Search changelog entries
| Component | Change |
|---|---|
| certificate | do not download CRL if there is not enough free RAM; |
| certificate | fixed handling of capsman-cap certificates (introduced in v7.16); |
| dhcpv4-server/relay | added additional error messages for DHCP servers and relays; |
| dns | fixed lookup order for static DNS entries (introduced in v7.16.1); |
| ethernet | improved linking after reboot for hAP ax lite devices ("/system routerboard upgrade" required); |
| gps | changed default GPS antenna setting for LtAP mini with internal LTE/GPS combo antenna; |
| leds | fixed bogus argument for "leds" property (introduced in v7.16); |
| leds | fixed PoE-in LEDs for CRS318-1Fi-15Fr-2S device; |
| modem | KNOT BG77 modem, improved handling of modem unexpected restarts; |
| route | fixed possible issue with inactive routes after reboot (introduced in v7.16); |
| routerboot | improved stability for IPQ8072 and IPQ6010 when flash-boot is used ("/system routerboard upgrade" required); |
| Component | Change |
|---|---|
| bridge | added priority setting to manually elect primary MLAG peer; |
| container | do not log start, end events unless logging is enabled; |
| log | fixed e-mail logging (introduced in v7.16); |
| lte | improved recovery after unexpected modem reboot for Chateau's 5G and 5G R16 series devices (additional fixes); |
| netwatch | added "ignore-initial-up" and "ignore-initial-down" properties; |
| netwatch | fixed multiple variables; |
| poe-out | improved PoE-out configuration handling when doing reset-configuration command; |
| ptp | fixed packet receive with enabled igmp-snooping; |
| romon | send uptime in discovery; |
| route | improved stability with static route configuration; |
| winbox | added "Copy to Access List" option under "WiFi/Registration" menu; |
| winbox | added "Max Entries" and "Total Entries" properties under "IP/Firewall/Connections/Tracking" menu; |
| winbox | added missing "bus" option for compatible devices under "System/RouterBOARD/USB Power Reset" menu; |
| winbox | hide LCD menu for devices without display; |
| winbox | hide LTE "External Antenna" menu for devices without switchable antenna option; |
| winbox | show "FEC" property on status tab for interfaces that use it; |
| winbox | updated properties and behavior under "Switch/QoS" menu; |
| Component | Change |
|---|---|
| bridge | fixed bridge packet transmit if dhcp-snooping is enabled (introduced in v7.17beta5); |
| disk | added mount-read-only and mount-filesystem options to allow read-only mounts and prevent mounting device at all (CLI only); |
| firewall | improved matching from deeply nested interface-lists (additional fixes); |
| ipv6 | added support for manual link-local address configuration; |
| lte | improved recovery after unexpected modem reboot for Chateau's 5G and 5G R16 series devices; |
| port | display a warning when using invalid log-file with the "remote-access" feature; |
| ptp | fixed DSCP values for IPv4 packets; |
| ptp | fixed synchronization on QSFP28 interfaces (additional fixes); |
| qos-hw | allow to disable/enable profiles, disabled or removed profile gets replaced with the default (additional fixes); |
| routerboot | improved stability for IPQ8072 and IPQ6010 when flash-boot is used ("/system routerboard upgrade" required); |
| smb | stability improvements for client/server (additional fixes); |
| supout | do not create autosupout.rif for second time after system reboot; |
| tftp | improved stability; |
| winbox | improved stability; |
| Component | Change |
|---|---|
| bonding | hide mlag-id property on non-compatible devices; |
| bridge | added message for inactive port reason; |
| bridge | added priority setting to manually elect primary MLAG peer (CLI only); |
| bridge | fixed MVRP registrar and applicant port options; |
| bridge | prioritize MAC selection from Ethernet interfaces when using auto-mac feature; |
| bridge | re-synchronize MLAG system-id when bridge MAC changes; |
| bridge | update dynamic MSTI priority value when changing configuration; |
| certificate | do not download CRL if there is no enough free RAM; |
| certificate | do not show not relevant values for certificate template (CLI only); |
| certificate | removed unstructured address field support; |
| chr | added Chelsio VF driver for PCIID 5803; |
| console | added json.no-string-conversion to :serialize; |
| console | increased w60g scan-list size to 6; |
| console | show system-id in export for CHR; |
| container | fixed user and group ID range; |
| container | improved container shell; |
| defconf | do not add default password for CAP mode configuration on older Audience devices without a password; |
| detnet | remove dynamic DHCP client creation; |
| device-mode | added "allowed-versions" list which are allowed to be installed without "install-any-version" mode enabled; |
| device-mode | added routerboard, install-any-version and partitions features; |
| device-mode | limit device-mode update maximum allowed attempt count which can be reset only with reboot or button press; |
| device-mode | provide more precise device-mode update action printout; |
| dhcp-server | improved stability (introduced in v7.17beta4); |
| dhcp-server | use single RADIUS accounting session for IPv4 and IPv6 when dual stack is used (additional fixes); |
| dhcpv6-client | improved system stability when DHCPv6 client is enabled on non-existing interface; |
| dhcpv6-client | log message when response with invalid transaction-id received; |
| dhcpv6-server | added IPv6 address delegation support; |
| dhcpv6-server | improved system stability when removing actively used DHCPv6 server; |
| disk | add support for SWAP, currently allowed on any block device with "set x swap=yes" when container package is installed (CLI only); |
| disk | added "type=file" for file-based block devices, useful for using file as a swap, or when having file-based filesystem images (CLI only); |
| disk | added btrfs filesystems list (CLI only); |
| disk | auto mount iso and squashfs images; |
| disk | fixed managing and cleaning up mount points; |
| disk | fixed raid role auto selection for up to 64 drives; |
| disk | recognize virtual sd* interfaces; |
| disk | show usage as percentage (CLI only); |
| dns | added option to create named DNS servers that can be used as forward-to servers (additional fixes); |
| ethernet | improved linking after reboot for hAP ax lite devices ("/system routerboard upgrade" required); |
| ethernet | improved stability after reboot for Chateau PRO ax; |
| ethernet | improved system stability for CCR2004-1G-2XS-PCIe device; |
| firewall | added support for random external port allocation; |
| firewall | improved matching from deeply nested interface-lists; |
| ftp | added VRF support; |
| gps | LtAP mini, change default GPS antenna for new devices; |
| iot | added additional debug for LoRa logging; |
| iot | added support for USB Bluetooth dongles (LE 4.0+) which enables Bluetooth functionality; |
| iot | LoRa LNS improvement; |
| iot | modbus rework which improves Tx Rx switching behavior; |
| ipsec | ike2 improved process for policies; |
| lte | disabled ims service for Chateau 5G on operator "3 AT" network (PLMN ID 23205); |
| lte | drop operator selection support for R11e-4G modem as it is unreliable; |
| lte | fixed network registration for R11e-4G modem (introduced in v7.17beta2); |
| lte | fixed SMS sender parsing; |
| lte | improved R11eL-EC200A-EU modem firmware upgrade procedure; |
| lte | improvements to modem "firmware-upgrade" command (additional fixes); |
| lte | MBIM increased assignable APN profile count up to 8 then modem firmware allows it; |
| lte | modem firmware update (FOTA), added support to install provider specific version (additional fixes); |
| lte | set "sms-read=no" and "sms-protocol=auto" as default values; |
| modem | KNOT BG77 modem, improved handling of modem unexpected restarts; |
| netinstall | removed unused "Get key" button; |
| netwatch | fixed IP address variable for DNS probe; |
| ospf | improved stability on configuration update; |
| ovpn-client | added tls-crypt, tls-crypt-v2 support; |
| pimsm | improved system stability after interface disable; |
| poe-out | added low-voltage-too-low status; |
| poe-out | reset PoE-out configuration before reboot when using reset-configuration command; |
| poe-out | upgraded firmware for CRS354-48P-4S+2Q+ device (the update will cause brief power interruption to PoE-out interfaces); |
| port | more detailed print command output, include in "USED-BY" property channel number(s); |
| ppp | add routes in matching VRF; |
| ppp | added support for bridge-port-trusted configuration via ppp profile; |
| ppp | do not print local/remote pool related errors in log when configuration does not require pool usage; |
| ppp | fixed typos in log message; |
| ptp | added PTP support for CRS320-8P-8B-4S+ and CRS326-4C+20G+2Q+ devices; |
| ptp | fixed synchronization on QSFP28 interfaces; |
| romon | added dynamic switch rules on devices supporting it when enabling the service; |
| romon | added interface-list support; |
| route | fixed discourse attribute print; |
| route | fixed possible issue with inactive routes after reboot (introduced in v7.16); |
| routing-filter | fixed subtract and add for numerical values (+x, -x); |
| sfp | fixed 1Gbps supported rate for RB960 and RB962 devices; |
| sfp | improved SFP28, QSFP28 interface stability using DAC cable for CRS520 switch; |
| snmp | added wifi fields to MIKROTIK-MIB (additional fixes); |
| ssh | do not regenerate host key after update from RouterOS version older than 7.9; |
| ssh | fixed password authentication (introduced in v7.17beta2); |
| ssh | improved logging; |
| supout | added BGP advertisements section; |
| switch | fixed storm-rate accuracy on 98DX224S, 98DX226S, and 98DX3236 switch chips; |
| switch | improved system stability for RB5009 and CCR2004-16G-2S+ devices; |
| switch | updated dynamic switch rules when using HW bridge with IGMP snooping (224.0.0.0/24 and ff02::/16 destination addresses are forwarded and copied to CPU) (additional fixes); |
| vpls | added support for bridge-pvid configuration; |
| webfig | allow download from file details; |
| webfig | reduce flickering when table is sorted by column with duplicate values (additional fixes); |
| wifi | add information to each interface, showing which CAPsMAN manages it or which CAP hosts it when applicable; |
| wifi | added station-roaming support (additional fixes); |
| wifi | fixed failure with "auto" peer update on the OWE interface; |
| wifi-qcom-ac | fix possible conflict between radio and USB initialization on hAP ac2; |
| wifi-qcom-ac | improved CPU load balancing and system stability; |
| winbox | added Enable/Disable buttons under "Tools/Graphing" menus; |
| winbox | allow to edit Ethernet MAC address; |
| winbox | refresh values under "Bridge/VLANs/MVRP Attributes" menu; |
| winbox | renamed wrong invalid interface flag to inactive; |
| x86 | Realtek r8169 updated driver; |
| Component | Change |
|---|---|
| arm64 | fixed for bare-metal servers to be able to access more than 2GB RAM; |
| arm64 | show CPU frequency on bare-metal installations; |
| bridge | correctly display PPP interfaces in VLAN menu; |
| bridge | fixed first host table response for SNMP; |
| bridge | fixed VLAN overlap check; |
| bridge | improved port handling; |
| certificate | fixed handling of capsman-cap certificates (introduced in v7.16); |
| console | added more argument definitions for mac-protocol property; |
| console | execute :return command without error; |
| crypto | improve crypto speeds (additional fixes); |
| crypto | use hardware accelerator for GCM cipher in TLS connection on Alpine CPUs; |
| defconf | changed wireless installation from "indoor" to "any"; |
| defconf | disable 5GHz secondary channel on RB4011; |
| defconf | fixed new port name recognition; |
| device-mode | changed "partition" to allow activate and do not allow repartition (introduced in v7.17beta2); |
| device-mode | clarify message that pressing a button will reboot device; |
| device-mode | limit "/tool/ping-speed" and "/tool/flood-ping" under "traffic-gen" feature; |
| device-mode | show all features and active restrictions with "print" command; |
| dhcp-relay | added "local-address-as-src-ip" property; |
| dhcp-server | use interface ID for NAS-Port and added interface name to NAS-Port-ID attribute in RADIUS requests; |
| dhcp-server | use single RADIUS accounting session for IPv4 and IPv6 when dual stack is used; |
| dhcpv4-client | fixed crash when releasing disabled DHCP client; |
| dhcpv4-server | properly detect DHCP server address when underlying interface has multiple IP addresses configured; |
| dhcpv4-server/relay | added additional error messages for DHCP servers and relays; |
| discovery | added support for LLDP DCBX (additional fixes); |
| disk | added sshfs client to "/disk" menu (CLI only); |
| disk | improve slot naming and improvements for visualizing complex hardware topology; |
| disk | improve test to report zero byte iops; |
| disk | save raid superblock and raid bitmap superblock on member devices in 1.2 format/location; |
| disk | try all NFS versions (4.2,4.1,4.0,3,2) when mounting NFS in that order; |
| dns | added option to create named DNS servers that can be used as forward-to servers (CLI only) (additional fixes); |
| dns | do not look up local cache when executing ":resolve" command with specified "server" parameter (introduced in v7.16); |
| dns | refactored DNS service internal processes; |
| ethernet | log warning only about excessive broadcast (do not include multicast) and reduced log count; |
| file | do not needlessly scan large filesystems, could prevent unmounting; |
| graphing | fixed graphing rule removal (additional fixes); |
| health | changed PSU state from "no-ac" to "no-input"; |
| igmp-proxy | refactored IGMP querier (additional fixes); |
| iot | fixed duplicate LoRa payloads in the traffic tab; |
| iot | limit mqtt publish message size to 32 KB; |
| iot | LoRa traffic tab RSSI now shows proper values for ARM architecture; |
| iot | mqtt improvement to support large payloads and gracefully discard payloads above size limit; |
| iot | removed some LoRa radio related parameters (e.g. RSSI-OFF and Tx-enabled) that were not meant to be changed (additional fixes); |
| ipv6 | added comment property to "/ipv6/nd/prefix" menu; |
| l3hw | improved system stability; |
| l3hw | rate limit error logging; |
| log | added hostname support to remote logging action; |
| log | added regex parameter for log filtering in rules; |
| lte | fixed "default-name" property in export when multiple LTE interfaces are used; |
| lte | fixed "lte monitor" signal reporting for RG520F-EU modem when connected to 5G SA network; |
| lte | fixed "operator" setting for EC200A-EU modem; |
| lte | fixed LTE band setting for SXT LTE 3-7; |
| lte | fixed roaming barring (allow-roaming=no) for EC200A-EU modem; |
| lte | set IPv6 address reporting format in modem init for AT modems and MBIM modems with AT channel; |
| mac-server | allow MAC-Telnet access through any bridged port when bridge interface is allowed; |
| mpls | added fast-path support for VPLS (additional fixes); |
| netwatch | added "ignore-initial-up" and "ignore-initial-down" properties (CLI only); |
| netwatch | fixed probe toggle when adding a comment; |
| ovpn-server | added "user-auth-method" property and allow mschap2 for RADIUS authentication; |
| ppp | added support for bridge-port-pvid configuration via ppp profile (additional fixes); |
| ppp | reuse link-local IPv6 address for static bindings when possible; |
| pppoe | added support for PPPoE server over 802.1Q VLANs (additional fixes); |
| ptp | added PTP support for CRS320-8P-8B-4S+ device; |
| ptp | make PTP process more stable and deterministic when applying configuration; |
| qos-hw | improved PFC behavior (additional fixes); |
| qos-hw | improved WRED and ECN behavior (additional fixes); |
| qos-hw | reworked PCP and DSCP mapping (now supports single, multiple and range values, previous configuration with minimal value mapping is converted to a single value); |
| rip | improved stability when changing metric; |
| route | fixed minor typo in failure message; |
| route | increased interface name length limit in log messages; |
| route | removed possibility for IPv6 routes to specify interface in the dst-address; |
| routerboot | fixed boot MAC for devices with Alpine CPU ("/system routerboard upgrade" required); |
| sfp | improved initialization for certain SFP modules on CRS309 and CRS317 devices ("/system routerboard upgrade" required); |
| smb | stability improvements for client/server (additional fixes); |
| snmp | added wifi fields to MIKROTIK-MIB; |
| ssh | added option to configure SSH ciphers (replaced allow-none-crypto parameter); |
| ssh | improved speed; |
| ssh | prefer GCM ciphers for arm64 and x86 devices when ciphers=auto; |
| storage | preserve permissions,owners,attributes when syncing under "/file/sync"; |
| storage,rsync | fixed to work with clients passing "-a" option; |
| supout | added device-mode section; |
| switch | updated dynamic switch rules when using HW bridge with IGMP snooping (224.0.0.0/24 and ff02::/16 destination addresses are forwarded and copied to CPU) (additional fixes); |
| system | moved "/system/upgrade" to "/system/package/local-update"; |
| vxlan | fixed issue causing to loose IPv6 VTEP address setting; |
| webfig | improved keyboard navigation (additional fixes); |
| webfig | reduce flickering when table is sorted by column with duplicate values (additional fixes); |
| wifi | added extra info to CAPsMAN about message; |
| wifi | fixed "disabled" property in certain cases; |
| wifi | fixed occasional failure to bring up management frame protection and channel switch capabilities; |
| wifi | improved FT roaming with WPA3 for some Apple devices; |
| wifi-qcom | updated regulatory info for Ukraine, Australia and United States; |
| winbox | renamed and moved "System/Auto Upgrade" to "System/Packages" menu; |
| winbox | show MLAG settings for CRS326-4C+20G+2Q+ device; |
| wireless | enable all chains by default for RB911 and RB922 series devices; |