MikroTik RouterOS 7.12.x (stable)

Материал из MikroTik Wiki

Подробное описание изменений в MikroTik RouterOS 7.12.x. Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 9 ноября 2023, дата выхода последнего набора изменений – 17 ноября 2023.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA. 
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь

MikroTik RouterOS 7.12.2

Дата выхода: 20 декабря 2023.

(factory only release)

MikroTik RouterOS 7.12.1

Дата выхода: 17 ноября 2023.

Изменения:

  • defconf - fixed bogus wifi password on certain Audience devices;
  • ipv6 - do not send out IPv6 RA deprecate message for re-used prefix;
  • ospf - fixed LSA Type3 advertisement for OSPFv2;
  • ppc - fixed RouterOS bootup (introduced in v7.12);
  • qsfp - fixed supported rates for breakout cables;
  • winbox - added missing arguments for "MAC Format" under "Wireless/Security Profiles/RADIUS" menu;


MikroTik RouterOS 7.12

Дата выхода: 9 ноября 2023.

Изменения:

  • ethernet - changed "advertise" and "speed" arguments, and removed "half-duplex" setting under "/interface ethernet" menu;
  • health - removed "temperature" health entry from boards, where it was the same as "sfp-temperature";
  • sfp - convert configuration to support new link modes for SFP and QSFP type of interfaces;
  • api - fixed fetching objects with warning option from REST API;
  • bfd - fixed sessions when setting VRF;
  • bfd - improved system stability;
  • bgp - fixed "atomic-aggregate" always set in output;
  • bgp - fixed "input.filter-chain" argument selection in VPN configuration;
  • bgp - fixed local and remote port settings for BGP connections;
  • bgp - fixed typos and missing spaces in log messages;
  • bgp - implemented IGP metric sending in BGP messages;
  • bgp - improved logging;
  • bgp - increase "hold-time" limit to 65000;
  • bluetooth - added basic support for connecting to BLE peripheral devices;
  • bluetooth - use "g" units when decoding MikroTik beacon acceleration on peripheral devices menu;
  • bridge - fixed fast-path forwarding with HW offloaded vlan-filtering (introduced in v7.11);
  • bridge - fixed untagged VLAN entry disable;
  • bridge - fixed vlan-filtering stability with HW and non-HW offloaded ports (introduced in v7.10);
  • bridge - improved system stability;
  • bridge - improved vlan-filtering bridge stability with CAPsMAN (introduced in v7.11);
  • bth - added "Back To Home" VPN service for ARM, ARM64, and TILE devices;
  • calea - improved system stability when trying to add rules without the CALEA package;
  • certificate - allow to get and maintain Let's Encrypt certificate in IPv6 environment;
  • certificate - allow to remove issued certificates when CRL is not used;
  • certificate - fixed "subject-alt-name" duplicating itself when SCEP is used;
  • certificate - fixed certificate auto renewal via SCEP;
  • certificate - improved certificate validation logging error messages;
  • certificate - log CRL HTTP errors under the "error" logging topic;
  • chr - iavf updated driver to 4.9.1 version;
  • chr - increased OVA default RAM amount from 160MB to 256MB;
  • console - added ":jobname" command;
  • console - added "as-string" and "as-string-value" properties for "get" command;
  • console - added "terminal/ask" command;
  • console - added "transform" property for ":convert" command;
  • console - display "End-User License Agreement" prompt after configuration reset;
  • console - export required properties with default values;
  • console - fixed scheduler "on-event" script highlighting when editing;
  • console - improved ":totime" and ":tonum" commands and added ":tonsec" command for time value manipulation;
  • console - improved multi-argument property parsing into array;
  • console - improved randomness for ":rndstr" and ":rndnum" commands;
  • console - improved stability and responsiveness;
  • console - improved stability when editing long scripts;
  • console - improved stability when using "special-login";
  • console - improved system stability through RoMON session;
  • console - improved system stability when using autocomplete;
  • console - improved system stability;
  • console - restrict permissions to "read,write,reboot,ftp,romon,test" for scripts executed by DHCP, Hotspot, PPP and Traffic-Monitor services;
  • console - show full date and time in scheduler "next-run" property;
  • dhcp - fixed DHCP server and relay related response delays;
  • email - rename "address" property to "server";
  • ethernet - added "supported" and "sfp-supported" values for "monitor" command;
  • firewall - added "ein-snat" and "ein-dnat" connection NAT state matchers for filter and mangle rules;
  • flash - show more accurate "total-hdd-space" resource property;
  • gps - expose GPS port for Quectel EM12-G (vendor-id="0x2c7c", device-id="0x0512");
  • ike1 - fixed invalid key length on phase1 negotiation;
  • ike1 - log an error when non-RSA keys are being used;
  • ike2 - improved rekey collision handling;
  • interface - added "macvlan" interface support;
  • iot - fixed an issue where applying a script to GPIO pin caused GPIO to stop working;
  • iot - fixed behavior where GPIO output state would change on boot;
  • ipsec - fixed Diffie-Hellman public value encoding size;
  • ipsec - fixed IPSec policy when using modp3072;
  • ipsec - fixed minor typo in logs;
  • ipsec - reduce disk writes when started without active configuration;
  • ipv6 - fixed IPv6 RA delay time from 5s to 500ms according to RFC;
  • ipv6 - send RA and RA deprecate messages out three times instead of just once;
  • l3hw - fixed IPv6 route suppression;
  • l3hw - improved system stability during IPv6 route offloading;
  • l3hw - prioritize local IP addresses over the respective /32 and /128 routes;
  • led - fixed "interface-status" configuration for virtual interfaces;
  • led - fixed 5G modem mobile network category LED colours;
  • leds - added "dark-mode" functionality for RBwAPG-5HacD2HnD;
  • leds - added "wireless-status" and "wireless-signal-strength" configuration types for wifiwave2 interfaces;
  • log - improved logging for user actions;
  • lora - added LNS protocol support;
  • lte - added at-chat support and increased wait time on modem at-chat for Dell DW5821e, DW5821e-eSIM, DW5829e and DW5829e-eSIM;
  • lte - added SINR reporting for FG621-EA modem;
  • lte - changed R11e-LTE ARP behavior to NoArp;
  • lte - fixed 5G data-class reporting for Chateau 5G;
  • lte - fixed APN authentification in multi APN setup for R11e-LTE6;
  • lte - fixed FG621-EA possible timeouts during firmware upgrade;
  • lte - fixed IPv6 prefix for MBIM modems in multi-apn setup when IPv6 APN used as not first APN;
  • lte - fixed RSSI for FG621-EA modem to show the correct value;
  • lte - fixed Sierra modem detection for modems with vendor-specific USB descriptors;
  • lte - fixed Sierra modem initialization;
  • lte - fixed startup race condition when SIM card is in "up" slot for LtAP mini;
  • lte - fixed sub-interface auto-removal in multiple APN setups;
  • lte - show correct data class when connected to 5G SA network;
  • lte - use more compact logging messages;
  • modbus - added additional security settings for Modbus TCP;
  • mpls - added option to match and set MPLS EXP with bridge and mangle rules;
  • mpls - fixed "propagate-ttl=no" setting;
  • mpls - improved FastPath next-hop selection hash algorithm;
  • mqtt - added on-message feature for subscribed topics;
  • mqtt - added parallel-scripts-limit parameter to set maximum allowed number of scripts executed at the same time;
  • mqtt - added wildcard topic subscription support;
  • netinstall - added option to discard branding package;
  • netinstall - display package filename in GUI Description column if package description is not specified;
  • netinstall-cli - added empty configuration option "-e";
  • netinstall-cli - added option to discard branding package;
  • netinstall-cli - allow ".rsc" script filenames;
  • netinstall-cli - prioritise interface option over address option;
  • netinstall-cli - updated configuration option description;
  • netwatch - decreased "thr-tcp-conn-time" maximum limit to 30 seconds;
  • ospf - fixed adding ECMP routes;
  • ospf - fixed BFD on virtual-link with configured VRF;
  • ospf - fixed OSPFv3 authentication header length calculation;
  • ospf - fixed OSPFv3 not working with NSSA areas;
  • ospf - fixed parsing of opaque LSAs used by TE;
  • ospf - fixed translated NSSA routes not showing in backbone;
  • ovpn - added "tls-auth" option support for imported .ovpn profiles;
  • ovpn - improved system stability;
  • pimsm - fixed BSR update process;
  • pimsm - fixed UIB update process;
  • pimsm - improved system stability;
  • poe-out - driver optimization for AF/AT controlled boards;
  • poe-out - fixed rare CRS328 poe-out menu and poe-out port config loss after reboot;
  • poe-out - improved "auto" mode for devices with single PoE-out port;
  • poe-out - removed "auto" mode support for L009 devices;
  • port - add support for Huawei MS237h-517;
  • port - expose NMEA/DIAG ports for Dell DW5821e and DW5821e-eSIM;
  • qsfp - added 50Gbps rate support for QSFP28 interfaces;
  • qsfp - fixed incorrect QSFP temperature readings in negative temperature;
  • qsfp - improved auto link detection for AOC cables;
  • qsfp - use sub-interface configuration for establishing link (for 40Gbps and 100Gbps links, all sub-interfaces must be enabled);
  • quickset - fixed "LAN" interface list members if configuration does not contain bridge;
  • rip - added BFD support;
  • rip - fixed session not working in VRF;
  • route - added "single-process" configuration setting, enabled by default on devices with 64MB or less RAM memory;
  • route - added "suppress-hw-offload" setting for IPv6 routes;
  • route - fixed gateway after link restart;
  • route - removed deprecated "received-from" property;
  • route - reverse community "delete" and "filter" command behavior;
  • routerboard - added "reset-button" support for RB800, RB1100 and RB1100AHx2 devices;
  • routerboard - fixed "reset-button" support for wAP ac and wAP R ac devices;
  • sfp - added 5Gbps rate for SFP+ interface on 98DX224S, 98DX226S, and 98DX3236 switch chips;
  • sfp - fixed missing "rx-power" monitor with certain modules (introduced in v7.10);
  • sfp - fixed occasional bad EEPROM data reading for L009 devices;
  • sfp - improved interface stability for SFP and QSFP types of interfaces;
  • sfp - improved system stability with certain modules for 98DX224S, 98DX226S, 98DX3236, 98DX8216 and 98DX8208 switch chips;
  • snmp - changed "mtxrGaugeValue" type to integer;
  • ssh - added support for user ed25519 public keys;
  • ssh - allow to specify key owner on import;
  • ssh - fixed SSH tunnel performance (introduced in v7.10);
  • ssh - improved connection stability when pasting large chunks of text into console;
  • supout - added interface list members section;
  • supout - added LLDP power to supout.rif;
  • supout - fixed BFD section;
  • switch - improved resource allocation for 98DX224S, 98DX226S, and 98DX3236 switch chips;
  • switch - improved switch chip stability for CCR2004-16g-2s+ devices;
  • system - fixed process multithreading (introduced in v7.9);
  • system - improved system stability during booting for L009 devices;
  • system - improved system stability when MD5 checksums are used;
  • tftp - fixed empty file name matching;
  • tile - improved system stability when using queues;
  • traffic-generator - added "priority" property for "inject" command;
  • traffic-generator - fixed traffic-generator on CHR and x86;
  • usb - added support for RTL8153 USB ethernet on ARM, ARM64 and x86;
  • vrf - limit maximum VRFs to 1024;
  • vxlan - improved system stability for Tile devices;
  • webfig - fixed "Days" property configuration change under "IP/Firewall" menu;
  • webfig - fixed timezone for interface "Last Link Down/Up Time";
  • webfig - improved Webfig performance and responsiveness;
  • webfig - try to re-establish connection after disconnect;
  • wifiwave2 - added an alternative QoS priority assignment mechanism based on IP DSCP;
  • wifiwave2 - added comment property for registration-table;
  • wifiwave2 - added station-bridge interface mode;
  • wifiwave2 - correctly add interface to specified "datapath.interface-list";
  • wifiwave2 - do not show default "l2mtu" on compact export;
  • wifiwave2 - enable changing interface MTU and L2MTU;
  • wifiwave2 - fixed malformed Interworking packet elements;
  • wifiwave2 - fixed PTK renewal for interfaces in station mode;
  • wifiwave2 - fixed re-connection failures for 802.11ax interfaces in station mode;
  • wifiwave2 - fixed sniffer command not receiving any QoS null function frames when using 802.11ax radios;
  • wifiwave2 - fixed untagged VLAN 1 entry when using "vlan-id" setting together with vlan-filtering bridge;
  • wifiwave2 - fixed warning on CAP devices when radar detected;
  • wifiwave2 - implemented an option to transmit IP multicast packets as unicasts;
  • wifiwave2 - improved compliance with regulatory requirements;
  • wifiwave2 - limit L2MTU to 1560 until a fix is available for a bug causing interfaces to fail transmitting larger frames than that;
  • wifiwave2 - list APs with a higher maximum data rate as more preferable roaming candidates;
  • wifiwave2 - log more information regarding authentication failures;
  • wifiwave2 - make 4-way handshake procedure more robust when acting as supplicant (client);
  • wifiwave2 - use CAPsMAN's "datapath.vlan-id" on CAP for bridge port "pvid";
  • winbox - added "Addresses" property under "Routing/BFD/Configuration" menu;
  • winbox - added "BUS" property for USB Power Reset button for LtAP-2HnD and CCR1072;
  • winbox - added "Comment" under "Routing/BFD/Configuration" menu;
  • winbox - added "g" flag under "IPv6/Routes" menu;
  • winbox - added "Host Key Type" setting under "IP/SSH" menu;
  • winbox - added "Key Owner" setting under "System/User/SSH Keys" and "System/User/SSH Private Keys" menus;
  • winbox - added "Name Format" property under "WifiWave2/Provisioning" menu;
  • winbox - added "Remote Min Tx" parameter under "Routing/BFD/Session" menu;
  • winbox - added "Startup Delay" setting under "Tools/Netwatch" menu;
  • winbox - added "USB" button under "System/RouterBOARD" menu for LtAP-2HnD;
  • winbox - added "Use BFD" setting under "Routing/RIP/Interface-Template" menu;
  • winbox - added Enable/Disable button under "Routing/RIP/Static Neighbors" menu;
  • winbox - added missing properties under "WifiWave2" menu;
  • winbox - added MQTT subscription menu;
  • winbox - allow to change port numbers for SCTP, DCCP, and UDP-LITE protocols under "IP/Firewall" menus;
  • winbox - allow to set multiple addresses and added IPv6 support under "Interface/VETH" menu;
  • winbox - allow to specify server as DNS name under "Tools/Email" menu;
  • winbox - changed "MBR Partition Table" checkbox to unchecked by default under "System/Disks/Format-Drive" menu;
  • winbox - do not show "F" flag for disabled entries under "IP/Routes" menu;
  • winbox - fixed "Address" property under "WifiWave2/Remote-CAP" menu;
  • winbox - fixed "Do" property under "Routing/Filters/Select Rule" menu;
  • winbox - fixed "Group Key Update" maximum value under "WifiWave2/Security" menu;
  • winbox - fixed "Range" property under "Routing/Filters/Num Set" menu;
  • winbox - fixed "Switch" menu for CCR2004-16G-2S+;
  • winbox - fixed entry numbering and ordering under "WifiWave2/Provisioning" menu;
  • winbox - fixed minor typos;
  • winbox - improved support for certain properties under "WifiWave2/Interworking Profiles" menu;
  • winbox - rename "DSCP" setting to "DSCP (+ECN)" under "Tools/Traffic-Generator/Packet-Templates" menu;
  • winbox - rename "Name" setting to "List" under "IP,IPv6/Firewall/Address-List" menu;
  • winbox - rename "Password" button to "Change Now" under "System/Password" menu;
  • winbox - show "unknown" value for "FS" property under "System/Disks" menu if the data is not available;
  • wireguard - added "auto" and "none" parameter for "private-key" and "presharde-key" parameters;
  • wireguard - added "wg-export" and "wg-import" functionality (CLI only);
  • wireguard - allow to specify client settings under peer menu which will be included in configuration file and QR code;
  • wireguard - request public or private key to be specified in order to create peer;
  • wireless - added more "radius-mac-format" options (CLI only);
  • wireless - fixed malformed Interworking packet elements;
  • www - fixed allowed address setting for REST API users;
  • www - fixed fragmented POST data for SCEP service;
  • x86 - added support for Mellanox ConnectX-6 Dx NIC;
  • x86 - i40e updated driver to 2.23.17 version;
  • x86 - igb updated driver to 5.14.16 version;
  • x86 - igbvf updated driver from in-tree Linux kernel;
  • x86 - igc updated driver to 5.10.194 version;
  • x86 - ixgbe updated driver to 5.19.6 version;
  • x86 - Realtek r8169 updated driver;
  • x86 - updated latest available pci.ids;

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA. 
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь