Изменения в RouterOS:Release 6.42.x

Материал из MikroTik Wiki
Перейти к навигации Перейти к поиску

Изменения в MikroTik RouterOS 6.42 (2018-Apr-13 11:03)

!) tile - improved system performance and stability ("/system routerboard upgrade" required); !) w60g - increased distance for wAP 60G to 200+ meters;

  • bridge - added host aging timer for CRS3xx and Atheros hw-bridges;
  • bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts;
  • bridge - added per-port learning options;
  • bridge - added support for static hosts;
  • bridge - fixed "master-port" configuration conversion from pre-v6.41 RouterOS versions;
  • bridge - fixed bridge port interface parameter under "/interface bridge host print detail";
  • bridge - fixed false MAC address learning on hAP ac^2 and cAP ac devices;
  • bridge - fixed incorrect "fast-forward" enabling when ports were switched;
  • bridge - fixed MAC learning for VRRP interfaces on bridge;
  • bridge - fixed reliability on software bridges when used on devices without switch chip;
  • bridge - hide options for disabled bridge features in CLI;
  • bridge - show "hw" flags only on Ethernet interfaces and interface lists;
  • capsman - added "allow-signal-out-of-range" option for Access List entries;
  • capsman - added support for "interface-list" in Access List and Datapath entries;
  • capsman - improved CAPsMAN responsiveness with large amount of CAP interfaces;
  • capsman - log "signal-strength" when successfully connected to AP;
  • certificate - added PKCS#10 version check;
  • certificate - dropped DES support and added AES instead for SCEP;
  • certificate - dropped MD5 support and require SHA1 as minimum for SCEP;
  • certificate - fixed incorrect SCEP URL after an upgrade;
  • chr - added "open-vm-tools" on VMware installations;
  • chr - added "qemu-guest-agent" and "virtio-scsi" driver on KVM installations;
  • chr - added "xe-daemon" on Xen installations;
  • chr - added support for Amazon Elastic Network Adapter (ENA) driver;
  • chr - added support for booting from NVMe disks;
  • chr - added support for Hyper-V ballooning, guest quiescing, host-guest file transfer, integration services and static IP injection;
  • chr - added support for NIC hot-plug on VMware and Xen installations;
  • chr - fixed additional disk detaching on Xen installations;
  • chr - fixed interface matching by name on VMware installations;
  • chr - fixed interface naming order when adding more than 4 interfaces on VMware installations;
  • chr - fixed suspend on Xen installations;
  • chr - make additional disks visible under "/disk" on Xen installations;
  • chr - make Virtio disks visible under "/disk" on KVM installations;
  • chr - run startup scripts on the first boot on AWS and Google Cloud installations;
  • console - fixed "idpr-cmtp" protocol by changing its value from 39 to 38;
  • console - improved console stability after it has not been used for a long time;
  • crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
  • crs212 - fixed Ethernet boot when connected to boot server through CRS326 device;
  • crs326 - fixed known multicast flooding to the CPU;
  • crs3xx - added switch port "storm-rate" limiting options;
  • crs3xx - added “hw-offload” support for 802.3ad and “balance-xor” bonding;
  • detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced in v6.41);
  • dhcp - improved DHCP service reliability when it is configured on bridge interface;
  • dhcp - reduced resource usage of DHCP services;
  • dhcpv4-server - added "dns-none" option to "/ip dhcp-server network dns";
  • dhcpv6 - make sure that time is set before restoring bindings;
  • dhcpv6-client - added info exchange support;
  • dhcpv6-client - added possibility to specify options;
  • dhcpv6-client - added support for options 15 and 16;
  • dhcpv6-client - implement confirm after reboot;
  • dhcpv6-server - added DHCPv4 style user options;
  • dns - do not generate "Undo" messages on changes to dynamic servers;
  • email - set maximum number of sessions to 100;
  • fetch - added "http-content-type" option to allow setting MIME type of the data in free text form;
  • fetch - added "output" option for all modes in order to return result to file, variable or ignore it;
  • fetch - increased maximum number of sessions to 100;
  • filesystem - implemented additional system storage maintenance checks on ARM CPU based devices;
  • flashfig - properly apply configuration provided by Flashfig;
  • gps - improved NMEA sentence handling;
  • health - added log warning when switching between redundant power supplies;
  • health - fixed empty measurements on CRS328-24P-4S+RM;
  • hotspot - improved HTTPS matching in Walled Garden rules;
  • ike1 - display error message when peer requests "mode-config" when it is not configured;
  • ike1 - do not accept "mode-config" reply more than once;
  • ike1 - fixed wildcard policy lookup on responder;
  • ike2 - fixed framed IP address received from RADIUS server;
  • interface - improved interface configuration responsiveness;
  • ippool - added ability to specify comment;
  • ippool6 - added pool name to "no more addresses left" error message;
  • ipsec - fixed AES-CTR and AES-GCM support on RB1200;
  • ipsec - improved single tunnel hardware acceleration performance on MMIPS devices;
  • ipsec - properly detect interface for "mode-config" client IP address assignment;
  • ipv6 - fixed IPv6 behaviour when bridge port leaves bridge;
  • ipv6 - update IPv6 DNS from RA only when it is changed;
  • kidcontrol - initial work on "/ip kid-control" feature;
  • led - added "Dark Mode" support for wAP 60G;
  • led - added w60g alignment trigger;
  • led - fixed unused "link-act-led" LED trigger on RBLHG 2nD, RBLHG 2nD-XL and RBSXTsq 2nD;
  • led - removed unused "link-act-led" trigger for devices which does not use it;
  • lte - added initial support for Quectel LTE EP06-E;
  • lte - added initial support for SIM7600 LTE modem interface;
  • lte - added support for the user and password authentication for wAP-LTE-kit-US (R11e-LTE-US);
  • lte - do not add DHCP client on LTE modems that doesn't use DHCP;
  • lte - fixed DHCP client adding for MF823 modem;
  • lte - fixed LTE band setting for SXT LTE;
  • mac-ping - fixed duplicate responses;
  • modem - added initial support for AC340U;
  • netinstall - fixed MMIPS RouterOS package description;
  • netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;
  • netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
  • poe - do not show "poe-out-current" on devices which can not determine it;
  • poe - hide PoE related properties on interfaces that does not provide power output;
  • ppp - added initial support for NETGEAR AC340U and ZyXEL WAH1604;
  • ppp - allow to override remote user PPP profile via "Mikrotik-Group";
  • quickset - fixed NAT if PPPoE client is used for Internet access;
  • quickset - properly detect IP address when one of the bridge modes is used;
  • quickset - properly detect LTE interface on startup;
  • quickset - show "G" flag for guest users;
  • quickset - use "/24" subnet for local network by default;
  • r11e-lte - improved LTE connection initialization process;
  • rb1100ahx4 - improved reliability on hardware encryption;
  • routerboard - added RouterBOOT "auto-upgrade" after RouterOS upgrade (extra reboot required);
  • routerboard - properly detect hAP ac^2 RAM size;
  • sniffer - fixed "/tool sniffer packet" results listed in incorrect order;
  • snmp - added "/caps-man interface print oid";
  • snmp - added "/interface w60g print oid";
  • snmp - added "board-name" OID;
  • snmp - improved request processing performance for wireless and CAP interfaces;
  • ssh - fixed SSH service becoming unavailable;
  • ssh - generate SSH keys only on the first connect attempt instead of the first boot;
  • ssh - improved key import error messages;
  • ssh - remove imported public SSH keys when their owner user is removed;
  • switch - hide "ingress-rate" and "egress-rate" for non-CRS3xx switches;
  • tile - added "aes-ctr" hardware acceleration support;
  • tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
  • tr069-client - correctly return “TransferComplete” after vendor configuration file transfer;
  • tr069-client - fixed "/tool fetch" commands executed with ".alter" script;
  • tr069-client - fixed HTTPS authentication process;
  • traffic-flow - fixed IPv6 destination address value when IPFIX protocol is used;
  • upgrade - improved RouterOS upgrade process and restrict upgrade from RouterOS older than v5.16;
  • ups - improved communication between router and UPS;
  • ups - improved disconnect message handling between RouterOS and UPS;
  • userman - added support for ARM and MMIPS platform;
  • w60g - added "tx-power" setting (CLI only);
  • w60g - added RSSI information (CLI only);
  • w60g - added TX sector alignment information (CLI only);
  • watchdog - retry to send "autosupout.rif" file to an e-mail if initial delivery failed up to 3 times within 20 second interval;
  • winbox - added "antenna" setting under GPS settings for MIPS platform devices;
  • winbox - added "crl-store" setting to certificate settings;
  • winbox - added "insert-queue-before" to DHCP server;
  • winbox - added "use-dn" setting in OSPF instance General menu;
  • winbox - added 160 MHz "channel-width" to wireless settings;
  • winbox - added DHCPv6 client info request type and updated statuses;
  • winbox - added missing protocol numbers to IPv4 and IPv6 firewall;
  • winbox - added possibility to delete SMS from inbox;
  • winbox - allow to comment new object without committing it;
  • winbox - allow to open bridge host entry;
  • winbox - fixed name for "out-bridge-list" parameter under bridge firewall rules;
  • winbox - fixed typo from "UPtime" to "Uptime";
  • winbox - fixed Winbox closing when viewing graph which does not contain any data;
  • winbox - improved stability when using trackpad scrolling in large lists;
  • winbox - made UDP local and remote TX size parameters optional in Bandwidth Test tool;
  • winbox - moved "ageing-time" setting from STP to General tab;
  • winbox - moved OSPF instance "routing-table" setting in OSPF instance General menu;
  • winbox - removed “VLAN” section from “Switch” menu for CRS3xx devices;
  • winbox - show Bridge Port PVID column by default;
  • winbox - show CQI in LTE info;
  • winbox - show dual SIM options only for RouterBOARDS which does have two SIM slots;
  • winbox - show only master CAP interfaces under CAPsMAN wireless scan tool;
  • winbox - use proper graph name for HDD graphs;
  • wireless - added "realm-raw" setting for "/interface wireless interworking-profiles" (CLI only);
  • wireless - added initial support for "nstreme-plus";
  • wireless - added support for "band=5ghz-n/ac";
  • wireless - added support for "interface-list" for Access List entries;
  • wireless - added support for legacy AR9485 chipset;
  • wireless - enable all chains by default on devices without external antennas after configuration reset;
  • wireless - fixed "wds-slave" channel selection when single frequency is specified;
  • wireless - fixed incompatibility with macOS clients;
  • wireless - fixed long "scan-list" entries not working for ARM based wireless interfaces;
  • wireless - fixed nv2 protocol on ARM platform SXTsq devices;
  • wireless - fixed RB911-5HnD low transmit power issue;
  • wireless - fixed RTS/CTS option for the ARM based wireless devices;
  • wireless - fixed wsAP wrong 5 GHz interface MAC address;
  • wireless - improved compatibility with specific wireless AC standard clients;
  • wireless - improved Nv2 PtMP performance;
  • wireless - improved packet processing on ARM platform devices;
  • wireless - improved wireless performance on hAP ac^2 devices while USB is being used;
  • wireless - improved wireless scan functionality;

Изменения в MikroTik RouterOS 6.42.1 (2018-Apr-23 10:46)

!) winbox - fixed vulnerability that allowed to gain access to an unsecured router;

  • bridge - fixed hardware offloading for MMIPS and PPC devices;
  • bridge - fixed LLDP packet receiving;
  • crs3xx - fixed failing connections through bonding in bridge;
  • ike2 - use "policy-template-group" parameter when picking proposal as initiator;
  • led - added "dark-mode" functionality for hAP ac and hAP ac^2 devices;
  • led - improved w60g alignment trigger;
  • lte - allow to send "at-chat" command over disabled LTE interface;
  • routerboard - fixed "mode-button" support on hAP lite r2 devices;
  • w60g - allow to manually set "tx-sector" value;
  • w60g - fixed incorrect RSSI readings;
  • w60g - show phy rate on "/interface w60g monitor" (CLI only);
  • winbox - fixed bridge port MAC learning parameter values;
  • winbox - show "Switch" menu on cAP ac devices;
  • winbox - show correct "Switch" menus on CRS328-24P-4S+;
  • wireless - improved compatibility with BCM chipset devices;

Изменения в MikroTik RouterOS 6.42.2 (2018-May-17 09:20)

  • ) bridge - do not allow to add same interface list to bridge more than once;
  • ) bridge - fixed LLDP packet receiving;
  • ) bridge - fixed processing of fragmented packets when hardware offloading is enabled;
  • ) console - fixed type "on" and "wireless-status" LED trigger value setting (introduced in v6.42.1);
  • ) crs317 - fixed link flapping when inserted S+RJ10 module without any cable;
  • defconf - fixed wAP LTE kit default configuration;
  • dhcpv4 - prevent sending out ICMP port unreachable packets;
  • dhcpv4-client - fixed DHCP client stuck in renewing state;
  • dhcpv6-relay - fixed missing configuration after reboot;
  • filesystem - fixed NAND memory going into read-only mode;
  • hotspot - fixed user authentication when queue from old session is not removed yet;
  • interface - fixed "built-in=no" parameter for manually created interface lists;
  • interface - fixed "dynamic" built-in interface list behaviour;
  • interface - fixed interface list which include disabled member;
  • interface - fixed interface list which include/exclude another list;
  • interface - fixed interface configuration responsiveness;
  • ipsec - fixed policies becoming invalid if added after a disabled policy;
  • ipsec - improved reliability on IPsec hardware encryption for ARM devices except RB1100Dx4;
  • led - added "dark-mode" functionality for hAP ac and hAP ac^2 devices;
  • lte - improved LTE communication process on MMIPS platform devices;
  • quickset - fixed dual radio mode detection process;
  • routerboard - properly represent board name for hAP ac^2;
  • tile - fixed Ethernet interfaces becoming unresponsive;
  • winbox - allow to specify "any" as wireless "access-list" interface;
  • winbox - fixed "/ip dhcp-server network set dns-none" parameter;
  • wireless - enable all chains by default on devices without external antennas after configuration reset;
  • wireless - fixed packet processing when "static-algo-0=40bit-wep" is being used (introduced in v6.42);
  • wireless - fixed usage of allowed signal strength values received from RADIUS;
  • wireless - improved wireless throughput on hAP ac^2 and cAP ac;
  • x86 - fixed reboot caused by MAC Winbox connection;

Изменения в MikroTik RouterOS 6.42.3 (2018-May-24 09:20)

  • lte - fixed automatic LTE band selection for R11e-LTE;
  • wireless - improved client "channel-width" detection;
  • wireless - improved Nv2 PtMP performance;
  • wireless - increased stability on hAP ac^2 and cAP ac with legacy data rates;

Изменения в MikroTik RouterOS 6.42.4 (2018-Jun-15 14:14)

  • bridge - allow to make changes for bridge port when it is interface list;
  • bridge - fixed FastPath for bridge master interfaces (introduced in v6.42);
  • certificate - fixed "add-scep" template existence check when signing certificate;
  • chr - fixed adding MSTI entries;
  • chr - fixed boot on hosts older than Windows Server 2012 when running CHR on Hyper-V;
  • chr - fixed various network hang scenarios when running CHR on Hyper-V;
  • console - fixed script permissions if script is executed by other RouterOS service;
  • dhcpv4-server - fixed DHCP server that was stuck on invalid state;
  • health - changed "PSU-Voltage" to "PSU-State" for CRS328-4C-20S-4S+;
  • health - fixed incorrect PSU index for CRS328-4C-20S-4S+;
  • ipsec - improved reliability on IPsec hardware encryption for RB1100Dx4;
  • kidcontrol - fixed dynamically created firewall rules order;
  • led - added "dark-mode" functionality for hEX S and SXTsq 5 ac devices;
  • led - fixed CCR1016-12S-1S+ LED behaviour after Netinstall (introduced in v6.41rc58);
  • led - use routers uptime as a starting point when turning off LEDs if option was not enabled on boot;
  • ppp - fixed "hunged up" grammar to "hung up" within PPP log messages;
  • quickset - added missing wireless "channel-width" settings;
  • quickset - added support for "5ghz-a/n" band when CPE mode is used;
  • snmp - added remote CAP count OID for CAPsMAN;
  • snmp - fixed readings for CAPsMAN slave interfaces;
  • supout - added "partitions" section to supout file;
  • usb - properly detect USB 3.0 flash on RBM33G when jumper is removed;
  • userman - improved unique username generation process when adding batch of users;
  • w60g - improved RAM memoy allocation processes;
  • winbox - added missing "dscp" and "clamp-tcp-mss" settings to IPv6 tunnels;
  • winbox - allow to specify full URL in SCEP certificate signing process;
  • winbox - by default specify keepalive timeout value for tunnel type interfaces;
  • winbox - show "scep-url" for certificates;
  • winbox - show "System/Health" only on boards that have health monitoring;
  • winbox - show firmware upgrade message at the bottom of "System/RouterBOARD" menu;
  • wireless - enable all chains by default on devices without external antennas after configuration reset;
  • wireless - improved Nv2 reliability on ARM devices;

Изменения в MikroTik RouterOS 6.42.5 (2018-Jun-26 12:12)

  • api - properly classify API sessions in log;
  • chr - enabled promiscuous mode (requires to be enabled on host as well) when running CHR on Hyper-V;
  • kidcontrol - added dynamic accept firewall rules to allow bandwidth limit when FastTrack is enabled;
  • led - fixed LED default configuration for LtAP mini;
  • snmp - added "rssi" and "tx-sector-info" value support for w60g type interfaces;
  • snmp - added station "distance", "phy-rate", "rssi" value support for w60g type interfaces;
  • ssh - allow to use "diffie-hellman-group1-sha1" on TILE and x86 devices with "strong-crypto" disabled;
  • w60g - added 4th 802.11ad channel (CLI only);
  • w60g - added distance measurement;
  • w60g - do not reset interface after adding comment;
  • w60g - general stability and performance improvements;
  • w60g - improved maximum achievable distance;
  • w60g - properly report center status under "tx-sector-info";
  • winbox - show "sector-writes" on ARM devices that have such counters;
  • winbox - show "System/Health" only on devices that have health monitoring;

Изменения в MikroTik RouterOS 6.42.6 (2018-Jul-06 11:56)

  • bridge - improved packets processing when bridge port changes states;
  • crs3xx - fixed bonding slave failover when packets are sent out of the bridge interface;
  • crs3xx - fixed LACP member failover;
  • crs3xx - improved link state detection when one side has disabled interface;
  • defconf - fixed bridge default configuration for SOHO devices with more than 9 Ethernet interfaces;
  • package - free up used storage space consumed by old RouterOS upgrades;
  • snmp - fixed w60g "phy-rate" readings;
  • supout - added "ip-cloud" section to supout file;
  • w60g - fixed random disconnects;
  • w60g - general stability and performance improvements;
  • winbox - added 64,8 GHz frequency to w60g interface frequency settings;
  • winbox - show "sector-writes" on devices that have such counters;

Изменения в MikroTik RouterOS 6.42.7 (2018-Aug-17 09:48)

ВАЖНЫЕ ИЗМЕНЕНИЯ В v6.42.7:


! security - fixed vulnerabilities CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159;



  • bridge - improved bridge port state changing process;
  • crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
  • crs3xx - added command that forces fan detection on fan-equipped devices;
  • crs3xx - fixed port disable on CRS326 and CRS328 devices;
  • crs3xx - fixed tagged packet forwarding without VLAN filtering (introduced in 6.42.6);
  • crs3xx - fixed VLAN filtering when there is no tagged interface specified;
  • dhcpv4-relay - fixed false invalid flag presence;
  • dhcpv6-client - allow to set "default-route-distance";
  • dhcpv6 - improved reliability on IPv6 DHCP services;
  • dhcpv6-server - properly update interface for dynamic DHCPv6 servers;
  • ethernet - improved large packet handling on ARM devices with wireless;
  • ethernet - removed obsolete slave flag from "/interface vlan" menu;
  • ipsec - fixed "sa-src-address" deduction from "src-address" in tunnel mode;
  • ipsec - improved invalid policy handling when a valid policy is uninstalled;
  • ldp - properly load LDP configuration;
  • led - fixed default LED configuration for RBLHGG-5acD-XL devices;
  • lte - added signal readings under "/interface lte scan" for 3G and GSM modes;
  • lte - fixed memory leak on USB disconnect;
  • lte - fixed SMS send feature when not in LTE network;
  • package - do not allow to install out of bundle package if it already exists within bundle;
  • ppp - fixed interface enabling after a while if none of them where active;
  • sfp - hide "sfp-wavelength" parameter for RJ45 transceivers;
  • tr069-client - fixed unresponsive tr069 service when blackhole route is present;
  • upgrade - fixed RouterOS upgrade process from RouterOS v5;
  • userman - fixed compatibility with PayPal TLS 1.2;
  • vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;
  • w60g - added distance measurement feature;
  • w60g - fixed random disconnects;
  • w60g - general stability and performance improvements;
  • w60g - improved MCS rate detection process;
  • w60g - improved MTU change handling;
  • w60g - properly close connection with station on disconnect;
  • w60g - stop doing distance measurements after first successful measurement;
  • winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
  • winbox - fixed "sfp-connector-type" value presence under "Interface/Ethernet";
  • winbox - fixed warning presence for "IP/IPsec/Peers" menu;
  • winbox - properly display all flags for bridge host entries;
  • winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
  • wireless - added option to disable PMKID for WPA2;
  • wireless - fixed memory leak when performing wireless scan on ARM;
  • wireless - fixed packet processing after removing wireless interface from CAP settings;
  • wireless - updated "united-states" regulatory domain information;