MikroTik RouterOS 7.14.x (stable)

Материал из MikroTik Wiki

Подробное описание изменений в MikroTik RouterOS 7.14.x. Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 29 февраля 2024, дата выхода последнего набора изменений – 17 апреля 2024.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315

MikroTik RouterOS 7.14.3

Дата выхода: 17 апреля 2024.

Изменения:

  • bgp - correctly synchronize input.accept-nlri address list;
  • bridge - use default "edge=auto" for dynamically bridged interfaces (PPP, VPLS, WDS);
  • disk - improved system stability;
  • fetch - fixed slow throughput due to "raw" logging which occurred even when not listening to the topic (introduced in v7.13);
  • queue - improved system stability (introduced in v7.6);
  • wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances (CLI only).


MikroTik RouterOS 7.14.2

Дата выхода: 27 марта 2024.

Изменения:

  • defconf - do not override default DHCP server lease time;
  • defconf - fixed 5ghz-ax channel width for L11, L22 devices;
  • ethernet - fixed interface disable for CRS326-4C+20G+2Q;
  • ethernet - improved port speed downshift functionality for CRS326-4C+20G+2Q;
  • leds - fixed LEDs for L22 device;
  • lte - fixed firmware upgrade not found issue for Chateau LTE12 (introduced in v7.14.1);
  • ssh - require "policy" user policy when adding public key;
  • timezone - updated timezone information from "tzdata2024a" release;
  • traffic-flow - improved system stability;
  • vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);
  • wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances (CLI only).

MikroTik RouterOS 7.14.1

Дата выхода: 11 марта 2024.

Изменения:

  • bgp-vpn - use VRF interface as gateway for leaked connected routes;
  • chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);
  • chr - fixed bogus messages printed out while booting up the system (introduced in v7.14);
  • console - fixed do/while implementation not working with variables (introduced in v7.14);
  • ethernet - fixed default names for CRS310-8G+2S+ device (introduced in v7.14);
  • lte - fixed R11e-LTE-US modem dial-up;
  • sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14);
  • vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);
  • wireguard - do not attempt to connect to peer without specified endpoint-address.

MikroTik RouterOS 7.14

Дата выхода: 29 февраля 2024.

Изменения:

  • rose-storage - moved SMB service to the RouterOS bundle;
  • smb - removed legacy SMB service (replaced with newer and faster ROSE SMB service, compatible with SMB 2.1, SMB 3.0 and SMB 3.1.1);
  • 6to4 - make "ipsec-secret" sensitive parameter;
  • api - improved REST API stability when processing invalid requests;
  • api - properly return SNMP OIDs when requested;
  • arm - improved system stability when using microSD on RB1100Dx4;
  • arp - added ARP status;
  • bgp - allow to leak routes between local VRFs;
  • bridge - added MLAG support for MSTP bridges;
  • bridge - avoid per-VLAN host flushing on HW offloaded bridge;
  • bridge - fixed auto "path-cost" for bonding interfaces (introduced in v7.13);
  • bridge - fixed MLAG connection after peer-link flap (introduced in v7.13);
  • bridge - fixed packet forwarding after changing HW offloaded bridge interface settings in certain cases (introduced in v7.13);
  • bridge - improved bridge VLAN configuration validation;
  • bridge - improved configuration speed on large VLAN setups;
  • bridge - improved protocol-mode MSTP functionality;
  • bridge - improved protocol-mode STP and RSTP functionality;
  • bridge - make "point-to-point=yes" default value for non-wireless bridge ports;
  • bridge - removed "mst-config-digest" from MSTI menu;
  • bridge - try to set wireless bridge ports as edge ports automatically;
  • bth - added simple "Back To Home Users" manager under IP/Cloud menu;
  • calea - improved system stability when adding bridge rule without "calea" package installed;
  • certificate - improved certificate validation performance;
  • console - added ":tolf" and ":tocrlf" commands for converting line break to/from LF or CRLF;
  • console - added "show-at-cli-login" option to display a note before telnet login;
  • console - added missing "where" clause for "/ipv6/firewall/filter" table print command;
  • console - do not accept negative or too large values for ":delay" command;
  • console - do not allow to use out-of-range values for time type fields;
  • console - fix configuration export when user does not have a "sniff" policy;
  • console - fixed delayed output from ":grep" command in certain cases;
  • console - fixed incorrect behavior of ":onerror" command in certain cases;
  • console - hint on reset command help that ".rsc file" is required for "run-after-reset" parameter;
  • console - improved editor functionality in full screen mode;
  • console - improved stability when using autocomplete with "export";
  • console - increased maximum file content length that can be managed through command line to 60 KB;
  • console - updated copyright notice;
  • container - improved VETH interface management responsiveness and reliability;
  • container - restrict "/container/shell" menu for users without "write" permissions;
  • defconf - added log about configuration reset due to pressed reset button;
  • defconf - fixed Audience scanning-for-wps-ap timeout;
  • defconf - fixed configuration script on KNOT devices if "ppp-out" interface is removed;
  • defconf - fixed firewall rule for IPv6 UDP traceroute;
  • defconf - fixed wifi configuration if interface MAC address is changed;
  • defconf - improved wifi interface detection after upgrade;
  • defconf - increased LTE interface wait time;
  • defconf - updated health settings on configuration revert;
  • defconf - use "fq_codel" queue as default interface queue for wired ports on LTE devices;
  • dhcpv6-client - install dynamic IPv6 blackhole routes in corresponding routing-table;
  • dhcpv6-client - updated error logging when multiple prefixes received on renew;
  • disk - added exFAT and NTFS mount/read/write support;
  • disk - added global disk "settings" menu;
  • disk - fixed changing settings on some GPT formatted disks;
  • disk - properly unmount disk when it is disconnected;
  • dns - do not add new entries to cache if "cache-size" is reached;
  • dns - fixed domain name lookup resolving for internal services;
  • ethernet - fixed issue with default interface names for CRS310-8G+2S+ in rare cases;
  • ethernet - improved cable-test reliability for hAP ax3 PoE out port;
  • ethernet - resolved minor memory leak while processing packets;
  • fetch - added "head" option for "http-method";
  • fetch - added "patch" option for "http-method";
  • fetch - allow specifying link-local address in FTP mode;
  • fetch - allow to use certificate and check-certificate parameters only in HTTPS mode;
  • fetch - do not require "content-length" for HTTP (introduced in v7.13);
  • fetch - fixed DNS resolving when domain has only AAAA entries (introduced in v7.13);
  • fetch - fixed fetch execution when unexpected data is received in HTTP payload;
  • fetch - fixed fetch when using "src-path" with HTTP/HTTPS modes (introduced in v7.13);
  • fetch - fixed fetch when using "src-path" with SFTP mode (introduced in v7.13);
  • fetch - fixed incorrect "src-path" error message when "upload=yes";
  • fetch - fixed IPv4 address logging (introduced in v7.13);
  • fetch - improved fetch stability in SFTP mode;
  • fetch - improved file download stability with HTTP/HTTPS modes;
  • fetch - less verbose logging;
  • fetch - print all "Set-Cookies" headers in response;
  • fetch - treat any 2xx HTTP return code as success (introduced in v7.13);
  • filesystem - improved filesystem integrity for several RB3011 units with automatic firmware upgrade;
  • firewall - added "creation-time" parameter for IPv6 address list entries;
  • firewall - fixed underlying CAPsMAN tunnel reusing packet marks of encapsulated packets;
  • firewall - fixed underlying VXLAN/EoIP tunnel reusing packet marks of encapsulated packets;
  • firewall - increased default "udp-timeout" value from 10s to 30s;
  • health - added limited manual control over fans for CCR1016r2, CCR1036r2 devices;
  • health - changed default "fan-min-speed-percent" from 0% to 12%;
  • health - improved fan control on CRS3xx and CCR1016-12S-1S+r2;
  • health - show voltage when powering KNOT R through Micro-USB;
  • health - updated health properties for CCR1016r2, CCR1036r2 devices;
  • iot - added bluetooth whitelist wildcard asterisk support;
  • iot - added LoRa CUPs protocol support;
  • iot - fixed modbus partial frame reception issue;
  • iot - improved LoRa LNS;
  • iot - improved modbus Tx/Rx switching behaviour;
  • iot - improvements to GPIO behavior on boot;
  • iot - improvements to LoRa CUPS;
  • iot - removed bluetooth whitelist maximum entry limit of 8;
  • ipv6 - made "valid" and "lifetime" parameters dynamic for SLAAC IPv6 addresses;
  • isis - show passive interface active levels;
  • l3hw - fixed IPv6 host offloading in certain cases;
  • l3hw - fixed neighbor offloading after link flap;
  • l3hw - preserve offloading for VLANs when bridge ports are down;
  • leds - added "dark-mode" functionality for hAP ax3 and Chateau ax series devices;
  • leds - do not show LTE connection state/mode using RGB power LED from configless LTE modems;
  • leds - fixed "type=on" LED behaviour after reboot;
  • leds - fixed default LTE LED configuration for wAPR-2nD;
  • leds - fixed modem LED indication for SXT LTE 3-7;
  • leds - fixed wireless type of LED triggers for routers using WiFi package;
  • lte - added "at-chat" support for Sierra Wireless EM9293 5G modem;
  • lte - added AT channel support for Quectel EM120K-GL modem;
  • lte - added redial timer when the MBIM modem fails to register or does not receive APN activation notification;
  • lte - don't duplicate primary band in 5G SA mode for chateau 5G;
  • lte - fixed "use-peer-dns" setting for EC200A modem;
  • lte - fixed an issue for EC200A modem that IPv6 address could be added as IPv4 address;
  • lte - fixed APN authentication for FG621-EA modem;
  • lte - fixed MBIM interface enabling for Quectel EC25 modem (introduced in v7.13);
  • lte - fixed Simcom modem support in 0x9000; 0x9002, 0x9002; 0x901a and 0x901b USB compositions;
  • lte - fixed Simcom modem support in 0x9001 USB composition;
  • lte - fixed support for config-less modem detection (introduced in v7.13);
  • lte - fixed USB mode switch and initialization race condition for configless USB modems;
  • lte - improved FG621-EA modem firmware upgrade;
  • lte - improved modem recovery after failed IPv4 configuration;
  • lte - improved support for "ACER" and "MSFT" branded EM12-G modems;
  • lte - optimized "at-chat" response reading;
  • lte - refactored AT command control for AT modems;
  • modem - fixed SMS removal (introduced in v7.13);
  • modem - improved stability when performing modem FOTA upgrade;
  • mpls - fixed VPN fragmentation when forwarding IP traffic;
  • netinstall-cli - check package and device architecture before formatting;
  • ovpn - added support for pushing routes;
  • ovpn - improved "push-routes" option handling when large amount of routes is specified;
  • ovpn - improved key-renegotiation process;
  • ovpn - improved OVPN configuration file import process;
  • ovpn - improved system stability when using HW encryption on ARM64 devices (introduced in v7.13);
  • ovpn - limit the maximum length for "push-routes" up to 1400 characters;
  • package - added "size" property;
  • package - reduced "wireless" package size for ARM, ARM64, MIPSBE, MMIPS devices;
  • package - reduced package size for SMIPS;
  • poe-out - driver optimization for AF/AT controlled boards;
  • poe-out - fixed "power-cycle" for CRS354-48P-4S+2Q+ device (introduced in v7.13);
  • poe-out - improved 802.3at classification and measurement accuracy;
  • poe-out - improved cable test for hAP ac3 and hAP ax3 devices;
  • poe-out - improved PoE out reliability on routers with a single PoE out interface;
  • port - fixed support for USB/serial adapters (introduced in v7.13);
  • port - removed bogus serial port on RB750Gr3, RB760iGS and RBM11G devices;
  • ppp - added support for "WISPr-Session-Terminate-Time" RADIUS attribute;
  • ppp - log an error when IPv6 DHCP pool is exhausted;
  • ptp - added "aes67" and "smpte" profiles;
  • ptp - added configurable "domain" and "priority2" parameters;
  • ptp - added support for Management message forwarding in BC;
  • ptp - fixed "default" and "g8275.1" profiles go into "slave" instead of "uncalibrated" state;
  • ptp - fixed default values for "802.1as" profile;
  • ptp - fixed flags in Announce message;
  • ptp - fixed potential error in packet exchange;
  • ptp - make clock go into grandmaster state if slave port goes down;
  • qos-hw - fixed "tx-queue7-packet" counter;
  • route - fixed gateways of locally imported vpnv4 routes;
  • route - improved route print "count-only" process speed;
  • route - improved stability on route table lookup;
  • route-filter - added option to set "isis-ext-metric";
  • route-filter - fixed AS path matchers when input and output chains are used;
  • routerboard - added "reset-button" support for RBwAPR-2nD device;
  • sfp - added support for modules requiring single byte I2C read transactions;
  • sfp - fixed corrupted Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases;
  • sfp - fixed corrupted Tx traffic at 10Gbps rate on RB4011 in rare cases;
  • sfp - improve high-power SFP module initialization;
  • sfp - improved combo-sfp handling for CRS328-4C-20S-4S+;
  • sfp - improved link establishment for RB4011 devices;
  • smb - added option to specify SMB service mode as "auto";
  • sms - fixed SMS inbox for FG621-EA modem (introduced in v7.13);
  • sms - fixed SMS sending from WinBox and WebFig (introduced in v7.13);
  • sms - improved system stability when working with SMS;
  • sms - increased SMS read timeout;
  • snmp - added "bgpLocalAs" and "bgpIdentifier" OID reporting;
  • snmp - fixed "bgpPeerFsmEstablishedTime" OID reporting;
  • snmp - hide "MikroTik" in LLDP MIB when branding with hide SNMP option is used;
  • snmp - updated timeout log;
  • ssh - improved SSH performance on ARM, MIPS, MMIPS, SMIPS and TILE devices;
  • ssh - refactored SSH service internal processes;
  • sstp - added support for "aes256-gcm-sha384" encryption;
  • sstp - improved system stability for PPC devices;
  • supout - added PTP section;
  • switch - fixed Ethernet disable/enable for CRS310-8G+2S+ devices;
  • switch - fixed reserved multicast receive on Atheros-8327, QCA8337 switches for R/STP bridge;
  • switch - improved 100G interface stability for 98DX4310 and 98DX8525 switches;
  • switch - minimise potential packet overflows on CRS354;
  • system - changed build time format according to ISO standard;
  • system - expose "lo" and "vrf" interfaces;
  • system - fixed "cpu-frequency" for CRS3xx ARM devices;
  • system - improved memory allocation for ARM64 devices;
  • system - improved RAM allocation for L009UiGS-RM;
  • system - improved system stability when processing packets in FastPath (introduced in v7.13);
  • system - properly assign destination port for HTTP/S connections initiated by the router (introduced in v7.13);
  • system - properly close HTTP/S connections initiated by the router;
  • system - provide more precise "total-memory" value for ARM devices;
  • system - provide more precise "total-memory" value under "System/Resources" menu for L009 and hAP ax lite routers;
  • tftp - improved invalid request processing;
  • timezone - updated timezone information from "tzdata2023d" release;
  • tr069 - don't duplicate cellular info in "X_MIKROTIK_5G" nodes when connected in NR SA mode;
  • tr069 - fixed bandwidth test;
  • tr069-client - show 5G signal info in X_MIKROTIK_5G nodes only for 5G NSA bands;
  • traffic-flow - use 64bit counters for v9 and IPFIX flows;
  • traffic-generator - improved system stability when receiving bogus traffic;
  • usb - show "Supermicro CDC" adapter as Ethernet interface;
  • vlan - fixed non-running VLAN interface after failed MTU change;
  • vrf - prevent VRF interface name collision with interface lists;
  • vxlan - fixed underlying tunnel reusing routing marks of encapsulated packets;
  • webfig - fixed routing table filter under "IP/Routes" menu;
  • webfig - fixed setting the user's password;
  • webfig - fixed showing WireGuard peers;
  • webfig - improved stability when adding new entries under "IP/Routes" menu;
  • wifi - added "station-pseudobridge" interface mode;
  • wifi - fixed issue with setting country profile (introduced in v7.13.1);
  • wifi - improved handling of CAP connections in dual CAPsMAN scenario;
  • wifi - increased value for SAE retransmit period to 3s to improve WPA3 compatibility with IoT client devices;
  • wifi - use "Latvia" as the default value for "country" property;
  • wifi - use correct CAP identity for interface name provisioning after it has been changed by remote-cap/set-identity;
  • wifi-qcom - enable display of regulatory information on L11,L22 devices;
  • wifi-qcom - fixed new connections, when maximum supported number of MAC addresses behind connected station-bridges is reached;
  • wifi-qcom - improve system stability for L11, L22 devices;
  • wifi-qcom - improved memory allocating process;
  • wifi-qcom - improved regulatory compliance for L11, L22 devices;
  • wifi-qcom - improved system stability when using FastPath (introduced in v7.13);
  • winbox - added "accept-protocol-version" parameter to the L2TP server settings;
  • winbox - added "mode-button" and "switch" menus for L41G-2axD&FG621-EA;
  • winbox - added "Name" parameter under "Tools/Netwatch" menu;
  • winbox - added "page-refresh" setting to the Graphing settings;
  • winbox - added "Port Cost Mode" setting under "Bridge" menu;
  • winbox - added "VRF" parameter under "Tools/Ping" menu;
  • winbox - added "x25519" argument for "DH Group" parameter under "IP/IPsec/Profiles" menu;
  • winbox - added missing "Protocol" arguments under "IPv6/Firewall" menu;
  • winbox - added missing monitoring properties under "WireGuard/Peers" menu;
  • winbox - added Preboot Etherboot settings to the System/RouterBOARD/Settings menu;
  • winbox - do not show USB settings for CRS devices that does not need it;
  • winbox - fixed "Bridge Cost" range under "Interfaces/VPLS" menu;
  • winbox - fixed "Password" button under "Quick Set" menu;
  • winbox - improved connection speed and reliability;
  • winbox - improved route table automatic refresh process for static routes;
  • winbox - improved status values under "System/PTP" menu;
  • winbox - improved system stability with large packets;
  • winbox - include "te-tunnel" parameter in VPLS interface monitor;
  • winbox - properly validate "passthrough-subnet-size" in the LTE APN settings;
  • winbox - remove "Root Bridge ID" property under "Bridge/MSTIs" menu;
  • winbox - removed "sfp all" option from combo port settings;
  • winbox - renamed "Wireless Table" menu to "Wifi";
  • winbox - show "routing-table" column under IP/Route menu by default;
  • winbox - show all columns under "Routing/PIM SM/Static RP" menu by default;
  • wireguard - do not allow to use multiple WireGuard interfaces on the same "listen-port";
  • wireguard - optimised and improved WireGuard service logging;
  • x86 - fixed VLAN tagged packet transmit for igb (introduced in v7.12).


Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315