MikroTik RouterOS 7.7.x (stable)

Материал из MikroTik Wiki
Перейти к навигации Перейти к поиску

Подробное описание изменений в MikroTik RouterOS 7.7.x. Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 12 января 2023, дата выхода последнего набора изменений – 12 января 2023.

Полезные материалы по MikroTik

Чек-лист по настройке MikroTik
Проверьте свою конфигурацию по 28-ми пунктам. Подходит для RouterOS v6 и v7. Дата публикации: 2023.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. В апреле и мае 2023 будут разбираться темы Wi-Fi и QoS. Подписывайтесь

MikroTik RouterOS 7.7

Дата выхода: 12 января 2023.

Изменения:

  • bgp - added comment functionality for BGP VPN (CLI only);
  • bgp - do not reflect route back to sender;
  • bgp - fixed BGP advertisement PCAP saver;
  • bgp - fixed connection establishment using link-local addresses;
  • bgp - improved BGP advertisement printing;
  • bgp - improved BGP session load distribution across multiple CPU cores;
  • bgp - properly set "bgp-ext-communities" from "communities" list;
  • bluetooth - added unique advertise message filtering;
  • bonding - properly detect VPLS interface state changes;
  • branding - fixed identity setting from branding package;
  • bridge - added support for static MDB entries;
  • bridge - disallow port-controller while the bridge has MSTP enabled;
  • bridge - fixed "edge=yes" setting for MSTP;
  • bridge - fixed MSTP compatibility with STP;
  • bridge - fixed R/M/STP bridge identifier on protocol-mode change;
  • bridge - fixed RSTP BCP with bridged PPP interfaces;
  • bridge - fixed STP blocking state on port-controller;
  • bridge - fixed host moving with fast-path;
  • bridge - fixed incorrect root port blocking for MSTP;
  • bridge - fixed master port conversion;
  • bridge - fixed mst-override port priority for MSTP;
  • bridge - fixed port priority for STP and RSTP;
  • bridge - improved port-controller system stability;
  • bridge - improved system stability when using MSTP and many VLAN mappings;
  • bridge - removed "age" monitoring property from the host table;
  • certificate - improved Let's Encrypt logging and error recovery;
  • certificate - improved certificate management, signing and storing processes;
  • conntrack - improved system stability when PPTP helper is used;
  • conntrack - improved system stability when processing SCTP connections on TILE;
  • console - updated copyright notice;
  • container - fixed access to "/dev/stderr" from containers;
  • container - fixed handling of groups and usernames from Dockerfile;
  • container - fixed tar extracting;
  • container - made "ram" and "tmp" directories use tmpfs;
  • crs1xx/2xx - fixed "new-customer-pcp" setting for ACL rules;
  • dhcpv6-client - handle receiving of invalid T1 and T2 times;
  • discovery - added "discovered-by" parameter to indicate which protocol discovered the neighbor;
  • discovery - added "mode" parameter for discovery configuration;
  • discovery - fixed neighbor discovery on Mesh interfaces;
  • discovery - report IPv6 LL address if global address does not exist;
  • disk - added support for manual RAM file system (TMPFS) creation (CLI only);
  • disk - improved external storage file system mounting, formatting and naming;
  • dns - do not query upstream DNS servers for matched regex records;
  • dns - fixed changing of "forward-to" parameter for FWD entries;
  • dns - fixed handling of CNAME entry pointing to another FWD entry;
  • dns - fixed handling of FWD entries where "forward-to" is a hostname;
  • dns - fixed incorrect TTL=0 reporting for cached entries;
  • dns - improved resolved static entry addition to address list;
  • dns - improved service stability when CNAME points to a FWD entry;
  • dns - query upstream DNS servers for other record types even if static entry exists;
  • dns - require "write" policy for DNS cache flushing;
  • dns - respond with lowest TTL for inner queries containing A, AAAA, CNAME chains;
  • filesystem - fixed repartition on devices with containers;
  • firewall - added "set-priority" option for IPv6 mangle firewall;
  • firewall - made "dynamic" parameter settable for IPv4 address lists;
  • hotspot - added "install-hotspot-queue" parameter to control dynamic queue creation;
  • hotspot - fixed maximum allowed connections limitation;
  • hotspot - fixed minor memory leak after each successful login from WEB;
  • hotspot - improved limitation of maximum allowed connections;
  • hotspot - improved system stability when clients migrate between bridge ports or VLANs;
  • ike1 - disallow "remote-id" setting for identity;
  • ike1 - fixed XAuth responder trying to recreate phase 1;
  • ike1 - improved expired IPsec-SA processing;
  • ike2 - added support for ChaChaPoly1305 encryption;
  • ike2 - added support for ChaChaPoly1305 encryption;
  • ike2 - added support for DH Group 31 (EC25519) (CLI only);
  • ike2 - fixed rekey notify creation;
  • ike2 - improved certificate payload parsing;
  • interface - do not allow adding invalid "veth" interfaces;
  • interface - improved system stability when handling large packets on CCR2216;
  • interface - show RTL8153 CDC Modem Device as ethernet;
  • ipsec - added "current-address" parameter for peers with DNS address;
  • ipsec - added hardware acceleration support for IPQ-6010;
  • ipsec - added support for AVX optimized SHA acceleration;
  • ipsec - improved "H" (hw-aead) flag presence for accelerated SA's;
  • ipsec - improved IKE payload processing;
  • ipsec - improved configuration of IPsec proposal auth-algorithms;
  • ipsec - removed Blowfish and Camellia encryption algorithms for IKE;
  • ipv6 - do not generate LL addresses for VPN interfaces when IPv6 is disabled;
  • ipv6 - do not use invalid/disabled global addresses for IPv6 ND;
  • l2tp - added VRF support for L2TP Ether interfaces;
  • l3hw - fixed host offloading in a case of MAC address change;
  • l3hw - fixed offloaded NAT for CRS309 switch;
  • l3hw - improved system stability when disabling or enabling L3HW offloading;
  • leds - fixed default LED configuration on netFiber 9;
  • leds - fixed turning off LEDs after system shutdown;
  • lte - added AT channel support for Telit FN990;
  • lte - added CA information in 5G mode;
  • lte - fixed error handling on opening AT control channel;
  • lte - fixed new MTU value validation;
  • lte - improved stability when LTE passthrough is enabled on Chateau 5G;
  • lte - properly show leading zeros in MCC and MNC strings;
  • lte - show band number in "ca-band" in NSA mode on Chateau 5G;
  • lte - use RSRP value reported by MBIM signal for MBIM type modems;
  • macsec - fixed packet duplication on Ethernet interface;
  • macsec - fixed packet transmission using traffic-generator;
  • macsec - fixed packet validation;
  • modem - added USB tethering support for Google Pixel 7 devices;
  • mpls - added VPLS LDP information in remote/local-mappings;
  • mpls - fixed assigning of explicit null label for IPv6;
  • netinstall - added "-i " parameter for Netinstall (CLI Linux);
  • netinstall - fixed Netinstall procedure on RouterBOOT versions from 3.27 to 6.41;
  • netinstall - improved automatic netbooting interface selection;
  • netwatch - added support for "https-get" type (CLI only);
  • netwatch - fixed reporting of VRF name in logging messages;
  • netwatch - improved "interval" and "packet-interval" coexistence for ICMP type;
  • ntp - log error message when server is unreachable;
  • ospf - fixed MD5 checksum calculation;
  • ospf - fixed simple authentication and checksums for NBMA and PTMP links;
  • ospf - fixed simple authentication checksum calculation;
  • ospf - fixed virtual-link address selection for PTP links;
  • ovpn - added "CBC" postfix to AES cipher names;
  • ovpn - added "route-nopull" option for client side;
  • ovpn - added hardware acceleration support for IPQ-6010;
  • ovpn - added support for IPv6 tunneling;
  • ovpn - fixed "Called-Station-Id" usage in RADIUS requests;
  • package - fixed missing menus when both "lora" and "wifiwave2" packages are installed;
  • ping - fixed ARP ping;
  • port - added serial port support for Telit FN990 modem;
  • port - do not show unusable USB port on hAP ax^2;
  • port - fixed R11e-LTE6 port mapping;
  • ppp - changed default lease time of dynamic DHCPv6 server to 1 day;
  • ppp - do not inherit routing mark for encapsulated packets;
  • ppp - fixed displaying of "info" command for PPP client;
  • ppp - improved authentication method negotiation;
  • pppoe - improved service stability when establishing PPPoE sessions;
  • quickset - fixed addition of bridge filter rules in bridged mode;
  • quickset - fixed interface list member table on configuration changes;
  • quickset - update DNS server IP address when changing router's IP address;
  • rb4011 - fixed reporting of current CPU frequency and changed default frequency to "auto";
  • sfp - added 2.5G SFP module support for RB5009;
  • sfp - allow usage of "10G Base-LR" mode for XS+31LC10D module;
  • snmp - added support for "lldpRemLocalPortNum" OID's;
  • snmp - improved stability when receiving bogus packets;
  • ssh - added support for Ed25519 key exchange;
  • ssh - do not allow SHA1 usage with strong crypto enabled;
  • ssh - fixed handling of non standard size RSA keys;
  • supout - added MSTI and mst-override monitor for bridge MSTP;
  • supout - added missing IPv6 firewall sections;
  • switch - avoid packet corruption in some setups for 98DX3257, 98DX3255, 98DX4310, 98DX8525 and 98PX1012 switches;
  • switch - fixed SFP Tx disable when changing auto-negotiation settings for 98DXxxxx and 98PX1012 switches;
  • switch - fixed egress mirror for 98DX4310 and 98DX8525 switches;
  • switch - hide invalid settings for 98DX3255 and 98DX8525 switch chips;
  • switch - improved 10G, 25G and 40G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98DX8525, 98PX1012 switches;
  • switch - improved 10G, 25G and 40G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
  • switch - improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
  • switch - improved 10Gbps Ethernet interface stability for 98DX8212 switch;
  • switch - improved 25G interface stability for 98PX1012, 98DX4310 and 98DX8525 switches (introduced in v7.6);
  • switch - increased the maximum value of "rate" for ACL rules;
  • swos - fixed "allow-from-ports" setting;
  • swos - fixed SwOS configuration changes from RouterOS;
  • swos - improved default SwOS backup file name;
  • system - allow up to 4GB of RAM allocation per process on x86, ARM64 and TILE;
  • system - improved handling of user policies;
  • timezone - updated timezone information from "tzdata2022g" release;
  • tr069-client - updated data model to version 2.15;
  • traffic-flow - fixed sending of sampling interval;
  • tunnels - added VRF support for EoIP, IPIP and GRE tunnels;
  • vpls - expose VPLS related debug logs to "vpls" logging topic;
  • vrrp - always use slave interface MTU;
  • vrrp - improved interface stability on configuration changes;
  • vxlan - added "local-address" parameter support;
  • vxlan - added VRF support;
  • w60g - improved system stability for Cube Pro devices;
  • webfig - ensure login page is displayed after each log out;
  • webfig - fixed accessing of WebFig when "Interface" menu is disabled by skin;
  • webfig - fixed displaying of VRF routes;
  • webfig - fixed input validation for "VPLS ID" parameter;
  • webfig - fixed setting of "DHCP Option Set" parameter;
  • webfig - improved WEB caching capabilities;
  • webfig - properly detect current location for navigation buttons;
  • webfig - properly show limited number of available options;
  • wifiwave2 - added "datapath" settings to configure data forwarding for an interface (CLI only);
  • wifiwave2 - added "ft-preserve-vlanid" parameter to control whether to change VLAN ID after FT;
  • wifiwave2 - added "provisioning" menu to automatically assign interface configurations to radios (CLI only);
  • wifiwave2 - added disable/enable commands to configuration profile sub-menus (CLI only);
  • wifiwave2 - added information of per-station throughput in the registration table;
  • wifiwave2 - added initial CAPsMAN support (only compatible with wifiwave2 interfaces) (CLI only);
  • wifiwave2 - added interworking/Hotspot 2.0 support (CLI only);
  • wifiwave2 - added more informative log messages on configuration profile changes;
  • wifiwave2 - added option to set per-client vlan-id in access list (only supported on 802.11ax interfaces) (CLI only);
  • wifiwave2 - do not permit a client device to be connected to more than one interface at a time;
  • wifiwave2 - fixed "radio-mac" provisioning matcher;
  • wifiwave2 - fixed 4-way handshake with TKIP;
  • wifiwave2 - improved compliance with regulatory domain information;
  • wifiwave2 - improved general system stability;
  • wifiwave2 - improved system stability when multiple virtual AP are configured;
  • wifiwave2 - properly report interface on which traffic is received when multiple station interfaces are used concurrently;
  • wifiwave2 - released packages for MMIPS, PPC, TILE and x86;
  • wifiwave2 - removed maximum limit for group key update interval and changed the default to 1 day;
  • winbox - added "Active" prefix for current "Circuit ID" and "Cookie Length" fields for L2TP-Ether interfaces;
  • winbox - added "Make Static" button to "IP/DHCP Server/Leases" menu;
  • winbox - added "bus" parameter for "USB Power Reset" command on Chateau ax;
  • winbox - added missing "force" parameter for new "IP/DHCP Server/Options" entries;
  • winbox - added missing "vlan-id" column under "IP/Hotspot/Hosts" table;
  • winbox - do not show LACP related status parameters for other bonding types;
  • winbox - fixed default MTU value for CAP interfaces;
  • winbox - fixed minor typo in "Zerotier" menu;
  • winbox - improved handling of large WinBox protocol messages;
  • winbox - increased maximum number of Winbox read-only sessions 5->25;
  • winbox - properly save "Interfaces/Detect Internet/Detect Internet State" menu in session file;
  • winbox - removed bogus VRF tab from "Interface" menu;
  • winbox - show "Switch" menu on Chateau 5G ax;
  • winbox - show "Switch" menu on NetFiber 9;
  • winbox - show "System/Health/Settings" only on boards that have configurable values;
  • winbox - show "System/RouterBOARD/Mode Button" on devices that have such feature;
  • winbox - show "USB Power Reset" menu on Chateau 5G ax;
  • winbox - show dynamic comment in WifiWave2 registration table;
  • wireless - fixed "nstreme" related parameter control in skins;
  • wireless - fixed setting of realms interworking parameter if realms-raw is unset;
  • x86 - added support for SUN 10G NICs;
  • x86 - improved igc driver support.

Полезные материалы по MikroTik

Чек-лист по настройке MikroTik
Проверьте свою конфигурацию по 28-ми пунктам. Подходит для RouterOS v6 и v7. Дата публикации: 2023.

На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. В апреле и мае 2023 будут разбираться темы Wi-Fi и QoS. Подписывайтесь


Источник — https://mikrotik.wiki/w/index.php?title=MikroTik_RouterOS_7.7.x_(stable)&oldid=11854