MikroTik RouterOS 7.6.x (stable)

Подробное описание изменений в MikroTik RouterOS 7.6.x. Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 17 октября 2022, дата выхода последнего набора изменений – 17 октября 2022.

Полезные материалы по MikroTik

Чек-лист по настройке MikroTik
Проверьте свою конфигурацию по 28-ми пунктам. Подходит для RouterOS v6 и v7. Дата публикации: 2022.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. В январе и феврале 2023 будут разбираться темы Wi-Fi и QoS. Подписывайтесь

MikroTik RouterOS 7.6

Дата выхода: 17 октября 2022.

Изменения:

• bgp - added support for BGP advertisement displaying (CLI only);
• bgp - fixed reporting of session uptime;
• bgp - improved session establishment speed after bootup;
• bonding - fixed ARP monitor packets with bond's MAC address;
• bonding - improved interface stability on slave configuration changes;
• bonding - reduce "actual-mtu" according to interface "l2mtu";
• branding - execute "autorun.scr" file when installing branding package;
• capsman - fixed RADIUS accounting when EAP is used;
• certificate - fixed SHA1 certificate name lookup;
• certificate - improved certificate management, signing and storing processes;
• certificate - restricted maximum retry attempt window for Let's Encrypt certificate to 60 minutes;
• container - added "start-on-boot" parameter for automatic container startup;
• container - allow changing container related parameters while it is running;
• container - fixed usage of non-authenticated registries;
• dhcpv4-server - fixed matcher functionality;
• dhcpv4-server - fixed RADIUS accounting for local leases;
• dhcpv4-server - improved service stability when removing dynamic leases;
• dhcpv6-client - fixed false error status reporting when server offers T1 or T2 value as 0;
• dns - added "match-subdomain" option for static entries (CLI only);
• dot1x - fixed incorrect error when using "mac-auth";
• ethernet - added "5Gbps" option for speed setting;
• firewall - added "src/dst-address-type" parameter under "IPv6/Firewall/Mangle" menu;
• firewall - disable IRC NAT helper on upgrade;
• firewall - fixed IPv6 filtering with "in/out-interface" matcher that is in VRF;
• firewall - fixed IRC NAT helper (CVE-2022-2663);
• firewall - fixed usage of "netmap" action for IPv6 source NAT;
• health - fixed fan speed and temperature reporting on CCR1072;
• health - improved voltage reading on RBmAP-2nD;
• hotspot - fixed service initialization when HTML directory configured on an external disk;
• hotspot - fixed SSL usage on all HotSpot pages;
• hotspot - improved stability when receiving bogus packets;
• hotspot - limit maximum allowed connections based on free RAM resources;
• hotspot - removed "routerboard.com" URL from default HotSpot advertise;
• interface - added warning when interface has configured "mtu" higher than "l2mtu";
• ipsec - added "invalid-packets" counter for Installed SA's menu;
• ipsec - fixed packet processing by hardware encryption engine on MMIPS devices;
• l3hw - added "l3hw-settings" sub menu under the switch menu;
• l3hw - added support for IPv6 route offloading (disabled by default);
• l3hw - fixed "H" flag presence for accelerated connection tracking entries;
• l3hw - fixed possible packet loss when using HW offloaded NAT;
• l3hw - improved connected host offloading on startup;
• l3hw - improved connected IPv6 host offloading when routing table is nearly full for 98DX224S, 98DX226S, and 98DX3236 switch chips;
• l3hw - improved system stability;
• l3hw - made route offloading selection work only on unicast;
• lte - added interface name in MTU debug logging message;
• lte - added periodic IPv6 RS to trigger IPv6 adress acquisition for non-MBIM modems;
• lte - added support for Neoway N75-EA;
• lte - added support to perform FOTA upgrade from local file for EG12-EA, EG18-EA, RG502Q-AE, EG06-A, EP06-A modems;
• lte - disabled RPLMN on Chateau 5G;
• lte - fixed at-chat on Telit FN980m;
• lte - fixed handover from UMTS to LTE when PS activation had failed for MBIM modems;
• lte - fixed MBIM modem initialization;
• lte - fixed re-attaching on PS detach for MBIM modems;
• lte - removed reconnect delay after receiving DETACH notification for MBIM modems;
• macsec - added configuration support with VLAN, ARP, DHCP and bridge tagging/untagging;
• macsec - added logging support with "debug" and "dot1x" topics;
• macsec - added support for MTU and L2MTU;
• macsec - fixed interface after Ethernet link down;
• macsec - fixed interface statistics and missing properties;
• macsec - fixed interface status;
• macsec - fixed multiple interface creation on different Ethernet ports
• macsec - improved interface stability;
• macsec - improved system stability for TILE and RB5009 devices;
• macsec - removed interface from SMIPS devices;
• mac-telnet - respect interface MTU setting when sending packets for MAC-Telnet and MAC-WinBox;
• netwatch - fixed string variable values in script;
• ntp - improved initial synchronization speed after bootup;
• ospf - added SHA hashing for authentication;
• ospf - fixed area "no-summary" setting;
• ospf - fixed checksum calculation;
• ospf - fixed displaying of VRF interface in related logs;
• ospf - fixed transmit of LSA/ACK's on p2p interfaces;
• ospf - improved logging when invalid configuration is detected;
• ospf - refresh OSPFv3 interface configuration when IPv6 network becomes available;
• ovpn - added IPv6 support;
• ovpn - added VRF support for client;
• ppp - fixed memory leak;
• ppp - improved service stability when multiple users disconnect simultaneously;
• pppoe - fixed MRU negotiation even when it is set to 1500;
• qsfp - added interface temperature warnings and shutdown;
• queue - improved stability for CAKE type queues;
• radius - require "policy" policy for "login" service configuration;
• rip - fixed passwordless MD5 authentication;
• route-filter - fixed filtering for multiple community routes;
• route-filter - fixed memory allocation when moving entries;
• route - fixed disappearance of inactive static routes after upgrade;
• route - fixed memory leak;
• routerboard - return router's short name in "model" parameter;
• routerboard - set "Delete" as default key to enter booter menu ("/system routerboard upgrade" required);
• serial - added support for newer PL2303 serial controllers;
• sfp - improved QSFP/SFP interface stability for 98DXxxxx and 98PX1012 switches;
• sms - added "status-report-request" parameter for "send" command;
• sms - fixed handling of SMS send attempts on unsupported modems;
• snmp - improved retrieval of routing related OID's;
• snmp - improved stability when receiving bogus packets;
• ssh - increased key generation timeout;
• sstp - added VRF support for client;
• supout - added tr069-client section;
• supout - removed duplicate "bridge-controller" section;
• switch - improved traffic forwarding at 5Gbps rate for 98DX8525, 98DX4310 switches;
• system - renamed error messages when trying to edit or remove dynamic entries;
• tile - improved system stability when processing packets;
• tr069-client - do not allow ":" symbols in username;
• tr069-client - fixed reporting of "X_MIKROTIK_MimoRSRP" parameter;
• user-manager - accept any username for outer authentication;
• user-manager - added "comment" parameter for batch user creation;
• user-manager - added support for multiple accounting sessions;
• user-manager - added variables to print profile name and end time in voucher templates;
• user-manager - allow specifying router's address as subnet;
• user-manager - fixed "migrate-legacy-db" command;
• user-manager - fixed session expiry when it is stopped by Disconnect-Request;
• user-manager - forced username verification against client's certificate for EAP-TLS;
• user-manager - use "Class" attribute to associate user's accounting session;
• user - removed unused "dude" policy;
• vrrp - fixed connection tracking synchronization on MMIPS and MIPSBE devices;
• vxlan - added IPv6 support for remote VTEPs (only IPv4 or IPv6 will be used at the same time, use "vteps-ip-version" property on VXLAN interface to change the version);
• w60g - improved system stability (introduced in v7.5);
• webfig - fixed creation of new IPv6 routes;
• webfig - fixed displaying of "Last Seen" parameter under "IP/DHCP Server/Leases" menu;
• webfig - fixed hex input for "Host Uniq" field;
• webfig - fixed unsetting of "endpoint-address" parameter under "WireGuard/Peers" menu;
• wifiwave2 - fixed enabling of unconfigured interfaces;
• wifiwave2 - fixed malfunction of WPA3 hash-to-element technique when enabled on multiple interfaces;
• wifiwave2 - fixed RADIUS accounting after fast-transition;
• wifiwave2 - fixed "WPA Key Data Length" value in EAPOL frame when FT-EAP-SHA384 AKM is used;
• winbox - added "Active" prefix for current remote and local session ID fields for L2TP-Ether interfaces;
• winbox - added "address-list" parameter under "IP/DNS/Static" menu;
• winbox - added "File Name" option for "Load Config" parameter under "System/SwOS" menu;
• winbox - added icon for TR069-client menu;
• winbox - added MACsec support;
• winbox - added quick filtering option for route list;
• winbox - added "Rapid Commit" parameter support under "IPv6/DHCP-Server" menu;
• winbox - added "Reset Traffic Counters" button for all interfaces;
• winbox - added "type" and "status-report-request" parameters under "Tools/SMS" menu;
• winbox - allow "timeout" value to be less than 1 under "Tools/Netwatch" menu;
• winbox - allow to rename mounted disks;
• winbox - changed order of tabs under "User Manager" menu;
• winbox - changed "uptime" parameter format when using the wifiwave2 package;
• winbox - do not show unavailable features on SMIPS devices;
• winbox - fixed interface traffic graph drawing on RB5009;
• winbox - fixed maximum allowed value for VRRP's "priority" parameter;
• winbox - fixed "Session Uptime" value for not established sessions under "Routing/BGP" menu;
• winbox - fixed "Session Uptime" value under "Routing/BGP" menu;
• winbox - fixed "System/SwOS" window refreshing after changes are detected;
• winbox - fixed "User Manager/User Profiles" window refreshing after changes are detected;
• winbox - made "backup.swb" the default value for SwOS backup;
• winbox - made sessions removable in "User Manager" menu;
• winbox - show "F" flag for failed entries under "Interfaces/VRRP" menu;
• winbox - show "Switch" menu on Chateau LTE18 ax;
• winbox - show "System/Health" only on boards that have health monitoring;
• winbox - show "System/RouterBOARD/Mode Button" on devices that have such feature;
• wireguard - strip whitespaces from keys;
• wireless - disallowed using "default" as scan list or channel names;
• wireless - fixed incorrectly applied ingress priority to non-wireless packets;
• wireless - fixed missing wireless interface on some RB921GS-5HPacD devices;
• www - improved stability when receiving bogus packets;
• x86 - improved ixgbe driver support.

Полезные материалы по MikroTik

Чек-лист по настройке MikroTik
Проверьте свою конфигурацию по 28-ми пунктам. Подходит для RouterOS v6 и v7. Дата публикации: 2022.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. В январе и феврале 2023 будут разбираться темы Wi-Fi и QoS. Подписывайтесь