Search changelog entries
| Component | Change |
|---|---|
| arm64/x86/chr | added Aquantia network driver; |
| bgp | fixed nexthop force-self for IPv4 and IPv6; |
| bgp | fixed withdraw (introduced in v7.20beta2); |
| bgp | improved configuration upgrade from versions prior to 7.20; |
| bgp | make "as" parameter optional in template configuration; |
| console | fixed incorrect multibyte to=num conversions; |
| console | fixed issue where file completion sometimes shows duplicates; |
| dns | improved DNS service stability when using static CNAME records (introduced in v7.20beta4); |
| file | improved file handling performance in WinBox v4 (additional fixes); |
| firewall | added "liberal-tcp-tracking" connection tracking setting; |
| iot | added additional dongle firmwares to iot-bt-extra package; |
| iot | improvement to LoRa band verification logic; |
| license | updated URL for "libcroco" package in the license notice; |
| log | establish a new connection to the remote log server when action settings are edited (e.g. after changing the src-address property); |
| log | fixed memory leak when a connection to remote TCP log server failed; |
| netinstall-cli | recognize RouterOS v6 system package; |
| poe-out | added support for line-interactive and offline UPS on CRS320; |
| poe-out | improved dual-signature detection on CRS320; |
| poe-out | improved short-circuit detection and reporting on CRS320; |
| poe-out | increased maximum power margin for all classes on CRS320; |
| poe-out | upgraded firmware for 802.3at/bt controlled boards (the update will cause brief power interruption to PoE-out interfaces); |
| routing-filter | fixed route origin matcher; |
| sfp | added sfp-power-class and sfp-max-power monitor values for QSFP (additional fixes); |
| ssl/tls | fixed SSL looping behavior when multiple different TLS connections were used; |
| supout | added IP Service section; |
| supout | added VXLAN VTEP section; |
| system | fixed internal service communication procedure when exchanging data about existing objects (introduced in v7.20beta2); |
| vrrp | fixed invalid TCP connection state after failover with enabled sync-connection-tracking; |
| vrrp | improved stability when removing VRRP interface with enabled sync-connection-tracking; |
| vxlan | added checksum and learning properties (additional fixes); |
| vxlan | fixed unset behavior for "local-address" and "bridge" properties; |
| vxlan | prevent socket sharing (cannot create multiple VXLAN interfaces using the same UDP port with different checksum or vtep-vrf settings); |
| vxlan | rename "vrf" setting to "vtep-vrf"; |
| webfig | fixed container parameters; |
| webfig | make combobox accessible to screen readers; |
| wifi | fixed inability to apply steering profile to device's native wifi interfaces; |
| winbox | added missing columns under "System/Users/SSH Keys" menu; |
| winbox | added option to create new entries under "System/Users/SSH Keys" menu (additional fixes); |
| winbox | show all columns under "System/Users/SSH Keys" menu by default; |
| Component | Change |
|---|---|
| arm | improved system stability when processing encrypted traffic; |
| arm64 | increased maximum number of CPU cores to 128; |
| ethernet | improved ethernet stability when handling invalid packets on Alpine CPUs; |
| iot | fixed incorrectly set LoRa channel plan behavior; |
| ipv6 | fixed policy routing; |
| leds | fixed issues after changing "dark-mode" configuration (introduced in v7.19); |
| license | updated URL for "libcroco" package in the license notice; |
| log | output PoE-Out LLDP negotiation to poe,info topic; |
| net | ensure packet sockets from containers do not disable RouterOS fastpath/fasttrack; |
| netinstall-cli | recognize RouterOS v6 system package; |
| port | give "gps" prefix for R11e-LR8G and R11e-LR9G GPS ports; |
| ptp | allow priority1 value of 0 (improves stability when receiving announce messages with priority1 set to 0); |
| routing-filter | fixed route origin matcher; |
| system | improved system stability for CCR2216 device; |
| system | improved system stability when using fasttrack; |
| Component | Change |
|---|---|
| bgp | execute community based decisions before output filter (fixes problem with no-export); |
| bgp | show correctly IPv4 route with IPv6 nexthop in BGP advertisements and route print; |
| bgp-vpn | always prefer local VPN route during selection; |
| bgp-vpn | take into account instance configuration when selecting vpnvX routes (introduced in v7.20beta2); |
| capsman | filter non-installed packages on upgrade (introduced in v7.18); |
| dhcp-client | added option to control broadcast flag for DHCP Discover and Request packets, except when renewing the lease; |
| esim | added option to activate eSIM profile after provisioning; |
| esim | added option to specify activation code for eSIM provisioning; |
| esim | make profile management messages more consistent; |
| evpn | send PMSI attribute; |
| ipv6 | fixed policy routing; |
| leds | fixed issues after changing "dark-mode" configuration (introduced in v7.19); |
| modem | fixed missing SIM/eSIM slot selection on ATL 5G R16 (introduced in v7.20beta2); |
| net | ensure packet sockets from containers do not disable RouterOS fastpath/fasttrack; |
| port | added support for Silicon Labs USB serial adapters (vendor id=0x10C4); |
| ptp | allow priority1 value of 0 (improves stability when receiving announce messages with priority1 set to 0); |
| route | prefer link-local nexthop when both global and local are present; |
| route | show correct route type for ISIS routes; |
| routing-filter | added gw-ll parameter; |
| ssh | fixed non-interactive console command response truncation; |
| supout | removed File section (due to high memory usage and long processing time); |
| Component | Change |
|---|---|
| bfd | fixed socket leak (additional fixes); |
| bgp | automatically create output.network blackhole routes; |
| bgp | do not show router-id error when instance is not active (introduced in v7.20beta2); |
| bgp | refresh WinBox when BGP session is created/deleted; |
| bgp | support for Advertising IPv4 Network Layer Reachability Information (NLRI) with an IPv6 Next Hop; |
| bridge | added dynamic tagged entry named "switch-cpu" in scenarios where the same VLAN spans multiple switch chips or is used on both HW and SW ports (additional fixes); |
| bridge | allow IPv6 FastPath when dhcp-snooping is enabled; |
| dhcp-server | improved logging when dual-stack is enabled but fails to acquire client MAC from DUID; |
| disk | disallow adding SMB share or user with empty name; |
| ethernet | improved ethernet stability when handling invalid packets on Alpine CPUs; |
| ethernet | improved performance for hEX Refresh and hEX S (2025); |
| filesystem | improved calculation of free space on NAND flash (fixes potential "disk is too small" issue); |
| ipsec | fixed responder on key exchange compute failure (introduced in v7.19); |
| lte | AT modems, fixed typos in commands sent to modem when APN with authentication is used (AT+CGAUTH; AT$QCPDPP); |
| lte | do not reconfigure modem if deactive eSIM profile is deleted; |
| lte | exempt eSIM provision from global CRL certificate settings; |
| lte | R11e-LTE and R11e-LTE6, fixed possible crash on device unexpected removal or during RouterOS shutdown; |
| radius | fixed RADIUS client section becoming unresponsive when RadSec is configured, but server is not responding; |
| radius | fixed wrong RadSec port number in logs; |
| radius | properly verify certificate when RadSec is used; |
| route | fixed issue when route table is installed to kernel without fib setting; |
| route | removed fib-reinstall; |
| sfp | fixed low power mode pins on CRS326-4C+20G+2Q+ for optical QSFP modules; |
| supout | added IPv6 NAT section; |
| switch | fixed ACL rules with "redirect-to-cpu" (introduced in v7.20beta2); |
| switch | fixed bonding issues after switch reset (introduced in v7.18); |
| switch | fixed port blocking with spanning tree on EN7523 switch (introduced in v7.19); |
| swos | changed firmware file location (URL) for software update checks; |
| system | improved system stability when processing large amount of traffic; |
| system | improved system stability when using FastTrack; |
| system | reduced RouterOS ARM package size; |
| vrrp | added "connection-tracking-port" and "connection-tracking-mode" settings for "sync-connection-tracking" (additional fixes); |
| wifi | avoid picking 5GHz channels by default which are unlikely to be supported by clients, can be overridden with channel.deprioritize-unii-3-4; |
| winbox | added missing properties to "Container" menu and improved field ordering; |
| winbox | fixed missing warning under "Routing/BGP/Instances" menu; |
| winbox | show/hide corresponding fields when switching RADIUS client mode between RadSec and UDP; |
| Component | Change |
|---|---|
| bridge | allow IPv6 FastPath when dhcp-snooping is enabled; |
| iot | LoRa LNS stability improvement; |
| lte | AT modems, fixed typos in commands sent to modem when APN with authentication is used (AT+CGAUTH; AT$QCPDPP); |
| lte | R11e-LTE and R11e-LTE6, fixed possible crash on device unexpected removal or during RouterOS shutdown; |
| mpls | improved stability when handling VPLS packets; |
| radius | fixed RADIUS client section becoming unresponsive when RadSec is configured, but server is not responding; |
| radius | fixed wrong RadSec port number in logs; |
| radius | properly verify certificate when RadSec is used; |
| sfp | added sfp-power-class and sfp-max-power monitor values for QSFP; |
| supout | added IPv6 NAT section; |
| switch | fixed ACL rules with "redirect-to-cpu" (introduced in v7.19.2); |
| switch | fixed bonding issues after switch reset (introduced in v7.18); |
| switch | fixed port blocking with spanning tree on EN7523 switch (introduced in v7.19); |
| swos | changed firmware file location (URL) for software update checks; |
| system | reduced RouterOS ARM package size; |
| winbox | show/hide corresponding fields when switching RADIUS client mode between RadSec and UDP; |