はじめに

9月1日以来のstableがリリースされました。7.11から7.12への切り替わりです。

更新内容

期間も空きましたので更新内容は多いです。

What’s new in 7.12 (2023-Nov-09 09:45):

!) ethernet – changed “advertise” and “speed” arguments, and removed “half-duplex” setting under “/interface ethernet” menu;
!) health – removed “temperature” health entry from boards, where it was the same as “sfp-temperature”;
!) sfp – convert configuration to support new link modes for SFP and QSFP type of interfaces;
*) api – fixed fetching objects with warning option from REST API;
*) bfd – fixed sessions when setting VRF;
*) bfd – improved system stability;
*) bgp – fixed “atomic-aggregate” always set in output;
*) bgp – fixed “input.filter-chain” argument selection in VPN configuration;
*) bgp – fixed local and remote port settings for BGP connections;
*) bgp – fixed typos and missing spaces in log messages;
*) bgp – implemented IGP metric sending in BGP messages;
*) bgp – improved logging;
*) bgp – increase “hold-time” limit to 65000;
*) bluetooth – added basic support for connecting to BLE peripheral devices;
*) bluetooth – use “g” units when decoding MikroTik beacon acceleration on peripheral devices menu;
*) bridge – fixed fast-path forwarding with HW offloaded vlan-filtering (introduced in v7.11);
*) bridge – fixed untagged VLAN entry disable;
*) bridge – fixed vlan-filtering stability with HW and non-HW offloaded ports (introduced in v7.10);
*) bridge – improved system stability;
*) bridge – improved vlan-filtering bridge stability with CAPsMAN (introduced in v7.11);
*) bth – added “Back To Home” VPN service for ARM, ARM64, and TILE devices;
*) calea – improved system stability when trying to add rules without the CALEA package;
*) certificate – allow to get and maintain Let’s Encrypt certificate in IPv6 environment;
*) certificate – allow to remove issued certificates when CRL is not used;
*) certificate – fixed “subject-alt-name” duplicating itself when SCEP is used;
*) certificate – fixed certificate auto renewal via SCEP;
*) certificate – improved certificate validation logging error messages;
*) certificate – log CRL HTTP errors under the “error” logging topic;
*) chr – iavf updated driver to 4.9.1 version;
*) chr – increased OVA default RAM amount from 160MB to 256MB;
*) console – added “:jobname” command;
*) console – added “as-string” and “as-string-value” properties for “get” command;
*) console – added “terminal/ask” command;
*) console – added “transform” property for “:convert” command;
*) console – display “End-User License Agreement” prompt after configuration reset;
*) console – export required properties with default values;
*) console – fixed scheduler “on-event” script highlighting when editing;
*) console – improved “:totime” and “:tonum” commands and added “:tonsec” command for time value manipulation;
*) console – improved multi-argument property parsing into array;
*) console – improved randomness for “:rndstr” and “:rndnum” commands;
*) console – improved stability and responsiveness;
*) console – improved stability when editing long scripts;
*) console – improved stability when using “special-login”;
*) console – improved system stability through RoMON session;
*) console – improved system stability when using autocomplete;
*) console – improved system stability;
*) console – restrict permissions to “read,write,reboot,ftp,romon,test” for scripts executed by DHCP, Hotspot, PPP and Traffic-Monitor services;
*) console – show full date and time in scheduler “next-run” property;
*) dhcp – fixed DHCP server and relay related response delays;
*) email – rename “address” property to “server”;
*) ethernet – added “supported” and “sfp-supported” values for “monitor” command;
*) firewall – added “ein-snat” and “ein-dnat” connection NAT state matchers for filter and mangle rules;
*) flash – show more accurate “total-hdd-space” resource property;
*) gps – expose GPS port for Quectel EM12-G (vendor-id=”0x2c7c”, device-id=”0x0512″);
*) ike1 – fixed invalid key length on phase1 negotiation;
*) ike1 – log an error when non-RSA keys are being used;
*) ike2 – improved rekey collision handling;
*) interface – added “macvlan” interface support;
*) iot – fixed an issue where applying a script to GPIO pin caused GPIO to stop working;
*) iot – fixed behavior where GPIO output state would change on boot;
*) ipsec – fixed Diffie-Hellman public value encoding size;
*) ipsec – fixed IPSec policy when using modp3072;
*) ipsec – fixed minor typo in logs;
*) ipsec – reduce disk writes when started without active configuration;
*) ipv6 – fixed IPv6 RA delay time from 5s to 500ms according to RFC;
*) ipv6 – send RA and RA deprecate messages out three times instead of just once;
*) l3hw – fixed IPv6 route suppression;
*) l3hw – improved system stability during IPv6 route offloading;
*) l3hw – prioritize local IP addresses over the respective /32 and /128 routes;
*) led – fixed “interface-status” configuration for virtual interfaces;
*) led – fixed 5G modem mobile network category LED colours;
*) leds – added “dark-mode” functionality for RBwAPG-5HacD2HnD;
*) leds – added “wireless-status” and “wireless-signal-strength” configuration types for wifiwave2 interfaces;
*) log – improved logging for user actions;
*) lora – added LNS protocol support;
*) lte – added at-chat support and increased wait time on modem at-chat for Dell DW5821e, DW5821e-eSIM, DW5829e and DW5829e-eSIM;
*) lte – added SINR reporting for FG621-EA modem;
*) lte – changed R11e-LTE ARP behavior to NoArp;
*) lte – fixed 5G data-class reporting for Chateau 5G;
*) lte – fixed APN authentification in multi APN setup for R11e-LTE6;
*) lte – fixed FG621-EA possible timeouts during firmware upgrade;
*) lte – fixed IPv6 prefix for MBIM modems in multi-apn setup when IPv6 APN used as not first APN;
*) lte – fixed RSSI for FG621-EA modem to show the correct value;
*) lte – fixed Sierra modem detection for modems with vendor-specific USB descriptors;
*) lte – fixed Sierra modem initialization;
*) lte – fixed startup race condition when SIM card is in “up” slot for LtAP mini;
*) lte – fixed sub-interface auto-removal in multiple APN setups;
*) lte – show correct data class when connected to 5G SA network;
*) lte – use more compact logging messages;
*) modbus – added additional security settings for Modbus TCP;
*) mpls – added option to match and set MPLS EXP with bridge and mangle rules;
*) mpls – fixed “propagate-ttl=no” setting;
*) mpls – improved FastPath next-hop selection hash algorithm;
*) mqtt – added on-message feature for subscribed topics;
*) mqtt – added parallel-scripts-limit parameter to set maximum allowed number of scripts executed at the same time;
*) mqtt – added wildcard topic subscription support;
*) netinstall – added option to discard branding package;
*) netinstall – display package filename in GUI Description column if package description is not specified;
*) netinstall-cli – added empty configuration option “-e”;
*) netinstall-cli – added option to discard branding package;
*) netinstall-cli – allow “.rsc” script filenames;
*) netinstall-cli – prioritise interface option over address option;
*) netinstall-cli – updated configuration option description;
*) netwatch – decreased “thr-tcp-conn-time” maximum limit to 30 seconds;
*) ospf – fixed adding ECMP routes;
*) ospf – fixed BFD on virtual-link with configured VRF;
*) ospf – fixed OSPFv3 authentication header length calculation;
*) ospf – fixed OSPFv3 not working with NSSA areas;
*) ospf – fixed parsing of opaque LSAs used by TE;
*) ospf – fixed translated NSSA routes not showing in backbone;
*) ovpn – added “tls-auth” option support for imported .ovpn profiles;
*) ovpn – improved system stability;
*) pimsm – fixed BSR update process;
*) pimsm – fixed UIB update process;
*) pimsm – improved system stability;
*) poe-out – driver optimization for AF/AT controlled boards;
*) poe-out – fixed rare CRS328 poe-out menu and poe-out port config loss after reboot;
*) poe-out – improved “auto” mode for devices with single PoE-out port;
*) poe-out – removed “auto” mode support for L009 devices;
*) port – add support for Huawei MS237h-517;
*) port – expose NMEA/DIAG ports for Dell DW5821e and DW5821e-eSIM;
*) qsfp – added 50Gbps rate support for QSFP28 interfaces;
*) qsfp – fixed incorrect QSFP temperature readings in negative temperature;
*) qsfp – improved auto link detection for AOC cables;
*) qsfp – use sub-interface configuration for establishing link (for 40Gbps and 100Gbps links, all sub-interfaces must be enabled);
*) quickset – fixed “LAN” interface list members if configuration does not contain bridge;
*) rip – added BFD support;
*) rip – fixed session not working in VRF;
*) route – added “single-process” configuration setting, enabled by default on devices with 64MB or less RAM memory;
*) route – added “suppress-hw-offload” setting for IPv6 routes;
*) route – fixed gateway after link restart;
*) route – removed deprecated “received-from” property;
*) route – reverse community “delete” and “filter” command behavior;
*) routerboard – added “reset-button” support for RB800, RB1100 and RB1100AHx2 devices;
*) routerboard – fixed “reset-button” support for wAP ac and wAP R ac devices;
*) sfp – added 5Gbps rate for SFP+ interface on 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) sfp – fixed missing “rx-power” monitor with certain modules (introduced in v7.10);
*) sfp – fixed occasional bad EEPROM data reading for L009 devices;
*) sfp – improved interface stability for SFP and QSFP types of interfaces;
*) sfp – improved system stability with certain modules for 98DX224S, 98DX226S, 98DX3236, 98DX8216 and 98DX8208 switch chips;
*) snmp – changed “mtxrGaugeValue” type to integer;
*) ssh – added support for user ed25519 public keys;
*) ssh – allow to specify key owner on import;
*) ssh – fixed SSH tunnel performance (introduced in v7.10);
*) ssh – improved connection stability when pasting large chunks of text into console;
*) supout – added interface list members section;
*) supout – added LLDP power to supout.rif;
*) supout – fixed BFD section;
*) switch – improved resource allocation for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) switch – improved switch chip stability for CCR2004-16g-2s+ devices;
*) system – fixed process multithreading (introduced in v7.9);
*) system – improved system stability during booting for L009 devices;
*) system – improved system stability when MD5 checksums are used;
*) tftp – fixed empty file name matching;
*) tile – improved system stability when using queues;
*) traffic-generator – added “priority” property for “inject” command;
*) traffic-generator – fixed traffic-generator on CHR and x86;
*) usb – added support for RTL8153 USB ethernet on ARM, ARM64 and x86;
*) vrf – limit maximum VRFs to 1024;
*) vxlan – improved system stability for Tile devices;
*) webfig – fixed “Days” property configuration change under “IP/Firewall” menu;
*) webfig – fixed timezone for interface “Last Link Down/Up Time”;
*) webfig – improved Webfig performance and responsiveness;
*) webfig – try to re-establish connection after disconnect;
*) wifiwave2 – added an alternative QoS priority assignment mechanism based on IP DSCP;
*) wifiwave2 – added comment property for registration-table;
*) wifiwave2 – added station-bridge interface mode;
*) wifiwave2 – correctly add interface to specified “datapath.interface-list”;
*) wifiwave2 – do not show default “l2mtu” on compact export;
*) wifiwave2 – enable changing interface MTU and L2MTU;
*) wifiwave2 – fixed malformed Interworking packet elements;
*) wifiwave2 – fixed PTK renewal for interfaces in station mode;
*) wifiwave2 – fixed re-connection failures for 802.11ax interfaces in station mode;
*) wifiwave2 – fixed sniffer command not receiving any QoS null function frames when using 802.11ax radios;
*) wifiwave2 – fixed untagged VLAN 1 entry when using “vlan-id” setting together with vlan-filtering bridge;
*) wifiwave2 – fixed warning on CAP devices when radar detected;
*) wifiwave2 – implemented an option to transmit IP multicast packets as unicasts;
*) wifiwave2 – improved compliance with regulatory requirements;
*) wifiwave2 – limit L2MTU to 1560 until a fix is available for a bug causing interfaces to fail transmitting larger frames than that;
*) wifiwave2 – list APs with a higher maximum data rate as more preferable roaming candidates;
*) wifiwave2 – log more information regarding authentication failures;
*) wifiwave2 – make 4-way handshake procedure more robust when acting as supplicant (client);
*) wifiwave2 – use CAPsMAN’s “datapath.vlan-id” on CAP for bridge port “pvid”;
*) winbox – added “Addresses” property under “Routing/BFD/Configuration” menu;
*) winbox – added “BUS” property for USB Power Reset button for LtAP-2HnD and CCR1072;
*) winbox – added “Comment” under “Routing/BFD/Configuration” menu;
*) winbox – added “g” flag under “IPv6/Routes” menu;
*) winbox – added “Host Key Type” setting under “IP/SSH” menu;
*) winbox – added “Key Owner” setting under “System/User/SSH Keys” and “System/User/SSH Private Keys” menus;
*) winbox – added “Name Format” property under “WifiWave2/Provisioning” menu;
*) winbox – added “Remote Min Tx” parameter under “Routing/BFD/Session” menu;
*) winbox – added “Startup Delay” setting under “Tools/Netwatch” menu;
*) winbox – added “USB” button under “System/RouterBOARD” menu for LtAP-2HnD;
*) winbox – added “Use BFD” setting under “Routing/RIP/Interface-Template” menu;
*) winbox – added Enable/Disable button under “Routing/RIP/Static Neighbors” menu;
*) winbox – added missing properties under “WifiWave2” menu;
*) winbox – added MQTT subscription menu;
*) winbox – allow to change port numbers for SCTP, DCCP, and UDP-LITE protocols under “IP/Firewall” menus;
*) winbox – allow to set multiple addresses and added IPv6 support under “Interface/VETH” menu;
*) winbox – allow to specify server as DNS name under “Tools/Email” menu;
*) winbox – changed “MBR Partition Table” checkbox to unchecked by default under “System/Disks/Format-Drive” menu;
*) winbox – do not show “F” flag for disabled entries under “IP/Routes” menu;
*) winbox – fixed “Address” property under “WifiWave2/Remote-CAP” menu;
*) winbox – fixed “Do” property under “Routing/Filters/Select Rule” menu;
*) winbox – fixed “Group Key Update” maximum value under “WifiWave2/Security” menu;
*) winbox – fixed “Range” property under “Routing/Filters/Num Set” menu;
*) winbox – fixed “Switch” menu for CCR2004-16G-2S+;
*) winbox – fixed entry numbering and ordering under “WifiWave2/Provisioning” menu;
*) winbox – fixed minor typos;
*) winbox – improved support for certain properties under “WifiWave2/Interworking Profiles” menu;
*) winbox – rename “DSCP” setting to “DSCP (+ECN)” under “Tools/Traffic-Generator/Packet-Templates” menu;
*) winbox – rename “Name” setting to “List” under “IP,IPv6/Firewall/Address-List” menu;
*) winbox – rename “Password” button to “Change Now” under “System/Password” menu;
*) winbox – show “unknown” value for “FS” property under “System/Disks” menu if the data is not available;
*) wireguard – added “auto” and “none” parameter for “private-key” and “presharde-key” parameters;
*) wireguard – added “wg-export” and “wg-import” functionality (CLI only);
*) wireguard – allow to specify client settings under peer menu which will be included in configuration file and QR code;
*) wireguard – request public or private key to be specified in order to create peer;
*) wireless – added more “radius-mac-format” options (CLI only);
*) wireless – fixed malformed Interworking packet elements;
*) www – fixed allowed address setting for REST API users;
*) www – fixed fragmented POST data for SCEP service;
*) x86 – added support for Mellanox ConnectX-6 Dx NIC;
*) x86 – i40e updated driver to 2.23.17 version;
*) x86 – igb updated driver to 5.14.16 version;
*) x86 – igbvf updated driver from in-tree Linux kernel;
*) x86 – igc updated driver to 5.10.194 version;
*) x86 – ixgbe updated driver to 5.19.6 version;
*) x86 – Realtek r8169 updated driver;
*) x86 – updated latest available pci.ids;