AllInfo

RouterOS 7.15.1

admin

MikroTik heeft versie 7.15.1 van RouterOS uitgebracht, een besturingssysteem dat zich richt op het uitvoeren van routertaken. Denk daarbij natuurlijk aan het routeren van netwerkverkeer, maar ook aan bandbreedtemanagement, een firewall, het aansturen van draadloze accesspoints, een hotspotgateway en een vpn-server. Het kan zowel op de hardware van MikroTik als op x86- of virtuele machines zijn werk doen. Voor het gebruik is een licentie nodig, die bij de aankoop van MikroTik-hardware is inbegrepen. De changelog sinds versie 7.14.2 kan hieronder worden gevonden.

What’s new in 7.15.1:

  • bgp – fixed BGP sessions missing vpnv6 afi
  • bgp – fixed corrupted as-path when received update with empty AS_PATH attribute (introduced in v7.15)
  • bgp – fixed vpnv6 safi
  • health – fixed board-temperature for KNOT device (introduced in v7.15)
  • health – fixed missing health for CRS112-8G-4S device (introduced in v7.15)
  • install – fixed ARM64 cdrom install (introduced in v7.15)
  • lte – fixed cases where LTE interface would take long time to become ready after bootup for Chateau 5G and Chateau 5G R16 (introduced in v7.15)
  • lte – fixed cases where modem could be handled by multiple dialer instances
  • modem – fixed unresponsive PPP link recovery when TX bandwidth was exceeding link capacity
  • poe-out – fixed silent firmware upgrade fail on CRS112-8P-4S device (introduced in v7.15)
  • ppp – fixed dynamic queue default name (introduced in v7.15)
  • route – fixed memory leak (introduced in v7.15)
  • route – fixed some missing route parameters when printing (introduced in v7.15)
  • wifi – fixed signal strength reporting during association (introduced in v7.15)
  • wifi – improved WPA3 PMKSA handling when access-lists with custom passphrases are used
  • winbox – fixed issue with skin file appearing as unknown in user group menu (introduced in v7.15)
  • winbox – fixed missing system note on login (introduced in v7.15)

What’s new in 7.15:

  • system – added support for AMPERE (R) and ARM64 CHR installations (new ARM64 CHR image available)
  • system – added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package)
  • bgp – added initial vpnv6 support
  • bgp – correctly synchronize input.accept-nlri address list
  • bgp – fixed prefix count when BGP sessions run with multiple AFIs
  • bgp – fixed selecting local.default-address from wrong VRF
  • bgp – use IPv6 as default address-family for IPv6 sessions
  • bgp-vpn – use VRF interface as gateway for leaked connected routes
  • branding – added option to hide default configuration prompt
  • branding – added option to hide or replace default caps-mode-script
  • bridge – added error message if MLAG peer-port is configured with “mlag-id”
  • bridge – added MLAG peer-port events to logs
  • bridge – added MVRP support
  • bridge – do not allow multiple bonds with same “mlag-id”
  • bridge – improved protocol-mode STP, RSTP and MSTP stability
  • bridge – rename monitor property “path-cost” to “actual-path-cost”
  • bridge – reworked dynamic VLAN creation
  • bridge – use default “edge=auto” for dynamically bridged interfaces (PPP, VPLS, WDS)
  • certificate – added support for different ACME servers for ssl-certificate (CLI only)
  • certificate – added support for importing pbes2 encrypted private keys with aes128
  • certificate – added trusted parameter for certificate import
  • certificate – allow replacing certificate with internal import
  • certificate – delete certificate related files automatically from storage after import
  • certificate – improved RSA key signature processing speed
  • chr – allow to “generate-new-id” only while CHR is running on level “free” license
  • chr – fixed bogus messages printed out while booting up the system (introduced in v7.14)
  • chr – fixed Xen and Vultr missing ethernet (introduced in v7.14)
  • console – added “byte-array” option to “:convert” command
  • console – added “proplist” parameter to interactive commands
  • console – added “rows” property for sniffer quick mode
  • console – added “sanitize-names” property under “/console/settings” menu (option for replacing reserved characters with underscores for files, disabled by default)
  • console – added “type” parameter to “:resolve” command
  • console – added “use-script-permissions” option when running scripts from CLI
  • console – added hotkey “F8” to print entire multiline input
  • console – added link from “/iot/lora” to “/lora”
  • console – added log for script execution failures
  • console – added multi-line print in “/file” menu
  • console – added option to get “about” value (dynamically created text field by RouterOS services like CAPsMAN)
  • console – added option to read and change file line endings in full-screen editor
  • console – added warning log for modified filenames due to reserved characters
  • console – covert spaces, CR, LF in “:convert to=url” command
  • console – do not convert string to array in “:deserialize” command
  • console – fixed “:onerror” behavior when “do” block is missing
  • console – fixed “export where” functionality in certain menus
  • console – fixed console prompt when entering hot lock mode with “F7”
  • console – fixed DHCP server “authoritative=no” configuration export
  • console – fixed do/while implementation not working with variables (introduced in v7.14)
  • console – fixed filtering by “dhcp” flag in “/ip/arp” menu
  • console – fixed multiple typos in help
  • console – improved stability
  • console – optimized configuration export to prevent startup of processes without any configuration
  • console – remove unnecessary serial ports for Alpine CPUs
  • console – show system note before serial login if enabled
  • console – use user permissions when running scripts from WinBox and WebFig
  • container – do not allow negative number for “ram-high” setting
  • defconf – do not override default DHCP server lease time
  • defconf – fixed 5ghz-ax channel width for L11, L22 devices
  • defconf – fixed unknown topics in log messages
  • defconf – minor configuration script updates
  • dhcpv4-relay – added VRF support
  • discovery – added LLDP MAC/PHY Configuration/Status TLV support
  • discovery – added LLDP Maximum Frame Size TLV support
  • discovery – added LLDP Port Description TLV support
  • discovery – advertise only physical interface name for LLDP PortID TLV
  • discovery – always send LLDP MED Power TLV if MED was received
  • discovery – fixed high CPU utilization when “tx-only” mode is set
  • discovery – optimized LLDP information update
  • disk – added option to auto configure media sharing
  • disk – added support for formatting exfat file-system
  • disk – improved support for file systems with non-ascii characters in file names
  • disk – improved support for formatting ext4 file-system
  • disk – improved system stability when adding partition with no parent
  • disk – improved system stability
  • disk – the “scan” command will now detect and include USB drives that were previously ejected
  • dns – added support for “adlist”
  • dns – added VRF support
  • dns – improved system stability when caching entries
  • eap – improved eap-peap, eap-mschap2 client authentication (dot1x/wireless/ipsec)
  • ethernet – fixed default names for CRS310-8G+2S+ device (introduced in v7.14)
  • ethernet – fixed interface disable for CRS326-4C+20G+2Q
  • ethernet – fixed management port disable/enable on CCR2004-1G-12S+2XS, CCR2004-1G-2XS-PCIe, CCR2216, CCR2116 devices
  • ethernet – improved port speed downshift functionality for CRS326-4C+20G+2Q
  • fetch – added “idle-timeout” parameter
  • fetch – changed topic “info” to “error” for permission denied logs
  • fetch – fixed slow throughput due to “raw” logging which occurred even when not listening to the topic (introduced in v7.13)
  • file – allow adding and renaming files and directories
  • file – avoid refreshing whole file system during file modification
  • file – improved external storage detection
  • health – added “cpu-temperature” for IPQ50xx devices
  • health – added log for fan state changes on CRS3xx, CRS5xx, CCR2xxx, CCR1016r2, CCR1036r2 devices
  • health – fixed fan behavior for CRS310-1G-5S-4S+ (introduced in v7.14)
  • health – fixed rogue voltage on CRS510-8XS-2XQ-IN
  • install – cdrom and hdd install images contain additional packages that can be interactively selected
  • ipv6 – properly initialize default ND “interface=all” entry
  • leds – fixed LEDs for L22 device
  • lora – removed LoRa WinBox and console functionality duplication (moved to IoT package since v7.11)
  • lte – added “at-chat” support for DELL T99W175 (PID: 0x05c6 VID: 0x90d5)
  • lte – added support for concatenated AT commands in “modem-init” string
  • lte – added support to set “modem-init” string for “dialer-less” modems
  • lte – apply the same configuration for Microsoft branded EM12-G modem (Surface Mobile Broadband) as for Quectel EM12-G
  • lte – do not show persistent interfaces for multi-apn slave interfaces
  • lte – dropped support for R11e-LTE-US FOTA firmware update
  • lte – fixed R11e-LTE-US modem dial-up
  • lte – fixed situation where link is not restored after Quectel MBIM modem firmware update
  • lte – improved FG621-EA modem APN authentication
  • lte – make interface persistent (unused interface configs can be removed, allow to export and examine current configuration without the device present)
  • lte – removed 2 APN restriction for RG520F-EU modem
  • lte – use the correct network interface for multi-interface LTE modems
  • media – added support for DLNA
  • metarouter – removed support
  • modem – send APN authentication for BG77 modem also if ppp-client interface created manually
  • netinstall – improved stability
  • netinstall-cli – fixed incorrect server address assignment (introduced in v7.14)
  • ovpn – fixed import ovpn config when remote port is missing
  • ovpn – fixed minor typo in error message
  • poe-out – added LLDP power management support for devices with single PoE-out port
  • poe-out – fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9)
  • poe-out – improved firmware upgrade stability for AF/AT controlled boards
  • poe-out – moved “PoE LLDP” property from “/interface/ethernet/poe” to “/ip/neighbor/discovery-settings” and enable it by default
  • ppp – added “enable-ipv6-accounting” option under PPP AAA menu
  • ppp – added log when disconnecting a client due to “WISPr-Session-Terminate-Time” RADIUS attribute
  • ppp – allow underscores in domain names
  • ppp – enabled monitoring of registration state, RSRP, RSRQ, SINR, PCI, CellID for BG77 modem
  • ppp – fixed “Framed-IPv6-Pool” usage when received from RADIUS
  • ppp – fixed “on-down” script running even when tunnel was not up
  • profiler – added “neighbor-discovery” task
  • qos-hw – added “offline” tx-manager (CLI only)
  • qos-hw – added “profile” and “map” support for CPU port
  • qos-hw – added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only)
  • qos-hw – added ECN marking support for compatible switches
  • qos-hw – added per-queue traffic shapers (CLI only)
  • qos-hw – added Priority Flow Control for compatible switches (CLI only)
  • qos-hw – added support for QoS profile assignment via ACL rules
  • qos-hw – added WRED support for compatible switches
  • qos-hw – fixed port “print stats/usage” when using “from” property
  • qos-hw – replaced buffer with bytes in QoS monitor
  • queue – improved system stability (introduced in v7.6)
  • quickset – only show LTE mode for devices without other wireless interfaces
  • radius – added “require-message-auth” option that requires “Message-Authenticator” in received Access-Accept/Challenge/Reject messages
  • radius – include “Message-Authenticator” in any RADIUS communication messages besides accounting for all services
  • route – do not allow routes with empty “dst-address”
  • route – do not redistribute loopback address as connected route
  • route – fixed bgp-vpn prefix import with the same route distinguisher (RD)
  • route – improved system stability
  • route – rework of route attributes
  • route – show route-distinguisher (RD) in route print
  • route-filter – allow setting different AFI gateways
  • route-filter – fixed ext community list matcher
  • sfp – added “100M-baseFX” link mode support for compatible devices
  • sfp – added “sfp-ignore-rx-los” setting
  • sfp – fixed “sfp-tx-fault” state indication for CRS510
  • sfp – fixed link establishment with 100Mbps optical modules (requires “/interface ethernet reset” or adding “100M-baseFX” modes for advertise or speed properties)
  • sfp – fixed missing Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases
  • sfp – ignore SFP RX LOS signal for modules with bad EEPROM
  • sfp – improved “sfp-tx-power” value monitoring in certain cases
  • sfp – improved auto-negotiation linking for some MikroTik cables and modules
  • sfp – improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14)
  • sfp – improved system stability with some GPON modules for CCR2004 and CCR2116 devices
  • smb – added logs for share connection requests
  • smb – do not allow setting empty “comment” or “domain” properties
  • sms – added option to select SMS storage
  • sms – added SMS PDU to SMS inbox “print detail”
  • sms – added workaround for modems which do not notify regarding new SMS arrival (missing URC)
  • sms – improved SMS handling
  • sms – removed SMS for SMIPS
  • sms – use “gsm” logging topic for serial modem SMS logs
  • snmp – added missing PoE-out status codes to MIKROTIK-MIB
  • snmp – added new “mtxrOpticalVendorSerial” OID to MIKROTIK-MIB
  • socks – attempt to parse domain name as IP before resolving
  • ssh – added support for user Ed25519 private keys
  • ssh – export host Ed25519 public key
  • ssh – fixed bogus output
  • ssh – fixed permissions to run “.auto.rsc” scripts
  • ssh – require “policy” user policy when adding public key
  • sstp – added SNI support
  • sstp – disconnect clients when server is disabled
  • storage – improved configuration storing process on first system boot after configuration reset
  • switch – added support for multiple ingress and egress port mirroring on 98DXxxxx switches
  • switch – added support for RSPAN mirroring on 98DXxxxx switches
  • switch – fixed L3HW and QoS monitor during switch reset
  • system – added resource values (Product name, File name and File version) for Windows executable files
  • system – general work on optimizing the size of RouterOS packages
  • system – show “cpu-frequency” for Alpine CPUs
  • system – skip configuration upgrade from RouterOS v6 on configuration reset
  • system – updated office address in RouterOS license
  • system – updated online manual links from “wiki” to the help documentation
  • timezone – updated timezone information from “tzdata2024a” release
  • traffic-flow – detect IPv4 source address if not set
  • traffic-flow – improved system stability
  • userman – added “require-message-auth” option that requires “Message-Authenticator” in received Access-Request messages
  • userman – include “Message-Authenticator” in any RADIUS communication messages besides accounting for all services
  • vlan – added MVRP (applicant) configuration option
  • vlan – ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU
  • vlan – fixed MTU reset on bridge after reboot
  • vlan – limit “vlan-id” range from 1-4095 to 1-4094
  • vrf – fixed VRF interfaces being moved to main table after reboot (introduced in v7.14)
  • webfig – allow pasting with ctrl+v into terminal
  • webfig – fixed column preferences for ordered tables
  • webfig – show inherited properties for wifi interfaces
  • wifi – added “reselect-interval” support
  • wifi – changed interface default to “disabled=yes”
  • wifi – do not report disabled state for CAPsMAN managed interface
  • wifi – fixed configuration export for “disabled” property
  • wifi – improve channel selection after radar detection events
  • wifi – improve regulatory compliance for L11, L22 devices
  • wifi – improved interface initialization reliability on DFS channels
  • wifi – improved stability of DFS check in the 5GHz-A band
  • wifi – improved system stability when provisioning CAPs in certain cases
  • wifi – rename “available-channels” parameter to “channel-priorities” and include desirability rating for each channel
  • wifi – report current CAPsMAN address and identity on CAP
  • wifi – show inherited properties with “print” command (replaces “actual-configuration”) and added “print config” for showing only configured values
  • wifi-qcom – added configuration.distance setting to enable operation over multi-kilometer distances
  • wifi-qcom – updated driver
  • winbox – added “Download” and “Flush” buttons under “System/Certificates/CRL” menu
  • winbox – added “Flat Snoop” button under “WiFi” menu
  • winbox – added “FT Preserve VLAN ID” setting under “WiFi/Configuration/FT” menu
  • winbox – added “Request logout” button under “System/Users/Active Users” menu
  • winbox – added “Trusted” checkbox under “System/Certificates/Import” menu
  • winbox – added drop down menu for “User” property when importing SSH key under “System/User/SSH Keys” and “System/User/SSH Private Keys” menus
  • winbox – added invalid flag under “IP/DHCP Relay” menu
  • winbox – added key type and key length column for user SSH keys
  • winbox – added missing SFP monitoring properties under “Interface/SFP” menu
  • winbox – added passphrase option for SSH host key export
  • winbox – added passphrase option for SSH host key import
  • winbox – allow specifying size and rtmpfs size with M, G units under “System/Disks” menu
  • winbox – allow to specify “M” or “G” postfix for download, upload or total limits under “User Manager/Limitations” menu
  • winbox – do not show “Host Key Size” when using ed25519 key under “IP/SSH” menu
  • winbox – fixed the issue where the skin file fails to appear in the user group menu after creation
  • winbox – renamed “Channel” column to “Current Channel” under “Wifi” menu
  • winbox – show “Valid Servers” and “Unknown Servers” column by default under “IP/DHCP Server/Alerts” menu
  • winbox – show inherited properties for wifi interfaces
  • winbox – show SIM settings for SXTR device under “Interfaces/LTE/Modem” menu
  • winbox – updated icons for certain menus
  • winbox – use correct values for “Jump Target” property under “IPv6/Firewall/Filter Rules” menu
  • wireguard – added option to mark peer as responder only
  • wireguard – added peer “name” field and display it in logs
  • wireguard – do not attempt to connect to peer without specified endpoint-address
  • wireguard – fixed “auto” argument usage for “private-key” and “preshared-key” settings
  • wireguard – fixed performance issues showing QR code
  • wireless – perform shorter channel availability check for 5600-5650MHz if regulatory domain permits it
  • x86 – fixed ixgbe Tx hang by disabling TSO
  • x86 – fixed VLAN tagged packet transmit for ice driver
  • x86 – ice driver update to v1.13.7
  • x86 – improved stability for RTL8125 driver
  • x86 – ixgbe driver update to 5.19.9
  • x86/chr – improved panic saving (increased minimal RAM requirements to 256MB)

What’s new in 7.14.3:

  • bgp – correctly synchronize input.accept-nlri address list
  • bridge – use default “edge=auto” for dynamically bridged interfaces (PPP, VPLS, WDS)
  • disk – improved system stability
  • fetch – fixed slow throughput due to “raw” logging which occurred even when not listening to the topic (introduced in v7.13)
  • queue – improved system stability (introduced in v7.6)
  • wifi-qcom – added configuration.distance setting to enable operation over multi-kilometer distances (CLI only)

Exit mobile version