Table of Contents

Common Procedures for MikroTik RouterBoard Products

This page describes common procedures across MikroTik RouterBoard routers. If you edit / add information about a specific model, please consider linking to this page to avoid repeating common instructions.

OpenWrt is not compatible with the bootloader of RouterOS v7. Do NOT upgrade the firmware on your device to RouterOS v7 or, if you did, downgrade to RouterOS Firmware v6 before installing OpenWrt. RouterOS doesn't allow to downgrade below factory firmware version, but OpenWrt boots and works fine with versions up to 6.49.10 or beyond. Confirmed working: 6.47.10 (tested on SXTsq 5 ac), 6.49.10 (tested on SXTsq 2nD).

Overview of OpenWrt installation: TL;DR

TL;DR

  1. (optional) Save the license key of RouterOS and the original firmware.
  2. Downgrade to RouterOS v6 if you previously upgraded to v7.
  3. Boot router via network boot (BOOTP/TFTP or DHCP/TFTP) for testing. OpenWrt isn't installed now, it's working from a RAM image. If it doesn't work, try a different version of OpenWrt.
  4. If all right, write OpenWrt into flash of the router, then reboot.
  5. Tuning OpenWrt.

Overview of OpenWrt installation: Full text

RouterBoards can netboot OpenWrt initramfs .elf (.bin in some instances) images via TFTP. This RAM-based initramfs OpenWrt image is first used to validate the desired OpenWrt version operates properly without overwriting any existing image in the NAND or NOR flash of the RouterBoard.

Once you have verified OpenWrt is working on your MikroTik hardware, use the LuCI web interface to permanently flash the appropriate sysupgrade .bin image into the flash of the RouterBoard. In this way, an initial installation is treated exactly the same as a subsequent OpenWrt upgrade. Prior versions of OpenWrt required a subsequent upgrade to once again boot OpenWrt using initramfs: with the current version of OpenWrt that now uses Unsorted Block images (UBI), the initial flash and subsequent upgrades can be performed directly in-place from the LuCI web interface.

After OpenWrt is installed to Flash, depending on the model, some platform configuration may be needed. This is explained in the model specific wiki pages.

First Things First: Don't Lose Your RouterOS License

Note: this step seems to be optional, at least for routers, since their license is tied directly to the hardware. Still, do this just in case.

Before you start installing OpenWrt, save your RouterOS License .key file. This will allow you to use Mikrotik's NetInstall to re-install RouterOS.

Make sure the bootloader is compatible

The bootloader from RouterOS v7 is not compatible with OpenWrt. If you have it, you will be able to netboot your device and flash OpenWrt, but after it reboots it will go straight to netboot again. If this happens to you, restore RouterOS using Netinstall, downgrade to RouterOS v6, and install OpenWrt again.

To check the version of your bootloader from RouterOS, go to System → Routerboard in the web interface or run /system routerboard print and look for “current firmware”. If the version is below 7, you are all set. If it is 7.*, downgrade RouterOS to v6 before proceeding.

If you have already booted an OpenWrt initramfs, to see the bootloader version run cat /sys/firmware/mikrotik/hard_config/booter_version.

Selecting an OpenWrt version

The first supported version of OpenWrt for a particular model should be listed on the OpenWrt Table of Hardware

If the OpenWrt table of hardware says 'trunk', the model specific page should explain if 'trunk' already contains the necessary patches for your model or if you need to compile and patch OpenWrt yourself. Compilation / patching is explained further down in this document. If the documentation is old, then the model may work already in a newer release.

If your RouterBoard is not supported in the latest release, consider compiling the required patches to make your RouterBoard work with the latest release and install that (as described below).

To Test-Drive OpenWrt, Netboot the initramfs File

Since an initramfs image is just a temporary image (only loaded into RAM), it is safe to test a particular version of OpenWrt by netbooting (using DHCP/BOOTP/TFTP) and downloading the initramfs image.
When you power down your RouterBoard after loading an initramfs file, OpenWrt will simply vanish: a power down and reboot of the RouterBoard will revert to the prior version of firmware that is still in flash of the RouterBoard.

If the RAM-based initramfs version you have selected works for you, feel free to try other versions of OpenWrt, such as Latest release or snapshot.
Once you are happy with the RAM-based operation of OpenWrt, proceed to the step of flashing OpenWrt in order to permanently write OpenWrt into your RouterBoard.

Note: MikroTik's bootloader (routerboot) may have a size limitation for TFTP images, approximately 7MiB. If it refuses to accept an initramfs image above that size (it will proceed to boot whatever was already installed in the device), that could be the reason.

Downloading OpenWrt images for Mikrotik RouterBoards

The latest OpenWrt images can be downloaded from https://downloads.openwrt.org/
There will be just two images needed to install OpenWrt for any particular Mikrotik RouterBoard hardware platform:

  1. The specific initramfs image to be downloaded into RAM during an initial netboot of the RouterBoard.
  2. The specific sysupgrade .bin image to be flashed into the Mikrotik router using the LuCI web interface or with the sysupgrade command.

To determine the precise file names needed for your specific RouterBoard model, please refer to:

Netboot of OpenWrt Uses DHCP/BOOTP/TFTP

Routerboards contain the Mikrotik RouterBoot netboot bootloader that will boot over the network and run an OpenWrt initramfs file. The initramfs file is a single file with the whole OpenWrt package: kernel plus filesystem. A RouterBoard has at least three flash partitions: bootloader, kernel and ubi. The MikroTik bootloader is preserved even after OpenWrt is installed into NAND or NOR flash.

Mikrotik RouterBoot Boot Protocol: either BOOTP or DHCP

The RouterBoard RouterBoot supports two different boot protocols when netbooting a RouterBoard:

  1. BOOTP Boot Protocol
    • Is the default boot protocol of RouterBoards. When using bootp, there is no need to reconfigure the RouterBoards using serial port: you can just force netboot directly using the RouterBoard Reset button.
    • Not as commonly supported by DHCP/BOOTP/TFTP servers. You need to select a DHCP/BOOTP/TFTP server that supports rfc951 BOOTP to install OpenWrt using bootp.
    • OpenWRT may be booted via BOOTP on all RouterBoard devices.
  2. DHCP Boot Protocol
    • Not the default boot protocol of RouterBoards.
    • Most DHCP/BOOTP/TFTP servers support this protocol.
    • Not all versions of RouterBoot may boot OpenWRT using DHCP.

Run a DHCP/BOOTP/TFTP netboot Server

Various TFTP servers for various OS are documented here.

To comply with the DHCP/BOOTP need of RouterBoot here are some extra detailed instructions.

On Linux or other unix-like OS using dnsmasq

Note: Don't forget to change USER, IFNAME, IP/DHCP IP-range and file name/folder path for your needs and replace openwrt-19.07-*-initramfs-* with the appropriate filename.

#!/bin/bash
IFNAME=enp1s0
/sbin/ip addr replace 192.168.1.10/24 dev $IFNAME
/sbin/ip link set dev $IFNAME up
/usr/sbin/dnsmasq \
--no-daemon \
--listen-address 192.168.1.10 \
--bind-interfaces \
-p0 \
--dhcp-authoritative \
--dhcp-range=192.168.1.100,192.168.1.200 \
--bootp-dynamic \
--dhcp-boot=openwrt-19.07-*-initramfs-* \
--log-dhcp \
--enable-tftp \
--tftp-root=$(pwd)
$ chmod +x loader.sh
# ./loader.sh
On Linux or other unix-like OS with a generic DHCP/BOOTP/TFTP server

Copy openwrt-19.07-*-initramfs-* file to your TFTP server location. Set up your BOOTP server to point to your TFTP server as the next-server and to that file as the bootfile.

On Windows

Reconfigure your PC Ethernet to a static IP at 192.168.1.10

The freeware Tiny PXE server is a DHCP/TFTP server that implements the RFC951 BOOTP capability. To enable Tiny PXE's rfc951 BOOTP capabilities, rfc951=1 must be set in the [dhcp] section of the Tiny PXE config.ini file.
Select the OpenWrt initramfs file as the Boot file Filename, un-check the gPXE or iPXE Filename option, select the Option 54 IP address for the ethernet cable you have connected to the RouterBoard, and put Tiny PXE Online.
if you have problems running Tiny PXE, you may need to turn off your firewall, run Tiny PXE as administrator, or disable all other ethernet/bluetooth/wifi in Network Connections.

It is especially important to ensure only one DHCP/BOOTP/TFTP server is running on your network while attempting a netboot since BOOTP has no support for Proxy DHCP or authoritative DHCP - so be sure to disconnect from any other routers before running Tiny PXE.

Methods to set RouterBoard so it will TFTP netboot

Connect the ethernet 1 port of your routerboard (typically the WAN port) to a network configured to reach the DHCP/BOOTP/TFTP server that you have set up.

The RouterBoard default boot protocol is BOOTP. You can change the RouterBoot boot protocol from BOOTP to DHCP by using the COM port or RouterOS, as documented in this list of netboot methods. Warning. Not all RouterBoard devices can boot OpenWRT via DHCP.

The instructions in this wiki tend to assume you have changed the netboot protocol to DHCP since DHCP netboot is supported by all DHCP servers.
However, if you have chosen to use a DHCP/BOOTP/TFTP netboot server that supports rfc951 BOOTP such as dnsmasq or Tiny PXE (with rfc951=1 set in the [dhcp] section of the config.ini), any of these netboot methods will work fine without any changes to the Routerboot boot protocol.

When a boot protocol is set in RouterBoot, it is remembered: any of the methods here that force a netboot will then use the BOOTP or DHCP boot protocol previously selected in RouterBoot.

Method 1 - Use the RouterBoard Reset button to enable TFTP netboot

This method will work on all RouterBoards, including RouterBoards without a serial port. It is certainly the simplest approach to perform a netboot if using an rfc951 BOOTP-capable DHCP/BOOTP/TFTP server.

Most RouterBoard models generate a short beep when an image begins to netboot or load from flash (unless the RouterBoard has been put in 'silent mode' from the RouterBoot menu). So if you are running without a connection to the serial console COM port to view boot activity from a terminal window, you can use the beep to know when RouterBoot has successfully started to load an image (either a netboot image or the existing flash image).

If you are using dnsmasq or Tiny PXE as your netboot PXE DHCP/BOOTP/TFTP server, you can watch its information/log window to see exactly when the DHCP/BOOTP/TFTP server begins uploading the initramfs file to the RouterBoard (TFTPd:DoReadFile shows up in the information/log window): this will be the same time the RouterBoard beeps.

To enable a netboot using the Reset button:

  1. Unplug the RouterBoard power jack
  2. Hold the reset button (on some models this is just a hole with a hidden pushbutton switch).
  3. Plug the power jack back in
  4. Observe activity LED(s). The LED behavior varies across models, but can be a good indicator about the boot process. See the Mikrotik wiki https://wiki.mikrotik.com/wiki/Manual:RouterBOOT for details.
  5. Release the reset button after you hear the beep (maximum 15 - 20 seconds) or see the upload in the DHCP/BOOTP/TFTP server logs.

Method 2 - Use the RouterBoard serial COM port to enable TFTP netboot

If your RouterBoard model has a serial COM port, you can connect to it as a console terminal to netboot the routerboard via TFTP.
If your RouterBoard does NOT have a serial COM port, it may still have a COM port on the motherboard: if you try soldering a cable, the RouterBoot bootloader may or may not support that serial port.
If you cannot use your serial COM port for any reason, a simple alternative is to use a DHCP/BOOTP/TFTP server that supports rfc951 BOOTP (rather than DHCP) netboot and use the Reset button to force a netboot (see Method 1 above).

To enable a netboot using the serial COM port:

  1. Connect the COM port to a system (terminal server, PC). Set baud to 115200, 8 bits, no parity, 1 stop bit, no flow control.
  2. Open a terminal window (can use software such as PuTTY to open a terminal window connected to the COM port). If RouterOS or OpenWrt are running you should have an interactive shell.
  3. Reboot the RouterBoard (unplug power, wait a couple seconds, plug back in).
  4. Observe “Press any key within 2 seconds to enter setup”. Press a key in the terminal window.
  5. Then use the Routerboot menu to make the RouterBoard boot from the network once: press 'o', then '1' (the one key meaning one boot).
  6. Also change the RouterBoot boot protocol to DHCP: press 'p' then '2'. If your selected DHCP/BOOTP/TFTP server supports rfc951 BOOTP, you can leave the boot protocol set to its default 'bootp'.
  7. Exit from the RouterBoot setup menu to begin the netboot: press 'x'.

More information at: http://wiki.mikrotik.com/wiki/Manual:Netinstall#OPTIONAL:_Configuring_RouterBOARD_with_COM_port

Method 3 - Use a running RouterOS to enable TFTP netboot

If you have not yet installed OpenWrt onto Flash, you should reboot the routerboard via TFTP from the RouterOS web configuration interface.

Connect a PC to a LAN port (port 2...). Log into the web interface of RouterOS and set router to boot from ethernet once with DHCP:

  1. System → Routerboard → Settings → Boot device: Try ethernet once then NAND
  2. System → Routerboard → Settings → Boot protocol: DHCP (if BOOTP don't supported in your DHCP server)
  3. System → Routerboard → Settings → Force Backup Booter: Checked (if supported by your routerboard - !IMPORTANT)

Save

Shutdown RouterBoard and next turn power off and on (don't reboot because on some devices “System -→ Reboot” does not perform a correct TFTP boot; you must use instead “System -→ Shutdown” and unplug/replug the router). This will boot OpenWrt from TFTP once. The boot protocol setting will stay persistent across reboots, but the next reboot will be again from NAND (the bootloader resets this parameter after booting from TFTP once). Once you have installed OpenWrt, RouterOS will have been deleted, so you will need to use one of the previous methods to netboot from TFTP.

Flash OpenWrt

After the DHCP/BOOTP/TFTP netboot of the initramfs image, connect your PC to one of the LAN ports of your RouterBoard.
You cannot connect to the RouterBoard via WiFi with the TFTP netbooted image of OpenWrt because the initramfs version of OpenWrt has WiFi disabled.

After the RAM-based intiramfs version of OpenWrt has netbooted, you should be able to ping your RouterBoard LAN ports at IP address 192.168.1.1
If you have trouble accessing 192.168.1.1 on your RouterBoard LAN port when it is running OpenWrt, try any of the following:

After successfully using a web browser to connect to the OpenWrt LuCI web interface at 192.168.1.1:

Congratulations: you have now successfully flashed OpenWrt into your RouterBoard!

When flashing doesn´t work

Problems with bad blocks

If you got problems while flashing because of (supposed) bad blocks, you could try to use the netinstall-tool from mikrotik (only windows ... :-().

It will reduce the number of bad blocks. mikrotik wiki

There is also a nice netinstall-howto here.

Initial setup

LEDs

Check if the LEDs light up according to their desired functions (eg: under RouterOS). LED configuration is found in /etc/config/system. Depending on model, OpenWrt may have initialized the LEDs correctly. If not, the model specific wiki page should explain how to configure LEDs in /etc/config/system.

Understanding/configuring ports

By default, OpenWrt tries to set up wired/wireless interfaces so that there is one routed WAN interface which is typically the first wired ethernet port and the remaining wired ethernet port and wireless interfaces are bridged into a LAN. This setup is partially done under the hood and partially it shows up in /etc/config/network and can be seen via linux CLI commands, for example 'ifconfig -a':

br-lan this is the linux software bridge interface representing the 'lan'. It should by default have IP address 192.168.1.1. It is created by the 'config interface lan' section in /etc/config/network. The 'option ifname' lists one or more wired interfaces that are included in the bridge. The wireless interface(s) seem to be added to the bridge under the hood. Use 'brctl show' to list all interfaces bound to br-lan.

eth0, eth1,... are ethernet interfaces. They may each be attached directly to an ethernet port or to a switch. Use 'swconfig show' to see which ethernet is connected to a switch.

ethN.M is a VLAN on a switched ethernet.

Serial console

If you solder the UART pins on the board, you can enable the serial console, adding this line to /etc/inittab:

ttyS0::askfirst:/bin/ash --login

Disable silent-boot mode on RouterBOOT bootloader

Manual:RouterBOOT

Manual:RouterBOARD_settings

Silent_boot

Done

You are done now with common OpenWrt procedures for routerboards. Refer to more specific instructions for your individual routerboard, then proceed to first steps with OpenWrt if you do not know them yet:

walkthrough_login

Step-By-Step OpenWrt Installation Processes on Routerboard

With a Linux and other unix-like OS

Note: Don't forget to change USER, IFNAME, IP/DHCP IP-range and file name/folder path for your needs and replace openwrt-22.03-*-initramfs-* with the appropriate filename.

#!/bin/bash
USER=user
IFNAME=enp1s0
/sbin/ip addr replace 192.168.1.10/24 dev $IFNAME
/sbin/ip link set dev $IFNAME up
/usr/sbin/dnsmasq --user=$USER \
--no-daemon \
--listen-address 192.168.1.10 \
--bind-interfaces \
-p0 \
--dhcp-authoritative \
--dhcp-range=192.168.1.100,192.168.1.200 \
--bootp-dynamic \
--dhcp-boot=openwrt-19.07-*-initramfs-* \
--log-dhcp \
--enable-tftp \
--tftp-root=$(pwd)
$ chmod +x loader.sh
# ./loader.sh

using SSH instead of LuCI

  1. Pre-requisites. First, save the license key. Second, set-up the DHCP and TFTP services/daemons on server/router/PC to netboot with openwrt-*mikrotik*-initramfs-kernel.bin.
  2. Connect to web interface http://192.168.88.1
  3. Go to “System”-“Routerboard”.
    Select “Boot ethernet-if fail-nand”.
    In “Boot Protocol”, keep BOOTP (except if your DHCP/BOOTP/TFTP server doesn't support BOOTP and if yourRouteurBoard is able to boot OpenWRT from DHCP, then select “DHCP”).
    Turn on “Force Backup Booter”.
    Click “Apply”.
  4. Go to “System”-“Shutdown”
    Click “Shutdown”
    Wait for LEDs off
  5. Unplug power, plug ethernet cable from DHCP/TFTP server to “WAN” port, plug power cord back in.
    Wait for beep (if available on your RouterBoard).
  6. Connect ethernet cable from your PC with turned on DHCP client to port “2”, “3” or “4”.
  7. Establish SSH connection to root@192.168.1.1
    You should see OpenWrt banner. Check correct functioning of OpenWrt.
    If you see no OpenWrt, then OpenWrt didn't boot on the router, so please check DHCP, TFTP — if these are correctly configured, then the test failed and this version of OpenWrt doesn't work on this router.
  8. If OpenWrt boots OK
    scp openwrt-*mikrotik*-squashfs-sysupgrade.bin root@192.168.1.1:/tmp/
  9. Next, to flash OpenWrt, run following command in the SSH session:
    sysupgrade -n /tmp/openwrt-*-mikrotik*-squashfs-sysupgrade.bin
    the SSH session will close itself, and the RouterBoard will reboot after flashing.
    Please wait several minutes until you hear a beep.
  10. Already establish SSH connection to root@192.168.1.1 (you may need to remove the line with “192.168.1.1” from the file “known_hosts”, on the Linux — ~/.ssh/known_hosts)
    You should see an OpenWrt banner — Congratulations, you installed OpenWrt on the MikroTik RouterBoard.

Detailed Steps

Installing and upgrading OpenWrt on a RouterBoard is basically just a couple steps:

  1. You first netboot an initramfs image of OpenWrt from your DHCP/BOOTP/TFTP server into the RAM of the RouterBoard. This is done from the ether1 port (typically the WAN port) of the RouterBoard.
  2. From that RAM-based running OpenWrt you use the web-based LuCI interface to permanently flash the appropriate sysupgrade .bin file (see above) using LuCI 'Flash image'. This is done from a LAN port (typically ether2 or higher) at IP address 192.168.1.1 of the RouterBoard.

The detailed 8 steps process below is updated to reflect the new 'UBI' style firmware images of version 18 OpenWrt that now make it very easy to flash the RouterBoard directly from the LuCI web interface. Many of the board-specific wiki's here in OpenWrt have yet to be updated to reflect this new, simpler process. Use this description of the Step-By-Step Installation Process to get an idea how relatively simple it is to install and upgrade OpenWrt - and feel free to give it a try since the initramfs version of OpenWrt is just a RAM image that will not affect your RouterOS if you decide NOT to flash the permanent sysupgrade.bin file into your RouterBoard. If you do flash OpenWrt into your RouterBoard, you can revert back to RouterOS at a later time using Mikrotik's NetInstall utility - as long as you saved your RouterOS license file (export your .key license file) before you permanently install (flash) OpenWrt. (For non-windows users, MikroTik claims that it runs on Linux with Wine (superuser permissions are required).

To install OpenWrt (works on all OpenWrt supported RouterBoards, using V18 or later OpenWrt):

  1. Download both OpenWrt files
    Download the two OpenWrt files to your PC: the initramfs file (initramfs.elf, initramfs-lzma.elf or initramfs-kernel.bin, depending on model) and the sysupgrade.bin file for your particular RouterBoard. See above to determine which initramfs and sysupgrade.bin file to use.
  2. If you didn't do this earlier, save the RouterOS License File (Optional: So you can re-install Mikrotik RouterOS at a later date, if needed).
    If you run Windows in your PC: see below.
    If you run any other OS in your PC: see below below.
  3. Run DHCP/BOOTP/TFTP Server
    Then connect to RouterBoard ether1
    • If you are instead wanting to re-install RouterOS, run Mikrotik's NetInstall here. Be sure to use the same version netinstall and MIPSBE .npk file for your RouterBoard. This is where you will import the .key license file you previously exported (if your license is no longer recognized by NetInstall).
      You may need to disable all other devices in Windows Network Connections to make sure the only Ethernet/WiFi/Bluetooth adapter you have running is the one connected to ethernet1 of your RouterBoard. NetInstall sometimes gets confused about which Ethernet adapter to use unless all others are disabled.
  4. You Are Almost There: OpenWrt is Now Running From RAM
    Now you have OpenWrt running in RAM on your RouterBoard. You can try it out by running the next two steps, then poke around and decide if you like it. Since it is only in RAM, if you reboot the RouterBoard without performing the flash (the final step here), this initramfs RAM-based version of OpenWrt will vanish.
  5. Connect to RouterBoard ether2
    Unplug your Ethernet cable from ether1 and plug in to a LAN port on your RouterBoard such as ether2. Some RouterBoards do not enable all LAN ports, so you may need to experiment here.
  6. Login to OpenWrt LuCI Web Interface or via SSH
    Use a web browser to open the OpenWrt LuCI web interface at 192.168.1.1. Login is admin, no password. It may take a minute or more for OpenWrt to fully boot -- wait until the lights on the LAN port indicate activity. If you can't reach the LuCI web interface the initramfs image might be without LuCI. You need SSH in that case. Username is root and there is no password.
  7. Flash sysupgrade.bin Into RouterBoard
    Go to System→Backup/Flash Firmware in LuCI. Select 'Choose file' under 'Flash new firmware image'. Select the sysupgrade.bin file you previously downloaded to your PC. Press 'Flash image' to permanently install OpenWrt on your RouterBoard.
    The flash process may take a minute or more to complete, then your RouterBoard will automatically reboot.
    Congratulations! You now have OpenWrt running and flashed into your RouterBoard. Subsequent upgrades of OpenWrt are as simple as running this step alone (a noted improvement from previous versions of OpenWrt). If you used SSH in the previous step you can flash the RouterBoard with the sysupgrade command.

Once you have OpenWrt running, you'll probably want to reset your PC's Ethernet back to DHCP instead of the 'forced' static IP addresses you used during the install of OpenWrt.

Additional procedures

Compiling OpenWrt

If your model is not yet supported by trunk, you need to download compile and patch OpenWrt sources. Always check if the model specific wiki instructions could already be obsolete and the necessary patches have already been integrated before embarking into compilation.

Full instructions are at Build system – Installation. The following is a mostly a cheat sheet specifically for routerboards.

OpenWrt sources are available via two release management systems, svn and git. If the model specific instructions specified one, use that, otherwise use git (faster).

# Find/make some directory:
mkdir mikrotik
cd mikrotik

# Get Barrier Breaker (14.07)
git clone git://git.openwrt.org/14.07/openwrt.git
# Alternatively, get trunk (latest build)
git clone git://git.openwrt.org/openwrt.git

# git created openwrt directory. All further compile commands
# have to be entered from that directory
cd openwrt

# Patch the kernel as needed
wget ... -O patchfile
patch -u -p0 < patchfile

# Set up compilation to build AR71XX images for routerboards as well as initramfs
echo CONFIG_TARGET_ar71xx=y > .config
echo CONFIG_TARGET_ar71xx_mikrotik=y >> .config
echo CONFIG_TARGET_ROOTFS_INITRAMFS=y >> .config
echo CONFIG_TARGET_INITRAMFS_COMPRESSION_NONE=y >> .config
# make defconfig creates the rest of the config file. 
make defconfig
# -j parallel compilation may cause problems, but usually it does not.
# choose the number according to the number of your CPU cores
make -j 6

Instead of creating .config manually (most easy), you can use the curses CLI (after patching)

make kernel_menuconfig
-> Target = AR7XXX
-> Subtarget = Mikrotik device with NAND flash
-> Target Images = ramdisk''
-> save, exit
# Normally you do not need this, but if there are specific kernel options required:
make kernel_menuconfig
# compile normally
make -j 6

It can be advantageous to explicitly use the kernel configuration used to build the images on openwrt.org:

Example with 14.07:

git clone git://git.openwrt.org/14.07/openwrt.git
cd openwrt
# Optional, this is the commit from which stock kernels where built for 14.07.
# there should be a better label for this in 14.07, but there is none.
git reset --hard 14cb884013ff7034c7bdd19ba704b252095039ad
# Use exactly the config as stock image:
wget https://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/mikrotik/config.ar71xx_mikrotik
mv config.ar71xx_mikrotik .config
# Patch as needed now
..
# Compile
make -j 6

After compilation, the images are in bin/ar71xx. Copy them to your tftp and http server location (including renaming) accordingly to tftp-boot/install them as explained before.

Warning: once you run “make”, it will copy files from the 'target' directory over to 'build_dir' directory including downloading additional software/patches. If you modify/patch files in 'target' after a 'make', those changes will not propagate into 'build_dir'. To experiment with different patches, you either need to modify files in build_dir directly, or run 'make clean' before every make run.

Routerboard configuration

Routerboard bootloader settings are available in the Devicetree at /sys/firmware/mikrotik.

For example, to see the current silent-boot setting, you can run:

# cat /sys/firmware/mikrotik/soft_config/silent_boot 
[off] on

and to turn it on, run echo on > /sys/firmware/mikrotik/soft_config/silent_boot.

Saving MikroTik RouterBoard License key using WinBox and Windows

See http://wiki.mikrotik.com/wiki/Manual:License.

With existing RouterOS running on your RouterBoard, connect your PC to a LAN port on the RouterBoard (DHCP enabled). Use a web browser to get to the RouterOS login page (default at 192.168.88.1) and download Mikrotik WinBox from your RouterBoard onto your Windows PC. Do NOT try to use the WebFig browser interface to export your license file: it does not have the license export feature. You must use the WinBox Windows application. Execute (double click) the downloaded WinBox to run it from your PC. Use WinBox to export (save) your license .key file to your PC. This will allow you to restore/re-install RouterOS at a later time using Mikrotik's NetInstall.

If you cannot connect to the RouterBoard RouterOS on a LAN port, try resetting the RouterBoard to its default settings: that will ensure you can connect using the ether1 port. Reset the RouterBoard to its default settings by unplugging power, press the Reset button, then plug power back in and continue holding the Reset button for 5 seconds. Now set your PC to a static IP address of 192.168.88.10. Move your Ethernet cable to the ether1 (usually WAN) port on the RouterBoard and get WinBox at 192.168.88.1

If you have an old version of RouterOs/WinBox and a newer version of Windows (such as Windows 10), your WinBox may not be compatible with Windows 10. If so, upgrade your RouterOS so you get a new version of RouterOs/WinBox that is Windows 10 compatible. The latest WinBox is Windows 10 compatible, but the WinBox version must also be compatible with the RouterOS version - so that's why you should consider installing a new RouterOS .npk file (which includes WinBox) if WinBox is not working for you.

Saving MikroTik RouterBoard License Key Without Using WinBox

It's a good idea to save your RouterOS license .key file (export your license) before starting an install of OpenWrt.

A simple method is to use the Mikrotik WinBox Windows application, as discussed at the top of this page. Otherwise, boot RouterOS and export the key to a file:

/system license output

Then list the files on your device to see which file the .key file was saved:

/file print

On a fresh install, the key file should be #1 (or #0 on a RB433UAH).

Copy contents, alternative 1: to open the editor with file #1, type:

/file edit 1 value-name=contents

Then copy-paste the text in a file on your computer. (this alternative only support text files)

Copy contents, alternative 2: later v5 versions of RouterOS supports uploading files via the fetch command. Example:

fetch address=192.168.0.200 src-path=RJ15-ERX5.key user=ftp mode=ftp password=ftp dst-path=/pub/write/RJ15-ERX5.key upload=yes

Copy contents, alternative 3: download files from web interface. Example

http://192.168.88.1/webfig/#Files

Copy contents, alternative 4: download files via scp. Example

scp admin@192.168.88.1:/RJ15-ERX5 ./RJ15-ERX5

The differences between the obtained key file and a key exported with Winbox are that the SoftwareID line is not present in the latter, and there are no empty lines, so you should probably delete all the empty lines in your file prior to import it for a new installation; the SoftwareID line should not bother the installer (untested).

Saving MikroTik RouterOS

From TFTP booted OpenWrt:

cat /proc/mtd
# the following expects that kernel is mtd1 and rootfs is mtd2
mkdir /mnt/kernel /mnt/rootfs
mount -o ro /dev/mtdblock1 /mnt/kernel
mount -o ro /dev/mtdblock2 /mnt/rootfs
cd /mnt/kernel
tar czf /tmp/mikrotik-kernel.tar.gz .
cd /mnt/rootfs
tar czf /tmp/mikrotik-rootfs.tar.gz .
cd /tmp
scp mikrotik* username@your-server:tmp

If you skipped this step but find you need to restore your prior version of RouterOS, you can use the Mikrotik NetInstall utility to re-install a fresh copy of RouterOS. Mikrotik does provide copies of RouterOS .npk files on their website, however you need to be sure to have saved your license key in order to use NetInstall (if NetInstall does not recognize your existing license).

Be sure to use Mikrotik WinBox to export your license key before installing OpenWrt.

Downgrading RouterOS

  1. Download RouterOS v6 for the correct architecture (ARM for armv7 devices, ARM64 for armv8 devices, etc.).
  2. Upload the .npk file using FTP, SCP, or at http://192.168.88.1/webfig/#Files.
  3. Run the /system package downgrade command or press the “Downgrade” button at System → Packages in the web interface.
  4. After the device reboots, it will have donwgraded the RouterOS itself, but not the bootloader yet. To downgrade the bootloader, confusingly, run the /system routerboard upgrade command or press the “Upgrade” button at System → Routerboard.
  5. Reboot and then run /system routerboard print or go to System → Routerboard in the web interface to make sure that you have the “current version” that you expect.

Manually Flashing OpenWrt with wget2nand (deprecated)

These instructions are deprecated since wget2nand is no longer used, but left here for reference. Note “rootfs” has become “ubi” (and allow direct flashing of the NAND or NOR from the LuCI web interface) in the current OpenWrt release.

If wget2nand encounters problems, perform its steps manually from shell.

cat /proc/mtd
dev:    size   erasesize  name
mtd0: 00040000 00020000 "booter"
mtd1: 003c0000 00020000 "kernel"
mtd2: 07c00000 00020000 "rootfs"

The following instructions assume that as shown above, kernel is /dev/mtd1 and rootfs /dev/mtd2. If these numbers are different on your model, appropriately change the following commands.

mtd erase /dev/mtd1
mtd erase /dev/mtd2
mkdir /mnt/kernel
mkdir /mnt/rootfs
mount /dev/mtdblock1 /mnt/kernel
mount /dev/mtdblock2 /mnt/rootfs

Copy kernel & rootfs to routerboard:

scp bin/ar71xx/openwrt-ar71xx-mikrotik-vmlinux-lzma.elf root@192.168.1.1:/tmp
scp bin/ar71xx/openwrt-ar71xx-mikrotik-DefaultNoWifi-rootfs.tar.gz root@192.168.1.1:/tmp

Flash kernel & rootfs

mv /tmp/openwrt-ar71xx-nand-vmlinux-lzma.elf /mnt/kernel/kernel
chmod +x /mnt/kernel/kernel
umount /mnt/kernel
cd /mnt/rootfs
tar -xvzf /tmp/openwrt-ar71xx-mikrotik-DefaultNoWifi-rootfs.tar.gz
cd /
umount /mnt/rootfs
sync

Reboot

Notes

Patchworks

Router model specific pages may refer to http://patchwork.openwrt.org/patch/4773/raw/ URLs. That patchwork server was decommissioned in 2014. See https://dev.openwrt.org/ticket/17785 and https://lists.openwrt.org/pipermail/openwrt-devel/2014-December/029786.html.

The new patch server is https://patchwork.ozlabs.org. Patch numbers for the old server seemingly can not be translated to the new patchwork server so they are not accessible anymore. In general, all patches from the old patchserver should have already been integrated into trunk.

Rumors

Some wiki pages claim that parallel compilation with -j N may fail OpenWrt build. This seems not to be a problem for >= 14.07 and AR71XX builds as for RouterBoards, parallel compile seems to work fine.

Some wiki pages claim that you need to put paths into the OpenWrt build tree into your .bashrc so that compilation works correctly. This does not seem to be the case anymore. No problems encountered.

Routerboard 951G Switch Fix

Routerboard 2011 Switch Fix thread

A Detailed Example of Installing OpenWrt on a Mikrotik RB493G (V18 Style) Written by the author of many of the V18 upgrades to this wiki. Procedure should work on most RouterBoards with only a change to the selected initramfs and sysupgrade.bin file names.

A Detailed Example of Installing OpenWrt on a Mikrotik RB450G (Old Style, Attitude Adjustment, Includes Compiling)

Using Mikrotik NetInstall to Install RouterOS Covers the process of re-installing RouterOS after you have previously installed OpenWrt. You may need to have a copy of your RouterOS license .key file to do this (if NetInstall does not recognize your prior license)