MikroTik Changelogs

Search changelog entries

7.8beta3 Testing 2023-Feb-01 (3 years ago)
Component Change
bridge fixed adding disabled MSTI;
bridge improved HW offloading logic;
certificate fixed PBES2 certificate import;
certificate improved multiple certificate import process;
console improved ":execute" command to output a string when a file is not specified;
dhcpv4-client send DHCPv4 unicast requests to DHCPv4 relay, instead of server when it is being used;
dns fixed CNAME reading from the cache;
dns respond with "NOERROR" to DNS requests for static domain names when appropriate type record is not configured or found on upstream server;
health fixed "temperature" and "power-consumption" readings for RB1100AHx4;
ike2 fixed active SA flush on responder after an unsuccessful peer connection attempt;
ipsec fixed peer matcher for incoming connection with unresolved DNS;
ipv6 improved handling of "advertise" IPv6 address status changes;
led fixed signal reading for KNOT device;
lte LtAP improved modem detection in lower mini-PCie slot ("/system routerboard upgrade" required);
pimsm improved system stability;
poe added LLDP power management support for 802.3at PSE;
pppoe fixed PPPoE client scan showing only one server;
route added hoplimit and metric parameters to SLAAC routes;
routerboot fixed format storage for RBM33G device ("/system routerboard upgrade" required);
routerboot fixed protected routerboot for RBM33G device ("/system routerboard upgrade" required);
sfp improved optical modules SFP compatibility on CCR2004-16G-2S+, CCR2004-1G-12S+2XS, CCR2116-12G-4S+ devices;
switch fixed "switch-cpu" counters (introduced in 7.8beta2);
usb changed USB auto detect behavior to default to the external USB, when no internal USB devices detected
vxlan added FastPath support;
webfig improved terminal operation;
wifiwave2 adjust monitoring of station interfaces to report when an interface is authorized, not just connected;
wifiwave2 fixed 802.11r fast transition when using wpa3-psk authentication (introduced in 7.8beta2);
winbox added "Connect" button under "WifiWave2/Scan" menu;
winbox added "Disable/Enable" buttons under "WifiWave2" menu;
winbox added "Provision" button under "WifiWave2" menu;
winbox added "Start On Boot" checkbox under "Container" menu;
winbox added "Tx Rate" and "Rx Rate" columns under "WifiWave2/Registration" menu;
winbox added missing cipher properties for OVPN server and client;
winbox added missing filtering properties under "Tools/Packet Sniffer" menu;
winbox added missing properties when setting "Use DoH Server";
winbox added support for manual RAM file system (TMPFS) creation under "System/Disk" menu;
winbox added Type "https-get" parameter under "Tools/Netwatch" menu;
winbox allow selecting bridge for static entries under "Bridge/MDB" menu;
winbox hide "TTL" value for static DNS entries with FWD type;
winbox hide unnecessary properties for virtual interfaces under "WifiWave2" menu;
winbox rename "Multicast Router" monitoring property to "Is Multicast Router" under "Bridge" menu;
zeroter fixed routes after VRF change;
7.8beta2 Testing 2023-Jan-20 (3 years ago)
Component Change
bgp fixed setting of "default-prepend" parameter;
bridge fixed PVID warning typo;
bridge improved HW offloading logic;
certificate improved certificate management, signing and storing processes;
conntrack improved system stability when changing connection tracking state;
container added authentication option for registry (CLI only);
container fixed ".type" file ownership;
container fixed file ownership after system upgrade for containers running on internal disk;
container fixed multiple container automatic startup on boot;
disk limit maximum TMPFS size;
dns added configurable DoH concurrent query limitation parameters (CLI only);
dns do not cache results from ":resolve" command with specific server;
dns limited "DoH max concurrent queries reached" logging messages to once per minute;
firewall fixed bridge priority target;
firewall fixed DSCP priority target for IPv6 Mangle;
firewall fixed netmap range maximum address calculation for IPv6 NAT;
graphing fixed hiding of target queues when "allow-target" is disabled;
graphing fixed sorting of interface and queue graphs;
graphing properly handle disabled and static-binding interface graphs;
graphing removed "move" command for graphing rules;
hotspot fixed setting of "address" parameter for IP binding;
hotspot restore cookie timeout on reboot;
ike2 added support for "address", "key-id" and "dn" for Remote ID matching (CLI only);
ipsec added support for "Framed-Route" RADIUS attribute support;
ipsec do not match incoming IKE requests by unresolved DNS name peers;
ipv6 added "pref64" option configuration for RA;
ipv6 limited "hop-limit" parameter value range to 255;
ipv6 made distributed DNS lifetime RFC8106 compliant;
l3hw added destination MAC address check for offloaded FastTrack connections;
lte added AT support for Telit LE910C4 in MBIM mode;
lte fixed APN setting usage on initial connection attempt for AT based Quectel and Neoway modems;
lte fixed automatic antenna selection on Chateau LTE12/LTE18;
lte fixed dialing for Fibocom L850-GL module;
lte fixed displaying of "subscriber-number";
lte improved AT port matching for SIMCom, Huawei, WeLink, Cinterion, BandLuxe and Sierra modems;
lte improved modem detection speed in lower mini-PCIe slot on LtAP;
lte parse USSD even if encoding is unsupported;
mpls fixed handling of more than 9 VRF's;
mpls fixed LDP listen socket creation before IPv6 address is ready for use;
mpls improved stability when neighboring router reboots;
ospf fixed "ospf-type" parameter for OSPFv3 routes;
ospf fixed simple auth for OSPFv3;
ovpn added AES-GCM and multicore encryption support (CLI only);
poe properly turn off power when link not detected on hAP ax2 and hAP ax3;
port fixed modem channel number on KNOT;
resource show filesystem related statistics on CCR2004;
route fixed IPv6 default route presence when received from RA;
route fixed printing of routing table's "count-only" parameter;
sfp fixed false link detection with S+RJ10 on RB5009;
sfp fixed reading of SFP EEPROM on single SFP port devices;
sms improved reporting of SMS sending errors;
sms log USSD response when USSD is sent over MBIM;
sniffer added additional filtering parameters (CLI only);
snmp do not show identity in LLDP when branding is used with hide SNMP data;
snmp fixed handling of disabled routes;
snmp fixed reporting of total number of routes counter;
ssh hard-coded "localhost" address for forwarding requests;
sstp fixed TLS session establishment when "connect-to" is DNS name;
switch fixed SFP rate select for CRS354 devices;
switch improved system stability for 98DXxxxx switch chips;
torch allow "without-paging" parameter for Torch;
traffic-generator increased maximum allowed stream count;
upgrade show error message when license prohibits upgrade;
vxlan added "dont-fragment" setting that allows managing fragmentation;
webfig allow setting numeric values in time interval fields;
webfig fixed accessing of WebFig when "Interface" menu is disabled by skin;
webfig fixed editing of multi-field parameters with "not" checkbox;
webfig fixed handling of empty skin files;
webfig improved navigation responsiveness;
webfig improved skin file parsing;
webfig properly escape all reserved URI characters;
webfig updated WebFig and graph web pages to HTML5;
wifiwave2 added wireless sniffer tool to capture wireless transmissions (CLI only);
wifiwave2 enabled additional channels in UNII-3 and UNII-4 bands for Europe and USA on hAP ax^2, hAP ax^3 and Chateau ax;
wifiwave2 implement 802.11w management protection SA Query procedures;
wifiwave2 improve protections from denial-of-service attacks on WPA3;
winbox added "Match Subdomain" parameter under "IP/DNS/Static" menu;
winbox added missing WifiWave2 related parameters under "WifiWave2" menu;
winbox fixed displaying of "Default Prepend" value under "Routing/BGP/Sessions" menu;
winbox fixed displaying of "Tx/Rx CCQ" values under "Wireless/Registration" menu;
winbox fixed displaying of flags under "System/Console" menu;
winbox fixed displaying of multiple character flags;
winbox fixed usage of IPv6 family addresses under "IP/Web Proxy/Access" menu;
winbox improved mouseover hint for "local" policy under "System/Users/Groups" menu;
winbox show "Gateway" column by default under "IPv6/Routes" menu;
x86 added support for TP-Link TG-3468;
x86 fixed SR-IOV support for Intel X710 series NIC;
x86 improved Intel 500 series 10G SFP module support;
x86 improved stability for Intel X550 series NIC with SR-IOV;
7.7 Stable 2023-Jan-12 (3 years ago)
Component Change
bgp added comment functionality for BGP VPN (CLI only);
bgp do not reflect route back to sender;
bgp fixed BGP advertisement PCAP saver;
bgp fixed connection establishment using link-local addresses;
bgp improved BGP advertisement printing;
bgp improved BGP session load distribution across multiple CPU cores;
bgp properly set "bgp-ext-communities" from "communities" list;
bluetooth added unique advertise message filtering;
bonding properly detect VPLS interface state changes;
branding fixed identity setting from branding package;
bridge added support for static MDB entries;
bridge disallow port-controller while the bridge has MSTP enabled;
bridge fixed "edge=yes" setting for MSTP;
bridge fixed MSTP compatibility with STP;
bridge fixed R/M/STP bridge identifier on protocol-mode change;
bridge fixed RSTP BCP with bridged PPP interfaces;
bridge fixed STP blocking state on port-controller;
bridge fixed host moving with fast-path;
bridge fixed incorrect root port blocking for MSTP;
bridge fixed master port conversion;
bridge fixed mst-override port priority for MSTP;
bridge fixed port priority for STP and RSTP;
bridge improved port-controller system stability;
bridge improved system stability when using MSTP and many VLAN mappings;
bridge removed "age" monitoring property from the host table;
certificate improved Let's Encrypt logging and error recovery;
certificate improved certificate management, signing and storing processes;
conntrack improved system stability when PPTP helper is used;
conntrack improved system stability when processing SCTP connections on TILE;
console updated copyright notice;
container fixed access to "/dev/stderr" from containers;
container fixed handling of groups and usernames from Dockerfile;
container fixed tar extracting;
container made "ram" and "tmp" directories use tmpfs;
crs1xx/2xx fixed "new-customer-pcp" setting for ACL rules;
dhcpv6-client handle receiving of invalid T1 and T2 times;
discovery added "discovered-by" parameter to indicate which protocol discovered the neighbor;
discovery added "mode" parameter for discovery configuration;
discovery fixed neighbor discovery on Mesh interfaces;
discovery report IPv6 LL address if global address does not exist;
disk added support for manual RAM file system (TMPFS) creation (CLI only);
disk improved external storage file system mounting, formatting and naming;
dns do not query upstream DNS servers for matched regex records;
dns fixed changing of "forward-to" parameter for FWD entries;
dns fixed handling of CNAME entry pointing to another FWD entry;
dns fixed handling of FWD entries where "forward-to" is a hostname;
dns fixed incorrect TTL=0 reporting for cached entries;
dns improved resolved static entry addition to address list;
dns improved service stability when CNAME points to a FWD entry;
dns query upstream DNS servers for other record types even if static entry exists;
dns require "write" policy for DNS cache flushing;
dns respond with lowest TTL for inner queries containing A, AAAA, CNAME chains;
filesystem fixed repartition on devices with containers;
firewall added "set-priority" option for IPv6 mangle firewall;
firewall made "dynamic" parameter settable for IPv4 address lists;
hotspot added "install-hotspot-queue" parameter to control dynamic queue creation;
hotspot fixed maximum allowed connections limitation;
hotspot fixed minor memory leak after each successful login from WEB;
hotspot improved limitation of maximum allowed connections;
hotspot improved system stability when clients migrate between bridge ports or VLANs;
ike1 disallow "remote-id" setting for identity;
ike1 fixed XAuth responder trying to recreate phase 1;
ike1 improved expired IPsec-SA processing;
ike2 added support for ChaChaPoly1305 encryption;
ike2 added support for DH Group 31 (EC25519) (CLI only);
ike2 fixed rekey notify creation;
ike2 improved certificate payload parsing;
interface do not allow adding invalid "veth" interfaces;
interface improved system stability when handling large packets on CCR2216;
interface show RTL8153 CDC Modem Device as ethernet;
ipsec added "current-address" parameter for peers with DNS address;
ipsec added hardware acceleration support for IPQ-6010;
ipsec added support for AVX optimized SHA acceleration;
ipsec improved "H" (hw-aead) flag presence for accelerated SA's;
ipsec improved IKE payload processing;
ipsec improved configuration of IPsec proposal auth-algorithms;
ipsec removed Blowfish and Camellia encryption algorithms for IKE;
ipv6 do not generate LL addresses for VPN interfaces when IPv6 is disabled;
ipv6 do not use invalid/disabled global addresses for IPv6 ND;
l2tp added VRF support for L2TP Ether interfaces;
l3hw fixed host offloading in a case of MAC address change;
l3hw fixed offloaded NAT for CRS309 switch;
l3hw improved system stability when disabling or enabling L3HW offloading;
leds fixed default LED configuration on netFiber 9;
leds fixed turning off LEDs after system shutdown;
lte added AT channel support for Telit FN990;
lte added CA information in 5G mode;
lte fixed error handling on opening AT control channel;
lte fixed new MTU value validation;
lte improved stability when LTE passthrough is enabled on Chateau 5G;
lte properly show leading zeros in MCC and MNC strings;
lte show band number in "ca-band" in NSA mode on Chateau 5G;
lte use RSRP value reported by MBIM signal for MBIM type modems;
macsec fixed packet duplication on Ethernet interface;
macsec fixed packet transmission using traffic-generator;
macsec fixed packet validation;
modem added USB tethering support for Google Pixel 7 devices;
mpls added VPLS LDP information in remote/local-mappings;
mpls fixed assigning of explicit null label for IPv6;
netinstall added "-i " parameter for Netinstall (CLI Linux);
netinstall fixed Netinstall procedure on RouterBOOT versions from 3.27 to 6.41;
netinstall improved automatic netbooting interface selection;
netwatch added support for "https-get" type (CLI only);
netwatch fixed reporting of VRF name in logging messages;
netwatch improved "interval" and "packet-interval" coexistence for ICMP type;
ntp log error message when server is unreachable;
ospf fixed MD5 checksum calculation;
ospf fixed simple authentication and checksums for NBMA and PTMP links;
ospf fixed simple authentication checksum calculation;
ospf fixed virtual-link address selection for PTP links;
ovpn added "CBC" postfix to AES cipher names;
ovpn added "route-nopull" option for client side;
ovpn added hardware acceleration support for IPQ-6010;
ovpn added support for IPv6 tunneling;
ovpn fixed "Called-Station-Id" usage in RADIUS requests;
package fixed missing menus when both "lora" and "wifiwave2" packages are installed;
ping fixed ARP ping;
port added serial port support for Telit FN990 modem;
port do not show unusable USB port on hAP ax^2;
port fixed R11e-LTE6 port mapping;
ppp changed default lease time of dynamic DHCPv6 server to 1 day;
ppp do not inherit routing mark for encapsulated packets;
ppp fixed displaying of "info" command for PPP client;
ppp improved authentication method negotiation;
pppoe improved service stability when establishing PPPoE sessions;
quickset fixed addition of bridge filter rules in bridged mode;
quickset fixed interface list member table on configuration changes;
quickset update DNS server IP address when changing router's IP address;
rb4011 fixed reporting of current CPU frequency and changed default frequency to "auto";
sfp added 2.5G SFP module support for RB5009;
sfp allow usage of "10G Base-LR" mode for XS+31LC10D module;
snmp added support for "lldpRemLocalPortNum" OID's;
snmp improved stability when receiving bogus packets;
ssh added support for Ed25519 key exchange;
ssh do not allow SHA1 usage with strong crypto enabled;
ssh fixed handling of non standard size RSA keys;
supout added MSTI and mst-override monitor for bridge MSTP;
supout added missing IPv6 firewall sections;
switch avoid packet corruption in some setups for 98DX3257, 98DX3255, 98DX4310, 98DX8525 and 98PX1012 switches;
switch fixed SFP Tx disable when changing auto-negotiation settings for 98DXxxxx and 98PX1012 switches;
switch fixed egress mirror for 98DX4310 and 98DX8525 switches;
switch hide invalid settings for 98DX3255 and 98DX8525 switch chips;
switch improved 10G, 25G and 40G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98DX8525, 98PX1012 switches;
switch improved 10G, 25G and 40G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
switch improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
switch improved 10Gbps Ethernet interface stability for 98DX8212 switch;
switch improved 25G interface stability for 98PX1012, 98DX4310 and 98DX8525 switches (introduced in v7.6);
switch increased the maximum value of "rate" for ACL rules;
swos fixed "allow-from-ports" setting;
swos fixed SwOS configuration changes from RouterOS;
swos improved default SwOS backup file name;
system allow up to 4GB of RAM allocation per process on x86, ARM64 and TILE;
system improved handling of user policies;
timezone updated timezone information from "tzdata2022g" release;
tr069-client updated data model to version 2.15;
traffic-flow fixed sending of sampling interval;
tunnels added VRF support for EoIP, IPIP and GRE tunnels;
vpls expose VPLS related debug logs to "vpls" logging topic;
vrrp always use slave interface MTU;
vrrp improved interface stability on configuration changes;
vxlan added "local-address" parameter support;
vxlan added VRF support;
w60g improved system stability for Cube Pro devices;
webfig ensure login page is displayed after each log out;
webfig fixed accessing of WebFig when "Interface" menu is disabled by skin;
webfig fixed displaying of VRF routes;
webfig fixed input validation for "VPLS ID" parameter;
webfig fixed setting of "DHCP Option Set" parameter;
webfig improved WEB caching capabilities;
webfig properly detect current location for navigation buttons;
webfig properly show limited number of available options;
wifiwave2 added "datapath" settings to configure data forwarding for an interface (CLI only);
wifiwave2 added "ft-preserve-vlanid" parameter to control whether to change VLAN ID after FT;
wifiwave2 added "provisioning" menu to automatically assign interface configurations to radios (CLI only);
wifiwave2 added disable/enable commands to configuration profile sub-menus (CLI only);
wifiwave2 added information of per-station throughput in the registration table;
wifiwave2 added initial CAPsMAN support (only compatible with wifiwave2 interfaces) (CLI only);
wifiwave2 added interworking/Hotspot 2.0 support (CLI only);
wifiwave2 added more informative log messages on configuration profile changes;
wifiwave2 added option to set per-client vlan-id in access list (only supported on 802.11ax interfaces) (CLI only);
wifiwave2 do not permit a client device to be connected to more than one interface at a time;
wifiwave2 fixed "radio-mac" provisioning matcher;
wifiwave2 fixed 4-way handshake with TKIP;
wifiwave2 improved compliance with regulatory domain information;
wifiwave2 improved general system stability;
wifiwave2 improved system stability when multiple virtual AP are configured;
wifiwave2 properly report interface on which traffic is received when multiple station interfaces are used concurrently;
wifiwave2 released packages for MMIPS, PPC, TILE and x86;
wifiwave2 removed maximum limit for group key update interval and changed the default to 1 day;
winbox added "Active" prefix for current "Circuit ID" and "Cookie Length" fields for L2TP-Ether interfaces;
winbox added "Make Static" button to "IP/DHCP Server/Leases" menu;
winbox added "bus" parameter for "USB Power Reset" command on Chateau ax;
winbox added missing "force" parameter for new "IP/DHCP Server/Options" entries;
winbox added missing "vlan-id" column under "IP/Hotspot/Hosts" table;
winbox do not show LACP related status parameters for other bonding types;
winbox fixed default MTU value for CAP interfaces;
winbox fixed minor typo in "Zerotier" menu;
winbox improved handling of large WinBox protocol messages;
winbox increased maximum number of Winbox read-only sessions 5->25;
winbox properly save "Interfaces/Detect Internet/Detect Internet State" menu in session file;
winbox removed bogus VRF tab from "Interface" menu;
winbox show "Switch" menu on Chateau 5G ax;
winbox show "Switch" menu on NetFiber 9;
winbox show "System/Health/Settings" only on boards that have configurable values;
winbox show "System/RouterBOARD/Mode Button" on devices that have such feature;
winbox show "USB Power Reset" menu on Chateau 5G ax;
winbox show dynamic comment in WifiWave2 registration table;
wireless fixed "nstreme" related parameter control in skins;
wireless fixed setting of realms interworking parameter if realms-raw is unset;
x86 added support for SUN 10G NICs;
x86 improved igc driver support;
7.7rc5 Testing 2023-Jan-11 (3 years ago)
Component Change
dns fixed CNAME reading from the cache (introduced in v7.7rc3);
dns fixed incorrect TTL=0 reporting for cached entries;
ike2 added support for ChaChaPoly1305 encryption;
port fixed R11e-LTE6 port mapping;
7.7rc4 Testing 2023-Jan-03 (3 years ago)
Component Change
bgp fixed BGP advertisement PCAP saver;
console updated copyright notice;
dns query upstream DNS servers for other record types even if static entry exists;
lte improved stability when LTE passthrough is enabled on Chateau 5G;
ospf fixed simple authentication checksum calculation;
pppoe improved service stability when establishing PPPoE sessions;
timezone updated timezone information from "tzdata2022g" release;