Cloud Hosted Router (CHR) is a RouterOS version intended for running as a virtual machine. It supports the x86 64-bit architecture and can be used on most of the popular hypervisors such as VMWare, Hyper-V, VirtualBox, KVM, and others. CHR has full RouterOS features enabled by default but has a different licensing model than other RouterOS versions.

...

Warning: We do not recommend using the E1000 network interface if better synthetic interface options are available on a specific Hypervisor!

How to Install a virtual

...

RouterOS system with CHR images

We provide 4 different virtual disk images to choose from. Note that they are only disk images, and you can't simply run them.

...

1. Download virtual disk image for your hypervisor
2. Create a guest virtual machine
3. Use the previously downloaded image file as a virtual disk drive
4. Start the guest CHR virtual machine
5. Log in to your new CHR. Default The default user is 'admin', without a password

Please note that running CHR systems can be cloned and copied, but the copy will be aware of the previous trial period, so you cannot extend your trial time by making a copy of your CHR. However, you are allowed to license both systems individually. To make a new trial trail system, you need to make a fresh installation and reconfigure RouterOS.

...

• VMWare Fusion / Workstation and ESXi 6.5
• VirtualBox
• Hyper-V
• Amazon Web Services (AWS)
• Hetzner Cloud
• Linode
• Google Compute Engine
• ProxMox

CHR Licensing

The CHR has 4 license levels:

• free
• p1 perpetual-1 ($45)
• p10 perpetual-10 ($95)
• p-unlimited perpetual-unlimited ($250)

The 60-day free trial license is available for all paid license levels. To get the free trial license, you have to have an account on MikroTik.com as all license management is done there.

Perpetual is a lifetime license (buy once, use forever). It is possible to transfer a perpetual license to another CHR instance. A running CHR instance will indicate the time when it has to access the account server to renew it's its license. If the CHR instance will not be able to renew the license it will behave as if the trial period has ran run out and will not allow an upgrade of RouterOS to a newer version.

After licensing a running trial system, you must manually run the /system license renew function from the CHR to make it active. Otherwise, the system will not know you have licensed it in your account. If you do not do this before the system deadline time, the trial will end and you will have to do a complete fresh CHR installation, request a new trial, and then license it with the license you had obtained.

...

The free license level allows CHR to run indefinitely. It is limited to 1Mbps upload per interface. All the rest of the features provided by CHR are available without restrictions. To use this, all you have to do is download the disk image file from our download page and create a virtual guest.

...

You will have to have an account registered on MikroTik.com. Then you can request the desired license level for trial from your router that will assign your router ID to your account and enable a the purchase of the license from your account. All the paid license equivalents are available for trial. A trial period is 60 days from the day of acquisition after this time passes, your license menu will start to show "Limited upgrades", which means that RouterOS can no longer be upgraded.

...

...

After the initial setup, a CHR instance will have a free license assigned. From there, it is possible to upgrade the license to a higher tier. Once you have a trial license all the work with the license is done on the account server where it is possible to upgrade the license to a higher tier unless it is p-unlimited already.

...

Initial upgrade from the free tier to anything higher than that incurs CHR instance registration on the account server. To do that you have to enter your MikroTik.com username and password and the desired license level you want to acquire. As a result, a CHR ID number will be assigned to your account on the account server and a 60-day trial created for that ID. There are 2 ways to obtain a license - using WinBox or RouterOS command-line interface:

Using WinBox (Sytem -> License menu):

Using the command-line interface:

[admin@MikroTik] > /system license print 
  system-id: 6lR1ZP/utuJ
      level: free

[admin@MikroTik] > /system license renew 
account: mymikrotikcomaccount
password: *********************
level: p1 
  status: done
  
[admin@MikroTik] > /system license print 
        system-id: 6lR1ZP/utuJ
            level: p1
  next-renewal-at: jan/10/2016 21:59:59
      deadline-at: feb/09/2016 21:59:59

To acquire a higher level trial, set up a new CHR instance, renew the license, and select the desired level.

...

To upgrade from a Trial to a Paid license click 'Upgrade', choose the desired license level (it can be different than the level of the trial license), and click 'Upgrade key':

Choose the payment method:

...

It is possible to pay using account balance (deposit), credit card (CC), PayPal, or using Balance (prepaid) key (if you have any).

...

In '/system license' menu router will indicate the time next-renewal-at when it will attempt to contact the server located on licence.mikrotik.com. Communication attempts will be performed once an hour after the date on next-renewal-at and will not cease until the server responds with an error. If the deadline-at date is reached without successfully contacting the account server, the router will consider that license has expired and will disallow further software updates. However, the router will continue to work with the same license tier as before.

...

The solution: check your VMS (Virtualization Management System) security settings, if other MAC addresses allowed to pass if packets with VLAN tags allowed to pass through. Adjust the security settings according to your needs like allowing MAC spoofing or a certain MAC address range. For VLAN interfaces, it is usually possible to define allowed VLAN tags or VLAN tag range.

...

In some hypervisors before VLAN can be used on VMs, they need to first be configured on the hypervisor itself.

ESXI

Enable Promiscuous mode in a port group or virtual switch that you will use for specific VM.

...

It won't be possible to run CHR on this hypervisor. CHR cannot be run as a para-virtualized platform.

...

• poweron and resume scripts are executed (if present and enabled) after poweron power on and resume operations respectively.
• poweroff and suspend scripts are executed before poweroff power off and suspend operations respectively.
• If scripts take longer than 30 seconds or contain errors, the operation fails
• In case of failure, retrying the same operation will ignore any errors and complete it successfully
• Failed script output is saved to file (e. g. 'poweroff-script.log', 'resume-script.log' etc)
• Scripts can be enabled/disabled from hypervisor GUI ('run VMware Tools Scripts') or by enbaling/disabling scripts from console

...

• freeze script is executed before freezing the filesystem
• freeze-fail script is executed if hypervisor failed to prepare for a snapshot or if freeze script failed
• thaw script is executed after the snapshot has been taken
• Script run time is limited to 60 seconds
• freeze script timeouts and errors result in the backup operation being aborted
• FAT32 disks are not quiesced
• Failed script output is saved to file (e. g. 'freeze-script.log', 'freeze-fail-script.log', 'thaw-script.log')

...

Information about completed jobs is kept around for ~1 minute, or untill until ListProcessesInGuest (with the corresponding JobID) is called. If the script fails, a file named 'vix_job_$JobID$ .txt' containing the script output is created. Script run time is limited to 120 seconds and script output is not saved on timeout,

...

• On older hosts (pre 21.06.2017) only the first ipv4 address assigned to the interface is visible

Provisioning

...