 94 20 69 6e 63  ervisors — inc
0d20: 6c 75 64 69 6e 67 20 56 4d 57 61 72 65 20 61 6e  luding VMWare an
0d30: 64 20 56 69 72 74 75 61 6c 42 6f 78 20 e2 80 94  d VirtualBox —
0d40: 20 63 61 6e 20 64 6f 20 74 68 65 20 73 61 6d 65   can do the same
0d50: 20 76 69 61 20 64 69 66 66 65 72 65 6e 74 20 63   via different c
0d60: 6f 6d 6d 61 6e 64 20 70 61 74 68 73 2e 20 49 20  ommand paths. I 
0d70: 2a 73 75 73 70 65 63 74 2a 20 48 79 70 65 72 2d  *suspect* Hyper-
0d80: 56 20 69 73 20 61 6d 6f 6e 67 20 74 68 61 74 20  V is among that 
0d90: 67 72 6f 75 70 2c 20 62 75 74 20 49 e2 80 99 76  group, but I’v
0da0: 65 20 68 61 64 20 64 69 66 66 69 63 75 6c 74 69  e had difficulti
0db0: 65 73 20 69 6e 20 74 68 65 20 70 61 73 74 20 77  es in the past w
0dc0: 69 74 68 20 69 74 73 20 62 72 69 64 67 65 64 20  ith its bridged 
0dd0: 6e 65 74 77 6f 72 6b 69 6e 67 20 63 61 70 61 62  networking capab
0de0: 69 6c 69 74 69 65 73 2e 29 20 53 75 63 63 65 73  ilities.) Succes
0df0: 73 20 6c 69 65 73 20 69 6e 20 61 76 6f 69 64 69  s lies in avoidi
0e00: 6e 67 20 63 6c 65 76 65 72 6e 65 73 73 20 6c 69  ng cleverness li
0e10: 6b 65 20 4e 41 54 2c 20 e2 80 9c 73 68 61 72 65  ke NAT, “share
0e20: 64 e2 80 9d 20 6e 65 74 77 6f 72 6b 69 6e 67 2c  d” networking,
0e30: 20 61 75 74 6f 6d 61 74 69 63 20 73 77 69 74 63   automatic switc
0e40: 68 69 6e 67 20 62 65 74 77 65 65 6e 20 45 74 68  hing between Eth
0e50: 65 72 6e 65 74 20 61 6e 64 20 57 69 46 69 2c 20  ernet and WiFi, 
0e60: 65 74 63 2e 0d 0a 0d 0a 0d 0a 23 23 20 3c 61 20  etc.......## <a 
0e70: 69 64 3d 22 72 6f 75 74 65 72 22 3e 3c 2f 61 3e  id="router"></a>
0e80: 52 6f 75 74 65 72 20 43 6f 6e 66 69 67 75 72 61  Router Configura
0e90: 74 69 6f 6e 0d 0a 0d 0a 4f 6e 6c 79 20 6f 6e 65  tion....Only one
0ea0: 20 45 74 68 65 72 6e 65 74 20 70 6f 72 74 20 6f   Ethernet port o
0eb0: 6e 20 79 6f 75 72 20 72 6f 75 74 65 72 20 77 69  n your router wi
0ec0: 6c 6c 20 70 61 72 74 69 63 69 70 61 74 65 20 69  ll participate i
0ed0: 6e 20 61 6e 20 45 74 68 65 72 42 6f 6f 74 20 63  n an EtherBoot c
0ee0: 6f 6e 76 65 72 73 61 74 69 6f 6e 2e 20 49 74 20  onversation. It 
0ef0: 6d 69 67 68 74 20 62 65 20 6d 61 72 6b 65 64 20  might be marked 
0f00: e2 80 9c 42 4f 4f 54 2c e2 80 9d 20 62 75 74 20  “BOOT,” but 
0f10: 69 66 20 6e 6f 74 2c 20 69 74 e2 80 99 73 20 67  if not, it’s g
0f20: 65 6e 65 72 61 6c 6c 79 20 74 68 65 20 6f 6e 65  enerally the one
0f30: 20 74 68 61 74 20 63 6f 6d 65 73 20 75 70 20 61   that comes up a
0f40: 73 20 e2 80 9c 65 74 68 65 72 31 e2 80 9d 20 69  s “ether1” i
0f50: 6e 20 74 68 65 20 64 65 66 61 75 6c 74 20 63 6f  n the default co
0f60: 6e 66 69 67 75 72 61 74 69 6f 6e 2e 20 4e 65 74  nfiguration. Net
0f70: 49 6e 73 74 61 6c 6c 20 77 69 6c 6c 20 67 65 74  Install will get
0f80: 20 73 74 75 63 6b 20 69 6e 20 74 68 65 20 e2 80   stuck in the 
0f90: 9c 60 57 61 69 74 69 6e 67 20 66 6f 72 20 52 6f  `Waiting for Ro
0fa0: 75 74 65 72 42 4f 41 52 44 2e 2e 2e 60 e2 80 9d  uterBOARD...`”
0fb0: 20 73 74 65 70 20 69 66 20 79 6f 75 20 68 61 76   step if you hav
0fc0: 65 20 74 68 65 20 45 74 68 65 72 6e 65 74 20 63  e the Ethernet c
0fd0: 61 62 6c 65 20 70 6c 75 67 67 65 64 20 69 6e 74  able plugged int
0fe0: 6f 20 74 68 65 20 77 72 6f 6e 67 20 70 6f 72 74  o the wrong port
0ff0: 2e 0d 0a 0d 0a 0d 0a 23 23 20 3c 61 20 69 64 3d  .......## <a id=
1000: 22 73 65 72 76 65 72 22 3e 3c 2f 61 3e 53 65 72  "server"></a>Ser
1010: 76 65 72 20 43 6f 6e 66 69 67 75 72 61 74 69 6f  ver Configuratio
1020: 6e 0d 0a 0d 0a 54 68 65 20 6b 65 79 20 73 65 72  n....The key ser
1030: 76 65 72 2d 73 69 64 65 20 63 68 61 6e 67 65 20  ver-side change 
1040: 69 73 20 74 68 61 74 20 6d 61 6e 79 20 4c 69 6e  is that many Lin
1050: 75 78 20 4f 53 65 73 20 73 68 69 70 20 77 69 74  ux OSes ship wit
1060: 68 20 61 20 66 69 72 65 77 61 6c 6c 20 65 6e 61  h a firewall ena
1070: 62 6c 65 64 20 77 68 69 63 68 20 77 69 6c 6c 20  bled which will 
1080: 62 6c 6f 63 6b 20 74 68 65 20 70 6f 72 74 73 20  block the ports 
1090: 60 6e 65 74 69 6e 73 74 61 6c 6c 2d 63 6c 69 60  `netinstall-cli`
10a0: 20 6e 65 65 64 73 20 77 68 65 6e 20 63 6f 6d 6d   needs when comm
10b0: 75 6e 69 63 61 74 69 6e 67 20 77 69 74 68 20 74  unicating with t
10c0: 68 65 20 72 6f 75 74 65 72 2e 20 54 68 65 20 74  he router. The t
10d0: 72 69 63 6b 79 20 62 69 74 20 69 73 2c 20 74 68  ricky bit is, th
10e0: 65 20 6d 69 6e 69 6d 75 6d 20 73 65 74 20 6f 66  e minimum set of
10f0: 20 70 6f 72 74 73 20 69 73 6e e2 80 99 74 20 64   ports isn’t d
1100: 6f 63 75 6d 65 6e 74 65 64 20 61 6e 79 77 68 65  ocumented anywhe
1110: 72 65 2c 20 74 68 61 74 20 49 20 63 61 6e 20 73  re, that I can s
1120: 65 65 2e 20 52 65 64 20 48 61 74 74 69 73 68 20  ee. Red Hattish 
1130: 4f 53 65 73 28 5e 52 48 45 4c 2c 20 43 65 6e 74  OSes(^RHEL, Cent
1140: 4f 53 2c 20 41 6c 6d 61 4c 69 6e 75 78 2c 20 52  OS, AlmaLinux, R
1150: 6f 63 6b 79 20 4c 69 6e 75 78 2c 20 4f 72 61 63  ocky Linux, Orac
1160: 6c 65 20 4c 69 6e 75 78 2c 20 46 65 64 6f 72 61  le Linux, Fedora
1170: e2 80 a6 29 20 75 73 65 20 5b 60 66 69 72 65 77  …) use [`firew
1180: 61 6c 6c 64 60 5d 28 68 74 74 70 73 3a 2f 2f 66  alld`](https://f
1190: 69 72 65 77 61 6c 6c 64 2e 6f 72 67 2f 29 20 74  irewalld.org/) t
11a0: 68 65 73 65 20 64 61 79 73 2c 20 77 68 65 72 65  hese days, where
11b0: 20 74 68 65 20 63 6f 6d 6d 61 6e 64 73 20 74 6f   the commands to
11c0: 20 75 6e 62 6c 6f 63 6b 20 74 68 65 20 72 65 71   unblock the req
11d0: 75 69 72 65 64 20 70 6f 72 74 73 20 61 72 65 3a  uired ports are:
11e0: 0d 0a 0d 0a 60 60 60 20 73 68 65 6c 6c 0d 0a 73  ....``` shell..s
11f0: 75 64 6f 20 66 69 72 65 77 61 6c 6c 2d 63 6d 64  udo firewall-cmd
1200: 20 2d 2d 61 64 64 2d 70 6f 72 74 20 62 6f 6f 74   --add-port boot
1210: 70 73 2f 75 64 70 0d 0a 73 75 64 6f 20 66 69 72  ps/udp..sudo fir
1220: 65 77 61 6c 6c 2d 63 6d 64 20 2d 2d 61 64 64 2d  ewall-cmd --add-
1230: 70 6f 72 74 20 74 66 74 70 2f 75 64 70 0d 0a 73  port tftp/udp..s
1240: 75 64 6f 20 66 69 72 65 77 61 6c 6c 2d 63 6d 64  udo firewall-cmd
1250: 20 2d 2d 61 64 64 2d 70 6f 72 74 20 35 30 30 30   --add-port 5000
1260: 2f 75 64 70 0d 0a 60 60 60 0d 0a 0d 0a 4f 74 68  /udp..```....Oth
1270: 65 72 20 4c 69 6e 75 78 65 73 20 75 73 65 20 6f  er Linuxes use o
1280: 74 68 65 72 20 66 69 72 65 77 61 6c 6c 20 73 79  ther firewall sy
1290: 73 74 65 6d 73 2e 20 53 6f 6d 65 20 73 74 69 6c  stems. Some stil
12a0: 6c 20 75 73 65 20 72 61 77 20 60 69 70 74 61 62  l use raw `iptab
12b0: 6c 65 73 60 20 6f 72 20 60 6e 66 74 60 20 63 6f  les` or `nft` co
12c0: 6d 6d 61 6e 64 73 2c 20 60 75 66 77 60 20 69 73  mmands, `ufw` is
12d0: 20 70 6f 70 75 6c 61 72 20 6f 6e 20 55 62 75 6e   popular on Ubun
12e0: 74 75 2c 20 65 74 63 2e 0d 0a 0d 0a 54 68 65 20  tu, etc.....The 
12f0: 66 69 72 73 74 20 74 77 6f 20 72 65 71 75 69 72  first two requir
1300: 65 64 20 70 6f 72 74 73 20 61 72 65 6e e2 80 99  ed ports aren’
1310: 74 20 6d 75 63 68 20 6f 66 20 61 20 73 75 72 70  t much of a surp
1320: 72 69 73 65 20 67 69 76 65 6e 20 74 68 65 20 6d  rise given the m
1330: 65 6e 74 69 6f 6e 20 6f 66 20 e2 80 9c 42 4f 4f  ention of “BOO
1340: 54 50 e2 80 9d 20 69 6e 20 74 68 65 20 6f 66 66  TP” in the off
1350: 69 63 69 61 6c 20 64 6f 63 73 2c 20 62 75 74 20  icial docs, but 
1360: 49 20 68 61 64 20 74 6f 20 64 6f 20 61 20 70 61  I had to do a pa
1370: 63 6b 65 74 20 63 61 70 74 75 72 65 20 74 6f 20  cket capture to 
1380: 77 6f 72 6b 20 6f 75 74 20 74 68 61 74 20 74 68  work out that th
1390: 65 20 6c 61 73 74 20 6f 6e 65 20 77 61 73 20 72  e last one was r
13a0: 65 71 75 69 72 65 64 2e 20 57 69 74 68 6f 75 74  equired. Without
13b0: 20 69 74 2c 20 79 6f 75 e2 80 99 6c 6c 20 67 65   it, you’ll ge
13c0: 74 20 73 74 75 63 6b 20 61 74 20 74 68 65 20 e2  t stuck at the 
13d0: 80 9c 60 73 65 6e 64 46 69 6c 65 60 e2 80 9d 20  `sendFile`” 
13e0: 73 74 65 70 2e 28 5e 41 6e 6f 74 68 65 72 20 63  step.(^Another c
13f0: 61 75 73 65 20 6f 66 20 74 68 65 20 22 73 74 75  ause of the "stu
1400: 63 6b 20 69 6e 20 60 73 65 6e 64 46 69 6c 65 60  ck in `sendFile`
1410: 20 73 79 6d 70 74 6f 6d 20 69 73 20 61 74 74 65   symptom is atte
1420: 6d 70 74 69 6e 67 20 74 6f 20 73 65 6e 64 20 70  mpting to send p
1430: 61 63 6b 61 67 65 73 20 6f 66 20 74 68 65 20 77  ackages of the w
1440: 72 6f 6e 67 20 61 72 63 68 69 74 65 63 74 75 72  rong architectur
1450: 65 2c 20 73 75 63 68 20 61 73 20 41 4d 44 36 34  e, such as AMD64
1460: 20 74 6f 20 61 20 33 32 2d 62 69 74 20 41 52 4d   to a 32-bit ARM
1470: 20 62 6f 78 20 6f 72 20 76 69 63 65 20 76 65 72   box or vice ver
1480: 73 61 2e 20 49 66 20 74 68 65 20 70 72 6f 64 75  sa. If the produ
1490: 63 74 20 73 70 65 63 73 20 6d 65 72 65 6c 79 20  ct specs merely 
14a0: 73 61 79 20 22 41 52 4d 22 20 69 74 20 6d 65 61  say "ARM" it mea
14b0: 6e 73 20 33 32 2d 62 69 74 2e 29 0d 0a 0d 0a 4e  ns 32-bit.)....N
14c0: 6f 77 20 79 6f 75 20 63 61 6e 20 73 74 61 72 74  ow you can start
14d0: 20 74 68 65 20 73 65 72 76 65 72 3a 0d 0a 0d 0a   the server:....
14e0: 60 60 60 20 73 68 65 6c 6c 0d 0a 73 75 64 6f 20  ``` shell..sudo 
14f0: 6e 65 74 69 6e 73 74 61 6c 6c 2d 63 6c 69 20 5c  netinstall-cli \
1500: 0d 0a 20 20 20 20 2d 69 20 65 6e 70 30 73 35 20  ..    -i enp0s5 
1510: 5c 0d 0a 20 20 20 20 2d 72 20 2d 73 20 72 65 73  \..    -r -s res
1520: 65 74 2e 73 63 72 20 5c 0d 0a 20 20 20 20 72 6f  et.scr \..    ro
1530: 75 74 65 72 6f 73 2d 37 2e 39 2d 61 72 6d 2e 6e  uteros-7.9-arm.n
1540: 70 6b 20 5c 0d 0a 20 20 20 20 77 69 66 69 77 61  pk \..    wifiwa
1550: 76 65 32 2d 37 2e 39 2d 61 72 6d 2e 6e 70 6b 20  ve2-7.9-arm.npk 
1560: 5c 0d 0a 20 20 20 20 63 6f 6e 74 61 69 6e 65 72  \..    container
1570: 2d 37 2e 39 2d 61 72 6d 2e 6e 70 6b 0d 0a 60 60  -7.9-arm.npk..``
1580: 60 0d 0a 0d 0a 54 68 65 20 60 65 6e 70 30 73 35  `....The `enp0s5
1590: 60 20 76 61 6c 75 65 20 77 69 6c 6c 20 76 61 72  ` value will var
15a0: 79 20 62 79 20 4f 53 20 61 6e 64 20 76 69 72 74  y by OS and virt
15b0: 75 61 6c 20 68 61 72 64 77 61 72 65 20 63 6f 6e  ual hardware con
15c0: 66 69 67 75 72 61 74 69 6f 6e 2e 20 4f 6e 20 6d  figuration. On m
15d0: 6f 64 65 72 6e 20 4c 69 6e 75 78 65 73 2c 20 73  odern Linuxes, s
15e0: 61 79 20 e2 80 9c 60 69 70 20 6c 69 6e 6b 60 e2  ay “`ip link`
15f0: 80 9d 20 74 6f 20 67 65 74 20 61 20 6c 69 73 74   to get a list
1600: 20 6f 66 20 70 6f 73 73 69 62 6c 65 20 6e 61 6d   of possible nam
1610: 65 73 2e 20 46 6f 72 20 61 20 56 4d 2c 20 74 68  es. For a VM, th
1620: 65 72 65 20 61 72 65 20 6c 69 6b 65 6c 79 20 6f  ere are likely o
1630: 6e 6c 79 20 74 77 6f 3b 20 70 69 63 6b 20 74 68  nly two; pick th
1640: 65 20 6f 6e 65 20 74 68 61 74 20 2a 69 73 6e e2  e one that *isn
1650: 80 99 74 2a 20 74 68 65 20 60 6c 6f 60 20 69 6e  t* the `lo` in
1660: 74 65 72 66 61 63 65 2e 0d 0a 0d 0a 52 65 73 65  terface.....Rese
1670: 74 74 69 6e 67 20 74 68 65 20 63 6f 6e 66 69 67  tting the config
1680: 75 72 61 74 69 6f 6e 20 69 73 20 6f 70 74 69 6f  uration is optio
1690: 6e 61 6c 2c 20 61 6e 64 20 79 6f 75 20 63 61 6e  nal, and you can
16a0: 20 63 68 6f 6f 73 65 20 74 6f 20 61 63 63 65 70   choose to accep
16b0: 74 20 74 68 65 20 64 65 66 61 75 6c 74 20 63 6f  t the default co
16c0: 6e 66 69 67 20 69 6e 73 74 65 61 64 20 6f 66 20  nfig instead of 
16d0: 77 68 61 74 20 49 e2 80 99 76 65 20 64 6f 6e 65  what I’ve done
16e0: 20 68 65 72 65 2c 20 62 75 74 20 49 20 77 61 6e   here, but I wan
16f0: 74 65 64 20 74 6f 20 73 68 6f 77 20 74 68 65 20  ted to show the 
1700: 6f 70 74 69 6f 6e 2e 20 54 68 65 20 72 65 66 65  option. The refe
1710: 72 65 6e 63 65 64 20 60 72 65 73 65 74 2e 73 63  renced `reset.sc
1720: 72 60 20 66 69 6c 65 20 69 73 20 67 69 76 65 6e  r` file is given
1730: 20 5b 62 65 6c 6f 77 5d 28 23 73 63 72 69 70 74   [below](#script
1740: 29 2e 0d 0a 0d 0a 46 6f 72 20 72 6f 75 74 65 72  ).....For router
1750: 73 20 77 69 74 68 20 77 69 72 65 64 20 69 6e 74  s with wired int
1760: 65 72 66 61 63 65 73 20 6f 6e 6c 79 2c 20 74 68  erfaces only, th
1770: 65 20 62 61 73 65 20 60 72 6f 75 74 65 72 6f 73  e base `routeros
1780: 2d 2a 2e 6e 70 6b 60 20 70 61 63 6b 61 67 65 20  -*.npk` package 
1790: 69 73 20 61 6c 6c 20 79 6f 75 20 72 65 71 75 69  is all you requi
17a0: 72 65 2c 20 62 75 74 20 66 6f 72 20 57 69 46 69  re, but for WiFi
17b0: 20 62 61 73 65 64 20 72 6f 75 74 65 72 73 2c 20   based routers, 
17c0: 69 66 20 79 6f 75 20 66 61 69 6c 20 74 6f 20 61  if you fail to a
17d0: 74 20 6c 65 61 73 74 20 69 6e 63 6c 75 64 65 20  t least include 
17e0: 74 68 65 20 61 70 70 72 6f 70 72 69 61 74 65 20  the appropriate 
17f0: 77 69 72 65 6c 65 73 73 20 70 61 63 6b 61 67 65  wireless package
1800: 2c 20 74 68 65 20 64 65 66 61 75 6c 74 20 63 6f  , the default co
1810: 6e 66 69 67 75 72 61 74 69 6f 6e 20 69 73 20 6c  nfiguration is l
1820: 69 6b 65 6c 79 20 74 6f 20 63 6f 6d 65 20 75 70  ikely to come up
1830: 20 69 6d 70 72 6f 70 65 72 6c 79 2e 20 41 6e 79   improperly. Any
1840: 74 68 69 6e 67 20 65 6c 73 65 20 79 6f 75 20 61  thing else you a
1850: 64 64 20 74 6f 20 74 68 69 73 20 69 73 20 70 75  dd to this is pu
1860: 72 65 6c 79 20 6f 70 74 69 6f 6e 61 6c 3b 20 49  rely optional; I
1870: e2 80 99 6d 20 73 68 6f 77 69 6e 67 20 74 68 65  ’m showing the
1880: 20 60 63 6f 6e 74 61 69 6e 65 72 60 20 70 61 63   `container` pac
1890: 6b 61 67 65 20 61 73 20 61 6e 20 65 78 61 6d 70  kage as an examp
18a0: 6c 65 20 6f 6e 6c 79 2e 0d 0a 0d 0a 49 20 64 6f  le only.....I do
18b0: 6e e2 80 99 74 20 6b 6e 6f 77 20 68 6f 77 20 63  n’t know how c
18c0: 72 69 74 69 63 61 6c 20 69 74 20 69 73 20 74 6f  ritical it is to
18d0: 20 75 73 65 20 74 68 65 20 6d 61 74 63 68 69 6e   use the matchin
18e0: 67 20 76 65 72 73 69 6f 6e 20 6f 66 20 60 6e 65  g version of `ne
18f0: 74 69 6e 73 74 61 6c 6c 2d 63 6c 69 60 20 77 68  tinstall-cli` wh
1900: 65 6e 20 63 68 61 6e 67 69 6e 67 20 52 6f 75 74  en changing Rout
1910: 65 72 4f 53 20 76 65 72 73 69 6f 6e 73 2c 20 62  erOS versions, b
1920: 75 74 20 77 68 69 6c 65 20 79 6f 75 e2 80 99 72  ut while you’r
1930: 65 20 64 6f 77 6e 6c 6f 61 64 69 6e 67 20 66 72  e downloading fr
1940: 65 73 68 20 4e 50 4b 73 2c 20 79 6f 75 20 6d 69  esh NPKs, you mi
1950: 67 68 74 20 61 73 20 77 65 6c 6c 20 75 70 64 61  ght as well upda
1960: 74 65 20 69 74 20 61 73 20 77 65 6c 6c 2e 0d 0a  te it as well...
1970: 0d 0a 0d 0a 23 23 20 3c 61 20 69 64 3d 22 73 63  ....## <a id="sc
1980: 72 69 70 74 22 3e 3c 2f 61 3e 44 65 66 61 75 6c  ript"></a>Defaul
1990: 74 20 52 6f 75 74 65 72 20 43 6f 6e 66 69 67 75  t Router Configu
19a0: 72 61 74 69 6f 6e 20 53 63 72 69 70 74 0d 0a 0d  ration Script...
19b0: 0a 4d 79 20 63 68 6f 69 63 65 20 61 62 6f 76 65  .My choice above
19c0: 20 74 6f 20 72 65 73 65 74 20 74 68 65 20 63 6f   to reset the co
19d0: 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20  nfiguration and 
19e0: 61 70 70 6c 79 20 61 20 66 72 65 73 68 20 63 6f  apply a fresh co
19f0: 6e 66 69 67 75 72 61 74 69 6f 6e 20 6c 65 74 73  nfiguration lets
1a00: 20 75 73 20 64 6f 20 73 6f 6d 65 74 68 69 6e 67   us do something
1a10: 20 66 75 6e 20 61 6e 64 20 75 73 65 66 75 6c 3a   fun and useful:
1a20: 0d 0a 0d 0a 60 60 60 20 63 6f 6e 66 69 67 0d 0a  ....``` config..
1a30: 2f 69 6e 74 65 72 66 61 63 65 20 62 72 69 64 67  /interface bridg
1a40: 65 20 61 64 64 20 6e 61 6d 65 3d 62 72 69 64 67  e add name=bridg
1a50: 65 0d 0a 2f 69 6e 74 65 72 66 61 63 65 20 62 72  e../interface br
1a60: 69 64 67 65 20 70 6f 72 74 0d 0a 61 64 64 20 62  idge port..add b
1a70: 72 69 64 67 65 3d 62 72 69 64 67 65 20 69 6e 74  ridge=bridge int
1a80: 65 72 66 61 63 65 3d 65 74 68 65 72 31 0d 0a 61  erface=ether1..a
1a90: 64 64 20 62 72 69 64 67 65 3d 62 72 69 64 67 65  dd bridge=bridge
1aa0: 20 69 6e 74 65 72 66 61 63 65 3d 65 74 68 65 72   interface=ether
1ab0: 32 0d 0a 61 64 64 20 62 72 69 64 67 65 3d 62 72  2..add bridge=br
1ac0: 69 64 67 65 20 69 6e 74 65 72 66 61 63 65 3d 65  idge interface=e
1ad0: 74 68 65 72 33 0d 0a 61 64 64 20 62 72 69 64 67  ther3..add bridg
1ae0: 65 3d 62 72 69 64 67 65 20 69 6e 74 65 72 66 61  e=bridge interfa
1af0: 63 65 3d 65 74 68 65 72 34 0d 0a 2f 69 70 20 64  ce=ether4../ip d
1b00: 68 63 70 2d 63 6c 69 65 6e 74 20 61 64 64 20 69  hcp-client add i
1b10: 6e 74 65 72 66 61 63 65 3d 62 72 69 64 67 65 0d  nterface=bridge.
1b20: 0a 2f 75 73 65 72 20 61 64 64 20 6e 61 6d 65 3d  ./user add name=
1b30: 22 66 6f 6f 22 20 70 61 73 73 77 6f 72 64 3d 22  "foo" password="
1b40: 62 61 72 22 20 67 72 6f 75 70 3d 22 66 75 6c 6c  bar" group="full
1b50: 22 0d 0a 60 60 60 0d 0a 0d 0a 54 68 69 73 20 69  "..```....This i
1b60: 73 20 74 68 65 20 60 72 65 73 65 74 2e 73 63 72  s the `reset.scr
1b70: 60 20 66 69 6c 65 20 72 65 66 65 72 65 6e 63 65  ` file reference
1b80: 64 20 61 62 6f 76 65 2c 20 61 6e 64 20 61 6c 74  d above, and alt
1b90: 68 6f 75 67 68 20 69 74 20 69 73 20 69 6e 74 65  hough it is inte
1ba0: 6e 64 65 64 20 66 6f 72 20 61 6e 79 20 6f 66 20  nded for any of 
1bb0: 4d 69 6b 72 6f 54 69 6b e2 80 99 73 20 73 6d 61  MikroTik’s sma
1bc0: 6c 6c 20 57 69 46 69 20 72 6f 75 74 65 72 73 2c  ll WiFi routers,
1bd0: 20 69 74 20 73 68 6f 75 6c 64 20 73 65 72 76 65   it should serve
1be0: 20 61 73 20 61 20 6d 69 6e 69 6d 61 6c 69 73 74   as a minimalist
1bf0: 20 73 74 61 72 74 69 6e 67 20 63 6f 6e 66 69 67   starting config
1c00: 75 72 61 74 69 6f 6e 20 66 6f 72 20 61 20 77 69  uration for a wi
1c10: 64 65 20 72 61 6e 67 65 20 6f 66 20 64 65 76 69  de range of devi
1c20: 63 65 73 2e 0d 0a 0d 0a 54 68 65 20 62 72 69 64  ces.....The brid
1c30: 67 65 20 73 65 74 75 70 20 63 6f 6e 66 69 67 75  ge setup configu
1c40: 72 65 73 20 69 74 20 61 73 20 61 20 77 69 72 65  res it as a wire
1c50: 64 2d 6f 6e 6c 79 20 73 6d 61 72 74 20 73 77 69  d-only smart swi
1c60: 74 63 68 2e 20 45 76 65 6e 20 69 66 20 79 6f 75  tch. Even if you
1c70: 20 68 61 76 65 20 61 20 57 69 46 69 20 64 65 76   have a WiFi dev
1c80: 69 63 65 20 61 6e 64 20 79 6f 75 20 64 6f 20 77  ice and you do w
1c90: 61 6e 74 20 74 6f 20 75 73 65 20 69 74 20 61 73  ant to use it as
1ca0: 20 73 75 63 68 2c 20 73 74 61 72 74 69 6e 67 20   such, starting 
1cb0: 79 6f 75 72 20 63 6f 6e 66 69 67 75 72 61 74 69  your configurati
1cc0: 6f 6e 20 77 69 74 68 20 74 68 65 20 72 61 64 69  on with the radi
1cd0: 6f 73 20 64 69 73 61 62 6c 65 64 20 69 73 20 67  os disabled is g
1ce0: 6f 6f 64 20 70 72 61 63 74 69 63 65 2e 20 59 6f  ood practice. Yo
1cf0: 75 20 77 61 6e 74 20 74 6f 20 73 65 74 20 75 70  u want to set up
1d00: 20 74 68 65 20 62 61 6e 64 73 2c 20 72 61 64 69   the bands, radi
1d10: 6f 20 70 6f 77 65 72 20 6c 65 76 65 6c 73 2c 20  o power levels, 
1d20: 61 6e 64 20 65 6e 63 72 79 70 74 69 6f 6e 20 73  and encryption s
1d30: 65 63 72 65 74 73 20 62 65 66 6f 72 65 20 65 78  ecrets before ex
1d40: 70 6f 73 69 6e 67 20 61 20 77 69 72 65 6c 65 73  posing a wireles
1d50: 73 20 6e 65 74 77 6f 72 6b 20 74 68 61 74 20 72  s network that r
1d60: 61 64 69 61 74 65 73 20 6f 75 74 73 69 64 65 20  adiates outside 
1d70: 79 6f 75 72 20 62 75 69 6c 64 69 6e 67 2e 0d 0a  your building...
1d80: 0d 0a 54 68 65 20 44 48 43 50 20 63 6c 69 65 6e  ..The DHCP clien
1d90: 74 20 6c 65 74 73 20 79 6f 75 20 64 6f 20 73 65  t lets you do se
1da0: 76 65 72 61 6c 20 6f 66 20 74 68 65 73 65 20 72  veral of these r
1db0: 6f 75 74 65 72 73 20 61 6e 64 20 63 6f 6e 6e 65  outers and conne
1dc0: 63 74 20 74 68 65 6d 20 74 6f 20 61 20 73 65 74  ct them to a set
1dd0: 75 70 20 4c 41 4e 20 77 69 74 68 6f 75 74 20 63  up LAN without c
1de0: 72 65 61 74 69 6e 67 20 49 50 20 61 64 64 72 65  reating IP addre
1df0: 73 73 20 63 6f 6c 6c 69 73 69 6f 6e 73 2e 0d 0a  ss collisions...
1e00: 0d 0a 54 68 65 20 64 65 66 61 75 6c 74 20 75 73  ..The default us
1e10: 65 72 20 73 74 65 70 20 67 65 74 73 20 79 6f 75  er step gets you
1e20: 20 61 72 6f 75 6e 64 20 4d 69 6b 72 6f 54 69 6b   around MikroTik
1e30: e2 80 99 73 20 6e 65 77 20 70 6f 6c 69 63 79 20  ’s new policy 
1e40: 6f 66 20 72 65 73 65 74 74 69 6e 67 20 74 68 65  of resetting the
1e50: 20 60 61 64 6d 69 6e 60 20 75 73 65 72 e2 80 99   `admin` user’
1e60: 73 20 70 61 73 73 77 6f 72 64 20 74 6f 20 61 20  s password to a 
1e70: 72 61 6e 64 6f 6d 20 76 61 6c 75 65 20 70 72 69  random value pri
1e80: 6e 74 65 64 20 69 6e 20 74 69 6e 79 20 74 65 78  nted in tiny tex
1e90: 74 20 6f 6e 20 61 20 73 6d 61 6c 6c 20 73 74 69  t on a small sti
1ea0: 63 6b 65 72 20 6f 6e 20 74 68 65 20 62 6f 74 74  cker on the bott
1eb0: 6f 6d 20 6f 66 20 74 68 65 20 72 6f 75 74 65 72  om of the router
1ec0: 2e 28 5e 54 6f 20 62 65 20 66 61 69 72 2c 20 49  .(^To be fair, I
1ed0: 20 66 75 6c 6c 79 20 73 75 70 70 6f 72 74 20 74   fully support t
1ee0: 68 69 73 20 70 6f 6c 69 63 79 3b 20 69 6e 20 66  his policy; in f
1ef0: 61 63 74 2c 20 49 20 70 72 6f 70 6f 73 65 64 20  act, I proposed 
1f00: 65 73 73 65 6e 74 69 61 6c 6c 79 20 77 68 61 74  essentially what
1f10: 20 77 65 20 65 76 65 6e 74 75 61 6c 6c 79 20 67   we eventually g
1f20: 6f 74 20 6f 6e 20 74 68 65 20 66 6f 72 75 6d 73  ot on the forums
1f30: 20 6c 6f 6e 67 20 62 65 66 6f 72 65 20 74 68 65   long before the
1f40: 79 20 69 6d 70 6c 65 6d 65 6e 74 65 64 20 69 74  y implemented it
1f50: 2e 20 49 e2 80 99 6d 20 6d 6f 72 65 20 61 6e 6e  . I’m more ann
1f60: 6f 79 65 64 20 74 68 61 74 20 69 74 20 74 6f 6f  oyed that it too
1f70: 6b 20 45 75 72 6f 70 65 61 6e 20 55 6e 69 6f 6e  k European Union
1f80: 20 6c 65 67 69 73 6c 61 74 69 6f 6e 20 74 6f 20   legislation to 
1f90: 61 72 6d 2d 74 77 69 73 74 20 4d 69 6b 72 6f 54  arm-twist MikroT
1fa0: 69 6b 20 69 6e 74 6f 20 64 6f 69 6e 67 20 74 68  ik into doing th
1fb0: 69 73 20 74 68 61 6e 20 49 20 61 6d 20 69 72 72  is than I am irr
1fc0: 69 74 61 74 65 64 20 62 79 20 74 68 65 20 66 61  itated by the fa
1fd0: 63 74 20 74 68 61 74 20 69 74 20 6e 6f 77 20 72  ct that it now r
1fe0: 65 71 75 69 72 65 73 20 75 73 65 20 6f 66 20 65  equires use of e
1ff0: 69 74 68 65 72 20 61 20 73 74 72 6f 6e 67 20 6d  ither a strong m
2000: 61 67 6e 69 66 69 65 72 20 6f 72 20 61 20 73 6d  agnifier or a sm
2010: 61 6c 6c 20 74 72 61 69 6e 61 62 6c 65 20 63 68  all trainable ch
2020: 69 6c 64 20 62 65 66 6f 72 65 20 79 6f 75 20 63  ild before you c
2030: 61 6e 20 6c 65 61 72 6e 20 77 68 61 74 20 74 68  an learn what th
2040: 61 74 20 64 65 66 61 75 6c 74 20 70 61 73 73 77  at default passw
2050: 6f 72 64 20 61 63 74 75 61 6c 6c 79 20 2a 69 73  ord actually *is
2060: 2a 20 6f 6e 20 61 20 64 65 76 69 63 65 20 6c 69  * on a device li
2070: 6b 65 20 74 68 65 20 5b 68 41 50 20 61 78 20 6c  ke the [hAP ax l
2080: 69 74 65 5d 28 68 74 74 70 73 3a 2f 2f 6d 69 6b  ite](https://mik
2090: 72 6f 74 69 6b 2e 63 6f 6d 2f 70 72 6f 64 75 63  rotik.com/produc
20a0: 74 2f 68 61 70 5f 61 78 5f 6c 69 74 65 29 2c 20  t/hap_ax_lite), 
20b0: 77 68 65 72 65 20 69 74 e2 80 99 73 20 70 72 69  where it’s pri
20c0: 6e 74 65 64 20 61 74 20 33 37 20 44 50 49 20 75  nted at 37 DPI u
20d0: 73 69 6e 67 20 61 20 33 70 74 20 64 6f 74 20 6d  sing a 3pt dot m
20e0: 61 74 72 69 78 20 66 6f 6e 74 2e f0 9f 99 84 20  atrix font.🙄 
20f0: 49 e2 80 99 6d 20 73 68 6f 77 69 6e 67 20 79 6f  I’m showing yo
2100: 75 20 68 6f 77 20 74 6f 20 67 65 74 20 61 72 6f  u how to get aro
2110: 75 6e 64 20 74 68 69 73 20 70 61 73 73 77 6f 72  und this passwor
2120: 64 20 6e 6f 74 20 62 65 63 61 75 73 65 20 49 20  d not because I 
2130: 62 65 6c 69 65 76 65 20 69 6e 20 64 69 73 63 61  believe in disca
2140: 72 64 69 6e 67 20 74 68 69 73 20 65 78 63 65 6c  rding this excel
2150: 6c 65 6e 74 20 73 65 63 75 72 69 74 79 20 6d 65  lent security me
2160: 61 73 75 72 65 20 62 75 74 20 74 6f 20 73 68 6f  asure but to sho
2170: 77 20 74 68 61 74 20 79 6f 75 20 64 6f 6e e2 80  w that you don
2180: 99 74 20 6e 65 65 64 20 74 6f 20 6b 6e 6f 77 20  t need to know 
2190: 74 68 65 20 70 61 73 73 77 6f 72 64 20 74 6f 20  the password to 
21a0: 72 65 73 65 74 20 69 74 2e 20 4d 79 20 72 65 63  reset it. My rec
21b0: 6f 6d 6d 65 6e 64 61 74 69 6f 6e 20 69 73 20 74  ommendation is t
21c0: 6f 20 74 72 65 61 74 20 74 68 69 73 20 61 73 20  o treat this as 
21d0: 61 20 74 65 6d 70 6f 72 61 72 79 20 70 61 73 73  a temporary pass
21e0: 77 6f 72 64 20 6f 6e 6c 79 3b 20 6f 6e 65 20 6f  word only; one o
21f0: 66 20 79 6f 75 72 20 66 69 72 73 74 20 73 74 65  f your first ste
2200: 70 73 20 73 68 6f 75 6c 64 20 62 65 20 74 6f 20  ps should be to 
2210: 67 69 76 65 20 69 74 20 79 6f 75 72 20 6f 77 6e  give it your own
2220: 20 6c 6f 6e 67 2c 20 72 61 6e 64 6f 6d 20 70 61   long, random pa
2230: 73 73 77 6f 72 64 2c 20 6f 6e 65 20 6e 6f 74 20  ssword, one not 
2240: 70 72 69 6e 74 65 64 20 6f 6e 20 61 6e 79 20 73  printed on any s
2250: 74 69 63 6b 65 72 73 20 61 6e 79 77 68 65 72 65  tickers anywhere
2260: 2e 29 0d 0a 0d 0a 54 68 65 72 65 e2 80 99 73 20  .)....There’s 
2270: 6f 6e 65 20 73 75 62 74 6c 65 74 79 20 74 6f 20  one subtlety to 
2280: 74 68 69 73 3a 20 60 6e 65 74 69 6e 73 74 61 6c  this: `netinstal
2290: 6c 2d 63 6c 69 60 20 77 69 6c 6c 20 79 65 6c 6c  l-cli` will yell
22a0: 20 69 66 20 79 6f 75 20 6e 61 6d 65 20 74 68 65   if you name the
22b0: 20 73 63 72 69 70 74 20 6f 74 68 65 72 20 74 68   script other th
22c0: 61 6e 20 60 2a 2e 73 63 72 60 2e 20 49 20 68 61  an `*.scr`. I ha
22d0: 70 70 65 6e 20 74 6f 20 74 68 69 6e 6b 20 69 74  ppen to think it
22e0: 20 6f 75 67 68 74 20 74 6f 20 61 63 63 65 70 74   ought to accept
22f0: 20 74 68 65 20 60 2a 2e 72 73 63 60 20 65 78 74   the `*.rsc` ext
2300: 65 6e 73 69 6f 6e 20 69 74 20 75 73 65 73 20 6f  ension it uses o
2310: 6e 20 60 2f 65 78 70 6f 72 74 60 2c 20 62 75 74  n `/export`, but
2320: 20 6f 68 2c 20 77 65 6c 6c 2e 0d 0a 0d 0a 0d 0a   oh, well.......
2330: 23 23 20 3c 61 20 69 64 3d 22 6d 79 74 68 73 22  ## <a id="myths"
2340: 3e 3c 2f 61 3e 4d 79 74 68 73 0d 0a 0d 0a 59 6f  ></a>Myths....Yo
2350: 75 20 64 6f 20 2a 2a 4e 4f 54 2a 2a 20 6e 65 65  u do **NOT** nee
2360: 64 20 74 6f e2 80 a6 0d 0a 0d 0a 2a 20 64 69 73  d to…....* dis
2370: 61 62 6c 65 20 74 68 65 20 56 4d 20 68 6f 73 74  able the VM host
2380: e2 80 99 73 20 57 69 46 69 28 5e 54 68 65 20 56  ’s WiFi(^The V
2390: 4d 20 64 6f 65 73 6e e2 80 99 74 20 65 76 65 6e  M doesn’t even
23a0: 20 6b 6e 6f 77 20 61 62 6f 75 74 20 74 68 65 20   know about the 
23b0: 68 6f 73 74 e2 80 99 73 20 73 65 63 6f 6e 64 20  host’s second 
23c0: 69 6e 74 65 72 66 61 63 65 2c 20 61 6e 64 20 77  interface, and w
23d0: 65 20 68 61 64 20 79 6f 75 20 62 69 6e 64 20 74  e had you bind t
23e0: 68 65 20 56 4d 20 74 6f 20 74 68 65 20 45 74 68  he VM to the Eth
23f0: 65 72 6e 65 74 20 69 6e 74 65 72 66 61 63 65 20  ernet interface 
2400: 61 62 6f 76 65 20 72 65 67 61 72 64 6c 65 73 73  above regardless
2410: 2e 29 0d 0a 2a 20 63 68 61 6e 67 65 20 79 6f 75  .)..* change you
2420: 72 20 4e 65 74 49 6e 73 74 61 6c 6c 20 56 4d e2  r NetInstall VM
2430: 80 99 73 20 49 50 20 61 64 64 72 65 73 73 20 74  s IP address t
2440: 6f 20 75 73 65 20 74 68 65 20 31 39 32 2e 31 36  o use the 192.16
2450: 38 2e 38 38 2e 30 2f 32 34 20 73 75 62 6e 65 74  8.88.0/24 subnet
2460: 0d 0a 2a 20 63 6f 6e 66 69 67 75 72 65 20 61 20  ..* configure a 
2470: 73 74 61 74 69 63 20 49 50 20 6f 6e 20 74 68 65  static IP on the
2480: 20 56 4d 3b 20 65 76 65 6e 20 69 66 20 79 6f 75   VM; even if you
2490: 20 73 65 74 20 69 74 20 75 70 20 75 73 69 6e 67   set it up using
24a0: 20 44 48 43 50 20 62 65 66 6f 72 65 20 72 65 61   DHCP before rea
24b0: 74 74 61 63 68 69 6e 67 20 74 68 65 20 45 74 68  ttaching the Eth
24c0: 65 72 6e 65 74 20 63 61 62 6c 65 20 74 6f 20 74  ernet cable to t
24d0: 68 65 20 74 61 72 67 65 74 20 72 6f 75 74 65 72  he target router
24e0: 2c 20 74 68 65 20 4c 69 6e 75 78 20 4f 53 20 79  , the Linux OS y
24f0: 6f 75 e2 80 99 72 65 20 75 73 69 6e 67 20 69 6e  ou’re using in
2500: 73 69 64 65 20 74 68 61 74 20 56 4d 20 2a 73 68  side that VM *sh
2510: 6f 75 6c 64 2a 20 6b 65 65 70 20 74 68 65 20 61  ould* keep the a
2520: 64 64 72 65 73 73 20 75 6e 74 69 6c 20 74 68 65  ddress until the
2530: 20 6c 65 61 73 65 20 65 78 70 69 72 65 73 0d 0a   lease expires..
2540: 2a 20 63 6f 6e 6e 65 63 74 20 74 68 65 20 72 6f  * connect the ro
2550: 75 74 65 72 20 64 69 72 65 63 74 6c 79 20 74 6f  uter directly to
2560: 20 74 68 65 20 73 65 72 76 65 72 e2 80 99 73 20   the server’s 
2570: 63 6f 70 70 65 72 20 45 74 68 65 72 6e 65 74 20  copper Ethernet 
2580: 70 6f 72 74 3b 20 74 68 65 72 65 20 6d 65 72 65  port; there mere
2590: 6c 79 20 6e 65 65 64 73 20 74 6f 20 62 65 20 61  ly needs to be a
25a0: 6e 20 75 6e 69 6d 70 65 64 65 64 20 4c 32 20 70  n unimpeded L2 p
25b0: 61 74 68 20 62 65 74 77 65 65 6e 20 74 68 65 20  ath between the 
25c0: 74 77 6f 28 5e 57 68 69 6c 65 20 74 68 65 20 73  two(^While the s
25d0: 69 6d 70 6c 65 73 74 20 77 61 79 20 74 6f 20 61  implest way to a
25e0: 63 68 69 65 76 65 20 74 68 61 74 20 69 73 20 69  chieve that is i
25f0: 6e 64 65 65 64 20 74 6f 20 70 75 74 20 61 20 64  ndeed to put a d
2600: 69 72 65 63 74 20 63 61 62 6c 65 20 62 65 74 77  irect cable betw
2610: 65 65 6e 20 74 68 65 20 74 77 6f 20 61 6e 64 20  een the two and 
2620: 72 65 6c 79 20 6f 6e 20 4d 44 49 2d 58 20 74 6f  rely on MDI-X to
2630: 20 64 6f 20 74 68 65 20 63 72 6f 73 73 6f 76 65   do the crossove
2640: 72 20 6d 61 67 69 63 2c 20 69 74 e2 80 99 73 20  r magic, it’s 
2650: 6a 75 73 74 20 61 73 20 65 66 66 65 63 74 69 76  just as effectiv
2660: 65 20 74 6f 20 70 75 74 20 61 20 64 75 6d 62 20  e to put a dumb 
2670: 73 77 69 74 63 68 20 62 65 74 77 65 65 6e 20 74  switch between t
2680: 68 65 20 74 77 6f 2e 20 49 66 20 69 6e 73 74 65  he two. If inste
2690: 61 64 20 79 6f 75 20 73 75 62 73 74 69 74 75 74  ad you substitut
26a0: 65 20 61 20 73 75 66 66 69 63 69 65 6e 74 6c 79  e a sufficiently
26b0: 20 69 6e 74 65 6c 6c 69 67 65 6e 74 20 73 77 69   intelligent swi
26c0: 74 63 68 2c 20 73 75 63 68 20 61 73 20 61 20 43  tch, such as a C
26d0: 52 53 20 72 75 6e 6e 69 6e 67 20 52 6f 75 74 65  RS running Route
26e0: 72 4f 53 2c 20 74 68 65 72 65 e2 80 99 73 20 61  rOS, there’s a
26f0: 20 66 61 69 72 20 63 68 61 6e 63 65 20 74 68 61   fair chance tha
2700: 74 20 6f 6e 65 20 6f 66 20 74 68 65 20 63 6c 65  t one of the cle
2710: 76 65 72 20 74 68 69 6e 67 73 20 79 6f 75 20 62  ver things you b
2720: 6f 75 67 68 74 20 69 74 20 74 6f 20 64 6f 20 77  ought it to do w
2730: 69 6c 6c 20 65 6e 64 20 75 70 20 62 6c 6f 63 6b  ill end up block
2740: 69 6e 67 20 74 68 65 20 4e 65 74 49 6e 73 74 61  ing the NetInsta
2750: 6c 6c 20 70 61 63 6b 65 74 73 2e 20 54 68 65 20  ll packets. The 
2760: 6f 6e 65 20 74 68 61 74 20 74 72 69 70 70 65 64  one that tripped
2770: 20 6d 65 20 75 70 20 69 6e 20 74 65 73 74 69 6e   me up in testin
2780: 67 20 69 73 20 5b 52 6f 75 74 65 72 4f 53 e2 80  g is [RouterOS
2790: 99 73 20 e2 80 9c 54 72 75 73 74 65 64 e2 80 9d  s “Trusted”
27a0: 20 66 6c 61 67 5d 28 68 74 74 70 73 3a 2f 2f 68   flag](https://h
27b0: 65 6c 70 2e 6d 69 6b 72 6f 74 69 6b 2e 63 6f 6d  elp.mikrotik.com
27c0: 2f 64 6f 63 73 2f 64 69 73 70 6c 61 79 2f 52 4f  /docs/display/RO
27d0: 53 2f 42 72 69 64 67 69 6e 67 2b 61 6e 64 2b 53  S/Bridging+and+S
27e0: 77 69 74 63 68 69 6e 67 23 42 72 69 64 67 69 6e  witching#Bridgin
27f0: 67 61 6e 64 53 77 69 74 63 68 69 6e 67 2d 50 6f  gandSwitching-Po
2800: 72 74 53 65 74 74 69 6e 67 73 29 2c 20 77 68 69  rtSettings), whi
2810: 63 68 20 79 6f 75 e2 80 99 72 65 20 72 65 63 6f  ch you’re reco
2820: 6d 6d 65 6e 64 65 64 20 74 6f 20 64 69 73 61 62  mmended to disab
2830: 6c 65 20 6f 6e 20 62 72 69 64 67 65 20 70 6f 72  le on bridge por
2840: 74 73 20 69 6e 74 65 6e 64 65 64 20 66 6f 72 20  ts intended for 
2850: e2 80 9c 65 64 67 65 e2 80 9d 20 64 65 76 69 63  “edge” devic
2860: 65 73 2c 20 6f 6e 65 73 20 77 68 69 63 68 20 68  es, ones which h
2870: 61 76 65 20 6e 6f 20 62 75 73 69 6e 65 73 73 20  ave no business 
2880: 73 65 6e 64 69 6e 67 20 44 48 43 50 20 72 65 70  sending DHCP rep
2890: 6c 69 65 73 20 74 6f 20 6f 74 68 65 72 20 63 6c  lies to other cl
28a0: 69 65 6e 74 73 2e 20 54 68 65 20 74 68 69 6e 67  ients. The thing
28b0: 20 69 73 2c 20 60 6e 65 74 69 6e 73 74 61 6c 6c   is, `netinstall
28c0: 2d 63 6c 69 60 20 2a 64 6f 65 73 2a 20 6d 61 6b  -cli` *does* mak
28d0: 65 20 6c 65 67 69 74 69 6d 61 74 65 20 75 73 65  e legitimate use
28e0: 20 6f 66 20 74 68 65 20 42 4f 4f 54 50 20 70 6f   of the BOOTP po
28f0: 72 74 2c 20 61 6e 64 20 73 69 6e 63 65 20 44 48  rt, and since DH
2900: 43 50 20 69 73 20 61 6e 20 65 78 74 65 6e 73 69  CP is an extensi
2910: 6f 6e 20 6f 66 20 42 4f 4f 54 50 2c 20 74 65 6c  on of BOOTP, tel
2920: 6c 69 6e 67 20 74 68 65 20 73 77 69 74 63 68 20  ling the switch 
2930: 74 68 61 74 20 79 6f 75 72 20 4e 65 74 49 6e 73  that your NetIns
2940: 74 61 6c 6c 20 6d 61 63 68 69 6e 65 20 69 73 20  tall machine is 
2950: 6e 6f 74 20 e2 80 9c 54 72 75 73 74 65 64 e2 80  not “Trusted
2960: 9d 20 74 6f 20 73 65 6e 64 20 44 48 43 50 20 70   to send DHCP p
2970: 61 63 6b 65 74 73 20 70 72 65 76 65 6e 74 73 20  ackets prevents 
2980: 4e 65 74 49 6e 73 74 61 6c 6c 20 66 72 6f 6d 20  NetInstall from 
2990: 67 65 74 74 69 6e 67 20 73 74 61 72 74 65 64 2e  getting started.
29a0: 20 4f 6e 6c 79 20 74 68 65 20 73 65 72 76 65 72   Only the server
29b0: 20 70 6f 72 74 20 6e 65 65 64 73 20 74 6f 20 62   port needs to b
29c0: 65 20 6d 61 72 6b 65 64 20 e2 80 9c 54 72 75 73  e marked “Trus
29d0: 74 65 64 e2 80 9d 2c 20 70 72 65 73 75 6d 61 62  ted”, presumab
29e0: 6c 79 20 62 65 63 61 75 73 65 20 69 74 20 69 73  ly because it is
29f0: 20 74 68 65 20 6f 6e 65 20 73 65 6e 64 69 6e 67   the one sending
2a00: 20 74 68 65 73 65 20 42 4f 4f 54 50 20 70 61 63   these BOOTP pac
2a10: 6b 65 74 73 2e 20 54 68 65 20 72 65 70 72 6f 67  kets. The reprog
2a20: 72 61 6d 6d 65 64 20 64 65 76 69 63 65 e2 80 99  rammed device’
2a30: 73 20 70 6f 72 74 20 73 68 6f 75 6c 64 20 63 6f  s port should co
2a40: 6e 74 69 6e 75 65 20 74 6f 20 62 65 20 6d 61 72  ntinue to be mar
2a50: 6b 65 64 20 6e 6f 6e 2d 54 72 75 73 74 65 64 20  ked non-Trusted 
2a60: 69 6e 20 63 61 73 65 20 79 6f 75 72 20 64 65 66  in case your def
2a70: 61 75 6c 74 20 63 6f 6e 66 69 67 75 72 61 74 69  ault configurati
2a80: 6f 6e 20 69 6e 63 6c 75 64 65 73 20 61 20 44 48  on includes a DH
2a90: 43 50 20 73 65 72 76 65 72 2c 20 74 6f 20 6b 65  CP server, to ke
2aa0: 65 70 20 69 74 20 66 72 6f 6d 20 63 6f 6e 66 75  ep it from confu
2ab0: 73 69 6e 67 20 74 68 65 20 72 65 73 74 20 6f 66  sing the rest of
2ac0: 20 74 68 65 20 4c 41 4e 20 69 6e 20 74 68 65 20   the LAN in the 
2ad0: 74 69 6d 65 20 62 65 66 6f 72 65 20 79 6f 75 20  time before you 
2ae0: 63 61 6e 20 67 65 74 20 69 74 20 75 6e 70 6c 75  can get it unplu
2af0: 67 67 65 64 20 61 67 61 69 6e 2e 29 0d 0a 0d 0a  gged again.)....
2b00: 0d 0a 23 23 20 3c 61 20 69 64 3d 22 74 69 70 73  ..## <a id="tips
2b10: 22 3e 3c 2f 61 3e 54 69 70 73 0d 0a 0d 0a 49 66  "></a>Tips....If
2b20: 20 79 6f 75 20 67 65 74 20 74 68 65 20 e2 80 9c   you get the “
2b30: 60 4b 65 79 20 77 61 73 20 72 65 6a 65 63 74 65  `Key was rejecte
2b40: 64 60 e2 80 9d 20 6d 65 73 73 61 67 65 2c 20 68  d`” message, h
2b50: 69 74 20 3c 6b 62 64 3e 43 74 72 6c 2d 43 3c 2f  it <kbd>Ctrl-C</
2b60: 6b 62 64 3e 20 74 6f 20 62 72 65 61 6b 20 6f 75  kbd> to break ou
2b70: 74 20 6f 66 20 60 6e 65 74 69 6e 73 74 61 6c 6c  t of `netinstall
2b80: 2d 63 6c 69 60 2c 20 74 68 65 6e 20 3c 6b 62 64  -cli`, then <kbd
2b90: 3e 55 70 2d 41 72 72 6f 77 3c 2f 6b 62 64 3e 20  >Up-Arrow</kbd> 
2ba0: 61 6e 64 20 3c 6b 62 64 3e 45 6e 74 65 72 3c 2f  and <kbd>Enter</
2bb0: 6b 62 64 3e 20 74 6f 20 71 75 69 63 6b 6c 79 20  kbd> to quickly 
2bc0: 72 65 73 74 61 72 74 20 69 74 2e 20 49 e2 80 99  restart it. I’
2bd0: 76 65 20 73 65 65 6e 20 74 68 69 73 20 62 79 70  ve seen this byp
2be0: 61 73 73 20 74 68 65 20 73 79 6d 70 74 6f 6d 20  ass the symptom 
2bf0: 77 68 65 6e 20 75 73 69 6e 67 20 61 20 43 65 6e  when using a Cen
2c00: 74 4f 53 20 38 20 53 74 72 65 61 6d 20 56 4d 20  tOS 8 Stream VM 
2c10: 61 73 20 74 68 65 20 73 65 72 76 65 72 2e 0d 0a  as the server...
2c20: 0d 0a 0d 0a 23 23 20 3c 61 20 69 64 3d 22 6c 69  ....## <a id="li
2c30: 63 65 6e 73 65 22 3e 3c 2f 61 3e 4c 69 63 65 6e  cense"></a>Licen
2c40: 73 65 0d 0a 0d 0a 54 68 69 73 20 77 6f 72 6b 20  se....This work 
2c50: 69 73 20 c2 a9 20 32 30 32 33 2d 32 30 32 34 20  is © 2023-2024 
2c60: 62 79 20 57 61 72 72 65 6e 20 59 6f 75 6e 67 20  by Warren Young 
2c70: 61 6e 64 20 69 73 20 6c 69 63 65 6e 73 65 64 20  and is licensed 
2c80: 75 6e 64 65 72 20 3c 61 20 68 72 65 66 3d 22 68  under <a href="h
2c90: 74 74 70 3a 2f 2f 63 72 65 61 74 69 76 65 63 6f  ttp://creativeco
2ca0: 6d 6d 6f 6e 73 2e 6f 72 67 2f 6c 69 63 65 6e 73  mmons.org/licens
2cb0: 65 73 2f 62 79 2d 6e 63 2d 73 61 2f 34 2e 30 2f  es/by-nc-sa/4.0/
2cc0: 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b  " target="_blank
2cd0: 22 20 72 65 6c 3d 22 6c 69 63 65 6e 73 65 20 6e  " rel="license n
2ce0: 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72  oopener noreferr
2cf0: 65 72 22 3e 43 43 20 42 59 2d 4e 43 2d 53 41 20  er">CC BY-NC-SA 
2d00: 34 2e 30 3c 69 6d 67 20 73 74 79 6c 65 3d 22 68  4.0<img style="h
2d10: 65 69 67 68 74 3a 32 32 70 78 21 69 6d 70 6f 72  eight:22px!impor
2d20: 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74  tant;margin-left
2d30: 3a 33 70 78 3b 76 65 72 74 69 63 61 6c 2d 61 6c  :3px;vertical-al
2d40: 69 67 6e 3a 74 65 78 74 2d 62 6f 74 74 6f 6d 3b  ign:text-bottom;
2d50: 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6d  " src="https://m
2d60: 69 72 72 6f 72 73 2e 63 72 65 61 74 69 76 65 63  irrors.creativec
2d70: 6f 6d 6d 6f 6e 73 2e 6f 72 67 2f 70 72 65 73 73  ommons.org/press
2d80: 6b 69 74 2f 69 63 6f 6e 73 2f 63 63 2e 73 76 67  kit/icons/cc.svg
2d90: 3f 72 65 66 3d 63 68 6f 6f 73 65 72 2d 76 31 22  ?ref=chooser-v1"
2da0: 3e 3c 69 6d 67 20 73 74 79 6c 65 3d 22 68 65 69  ><img style="hei
2db0: 67 68 74 3a 32 32 70 78 21 69 6d 70 6f 72 74 61  ght:22px!importa
2dc0: 6e 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 33  nt;margin-left:3
2dd0: 70 78 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67  px;vertical-alig
2de0: 6e 3a 74 65 78 74 2d 62 6f 74 74 6f 6d 3b 22 20  n:text-bottom;" 
2df0: 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6d 69 72  src="https://mir
2e00: 72 6f 72 73 2e 63 72 65 61 74 69 76 65 63 6f 6d  rors.creativecom
2e10: 6d 6f 6e 73 2e 6f 72 67 2f 70 72 65 73 73 6b 69  mons.org/presski
2e20: 74 2f 69 63 6f 6e 73 2f 62 79 2e 73 76 67 3f 72  t/icons/by.svg?r
2e30: 65 66 3d 63 68 6f 6f 73 65 72 2d 76 31 22 3e 3c  ef=chooser-v1"><
2e40: 69 6d 67 20 73 74 79 6c 65 3d 22 68 65 69 67 68  img style="heigh
2e50: 74 3a 32 32 70 78 21 69 6d 70 6f 72 74 61 6e 74  t:22px!important
2e60: 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 33 70 78  ;margin-left:3px
2e70: 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a  ;vertical-align:
2e80: 74 65 78 74 2d 62 6f 74 74 6f 6d 3b 22 20 73 72  text-bottom;" sr
2e90: 63 3d 22 68 74 74 70 73 3a 2f 2f 6d 69 72 72 6f  c="https://mirro
2ea0: 72 73 2e 63 72 65 61 74 69 76 65 63 6f 6d 6d 6f  rs.creativecommo
2eb0: 6e 73 2e 6f 72 67 2f 70 72 65 73 73 6b 69 74 2f  ns.org/presskit/
2ec0: 69 63 6f 6e 73 2f 6e 63 2e 73 76 67 3f 72 65 66  icons/nc.svg?ref
2ed0: 3d 63 68 6f 6f 73 65 72 2d 76 31 22 3e 3c 69 6d  =chooser-v1"><im
2ee0: 67 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a  g style="height:
2ef0: 32 32 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6d  22px!important;m
2f00: 61 72 67 69 6e 2d 6c 65 66 74 3a 33 70 78 3b 76  argin-left:3px;v
2f10: 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 65  ertical-align:te
2f20: 78 74 2d 62 6f 74 74 6f 6d 3b 22 20 73 72 63 3d  xt-bottom;" src=
2f30: 22 68 74 74 70 73 3a 2f 2f 6d 69 72 72 6f 72 73  "https://mirrors
2f40: 2e 63 72 65 61 74 69 76 65 63 6f 6d 6d 6f 6e 73  .creativecommons
2f50: 2e 6f 72 67 2f 70 72 65 73 73 6b 69 74 2f 69 63  .org/presskit/ic
2f60: 6f 6e 73 2f 73 61 2e 73 76 67 3f 72 65 66 3d 63  ons/sa.svg?ref=c
2f70: 68 6f 6f 73 65 72 2d 76 31 22 3e 3c 2f 61 3e 0d  hooser-v1"></a>.
2f80: 0a 0d 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68  ...<div style="h
2f90: 65 69 67 68 74 3a 20 35 30 65 6d 22 20 69 64 3d  eight: 50em" id=
2fa0: 22 74 68 69 73 2d 73 70 61 63 65 2d 69 6e 74 65  "this-space-inte
2fb0: 6e 74 69 6f 6e 61 6c 6c 79 2d 6c 65 66 74 2d 62  ntionally-left-b
2fc0: 6c 61 6e 6b 22 3e 3c 2f 64 69 76 3e 0a 5a 20 31  lank"></div>.Z 1
2fd0: 65 39 36 35 61 31 37 62 61 64 33 61 63 35 32 30  e965a17bad3ac520
2fe0: 36 35 33 65 66 38 65 65 66 37 37 30 31 64 33 0a  653ef8eef7701d3.