MikroTik RouterOS 7.8.x (stable)

Материал из MikroTik Wiki

Подробное описание изменений в MikroTik RouterOS 7.8.x. Официальный список исправленных ошибок, добавленного функционала и прочих доработок. Дата выхода первого набора изменений – 24 февраля 2023, дата выхода последнего набора изменений – 24 февраля 2023.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315

MikroTik RouterOS 7.8

Дата выхода: 24 февраля 2023.

Изменения:

  • storage - added new "rose-storage" package support for extended disk management and monitoring functionality (ARM, ARM64, Tile and x86) (CLI only);
  • bgp - fixed setting of "default-prepend" parameter;
  • bridge - fixed adding disabled MSTI;
  • bridge - fixed DHCP packet flow when using DHCP snooping, HW offloading and "use-ip-firewall";
  • bridge - fixed possible DHCP packet corruption when using DHCP snooping;
  • bridge - fixed PVID warning typo;
  • bridge - improved HW offloading logic;
  • certificate - fixed export of a certificate when the last line of the certificate is exactly 64 bytes long;
  • certificate - fixed PBES2 certificate import;
  • certificate - improved certificate management, signing and storing processes;
  • certificate - improved multiple certificate import process;
  • conntrack - improved system stability when changing connection tracking state;
  • conntrack - improved system stability when PPTP helper is used;
  • console - added "as-string" parameter to the ":execute" command;
  • container - added authentication option for registry (CLI only);
  • container - fixed ".type" file ownership;
  • container - fixed file ownership after system upgrade for containers running on internal disk;
  • container - fixed multiple container automatic startup on boot;
  • dhcpv4-client - send DHCPv4 unicast requests to DHCPv4 relay, instead of server when it is being used;
  • disk - limit maximum TMPFS size;
  • dns - added configurable DoH concurrent query limitation parameters;
  • dns - do not cache results from ":resolve" command with specific server;
  • dns - fixed CNAME reading from the cache;
  • dns - limited "DoH max concurrent queries reached" logging messages to once per minute;
  • dns - respond with "NOERROR" to DNS requests for static domain names when appropriate type record is not configured or found on upstream server;
  • firewall - fixed bridge priority target;
  • firewall - fixed DSCP priority target for IPv6 Mangle;
  • firewall - fixed netmap range maximum address calculation for IPv6 NAT;
  • graphing - fixed hiding of target queues when "allow-target" is disabled;
  • graphing - fixed sorting of interface and queue graphs;
  • graphing - properly handle disabled and static-binding interface graphs;
  • graphing - removed "move" command for graphing rules;
  • health - fixed "temperature" and "power-consumption" readings for RB1100AHx4;
  • hotspot - fixed setting of "address" parameter for IP binding;
  • hotspot - restore cookie timeout on reboot;
  • ike2 - added support for "address", "key-id" and "dn" for Remote ID matching (CLI only);
  • ike2 - fixed active SA flush on responder after an unsuccessful peer connection attempt;
  • ipsec - added support for "Framed-Route" RADIUS attribute support;
  • ipsec - do not match incoming IKE requests by unresolved DNS name peers;
  • ipsec - fixed peer matcher for incoming connection with unresolved DNS;
  • ipv6 - added "pref64" option configuration for RA;
  • ipv6 - improved handling of "advertise" IPv6 address status changes;
  • ipv6 - limited "hop-limit" parameter value range to 255;
  • ipv6 - made distributed DNS lifetime RFC8106 compliant;
  • l3hw - added destination MAC address check for offloaded FastTrack connections;
  • led - fixed signal reading for KNOT device;
  • leds - always require to set interface name when setting "modem-signal" indication;
  • lte - added AT support for Telit LE910C4 in MBIM mode;
  • lte - fixed APN setting usage on initial connection attempt for AT based Quectel and Neoway modems;
  • lte - fixed automatic antenna selection on Chateau LTE12/LTE18;
  • lte - fixed dialing for Fibocom L850-GL module;
  • lte - fixed displaying of "subscriber-number";
  • lte - fixed possible memory leak when using passthrough mode on Chateau 5G;
  • lte - improved AT port matching for SIMCom, Huawei, WeLink, Cinterion, BandLuxe and Sierra modems;
  • lte - improved modem detection speed in lower mini-PCIe slot on LtAP;
  • lte - improved stability for R11e-LTE6, skip connection reset on first EEMGINFO command timeout;
  • lte - LtAP improved modem detection in lower mini-PCie slot ("/system routerboard upgrade" required);
  • lte - parse USSD even if encoding is unsupported;
  • mpls - fixed handling of more than 9 VRF's;
  • mpls - fixed LDP listen socket creation before IPv6 address is ready for use;
  • mpls - improved stability when neighboring router reboots;
  • ospf - fixed "ospf-type" parameter for OSPFv3 routes;
  • ospf - fixed simple auth for OSPFv3;
  • ovpn - added AES-GCM and multicore encryption support;
  • ovpn - improved server stability;
  • ovpn - improved TLS-related error logging;
  • pimsm - improved system stability;
  • poe - added LLDP power management support for 802.3at PSE;
  • poe - properly turn off power when link not detected on hAP ax2 and hAP ax3;
  • port - fixed modem channel number on KNOT;
  • pppoe - fixed PPPoE client scan showing only one server;
  • resource - show filesystem related statistics on CCR2004;
  • route - fixed IPv6 default route presence when received from RA;
  • route - fixed printing of routing table's "count-only" parameter;
  • route - show hoplimit and MTU properties under the "/routing route" menu for SLAAC routes;
  • routerboot - fixed format storage for RBM33G device ("/system routerboard upgrade" required);
  • routerboot - fixed protected routerboot for RBM33G device ("/system routerboard upgrade" required);
  • sfp - fixed false link detection with S+RJ10 on RB5009;
  • sfp - fixed reading of SFP EEPROM on single SFP port devices;
  • sfp - improved optical modules SFP compatibility on CCR2004-16G-2S+, CCR2004-1G-12S+2XS, CCR2116-12G-4S+ devices;
  • sms - improved reporting of SMS sending errors;
  • sms - log USSD response when USSD is sent over MBIM;
  • sniffer - added additional filtering parameters;
  • snmp - do not show identity in LLDP when branding is used with hide SNMP data;
  • snmp - fixed handling of disabled routes;
  • snmp - fixed reporting of total number of routes counter;
  • ssh - hard-coded "localhost" address for forwarding requests;
  • ssh - improved system stability when processing none-crypto SSH connection;
  • sstp - fixed TLS session establishment when "connect-to" is DNS name;
  • switch - fixed SFP rate select for CRS354 devices;
  • switch - improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
  • switch - improved system stability for 98DXxxxx switch chips;
  • swos - removed "/system swos" menu for CRS5xx series switches;
  • torch - allow "without-paging" parameter for Torch;
  • traffic-generator - increased maximum allowed stream count;
  • upgrade - show error message when license prohibits upgrade;
  • usb - changed USB auto detect behavior to default to the external USB, when no internal USB devices detected;
  • vxlan - added "dont-fragment" setting that allows managing fragmentation;
  • vxlan - added "max-fdb-size" parameter;
  • vxlan - added FastPath support;
  • webfig - allow setting numeric values in time interval fields;
  • webfig - fixed accessing of WebFig when "Interface" menu is disabled by skin;
  • webfig - fixed editing of multi-field parameters with "not" checkbox;
  • webfig - fixed handling of empty skin files;
  • webfig - improved navigation responsiveness;
  • webfig - improved skin file parsing;
  • webfig - improved terminal operation;
  • webfig - properly escape all reserved URI characters;
  • webfig - updated WebFig and graph web pages to HTML5;
  • wifiwave2 - added wireless sniffer tool to capture wireless transmissions (CLI only);
  • wifiwave2 - adjust monitoring of station interfaces to report when an interface is authorized, not just connected;
  • wifiwave2 - enabled additional channels in UNII-3 and UNII-4 bands for Europe and USA on hAP ax^2, hAP ax^3 and Chateau ax;
  • wifiwave2 - fixed compatibility with third-party devices when using SAE hash-to-element authentication with DH groups 20 and 21;
  • wifiwave2 - fixed SAE authentication for interfaces in station mode when trying to connect to APs which require an anti-clogging token (introduced in RouterOS 7.4);
  • wifiwave2 - implement 802.11w management protection SA Query procedures;
  • wifiwave2 - improve protections from denial-of-service attacks on WPA3;
  • winbox - added "Connect" button under "WifiWave2/Scan" menu;
  • winbox - added "Disable/Enable" buttons under "WifiWave2" menu;
  • winbox - added "Match Subdomain" parameter under "IP/DNS/Static" menu;
  • winbox - added "Provision" button under "WifiWave2" menu;
  • winbox - added "Start On Boot" checkbox under "Container" menu;
  • winbox - added "Tx Rate" and "Rx Rate" columns under "WifiWave2/Registration" menu;
  • winbox - added missing properties when setting "Use DoH Server";
  • winbox - added missing WifiWave2 related parameters under "WifiWave2" menu;
  • winbox - added support for manual RAM file system (TMPFS) creation under "System/Disk" menu;
  • winbox - added Type "https-get" parameter under "Tools/Netwatch" menu;
  • winbox - allow selecting bridge for static entries under "Bridge/MDB" menu;
  • winbox - fixed displaying of "Default Prepend" value under "Routing/BGP/Sessions" menu;
  • winbox - fixed displaying of "Tx/Rx CCQ" values under "Wireless/Registration" menu;
  • winbox - fixed displaying of flags under "System/Console" menu;
  • winbox - fixed displaying of multiple character flags;
  • winbox - fixed usage of IPv6 family addresses under "IP/Web Proxy/Access" menu;
  • winbox - hide "TTL" value for static DNS entries with FWD type;
  • winbox - hide unnecessary properties for virtual interfaces under "WifiWave2" menu;
  • winbox - improved mouseover hint for "local" policy under "System/Users/Groups" menu;
  • winbox - rename "Multicast Router" monitoring property to "Is Multicast Router" under "Bridge" menu;
  • winbox - show "Gateway" column by default under "IPv6/Routes" menu;
  • x86 - added support for TP-Link TG-3468;
  • x86 - fixed SR-IOV support for Intel X710 series NIC;
  • x86 - improved Intel 500 series 10G SFP module support;
  • x86 - improved stability for Intel X550 series NIC with SR-IOV;
  • zeroter - fixed routes after VRF change.

Полезные материалы по MikroTik

Углубленный курс "Администрирование сетевых устройств MikroTik"
Онлайн-курс по MikroTik с дипломом государственного образца РФ. Много лабораторных работ с проверкой официальным тренером MikroTik. С нуля и до уровня MTCNA.

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315
На Telegram-канале Mikrotik сэнсей можно получить доступ к закрытой информации от официального тренера MikroTik. Подписывайтесь

ИП Скоромнов Дмитрий Анатольевич, ИНН 331403723315