MikroTik RouterOS 7.11.x (stable)

Подробное описание изменений в MikroTik RouterOS 7.11.x. Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 15 августа 2023, дата выхода последнего набора изменений – неизвестна.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь

MikroTik RouterOS 7.11.2

Дата выхода: 31 августа 2023.

Изменения:

dhcp - fixed DHCP server "authoritative" and "delay-threshold" settings (introduced in v7.11.1);

MikroTik RouterOS 7.11.1

Дата выхода: 30 августа 2023.

Изменения:

bridge - fixed fast-path forwarding with HW offloaded vlan-filtering (introduced in v7.11);
bridge - fixed untagged VLAN entry disable;
bridge - fixed vlan-filtering stability with HW and non-HW offloaded ports (introduced in v7.10);
bridge - improved system stability;
bridge - improved vlan-filtering bridge stability with CAPsMAN (introduced in v7.11);
console - improved stability and responsiveness;
dhcp - fixed DHCP server and relay related response delays;
ipsec - fixed IPSec policy when using modp3072;
lte - fixed startup race condition when SIM card is in "up" slot for LtAP mini;

MikroTik RouterOS 7.11

Дата выхода: 15 августа 2023.

Изменения:

api - disallow executing commands without required parameters;
bfd - fixed "actual-tx-interval" value and added "remote-min-tx" (CLI only);
bfd - improved system stability;
bluetooth - added "decode-ad" command for decoding raw Bluetooth payloads (CLI only);
bluetooth - added "Peripheral devices" section which displays decoded Eddystone TLM and UID, iBeacon and MikroTik Bluetooth payloads;
bluetooth - added new AD structure type "service-data" for Bluetooth advertisement;
bridge - added more STP-related logging;
bridge - added warning when VLAN interface list contains ports that are not bridged;
bridge - fixed MAC learning on "switch-cpu" port with enabled FastPath;
bridge - fixed MSTP BPDU aging;
bridge - fixed MSTP synchronization after link down;
bridge - prevent bridging the VLAN interface created on the same bridge;
certificate - allow to import certificate with DNS name constraint;
certificate - fixed PEM import;
certificate - fixed trust store CRL link if generated on an older version (introduced in v7.7);
certificate - improved CRL download retry handling;
certificate - removed request for "passphrase" property on import;
certificate - require CRL presence when using "crl-use=yes" setting;
certificate - restored RSA with SHA512 support;
conntrack - fixed "active-ipv4" property;
console - added ":convert" command;
console - added default value for "rndstr" command (16 characters from 0-9a-zA-Z);
console - fixed incorrect date when printing "value-list" with multiple entries;
console - fixed minor typos;
console - fixed missing "parent" for script jobs (introduced in v7.9);
console - fixed missing return value for ping command in certain cases;
console - fixed printing interval when resizing terminal;
console - improved flag printing in certain menus;
console - improved stability and responsiveness;
console - improved stability when canceling console actions;
console - improved stability when using fullscreen editor;
console - improved timeout for certain commands and menus;
console - improved VPLS "cisco-id" argument validation;
container - added IPv6 support for VETH interface;
container - added option to use overlayfs layers;
container - adjust the ownership of volume mounts that fall outside the container's UID range;
container - fixed duplicate image name;
container - fixed IP address in container host file;
defconf - do not change admin password if resetting with "keep-users=yes";
dhcp-server - fixed setting "bootp-lease-time=lease-time";
discovery - fixed "lldp-med-net-policy-vlan" (introduced in v7.8);
dns - improved system stability when processing static DNS entries with specified address-list;
ethernet - fixed forced half-duplex 10/100 Mbps link speeds on CRS312 device;
ethernet - improved interface stability for CRS312 device;
fetch - improved timeout detection;
firewall - added warning when PCC divider argument is smaller than remainder;
firewall - fixed mangle "mark-connection" with "passthrough=yes" rule for TCP RST packets;
firewall - improved system stability when using "endpoint-independent-nat";
graphing - added paging support;
health - added more gradual control over fans for CRS3xx, CRS5xx, CCR2xxx devices;
health - fixed configuration export for "/system/health/settings" menu;
hotspot - allow number as a first symbol in the Hotspot server DNS name;
ike1 - fixed Phase 1 when using aggressive exchange mode (introduced in v7.10);
ike2 - improved SA rekeying reply process;
ike2 - improved system stability when closing phase1;
ike2 - improved system stability when making configuration changes on active setup;
ike2 - log "reply ignored" as non-debug log message;
ipsec - fixed public key export (introduced in v7.10);
ipsec - fixed signature authentication using secp521r1 certificate (introduced in v7.10);
ipsec - improved IKE2 rekey process;
ipsec - properly check ph2 approval validity when using IKE1 exchange mode;
l3hw - changed minimal supported values for "neigh-discovery-interval" and "neigh-keepalive-interval" properties;
l3hw - fixed /32 and /128 route offloading after nexthop change;
l3hw - fixed incorrect source MAC usage for offloaded bonding interface;
l3hw - improved system responsiveness during partial offloading;
l3hw - improved system stability during IPv6 route offloading;
l3hw - improved system stability;
led - fixed manually configured user LED for RB2011;
leds - blink red system-led when LTE is not connected to the network on D53 devices;
leds - fixed system-led color for "GSM EGPRS" RAT on D53 devices;
lora - added new EUI field;
lora - added uplink message filtering option using NetID or JoinEUI;
lora - moved LoRa service to IoT package;
lora - properly apply configuration changes when multiple LoRa cards are used;
lora - updated LoRa firmware for R11e-LR8, R11e-LR9 and R11e-LR2 cards;
lte - added "at-chat" support for Dell DW5821e-eSIM modem;
lte - added "at-chat" support for Dell DW5829 modem;
lte - added "at-chat" support for Fibocom L850-GL modem;
lte - added "at-chat" support for SIMCom 8202G modem;
lte - added "band" info to the "monitor" command for MBIM modems that support serving cell info reporting over MBIM;
lte - added extended support for Neoway N75 modem;
lte - fixed Dell DW5221E "at-chat" support;
lte - fixed LtAP mini default SIM slot "down" changeover to "up" after an upgrade (introduced in v7.10beta1);
lte - fixed NR SINR reporting for Chateau 5G;
lte - fixed R11e-LTE, R11e-LTE6 legacy 2G/3G RAT mode selection;
lte - fixed Telit LE910C4 "at-chat" support;
lte - improved initial interface startup time for SXT LTE 3-7;
lte - improved system stability when changing the "radio" state for MBIM modems;
lte - only listen to DHCP packets for LTE passtrough interface in auto mode when looking for the host;
modem - added initial support for BG77 modem DFOTA firmware update;
modem - changed Quectel EC25 portmap to expose DM (diag port), DM channel=0, GPS channel=1;
modem - fixed missing sender's last symbol in SMS inbox if the sender is an alphabetic string;
mpls - improved MPLS TCP performance;
mqtt - added more MQTT publish configuration options;
mqtt - added new MQTT subscribe feature;
netwatch - added "src-address" property;
netwatch - changed "thr-tcp-conn-time" argument to time interval;
ovpn - do not try to use the "bridge" setting from PPP/Profile, if the OVPN server is used in IP mode (introduced in v7.10);
ovpn - fixed OVPN server peer-id negotiation;
ovpn - fixed session-timeout when using UDP mode;
ovpn - improved key renegotiation process;
ovpn - include "connect-retry 1" and "reneg-sec" parameters into the OVPN configuration export file;
ovpn - properly close OVPN session on the server when client gets disconnected;
package - treat disabled packages as enabled during upgrade;
poe - fixed missing PoE configuration section under specific conditions;
poe-out - advertise LLDP power-mdi-long even if no power allocation was requested (introduced in v7.7);
pppoe - fixed PPPoE client trying to establish connection when parent interface is inactive;
profile - added "container" process classifier;
profile - properly classify "console" related processes;
qos-hw - keep VLAN priority in packets that are sent from CPU;
quickset - correctly apply configuration when using "DHCP Server Range" property;
resource - fixed erroneous CPU usage values;
rose-storage - added "scsi-scan" command (CLI only);
rose-storage - added disk stats for ramdisks;
rose-storage - fixed RAID 0 creation;
rose-storage - limit striped RAID element size to smallest disk size;
route - added comment for BFD configuration (CLI only);
route - convert BFD timers from milliseconds to microseconds after upgrade;
routerboard - fixed "gpio-function" setting on RBM33G ("/system routerboard upgrade" required);
routerboard - improved RouterBOOT stability for Alpine CPUs ("/system routerboard upgrade" required);
routerboard - removed unnecessary serial port for netPower16P and hAP ax lite devices ("/system routerboard upgrade" required);
routerboot - increased etherboot bootp timeout to 40s on MIPSBE and MMIPS devices ("/system routerboard upgrade" required);
sfp - fixed incorrect optical SFP temperature readings (introduced in v7.10);
sfp - improved interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 based switches;
sfp - improved optical QSFP interface handling for 98DX8332, 98DX3257, 98DX4310, 98DX8525 switches;
sfp - improved Q/SFP interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
sfp - reduce CPU load due to SFP interface handling for CCR2116, CCR2216, CCR2004-12S+2XS, CRS312, CRS518 devices (introduced in v7.9)
sms - increased wait time for modem startup;
ssh - fixed host public key export (introduced in v7.9);
ssh - fixed private key import (introduced in v7.9);
ssh - fixed SSH key agreement on the client side when ed25519 used under server settings;
ssh - fixed user RSA private key import;
switch - fixed "reset-counters" for "switch-cpu";
switch - fixed BPDU packet processing on MT7621, MT7531 with HW offloaded vlan-filtering;
switch - improved multicast packet forwarding on MT7621;
system - disallow setting a non-existing CPU core number for system IRQ;
system - increased maximum supported CPU core count to 512 on CHR and x86;
system - reduced RAM usage for SMIPS devices;
tftp - improved file name matching;
user - added "sensitive" policy requirement for SSH key and certificate export;
w60g - improved stability for Cube 60Pro ac and CubeSA 60Pro ac devices;
webfig - added option to enable wide view in item list;
webfig - fixed "Connect To" configuration changes for L2TP client;
webfig - fixed gray-out italic font for entries after enable;
webfig - use router time zone for date and time;
wifiwave2 - added "steering" parameters and menu to set up and monitor AP neighbor groups (CLI only);
wifiwave2 - added more information on roaming candidates to BSS transition management requests (802.11v) and neighbor report responses (802.11k);
wifiwave2 - added option to filter frames captured by the sniffer command (CLI only);
wifiwave2 - automatically add wifi interfaces to appropriate bridge VLAN when wireless clients with new VLAN IDs connect;
wifiwave2 - changed default behavior for handling duplicate client MAC addresses, added settings for changing it (CLI only);
wifiwave2 - enabled PMK caching with EAP authentication types;
wifiwave2 - fixed "reg-info" information for several countries;
wifiwave2 - fixed "security.sae-max-failure" rate not limiting authentications correctly in some cases;
wifiwave2 - fixed clearing CAPsMAN Common Name when disabling "lock-to-caps-man";
wifiwave2 - fixed interface hangs on IPQ6010-based boards (introduced in v7.9);
wifiwave2 - improved stability when changing interface settings;
wifiwave2 - improved stability when receiving malformed WPA3-PSK authentication frames;
wifiwave2 - make info log less verbose during client roaming (some info moved to wireless,debug log);
wifiwave2 - rename "reg-info" country argument from "Macedonia" to "North Macedonia";
wifiwave2 - use correct status code when rejecting WPA3-PSK re-association;
winbox - added missing status values for Ethernet and Cable Test;
winbox - added warning about non-running probe due to "startup-delay";
winbox - fixed "Storm Rate" property under "Switch/Port" menu;
winbox - fixed BGP affinity display;
winbox - fixed default "Ingress Filtering" value under "Bridge" menu;
winbox - improved supout.rif progress display;
winbox - rename "Group Master" property to "Group Authority" under "Interface/VRRP" menu;
wireguard - fixed peer connection using DNS name on IP change;
wireguard - fixed peer IPv6 "allowed-address" usage;
wireless - ignore EAPOL Logoff frames;
x86 - updated e1000 driver.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь