RoMON stands for Router Management Overlay Network which is a new feature of Mikrotik on RouterOS starting from version 6.28. This RoMON feature may still be foreign to you, because it is only available in the new RouterOS and WinBox versions. Well, to find out more about what RoMON Mikrotik is, let’s discuss it in this article.
Definition of RoMON
What is ROMON? RoMON (Router Management Overlay Network) is a Mikrotik proprietary protocol (a protocol that is only supported on Mikrotik devices), which can create a secure (secure) layer2 connection to a MikroTik device via either a “Physical” (ethernet) or Layer2 Tunnel connection. In addition, RoMON also has the following features:
- Discovery and management of MikroTik devices via Ping, SSH, Winbox (version 3.0.rc.9 and above).
- Able to perform discovery (search) MikroTik devices that activate RoMON that has passed multiple hops.
So with this RoMON we can detect Mikrotik devices on WinBox even though the Mikrotik devices are on different network segments and pass through several other routers (multiple hops). This is different from the usual Mikrotik WinBox feature, which can only detect Mikrotik devices that are on one network.
How to Activate RoMON
RoMON communication is based on the RoMON ID parameter taken from the router’s MAC Address. RoMON enabled devices will make a discovery of MAC Address Peer as well as data forwarding protocol independently.
This time we will try a simple implementation of this feature by doing a remote router (RoMON Enabled) on a different network using Winbox. Especially for this feature as we mentioned above, we will use Winbox version 3.0.rc.9 which supports RoMON features.
The RoMON feature is found in the Tools → RoMON menu. To activate it we just check the option ‘Enabled’. Then we specify the parameter ‘Secrets’ in RoMON Settings. This parameter serves as authentication for the connected MikroTik device connection. For example, this time we fill ‘Secrets’ with 12345. According to the topology of the example above, this configuration is also done on the three routers.
If we look at RoMON Settings there is an ID parameter. This ID is the MAC Address of the router used for device communication. We can determine these parameters with any MAC Address contained in the router interface, but if we do not fill it by default we will use the first router MAC Address.
Furthermore, after the three routers have been configured as above, we will try to remotely use a different network device using Winbox.
Like the topology above, the client that will do the remote is on the 192.168.1.0/24 network. We can add the ‘Connect To’ parameter in winbox with the gateway from the client. Now, to use the RoMON feature, we select the command button in Winbox, namely Connect TO RoMON. After successfully connected, the Winbox display appears as follows.
Seen in winbox there is a RoMON Agent and also in the RoMON Neighbors tab there are MikroTik devices connected to RoMON. If without using RoMON when we want to remotely device on a different network, even one that passes through several hops, it will not appear in the neighbors tab in Winbox.
To do remote we just select one of the devices on the list that we want to manage and click on the ‘Connect‘ button.
By default all interfaces on the router are active for RoMON. But here we can activate whichever interface is enabled by the RoMON feature. In addition, we can manually specify the ‘Cost’ value and also the ‘Secret’ parameter on the interface.
With the ‘Discovery’ command found in RoMON Settings, we can see which devices are connected and active using RoMON. There is some information from the device such as RoMON ID (Address), Cost value, Number of Hops, Identity.
We can monitor the MikroTik device whether it is active and connected properly. To do this check, you can use Ping RoMON.