I agree it is nonsence to discusse only one or two changes. Please keep it as it is.Just like the forum articles on testing and RC versions, I tried to include changes from newer stable sub-versions in the same article. This approach makes it easier to grasp the key issues present in a specific major version, such as 7.10. It might also help when deciding to upgrade from the previous stable branch (7.9.2) to (7.10.2) to realize that there have been a lot of changes and feedback. It doesn't seem very worthwhile to discuss just one or two changes.
It seems MikroTik don't understand “stable” any more, at least on ROSv7.wow...this is cool update...we can say 7.10.2 is almost long term release :) I did not know what wifi "stable" ROS to use and now I can use 7.10.2 and 7.11beta4 and I do not know which version to use now :) After few months I can finally use stable version :) Thank you
It seems that you did not read the MTs post about stable.It seems MikroTik don't understand “stable” any more, at least on ROSv7.
The wide view was introduced only in 7.11beta2.I have updated my RBM11G to ROS 7.10.2 stable.
Unfortunately this feature has not yet been implemented
which is instead present in the 7.10 testing version.
a pity , it would have been very useful for Webfig users.🥲The wide view was introduced only in 7.11beta2.I have updated my RBM11G to ROS 7.10.2 stable.
Unfortunately this feature has not yet been implemented
which is instead present in the 7.10 testing version.
Are you blind? Read this whole thread again, and deploy large scale networks using Juniper, Arista, Huawei like me and come back to me and say “7.10.2 is stable”.7.10.2 seems stable to me, what is not working for you?
Consider yourself upvoted. I was thinking the same thing here.You should firstly learn how to proper answer simple question.... I didn't ask for your shity network but WHAT IS NOT WORKING FOR YOU?
I will say it again, are you blind? Learn to firstly use your eyes. And clearly, you're just some small-time home user, who thinks he/she knows what they are talking about.You should firstly learn how to proper answer simple question.... I didn't ask for your shity network but WHAT IS NOT WORKING FOR YOU?
<edited>? Do you not understand how critical BFD is in production networks? What kind of network engineer are you, to think that BFD is not “critical”?I do not see anything critical...if you are not able to work around you should not be providing any network....
BFD was for the 7 train just released in 7.10beta8 just some more than a month ago. What did you use before that?<edited>? Do you not understand how critical BFD is in production networks? What kind of network engineer are you, to think that BFD is not “critical”?
Well, in my case it was the reason for not upgrading to version 7.x (and not buying new routers that required 7.x) until that was fixed!BFD was for the 7 train just released in 7.10beta8 just some more than a month ago. What did you use before that?<edited>? Do you not understand how critical BFD is in production networks? What kind of network engineer are you, to think that BFD is not “critical”?
Surely you already checked the cables ?
Since on my RB5009's, one of them is humming sweetly on 2.5Gb (trunk to AX3), the other 1Gb.
No drops whatsoever that I can see in the logs.
Your link down counter is also something to watch. Not normal.
Switch back to the USW-Enterprise-8-PoE switch,Have you considered asking the manufacturer of that device? What firmware version are you using on it? When looking at the forum, quite some of its users are in total despair about the firmware quality, so maybe it has some part of the blame.The device connected to ether1 remains the U6-Enterprise.
Ok... I do not use MPLS. But I think that the priority with v7 should have been to make everything work at least as well as it did in v6.I'm glad that BFD got rid of most peoples last issue before upgrading, but we are still stuck not being able to upgrade to version 7 for something that was fine on version 6, and that is MPLS QoS (EXP bits not being set). Reported a year ago, no word yet on a fix. We can't upgrade most of our infrastructure until there is a fix.
I suggest to install the 7.11beta instead, it appears to be quite stable and solves those problems.please add this fix in 7.10.3
*) dns - improved system stability when processing static DNS entries with specified address-list (introduced in v7.10);
I think some of the new features were merely "low-hanging fruit" that could be tackled in a couple of dev cycles, likely by devs who are not working on stuff like BFD and MPLS. If you see who responds on the forums to different topics, its apparent who's baby is who's.Ok... I do not use MPLS. But I think that the priority with v7 should have been to make everything work at least as well as it did in v6.
But it seems they got carried away in implementing new features (probably requested by important customers) before finishing that.
I am running 7.11beta4 but I would agree with that. The router is the "server" side for incoming connects from clients. I have seen it happen a couple of times that GRE/IPsec tunnels (configured using the easy method, so active from both sides) were down for some time and that I could revive them by deleting their entry under "active peers" (forcing re-negotiation).L2TP vpn is more unstable.
Also I can see issues with IPIP Tunnel and IPSec, more unstable, then previous versions, especially in v7.8 it was better.
I also have a RB5009 running as CAPsMAN for 4 x hAP ax^3 CAPs, running 3 SSIDs per 2.4 / 5 GHz radios. One is a simple WPA2/WPA3 PSK whereas the other two are EAP RADIUS and the 3rd is a WPA3-PSK.RB5009 as router on stick and Capsman managing 2xAX2 and AX3 connected via cisco switch. All with ROS 7.10.2
I am still getting XXXXXX@Jidelna_5GHz rejected, can't find PMKSA with WPA3 PSK enabled in combination with WPA2 PSK....
/interface wifiwave2 channel
add band=2ghz-ax disabled=no frequency=2412,2437,2462 name=ch-2ghz skip-dfs-channels=all width=20mhz
add band=5ghz-ax disabled=no frequency=5180,5260,5500,5580,5660,5745 name=ch-5ghz skip-dfs-channels=all width=20/40/80mhz
/interface wifiwave2 security
add authentication-types=wpa2-psk,wpa3-psk disable-pmkid=no disabled=no ft=yes ft-over-ds=yes management-protection=allowed name="Home WiFi" passphrase="N0tS3cur3" wps=disable
/interface wifiwave2 capsman
set ca-certificate=auto enabled=yes interfaces=vlan1
/interface wifiwave2 configuration
add channel=ch-5ghz country=Taiwan datapath="VLAN: Guest - Isolated" disabled=no mode=ap name="wifi1 - 5 GHz" security="Home WiFi" ssid="Home WiFi"
add channel=ch-2ghz country=Taiwan datapath="VLAN: Guest - Isolated" disabled=no mode=ap name="wifi2 - 2.4 GHz" security="Home WiFi" ssid="Home WiFi"
/interface wifiwave2 datapath
add bridge=bridge client-isolation=yes disabled=no name="VLAN: Guest - Isolated" vlan-id=53
/interface wifiwave2 provisioning
add action=create-enabled disabled=no master-configuration="wifi1 - 5 GHz" name-format="5G - %I" supported-bands=5ghz-ax
add action=create-enabled disabled=no master-configuration="wifi2 - 2.4 GHz" name-format="2G - %I" supported-bands=2ghz-ax
16:11:42 pppoe,ppp,info pppoe-out1: authenticated
16:11:42 pppoe,ppp,info pppoe-out1: connected
16:11:42 interface,info pppoe-out1 detect UNKNOWN
16:11:44 dhcp,info dhcp-client on VOD got IP address 10.109.85.89
16:11:48 interface,info pppoe-out1 detect INTERNET
16:11:49 system,info,account user admin logged in from 192.168.4.4 via winbox
16:12:25 system,critical,info ntp change time Jul/19/2023 16:11:49 => Jul/19/2023 16:12:25
16:12:48 interface,info sfp-sfpplus1 link down
16:12:48 pppoe,ppp,info pppoe-out1: terminating... - disconnected
16:12:48 pppoe,ppp,info pppoe-out1: disconnected
16:12:48 pppoe,ppp,info pppoe-out1: initializing...
16:12:48 pppoe,ppp,info pppoe-out1: connecting...
16:12:48 pppoe,ppp,info pppoe-out1: terminating...
16:12:48 pppoe,ppp,info pppoe-out1: disconnected
16:12:48 pppoe,ppp,info pppoe-out1: initializing...
16:12:48 pppoe,ppp,info pppoe-out1: connecting...
16:12:48 interface,info sfp-sfpplus1 link up (speed 1G, full duplex)
16:12:48 interface,info sfp-sfpplus1 detect LAN
16:12:48 interface,info net_oran detect UNKNOWN
16:12:48 interface,info vlan_vod_oran detect LAN
16:12:48 interface,info vlantv_orang detect LAN
16:12:49 pppoe,ppp,info pppoe-out1: authenticated
16:12:49 pppoe,ppp,info pppoe-out1: connected
16:12:49 interface,info pppoe-out1 detect UNKNOWN
16:12:55 interface,info pppoe-out1 detect INTERNET
16:14:36 interface,info sfp-sfpplus1 link down
16:14:36 pppoe,ppp,info pppoe-out1: terminating... - disconnected
16:14:36 interface,info sfp-sfpplus1 link up (speed 1G, full duplex)
16:14:36 pppoe,ppp,info pppoe-out1: disconnected
16:14:36 pppoe,ppp,info pppoe-out1: initializing...
16:14:36 pppoe,ppp,info pppoe-out1: connecting...
16:14:36 interface,info sfp-sfpplus1 detect LAN
16:14:36 interface,info net_oran detect UNKNOWN
16:14:36 interface,info vlan_vod_oran detect LAN
16:14:36 interface,info vlantv_orang detect LAN
16:14:36 pppoe,ppp,info pppoe-out1: terminating...
16:14:36 pppoe,ppp,info pppoe-out1: disconnected
16:14:36 pppoe,ppp,info pppoe-out1: initializing...
16:14:36 pppoe,ppp,info pppoe-out1: connecting...
16:14:37 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:14:37 pppoe,ppp,info pppoe-out1: disconnected
16:14:37 pppoe,ppp,info pppoe-out1: initializing...
16:14:37 pppoe,ppp,info pppoe-out1: connecting...
16:14:38 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:14:38 pppoe,ppp,info pppoe-out1: disconnected
16:14:38 pppoe,ppp,info pppoe-out1: initializing...
16:14:38 pppoe,ppp,info pppoe-out1: connecting...
16:14:40 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:14:40 pppoe,ppp,info pppoe-out1: disconnected
16:14:40 pppoe,ppp,info pppoe-out1: initializing...
16:14:40 pppoe,ppp,info pppoe-out1: connecting...
16:14:41 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:14:41 pppoe,ppp,info pppoe-out1: disconnected
16:14:43 pppoe,ppp,info pppoe-out1: initializing...
16:14:43 pppoe,ppp,info pppoe-out1: connecting...
16:14:44 pppoe,ppp,info pppoe-out1: authenticated
16:14:44 pppoe,ppp,info pppoe-out1: connected
16:14:44 interface,info pppoe-out1 detect UNKNOWN
16:14:50 interface,info pppoe-out1 detect INTERNET
16:14:56 system,info,account user admin logged in from 192.168.4.4 via local
16:17:26 interface,info sfp-sfpplus1 link down
16:17:26 pppoe,ppp,info pppoe-out1: terminating... - disconnected
16:17:26 pppoe,ppp,info pppoe-out1: disconnected
16:17:26 pppoe,ppp,info pppoe-out1: initializing...
16:17:26 pppoe,ppp,info pppoe-out1: connecting...
16:17:26 interface,info sfp-sfpplus1 link up (speed 1G, full duplex)
16:17:26 interface,info sfp-sfpplus1 detect LAN
16:17:26 interface,info net_oran detect UNKNOWN
16:17:26 pppoe,ppp,info pppoe-out1: terminating...
16:17:26 pppoe,ppp,info pppoe-out1: disconnected
16:17:26 pppoe,ppp,info pppoe-out1: initializing...
16:17:26 pppoe,ppp,info pppoe-out1: connecting...
16:17:26 interface,info vlan_vod_oran detect LAN
16:17:26 interface,info vlantv_orang detect LAN
16:17:27 pppoe,ppp,info pppoe-out1: authenticated
16:17:28 pppoe,ppp,info pppoe-out1: connected
16:17:28 interface,info pppoe-out1 detect UNKNOWN
16:17:29 interface,info sfp-sfpplus1 link down
16:17:29 pppoe,ppp,info pppoe-out1: terminating... - disconnected
16:17:29 pppoe,ppp,info pppoe-out1: disconnected
16:17:29 pppoe,ppp,info pppoe-out1: initializing...
16:17:29 pppoe,ppp,info pppoe-out1: connecting...
16:17:29 interface,info sfp-sfpplus1 link up (speed 1G, full duplex)
16:17:29 interface,info sfp-sfpplus1 detect LAN
16:17:29 interface,info net_oran detect UNKNOWN
16:17:29 pppoe,ppp,info pppoe-out1: terminating...
16:17:29 pppoe,ppp,info pppoe-out1: disconnected
16:17:29 pppoe,ppp,info pppoe-out1: initializing...
16:17:29 pppoe,ppp,info pppoe-out1: connecting...
16:17:29 interface,info vlan_vod_oran detect LAN
16:17:29 interface,info vlantv_orang detect LAN
16:17:31 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:17:31 pppoe,ppp,info pppoe-out1: disconnected
16:17:31 pppoe,ppp,info pppoe-out1: initializing...
16:17:31 pppoe,ppp,info pppoe-out1: connecting...
16:17:32 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:17:32 pppoe,ppp,info pppoe-out1: disconnected
16:17:32 pppoe,ppp,info pppoe-out1: initializing...
16:17:32 pppoe,ppp,info pppoe-out1: connecting...
16:17:37 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:17:37 pppoe,ppp,info pppoe-out1: disconnected
16:17:38 pppoe,ppp,info pppoe-out1: initializing...
16:17:38 pppoe,ppp,info pppoe-out1: connecting...
16:17:40 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:17:40 pppoe,ppp,info pppoe-out1: disconnected
16:17:41 pppoe,ppp,info pppoe-out1: initializing...
16:17:41 pppoe,ppp,info pppoe-out1: connecting...
16:17:47 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:17:47 pppoe,ppp,info pppoe-out1: disconnected
16:17:50 pppoe,ppp,info pppoe-out1: initializing...
16:17:50 pppoe,ppp,info pppoe-out1: connecting...
16:17:57 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:17:57 pppoe,ppp,info pppoe-out1: disconnected
16:18:04 pppoe,ppp,info pppoe-out1: initializing...
16:18:04 pppoe,ppp,info pppoe-out1: connecting...
16:18:05 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:18:05 pppoe,ppp,info pppoe-out1: disconnected
16:18:15 pppoe,ppp,info pppoe-out1: initializing...
16:18:15 pppoe,ppp,info pppoe-out1: connecting...
16:18:25 pppoe,ppp,info pppoe-out1: terminating... - disconnected
16:18:25 pppoe,ppp,info pppoe-out1: disconnected
16:18:35 pppoe,ppp,info pppoe-out1: initializing...
16:18:35 pppoe,ppp,info pppoe-out1: connecting...
16:18:36 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:18:36 pppoe,ppp,info pppoe-out1: disconnected
16:18:46 pppoe,ppp,info pppoe-out1: initializing...
16:18:46 pppoe,ppp,info pppoe-out1: connecting...
16:18:47 pppoe,ppp,info pppoe-out1: terminating... - failed to authenticate ourselves to peer
16:18:47 pppoe,ppp,info pppoe-out1: disconnected
Not for me...Updated soft- and firmware to 7.10.2 on these models without any issues:
RB750GL
CRS309-1G-8S+
RBcAPGi-5acD2nD (cAP ac)
RB5009UPr+S+IN
RB760iGS (hEX S)
x86
Info regarding RB760iGS (hEX S): We‘ve had several update issues during the last months with < 10 devices and > 10 different ROS versions, resulting in boot loops. After a lot of debugging, it seems that we’ve identified the root cause: The boot loops occur, if the hES S is powered by PoE only. Since we’ve added an external power supply, all updates went fine. We’ll verify this during the next updates and are going to add this information to the support ticket SUP-68147.
VLAN Member Port
ID 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 SFP1 SFP2 SFP3 SFP4
1 U U U U U U U U U U U U U U U U U U U U Default
12 U T T WiFi Link to Site B
16 U U U U U U T T T WiFi
17 U T T DMZ
18 T T T T Accounts
19 T T Reserved
/interface bridge
add add-dhcp-option82=yes admin-mac=48:A9:8A:39:9A:E2 auto-mac=no dhcp-snooping=yes name=bridge priority=0x6000 protocol-mode=mstp region-name=Company vlan-filtering=yes
/interface bridge port
add bpdu-guard=yes bridge=bridge interface=ether1 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether2 restricted-role=yes
add bridge=bridge interface=ether3 restricted-role=yes
add bridge=bridge interface=ether4 pvid=17 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether5 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether6 pvid=16 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether7 pvid=16 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether8 pvid=16 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether9 pvid=16 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether10 pvid=16 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether11 pvid=16 restricted-role=yes
add bridge=bridge interface=ether12 pvid=12 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether13 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether14 restricted-role=yes trusted=yes
add bpdu-guard=yes bridge=bridge interface=ether15 restricted-role=yes trusted=yes
add bridge=bridge interface=ether16 restricted-role=yes
add bridge=bridge interface=ether17 restricted-role=yes
add bridge=bridge interface=ether18 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether19 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether20 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether21 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether22 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether23 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=ether24 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=sfp-sfpplus1 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=sfp-sfpplus2 restricted-role=yes
add bridge=bridge interface=sfp-sfpplus3 restricted-role=yes
add bpdu-guard=yes bridge=bridge interface=sfp-sfpplus4 restricted-role=yes
/interface bridge vlan
add bridge=bridge tagged=bridge,ether14,ether15 vlan-ids=12
add bridge=bridge tagged=bridge,ether14,ether15,ether16 vlan-ids=16
add bridge=bridge tagged=bridge,ether14,ether15 vlan-ids=17
add bridge=bridge tagged=ether14,ether15,ether17,sfp-sfpplus3,bridge vlan-ids=18
add bridge=bridge tagged=bridge,ether14,ether15 vlan-ids=19
Anyone else verify this was actually fixed? Having some real problems on a CCR1009-8G-1S-1S+ with v7.10.2 getting a 32GB SD card to be recognized. I tried wiping it in a separate PC and still no luck.What's new in 7.10 (2023-Jun-15 08:17):
*) tile - fixed support for microSD card;
I can't confirm. My hAP AX3 is absolut stable with 7.10.2 and also with 7.11Beta4.After a while, it seems that Wifi is not stable on hAP AX3 on 7.10.2 ! Constant internet drops, or poor wifi quality. On my Old hAP AC2 wifi is muc much stable and better then this on hAP AX3.
I confirm.Anyone else verify this was actually fixed? Having some real problems on a CCR1009-8G-1S-1S+ with v7.10.2 getting a 32GB SD card to be recognized. I tried wiping it in a separate PC and still no luck.What's new in 7.10 (2023-Jun-15 08:17):
*) tile - fixed support for microSD card;
Just want to see if anyone else can confirm working/not working so I don't waste time.
Regarding the OVPN service not working with 7.10. We have found the issue and will release 7.11beta with a potential fix soon.
However, the issue is not a bug exactly. If you are running OVPN service with 7.10.2 and it is not working, check if you use OVPN in "IP" mode, but have specified "bridge" under PPP/Profile. The "bridge" can be used only with "Ethernet" mode, not "IP" mode. So the service was connected but was not working. We will return the behavior back to the way it was in v7.9, however, you should be also able to resolve the issue by unsettling PPP/Profile bridge setting on the profile that is used for OVPN service running in "IP" mode.
/ppp profile
add bridge-learning=no change-tcp-mss=no name=openvpn-far only-one=yes
/interface ovpn-client
add certificate=client_ip.net.crt_0 cipher=aes256-cbc connect-to=xxx.xxx.xxx.xxx mac-address=02:4E:B6:A6:6B:B8 max-mtu=1400 name=ovpn-out1-far \
port=12333 profile=openvpn-far protocol=udp user=username
That is completely unrelated to the discussed topic "*) tile - fixed support for microSD card; ".My microSD is in the 3G Stick Modem. hAP ac^2 does not define microSD since version 7.9.2, 7.10.2. Changed different cards and different manufacturers, different sizes (32GB, 8GB, 4GB)
Yes, works for me. The card is visible in /disk and /file now.Anyone else verify this was actually fixed? Having some real problems on a CCR1009-8G-1S-1S+ with v7.10.2 getting a 32GB SD card to be recognized. I tried wiping it in a separate PC and still no luck.What's new in 7.10 (2023-Jun-15 08:17):
*) tile - fixed support for microSD card;
Just want to see if anyone else can confirm working/not working so I don't waste time.
do have "detect internet" active? if so ... disable anything regarding it and reboot the deviceAfter a while, it seems that Wifi is not stable on hAP AX3 on 7.10.2 ! Constant internet drops, or poor wifi quality. On my Old hAP AC2 wifi is muc much stable and better then this on hAP AX3.
Anecdotally, when I loaded down a couple of my 7.10 CCR2116's using a 10Gbps speed test after having just inserted over 300K routes into each of them, one or more of them bogged down pretty bad to where BGP/OSPF appear to have dropped and all customer traffic stopped for 10-20 seconds until everything converged again. I tried it with both L3HW offload enabled and disabled, with the same result. They worked better with only 3000 routes (1 AS away), so I'm betting it was software-related.I upgraded one of our BGP core router : a CCR1072 to 7.10.2 (included firmware) and the situation was problematic.
All CPUs continuously going from 60 to 100% utilization.
.Anyone else verify this was actually fixed? Having some real problems on a CCR1009-8G-1S-1S+ with v7.10.2 getting a 32GB SD card to be recognized. I tried wiping it in a separate PC and still no luck.What's new in 7.10 (2023-Jun-15 08:17):
*) tile - fixed support for microSD card;
Just want to see if anyone else can confirm working/not working so I don't waste time.
[admin@Site23-CCR1009] > /disk/ export
# 1970-01-04 03:13:59 by RouterOS 7.10.2
# model = CCR1009-7G-1C-1S+
/disk
set sd1 type=hardware
[admin@Site23-CCR1009] > /disk/ print
Flags: B - BLOCK-DEVICE; M, F - FORMATTING
Columns: SLOT, MODEL, SERIAL, INTERFACE, SIZE, FREE, FS
# SLOT MODEL SERIAL IN SIZE FREE FS
0 BM sd1 SP32G 02/2021 xxxxxxx SD 31 914 983 424 31 898 140 672 fat32
There seems to still be the issue with IPSec/IKEv2 and ECDSA certificates using secp521r1.
When upgrading from 7.9.2 IPSec Tunnels using ECDSA certificates are not established any more.
It does not matter if one side or both sides are on version 7.10.2, every combination involving 7.10.x/7.11 and pre-7.10 does not work.
7.10.x to 7.10.x works and 7.10.x to 7.11betax and 7.11betax to 7.11betax works.
There is a "digital signature verification error" visible in the log on 7.10.x or 7.11betax and "AUTHENTICATION_FAILED" on 7.9.2.
It does not matter, if I change the settings in /ip/ipsec/identities to other ID types for local and/or remote ID.
When I downgrade both sides to 7.9.2 everything works fine again, as it did for every release since v7 came out.
The same bug seems to exist in 7.11beta versions, at least until 7.11beta6 (edit: testet with beta6, problem is still there).
On these router there are on the 500k routes.Anecdotally, when I loaded down a couple of my 7.10 CCR2116's using a 10Gbps speed test after having just inserted over 300K routes into each of them, one or more of them bogged down pretty bad to where BGP/OSPF appear to have dropped and all customer traffic stopped for 10-20 seconds until everything converged again. I tried it with both L3HW offload enabled and disabled, with the same result. They worked better with only 3000 routes (1 AS away), so I'm betting it was software-related.
My CCR1036 is on 7.10 and is working fine, but it doesn't have more than a handful of BGP-fed routes for internal networks only.
had that issue on VPLS links also in the past when the underlying connection went down but came back up again but only a disable/enable re-established VPLS links.What seemed to fix the VPLS was connecting to wifiwave station and disabling/enabling the vpls interface. No other changes.
I am wondering why the interface did not reconnect once the link recovered and connectivity was restablished.
I encountered this problem several days ago.I think we have isuee with Letsencript the multi dns has problem:
progress: [error] could not resolve '01.abc.xyz,'02.abc.xyz,'03.abc.xyz'
Can't resolve the dns when is multiple with single the is no issue