MikroTik RouterOS 7.10.x (stable)

Подробное описание изменений в MikroTik RouterOS 7.10.x. Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 15 июня 2023, дата выхода последнего набора изменений – 15 августа 2023.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь

MikroTik RouterOS 7.10.2

Дата выхода: 12 июля 2023.

Изменения:

wifiwave2 - fixed interface hangs on IPQ6010-based boards (introduced in v7.9).

MikroTik RouterOS 7.10.1

Дата выхода: 27 июня 2023.

Изменения:

ovpn - fixed OVPN server peer-id negotiation;
webfig - use router time zone for date and time.

MikroTik RouterOS 7.10

Дата выхода: 15 июня 2023.

Изменения:

ipv6 - fixed DNS server processing by IPv6/ND services (CVE-2023-32154);
route - added BFD;
bgp - allow to filter BGP sessions by AFI;
bgp - changed default VPNv4 import distance to iBGP value (200);
bgp - do not check route distinguisher on import;
bgp - fixed "as-override" and rename to "output.as-override";
bgp - fixed "remove-private-as" and rename to "output.remove-private.as";
bgp - show address family in advertisements;
bgp - show approximate received prefix count by the session;
branding - fixed custom logo (introduced in v7.8);
bridge - fixed HW offloaded STP state on port disable;
bridge - fixed HW offloading for vlan-filtered bridge on devices with multiple switches (introduced in v7.8);
bridge - fixed incorrect host moving between ports with enabled FastPath;
certificate - fixed displaying of certificate serial number;
certificate - improved error reporting for Let's Encrypt certificate;
certificate - restore available "key-usage" property options;
conntrack - added read-only "active-ipv4" and "active-ipv6" fields to "/ip/firewall/connection/tracking" (CLI only);
console - added timeout error for configuration export;
console - changed time format according to ISO standard;
console - disable output when using "as-value" parameter;
console - fixed ":terminal inkey" input when resizing terminal;
console - fixed "print without-paging" output in some cases;
console - hide past commands with sensitive arguments;
console - improved stability when using command completion;
container - fixed "container pull" to support OCI manifest format;
container - fixed crash due to missing system directories;
container - improved default internal environment values;
defconf - allow to use device factory preset credentials in Flashfig and Netinstall configuration files;
defconf - fixed default configuration for RBSXTLTE3-7;
dhcp-server - fixed accounting on RADIUS interim update;
dhcpv4-server - added name for "IPv6-Only Preferred" option (108) in debug logs;
doh - less verbose logging;
firewall - added "endpoint-independent-nat" support;
firewall - added "nth" option for IPv6 firewall;
gps - expose GPS port for Quectel RM520N-GL;
ike2 - improved child SA delete request processing;
iot - added option to send Modbus function code commands directly from RouterOS (CLI only);
ipsec - added hardware acceleration support for IPQ-5010 (hAP ax lite);
ipsec - refactor public key authentication;
ipsec - removed "ec2n185" and "ec2n155" values from proposal configurations;
ipv6 - fixed IPv6 address removal;
l3hw - added "autorestart" option to L3HW settings;
l3hw - added advanced configuration options for fine-tuning the L3HW offload (l3hw-settings are cleared after upgrade or downgrade) (CLI only);
l3hw - added error message and reset "l3-hw-offloading=no" if L3HW driver fails to start;
l3hw - added monitoring options for L3HW utilization (CLI only);
l3hw - fixed /32 route deletion;
l3hw - fixed IPv6 ECMP route offloading;
l3hw - fixed offloading of /32 IPv4 and /128 IPv6 routes;
l3hw - fixed route table offloading during large volume of route updates;
l3hw - improved host and nexthop offloading;
l3hw - improved offloading of IPv6 hosts after L3HW driver restart;
l3hw - improved performance of partial offloading;
l3hw - improved route offloading after gateway change;
l3hw - improved system stability for partial routing table offload;
leds - fixed modem RAT mode indication on hAP ac^3 LTE6 WPS mode button LEDs;
lora - improved gateway card detection and upgrade logic;
lora - updated firmware version for LoRaWAN gateway (for R11e-LoRa8, R11e-LoRa9 cards);
lte - added serving cell query for MBIM modems with necessary MBIM extension;
lte - disable DHCP request filtering (UDP port 67) for Chateau 5G;
lte - fixed APN authentication for R11e-LTE6 modem;
lte - fixed Google Pixel 7 tethering support;
lte - improved MBIM modem firmware reported error handling when settings RAT modes;
lte - improved modem firmware upgrade stability for MBIM modems;
lte - improved stability for Chateau 5G LTE modem firmware upgrade;
lte - reduced SIM slot switchover time for MBIM modems with UUIC reset support;
lte - stop "cell-monitor" on LTE interface configuration change for MBIM modems;
mpls - added FastPath support;
netwatch - added warning about non-running probe due to "startup-delay" (CLI only);
ovpn - added initial support for V2 data transfer protocol;
ovpn - improved system stability;
poe - fixed bogous "poe-in-voltage" values when using DC jack for RB5009;
pppoe - fixed PPPoE client scan when server is sending PADO messages without Service-Name tag;
qos-hw - added QoS marking support for 98DXxxxx switches (CLI only);
qos-hw - renamed VLAN "priority" field to "pcp" to avoid confusion;
rose-storage - added support for multiple smb users and smb shares;
route - improved system stability when removing multicast forwarding entries;
routerboard - fixed memory test on CCR2116-12G-4S+ ("/system routerboard upgrade" required);
routerboard - improved RouterBOOT stability for Alpine CPUs ("/system routerboard upgrade" required);
routerboot - increased "preboot-etherboot" maximum value to 30 seconds ("/system routerboard upgrade" required);
scheduler - fixed incorrectly started scheduler during reboot or shutdown;
sfp - fixed "rate" monitor value for SFP interface on L009UiGS series devices;
sfp - fixed combo-ether link monitor for CRS328-4C-20S-4S+ switch;
sfp - fixed combo-sfp linking at 1G rate for CRS312 switch;
sfp - improved 10G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 based switches;
sfp - improved module compatibility with bad EEPROM data for RB4011, RB5009, CCR2xxx, CRS312 and CRS518 devices;
sfp - improved Q/SFP interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
sfp - improved SFP interface handling for RB4011, RB5009, CCR2xxx and CRS518 devices;
sfp - improved system stability with certain SFP modules for CCR2216 and CRS518 devices;
sfp - report EEPROM data even if "auto-init-failed" has occurred;
smb - improved SMB v1 operation;
sniffer - fixed large .pcap file limit;
snmp - added "engine-id-suffix" setting and display actual "engine-id" as read-only property;
snmp - added BGP peer table support IPv4 only (1.3.6.1.2.1.15.3.1);
snmp - added new "mtxrInterfaceStatsTxRx1024ToMax" OID to MIKROTIK-MIB;
ssh - added inline key "passphrase" property;
ssh - fixed RouterOS SSH client login when using a key (introduced in v7.9);
switch - added more precise "storm-rate" configuration options for 98DXxxxx switches (CLI only);
switch - fixed storm rate on 10G links for 98DX8208, 98DX8216, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255 switches;
system - improved watchdog reporting in log after reboots for several ARM and ARM64 devices;
system - reduced RAM usage for SMIPS devices;
tile - fixed support for microSD card;
tr069 - added 5G SCC "SNR" parameter for modems that report it;
upgrade - do not run manual upgrade if some packages are missing;
ups - fixed updating of "battery-voltage" property;
vrrp - added warning if "sync-connection-tracking=yes" while the global connection tracking is inactive;
vrrp - added warning if the VRRP group is misconfigured;
vrrp - added warning if VRRP or its interface does not have an IP address;
vrrp - do not start connection synchronization if the global connection tracking is inactive;
vrrp - fixed issue where disabled VRRP interface is affecting group;
vrrp - fixed VRRP interface state on physical cable disconnection;
vrrp - improved system stability on changing "group-authority" or "sync-connection-tracking";
vrrp - renamed "group-master" to "group-authority" to avoid confusion with VRRP master;
vrrp - send VRRP announcements only by "group-authority";
w60g - improved interface stability for PTMP setups;
webfig - added high-resolution favicon;
webfig - allow limitless upper bounds for number range;
webfig - allow to set "0" second time for fields with default values;
webfig - changed time format according to ISO standard;
webfig - display date and time in local time zone;
webfig - fixed missing "WifiWave2" menu;
webfig - fixed missing property names in "WifiWave2" menu;
webfig - redesigned item configuration display;
webfig - redesigned top menu bar;
webfig - removed "Tools/Telnet" menu;
webfig - removed auto-login with default credentials (admin without a password);
wifiwave2 - avoid transmitting extra bytes at the end of the packet after stripping a VLAN tag;
wifiwave2 - do not show placeholder transmit power values on interface startup;
wifiwave2 - fixed CAP connection when provisioning "manager=capsman";
wifiwave2 - fixed CAP interface name when using "name-format";
wifiwave2 - fixed connectivity issues wheen access-list is used;
wifiwave2 - fixed DFS channel availability warning (introduced in v7.9);
wifiwave2 - fixed dynamic interface adding to bridge on CAP device;
wifiwave2 - fixed inability to disable CAPsMAN when there are RADIUS-authenticated clients connected;
wifiwave2 - fixed incorrect limits on number of interfaces in station mode;
wifiwave2 - fixed interface name change when restoring backup;
wifiwave2 - fixed key handshake timeout with re-associating clients;
wifiwave2 - fixed OWE authentication compatibility with 802.11ax client devices;
wifiwave2 - fixed OWE authentication compatibility with third-party client devices (introduced in v7.8);
wifiwave2 - fixed wireless throughput issues after 802.11r client roaming events on 802.11ac devices;
wifiwave2 - improve protections against DoS attacks on WPA3-PSK;
wifiwave2 - improved logging when an interface is unable to assign a VLAN tag to client;
wifiwave2 - improved system stability when trying to exceed virtual AP limit;
wifiwave2 - less verbose logging when WPA3-PSK clients are connecting;
wifiwave2 - other system stability improvements;
wifiwave2 - restore interface running state when connection to CAPsMAN is lost;
winbox - added "MPLS/Settings" menu;
winbox - added "Queues" configuration tab when creating new entries under "IPv6/DHCP-Server" menu;
winbox - rename "URL" property to "Action data" under "IP/Web-Proxy/Access" menu;
wireguard - fixed IPv6 traffic processing with multiple peers;
wireguard - retry "endpoint-address" DNS query on failed resolve;
x86 - ice driver update to v1.11.14;
zerotier - make "identity" setting sensitive.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь