MikroTik RouterOS 6.46.x (Stable)
(перенаправлено с «Изменения в RouterOS:Release 6.46.x»)
Подробное описание изменений в MikroTik RouterOS 6.46.x (Stable). Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 2 декабря 2019, дата выхода последнего набора изменений – 27 апреля 2020.
Полезные материалы по MikroTik
Углубленный курс "Администрирование сетевых устройств MikroTik" Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь
MikroTik RouterOS 6.46.6
Дата выхода: 27 апреля 2020
Важные примечания:
- The Dude server must be updated to monitor v6.46.4+ and v6.47beta30+ RouterOS type devices.
- The Dude client must be manually upgraded after upgrading The Dude server.
- The Dude requires "winbox" policy instead of "dude" to monitor v6.46.4+ and v6.47beta30+ RouterOS type devices.
Изменения:
- crs3xx - fixed switch rule "dst-port" parameter for IPv6 traffic on CRS305-1G-4S+, CRS326-24G-2S+, CRS328-24P-4S+, CRS328-4C-20S-4S+, netPower 15FR devices;
- defconf - fixed default IP address assigning on non-paired 60 GHz devices;
- lora - added "altitude", "latitude" and "longitude" to stat json if GPS is available;
- lte - fixed "band" value setting when configuration is reset on R11e-4G;
- snmp - fixed "ifSpeed" reporting for tunnel interfaces;
- snmp - fixed multiple LTE interface OID reporting;
- ssh - fixed SHA256 user authentication algorithm checking (introduced in v6.46.4);
- winbox - fixed memory leak (introduced in v6.46.4);
- winbox - increased limit of multi-entry fields to 100;
- wireless - improved 5GHz interface stability on RB4011iGS+5HacQ2HnD and Audience;
- wireless - improved system stability on hAP ac^2;
- wireless - updated "south africa" regulatory domain information.
MikroTik RouterOS 6.46.5
Дата выхода: 7 апреля 2020
Важные примечания:
- The Dude server must be updated to monitor v6.46.4+ and v6.47beta30+ RouterOS type devices.
- The Dude client must be manually upgraded after upgrading The Dude server.
- The Dude requires "winbox" policy instead of "dude" to monitor v6.46.4+ and v6.47beta30+ RouterOS type devices.
Важные изменения:
- user - enable "winbox" policy for groups with "dude" policy.
Изменения:
- capsman - fixed "certificate" parameter updating on CAP;
- console - prevent incorrect type interfaces appearing in command hints;
- crs3xx - fixed interface statistics for CRS354-48G-4S+2Q+ and CRS354-48P-4S+2Q+ devices;
- crs3xx - fixed traffic forwarding after disabling/enabling bridge hardware offloading for CRS354-48G-4S+2Q+ and CRS354-48P-4S+2Q+ devices;
- crs3xx - improved SFP+ DAC cable initialization for CRS326-24S+2Q+ device;
- discovery - do not send CDP and LLDP packets on interfaces that does not have MAC address;
- dude - fixed connection to other RouterOS type devices through The Dude agents (introduced in v6.46.4);
- ike1 - rekey phase 1 rekeying as responder for Windows initiators;
- ipsec - improved system stability when handling fragmented packets;
- led - added "dark-mode" functionality for CRS105-5S-FB;
- lora - added IPv6 support for LoRa packet forwarder;
- lora - added UTC timestamp for RX events in "rxpk" json;
- lora - added value limits for "freq-off" parameter;
- lora - properly update source address for packets when routing table is changed;
- lte - fixed IP type selection from APN on RBSXTLTE3-7;
- sniffer - fixed minor typo in "host" menu;
- supout - added "gps" section to supout files;
- supout - improved PoE-out information reporting;
- system - improved kernel panic reporting in logs after reboot;
- system - improved system stability when forwarding traffic from switch chip to CPU (introduced in v6.43);
- traceroute - improved stability when invalid packet is received;
- traffic-generator - improved statistics reporting;
- w60g - improved stability after multiple disconnections;
- winbox - added "Options" parameter support for DHCPv6 client and server;
- winbox - added 160Mhz extension channel support for CAPsMAN;
- winbox - added support for "Tools->WoL" menu;
- winbox - allow setting "20/40/80/160Mhz-eeeeeeCe" channel under "Channel Width" parameter;
- winbox - do not show "Revision" parameter under "System/RouterBOARD" menu on devices that have only one revision;
- winbox - fixed "ARP" parameter inheritance from "CAPs Configuration" configuration;
- winbox - fixed "Bands" parameter display for LTE interfaces;
- winbox - fixed "DSCP" parameter value setting;
- winbox - fixed "Frequency" and "Secondary Frequency" parameter inheritance from "CAPs Channel" configuration;
- winbox - fixed "Passthr. MAC Address" parameter display "LTE APNs" menu;
- winbox - fixed "Switch" menu on CRS354-48P-4S+2Q+;
- winbox - fixed "dst-port" unsetting in "IP->Hotspot->Walled Garden" menu;
- winbox - fixed automatic "IPv6->Firewall->Address List" table update;
- winbox - made "none" the default value for "Security Profile" parameter when creating a new "Wirelees->Connect list" entry;
- winbox - properly show "Hw. Offload Group" value for each interface under "Bridge->Ports" menu;
- winbox - renamed "Memory used" to "HDD used" for HDD type under "Tools->Graphing->Resource Graphs";
- winbox - show "System/RouterBOARD/Mode Button" on devices that have such feature;
- wireless - added "U-NII-2" support for hAP ac2 and RBwAPGR series devices;
- wireless - added "skip-dfs-channels" parameter;
- wireless - fixed default "antenna-gain" setting on SXT 2 and LtAP series devices;
- wireless - updated "bangladesh" regulatory domain information;
- wireless - updated "indonesia4" regulatory domain information.
MikroTik RouterOS 6.46.4
Дата выхода: 21 февраля 2020
Важные примечания:
- The Dude server must be updated to monitor 6.46.4 and v6.47beta30+ RouterOS type devices.
- The Dude client must be manually upgraded after upgrading The Dude server.
- To get RouterOS data from the devices, The Dude now requires RouterOS to be 6.46.4 or v6.47beta30+.
Изменения:
- arm - improved watchdog and kernel panic reporting in log after reboots on RB3011 and IPQ4018/IPQ4019 devices ("/system routerboard upgrade" required);
- branding - allow forcing configuration script as default configuration (new branding packet required);
- branding - fixed "company-url" and "router-default-name" survival after system upgrade;
- branding - fixed WEB HTML page survival after system upgrade;
- certificate - fixed certificate verification when flushing CRL's;
- chr - fixed graceful shutdown execution on Hyper-V (introduced in v6.46);
- console - fixed script with "dont-require-permissions=yes" execution without sufficient permissions;
- crs3xx - fixed frame forwarding after disabling/enabling bridge hardware offloading for CRS354-48G-4S+2Q+ device;
- defconf - added welcome note with common first steps for new users;
- dude - updated The Dude to use new style authentication method;
- health - fixed maximum SFP temperature reading under '/system health' menu;
- ike2 - fixed DHCP Inform package handling when received on PPPoE interface;
- lte - added interface name prefix for logging events;
- lte - added "phy-cellid" value support for R11e-LTE-US;
- lte - do not allow using empty APN Profile names;
- lte - improved all APN session activation after disconnect on R11e-LTE;
- lte - use APN from network when blank APN used on R11e-4G;
- snmp - fixed "routeros-version" value returning from registration table;
- snmp - fixed UPS battery voltage value scaling;
- ssh - added support for RSA keys with SHA256 hash (RFC8332);
- system - improved system stability when receiving/sending TCP traffic on multicore devices;
- telnet - improved telnet compatibility with other client implementations;
- user-manager - fixed signup enabling (introduced in v6.46);
- webfig - added default configuration confirmation window to WebFig;
- webfig - do not show WebFig menu when opening 'Check For Updates' in Quick Set;
- winbox - completely removed old style authentication method;
- winbox - fixed "invalid" flag presence under "System/Certificates/CRL" menu;
- wireless - improved compatibility for "ETSI" wireless country profile.
MikroTik RouterOS 6.46.3
Дата выхода: 28 января 2020
Изменения:
- hotspot - fixed redirect to log in page (introduced in v6.45);
- lora - added "ru-864-mid" channel plan;
- lora - improved immediate packet delivery;
- lte - added GPS port support for Quectel EP06 modem;
- lte - added "psc" (Primary Scrambling Code) parameter for "cell-monitor" function on R11e-LTE6 and R11e-LTE;
- lte - do not show invalid "phy-cellid" when it is not yet received on "R11e-LTE";
- lte - do not show unrelated info parameters after network mode failover;
- port - fixed multiple identical USB serial device detection (introduced in v6.46);
- ppp - fixed connection establishment when receiving "0.0.0.0" DNS;
- snmp - fixed "ifOperStatus" reporting for combo ports;
- winbox - removed duplicate "counter", "chain", "size" and "payload" parameters under "LoRa/Traffic".
MikroTik RouterOS 6.46.2
Дата выхода: 14 января 2020
Изменения:
- chr - improved stability when changing ARP modes on e1000 type adapters;
- console - prevent "flash" directory from being removed (introduced in v6.46);
- console - updated copyright notice;
- crs305 - disable optical SFP/SFP+ module Tx power after disabling SFP+ interface;
- defconf - fixed "caps-mode" not initialized properly after resetting;
- defconf - fixed default configuration loading on RBwAPG-60adkit (introduced in v6.46);
- lora - fixed packet sending when using "antenna-gain" higher than 5dB;
- lte - fixed "cell-monitor" on R11e-LTE in 3G mode;
- lte - fixed "earfcn" reporting on R11e-LTE6 in UMTS and GSM modes;
- lte - report only valid info parameters on R11e-LTE6;
- ppp - fixed minor typo in "ppp-client" monitor;
- qsfp - do not report bogus monitoring readouts on modules without DDMI support;
- qsfp - improved module monitoring readouts for DAC and break-out cables;
- routerboard - added "mode-button" support for RBcAP2nD;
- security - fixed vulnerability for routers with default password (limited to Wireless Wire), admin could login on startup with empty password before default configuration script was fully loaded;
- system - fixed "*.auto.rsc" file execution (introduced in v6.46);
- system - fixed "check-installation" on PowerPC devices (introduced in v6.46);
- traffic-generator - improved memory handling on CHR;
- webfig - allow skin designing without "ftp" and "sensitive" policies;
- webfig - fixed "skins" saving to "flash" directory if it exists (introduced in v6.46);
- winbox - automatically refresh "Packets" table when new packets are captured by "Tools/Packet Sniffer";
- winbox - fixed "Default Route Distance" default value when creating new LTE APN;
- winbox - removed duplicate "join-eui" and "dev-eui" parameters under "Lora/Traffic".
MikroTik RouterOS 6.46.1
Дата выхода: 13 декабря 2019
Изменения:
- capsman - fixed CAP upgrading (introduced in v6.46);
- console - fixed "clear-history" restoring historic actions after power cycle;
- console - removed "edit" and "set" actions from "System/History" menu;
- defconf - fixed default configuration loading after fresh install (introduced in v6.46);
- dhcpv6-server - use lease time from RADIUS;
- dude - fixed image and font file accessing (introduced in v6.46);
- gps - only adjust system time after GPS signal is established;
- health - fixed health reporting on OmniTIK 5 PoE ac;
- ipsec - improved system stability when processing decrypted packet on unregistered interface;
- l2tp - improved system stability when disconnecting many clients at once;
- log - fixed "disk-file-name" parameter validation (introduced in v6.46);
- lora - added support for MIPSBE, PPC, TILE and x86 architectures;
- lora - improved confirmed downlink forwarding;
- lte - do not reset modem when setting the same SIM slot on LtAP;
- lte - show SIM error when no card is present;
- ppp - fixed session establishment with high amount of tunnels (introduced in v6.46);
- ppp - prioritize "remote-ipv6-prefix-pool" from PPP secret over PPP profile;
- qsfp - do not show "sfp-wavelength" for cables that do not support it;
- snmp - fixed health related OID polling (introduced in v6.46);
- supout - fixed autosupout.rif file generation (introduced in v6.46);
- system - fixed "*.auto.rsc" file execution (introduced in v6.46);
- user-manager - fixed "db-path" parameter validation (introduced in v6.46);
- webfig - fixed skin folder presence (introduced in v6.46);
- winbox - fixed "allowed-number" parameter setting invalid value in "Tool/SMS" menu;
- winbox - show "LCD" menu only on boards that have LCD screen;
- wireless - added "russia4" regulatory domain information;
- wireless - improved compatibility by adding default installation mode and gain for devices with integrated antennas;
- wireless - improved compatibility for Switzerland wireless country profile to improve compliance with ETSI regulations.
MikroTik RouterOS 6.46
Дата выхода: 2 декабря 2019
Важные изменения:
- lora - added support for LoRaWAN low-power wide-area network technology for MIPSBE, MMIPS and ARM;
- package - accept only packages with original filenames (CVE-2019-3976);
- package - improved package signature verification (CVE-2019-3977);
- security - fixed improper handling of DNS responses (CVE-2019-3978, CVE-2019-3979).
Изменения:
- backup - fixed automatic backup file generation when configuration reset by button;
- backup - store automatically created backup file in "flash" directory;
- bonding - correctly remove HW offloaded bonding with ARP monitoring;
- bonding - properly handle MAC addresses when bonding WLAN interfaces;
- bridge - disable/enable bridge port when setting bpdu-guard;
- bridge - do not add bridge as untagged VLAN member when frame-types=admit-only-vlan-tagged;
- bridge - do not add dynamically VLAN entry when changing "pvid" property for non-vlan aware bridge;
- bridge - include whole VLAN-id in DHCP Option 82 message;
- btest - removed duplicate "duration" parameter;
- capsman - fixed background scan showing incorrect regulatory domain mismatch error (CAP upgrade required);
- capsman - fixed channel auto reselection;
- capsman - fixed MAC address detection for "common-name" parameter in certificate requests;
- capsman - improved DFS channel switching when radar detected;
- capsman - improved radar detection algorithm;
- ccr - improved general system stability;
- certificate - added progress bar when creating certificate request;
- certificate - added support for certificate request signing with EC keys;
- certificate - allow specifying "file-name" parameter for export (CLI only);
- certificate - allow specifying "name" parameter for import (CLI only);
- certificate - improved CRL updating process;
- certificate - removed "key-size" parameter for "create-certificate-request" command;
- chr - added support for Azure guest agent;
- console - added bitwise operator support for "ip6" data type;
- console - fixed "address" column width when printing DHCPv4 leases;
- console - fixed IP conversion to "num" data type;
- console - fixed "tobool" conversion;
- console - properly detect IPv6 address as "ip6" data type;
- crs1xx/2xx - allow to set trunk port as mirroring target;
- crs3xx - correctly handle L2MTU change;
- crs3xx - do not send pause frames when ethernet "tx-flow-control" is disabled on CRS326/CRS328/CRS305 devices;
- crs3xx - improved interface initialization;
- crs3xx - improved switch-chip resource allocation on CRS317-1G-16S+, CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices;
- crs3xx - improved system stability on CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices;
- crs3xx - remove previously set mirror-source property before changing it;
- defconf - fixed default configuration loading on RBmAPL-2nD (introduced in v6.45);
- defconf - require "policy" permission to print default configuration;
- dhcpv4-client - allow empty "dhcp-options" parameter when adding new client;
- dhcpv4-client - fixed "dhcp-options" parameter setting when adding new client;
- dhcpv4-server - improved stability when RADIUS Interim update is sent;
- dhcpv6-client - fixed timeout when doing rebind;
- dhcpv6-client - properly update bind time when unused prefix received from the server;
- dhcpv6-client - properly update IPv6 address on rebind;
- dhcpv6-server - fixed logged error message when using "address-pool=static-only";
- dhcpv6-server - ignore prefix-hint from client's DHCPDISCOVER if static prefix received from RADIUS;
- dhcpv6-server - include "User-Name" parameter in accounting requests;
- dhcpv6-server - made "calling-station-id" contain MAC address if DUID contains it;
- dot1x - added "reject-vlan-id" server parameter (CLI only);
- dot1x - added support for dynamic switch rules from RADIUS;
- dot1x - added support for "mac-auth" authentication type (CLI only);
- ethernet - automatically detect interface when using IP address for power-cycle-ping;
- ethernet - do not enable interface after reboot that is already disabled;
- ethernet - send requests only from ethernet interface when using MAC address for power-cycle-ping;
- export - always export "ssid" value for w60g interfaces;
- fetch - do not allocate extra 500KiB on SMIPS;
- fetch - improved stability when processing large output data;
- gps - use "serial1" as default port on RBLtAP-2HnD;
- hotspot - fixed non-local NAT redirection to port TCP/64873;
- hotspot - fixed RADIUS CoA "address-list" update;
- ike1 - fixed minor spelling mistake in logs;
- ike2 - improved CHILD SA rekey process with Apple iOS 13;
- ike2 - improved stability when retransmitting first packet as responder;
- ipsec - added "error" topic for identity check failure logging messages;
- ipsec - fixed DNS resolving when domain has only AAAA entries;
- ipsec - fixed policy "sa-src-address" detection from "local-address" (introduced in v6.45);
- ipv6 - changed "advertise-dns" default value to "yes";
- led - fixed default LED configuration for RBLHG-2nD and RBLHG-5HPnD;
- log - increased log message length limit to 1024 characters;
- lte - added support for D402 modem;
- lte - added support for LM960A18;
- lte - added support for Telit LM960 and LE910C1 modems;
- lte - do not allow setting 3G and GSM modes on LTE only modems;
- lte - fixed band setting on R11e-4G;
- lte - fixed network registration on R11e-LTE-US;
- lte - fixed Sierra WP7601 driver loading;
- lte - fix "operator" names not being displayed properly;
- lte - improved modem initialization;
- lte - show "primary-band" only for LTE modems;
- lte - use /128 prefix for IPv6 address on LTE interface;
- lte - use interface from RA when "ipv6-interface=none" and IPv6 enabled;
- ppp - added 3GPP IoT "access-technology" definitions;
- ppp - added support for Sierra WP7601;
- ppp - disable DTR send when using at-chat;
- quickset - added "LTE AP Dual" mode support;
- quickset - added "LTE APN" dropdown support;
- quickset - fixed "LTE Band" checkbox display;
- route - fixed area range summary route installation in VRF;
- routerboard - fixed default CPU frequency on RB750r2 ("/system routerboard upgrade" required);
- routerboard - fixed USB configuration export on RBLtAP-2HnD;
- routerboard - hide "memory-frequency" parameter for RBLtAP-2HnD;
- sniffer - allow filtering by packet size;
- snmp - added "disabled" and "comment" parameters for communities;
- snmp - added option to monitor "link-downs" parameter using MIKROTIK-MIB;
- snmp - fixed "dot1dBasePort" index offset for BRIDGE-MIB;
- snmp - fixed "ifLastChange" OID reporting for IF-MIB;
- snmp - fixed "radio-name" (mtxrWlRtabRadioName) OID support;
- snmp - improved interface status reporting for IfOperStatus OID;
- snmp - improved LLDP interface returned index and type;
- snmp - return only interfaces with MAC addresses for LLDP;
- snmp - use "src-address" also for traps;
- ssh - fixed output printing when "command" parameter used;
- supout - include information from all LTE interfaces;
- supout - removed "file" option from "/system sup-output" command;
- switch - added "comment" property for switch vlan menu (CLI only);
- switch - correctly update dynamic switch rule when dhcp-snooping is enabled;
- switch - ignore "default-vlan-id" property after switch reset on RTL8367 switch chip;
- switch - show "external" flag for bridge hosts on MT7621, RTL8367 switch chips;
- timezone - updated time zone database to version 2019c;
- tr069-client - added CellDiagnostics parameter support;
- tr069-client - added LTE band and cellular technology selection parameters;
- tr069-client - added LTE RSCP, ECNO and ICCID parameter support;
- tr069-client - added multiple LTE monitoring parameters;
- tr069-client - reconnect to ACS when "ConnectionRequestURL" is updated;
- upgrade - improved auto package updating using "check-for-updates";
- ups - improved compatibility with APC UPS's;
- usb - general USB modem stability improvements;
- userman - updated Authorize.Net to use SHA512 hashing;
- w60g - added "region" setting to limit allowed frequencies (CLI only);
- w60g - do not reset link when changing comment on station;
- w60g - fixed "monitor" command on disabled interfaces;
- w60g - move stations to new bridge when "put-in-bridge" parameter is changed;
- webfig - fixed link to Winbox download;
- winbox - added "ip-address" and stats columns in "IP/Kid-Control/Devices" menu;
- winbox - added "public-address-ipv6" parameter to "IP/Cloud" menu;
- winbox - added "reset-counters" button to "IP/Kid Control/Devices" menu;
- winbox - added "tx-info-field" parameter to "Wireless/W60G" menu;
- winbox - added "Vendor Classes" tab in "IP/DHCP Server" menu;
- winbox - added wireless alignment LED types to "System/LEDs" menu;
- winbox - fixed allowed range for bridge filter "new-priority" parameter;
- winbox - fixed "CAPs Scanner" stopping;
- winbox - fixed "cluster-id" parameter setting in "Routing/BGP/Instances" menu;
- winbox - fixed file locking when uploading multiple files at once;
- winbox - fixed firewall limit parameter support for rates more than 4G;
- winbox - fixed invalid flag presence in "IP/SMB/Shares" menu;
- winbox - fixed "Routing" menu icon presence when there is no routing package installed;
- winbox - improved stability when transfering multiple files between multiple windows;
- winbox - properly show timestamp in file "Creation Time" field;
- winbox - removed "Set CA Passphrase" button from "Certificate" menu;
- winbox - renamed "Queue Limit" to "Queue Size" for "pcq-upload-default" and "pcq-download-default" parameters;
- winbox - replaced "kb" with "KiB" in "Tools/Packet Sniffer" menu;
- winbox - show "Switch" menu on RBwAPGR-5HacD2HnD;
- winbox - show "System/RouterBOARD/Mode Button" on devices that have such feature;
- wireless - added 4 chain MCS support for 802.11n wireless protocol (CLI only);
- wireless - added "ETSI" regulatory domain information;
- wireless - added "indonesia4" regulatory domain information;
- wireless - added "push-button-5s" value for "wps-mode" parameter;
- wireless - added U-NII-2 support forRBSXTsqG-5acD, RBLHGG-5acD-XL, RBLHGG-5acD, RBLDFG-5acD, RBDiscG-5acD;
- wireless - allow using "canada2" regulatory domain on US lock devices;
- wireless - fixed 802.11n rate selection when managed by CAPsMAN;
- wireless - fixed RX chain selection;
- wireless - fixed sensor MAC address reporting in TZSP header;
- wireless - improved 802.11ac stability for all ARM devices with wireless;
- wireless - improved IPQ4019, QCA9984, QCA9888 wireless interface stability;
- wireless - updated "ukraine" regulatory domain information;
- wireless - updated "united-states" regulatory domain information.
Полезные материалы по MikroTik
Углубленный курс "Администрирование сетевых устройств MikroTik" Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь