Community discussions

MikroTik App
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

v7.15.3 [stable] is released!

Thu May 30, 2024 11:59 am

RouterOS version 7.15 have been released in the "v7 stable" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 7.15.3 (2024-Jul-24 13:36):

*) lte - fixed possible crash when enabling/disabling config-less modem interface;
*) lte - fixed R11e-LTE no traffic flow when modem with older firmware version is used;
*) routerboard - improved Etherboot stability for CRS320-8P-8B-4S+ device ("/system routerboard upgrade" required);
*) ssh - fixed unsupported user SSH public key import (introduced in v7.15);

What's new in 7.15.2 (2024-Jun-26 14:42):

*) bth - improved system stability;
*) defconf - configure the default-route property for PPP clients only on devices with a built-in modem;
*) modem - fixed modem firmware upgrade for Chateau 5G and Chateau 5G R16 (introduced in v7.15);
*) route - fixed incorrectly handled route distinguisher and route targets (introduced in v7.15);
*) ssh - fixed SSH cryptographic accelerator selection (introduced in v7.14);
*) switch - fixed limited Tx traffic on Ethernet ports for CRS354 devices (introduced in v7.15);
*) system - fixed an issue where routing configuration was missing after performing a reset, adding a new configuration and then upgrading (introduced in v7.15);
*) winbox/webfig - fixed skins (introduced in v7.15);

What's new in 7.15.1 (2024-Jun-07 15:49):

*) bgp - fixed BGP sessions missing vpnv6 afi;
*) bgp - fixed corrupted as-path when received update with empty AS_PATH attribute (introduced in v7.15);
*) bgp - fixed vpnv6 safi;
*) health - fixed board-temperature for KNOT device (introduced in v7.15);
*) health - fixed missing health for CRS112-8G-4S device (introduced in v7.15);
*) install - fixed ARM64 cdrom install (introduced in v7.15);
*) lte - fixed cases where LTE interface would take long time to become ready after bootup for Chateau 5G and Chateau 5G R16 (introduced in v7.15);
*) lte - fixed cases where modem could be handled by multiple dialer instances;
*) modem - fixed unresponsive PPP link recovery when TX bandwidth was exceeding link capacity;
*) poe-out - fixed silent firmware upgrade fail on CRS112-8P-4S device (introduced in v7.15);
*) ppp - fixed dynamic queue default name (introduced in v7.15);
*) route - fixed memory leak (introduced in v7.15);
*) route - fixed some missing route parameters when printing (introduced in v7.15);
*) wifi - fixed signal strength reporting during association (introduced in v7.15);
*) wifi - improved WPA3 PMKSA handling when access-lists with custom passphrases are used;
*) winbox - fixed issue with skin file appearing as unknown in user group menu (introduced in v7.15);
*) winbox - fixed missing system note on login (introduced in v7.15);

What's new in 7.15 (2024-May-29 15:44):

!) system - added support for AMPERE (R) and ARM64 CHR installations (new ARM64 CHR image available);
!) system - added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package);
*) bgp - added initial vpnv6 support;
*) bgp - correctly synchronize input.accept-nlri address list;
*) bgp - fixed prefix count when BGP sessions run with multiple AFIs;
*) bgp - fixed selecting local.default-address from wrong VRF;
*) bgp - use IPv6 as default address-family for IPv6 sessions;
*) bgp-vpn - use VRF interface as gateway for leaked connected routes;
*) branding - added option to hide default configuration prompt;
*) branding - added option to hide or replace default caps-mode-script;
*) bridge - added error message if MLAG peer-port is configured with "mlag-id";
*) bridge - added MLAG peer-port events to logs;
*) bridge - added MVRP support;
*) bridge - do not allow multiple bonds with same "mlag-id";
*) bridge - improved protocol-mode STP, RSTP and MSTP stability;
*) bridge - rename monitor property "path-cost" to "actual-path-cost";
*) bridge - reworked dynamic VLAN creation;
*) bridge - use default "edge=auto" for dynamically bridged interfaces (PPP, VPLS, WDS);
*) certificate - added support for different ACME servers for ssl-certificate (CLI only);
*) certificate - added support for importing pbes2 encrypted private keys with aes128;
*) certificate - added trusted parameter for certificate import;
*) certificate - allow replacing certificate with internal import;
*) certificate - delete certificate related files automatically from storage after import;
*) certificate - improved RSA key signature processing speed;
*) chr - allow to "generate-new-id" only while CHR is running on level "free" license;
*) chr - fixed bogus messages printed out while booting up the system (introduced in v7.14);
*) chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);
*) console - added "byte-array" option to ":convert" command;
*) console - added "proplist" parameter to interactive commands;
*) console - added "rows" property for sniffer quick mode;
*) console - added "sanitize-names" property under "/console/settings" menu (option for replacing reserved characters with underscores for files, disabled by default);
*) console - added "type" parameter to ":resolve" command;
*) console - added "use-script-permissions" option when running scripts from CLI;
*) console - added hotkey "F8" to print entire multiline input;
*) console - added link from "/iot/lora" to "/lora";
*) console - added log for script execution failures;
*) console - added multi-line print in "/file" menu;
*) console - added option to get "about" value (dynamically created text field by RouterOS services like CAPsMAN);
*) console - added option to read and change file line endings in full-screen editor;
*) console - added warning log for modified filenames due to reserved characters;
*) console - covert spaces, CR, LF in ":convert to=url" command;
*) console - do not convert string to array in ":deserialize" command;
*) console - fixed ":onerror" behavior when "do" block is missing;
*) console - fixed "export where" functionality in certain menus;
*) console - fixed console prompt when entering hot lock mode with "F7";
*) console - fixed DHCP server "authoritative=no" configuration export;
*) console - fixed do/while implementation not working with variables (introduced in v7.14);
*) console - fixed filtering by "dhcp" flag in "/ip/arp" menu;
*) console - fixed multiple typos in help;
*) console - improved stability;
*) console - optimized configuration export to prevent startup of processes without any configuration;
*) console - remove unnecessary serial ports for Alpine CPUs;
*) console - show system note before serial login if enabled;
*) console - use user permissions when running scripts from WinBox and WebFig;
*) container - do not allow negative number for "ram-high" setting;
*) defconf - do not override default DHCP server lease time;
*) defconf - fixed 5ghz-ax channel width for L11, L22 devices;
*) defconf - fixed unknown topics in log messages;
*) defconf - minor configuration script updates;
*) dhcpv4-relay - added VRF support;
*) discovery - added LLDP MAC/PHY Configuration/Status TLV support;
*) discovery - added LLDP Maximum Frame Size TLV support;
*) discovery - added LLDP Port Description TLV support;
*) discovery - advertise only physical interface name for LLDP PortID TLV;
*) discovery - always send LLDP MED Power TLV if MED was received;
*) discovery - fixed high CPU utilization when "tx-only" mode is set;
*) discovery - optimized LLDP information update;
*) disk - added option to auto configure media sharing;
*) disk - added support for formatting exfat file-system;
*) disk - improved support for file systems with non-ascii characters in file names;
*) disk - improved support for formatting ext4 file-system;
*) disk - improved system stability when adding partition with no parent;
*) disk - improved system stability;
*) disk - the "scan" command will now detect and include USB drives that were previously ejected;
*) dns - added support for "adlist";
*) dns - added VRF support;
*) dns - improved system stability when caching entries;
*) eap - improved eap-peap, eap-mschap2 client authentication (dot1x/wireless/ipsec);
*) ethernet - fixed default names for CRS310-8G+2S+ device (introduced in v7.14);
*) ethernet - fixed interface disable for CRS326-4C+20G+2Q;
*) ethernet - fixed management port disable/enable on CCR2004-1G-12S+2XS, CCR2004-1G-2XS-PCIe, CCR2216, CCR2116 devices;
*) ethernet - improved port speed downshift functionality for CRS326-4C+20G+2Q;
*) fetch - added "idle-timeout" parameter;
*) fetch - changed topic "info" to "error" for permission denied logs;
*) fetch - fixed slow throughput due to "raw" logging which occurred even when not listening to the topic (introduced in v7.13);
*) file - allow adding and renaming files and directories;
*) file - avoid refreshing whole file system during file modification;
*) file - improved external storage detection;
*) health - added "cpu-temperature" for IPQ50xx devices;
*) health - added log for fan state changes on CRS3xx, CRS5xx, CCR2xxx, CCR1016r2, CCR1036r2 devices;
*) health - fixed fan behavior for CRS310-1G-5S-4S+ (introduced in v7.14);
*) health - fixed rogue voltage on CRS510-8XS-2XQ-IN;
*) install - cdrom and hdd install images contain additional packages that can be interactively selected;
*) ipv6 - properly initialize default ND "interface=all" entry;
*) leds - fixed LEDs for L22 device;
*) lora - removed LoRa WinBox and console functionality duplication (moved to IoT package since v7.11);
*) lte - added "at-chat" support for DELL T99W175 (PID: 0x05c6 VID: 0x90d5);
*) lte - added support for concatenated AT commands in "modem-init" string;
*) lte - added support to set "modem-init" string for "dialer-less" modems;
*) lte - apply the same configuration for Microsoft branded EM12-G modem (Surface Mobile Broadband) as for Quectel EM12-G;
*) lte - do not show persistent interfaces for multi-apn slave interfaces;
*) lte - dropped support for R11e-LTE-US FOTA firmware update;
*) lte - fixed R11e-LTE-US modem dial-up;
*) lte - fixed situation where link is not restored after Quectel MBIM modem firmware update;
*) lte - improved FG621-EA modem APN authentication;
*) lte - make interface persistent (unused interface configs can be removed, allow to export and examine current configuration without the device present);
*) lte - removed 2 APN restriction for RG520F-EU modem;
*) lte - use the correct network interface for multi-interface LTE modems;
*) media - added support for DLNA;
*) metarouter - removed support;
*) modem - send APN authentication for BG77 modem also if ppp-client interface created manually;
*) netinstall - improved stability;
*) netinstall-cli - fixed incorrect server address assignment (introduced in v7.14);
*) ovpn - fixed import ovpn config when remote port is missing;
*) ovpn - fixed minor typo in error message;
*) poe-out - added LLDP power management support for devices with single PoE-out port;
*) poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);
*) poe-out - improved firmware upgrade stability for AF/AT controlled boards;
*) poe-out - moved "PoE LLDP" property from "/interface/ethernet/poe" to "/ip/neighbor/discovery-settings" and enable it by default;
*) ppp - added "enable-ipv6-accounting" option under PPP AAA menu;
*) ppp - added log when disconnecting a client due to "WISPr-Session-Terminate-Time" RADIUS attribute;
*) ppp - allow underscores in domain names;
*) ppp - enabled monitoring of registration state, RSRP, RSRQ, SINR, PCI, CellID for BG77 modem;
*) ppp - fixed "Framed-IPv6-Pool" usage when received from RADIUS;
*) ppp - fixed "on-down" script running even when tunnel was not up;
*) profiler - added "neighbor-discovery" task;
*) qos-hw - added "offline" tx-manager (CLI only);
*) qos-hw - added "profile" and "map" support for CPU port;
*) qos-hw - added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only);
*) qos-hw - added ECN marking support for compatible switches;
*) qos-hw - added per-queue traffic shapers (CLI only);
*) qos-hw - added Priority Flow Control for compatible switches (CLI only);
*) qos-hw - added support for QoS profile assignment via ACL rules;
*) qos-hw - added WRED support for compatible switches;
*) qos-hw - fixed port "print stats/usage" when using "from" property;
*) qos-hw - replaced buffer with bytes in QoS monitor;
*) queue - improved system stability (introduced in v7.6);
*) quickset - only show LTE mode for devices without other wireless interfaces;
*) radius - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Accept/Challenge/Reject messages;
*) radius - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;
*) route - do not allow routes with empty "dst-address";
*) route - do not redistribute loopback address as connected route;
*) route - fixed bgp-vpn prefix import with the same route distinguisher (RD);
*) route - improved system stability;
*) route - rework of route attributes;
*) route - show route-distinguisher (RD) in route print;
*) route-filter - allow setting different AFI gateways;
*) route-filter - fixed ext community list matcher;
*) sfp - added "100M-baseFX" link mode support for compatible devices;
*) sfp - added "sfp-ignore-rx-los" setting;
*) sfp - fixed "sfp-tx-fault" state indication for CRS510;
*) sfp - fixed link establishment with 100Mbps optical modules (requires "/interface ethernet reset" or adding "100M-baseFX" modes for advertise or speed properties);
*) sfp - fixed missing Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases;
*) sfp - ignore SFP RX LOS signal for modules with bad EEPROM;
*) sfp - improved "sfp-tx-power" value monitoring in certain cases;
*) sfp - improved auto-negotiation linking for some MikroTik cables and modules;
*) sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14);
*) sfp - improved system stability with some GPON modules for CCR2004 and CCR2116 devices;
*) smb - added logs for share connection requests;
*) smb - do not allow setting empty "comment" or "domain" properties;
*) sms - added option to select SMS storage;
*) sms - added SMS PDU to SMS inbox "print detail";
*) sms - added workaround for modems which do not notify regarding new SMS arrival (missing URC);
*) sms - improved SMS handling;
*) sms - removed SMS for SMIPS;
*) sms - use "gsm" logging topic for serial modem SMS logs;
*) snmp - added missing PoE-out status codes to MIKROTIK-MIB;
*) snmp - added new "mtxrOpticalVendorSerial" OID to MIKROTIK-MIB;
*) socks - attempt to parse domain name as IP before resolving;
*) ssh - added support for user Ed25519 private keys;
*) ssh - export host Ed25519 public key;
*) ssh - fixed bogus output;
*) ssh - fixed permissions to run ".auto.rsc" scripts;
*) ssh - require "policy" user policy when adding public key;
*) sstp - added SNI support;
*) sstp - disconnect clients when server is disabled;
*) storage - improved configuration storing process on first system boot after configuration reset;
*) switch - added support for multiple ingress and egress port mirroring on 98DXxxxx switches;
*) switch - added support for RSPAN mirroring on 98DXxxxx switches;
*) switch - fixed L3HW and QoS monitor during switch reset;
*) system - added resource values (Product name, File name and File version) for Windows executable files;
*) system - general work on optimizing the size of RouterOS packages;
*) system - show "cpu-frequency" for Alpine CPUs;
*) system - skip configuration upgrade from RouterOS v6 on configuration reset;
*) system - updated office address in RouterOS license;
*) system - updated online manual links from "wiki" to the help documentation;
*) timezone - updated timezone information from "tzdata2024a" release;
*) traffic-flow - detect IPv4 source address if not set;
*) traffic-flow - improved system stability;
*) userman - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Request messages;
*) userman - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;
*) vlan - added MVRP (applicant) configuration option;
*) vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;
*) vlan - fixed MTU reset on bridge after reboot;
*) vlan - limit "vlan-id" range from 1-4095 to 1-4094;
*) vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);
*) webfig - allow pasting with ctrl+v into terminal;
*) webfig - fixed column preferences for ordered tables;
*) webfig - show inherited properties for wifi interfaces;
*) wifi - added "reselect-interval" support;
*) wifi - changed interface default to "disabled=yes";
*) wifi - do not report disabled state for CAPsMAN managed interface;
*) wifi - fixed configuration export for "disabled" property;
*) wifi - improve channel selection after radar detection events;
*) wifi - improve regulatory compliance for L11, L22 devices;
*) wifi - improved interface initialization reliability on DFS channels;
*) wifi - improved stability of DFS check in the 5GHz-A band;
*) wifi - improved system stability when provisioning CAPs in certain cases;
*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
*) wifi - report current CAPsMAN address and identity on CAP;
*) wifi - show inherited properties with "print" command (replaces "actual-configuration") and added "print config" for showing only configured values;
*) wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances;
*) wifi-qcom - updated driver;
*) winbox - added "Download" and "Flush" buttons under "System/Certificates/CRL" menu;
*) winbox - added "Flat Snoop" button under "WiFi" menu;
*) winbox - added "FT Preserve VLAN ID" setting under "WiFi/Configuration/FT" menu;
*) winbox - added "Request logout" button under "System/Users/Active Users" menu;
*) winbox - added "Trusted" checkbox under "System/Certificates/Import" menu;
*) winbox - added drop down menu for "User" property when importing SSH key under "System/User/SSH Keys" and "System/User/SSH Private Keys" menus;
*) winbox - added invalid flag under "IP/DHCP Relay" menu;
*) winbox - added key type and key length column for user SSH keys;
*) winbox - added missing SFP monitoring properties under "Interface/SFP" menu;
*) winbox - added passphrase option for SSH host key export;
*) winbox - added passphrase option for SSH host key import;
*) winbox - allow specifying size and rtmpfs size with M, G units under "System/Disks" menu;
*) winbox - allow to specify "M" or "G" postfix for download, upload or total limits under "User Manager/Limitations" menu;
*) winbox - do not show "Host Key Size" when using ed25519 key under "IP/SSH" menu;
*) winbox - fixed the issue where the skin file fails to appear in the user group menu after creation;
*) winbox - renamed "Channel" column to "Current Channel" under "Wifi" menu;
*) winbox - show "Valid Servers" and "Unknown Servers" column by default under "IP/DHCP Server/Alerts" menu;
*) winbox - show inherited properties for wifi interfaces;
*) winbox - show SIM settings for SXTR device under "Interfaces/LTE/Modem" menu;
*) winbox - updated icons for certain menus;
*) winbox - use correct values for "Jump Target" property under "IPv6/Firewall/Filter Rules" menu;
*) wireguard - added option to mark peer as responder only;
*) wireguard - added peer "name" field and display it in logs;
*) wireguard - do not attempt to connect to peer without specified endpoint-address;
*) wireguard - fixed "auto" argument usage for "private-key" and "preshared-key" settings;
*) wireguard - fixed performance issues showing QR code;
*) wireless - perform shorter channel availability check for 5600-5650MHz if regulatory domain permits it;
*) x86 - fixed ixgbe Tx hang by disabling TSO;
*) x86 - fixed VLAN tagged packet transmit for ice driver;
*) x86 - ice driver update to v1.13.7;
*) x86 - improved stability for RTL8125 driver;
*) x86 - ixgbe driver update to 5.19.9;
*) x86/chr - improved panic saving (increased minimal RAM requirements to 256MB);

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while a router is not working as suspected or after some problem has appeared on the device

Please keep this forum topic strictly related to this particular RouterOS release.
 
User avatar
nithinkumar2000
Member Candidate
Member Candidate
Posts: 167
Joined: Wed Sep 11, 2019 7:42 am
Location: Coimbatore
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 12:06 pm

After Long Wait ROS v7.15 with huge change log is here
 
User avatar
baragoon
Member
Member
Posts: 382
Joined: Thu Jan 05, 2017 10:38 am
Location: Kyiv, UA
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 1:03 pm

*) x86/chr - improved panic saving (increased minimal RAM requirements to 256MB);
does this mean that if the free memory is less than 256 megabytes, the router will crash with "out of memory"?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21895
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 1:23 pm

Disappointed not to see a router fix for wireguard coming in on WAN2 when WAN2 is secondary WAN and mangling this traffic does not work.
 
digitalmaks
just joined
Posts: 2
Joined: Fri Dec 15, 2023 4:04 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 1:25 pm

on x86, after update, memory occupied about 230mb
You do not have the required permissions to view the files attached to this post.
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 1:29 pm

bgp-vpn - use VRF interface as gateway for leaked connected routes

I thing that this is what im after. I will check with my lab.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:11 pm

It appears that the default /ip/firewall/connection/tracking udp-timeout has changed from 10s to 30s but I do not see that in the changelog.
 
fragtion
Member Candidate
Member Candidate
Posts: 269
Joined: Fri Nov 13, 2009 10:08 pm
Location: Cape Town, South Africa

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:15 pm

Exciting release packed with updates and bug fixes. My whole fleet of routers (30+, various architectures) updated successfully, and good to see over 700kb of free space on my hAP ac2 (from around 300kb on 7.14.3)
Good job dev team :D
 
ColinM9991
newbie
Posts: 33
Joined: Tue May 25, 2021 4:06 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:29 pm

Very nice update. I did play around with Adlist a bit but, if what I've read is correct, it doesn't work when DoH is enabled and it also consumes a lot of RAM.

It's a nice addition to the ecosystem and hopefully it only gets better over time.
 
amokkatmt
newbie
Posts: 33
Joined: Mon Oct 24, 2011 3:31 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:35 pm

I have an URL, which returns
< HTTP/1.1 200 OK
< Server: thttpd/2.25b 29dec2003
< Content-Type: text/html; charset=gb2312
< Date: Thu, 30 May 2024 11:32:28 GMT
< Last-Modified: Mon, 25 Dec 2023 07:25:30 GMT
< Accept-Ranges: bytes
< Connection: close

And /tool/fetch is unable to GET it: "failure: there was no content-length or transfer-encoding"
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:36 pm

still delivering def-route via VRF doesn't work
 
error404
just joined
Posts: 10
Joined: Sat Oct 21, 2023 1:58 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:43 pm

[DELETED]
PS: Sorry, I am stupid
Last edited by error404 on Thu May 30, 2024 2:53 pm, edited 1 time in total.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:47 pm

:local changelog ([/tool fetch "https://upgrade.mikrotik.com//routeros/NEWESTa7.stable" as-value output=user] -> "data");
Since today I get this error:
Download from upgrade.mikrotik.com FAILED: Fetch failed with status 403
Your URL has to two // in it.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 2:54 pm

Exciting release packed with updates and bug fixes. My whole fleet of routers (30+, various architectures) updated successfully, and good to see over 700kb of free space on my hAP ac2 (from around 300kb on 7.14.3)
Good job dev team :D
Updating an entire fleet of routers within 2 hours after release of a .0 release?
I hope it is a test network...
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8712
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 3:00 pm

It appears that the default /ip/firewall/connection/tracking udp-timeout has changed from 10s to 30s but I do not see that in the changelog.
What's new in 7.14 (2024-Feb-29 09:10):

*) firewall - increased default "udp-timeout" value from 10s to 30s;
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 3:06 pm

Ok for me it appeared after an upgrade from 7.14.3 on a test router... it seems I forgot to export after the previous update.
Last edited by pe1chl on Thu May 30, 2024 3:09 pm, edited 1 time in total.
 
kos
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Mon Oct 31, 2016 11:51 am

Re: v7.15 [stable] is released!

Thu May 30, 2024 3:08 pm

*) ppp - fixed "on-down" script running even when tunnel was not up;

"on-down" script works fine in 7.14.3, but doesn't work in 7.15
 
User avatar
rushlife
Member Candidate
Member Candidate
Posts: 254
Joined: Thu Nov 05, 2015 12:30 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 3:51 pm

thx mikrotik, huge changelog
 
hafte
just joined
Posts: 15
Joined: Tue Jan 03, 2023 6:00 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:09 pm

Script execution seems not fixed.
After update to 7.15, red warnings started in sys log with: "Executing script from scheduler failed, please check it manually"
Scrips seems to be working, but this warning is present.
All scripts with :global or other definitions generate error.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:12 pm

Scripting works fine. Your errors have always been there, they just have not been reported before.
 
hafte
just joined
Posts: 15
Joined: Tue Jan 03, 2023 6:00 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:22 pm

@eworm - You are probably right, but how to find where is the specific syntax error, to be able to fix it. Scripts do all what is required and only say check manualy :-)
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:30 pm

woooa
CHR, 7.14.3 -> 7.15
free memory decreased significantly
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21895
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:35 pm

Exciting release packed with updates and bug fixes. My whole fleet of routers (30+, various architectures) updated successfully, and good to see over 700kb of free space on my hAP ac2 (from around 300kb on 7.14.3)
Good job dev team :D
Updating an entire fleet of routers within 2 hours after release of a .0 release?
I hope it is a test network...
Thats Sir James Fragtion to you Sir. He likes living dangerously! :-)
 
Guscht
Member Candidate
Member Candidate
Posts: 263
Joined: Thu Jul 01, 2010 5:32 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:40 pm

Disappointed not to see a router fix for wireguard coming in on WAN2 when WAN2 is secondary WAN and mangling this traffic does not work.
Me too, me too....
 
Evgeniy29
just joined
Posts: 2
Joined: Wed Aug 12, 2020 6:50 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:48 pm

hAP ax2 7.15 don't work Access List - this rule don’t work:

/interface wifi access-list
add action=accept allow-signal-out-of-range=always signal-range=-75..0
add action=reject

After update to 7.15 no one can connect via WiFi
Last edited by Evgeniy29 on Thu May 30, 2024 6:19 pm, edited 1 time in total.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 4:50 pm

@eworm - You are probably right, but how to find where is the specific syntax error, to be able to fix it. Scripts do all what is required and only say check manualy :-)
It's not about syntax errors, but runtime errors. Probably your script is accessing a configuration item that does not exist. You need to debug that, one way or another. I have to admit that it is not that easy with RouterOS sometimes.
 
hafte
just joined
Posts: 15
Joined: Tue Jan 03, 2023 6:00 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 5:04 pm

@eworm - You are probably right, but how to find where is the specific syntax error, to be able to fix it. Scripts do all what is required and only say check manualy :-)
It's not about syntax errors, but runtime errors. Probably your script is accessing a configuration item that does not exist. You need to debug that, one way or another. I have to admit that it is not that easy with RouterOS sometimes.
Important is that sripts are working. Will fight with syntax to tune them later :-)
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 5:19 pm

woooa
CHR, 7.14.3 -> 7.15
free memory decreased significantly
Always read the release notes before you install!
 
whatever
Member
Member
Posts: 366
Joined: Thu Jun 21, 2018 9:29 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 5:36 pm

I decided to skip 7.14, but 7.15 appears to be worth updating. Great changelog.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 5:50 pm

woooa
CHR, 7.14.3 -> 7.15
free memory decreased significantly
Probably cause of:
*) x86/chr - improved panic saving (increased minimal RAM requirements to 256MB);
 
User avatar
mantouboji
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Aug 01, 2022 2:21 pm
Location: Shanghai

Re: v7.15 [stable] is released!

Thu May 30, 2024 5:52 pm

A wonderful update.

SSH ed25519 private key works fine, but why must PKCS8 format?
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 5:59 pm

hAP ax2 7.15 don't work Access List - this rule don’t work:
/interface wifi access-list
add action=accept allow-signal-out-of-range=always disabled=yes signal-range=-75..0
add action=reject disabled=yes
After update to 7.15 no one can connect via WiFi
I doubt this is the reason. you pasted two disabled Access List rules.....
 
User avatar
nithinkumar2000
Member Candidate
Member Candidate
Posts: 167
Joined: Wed Sep 11, 2019 7:42 am
Location: Coimbatore
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 6:13 pm

*) ppp - added "enable-ipv6-accounting" option under PPP AAA menu (CLI only);

But i can see the Enable IPv6 Accounting Option in Winbox itself...
Screenshot 2024-05-30 203926.png
You do not have the required permissions to view the files attached to this post.
 
Evgeniy29
just joined
Posts: 2
Joined: Wed Aug 12, 2020 6:50 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Thu May 30, 2024 6:26 pm

I turned them off so that wifi would work

08:87:C7:54:87:F8@wifi1 associated, signal strength 37
08:87:C7:54:87:F8@wifi1 connected, signal strength 37
1C:57:DC:6C:C6:BA@wifi1 associated, signal strength 59
1C:57:DC:6C:C6:BA@wifi1 connected, signal strength 59

in the log the signal strength is greater than zero, but should be less.
hAP ax2 7.15 don't work Access List - this rule don’t work:
/interface wifi access-list
add action=accept allow-signal-out-of-range=always disabled=yes signal-range=-75..0
add action=reject disabled=yes
After update to 7.15 no one can connect via WiFi
I doubt this is the reason. you pasted two disabled Access List rules.....
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Thu May 30, 2024 6:39 pm

@Evgeniy29

viewtopic.php?t=206877#p1075214
viewtopic.php?t=206877&start=300#p1077122

This problem was still in beta version
 
Evgeniy29
just joined
Posts: 2
Joined: Wed Aug 12, 2020 6:50 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Thu May 30, 2024 6:51 pm

The wifi driver in the new ROS does not display the connection signal level correctly.

@Evgeniy29

viewtopic.php?t=206877#p1075214
viewtopic.php?t=206877&start=300#p1077122

This problem was still in beta version
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2975
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v7.15 [stable] is released!

Thu May 30, 2024 7:12 pm

@eworm - You are probably right, but how to find where is the specific syntax error, to be able to fix it. Scripts do all what is required and only say check manualy :-)
Use CLI ... navigate to scripts and then "print" them and the error would be highlited/reported in terminal ... strange synteax checking but better that than nothing
 
User avatar
netravnen
Frequent Visitor
Frequent Visitor
Posts: 77
Joined: Sun Dec 31, 2017 2:48 am

Re: v7.15 [stable] is released!

Thu May 30, 2024 7:19 pm

*) ptp - added PTP support for CCR2116 device;
:)
[admin@ccr2116] > /system/ptp
bad command name ptp (line 1 column 9)
:-(

The PTP functionality seems to not be accessible in neither Winbox, nor the CLI...
[admin@ccr2116] > /system/routerboard/print 
       routerboard: yes
             model: CCR2116-12G-4S+
     serial-number: ***********
     firmware-type: al64v3
  factory-firmware: 7.8
  current-firmware: 7.15
  upgrade-firmware: 7.15

[admin@ccr2116] > /system/package/print proplist=name,version where name=routeros
Columns: NAME, VERSION
# NAME      VERSION
5 routeros  7.15   
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 8:45 pm

@Evgeniy29

viewtopic.php?t=206877#p1075214
viewtopic.php?t=206877&start=300#p1077122

This problem was still in beta version
another one:

viewtopic.php?t=206877&start=300#p1077877
Screenshot_20240530-194820.png
You do not have the required permissions to view the files attached to this post.
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.15 [stable] is released!

Thu May 30, 2024 9:15 pm

I also have positive signal strenghts issue and roaming is messed up, multiple devices randomly roam from 5ghz to 2ghz 1-2m from ap under full signal(below -40 db ) and then hang on 2ghz, which makes no sense and never had such issues on prev versions.
 
m4rk3J
newbie
Posts: 35
Joined: Thu Jan 27, 2022 2:41 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 9:33 pm

AX HW or older ARM AC with wave2 drivers?
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.15 [stable] is released!

Thu May 30, 2024 10:12 pm

AX HW or older ARM AC with wave2 drivers?
Hap ax3
 
PhilB
just joined
Posts: 19
Joined: Tue Jun 05, 2012 10:00 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 11:02 pm

*) route - do not redistribute loopback address as connected route;

Good lord, why? Why would you do this?

You introduce loopbacks just long enough ago that a bunch of people will have started using them, the vast majority of them will have been configured to be redistributed, and now... they're no longer part of "connected" routes? What are they if not connected? How do you envisage upgrading to this version if you're already relying on loopbacks being redistributed? Who on earth asked for this when as far as I know every other vendor treats loopbacks as connected?
 
FezzFest
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Wed Jun 03, 2015 12:03 am

Re: v7.15 [stable] is released!

Thu May 30, 2024 11:06 pm

@PhilB, that's exactly what I was thinking. Since v7.14 we finally have a real loopback interface, one release later it's being stripped of its functionality. Guess I'll keep using bridges then?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Thu May 30, 2024 11:21 pm

??? How not distributing 127.0.0.1 address is "stripping functionality"? It does not even make sense to distribute 127.0.0.1, it is called "localhost" for a reason.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu May 30, 2024 11:36 pm

??? How not distributing 127.0.0.1 address is "stripping functionality"? It does not even make sense to distribute 127.0.0.1, it is called "localhost" for a reason.
When you are not distributing 127.0.0.1, you should have written that.
Loopback address is ambiguous as it can refer to the address of the loopback interface, which now can have other addresses than 127.0.0.1 as well.
 
FezzFest
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Wed Jun 03, 2015 12:03 am

Re: v7.15 [stable] is released!

Thu May 30, 2024 11:49 pm

@mrz: if it's only 127.0.0.1 you're no longer distributing, it makes total sense and my comment/complaint is not applicable.
As @pe1chl mentioned you might want to clarify that changelog entry though:
*) route - do not redistribute 127.0.0.1 as connected route;
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.15 [stable] is released!

Fri May 31, 2024 12:00 am

After Long Wait ROS v7.15 with huge change log is here
247 listed. Exactly the same as in 7.14 ;)
 
optio
Forum Veteran
Forum Veteran
Posts: 945
Joined: Mon Dec 26, 2022 2:57 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 12:38 am

:retrun command called from script (eg. :return ""), not inside function, used to exit script if some condition matches where script doesn't need to continue executing generates error log "executing script <script_name> from <winbox|scheduler> failed, please check it manually", from terminal doesn't produce error, eg:
{:return ""}
or:
:do {:return ""} on-error={:put error}
Error is not printed.
I had to mute script,error topic to avoid log bloat with these log records mainly generated from short interval schedulers. Please fix this.
 
PhilB
just joined
Posts: 19
Joined: Tue Jun 05, 2012 10:00 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 3:13 am

??? How not distributing 127.0.0.1 address is "stripping functionality"? It does not even make sense to distribute 127.0.0.1, it is called "localhost" for a reason.
as others have said, if the changelog entry really means "we won't redistribute 127.0.0.1 as a connected route" then the changelog needs to say specifically that, because now that you have the loopback interface type, "loopback address" is extremely ambiguous!
 
User avatar
sirbryan
Member
Member
Posts: 400
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.15 [stable] is released!

Fri May 31, 2024 5:36 am

??? How not distributing 127.0.0.1 address is "stripping functionality"? It does not even make sense to distribute 127.0.0.1, it is called "localhost" for a reason.
as others have said, if the changelog entry really means "we won't redistribute 127.0.0.1 as a connected route" then the changelog needs to say specifically that, because now that you have the loopback interface type, "loopback address" is extremely ambiguous!
Seriously, guys, cut them a little slack. Google "Loopback address" and >90% of the results refer to 127.0.0.1 (and a couple to ::1). You'll note that the terse changelog entry said "loopback address" singular, as in the loopback address. It didn't say "loopback interface" or "loopback addresses" or "addresses assigned to loopback."

Besides, had this been a real issue, it would have broken things pretty quickly during the beta cycle.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.15 [stable] is released!

Fri May 31, 2024 7:35 am

The issue with wifi access-list or in other words, wrong signal levels recognised at the beginning of wifi client connection, has been reproduced, and we will solve it as soon as possible. We are very sorry for any inconvenience caused.
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 7:36 am

if you have OSPF and assign some local address like 10.255.255.1/32 on loopback (lo) interface this is connected route is this allowed or not? or just the hardcoded (127.0.0.1) is not allowed?
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:09 am

@loloski
just 127.0.0.1
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:17 am

Exciting release packed with updates and bug fixes. My whole fleet of routers (30+, various architectures) updated successfully, and good to see over 700kb of free space on my hAP ac2 (from around 300kb on 7.14.3)
Good job dev team :D
Updating an entire fleet of routers within 2 hours after release of a .0 release?
I hope it is a test network...
Here is one example why I do wait some weeks before upgrade more that some test devices
The issue with wifi access-list or in other words, wrong signal levels recognized at the beginning of wifi client connection, has been reproduced, and we will solve it as soon as possible. We are very sorry for any inconvenience caused.
This is far from the first time some are broken on the first releases of new version.
 
DjM
Member Candidate
Member Candidate
Posts: 116
Joined: Sun Dec 27, 2009 2:44 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:20 am

Hello MikroTik team,

Was the REST API user logout issue solved, please? - topic is discussed here: viewtopic.php?t=207040 , unfortunatelly there was no reply with SUP ticket ID.

Thank you

Update:
Topic will be solved in 7.16.
Last edited by DjM on Fri May 31, 2024 10:17 am, edited 1 time in total.
 
User avatar
baragoon
Member
Member
Posts: 382
Joined: Thu Jan 05, 2017 10:38 am
Location: Kyiv, UA
Contact:

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:39 am

@loloski
just 127.0.0.1
What about ::1 ?
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:40 am

Are there problems with the access list only in the wifi-qcom driver, or in the others too?
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:41 am

@baragoon
If I understand correctly, then there too.
That is, localhost in general
 
brandaoeb
just joined
Posts: 6
Joined: Fri Jan 27, 2017 9:06 am

Re: v7.15 [stable] is released!

Fri May 31, 2024 9:56 am

Scripts error is very annoying .... :( and dificult to check :( at least for me.
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.15 [stable] is released!

Fri May 31, 2024 10:20 am

@netravnen, thanks for letting us know. The PTP for CCR2116 devices will be available starting from v7.16.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 10:40 am

Seriously, guys, cut them a little slack. Google "Loopback address" and >90% of the results refer to 127.0.0.1 (and a couple to ::1).
Well, generally that is what is referred to as "the loopback address".
But in certain circles, certainly the users of OSPF, it is popular to refer to "the loopback address" as a unique address put on each router to have a static and unique address on each router, which is beneficial to the stability/managability of the routing protocol.
As in this case the change log entry is related to the routing, I am not at all surprised that people are confused.
 
Jörg
just joined
Posts: 3
Joined: Thu May 18, 2023 6:54 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 11:26 am

Hello,
I have to say that after the update my WIFI devices connect much much much better!!! I have three cAPGi-5HaxD2HaxD
Roaming also works better now.
Devices that previously only knew 2 GHz now connect stably to 5 GHz

@ Mikrotik Support - really GREAT WORK!!!

But one device (a Samsung washer) cannot log into the WIFI network. It couldn't do that in any of the older versions either.
Here is a log from 25 seconds:
# 2024-05-31 10:16:46 by RouterOS 7.15
# software id = UGTZ-ZKF4
#
 08:50:35 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 connected, signal strength -47
 08:50:35 dhcp,info dhcp-VLAN32 assigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:35 script,info DHCP2DNS: registering static domain name Waschmaschine-Samsung-KG-Kueche.32.hnet for address 10.18.32.51 with ttl 00:05:00
 08:50:35 system,info static dns entry added by script:dhcp-lease-script (*30BE3 = /ip dns static add address=10.18.32.51 comment=#DHCP disabled=no name=Waschmaschine-Samsung-KG-Kueche.32.hnet ttl=5m)
 08:50:37 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 disconnected, connection lost, signal strength -47
 08:50:40 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 connected, signal strength -48
 08:50:40 dhcp,info dhcp-VLAN32 deassigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:40 script,info DHCP2DNS: removing static domain name(s) for address 10.18.32.51
 08:50:40 system,info static dns entry removed by script:dhcp-lease-script/action:5804 (/ip dns static remove *30BE3)
 08:50:40 dhcp,info dhcp-VLAN32 assigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:40 script,info DHCP2DNS: registering static domain name Waschmaschine-Samsung-KG-Kueche.32.hnet for address 10.18.32.51 with ttl 00:05:00
 08:50:40 system,info static dns entry added by script:dhcp-lease-script (*30BE4 = /ip dns static add address=10.18.32.51 comment=#DHCP disabled=no name=Waschmaschine-Samsung-KG-Kueche.32.hnet ttl=5m)
 08:50:42 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 disconnected, connection lost, signal strength -48
 08:50:46 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 connected, signal strength -48
 08:50:46 dhcp,info dhcp-VLAN32 deassigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:46 script,info DHCP2DNS: removing static domain name(s) for address 10.18.32.51
 08:50:46 system,info static dns entry removed by script:dhcp-lease-script/action:5805 (/ip dns static remove *30BE4)
 08:50:46 dhcp,info dhcp-VLAN32 assigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:46 script,info DHCP2DNS: registering static domain name Waschmaschine-Samsung-KG-Kueche.32.hnet for address 10.18.32.51 with ttl 00:05:00
 08:50:46 system,info static dns entry added by script:dhcp-lease-script (*30BE5 = /ip dns static add address=10.18.32.51 comment=#DHCP disabled=no name=Waschmaschine-Samsung-KG-Kueche.32.hnet ttl=5m)
 08:50:48 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 disconnected, connection lost, signal strength -47
 08:50:52 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 connected, signal strength -47
 08:50:53 dhcp,info dhcp-VLAN32 deassigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:53 script,info DHCP2DNS: removing static domain name(s) for address 10.18.32.51
 08:50:53 system,info static dns entry removed by script:dhcp-lease-script/action:5806 (/ip dns static remove *30BE5)
 08:50:53 dhcp,info dhcp-VLAN32 assigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:53 script,info DHCP2DNS: registering static domain name Waschmaschine-Samsung-KG-Kueche.32.hnet for address 10.18.32.51 with ttl 00:05:00
 08:50:53 system,info static dns entry added by script:dhcp-lease-script (*30BE6 = /ip dns static add address=10.18.32.51 comment=#DHCP disabled=no name=Waschmaschine-Samsung-KG-Kueche.32.hnet ttl=5m)
 08:50:55 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 disconnected, connection lost, signal strength -49
 08:50:59 wireless,info 88:57:1D:4C:9A:B1@A6-CAPax--KG-FL--2-GHz-6 connected, signal strength -46
 08:50:59 dhcp,info dhcp-VLAN32 deassigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:59 script,info DHCP2DNS: removing static domain name(s) for address 10.18.32.51
 08:50:59 system,info static dns entry removed by script:dhcp-lease-script/action:5807 (/ip dns static remove *30BE6)
 08:50:59 dhcp,info dhcp-VLAN32 assigned 10.18.32.51 for 88:57:1D:4C:9A:B1 Samsung-Washer
 08:50:59 script,info DHCP2DNS: registering static domain name Waschmaschine-Samsung-KG-Kueche.32.hnet for address 10.18.32.51 with ttl 00:05:00
 08:50:59 system,info static dns entry added by script:dhcp-lease-script (*30BE7 = /ip dns static add address=10.18.32.51 comment=#DHCP disabled=no name=Waschmaschine-Samsung-KG-Kueche.32.hnet ttl=5m)
Is there anything you can do about it?


Best regards Jörg
 
deadmaus911
just joined
Posts: 1
Joined: Wed Apr 25, 2018 3:47 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 11:32 am

Nice work!
But, after rebooting the router, the adlist does not load again and it stops working.
Also please specify what memory is used at the moment of adlist loading. I noticed that at the moment of booting, the number in the Sector write since reboot has been increased
 
User avatar
mantouboji
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Aug 01, 2022 2:21 pm
Location: Shanghai

Re: v7.15 [stable] is released!

Fri May 31, 2024 12:14 pm

In here: https://help.mikrotik.com/docs/display/ ... rivatekeys

you say the private key supports both PEM and PKCS#8 format.

But in fact , 7.15 can only import ED25519 private key in PKCS#8 format, no PEM .
 
WeWiNet
Long time Member
Long time Member
Posts: 610
Joined: Thu Sep 27, 2018 4:11 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 12:22 pm

I turned them off so that wifi would work

08:87:C7:54:87:F8@wifi1 associated, signal strength 37
08:87:C7:54:87:F8@wifi1 connected, signal strength 37
1C:57:DC:6C:C6:BA@wifi1 associated, signal strength 59
1C:57:DC:6C:C6:BA@wifi1 connected, signal strength 59

in the log the signal strength is greater than zero, but should be less.


I doubt this is the reason. you pasted two disabled Access List rules.....
The signal range does nothing, as you allow it "ALWAYS" to be out of range. So whatever the signal range is, this rule will work...
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 1:12 pm

"allow-signal-out-of-range (time period | 'always')
The length of time which a connected peer's signal strength is allowed to be outside the range required by the signal-range parameter, before it is disconnected.

If the value is set to 'always', peer signal strength is only checked during association."
https://help.mikrotik.com/docs/display/ ... 2Drange%20(,strength%20is%20only%20checked%20during%20association.
 
ntokos
just joined
Posts: 4
Joined: Thu Nov 27, 2014 6:01 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 1:13 pm


*) winbox - renamed "Channel" column to "Current Channel" under "Wifi" menu;
A similar change is needed for the "Tx Power" column, currently there are two columns with the same name which results in empty data if you reopen the WiFi window.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 2:02 pm


*) winbox - renamed "Channel" column to "Current Channel" under "Wifi" menu;
A similar change is needed for the "Tx Power" column, currently there are two columns with the same name which results in empty data if you reopen the WiFi window.
There are many such cases in RouterOS/Winbox! There really should be someone who walks along all property lists and weeds them out.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15 [stable] is released!

Fri May 31, 2024 2:04 pm

FWIW upgraded home capsman setup with RB5009 / AX3 / AX2 / AXLite and a separate mAP.
No problems on any of those devices.

Not even with positive signal levels :)
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 2:04 pm

But one device (a Samsung washer) cannot log into the WIFI network. It couldn't do that in any of the older versions either.
Is there anything you can do about it?
Turn off fast roaming support... that usually fixes connection problems for old or simple devices.
You can create another SSID for only those devices and leave fast roaming on the primary network.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 2:29 pm

I observed this positive signal thing already some time ago on 7.13. viewtopic.php?t=205815
 
aindless
just joined
Posts: 5
Joined: Tue Nov 21, 2023 3:17 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 2:33 pm

I did play around with Adlist a bit but, if what I've read is correct, it doesn't work when DoH is enabled and it also consumes a lot of RAM.
The Big OISD recommended list consumes ~ 31 MB of ram.
 
Johann1525
just joined
Posts: 2
Joined: Fri Oct 27, 2023 12:00 am

Re: v7.15 [stable] is released!

Fri May 31, 2024 2:33 pm

Hi,

i know this is kind of cosmetic.
Some time ago i filed SUP135576. It was closed with the answer, that this behavior will be fixed in some upcoming version. Unfortunately it seems to persist in this Version.
I think /ping and traceroute should behave like in other OSs so troubleshooting will be more straight forward. And the response is also kind of false.
Since ping can do IPv6 a AAAA should be a appropriate record.

Currently its like this:
[johann@hap1] > :put [:resolve ipv4.ipv64.net] 
144.76.85.238
[johann@hap1] > :put [:resolve ipv6.ipv64.net] 
2a01:4f8:192:1326::bad:c0de
[johann@hap1] > ping ipv4.ipv64.net           
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                                                    
    0 144.76.85.238                              56  56 72ms269us 
    1 144.76.85.238                              56  56 72ms587us 
    2 144.76.85.238                              56  56 72ms662us 
    sent=3 received=3 packet-loss=0% min-rtt=72ms269us avg-rtt=72ms506us max-rtt=72ms662us 

[johann@hap1] > ping 2a01:4f8:192:1326::bad:c0de
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                                                    
    0 2a01:4f8:192:1326::bad:c0de                56  58 17ms516us  echo reply                                                                                
    1 2a01:4f8:192:1326::bad:c0de                56  58 17ms93us   echo reply                                                                                
    2 2a01:4f8:192:1326::bad:c0de                56  58 17ms252us  echo reply                                                                                
    sent=3 received=3 packet-loss=0% min-rtt=17ms93us avg-rtt=17ms287us max-rtt=17ms516us 

[johann@hap1] > ping ipv6.ipv64.net              
invalid value for argument address:
    invalid value of mac-address, mac address required
    invalid value for argument ipv6-address
    failure: dns name exists, but no appropriate record
[johann@hap1] > 
Thank you very much for looking into this and the awesome work in this release.
 
h1ghrise
newbie
Posts: 44
Joined: Fri Apr 14, 2023 5:05 pm
Location: Vienna, Austria

Re: v7.15 [stable] is released!

Fri May 31, 2024 2:54 pm

*) smb - do not allow setting empty "comment" or "domain" properties;
Does this include fix to SUP-146116 (RB5009 crashes when accessing SMB share)?
 
User avatar
Ca6ko
Long time Member
Long time Member
Posts: 525
Joined: Wed May 04, 2022 10:59 pm
Location: Kharkiv, Ukraine

Re: v7.15 [stable] is released!

Fri May 31, 2024 3:32 pm

hAP ax2 7.15 don't work Access List - this rule don’t work:

/interface wifi access-list
add action=accept allow-signal-out-of-range=always signal-range=-75..0
add action=reject

After update to 7.15 no one can connect via WiFi
Setting signal-range=-75..120 should solve the problem
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 3:39 pm

Setting signal-range=-75..120 should solve the problem
I am surprised that people do not have that already. In the manual it says that the default range is -120..120 so I would expect that one starts from there.
However, there appears to be a (new?) bug as now, when creating a new access rule with signal level, the initial range is 0..0.
That is of course not good. It looks like this bug was introduced with the wifi-qcom drivers.
 
Ernst
just joined
Posts: 4
Joined: Thu Aug 30, 2018 12:42 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 4:01 pm

!) system - added support for AMPERE (R) and ARM64 CHR installations (new ARM64 CHR image available);
--> So ROS will run on Raspberry Pi? That would be nice :)
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 3135
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: v7.15 [stable] is released!

Fri May 31, 2024 4:12 pm

i updated some CRS-317 switches from 7.12.1 to 7.15 without problem, and enabled qos-hw-offloading just to see the counters with default configuration and all good
but
One switch which had the following ACL on interface towards provider cease to forward traffic on that interface after enabling qos-hw-offloading
/interface ethernet switch rule
add dst-mac-address=01:80:C2:00:00:00/FF:FF:FF:FF:FF:FF new-dst-ports="" ports=sfp-8 switch=switch1
started to show sfp-8:0 discarding sfp-8:0 learning in logs

just disabling qos-hw-offloading issuing the following command solves the situation
interface/ethernet/switch/set qos-hw-offloading=no switch1
sorry i dont tried removing that ACL to test, but thats the only relevant difference in config between the switch which presented the issue and other switch
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 4:31 pm

!) system - added support for AMPERE (R) and ARM64 CHR installations (new ARM64 CHR image available);
--> So ROS will run on Raspberry Pi? That would be nice :)
As long as your R Pi runs a hypervisor (CHRs run as virtual machines, not on bare metal).
 
User avatar
krafg
Forum Guru
Forum Guru
Posts: 1042
Joined: Sun Jun 28, 2015 7:36 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 5:00 pm

Upgraded without issues.

Thanks and regards.
 
sergiot77
just joined
Posts: 7
Joined: Tue Mar 28, 2023 1:14 am

Re: v7.15 [stable] is released!

Fri May 31, 2024 6:52 pm

I try today v7.15 on 3 different 4011.
VPLS vs 7.14 2216 doesn't go running.
After dowgrade it to 7.14 interface goes up with no configuration change.
Anyone noticed this issue?
 
User avatar
kiboi
just joined
Posts: 1
Joined: Wed Oct 16, 2019 9:26 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 7:48 pm

RB4011iGS+ seems to shut ethernet ports randomly.
CRS518CRS518-16XS-2XQ, CRS326-24S+2Q+, and CRS106-1C-5S are experiencing lags, timeouts, and reduced throughput
Downgrade back to 7.14.3 all fine is fine.
 
Jörg
just joined
Posts: 3
Joined: Thu May 18, 2023 6:54 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:05 pm

Turn off fast roaming support... that usually fixes connection problems for old or simple devices.
You can create another SSID for only those devices and leave fast roaming on the primary network.
Hello pe1chl,
Thank you very much for your help!
But the log posted is with a single CAP, with a single SSID and without roaming.
I've had the CAPs since late last summer. Since then I've read tons of forum posts, wikis, user manuals and watched videos. I've tried all of the tips recommended there. ALL of them didn't work. The device won't log into the WIFI with a CAP.
This isn't a problem with the configuration, it's a problem that only Mikrotik support can solve.
By the way, the washer connects to an AVM Fritzbox 7590 or 7530 without the slightest problem.

Best regards, Jörg
 
Jörg
just joined
Posts: 3
Joined: Thu May 18, 2023 6:54 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:14 pm

RB4011iGS+ seems to shut ethernet ports randomly.
I have the same device and that's why I checked specifically; I haven't seen any port failure for about 18 hours.

best regards
Jörg
 
vovan700i
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Wed Jun 06, 2012 8:34 am

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:46 pm

!) system - added support for AMPERE (R) and ARM64 CHR installations (new ARM64 CHR image available);
--> So ROS will run on Raspberry Pi? That would be nice :)
Does it also mean ZeroTier finally comes to CHR? Has anybody tried to install zerotier.npk on ARM64 CHR?
 
cashwu
just joined
Posts: 4
Joined: Mon Sep 12, 2016 5:42 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 8:56 pm

CHR:
/system/routerboard disappeared?
Last edited by cashwu on Sat Jun 01, 2024 8:17 am, edited 2 times in total.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.15 [stable] is released!

Fri May 31, 2024 9:03 pm

hAP ax2 7.15 don't work Access List - this rule don’t work:

/interface wifi access-list
add action=accept allow-signal-out-of-range=always signal-range=-75..0
add action=reject

After update to 7.15 no one can connect via WiFi
Setting signal-range=-75..120 should solve the problem
If you want to reject connections when signal level is under -75 dBm, then only one rule should be needed which rejects signals in range -120..-75. Anything not matching the rule would be accepted.
signal-range=-120..-75 allow-signal-out-of-range=10s ssid-regexp="" action=reject 
 
mp3turbo
newbie
Posts: 30
Joined: Fri May 29, 2009 9:24 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 9:30 pm

>> RB4011iGS+ seems to shut ethernet ports randomly.
>> CRS518CRS518-16XS-2XQ, CRS326-24S+2Q+, and CRS106-1C-5S are experiencing lags, timeouts, and reduced throughput

most likely it's something in your configuration ; these are too much different hardware and would be already reported by massive amounts of people.
Dare to say more or post configuration without private/sensitive data ?
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 926
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: v7.15 [stable] is released!

Fri May 31, 2024 9:39 pm

CCR1009 RoS v 7.15 stable
All my scripts shown below run without error when launched from scripts or CLI or from scheduler under RoS 7.14.2

Under RoS 7.15 if they are launched from scheduler I get an error in log to check manually … when run from scripts or CLI no issue

I have a STARTUP script
:delay 10
/system script run dynu
:delay 5
/system script run roguevpn
:delay 5
/system script run RogueIP
:delay 5
/system script run pulldiff
:delay 5
/system script run fileiptik
 
DL7JP
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Sat Oct 19, 2013 4:14 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 10:47 pm

CCR1009 RoS v 7.15 stable
All my scripts shown below run without error when launched from scripts or CLI or from scheduler under RoS 7.14.2

Under RoS 7.15 if they are launched from scheduler I get an error in log to check manually … when run from scripts or CLI no issue
Same here, but not consistently each time it runs, just occasionally.
 
Network5
newbie
Posts: 30
Joined: Sat Mar 22, 2014 11:42 pm

Re: v7.15 [stable] is released!

Fri May 31, 2024 11:06 pm

I try today v7.15 on 3 different 4011.
VPLS vs 7.14 2216 doesn't go running.
After dowgrade it to 7.14 interface goes up with no configuration change.
Anyone noticed this issue?
We had to disable MPLS on all our 2216 because of substantial packet drops on 7.14.3. The VPLS tunnels were running but unusable due to packet loss, which was also present in packets routed on the core network. We are still investigating, cause the issue is present only on 2216. There has been no reply from support jet.
 
DL7JP
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Sat Oct 19, 2013 4:14 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 2:22 am

Something is weird with 7.15: I had lots of dropped packet on some ports on a RB1100AHx4, downgrading to 7.14.3 solved the problem. This happened after the router ran for several hours on 7.15. Re-booting did not help. Very weird - I did not investigate it in more details, since it more or less brought down the whole LAN.

The warning about checking the script execution manually also disappeared after downgrading to 7.14.3.
 
narapon
just joined
Posts: 3
Joined: Wed Jul 30, 2014 5:42 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 6:45 am

Disappointed not to see a router fix for wireguard coming in on WAN2 when WAN2 is secondary WAN and mangling this traffic does not work.
Disappointed too, tried mangling and route rules, all goes back to main route table, hope to see this in the next release!
 
t0mm13b
just joined
Posts: 18
Joined: Sat Mar 04, 2023 5:11 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 11:01 am

Any chateau LTE 12 users with 16Mb flash upgraded to this release?
 
davetickem
just joined
Posts: 1
Joined: Thu Jun 11, 2020 6:13 pm
Location: London

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 11:22 am

RB4011iGS+ seems to shut ethernet ports randomly.
...
Upgraded a pair of RB4011 here, selected as one is original and other is a rev2. Ethernet ports stable for 24 hours - early days. Will keep monitoring ...

ps. off topic I know, but anyone else experience the rev2 rb4011 running about 10deg cooler? (al31400 vs al21400 ? )
 
optio
Forum Veteran
Forum Veteran
Posts: 945
Joined: Mon Dec 26, 2022 2:57 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 12:35 pm

Any chateau LTE 12 users with 16Mb flash upgraded to this release?
I did, only issue I have so far is this. I'm still using legacy wireless package since I was unable to install combination of wifi-qcom-ac with containers and larger custom config on 16MB device. Now I noticed that some space is freed (approx. 450KiB free before, now 1040 KiB) and maybe wifi-qcom-ac will fit now, will try it when I find time.
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 1:03 pm

Did you fix the memory leak issue in 7.15 final? I'm still running 7.15RC3 to prove to this forum that RouterOS 7.x has a SERIOUS memory problem for the non-believers. Now after about 18 days I only have 15.8 MiB memory free (from 256 MiB). And the memory constantly and regularly decreases.
You do not have the required permissions to view the files attached to this post.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 1:11 pm

There seems to be stability issues with Chateau 5G after modem firmware and ROS upgrade.

After upgrading the modem firmware to the latest version along with upgrading to ROS v7.15 the modem has become very unstable with either randomly resetting itself with error “lte1 mbim: modem's control interface have reset (4)” in the logs or with completely getting into an invalid state with repeated “lte1: no response for: AT E0 V1” errors in the log and needing to restart the whole device to recover itself.

[SUP-154766]

On every other device that I've installed v7.15 (CCR2116, CCR2004, CCR1036, CRS326, CRS318, RB5009, RB4011, RB3011, hAP Lite, CHR), I've got no issues whatsoever.
 
entepcetfevo
just joined
Posts: 4
Joined: Sat Mar 25, 2023 9:40 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 1:40 pm

hAP ax3, 7.15 and Chromecast strange behaviour.
When I cast a movie from my smartphone to my TV via Chromecast, in a few seconds —no more than 10–20 seconds— all the WiFi devices in the house get disconnected. I mean all of them, 2 phones, 1 laptop and Chromecast itself.
Downgrading to 7.14.3 solved the problem.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 1:53 pm

No such issue here with ax2/ax3 and Chromecast ?
 
templeos
just joined
Posts: 19
Joined: Mon Aug 26, 2019 3:58 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 2:22 pm

There seems to be stability issues with Chateau 5G after modem firmware and ROS upgrade.
I also noticed that there's a firmware upgrade for RG502Q-EA. From RG502QEAAAR13A03M4G_02.001.02.001 to RG502QEAAAR13A03M4G_02.002.02.002

No mention in the changelog as always, I haven't upgraded yet.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 2:51 pm

Anyone has a link for the previous firmware version RG502QEAAAR13A03M4G_02.001.02.001 so I can downgrade?
 
optio
Forum Veteran
Forum Veteran
Posts: 945
Joined: Mon Dec 26, 2022 2:57 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 3:11 pm

Anyone has a link for the previous firmware version RG502QEAAAR13A03M4G_02.001.02.001 so I can downgrade?
https://upgrade.mikrotik.com/firmware/R ... .001/image
Double check if RG502Q-EA is correct modem model on your device.
 
JL2000
just joined
Posts: 2
Joined: Thu Mar 14, 2024 9:19 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 3:54 pm

#anav, #narapon, #Guscht, im also waiting for this fix.

In the meantime i'm using workaround to force wireguard traffic getting response from WAN2 if it was intiali send to WAN2. So you can say that there is a way to get properly working wireguard wtih two wan's which allows some users by contected to wan1 and some to wan2 in same time. It's done by mangle rules with little trick/hack. Tested on ROS 7.12 and below, gonna test it next week on 7.15, i'm almost sure its still gonna work.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 5:31 pm

Anyone has a link for the previous firmware version RG502QEAAAR13A03M4G_02.001.02.001 so I can downgrade?
https://upgrade.mikrotik.com/firmware/R ... .001/image
Double check if RG502Q-EA is correct modem model on your device.
Thanks!
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 5:56 pm

Did you fix the memory leak issue in 7.15 final? I'm still running 7.15RC3 to prove to this forum that RouterOS 7.x has a SERIOUS memory problem for the non-believers. Now after about 18 days I only have 15.8 MiB memory free (from 256 MiB). And the memory constantly and regularly decreases.
Small memory leak update. The kernel crashed apparently out of memory with the autosupout.rif file generated. I uploaded it to an existing open ticket SUP-147911. I hope Mikrotik engineers find the cause and fix it.
You do not have the required permissions to view the files attached to this post.
 
jaxed7
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Wed May 17, 2023 11:15 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 7:44 pm

---
Last edited by jaxed7 on Sun Jun 02, 2024 12:50 am, edited 1 time in total.
 
User avatar
jspool
Member
Member
Posts: 472
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 7:50 pm

MQTT no longer works after upgrade to 7.15
 
User avatar
qatar2022
Member Candidate
Member Candidate
Posts: 176
Joined: Mon Aug 24, 2020 11:12 am

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 8:41 pm

Disappointed IOT does not get connection to the internet and when I downgrade to 7.14.3 connected again to the internet
 
narapon
just joined
Posts: 3
Joined: Wed Jul 30, 2014 5:42 pm

Re: v7.15 [stable] is released!

Sat Jun 01, 2024 11:20 pm

#anav, #narapon, #Guscht, im also waiting for this fix.

In the meantime i'm using workaround to force wireguard traffic getting response from WAN2 if it was intiali send to WAN2. So you can say that there is a way to get properly working wireguard wtih two wan's which allows some users by contected to wan1 and some to wan2 in same time. It's done by mangle rules with little trick/hack. Tested on ROS 7.12 and below, gonna test it next week on 7.15, i'm almost sure its still gonna work.
Do show us how you did it, i'll try it out on 7.15 too to see if it works the same
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 12:36 am

Anyone has a link for the previous firmware version RG502QEAAAR13A03M4G_02.001.02.001 so I can downgrade?
https://upgrade.mikrotik.com/firmware/R ... .001/image
Double check if RG502Q-EA is correct modem model on your device.
Unfortunately I cannot get it to downgrade.
It downloads the firmware, it starts installing it and then the interface goes in invalid state and it never recovers. After a reboot the newest firmware is still installed.
 > /interface/lte/firmware-upgrade lte1 upgrade=yes firmware-file="https://upgrade.mikrotik.com/firmware/RG502Q-EA/RG502QEAAAR13A03M4G_02.001.02.001/image"
  status: firmware timeout
 
optio
Forum Veteran
Forum Veteran
Posts: 945
Joined: Mon Dec 26, 2022 2:57 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 1:36 am

Unfortunately I cannot get it to downgrade.
It downloads the firmware, it starts installing it and then the interface goes in invalid state and it never recovers. After a reboot the newest firmware is still installed.
Did you try download image with fetch and set image filename for firmware-file instead url?
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 1:46 am

Yes I tried it that way too but the result is the same.
I also tried downgrading to 7.14.3 and then trying to downgrade the firmware but no luck either.

In fact, on 7.14.3 the interface lte1 instead of going into an invalid state, it completely disappears.
Some times it gets back on its own after a few minutes, or... not.

One thing I noticed, is that after a fresh boot, if I never open the lte1 interface on winbox, it seems more stable, as in it doesn't disconnect or disappears so often.
 
jsadler
just joined
Posts: 5
Joined: Tue Sep 18, 2018 1:10 pm
Location: New Zealand

Re: v7.15 [stable] - KNOT 'board-temperature' issue

Sun Jun 02, 2024 2:08 am

Since (probably) 7.15 the ‘Board Temperature’ of the KNOT (RB924i-2nD-BT5&BG77) is being reported as 0 degrees at all times.

I know it was OK at 7.13, I think it was OK at 7.14.3 but don’t have a screenshot. It is broken at 7.15.

See screenshots...
https://imgur.com/a/cs218RW
 
eguun
Frequent Visitor
Frequent Visitor
Posts: 83
Joined: Fri Apr 10, 2020 10:18 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 12:10 pm

@eworm - You are probably right, but how to find where is the specific syntax error, to be able to fix it. Scripts do all what is required and only say check manualy :-)
It's not about syntax errors, but runtime errors. Probably your script is accessing a configuration item that does not exist. You need to debug that, one way or another. I have to admit that it is not that easy with RouterOS sometimes.
thanks eworm for this pointer, was facing those errors popping up since 7.15 upgrade.

on my end it's because some of my scripts were testing conditions (with 'if') and if condition met, then would quit the script by calling ':error'
This was to avoid many nested if: instead of nesting if conditions to execute the desired code (and many tabs), I prefixed the desired code with exit conditions.
With 7.15, using ':error' or ':quit' in a script run with scheduler triggers this log warning.

I wish routerOS would have a simple break command in a script that we can call without triggering an error
 
optio
Forum Veteran
Forum Veteran
Posts: 945
Joined: Mon Dec 26, 2022 2:57 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 1:19 pm

I agree, commands like :error, :quit, :return are valid and it should not produce such error in log.
 
Pudpoh
just joined
Posts: 17
Joined: Thu Jan 11, 2024 6:39 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 1:22 pm

There seems to be stability issues with Chateau 5G after modem firmware and ROS upgrade.
I also noticed that there's a firmware upgrade for RG502Q-EA. From RG502QEAAAR13A03M4G_02.001.02.001 to RG502QEAAAR13A03M4G_02.002.02.002

No mention in the changelog as always, I haven't upgraded yet.
I upgraded to this modem version with my chateau 5g and use three UK, aggregates b1 + b3 +n78@100mhz +n78@40mhz. Still on 7.13.5, I've not upgraded to 7.15 yet, waiting for other with 16mb flash devices to go first.
 
m4rk3J
newbie
Posts: 35
Joined: Thu Jan 27, 2022 2:41 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 3:58 pm

OK, so the signal strength indicator has been broken in wifi-qcom-ac since day one and now it's also broken in the .ax drivers? Okay :D

This is how it looks for me - RB4011 as capsman controller, cAP ac as Wi-Fi APs. ROS 7.15. Signals just.. it doesn't make sense.
ac_signal.png
You do not have the required permissions to view the files attached to this post.
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 5:03 pm

upgrading from 7.14.3 to 7.15 completely broke my webfig skin configs, on all (really, ALL) my MK routers (different models)

backup from 7.14.3:
/user group set full skin=wifiquefunciona7

after upgrading to 7.15
/user group set full skin=*12C

of course the wifiquefunciona7.json file is still there, untouched

on most routers (lots of RB2011s, some 3011s and some 4011s and different CCRs), i could simply choose the skin again, and everything was OK. However, on RB750Gr3, I really cannot select the skin. File is there (where it should be), but not selectable via webfig/winbox. Via CLI, gives me an error.

My experience: upgrading 7.15 completely screwed skin configurations on ALL MK routers and, on RB750GR3, it cannot even be configured anymore (yes, tried rebooting quite a few times), redownloaded the file, everything ... it's just not working on RB750Gr3. I cannot reselect the skin despite everything that made it work previously (like rebooting)

EDIT: this seems to be related to the flash/ path on the RB750GR3, I downloaded my skin file to <root>/skins/wifiquefunciona7,json ... this file will NOT persist a reboot, I know. After downloading on the path without flash/ (basically memory filesystem), I could successfully selected the skin file and it worked fine. So it seems to be somehow related with the 'flash/' path required on the RB750Gr3s ... it's not working at all when skin file is placed there.
[admin@JacoCoelhoAdv] > /system/resource/print
[ .... ]
version: 7.15 (stable)
[ .... ]

[admin@JacoCoelhoAdv] > /file print where name~"skins"
 # NAME                          TYPE             SIZE CREATION-TIME
20 flash/skins                   directory             2024-06-02 10:52:13
23 flash/skins/wifiquefunciona7.json                .json file       3770 2024-06-02 10:57:15
....
[admin@JacoCoelhoAdv] > /user group set full skin=wifiquefunciona7
input does not match any value of skin
[admin@JacoCoelhoAdv] >
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 5:53 pm

on my end it's because some of my scripts were testing conditions (with 'if') and if condition met, then would quit the script by calling ':error'
This was to avoid many nested if: instead of nesting if conditions to execute the desired code (and many tabs), I prefixed the desired code with exit conditions.
With 7.15, using ':error' or ':quit' in a script run with scheduler triggers this log warning.

I wish routerOS would have a simple break command in a script that we can call without triggering an error
Very true, RouterOS is lacking a lot of control structures in scripting. A proper exit command (without error!) comes to mind, elif (as a step between if and else), and possibly most important continue (or next) and break (or last or whatever) in loops.

I have a long standing issue on this topic (SUP-112102). Please open your own, the more the better.
 
User avatar
VadiKO
just joined
Posts: 8
Joined: Wed May 20, 2020 11:48 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 6:39 pm

Setting signal-range=-75..120 should solve the problem
What is the meaning of this rule?
I never had it, I added it and some of the devices disconnected and more not can connect. It turns out that due to insufficient signal the rule prohibits them from connecting?
It is interesting that without this rule the devices will connect and work well.

P.S. After updating to 7.15 (hAP ax3), my Wi-Fi started to drop out randomly.
 
YO3IPT
just joined
Posts: 5
Joined: Fri Sep 11, 2020 12:37 am

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 7:39 pm

I have another issue with wifi, not sure if it's related to 7.15 but here is the behavior:
hAP ax3 with VLAN filtering active on the bridge and datapath VLAN configuration added in the wifi menu. I have wifi1 (master interface) set as AP with one of the datapath selected in the configuration. I have 2 more virtual AP with their respective datapath selected in the config. Up until now everything is working as it should...
However when I add one more virtual interface on the same master, but this one configured as station, without any datapath selected on it (this is needed to get internet from the on premise wireless) it is automatically added to the bridge as slave interface with a vlan ID of 1....
If I disable the datapath configuration, and manually add the wifi interfaces to the bridge with the vlan filtering set manually, obviously everything works as expected (the station interface is not added to the bridge and it connects just fine to the on premise wireless)
 
eguun
Frequent Visitor
Frequent Visitor
Posts: 83
Joined: Fri Apr 10, 2020 10:18 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 9:03 pm

on my end it's because some of my scripts were testing conditions (with 'if') and if condition met, then would quit the script by calling ':error'
This was to avoid many nested if: instead of nesting if conditions to execute the desired code (and many tabs), I prefixed the desired code with exit conditions.
With 7.15, using ':error' or ':quit' in a script run with scheduler triggers this log warning.

I wish routerOS would have a simple break command in a script that we can call without triggering an error
Very true, RouterOS is lacking a lot of control structures in scripting. A proper exit command (without error!) comes to mind, elif (as a step between if and else), and possibly most important continue (or next) and break (or last or whatever) in loops.

I have a long standing issue on this topic (SUP-112102). Please open your own, the more the better.
I am growing doubtful of raising of SUP-xxx resulting in material change, as there's countless raised SUP-xxx which failed to bring routerOS on par with linux-based counterparts:
  • still no way to extract content from regex
  • can't generate certificates with EC25519 or IPSec to support DH group 31 (EC25519)
  • below par error handling on scripts
  • struggling with fixing bugs induced in previous releases: fetch still reports errors "failure: there was no content-length or transfer-encoding" in spite of fixes since 3-4 releases, similar to wireguard error "Handshake for peer did not complete after 20 attempts" when peer has no endpoint
This comes on top of the discussed issue of lacking graceful exits of scripts like "exit" or similar.

I wish so much that your SUP-xxx proves me wrong.
 
StupidProgrammer
just joined
Posts: 13
Joined: Thu Dec 21, 2023 6:57 am

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 9:07 pm

P.S. After updating to 7.15 (hAP ax3), my Wi-Fi started to drop out randomly.
And this is why I'm still on 7.13 :(
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 9:33 pm

MQTT no longer works after upgrade to 7.15
I may have some to do with this:
viewtopic.php?t=207215

It was not mention in the change log, but its not the first time small changes are not mention in the log.
 
slav0nic
just joined
Posts: 9
Joined: Sun Oct 26, 2014 10:14 am

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 9:35 pm

P.S. After updating to 7.15 (hAP ax3), my Wi-Fi started to drop out randomly.
same for AX2
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 9:43 pm

P.S. After updating to 7.15 (hAP ax3), my Wi-Fi started to drop out randomly.
same for AX2
Ax3, ax2, ax lite ... no issues here. Nada.
 
blacksnow
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Wed Feb 15, 2023 4:46 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 10:04 pm

Same no issues here (ax3, ccr2216). In general there seems to be a lot of anger towards recent releases, I think Mikrotik team is doing a decent job. Nothing is perfect and nothing ever will be, but they are consistently and regularly making updates, which is more than can be said by a lot of vendors. I wish more people would test during the beta/rc periods with their nuanced setups. I mean if you are willing to upgrade to stable and encounter issues there what's the difference between that and upgrading to beta or rc (beta/rc has never bricked a router from my experience)? Obviously I understand some people are running these routers in businesses or ISP/WISP etc. but still no room at all to do a little testing? One last thing, I recommend as part of your troubleshooting steps for any particular issue (after trying everything else) save off your config with "sensitive" and then wipe/netinstall the router to the latest stable and rebuild the config using the commands you saved off. Often times there are changes that impact older configs due to how some settings are setup and they are not updated when you update the router.

Now for some of the cool stuff, I have noticed that at heavy loads on CCR2216 the distribution of core usage for routing/networking is much better in 7.15 than it was in 7.14 and I think the biggest difference I saw was between 7.15rc4 to rc5/stable. Before maybe 4-5 cores would be active and now I see all cores active around 10-15% rather than just a few cores active at 50-60%.
 
User avatar
ID
newbie
Posts: 35
Joined: Tue Dec 26, 2006 10:36 pm

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 10:12 pm

I wish more people would test during the beta/rc periods with their nuanced setups. I mean if you are willing to upgrade to stable and encounter issues there what's the difference between that and upgrading to beta or rc (beta/rc has never bricked a router from my experience)?
Because no one step forward and take a bullet first even stable releases. Just think about why.
 
User avatar
VadiKO
just joined
Posts: 8
Joined: Wed May 20, 2020 11:48 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 10:48 pm

Ax3, ax2, ax lite ... no issues here. Nada.
Ax3, have problem wi-fi, always disconnected
skrin.png
You do not have the required permissions to view the files attached to this post.
 
ips
Member Candidate
Member Candidate
Posts: 154
Joined: Mon Oct 09, 2023 6:48 pm
Location: Italy

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 11:21 pm

Maybe related to (the already known) errors in signal levels? Do you have access list rules?
 
User avatar
VadiKO
just joined
Posts: 8
Joined: Wed May 20, 2020 11:48 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 11:26 pm

No, I dont have access list rules.
I also think Maybe related to (the already known) errors in signal levels
 
killersoft
Member Candidate
Member Candidate
Posts: 263
Joined: Mon Apr 11, 2011 2:34 pm
Location: Victoria, Australia

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 11:35 pm

WORKS ON RASPBERRY PI 5 WITH PROXMOX V8.1.7(arm).
Now to make it run native(ish via adding in inject uefi boot platform ) on a pi-5....
.
MIKROTIK_PI_PROXMOX.jpg
You do not have the required permissions to view the files attached to this post.
Last edited by killersoft on Sun Jun 02, 2024 11:38 pm, edited 1 time in total.
 
ips
Member Candidate
Member Candidate
Posts: 154
Joined: Mon Oct 09, 2023 6:48 pm
Location: Italy

Re: v7.15 [stable] is released!

Sun Jun 02, 2024 11:37 pm

I'm observing random disconnections, too. But, fortunately, I notice them only on logs, as reconnections are fast enough. I have an hap ax3 and an hap ax lite.
 
dvdhngs
just joined
Posts: 10
Joined: Sun Feb 19, 2023 2:09 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 2:12 am

hello! well...
crs326, WITHOUT script... and:
executing script from winbox failed, please check it manually
 
moiskey
just joined
Posts: 9
Joined: Mon May 31, 2010 9:34 am

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 3:19 am

Hello everyone
I lost the temperature and voltage reading (system > health)
CRS112-8-4S
 
User avatar
Kentzo
Long time Member
Long time Member
Posts: 618
Joined: Mon Jan 27, 2014 3:35 pm
Location: California

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 5:32 am

I think builtin SMB server causes kernel panic and reboot after certain amount of data is being transferred (it appears in the direction from the Router).
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 7:37 am

viewtopic.php?t=208039&sid=9c3dc112466a ... b#p1078346

WireGuard creates a new connection when it communicates to the other end. Thus, standard load balancing will not work which handles replies, not new connections.

A possible solution would be to add-src-address to address list on new connections towards WireGuard UDP port, if received on WAN2. Then add a new mangle rule which marks routing with WAN2 mark for new connection from the router destined to the address list entries which were dynamically added to the list by the first rule.
 
User avatar
stmx38
Long time Member
Long time Member
Posts: 650
Joined: Thu Feb 14, 2008 4:03 pm
Location: Moldova, Chisinau

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 7:53 am

ax^3 works fine, single disconnections I see in the logs is related to the device which is the 5 floors away and signal is -86/-90 - so, it is expected.
Ax3, ax2, ax lite ... no issues here. Nada.
Ax3, have problem wi-fi, always disconnected

skrin.png
 
User avatar
FToms
MikroTik Support
MikroTik Support
Posts: 90
Joined: Fri Jul 24, 2020 3:28 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 7:55 am

When I cast a movie from my smartphone to my TV via Chromecast, in a few seconds —no more than 10–20 seconds— all the WiFi devices in the house get disconnected. I mean all of them, 2 phones, 1 laptop and Chromecast itself.
Please open a support ticket and include a supout file from the device.
 
User avatar
FToms
MikroTik Support
MikroTik Support
Posts: 90
Joined: Fri Jul 24, 2020 3:28 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 7:58 am

Ax3, have problem wi-fi, always disconnected
Please open a support ticket and include a supout file from the device.
 
denissMT
MikroTik Support
MikroTik Support
Posts: 55
Joined: Wed May 26, 2021 12:00 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:15 am

MQTT no longer works after upgrade to 7.15
Tested mosquitto and AWS and both brokers work on 7.15. Please send us a rif file via a ticket:
https://mikrotik.com/support
 
denissMT
MikroTik Support
MikroTik Support
Posts: 55
Joined: Wed May 26, 2021 12:00 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:16 am

Disappointed IOT does not get connection to the internet and when I downgrade to 7.14.3 connected again to the internet
Same as above, please send us a rif file via the ticket system:
https://mikrotik.com/support
 
User avatar
jspool
Member
Member
Posts: 472
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:36 am

MQTT no longer works after upgrade to 7.15
Tested mosquitto and AWS and both brokers work on 7.15. Please send us a rif file via a ticket:
https://mikrotik.com/support
They do not receive messages sent to the topic that they are subscribed to. Tried on 2116 and knot with same result. Back to 7.14.3 they work normally. Sending some rifs to support.
 
User avatar
VadiKO
just joined
Posts: 8
Joined: Wed May 20, 2020 11:48 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:55 am

ax^3 works fine, single disconnections I see in the logs is related to the device which is the 5 floors away and signal is -86/-90 - so, it is expected.
The devices are located on the same floor at a distance of 5-8 meters and almost on a straight side.
Before update 7.15 everything went without problems.
 
User avatar
VadiKO
just joined
Posts: 8
Joined: Wed May 20, 2020 11:48 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 10:49 am

has so far solved the problem by disabling wifi2 (2GHz).
Now another device disconnects and reconnects all the time, it's an Iphone 13 Pro Max, and there is an Iphone 12 next to it and it has a stable connection. I don't understand anything anymore...
skrins.png
You do not have the required permissions to view the files attached to this post.
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 10:58 am

Can you share your config (if you haven't done already), @VadiKO?
 
User avatar
VadiKO
just joined
Posts: 8
Joined: Wed May 20, 2020 11:48 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 11:42 am

Can you share your config (if you haven't done already), @VadiKO?
2024-06-03 09:12:51 by RouterOS 7.15
software id = 1N2D-52R9
model = C53UiG+5HPaxD2HPaxD
serial number = HExxxxxADQ
/interface bridge add name=bridge1 port-cost-mode=short
/interface bridge add arp=reply-only comment="for shop" name=bridge_for_shop port-cost-mode=short
/interface wifi set [ find default-name=wifi2 ] channel.band=2ghz-ax .skip-dfs-channels=disabled .width=20mhz configur
ation.country="United States" .mode=ap .ssid=AirPortExtreme mtu=1500 security.authentication-types=wpa2-psk,wpa3-psk .
wps=disable
/interface wireguard add disabled=yes listen-port=51820 mtu=1420 name=wireguard2
/interface wireguard add listen-port=51830 mtu=1420 name=wireguard_contabo
/interface list add name=LAN
/interface list add name=WAN
/interface wifi security add authentication-types=wpa2-psk comment="for shop" disabled=no name=for_shop
/interface wifi security add authentication-types=wpa2-psk,wpa3-psk comment="for 5G" disabled=no name=for5G wps=disabl
e
/interface wifi set [ find default-name=wifi1 ] channel.band=5ghz-ax .frequency=5180,5260,5500 .skip-dfs-channels=disa
bled .width=20/40/80mhz configuration.country="United States" .mode=ap .ssid=MikroTik disabled=no mtu=1500 security=fo
r5G
/interface wifi add configuration.mode=ap .ssid=for_shop mac-address=4A:A9:8A:49:5C:D8 master-interface=wifi2 mtu=1500
name=wifi3_virtual security=for_shop security.encryption=ccmp
/ip pool add comment=my name=pool1 ranges=192.168.1.2-192.168.1.254
/ip pool add comment="for shop" name=pool_for_shop ranges=10.10.10.2-10.10.10.254
/ip dhcp-server add address-pool=pool1 comment=my interface=bridge1 lease-time=1d name=dhcp_my
/ip dhcp-server add add-arp=yes address-pool=pool_for_shop comment="for shop" interface=bridge_for_shop lease-time=12h
name=dhcp_fro_shop
/ip smb users set [ find default=yes ] disabled=yes
/routing table add comment=wg disabled=no fib name=wg_mark
/interface bridge port add bridge=bridge1 interface=ether2 internal-path-cost=10 path-cost=10
/interface bridge port add bridge=bridge1 interface=ether3 internal-path-cost=10 path-cost=10
/interface bridge port add bridge=bridge1 interface=ether4 internal-path-cost=10 path-cost=10
/interface bridge port add bridge=bridge1 interface=wifi1 internal-path-cost=10 path-cost=10
/interface bridge port add bridge=bridge1 interface=wifi2 internal-path-cost=10 path-cost=10
/interface bridge port add bridge=bridge_for_shop comment="for shop" interface=wifi3_virtual internal-path-cost=10 pat
h-cost=10
/ip firewall connection tracking set udp-timeout=10s
/ip neighbor discovery-settings set discover-interface-list=LAN
/ipv6 settings set max-neighbor-entries=15360
/interface detect-internet set detect-interface-list=WAN
/interface list member add interface=bridge1 list=LAN
/interface list member add interface=ether5 list=WAN
/interface list member add comment=wg2 interface=wireguard2 list=WAN
/interface list member add comment=wgcontabo interface=wireguard_contabo list=WAN
/interface wifi access-list add action=accept allow-signal-out-of-range=always disabled=yes signal-range=-95..120
/interface wifi access-list add action=reject disabled=yes
/interface wireguard peers add allowed-address=0.0.0.0/0 disabled=yes endpoint-address=185.xx.xx.142 endpoint-port=51
820 interface=wireguard2 name=peer1 persistent-keepalive=10s preshared-key="DC/FSg/dFHC8stXdtixxxxteniF6rtYo
w=" public-key="hT6d1boflhSvG07x+xxxxx//x+lk/IgxAIjc="
/interface wireguard peers add allowed-address=0.0.0.0/0 endpoint-address=85.xx.xx.14 endpoint-port=51830 interface=
wireguard_contabo name=peer2 persistent-keepalive=20s public-key="SHtmJXzPTxocONGuxxxxxrBQGTmi1fULsIkw="
/ip address add address=192.168.1.1/24 comment=local interface=bridge1 network=192.168.1.0
/ip address add address=193.xx.xx.160/24 comment=net-city interface=ether5 network=193.xx.xx.0
/ip address add address=10.167.51.3/24 comment=wg2 disabled=yes interface=wireguard2 network=10.167.51.0
/ip address add address=10.10.10.1/24 comment="for shop" interface=bridge_for_shop network=10.10.10.0
/ip address add address=10.100.10.2/24 comment=wgcontabo interface=wireguard_contabo network=10.100.10.0
/ip arp add address=192.168.1.3 comment=ergo interface=bridge1 mac-address=C6:7B:F2:30:F3:BB
/ip dhcp-server lease add address=192.168.1.252 client-id=1:3c:15:c2:c5:95:98 comment=mac mac-address=3C:15:C2:C5:95:9
8 server=dhcp_my
/ip dhcp-server lease add address=192.168.1.66 comment="terneo 1" mac-address=CC:50:E3:27:3A:96 server=dhcp_my
/ip dhcp-server lease add address=192.168.1.62 client-id=1:30:1b:97:32:4e:d comment=hikvision mac-address=30:1B:97:32:
4E:0D server=dhcp_my
/ip dhcp-server lease add address=192.168.1.61 comment="terneo 2" mac-address=CC:50:E3:C5:93:D8 server=dhcp_my
/ip dhcp-server lease add address=192.168.1.58 client-id=1:30:1b:97:2c:aa:90 comment="hikvision pvr" mac-address=30:1B
:97:2C:AA:90 server=dhcp_my
/ip dhcp-server lease add address=192.168.1.56 client-id=1:30:95:87:e0:39:4a comment=.onn mac-address=30:95:87:E0:39:4
A server=dhcp_my
/ip dhcp-server lease add address=192.168.1.55 client-id=1:0:3:43:80:2:35 comment=KM1 mac-address=00:03:43:80:02:35 se
rver=dhcp_my
/ip dhcp-server lease add address=192.168.1.54 client-id=1:10:2c:6b:c2:50:25 comment=KM6 mac-address=10:2C:6B:C2:50:25
server=dhcp_my
/ip dhcp-server lease add address=192.168.1.67 client-id=1:f4:a4:75:87:50:5f comment=T1000 mac-address=F4:A4:75:87:50:
5F server=dhcp_my
/ip dhcp-server lease add address=192.168.1.9 client-id=1:4a:eb:c0:bf:a8:a0 comment=ergo mac-address=4A:EB:C0:BF:A8:A0
server=dhcp_my
/ip dhcp-server lease add address=192.168.1.8 client-id=1:b8:9a:2a:d:27:c1 comment=yepo mac-address=B8:9A:2A:0D:27:C1
server=dhcp_my
/ip dhcp-server lease add address=10.10.10.3 client-id=1:e0:3f:49:28:7b:88 comment=68u mac-address=E0:3F:49:28:7B:88 s
erver=dhcp_fro_shop
/ip dhcp-server lease add address=192.168.1.29 client-id=1:30:b1:b5:4d:90:4 comment=LG mac-address=30:B1:B5:4D:90:04 s
erver=dhcp_my
/ip dhcp-server lease add address=192.168.1.7 client-id=1:4e:88:97:2e:72:ed comment=ergo mac-address=4E:88:97:2E:72:ED
server=dhcp_my
/ip dhcp-server lease add address=192.168.1.10 client-id=1:78:8a:86:4a:c6:e1 comment=philips_NEW mac-address=78:8A:86:
4A:C6:E1 server=dhcp_my
/ip dhcp-server network add address=10.10.10.0/24 dns-server=94.140.15.15,94.140.14.14 gateway=10.10.10.1
/ip dhcp-server network add address=192.168.1.0/24 dns-server=94.140.15.15,94.140.14.14 gateway=192.168.1.1 netmask=24
/ip dns set allow-remote-requests=yes cache-size=4096KiB servers=94.140.15.15,94.140.14.14
/ip firewall address-list add address=192.168.1.252 comment=mac list=full_wg
/ip firewall address-list add address=192.168.1.67 comment=pc list=full_wg
/ip firewall address-list add address=192.168.1.54 comment=KM6 list=full_wg
/ip firewall address-list add address=192.168.1.55 comment=KM1 list=full_wg
/ip firewall address-list add address=192.168.1.56 comment=.onn list=full_wg
/ip firewall address-list add address=192.168.1.46 comment="my pc" disabled=yes list=full_wg
/ip firewall address-list add address=192.168.1.7 comment=ergo list=full_wg
/ip firewall address-list add address=192.168.1.8 comment=yepo list=full_wg
/ip firewall address-list add address=192.168.1.29 comment=LG list=full_wg
/ip firewall address-list add address=192.168.1.10 comment=Philips_NEW list=full_wg
/ip firewall filter add action=accept chain=input connection-state=established,related,untracked in-interface-list=WAN
/ip firewall filter add action=accept chain=input comment=winbox connection-state=new dst-port=1111 protocol=tcp
/ip firewall filter add action=drop chain=input comment="drop invalid connection" connection-state=invalid
/ip firewall filter add action=accept chain=input comment="defconf: acept ICMP" protocol=icmp
/ip firewall filter add action=drop chain=input comment="defconf: drop all notcoming from LAN" in-interface-list=!LAN
/ip firewall filter add action=accept chain=forward comment="hikvision 9" dst-port=9000 in-interface-list=WAN protocol
=tcp
/ip firewall filter add action=accept chain=forward comment=video dst-port=37777,2222,3333 in-interface-list=WAN proto
col=tcp
/ip firewall filter add action=accept chain=forward comment="hikvision 10" dst-port=8000 in-interface-list=WAN protoco
l=tcp
/ip firewall filter add action=accept chain=forward comment=vu+ dst-port=1100 in-interface-list=WAN protocol=tcp
/ip firewall filter add action=accept chain=forward connection-state=established,related,untracked in-interface-list=W
AN
/ip firewall filter add action=drop chain=forward comment="forvard invalid" connection-state=invalid
/ip firewall filter add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATTed" connection-nat-st
ate=dstnat connection-state=new in-interface-list=WAN
/ip firewall filter add action=jump chain=input comment="jump to ICMP filters" jump-target=icmp protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="allow echo request" icmp-options=8:0 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="echo reply" icmp-options=0:0 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="net unreachable" icmp-options=3:0 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="host unreachable" icmp-options=3:1 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="host unreachable fragmentation required" icmp-options=3:4 pr
otocol=icmp
/ip firewall filter add action=accept chain=icmp comment="allow time exceed" icmp-options=11:0 protocol=icmp
/ip firewall filter add action=accept chain=icmp comment="allow parameter bad" icmp-options=12:0 protocol=icmp
/ip firewall filter add action=drop chain=icmp comment="deny all other types"
/ip firewall mangle add action=change-ttl chain=prerouting comment="ttl for do not detect provider" new-ttl=increment:
1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting comment=wg new-routing-mark=wg_mark passthrough=no src-ad
dress-list=full_wg
/ip firewall mangle add action=change-mss chain=forward comment="wg2 new mss" disabled=yes new-mss=clamp-to-pmtu out-i
nterface=wireguard2 passthrough=no protocol=tcp tcp-flags=syn
/ip firewall mangle add action=change-mss chain=forward comment="wgcontabo new mss" new-mss=clamp-to-pmtu out-interfac
e=wireguard_contabo passthrough=no protocol=tcp tcp-flags=syn
/ip firewall nat add action=masquerade chain=srcnat comment="masquerade LAN to WAN" out-interface-list=WAN
/ip firewall nat add action=dst-nat chain=dstnat comment=video disabled=yes dst-port=37777 in-interface=ether1 protoco
l=tcp to-addresses=192.168.1.117
/ip firewall nat add action=masquerade chain=srcnat comment="video local" dst-address=192.168.1.0/24 src-address=192.1
68.1.0/24
/ip firewall nat add action=dst-nat chain=dstnat comment=video dst-address=193.xx.xx.160 dst-port=37777 protocol=tcp
to-addresses=192.168.1.2
/ip firewall nat add action=dst-nat chain=dstnat comment="hikvision 10" dst-address=193.xx.xx.160 dst-port=8000 proto
col=tcp to-addresses=192.168.1.62
/ip firewall nat add action=dst-nat chain=dstnat comment=vu+ dst-address=193.xx.xx.160 dst-port=1100 protocol=tcp to-
addresses=192.168.1.11
/ip firewall nat add action=src-nat chain=srcnat comment="to mik 2" disabled=yes dst-address=10.167.51.4 dst-port=2222
protocol=tcp to-addresses=10.167.51.3
/ip firewall nat add action=netmap chain=dstnat comment="to mik 2" disabled=yes dst-address=192.168.1.1 dst-port=2222
in-interface-list=WAN protocol=tcp to-addresses=10.167.51.4 to-ports=2222
/ip firewall nat add action=dst-nat chain=dstnat comment="con to mik 2 ah" disabled=yes dst-address=193.xx.xx.160 por
t=2222 protocol=tcp to-addresses=10.167.51.4 to-ports=2222
/ip firewall nat add action=dst-nat chain=dstnat comment="hikvision 9" dst-address=193.xx.xx.160 dst-port=9000 protoc
ol=tcp to-addresses=192.168.1.58
/ip firewall nat add action=dst-nat chain=dstnat comment="con to mik 2 contabo" dst-address=193.xx.xx.160 port=2222 p
rotocol=tcp to-addresses=10.100.10.4 to-ports=2222
/ip firewall service-port set ftp disabled=yes
/ip firewall service-port set tftp disabled=yes
/ip firewall service-port set h323 disabled=yes
/ip firewall service-port set sip disabled=yes
/ip firewall service-port set pptp disabled=yes
/ip route add check-gateway=ping comment=net-city disabled=no distance=1 dst-address=0.0.0.0/0 gateway=193.107.74.1 ro
uting-table=main scope=30 suppress-hw-offload=no target-scope=10
/ip route add comment=wg2 disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=wireguard2 pref-src="" routing-table=w
g_mark scope=30 suppress-hw-offload=no target-scope=10
/ip route add comment=wgcontabo disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wireguard_contabo routing-table=w
g_mark scope=30 suppress-hw-offload=no target-scope=10
/ip service set telnet disabled=yes
/ip service set ftp disabled=yes
/ip service set ssh disabled=yes
/ip service set api disabled=yes
/ip service set winbox port=1111
/ip service set api-ssl disabled=yes
/ip smb shares set [ find default=yes ] directory=/pub
/system clock set time-zone-name=Europe/Kiev
/system identity set name=ax3
/system leds set 4 disabled=yes
/system leds set 5 disabled=yes
/system logging add topics=wireless,debug
/system logging add disabled=yes topics=dhcp,debug
/system note set show-at-login=no
/system ntp client set enabled=yes
/system ntp client servers add address=0.pool.ntp.org
/system ntp client servers add address=1.pool.ntp.org
/tool graphing interface add interface=ether5
/tool mac-server set allowed-interface-list=LAN
/tool mac-server mac-winbox set allowed-interface-list=LAN
/tool mac-server ping set enabled=no
 
User avatar
nemavio
just joined
Posts: 2
Joined: Sat Jun 01, 2024 4:02 pm
Location: Paris
Contact:

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 12:32 pm

Clearly, huge memory leak issue with wireguard on RB4011, cf viewtopic.php?t=208104
 
WeWiNet
Long time Member
Long time Member
Posts: 610
Joined: Thu Sep 27, 2018 4:11 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 12:51 pm

has so far solved the problem by disabling wifi2 (2GHz).
Now another device disconnects and reconnects all the time, it's an Iphone 13 Pro Max, and there is an Iphone 12 next to it and it has a stable connection. I don't understand anything anymore...

skrins.png
I do have similar problems, which improve if I switch off 2G. I suspect the fast transition or steering going bad.
The key problem with Wifi on Mikrotik is the limited to non-existing logging capabilities in Wifi.
If you had access to more detailed / internal info, one could debug. But without this its trial and error only.
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 1:45 pm

Think your config is a bit messy, but not that strange @VadiKO.
What you can try:

- set encryption=ccmp on the for5G security settings
- set authentication-types to wpa2-psk only (had some strange stuff going on with combined wpa2-psk and wpa3-psk)
- set dtim-period (part of the configuration) to 3 (which is advised by Apple)

At last...I prefer to use a single bridge, but that is probably not a problem in your case.
 
User avatar
rushlife
Member Candidate
Member Candidate
Posts: 254
Joined: Thu Nov 05, 2015 12:30 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 2:43 pm

ACHTUNG !!! ALERT !
Do not use this version with CRS354 !!!

Huge packetloss, huge performance drop, unusable on some ports.
 
User avatar
Smoerrebroed
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Mon Feb 12, 2018 10:21 am

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 5:10 pm

Running this release for a couple of days, I can conclude that I still have issues with APs locking up when using DFS channels. In that respect, this version is the same as 7.16alpha. :-/
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 5:18 pm

I'm using this version since the rc came out...never had any problems with the DFS channels. Can you share your config, @Smoerrebroed?
 
User avatar
sirbryan
Member
Member
Posts: 400
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 5:58 pm

ACHTUNG !!! ALERT !
Do not use this version with CRS354 !!!

Huge packetloss, huge performance drop, unusable on some ports.
Oh darnit. I already upgraded my CRS354. And I'm not seeing what you're seeing.

Mine's in an MLAG pair with a CRS312, both connected to a 2116 on one side and another MLAG pair of 317's on the other, and a handful of desktop/office devices spread across both switches. Really low traffic. Working as expected.

Perhaps you could enlighten us as to your use case, such as average throughput, any special configs (q-in-q/tag stacking), quantity of LACP peers, DACS/SFP+' in use, etc.
 
User avatar
sxtlhglte
just joined
Posts: 12
Joined: Fri Mar 05, 2021 12:42 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 6:04 pm

have upgrade ARM, ARM64, MIPBE, PPC to 7.15 from 7.14.x all good now
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 7:11 pm

ACHTUNG !!! ALERT !
Do not use this version with CRS354 !!!

Huge packetloss, huge performance drop, unusable on some ports.
Same, switch stops forwarding traffic properly after few hours, had to revert ..
 
User avatar
rushlife
Member Candidate
Member Candidate
Posts: 254
Joined: Thu Nov 05, 2015 12:30 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 7:50 pm

hi, more detail on my setup :

single bridge with dhcp client on it
JUST SWITCHING
no wireless package installed
loop protect on all ports
RSTP on default values
ip/services : WINBOX and SSH only
used on private internal it subnets with 24b prefix

fail was found on at least 10pcs of this device

i have no SUP file, I had to resolve this very bad situation FAST
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 7:51 pm

*) console - added log for script execution failures;
There clearly is a bug in that. It logs failure even for scripts like '/log info message="host X is up"' called from netwatch as UP-script!
Edit: turned out it works OK, but there was a missing quote in the script (which was present in the ones I checked).
Last edited by pe1chl on Tue Jun 04, 2024 1:55 pm, edited 1 time in total.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:05 pm

It has built-in AI that knows that "host x is up" is a pure lie and therefore the error 🤣
 
User avatar
Kentzo
Long time Member
Long time Member
Posts: 618
Joined: Mon Jan 27, 2014 3:35 pm
Location: California

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:16 pm

*) smb - added logs for share connection requests
Please revert this change. 99% of my info logs is now `... connect request user:GUEST ...` :/
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:24 pm

*) smb - added logs for share connection requests
Please revert this change. 99% of my info logs is now `... connect request user:GUEST ...` :/
We are anxiously awaiting improvements in the logging functionality that allow the admin to suppress such messages...
(like adding a unique ID to every message that can be suppressed in logging rules, and/or filtering by regexp)
 
rkrisi
Member Candidate
Member Candidate
Posts: 163
Joined: Fri May 08, 2020 11:54 am

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 8:42 pm



Please revert this change. 99% of my info logs is now `... connect request user:GUEST ...` :/
We are anxiously awaiting improvements in the logging functionality that allow the admin to suppress such messages...
(like adding a unique ID to every message that can be suppressed in logging rules, and/or filtering by regexp)
That would be great... I remember I had some similar case with some of the logs which should be filtered for me, but there were no avail. option, just to remove that whole topic from logging...
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 9:00 pm

That is what I mean! It should be "easy" to add a unique 6 or 8-digit hex number as a topic to each unique type of message, so it can be filtered with the existing topic filter.
And it should be "doable" to add a regexp filter to match messages by regexp on the text, too.
 
TheWitness
just joined
Posts: 6
Joined: Mon Sep 18, 2017 5:43 am

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 9:23 pm

Hi,

I'm testing with Traffic Flow, and if I'm using IPFIX and then switch to V9, the stream still includes IPFIX packets as well as V9 packets until after I reboot the device. I'm also noting a length error in the V9 packets. I'm still researching.

Larry
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: v7.15 [stable] is released!

Mon Jun 03, 2024 11:28 pm

On 2216 BGP as path is corrupted when upgrading from 7.14.3 to 7.15, locally originated routes have a random 32 bit source ASN that frequently changes
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 8:56 am

Check your routing table, I bet there is a route received from some other peer and is not actually locally originated. Trace where this route is coming from.
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 9:19 am

Check your routing table, I bet there is a route received from some other peer and is not actually locally originated. Trace where this route is coming from.
Not sure I follow, but downgrading to 7.14.3 with no config changes fixed our issue, I saw similar reports on facebook wisp talk group
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 9:43 am

There are no reports indicating that actually v7.15 is the one originating this route, from what is known is what I mentioned previously, route is received from other peer, not originated.
Contact support with supout file and /routing/bgp/advertisements output showing the route you are talking about.
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:03 am

There are no reports indicating that actually v7.15 is the one originating this route, from what is known is what I mentioned previously, route is received from other peer, not originated.
Contact support with supout file and /routing/bgp/advertisements output showing the route you are talking about.
It's routes we originate but the source AS is wrong, it appears as if it's a downstream AS customer of ours but it's a local originated route, the source AS changes frequently
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:09 am

There are no reports indicating that actually v7.15 is the one originating this route, from what is known is what I mentioned previously, route is received from other peer, not originated.
Contact support with supout file and /routing/bgp/advertisements output showing the route you are talking about.
here is the report from facebook:

Alright I'll be the one to ask the dreaded question after a mikrotik firmware release: Is anyone seeing issues? We upgraded a set of routers (4x 2216s running as a redundant collapsed core) to 7.15 stable and found some really odd BGP issues where the AS path was being modified for no obvious reason. A route originating from internally would be announced with another providers AS as the source. We even had one route originate from a seemingly random 32bit ASN that doesnt exist anywhere. After downgrading to 7.14.3 the problem immediately went away.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:11 am

If it comes from the downstream customer then it is customer originated route not locally originated route. And it should be investigated why the customer is sending you that route only when you upgrade to v7.15, or maybe it is just a coincidence and has nothing to do with v7.15
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:15 am

If it comes from the downstream customer then it is customer originated route not locally originated route. And it should be investigated why the customer is sending you that route only when you upgrade to v7.15, or maybe it is just a coincidence and has nothing to do with v7.15
We don't have any downstream customer I guess I don't know how to communicate it in a way that you will understand me but a random 32-bit AS was showing as the source with our AS after that, meaning we are originating the announcement but a randomly changing source AS was added
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:17 am

Bottom line is you have a bug in BGP with version 7.15 and I'm sure you will figure it out in time
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:20 am

Like I said contact support with all the relevant info.
 
matiss
MikroTik Support
MikroTik Support
Posts: 36
Joined: Fri Dec 30, 2016 10:13 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:21 am

Are you able to run this command successfully in terminal?
/tool netwatch
add host=8.8.8.8 type=simple up-script="/log info message=\"host X is up\""
 10:12:53 netwatch,info event up [ type: simple, host: 8.8.8.8 ]
 10:12:53 script,info host X is up
*) console - added log for script execution failures;
There clearly is a bug in that. It logs failure even for scripts like '/log info message="host X is up"' called from netwatch as UP-script!
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:24 am

Are you able to run this command successfully in terminal?
/tool netwatch
add host=8.8.8.8 type=simple up-script="/log info message=\"host X is up\""
 10:12:53 netwatch,info event up [ type: simple, host: 8.8.8.8 ]
 10:12:53 script,info host X is up

There clearly is a bug in that. It logs failure even for scripts like '/log info message="host X is up"' called from netwatch as UP-script!
I also noticed that several scripts that have been trouble free for 15 years (like /export and /backup simple scripts) are reporting failed in log, but running a few times it will be successful. Both 7.14 & 7.15
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 10:58 am

(found problem)
Last edited by pe1chl on Tue Jun 04, 2024 1:51 pm, edited 1 time in total.
 
matiss
MikroTik Support
MikroTik Support
Posts: 36
Joined: Fri Dec 30, 2016 10:13 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 11:59 am

Errors were all the time, a user just did not see that.
This improvement lighted up different issues, for example, missing graceful exit from script.

Are you able to run this command successfully in terminal?
/tool netwatch
add host=8.8.8.8 type=simple up-script="/log info message=\"host X is up\""
 10:12:53 netwatch,info event up [ type: simple, host: 8.8.8.8 ]
 10:12:53 script,info host X is up
I also noticed that several scripts that have been trouble free for 15 years (like /export and /backup simple scripts) are reporting failed in log, but running a few times it will be successful. Both 7.14 & 7.15
 
lomayani
just joined
Posts: 19
Joined: Sat Jun 17, 2017 7:21 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 1:25 pm

There are no reports indicating that actually v7.15 is the one originating this route, from what is known is what I mentioned previously, route is received from other peer, not originated.
Contact support with supout file and /routing/bgp/advertisements output showing the route you are talking about.
I have same problem. sent all details to support with ticket SUP-154594
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 1:54 pm

Errors were all the time, a user just did not see that.
This improvement lighted up different issues, for example, missing graceful exit from script.
After carefully checking again, I found in some of the netwatch up-scripts a quote was missing. Indeed good that this is now checked.
What seems to be missing is a "graceful exit" possibility, other than reaching the end of the script, as indicated by others.
It would also be helpful when the syntax-highlighting feature of cmdline would also be available in winbox (and webfig).
That makes it easier to catch errors like the above.
 
kkeyser
just joined
Posts: 1
Joined: Tue Dec 26, 2023 9:53 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 2:20 pm

ACHTUNG !!! ALERT !
Do not use this version with CRS354 !!!

Huge packetloss, huge performance drop, unusable on some ports.
Not confirmed. Running CRS354-48P-4S+2Q+ about five days with 7.15 without any problem.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 2:40 pm

Check your routing table, I bet there is a route received from some other peer and is not actually locally originated. Trace where this route is coming from.
It appears that 7.15 sometimes claims it originates a route while actually it doesn't.
E.g. I am running a network with several 7.12.1 routers which each originate some local network routes.
The central router has AS 65530 and some leaf routers are also on AS 65530.
Another router is on AS 65533 and it was upgraded to 7.15
Now I have a route in the table that points directly to a leaf router, but in its AS path it says 65533.
That is not the AS of the originating router but the AS of the 7.15 router (which of course also has that route in its table, with AS path 65530).
When I stop and start the BGP connection to the originating router, the route disappears and comes back without AS path.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 3:13 pm

There seems to be stability issues with Chateau 5G after modem firmware and ROS upgrade.

After upgrading the modem firmware to the latest version along with upgrading to ROS v7.15 the modem has become very unstable with either randomly resetting itself with error “lte1 mbim: modem's control interface have reset (4)” in the logs or with completely getting into an invalid state with repeated “lte1: no response for: AT E0 V1” errors in the log and needing to restart the whole device to recover itself.

[SUP-154766]

On every other device that I've installed v7.15 (CCR2116, CCR2004, CCR1036, CRS326, CRS318, RB5009, RB4011, RB3011, hAP Lite, CHR), I've got no issues whatsoever.
MikroTik support logged in to the device and installed RG502QEAAAR13A03M4G_02.003.02.003 which includes fixes related to my 5G provider.
It's been 3+ hours so far without any stability issues.
 
Pudpoh
just joined
Posts: 17
Joined: Thu Jan 11, 2024 6:39 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 4:24 pm

There seems to be stability issues with Chateau 5G after modem firmware and ROS upgrade.

After upgrading the modem firmware to the latest version along with upgrading to ROS v7.15 the modem has become very unstable with either randomly resetting itself with error “lte1 mbim: modem's control interface have reset (4)” in the logs or with completely getting into an invalid state with repeated “lte1: no response for: AT E0 V1” errors in the log and needing to restart the whole device to recover itself.

[SUP-154766]

On every other device that I've installed v7.15 (CCR2116, CCR2004, CCR1036, CRS326, CRS318, RB5009, RB4011, RB3011, hAP Lite, CHR), I've got no issues whatsoever.
MikroTik support logged in to the device and installed RG502QEAAAR13A03M4G_02.003.02.003 which includes fixes related to my 5G provider.
It's been 3+ hours so far without any stability issues.
Hopefully they will make this version available to everyone quickly as I allowed my modem to upgrade it's firmware about a week ago, mine has stayed connected and I've not noticed any issues, but I haven't upgraded to 7.15 yet. I've deliberately held off after seeing posts of issues with chateau 5g and latest modem firmware with 7.15. My supplier is Three UK, what I have noticed though is it's a bit more fussy about aggregating 2 x n78 bands, I've had to tweak it's position a couple of times to keep 2 x n78 carrier aggregation.
 
areanod
just joined
Posts: 14
Joined: Thu Mar 03, 2016 7:01 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 4:35 pm

*) bridge - reworked dynamic VLAN creation;
Before I could join a Port untagged to a VLAN by giving it the PVID that I wanted and it would show up in my static created VLAN in /interface/bridge/vlan. Since 7.15 I need to manually add the untagged port to the VLAN settings, otherwise I have the static VLAN with my tagged ports and another dynamic one with the untagged ports.
Is this expected behaviour and if yes: why?

Tested on an L009 and confirmed that the issue does not exist in 7.14.3
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 4:53 pm

Before I could join a Port untagged to a VLAN by giving it the PVID that I wanted and it would show up in my static created VLAN in /interface/bridge/vlan. Since 7.15 I need to manually add the untagged port to the VLAN settings, otherwise I have the static VLAN with my tagged ports and another dynamic one with the untagged ports.
Indeed... I see that as well. That seems to be a step backward.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21895
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 5:13 pm

Not sure, we are talking about the same thing, but whether or not the untagged vlan shows up on an export is determined by the /interface bridge vlan settings. If you do not manually put them there as untagged, they do not show as they are dynamically created. This is not new!
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 5:29 pm

This behavior is expected due to the new MVRP feature, and dynamic VLANs are also needed for wifi-qcom and wireless dynamic VLAN management, such as from access-lists and RADIUS assignments.

Now, the same VLAN ID can appear multiple times, but the same interface will not be included in multiple entries. You can override the dynamic "current-untagged" part with a static configuration, but this is optional.

Additionally, the upcoming RouterOS v7.16 will provide more details about who created the dynamic VLANs. And when you add a VLAN interface to a vlan-filtering bridge, the bridge will automatically be added as a tagged member.
[admin@MikroTik] /interface/bridge/vlan> print 
Flags: D - DYNAMIC
Columns: BRIDGE, VLAN-IDS, CURRENT-TAGGED
#   BRIDGE   VLAN-IDS  CURRENT-TAGGED
;;; added by vlan on bridge
0 D bridge1        99  bridge1 
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 5:56 pm

*) bridge - reworked dynamic VLAN creation;
Before I could join a Port untagged to a VLAN by giving it the PVID that I wanted and it would show up in my static created VLAN in /interface/bridge/vlan. Since 7.15 I need to manually add the untagged port to the VLAN settings, otherwise I have the static VLAN with my tagged ports and another dynamic one with the untagged ports.
Is this expected behaviour and if yes: why?
In V7.15, setting pvid= on .../bridge/port still works to dynamic add it as untagged to a .../bridge/vlan. The how changed, I think. It always add these to a dynamic .../bridge/vlan - even if there is a static entry in .../bridge/vlan already for the same VLAN.

So in my case, I have to two entries per VLAN. One static where I manually add the bridge as tagged in .../bridge/vlan & another dynamic (add automatically by pvid=) ../bridge/vlan used by all the ports with a same pvid= (making them untagged).

But it works.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 6:14 pm

Hopefully at some point the PVID per port will disappear and the "untagged ports" in the VLAN configuration will provide this config...
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 7:01 pm

I think MVRP forced some changes here. _i.e._ now it not just bridge on the local router that modifies /interface/bridge/vlan, but potentially MVRP too.

Hopefully at some point the PVID per port will disappear and the "untagged ports" in the VLAN configuration will provide this config...
I actually like the automatic untagging of pvid= from the ports to bridge's vlan table.

In fact, I think /interface/vlan should have some option/attribute that automatically adds tagged=bridge (as a dynamic .../bridge/vlan) – so Layer3/IP work without messing with bridge vlan table at all. So whole /interface/bridge/vlans complexity be only needed for hybrid ports or Layer2-only switching cases.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 7:06 pm

Hopefully at some point the PVID per port will disappear and the "untagged ports" in the VLAN configuration will provide this config...
I actually like the automatic untagging of pvid= from the ports to bridge's vlan table.
I don't like that there are 2 ways to configure untagged ports and that they can be contradicting.
Either we have PVID and no "untagged ports" or the other way around. Not both.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 8:05 pm

Hopefully at some point the PVID per port will disappear and the "untagged ports" in the VLAN configuration will provide this config...
As it's now, /interface/bridge/port defines ingress behaviour ... and PVID can correctly only be set to a single value. OTOH /interface/bridge/vlan defines egress behaviour ... and a single port can be untagged member of multiple VLANs. Further more, some vendors allow state where port with PVID set is not member of that VLAN for egress.
While I'd agree that this kind of setup is not exactly usual, it does allow some flexibility and it would be a pity if itbwas taken away without a good reason (and taking away one property plus implementing a check on another property with possible bugs "to make configuration easier" is IMO not a good reason)
Last edited by mkx on Tue Jun 04, 2024 8:15 pm, edited 1 time in total.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 8:14 pm

In fact, I think /interface/vlan should have some option/attribute that automatically adds tagged=bridge (as a dynamic .../bridge/vlan) – so Layer3/IP work without messing with bridge vlan table at all. So whole /interface/bridge/vlans complexity be only needed for hybrid ports or Layer2-only switching cases.

I'd rather see bridge "the CPU facing port" become a distinct item ... just like switchX-cpu port in switch chip configs. IMO this would prevent quite some confusion which arises from the fact that there are 3 different items (switch-like entity, CPU-facing port and interface) all named the same, while config, related to each of them, is interleaved.

Behaviour where bridge port would become tagged member of every VLAN, mentioned on any member port config, would also mean reduction of security of ROS devices when used as L2 switch ... because this would make a step closer to make device a router (by making two further steps: creation of corresponding VLAN interfaces and assigning L3 addresses to those). And all of that without clear benefit.
 
tdw
Forum Guru
Forum Guru
Posts: 2032
Joined: Sat May 05, 2018 11:55 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 8:25 pm

In fact, I think /interface/vlan should have some option/attribute that automatically adds tagged=bridge (as a dynamic .../bridge/vlan) – so Layer3/IP work without messing with bridge vlan table at all. So whole /interface/bridge/vlans complexity be only needed for hybrid ports or Layer2-only switching cases.
From what is said in post #190 that will happen in v7.16. If untagged= still exists for special use cases, but in general the dynamic membership based on pvid= is used for untagged then it will be a case of only having to add tagged= membership for the non-CPU trunk/hybrid ports.
 
tdw
Forum Guru
Forum Guru
Posts: 2032
Joined: Sat May 05, 2018 11:55 am

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 8:34 pm

I'd rather see bridge "the CPU facing port" become a distinct item ... just like switchX-cpu port in switch chip configs. IMO this would prevent quite some confusion which arises from the fact that there are 3 different items (switch-like entity, CPU-facing port and interface) all named the same, while config, related to each of them, is interleaved.
Whilst having a different name would be nice I expect that an automated configuration conversion may break things, from experiences with some of the older master-port to bridge conversions not going well.
Behaviour where bridge port would become tagged member of every VLAN, mentioned on any member port config, would also mean reduction of security of ROS devices when used as L2 switch ... because this would make a step closer to make device a router (by making two further steps: creation of corresponding VLAN interfaces and assigning L3 addresses to those). And all of that without clear benefit.
Having the CPU-facing port automatically added as a tagged member when an /interface vlan is attached to a bridge does seem like a reasonable compromise, as long as all of the other port members require explict tagged membership to become trunk or hybrid ports.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 8:41 pm

Having the CPU-facing port automatically added as a tagged member when an /interface vlan is attached to a bridge does seem like a reasonable compromise
I agree with this idea.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Tue Jun 04, 2024 9:31 pm

In fact, I think /interface/vlan should have some option/attribute that automatically adds tagged=bridge (as a dynamic .../bridge/vlan) – so Layer3/IP work without messing with bridge vlan table at all. So whole /interface/bridge/vlans complexity be only needed for hybrid ports or Layer2-only switching cases.
From what is said in post #190 that will happen in v7.16. If untagged= still exists for special use cases, but in general the dynamic membership based on pvid= is used for untagged then it will be a case of only having to add tagged= membership for the non-CPU trunk/hybrid ports.
It already was like that! When you only set a PVID on a port, it automatically becomes an untagged port on that VLAN.
However, before the untagged port would be listed on the same VLAN line in the bridge VLAN list, and now it creates a duplicate line with the same VLAN number but a D (dynamic) flag, and adds the port to that. Confusing.
 
oeyre
Member Candidate
Member Candidate
Posts: 141
Joined: Wed May 27, 2009 12:48 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 2:25 am

on my end it's because some of my scripts were testing conditions (with 'if') and if condition met, then would quit the script by calling ':error'
I am having the same problem. Seems there is not any other way to do this currently according to the wiki?
 
avggeek
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Thu Jun 06, 2013 9:33 am

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 5:27 am

Hitting the issue previously reported in this thread where a script that has been running without any problems up to 7.14, has started failing in 7.15.

The following script is failing in 7.15 with the error "executing script from netwatch failed, please check it manually". Script permissions are set to "read,write,reboot,test" as per the docs. Script content is as follows:
# Raise priority of all VRRP Interfaces
# This failover script only works when two routers are each individually connected to a 
# single internet connection. A different approach is needed when a single router
# is managing failover across two interfaces
/interface vrrp set priority=250 [/interface vrrp find vrid=20]
/interface vrrp set priority=250 [/interface vrrp find vrid=48]
/interface vrrp set priority=250 [/interface vrrp find vrid=50]
/interface vrrp set priority=250 [/interface vrrp find vrid=54]
/interface vrrp set priority=250 [/interface vrrp find vrid=67]
/interface vrrp set priority=250 [/interface vrrp find vrid=75]
/interface vrrp set priority=250 [/interface vrrp find vrid=83]
/interface vrrp set priority=250 [/interface vrrp find vrid=104]
/interface vrrp set priority=250 [/interface vrrp find vrid=122]

/ip dhcp-server enable [/ip dhcp-server find address-pool=mgmt-iprange]
I've eyeballed the VRRP Interfaces, DHCP server etc and I'm not seeing any obvious errors:

Image

Image

Indeed if I run the script from the terminal with the new "use-script-permissions" option, it appears to run without any problem:
/system/script/run vrrp-up use-script-permissions
Image
 
blacksnow
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Wed Feb 15, 2023 4:46 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 6:30 am

There is an issue with the switch based port policer (ingress traffic) not sure how far this goes back but in v7.15 you can observe the following. The egress shaper works within expectations, however the ingress policer results in limiting speed to about 1/10th of whatever number you place in the rate and at a certain point it seems just limited to roughly 150Mbit/s. For example at 1G rate, the output you get with iperf3 is 160Mbits/s. Bump the rate to 10G and you get still 160Mb/s. Bump it to 50G and it breaks the switch, you get 0Mb/s. This is on version 7.15 CCR2216. This is just using webfig and essentially applying this rule to a particular port.
/interface ethernet switch port
set sfp28-1 ingress-rate=1G
Perhaps it matters that this switch is l3hw offload enabled at the switch level (not at the port level). And I have a couple of VLANs running through this port.
 
seriquiti
newbie
Posts: 25
Joined: Wed May 11, 2022 12:55 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 7:13 am

There is an issue with the switch based port policer (ingress traffic) not sure how far this goes back but in v7.15 you can observe the following. The egress shaper works within expectations, however the ingress policer results in limiting speed to about 1/10th of whatever number you place in the rate and at a certain point it seems just limited to roughly 150Mbit/s. For example at 1G rate, the output you get with iperf3 is 160Mbits/s. Bump the rate to 10G and you get still 160Mb/s. Bump it to 50G and it breaks the switch, you get 0Mb/s. This is on version 7.15 CCR2216. This is just using webfig and essentially applying this rule to a particular port.
/interface ethernet switch port
set sfp28-1 ingress-rate=1G
Perhaps it matters that this switch is l3hw offload enabled at the switch level (not at the port level). And I have a couple of VLANs running through this port.
This has never worked for me. Have seen this happen many versions ago, not new behaviour. Pretty sure there has been forum posts about this.
 
Bechs
just joined
Posts: 1
Joined: Fri Mar 17, 2023 4:49 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 9:52 am

Hi! After upgrading two small schools to ROS 7.15 (including Firmware), there is a problem connecting to CAPs via RoMON. If you try to connect to speciffic device, winbox shows "Connecting to DC:..." and after a while there is "ERRORL disconnected from RoMON". But if You then try to connect to other devices and then return to first device, there is chance You'll get a connection. Other two schools where is still ROS7.14.3 there are no problems.
And one more problem, in scheduler script (or scripts in general, I presume) if You compare FW versions like "if curent version < upgrade then update" then comparing 7.14.3<7.15 wont take effect as formats won't match.

1st school: RB3011, 23xcAP ac's switches running SwOS, config includes 5 VLAN's
2nd school: RB2011, 13x cAP XL ac's, switches running SwOS, no VLAN's.
 
ips
Member Candidate
Member Candidate
Posts: 154
Joined: Mon Oct 09, 2023 6:48 pm
Location: Italy

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 10:15 am

I had to downgrade to 7.14.3 my Hap AX3 and Hap AX lite due to problems with WiFi. Hope a fix will be released soon.
 
areanod
just joined
Posts: 14
Joined: Thu Mar 03, 2016 7:01 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 10:41 am



From what is said in post #190 that will happen in v7.16. If untagged= still exists for special use cases, but in general the dynamic membership based on pvid= is used for untagged then it will be a case of only having to add tagged= membership for the non-CPU trunk/hybrid ports.
It already was like that! When you only set a PVID on a port, it automatically becomes an untagged port on that VLAN.
However, before the untagged port would be listed on the same VLAN line in the bridge VLAN list, and now it creates a duplicate line with the same VLAN number but a D (dynamic) flag, and adds the port to that. Confusing.
I've got a few hundred switches where untagged ports are configured via PVID and upgrading to 7.15 will break everyone of the configurations on the existing devices.
Why break the default behaviour established many moons before instead of just adding a checkbox for bridge ports to activate enhanced VLAN configuration?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 10:56 am

I've got a few hundred switches where untagged ports are configured via PVID and upgrading to 7.15 will break everyone of the configurations on the existing devices.
Why break the default behaviour established many moons before instead of just adding a checkbox for bridge ports to activate enhanced VLAN configuration?
Well, maybe it was not clear from the previous discussion, but 7.15 does not actually break this, it only shows strange results on the VLAN screen but it still works fine.
 
User avatar
rushlife
Member Candidate
Member Candidate
Posts: 254
Joined: Thu Nov 05, 2015 12:30 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 2:20 pm

pseudobridge (wifi client against capsman APs) on Metal 2SHPn and RBmAP2nD still high packet loss, since ros 7.14.x
 
sjoukes
just joined
Posts: 9
Joined: Wed Nov 01, 2017 5:44 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 10:01 pm

I am writing to report an issue I encountered after upgrading RouterOS from version 7.14.x to 7.15 on an RB4011iGS+. The update seems to have affected my scripts that check the route status.

Previously, in RouterOS 7.14.x and earlier, I used the following command to check if a route was active:
/ip/route/get value-name=active [find distance=1]
This command typically returned true or nothing, allowing my scripts to function correctly.

However, after upgrading to RouterOS 7.15, the same command returns an empty result regardless of the route's status. I suspect this change is related to the note in the update changelog:

*) route - rework of route attributes;

Could you please provide documentation or guidance on how the route attributes have been reworked in RouterOS 7.15? Understanding these changes will help me update my scripts accordingly.

n.b.
After checking other value-name attributes it seems that they all return empty values.


Another problem I'm facing is that I have packetloss/packets beeing dropped by interface if there is around 1Gbps NAT'ed traffic. (tx-queue-drops)

If I revert to 7.14.x they are gone.

I've also noticed that the router intermittantly stops routing traffic when there is more then 900Mbps NAT'ed traffic and these firewall rules are active
add action=drop chain=forward comment="Drop multicast traffic" \
    dst-address-type=multicast
add action=drop chain=input comment="Drop multicast traffic" \
    dst-address-type=multicast
    
If I revert to 7.14.x these problems are gone.
Last edited by sjoukes on Wed Jun 05, 2024 10:48 pm, edited 3 times in total.
 
S8T8
Member Candidate
Member Candidate
Posts: 127
Joined: Thu Sep 15, 2022 7:15 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 10:14 pm

Hi @rushlife, is packet loss a common problem with 7.15/7.15?
I'm experiencing a similar issue, mine seems to be related to Queue ( viewtopic.php?t=208197 ), did you try some changes to wifi config?
 
User avatar
jbl42
Member Candidate
Member Candidate
Posts: 225
Joined: Sun Jun 21, 2020 12:58 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 10:52 pm


Previously, in RouterOS 7.14.x and earlier, I used the following command to check if a route was active:
/ip/route/get value-name=active [find distance=1]
This command typically returned true or nothing, allowing my scripts to function correctly.
Seems like there now is a property called inactive with inverted logic: false for active route, true for inactive:
[admin@RB5009] > put [/ip/route/get [find distance=1]]       
.id=*80000001;dhcp=true;distance=1;dst-address=0.0.0.0/0;dynamic=true;gateway=192.168.1.1;immediate-gw=192.168.1.1%bridge1_WAN;inactive=false;vrf-interface=bridge1_WAN

[admin@RB5009] > put [/ip/route/get [find distance=1] inactive]
false
The active property is still there (and also suggested on tab), but returns nothing:
[admin@RB5009] > put [/ip/route/get [find distance=1] active]
<empty line>
 
sjoukes
just joined
Posts: 9
Joined: Wed Nov 01, 2017 5:44 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 11:16 pm

.....
Seems like there now is a property called inactive with inverted logic: false for active route, true for inactive:
.....
This does not seem to work as described.

7.14 behaviour
[x@y] >  put [/ip/route/get [find distance=1]]
...active=true...inactive=false....
[x@y] >  put [/ip/route/get [find distance=2]] 
.....inactive=false.....
[x@y] >  put [/ip/route/get [find distance=2] active]

[x@y] >  put [/ip/route/get [find distance=1] active] 
true
Inactive remains false if active is true or not.

7.15 behaviour
[x@y] >  put [/ip/route/get [find distance=1]]
.....inactive=false....
[x@y] >  put [/ip/route/get [find distance=2]] 
.....inactive=false.....
[x@y] >  put [/ip/route/get [find distance=2] active]

[x@y] >  put [/ip/route/get [find distance=1] active] 

^empty
 
User avatar
jbl42
Member Candidate
Member Candidate
Posts: 225
Joined: Sun Jun 21, 2020 12:58 pm

Re: v7.15 [stable] is released!

Wed Jun 05, 2024 11:25 pm

Tested it again and you are right.
Bottom-line, it looks like the active property is broken in 7.15. It always returns nothing.

Also interesting:
/ip/route/print where active=yes
prints out all routes with active=yes property
But
put [/ip/route/get [find active=yes]]
returns "invalid internal item number"
 
rtlx
just joined
Posts: 12
Joined: Wed Apr 16, 2014 2:18 am

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 12:38 am

RBSXTR crashes immediately when LTE modem establishes connection to the cell tower [lte1 registered home].
Afterwards it reboots and leaves log entry "router rebooted because some critical program crashed".

Downgrade to 7.14.3 resolves the problem.
Never had this problem before.
 
User avatar
Kentzo
Long time Member
Long time Member
Posts: 618
Joined: Mon Jan 27, 2014 3:35 pm
Location: California

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 1:03 am

This behavior (bug?) in IPv6 Firewall Filter seems to be new: lo -> lo in the IPv6 firewall filter forward chain
 
User avatar
MWComms
just joined
Posts: 15
Joined: Thu Nov 30, 2017 1:35 am
Location: Australia

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 7:48 am

It seems .ovpn file generation no longer generates / concatenates the <cert> and <key> stanza's. The <ca> stanza is fine.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 9:14 am


But
put [/ip/route/get [find active=yes]]
returns "invalid internal item number"
A get works on exactly one item only. Less (none) or more will give an error. Code like this should work for the condition:
:if ([ :len [ /ip/route/find where active=yes ] ] > 0) do={ ...
Last edited by eworm on Thu Jun 06, 2024 11:38 am, edited 1 time in total.
 
emilst
MikroTik Support
MikroTik Support
Posts: 22
Joined: Mon Oct 22, 2018 3:25 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 9:19 am

RBSXTR crashes immediately when LTE modem establishes connection to the cell tower [lte1 registered home].
Afterwards it reboots and leaves log entry "router rebooted because some critical program crashed".

Downgrade to 7.14.3 resolves the problem.
Never had this problem before.
Can you please create a support ticket and send us the autosupout file? It seems to be something configuration-specific as we can't reproduce this locally.
 
User avatar
rushlife
Member Candidate
Member Candidate
Posts: 254
Joined: Thu Nov 05, 2015 12:30 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 10:30 am

Hi @rushlife, is packet loss a common problem with 7.15/7.15?
I'm experiencing a similar issue, mine seems to be related to Queue ( viewtopic.php?t=208197 ), did you try some changes to wifi config?
Hi, I will try this. I believe I can reproduce this.

edit : not my case, I don't use CODEL, with ros 7.13.5 no packet loss, with 7.15 can be easily up to 20% with small packet size
 
User avatar
Smoerrebroed
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Mon Feb 12, 2018 10:21 am

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 11:24 am

I'm using this version since the rc came out...never had any problems with the DFS channels. Can you share your config, @Smoerrebroed?
It's nothing special, really. Using CAPsMAN and several cAP ax and hAP ax³ some (not all of them) lock up when using RLAN Band 1 or RLAN Band 1 + 2:
11   name="RLAN Band 2 (5470 - 5725 MHz)" frequency=5470-5725 width=20/40/80mhz 
12   name="RLAN Band 1 (5150 - 5350 MHz)" frequency=5150-5350 width=20/40/80mhz 
13   name="RLAN Band 1 + 2 (5150 - 5725 MHz)" frequency=5150-5725 width=20/40/80mhz
Yes, I know that there are DFS channels in RLAN Band 2 as well, but those seem to not cause any issues. Not that MikroTik support has been able to provide an explanation for this behavior.

At any rate, using RouterOS 7.12 does not exhibit these issues.
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 11:37 am

Could you give 40MHz bandwidth a try, @Smoerrebroed. Specifically on the 5GHz radio.
I have had lots of different brands (Cisco, Netgear, Ubiquiti, Grandstream and others) and was only able to have a completely stable connection when using 40MHz bandwidth.
 
User avatar
jbl42
Member Candidate
Member Candidate
Posts: 225
Joined: Sun Jun 21, 2020 12:58 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 12:59 pm


A get works on exactly one item only. Less (none) or more will give an error. Code like this should work for the condition:
:if ([ :len [ /ip/route/find where active=yes ] ] > 0) do={ ...
I think what happened is find returning a different number of routes matching the filter. So by accident it worked on 7.14.3 but not on 7.15.

The original problem would probably be solved with
:if ([ :len [ /ip/route/find where distance=1 and active=yes ] ] > 0) do={ ...
 
User avatar
Maggiore81
Trainer
Trainer
Posts: 600
Joined: Sun Apr 15, 2012 12:10 pm
Location: Italy
Contact:

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 1:35 pm

ax^3 works fine, single disconnections I see in the logs is related to the device which is the 5 floors away and signal is -86/-90 - so, it is expected.


Ax3, have problem wi-fi, always disconnected

skrin.png
greetings, from Chisinau too :-)
 
Bechs
just joined
Posts: 1
Joined: Fri Mar 17, 2023 4:49 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 2:26 pm

Hi! After upgrading two small schools to ROS 7.15 (including Firmware), there is a problem connecting to CAPs via RoMON. If you try to connect to speciffic device, winbox shows "Connecting to DC:..." and after a while there is "ERRORL disconnected from RoMON". But if You then try to connect to other devices and then return to first device, there is chance You'll get a connection. Other two schools where is still ROS7.14.3 there are no problems.
And one more problem, in scheduler script (or scripts in general, I presume) if You compare FW versions like "if curent version < upgrade then update" then comparing 7.14.3<7.15 wont take effect as formats won't match.

1st school: RB3011, 23xcAP ac's switches running SwOS, config includes 5 VLAN's
2nd school: RB2011, 13x cAP XL ac's, switches running SwOS, no VLAN's.
I've recreated problem on 3d school's network too. While only RouterOS is upgraded on Router (CRS) and cAP's, RoMON problem is not preset. When Router's (CRS) firmware is upgraded to 7.15 - RoMON connections still work as intended. BUT when cAP's firmware gets upgraded to 7.15 then connections problems begin. It looks like 7.15 firmware on target device is the one to blame.

P.s. Clearing Winbox cache increases sucessful connection percentage, but overall probelm persists especially on first time connections.
Last edited by Bechs on Thu Jun 06, 2024 3:11 pm, edited 1 time in total.
 
jecoronas
just joined
Posts: 5
Joined: Sun Mar 03, 2019 5:39 pm
Location: Venezuela

Unexpected Changes in Dynamic Queues

Thu Jun 06, 2024 3:09 pm

Hi, there are too much changes in this version but, I work with PPPoE Server and Dynamic Queues and I wanna know why you changed the way to the PPPoE Profile assigns the names for each indivudual queue instead to assign the same than the secret for each one. Actually just assign a number for each queue like queue1, queue2, etc, Someone knows how to make the router shows that names Like it was in previous versions?
You do not have the required permissions to view the files attached to this post.
Last edited by jecoronas on Sat Jun 08, 2024 5:21 am, edited 2 times in total.
 
User avatar
sterod
newbie
Posts: 30
Joined: Sat Oct 13, 2018 12:13 am

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 3:41 pm

I was also getting the script error in my logs after upgrading to 7.15.
"executing script from scheduler failed, please check it manually"

The solution was to replace the word "system" with "routeros"

Old - :set Var1 "$[/system package get system version]"
New: :set Var1 "$[/system package get routeros version]"
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 3:58 pm

"there is an error". MT, Please add some information that helps debugging. Something like the script location and line number.
 
cdman
newbie
Posts: 29
Joined: Sun Jan 01, 2006 11:47 pm
Location: Bulgaria/Sofia

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 5:05 pm

We have same issue here - this names were used to check traffic for users based on username, I don't see any announcement in ChangeLog for this change - so priobably bug ?
Hi, there are too much changes in this version but, I work with PPPoE Server and Dynamic Queues and I wanna know why you changed the way to the PPPoE Profile assigns the names for each indivudual queue instead to assign the same than the secret for each one. Actually just assign a number for each queue like queue1, queue2, etc...
 
S8T8
Member Candidate
Member Candidate
Posts: 127
Joined: Thu Sep 15, 2022 7:15 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 5:16 pm

Hi, I will try this. I believe I can reproduce this.

edit : not my case, I don't use CODEL, with ros 7.13.5 no packet loss, with 7.15 can be easily up to 20% with small packet size
Experiencing latency increase caused probably by the use of CAPsMAN: viewtopic.php?p=1079263#p1079263
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 6:59 pm

I was also getting the script error in my logs after upgrading to 7.15.
"executing script from scheduler failed, please check it manually"

The solution was to replace the word "system" with "routeros"
Well, that is actually GOOD! Now you see an error that was present in your config all the time since upgrading to v7.
(that is when the package "system" was renamed "routeros". that was not with 7.15 but already with 7.1)
 
optio
Forum Veteran
Forum Veteran
Posts: 945
Joined: Mon Dec 26, 2022 2:57 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 8:18 pm

Well, that is actually GOOD! Now you see an error that was present in your config all the time since upgrading to v7.
(that is when the package "system" was renamed "routeros". that was not with 7.15 but already with 7.1)
I disagree:
 /system/script add dont-require-permissions=yes name=dummy-script owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":return \"\""
Run from terminal
/system/script run dummy-script 
- no error

Even when you try to catch it:
:do {/system/script/run dummy-script} on-error={:put error}
nothing

Run same script over Winbox with same user - script error in log

It would be helpful if this actually works ok, now I had to mute script,error log topic just because of this which is even worse for scripts troubleshooting.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 9:09 pm

I disagree:
I don't disagree that there are issues, but you should agree that the example he posted ACTUALLY caught an ERROR that he had not noticed before (caused by the arbitrary and probably unnecessary change of the system package name to routeros in v7).
Same as with my claim that spurious errors were detected in netwatch scripts (which I later removed).
In my case, I had 17 netwatch entries and 4 of them (3 copied from one bad one) had a missing quote.
Never noticed that but now there was an error in the log.
 
optio
Forum Veteran
Forum Veteran
Posts: 945
Joined: Mon Dec 26, 2022 2:57 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 10:11 pm

but you should agree that the example he posted ACTUALLY caught an ERROR that he had not noticed before (caused by the arbitrary and probably unnecessary change of the system package name to routeros in v7).
I agree that would be helpful if this actually works ok, when you have log error every 1min, not much...
I always check scripts in terminal before using them, in places where runtime error can occur, that code is in :do {} on-error={} or :onerror e in={} do={}
Also, that generic error log doesn't even record actual error message and line number in script where occurred, it is even better to catch them and log from script code using :onerror e in={} do={}
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Thu Jun 06, 2024 11:30 pm

I agree that would be helpful if this actually works ok, when you have log error every 1min, not much...
There is no need to run in circles.
 
UkRainUa
newbie
Posts: 39
Joined: Sun Mar 10, 2024 3:10 am

Re: v7.15 [stable] is released!

Fri Jun 07, 2024 2:13 pm

toip not working after upgrade 7.14.3 to 7.15.
Nothing has changed except the firmware, scripts using toip do not work (hap ac2).
 
UkRainUa
newbie
Posts: 39
Joined: Sun Mar 10, 2024 3:10 am

Re: v7.15 [stable] is released!

Fri Jun 07, 2024 2:26 pm

Script execution seems not fixed.
After update to 7.15, red warnings started in sys log with: "Executing script from scheduler failed, please check it manually"
Scrips seems to be working, but this warning is present.
All scripts with :global or other definitions generate error.
Also see this error!
Many global functions work for me, only scripts that somehow use toip do not work.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15 [stable] is released!

Fri Jun 07, 2024 2:35 pm

Many global functions work for me, only scripts that somehow use toip do not work.
Works for me...
:put [ :toip "1.2.3.4" ]
1.2.3.4
What's your input for this?
 
UkRainUa
newbie
Posts: 39
Joined: Sun Mar 10, 2024 3:10 am

Re: v7.15 [stable] is released!

Fri Jun 07, 2024 2:49 pm

Many global functions work for me, only scripts that somehow use toip do not work.
Works for me...
:put [ :toip "1.2.3.4" ]
1.2.3.4
What's your input for this?
It works.
I used:
:toip value=$host
where $host can be anything: either "1.2.3.4" or "google.com". This worked on 7.14.3

PS Now it should be something like this:
:if ([:tobool [:toip value=$host]]) do={...} else={:local resolvedIP [:resolve $host] ...}
Last edited by UkRainUa on Fri Jun 07, 2024 2:58 pm, edited 1 time in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Fri Jun 07, 2024 2:57 pm

It did not work in 7.12.1 either, use of :resolve seems mandatory.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Fri Jun 07, 2024 3:07 pm

:toip is a command that converts from one variable type to different one (in this case to IP address type). "1.2.3.4" is a string representing an IP address which can be parsed and converted to IP address type. "google.com" is not a string of IP address, so obviously it cannot be converted to IP address type.
If the string is a DNS name that you want to resolve, then running "resolve" is and was always required.
 
avggeek
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Thu Jun 06, 2013 9:33 am

Re: v7.15 [stable] is released!

Sat Jun 08, 2024 10:24 am

Hitting the issue previously reported in this thread where a script that has been running without any problems up to 7.14, has started failing in 7.15.
[snip]
Can't find any pointers on the forum or from my posts here. The only option that I have right now is downgrading to 7.14 which is very disappointing.

Really wish Mikrotik would provide some additional information on how we are supposed to fix these kinds of script errors. There's no debug logging option available so it seems like the only answer from Mikrotik is "You're holding it wrong".
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Sat Jun 08, 2024 10:54 am

That is not new. Debugging of RouterOS scripts, especially those that are fired off from events and cannot be run manually from the commandline (because of missing context) has always been very difficult.
 
rb9999
newbie
Posts: 28
Joined: Thu Dec 06, 2018 3:09 pm

Re: v7.15 [stable] is released!

Sat Jun 08, 2024 10:58 am

Well, there seems to be couple of memory leaks in 7.15. As seen from the attached screenshot, I upgraded RB4011 from 7.14.3 to 7.15 at timestamp 1, I disabled wireguard at timestamp 2, but memory utilization keeps getting higher...
Posnetek zaslona 2024-06-08 095210.png
Ticket opened (SUP-154936) and looking forward for a solution.
You do not have the required permissions to view the files attached to this post.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Sat Jun 08, 2024 11:18 am

This memory leak is fixed and will be included in the next release.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.15 [stable] is released!

Sat Jun 08, 2024 1:05 pm

This memory leak is fixed and will be included in the next release.
What causes it? Some specific service or configuration we should know about to avoid until a fix is released?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.15 [stable] is released!

Sat Jun 08, 2024 1:47 pm

Leak is related to route attributes, so basically any setup where routes are added/removed frequently (like for example flapping tunnels, lots of bgp updates etc.)
 
jecoronas
just joined
Posts: 5
Joined: Sun Mar 03, 2019 5:39 pm
Location: Venezuela

Re: v7.15 [stable] is released!

Sat Jun 08, 2024 2:22 pm

We have same issue here - this names were used to check traffic for users based on username, I don't see any announcement in ChangeLog for this change - so priobably bug ?
Hi, there are too much changes in this version but, I work with PPPoE Server and Dynamic Queues and I wanna know why you changed the way to the PPPoE Profile assigns the names for each indivudual queue instead to assign the same than the secret for each one. Actually just assign a number for each queue like queue1, queue2, etc...
Maybe, I'm trying to find out some posible solution for fixi this issue but unsuccesfully. Please someone tell us if there is something to try...
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Sun Jun 09, 2024 1:01 am

After upgrade to 7.15 (from 7.13.5) the slave interface of "wifi1" suddenly was named "wifi2" like the other "real wifi2" master interface. After a re-provision (/interface/wifi/radio/provision 0,1) it was renamed correctly to "wifi3" again.
2024-06-08_23-58.png
edit:
issue re-appeared after reboot. Reported to support (SUP-155518). It seems like a cosmetic issue because "/interface/wifi/print show-ids" shows different interface IDs.

But it is confusing to see e.g. such print output (notice "wifi2" twice):
2024-06-09_09-36.png
You do not have the required permissions to view the files attached to this post.
Last edited by infabo on Sun Jun 09, 2024 10:36 am, edited 1 time in total.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15 [stable] is released!

Sun Jun 09, 2024 1:12 am

For those who are interested in free storage compared to 7.13.5:

Chateau LTE12
2024-06-09_00-09.png
2024-06-09_00-09_2.png
CAP AC
2024-06-09_00-08.png
2024-06-09_00-09_1.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
Marc66FR
just joined
Posts: 4
Joined: Sat Nov 26, 2016 5:35 pm
Location: France

Re: v7.15 [stable] is released!

Sun Jun 09, 2024 5:46 pm

Upgraded from 7.12.1 to 7.15 yesterday. All good so far on my simple setup: hEX, default setup + default FW rules + FastTrack + no STP, BGP, VLANs, WiFi

The only negative point: when I connect with HTTP, I am taken to the QuickSet by default instead of Webfig

Since I saw a few issues with 7.15 on this forum (memory leak), I was hoping I could move to 7.14.3 instead with a manual install but I could only find "downgrade" and it does not give me any choice of which version to downgrade to: only "reboot to downgrade" which I suspect will revert to the previously installed version (7.12.1 in my case). Since I updated my bootloader to 7.15, I guess it would probably cause some issues as well.

I'll keep an eye on resource consumption and will upgrade to 7.15.1 if it comes out any time soon.
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15 [stable] is released!

Sun Jun 09, 2024 5:55 pm

 
User avatar
Marc66FR
just joined
Posts: 4
Joined: Sat Nov 26, 2016 5:35 pm
Location: France

Re: v7.15 [stable] is released!

Sun Jun 09, 2024 8:53 pm

 
dkayza
just joined
Posts: 5
Joined: Tue May 16, 2023 11:21 am

Re: v7.15 [stable] is released!

Mon Jun 10, 2024 11:38 am

I try today v7.15 on 3 different 4011.
VPLS vs 7.14 2216 doesn't go running.
After dowgrade it to 7.14 interface goes up with no configuration change.
Anyone noticed this issue?
i haven't upgraded yet but running vpls as well, did you experience this issue running bgp-signalled vpls? if so did you manage to find a solution on 7.15
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 12:37 pm

What's new in 7.15.1 (2024-Jun-07 15:49):

*) bgp - fixed BGP sessions missing vpnv6 afi;
*) bgp - fixed corrupted as-path when received update with empty AS_PATH attribute (introduced in v7.15);
*) bgp - fixed vpnv6 safi;
*) health - fixed board-temperature for KNOT device (introduced in v7.15);
*) health - fixed missing health for CRS112-8G-4S device (introduced in v7.15);
*) install - fixed ARM64 cdrom install (introduced in v7.15);
*) lte - fixed cases where LTE interface would take long time to become ready after bootup for Chateau 5G and Chateau 5G R16 (introduced in v7.15);
*) lte - fixed cases where modem could be handled by multiple dialer instances;
*) modem - fixed unresponsive PPP link recovery when TX bandwidth was exceeding link capacity;
*) poe-out - fixed silent firmware upgrade fail on CRS112-8P-4S device (introduced in v7.15);
*) ppp - fixed dynamic queue default name (introduced in v7.15);
*) route - fixed memory leak (introduced in v7.15);
*) route - fixed some missing route parameters when printing (introduced in v7.15);
*) wifi - fixed signal strength reporting during association (introduced in v7.15);
*) wifi - improved WPA3 PMKSA handling when access-lists with custom passphrases are used;
*) winbox - fixed issue with skin file appearing as unknown in user group menu (introduced in v7.15);
*) winbox - fixed missing system note on login (introduced in v7.15);
 
guru431
just joined
Posts: 18
Joined: Fri Nov 29, 2019 10:37 am

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 6:08 pm

Hi everyone!

The /ip/dns/adlist function is not working correctly on my RB750Gr3.

I have tried the following sources:
add ssl-verify=no url="https://raw.githubusercontent.com/Steve ... ling/hosts"
add ssl-verify=no url="https://raw.githubusercontent.com/Steve ... ster/hosts"
add ssl-verify=no url="https://raw.githubusercontent.com/hagez ... ts/pro.txt"
add ssl-verify=no url="https://raw.githubusercontent.com/Dande ... eHosts.txt"
add ssl-verify=no url="https://raw.githubusercontent.com/FadeM ... Spam/hosts"
add ssl-verify=no url="https://raw.githubusercontent.com/Filte ... Dhosts.txt"
add ssl-verify=no url="https://big.oisd.nl"
add ssl-verify=no url="https://osint.digitalside.it/Threat-Int ... omains.txt"

After adding all of them show match-count=0 name-count=0

But I still found 2 sources that added my Mikrotik normally:
Flags: X - disabled
0 url="https://v.firebog.net/hosts/Prigent-Crypto.txt" ssl-verify=no match-count=2 name-count=16274

1 url="https://pgl.yoyo.org/adservers/serverli ... ip=0.0.0.0" ssl-verify=no
match-count=0 name-count=3555

I then downloaded the files in all the links via browser and uploaded them to my two servers. Then I added the links to my own addresses in Mikrotik.
On my first server all sources were match-count=0 name-count=0
On the second one, only one file was added to Mikrotik - Prigent-Crypto.txt.
At the same time through the browser all files from my servers are downloaded normally.

dynamic-servers:
use-doh-server:
verify-doh-cert: no
doh-max-server-connections: 5
doh-max-concurrent-queries: 50
doh-timeout: 5s
allow-remote-requests: yes
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 100
max-concurrent-tcp-sessions: 20
cache-size: 102400KiB
cache-max-ttl: 1w
address-list-extra-time: 0s
vrf: main
cache-used: 3259KiB


uptime: 50m40s
version: 7.15.1 (stable)
build-time: 2024-06-07 12:49:11
factory-software: 6.40
free-memory: 187.3MiB
total-memory: 256.0MiB
cpu: MIPS 1004Kc V2.15
cpu-count: 4
cpu-frequency: 880MHz
cpu-load: 3%
free-hdd-space: 3584.0KiB
total-hdd-space: 16.0MiB
write-sect-since-reboot: 62093
write-sect-total: 11162589
architecture-name: mmips
board-name: hEX
platform: MikroTik
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 8:14 pm

Hi everyone!

The /ip/dns/adlist function is not working correctly on my RB750Gr3.
This function (especially with that many lists) is not intended for a small router like the RB750Gr3...
Get something like a RB5009 or better.
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 8:33 pm

Hi everyone!

The /ip/dns/adlist function is not working correctly on my RB750Gr3.

I have tried the following sources:
add ssl-verify=no url="https://raw.githubusercontent.com/Steve ... ling/hosts"
add ssl-verify=no url="https://raw.githubusercontent.com/Steve ... ster/hosts"
add ssl-verify=no url="https://raw.githubusercontent.com/hagez ... ts/pro.txt"
add ssl-verify=no url="https://raw.githubusercontent.com/Dande ... eHosts.txt"
add ssl-verify=no url="https://raw.githubusercontent.com/FadeM ... Spam/hosts"
add ssl-verify=no url="https://raw.githubusercontent.com/Filte ... Dhosts.txt"
add ssl-verify=no url="https://big.oisd.nl"
add ssl-verify=no url="https://osint.digitalside.it/Threat-Int ... omains.txt"

After adding all of them show match-count=0 name-count=0

But I still found 2 sources that added my Mikrotik normally:
Flags: X - disabled
0 url="https://v.firebog.net/hosts/Prigent-Crypto.txt" ssl-verify=no match-count=2 name-count=16274

1 url="https://pgl.yoyo.org/adservers/serverli ... ip=0.0.0.0" ssl-verify=no
match-count=0 name-count=3555

I then downloaded the files in all the links via browser and uploaded them to my two servers. Then I added the links to my own addresses in Mikrotik.
On my first server all sources were match-count=0 name-count=0
On the second one, only one file was added to Mikrotik - Prigent-Crypto.txt.
At the same time through the browser all files from my servers are downloaded normally.

dynamic-servers:
use-doh-server:
verify-doh-cert: no
doh-max-server-connections: 5
doh-max-concurrent-queries: 50
doh-timeout: 5s
allow-remote-requests: yes
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 100
max-concurrent-tcp-sessions: 20
cache-size: 102400KiB
cache-max-ttl: 1w
address-list-extra-time: 0s
vrf: main
cache-used: 3259KiB


uptime: 50m40s
version: 7.15.1 (stable)
build-time: 2024-06-07 12:49:11
factory-software: 6.40
free-memory: 187.3MiB
total-memory: 256.0MiB
cpu: MIPS 1004Kc V2.15
cpu-count: 4
cpu-frequency: 880MHz
cpu-load: 3%
free-hdd-space: 3584.0KiB
total-hdd-space: 16.0MiB
write-sect-since-reboot: 62093
write-sect-total: 11162589
architecture-name: mmips
board-name: hEX
platform: MikroTik
The files are saved in the NAND before being loaded into RAM, if you don't have free space in the flash you can't download the host file.

SUP-146323
Thank you for contacting MikroTik Support.
It looks like your device doesn't have enough storage on the device to use adlist. At the moment the adlist is downloaded to the NAND as well as stored in RAM, we are looking in to maybe changing the behavior, but sadly can't provide more details at the moment.
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 163
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 9:17 pm

Dude 7.15.1

ugrade dude chr 7.13.5 to 7.15.1.

We have now very slow loading speed...1MBits max...
chr licence ok.

tested on 2 differents dude chr installation on vm ware...

anybody has the same issue ?
 
User avatar
VadiKO
just joined
Posts: 8
Joined: Wed May 20, 2020 11:48 pm
Location: Ukraine

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 9:33 pm

Updated routers from 7.15 to 7.15.1

On hap ax3 (C53UiG+5HPaxD2HPaxD), the graph shows that the memory is almost completely occupied, after the update the graph showed the memory being freed up to the real value, but after a few minutes everything came back...
How is that???
On hap ac (RB962UiGS-5HacT2HnT) everything is more or less adequate.
ax3.png
ac2.png
You do not have the required permissions to view the files attached to this post.
 
gze100
just joined
Posts: 6
Joined: Wed Jan 20, 2010 2:30 am
Location: Germany

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 10:11 pm

I upgraded a vultr CHR 7.15 to 7.15.1 using the internal upgrade function and after the necessary restart my wireguard vpns stopped working. Downgrading to 7.15 fixed the problem. So please deploy with caution.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 11:01 pm

When a BGP connection is disconnected and re-connected, it immediately establishes and shows 1 or 2 messages sent/received, but it exchanges the routing info only a minute later (the keepalive interval). Not sure if this started in 7.15 or 7.15.1, but it seems OK in earlier versions.
 
ksteink
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Thu Mar 31, 2016 6:54 pm

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 11:28 pm

I upgraded a vultr CHR 7.15 to 7.15.1 using the internal upgrade function and after the necessary restart my wireguard vpns stopped working. Downgrading to 7.15 fixed the problem. So please deploy with caution.
I have updated few devices for testing and the WireGuard VPN came up without a problem on all of them.
 
MichalPospichal
newbie
Posts: 34
Joined: Sun Feb 04, 2018 11:27 pm
Location: Czech Republic

Re: v7.15.1 [stable] is released!

Mon Jun 10, 2024 11:28 pm

I upgraded a vultr CHR 7.15 to 7.15.1 using the internal upgrade function and after the necessary restart my wireguard vpns stopped working. Downgrading to 7.15 fixed the problem. So please deploy with caution.
Just tried it and my WG Road Warrior setup works without issues.
 
bbs2web
Member Candidate
Member Candidate
Posts: 234
Joined: Sun Apr 22, 2012 6:25 pm
Location: Johannesburg, South Africa
Contact:

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 10:54 am

Having a problem with RouterOS 7.15 and 7.15.1 that MLAG peer link drops out causing interruptions in network:
09:38:01 bridge,warning "bridge" peer disconnected
09:38:01 bridge,warning "bridge" peer link down
09:38:01 bridge,info "bridge" peer link up
09:38:01 bridge,info "bridge" peer connected
09:38:01 bridge,info "bridge" peer becomes primary DC:2C:6E:D2:AF:4B
2 x CRS354-48G-4S+2Q+ setup with 2 x 40G (QSFP+) LACP LAG as the peer link (called bond-peer).

Ports themselves and LACP link does not flap when these notifications happen. QSFP+ ports are interconnected using MikroTik Q+DA0001 DAC (40 Gbps QSFP+ direct attach copper cable).
 
User avatar
Maggiore81
Trainer
Trainer
Posts: 600
Joined: Sun Apr 15, 2012 12:10 pm
Location: Italy
Contact:

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 11:21 am

Upgraded from 7.15 to 7.15.1 (Hap aC2) - disappeared routing filters + bgp peers !!!!
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 11:52 am

Related side question, why do you have BGP filters on a Home WiFI access point?
 
User avatar
Maggiore81
Trainer
Trainer
Posts: 600
Joined: Sun Apr 15, 2012 12:10 pm
Location: Italy
Contact:

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 12:04 pm

It was a CPE at a customer site. eth1 FTTH, eth2 FWA, eth5 - customer CPE with a /30
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 3:46 pm

Upgraded from 7.15 to 7.15.1 (Hap aC2) - disappeared routing filters + bgp peers !!!!
Did it disappear only in winbox?
Have you checked if the options appear via http?
And via CLI?



Related side question, why do you have BGP filters on a Home WiFI access point?

There are several possible reasons for this.
One of them is homelab. Outra is VPN using BGP to signaling the routes.

But the most important is that if a feature is going to stop being supported under certain conditions (which is perfectly normal in any software solution) this NEEDS to be done in a clear and transparent manner.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 3:49 pm

There is nothing stopped being supported. It most likely is (on a hAP ac2) the exhaustion of flash space that corrupted the configuration.
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 5:05 pm

Skins on webfig, for the RB750GR3, are still not working. It's being detected and now, on 7.15.1, can be at least selected on Systems/Users/Groups, likely fixed by:
.
*) winbox - fixed issue with skin file appearing as unknown in user group menu (introduced in v7.15);
.
But no matter how many logout/login I do, it's never actually applied. So not fully fixed, at least on all RB750Gr3 I have and tested on.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 5:24 pm

Related side question, why do you have BGP filters on a Home WiFI access point?
Why does ROS offer BGP filters on a Home WiFi access point when manufacturer drops the opinion that one should not have it?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 6:43 pm

Related side question, why do you have BGP filters on a Home WiFI access point?
Why does ROS offer BGP filters on a Home WiFi access point when manufacturer drops the opinion that one should not have it?
Especially because it was often suggested during the times the hAP ac2 was quickly running low on storage to make RouterOS modular again, as it was in v6, so those features would only be present when some optional "advanced routing" package is installed.
(so those running out of storage could omit that when they did not require these features)
 
homerouter
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Sun Dec 26, 2021 12:52 pm
Location: DK

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 8:16 pm

Removed...
Last edited by homerouter on Thu Jun 13, 2024 2:27 pm, edited 1 time in total.
 
User avatar
Maggiore81
Trainer
Trainer
Posts: 600
Joined: Sun Apr 15, 2012 12:10 pm
Location: Italy
Contact:

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 10:25 pm

They disappeared also on the CLI. The Hap AC2 is installed from netinstall to 7.15 - no wireless package installed, just the ROS 7. We use tens of these routers as CPE on customers's site. We install then in dual-wan setup using BGP with no issue. FASTPATH and no other particular settings. They works perfectly. I am very surprised about the question why I shouldn't run BGP on a HAP AC2... We have also on HEX, HEX-Lite (all on v7)

They run perfectly fine! With 0 issues.
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 3135
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: v7.15 [stable] is released!

Tue Jun 11, 2024 10:47 pm

Hi! After upgrading two small schools to ROS 7.15 (including Firmware), there is a problem connecting to CAPs via RoMON. If you try to connect to speciffic device, winbox shows "Connecting to DC:..." and after a while there is "ERRORL disconnected from RoMON". But if You then try to connect to other devices and then return to first device, there is chance You'll get a connection. Other two schools where is still ROS7.14.3 there are no problems.
And one more problem, in scheduler script (or scripts in general, I presume) if You compare FW versions like "if curent version < upgrade then update" then comparing 7.14.3<7.15 wont take effect as formats won't match.

1st school: RB3011, 23xcAP ac's switches running SwOS, config includes 5 VLAN's
2nd school: RB2011, 13x cAP XL ac's, switches running SwOS, no VLAN's.
I've recreated problem on 3d school's network too. While only RouterOS is upgraded on Router (CRS) and cAP's, RoMON problem is not preset. When Router's (CRS) firmware is upgraded to 7.15 - RoMON connections still work as intended. BUT when cAP's firmware gets upgraded to 7.15 then connections problems begin. It looks like 7.15 firmware on target device is the one to blame.

P.s. Clearing Winbox cache increases sucessful connection percentage, but overall probelm persists especially on first time connections.

i have this same issue in some locations, since 7.15 and persist on 7.15.1, in my case clearing winbox cache does not fix it

in fact i cant connect to some devices directly without romon too

i tried a clean winbox from a virtual machine and connects to the same devices from the same location using romon perfectly

i am using winbox 3-40

if i connect with the option session = <none> problem disappears
 
User avatar
Maggiore81
Trainer
Trainer
Posts: 600
Joined: Sun Apr 15, 2012 12:10 pm
Location: Italy
Contact:

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 11:09 pm

There is nothing stopped being supported. It most likely is (on a hAP ac2) the exhaustion of flash space that corrupted the configuration.
Sorry. No.

> system resource/print
uptime: 11h50m4s
version: 7.15.1 (stable)
build-time: 2024-06-07 12:49:11
factory-software: 6.44
free-memory: 62.7MiB
total-memory: 128.0MiB
cpu: ARM
cpu-count: 4
cpu-frequency: 448MHz
cpu-load: 1%
free-hdd-space: 3480.0KiB
total-hdd-space: 15.2MiB
write-sect-since-reboot: 395
write-sect-total: 5757001
architecture-name: arm
board-name: hAP ac^2
platform: MikroTik

No wireless installed.
 
User avatar
Paternot
Forum Guru
Forum Guru
Posts: 1056
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v7.15.1 [stable] is released!

Tue Jun 11, 2024 11:36 pm

Going on this way, I will skip 7.15.x entirely... 7.15.0 is already a no-go. 7.15.1 is shaping "nicely" too.. 7.15.3 is the charm? Looks like it will be one of "those" versions...
 
Edified
newbie
Posts: 38
Joined: Thu Sep 16, 2010 9:02 am

v7.15.1 [stable] Slow Export, Pegged CPU

Wed Jun 12, 2024 1:32 am

7.15.1 CRS112-8P-4S
/export pegs CPU to 100% and takes 20 seconds to print a simple ~55 line configuration to Winbox (3.40) Terminal.

Just Bridges and VLANs which all show Hardware Offload. I don't think it used to be this slow...87.7Free/128MiB, about 40% CPU load... maybe someone else knows?
 
Edified
newbie
Posts: 38
Joined: Thu Sep 16, 2010 9:02 am

WG Client Config AllowedIPs

Wed Jun 12, 2024 1:47 am

[Req] Please add a Wireguard/Peer field for Client AllowedIPs.

I have quite some VPN clients that only to send certain traffic over the VPN and right now it's an annoyance that the QR code always includes a AllowedIPs: 0.0.0.0/0, ::/0 since their WG server isn't even set up to route WG traffic to the internet.

Currently the Docs (https://help.mikrotik.com/docs/display/ROS/WireGuard) read:
*AllowedIPs configuration that is provided to the client through WireGuard peer export (configuration file or QR code) can not be changed and will be "0.0.0.0/0, ::/0" at the moment. If it is necessary to change these values on remote end, then that is up to the remote peer software used for WireGuard connection.

It seems to me that the whole point of generating QR codes is to simplify config distribution and AllowedIPs is a critical field. I can't think of one but is there a reason to rely on editing the setting in the peer's interface rather than including it in the QR code?
 
Reinis
MikroTik Support
MikroTik Support
Posts: 92
Joined: Wed Jan 02, 2019 12:14 pm
Location: Latvia
Contact:

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 9:05 am

*) discovery - optimized LLDP information update;
The change relates on how RouterOS updates LLDP information internally, not sending/receiving LLDP packets

Librenms version 24.5.0-39
Event Log:
discovery 192.168.0.2 LLDP discovery of GS2210 failed - Check name lookup
I made changes to LLDP on my Zyxel managed switch and enabled notification
Screenshot_20240611_205314.png
Screenshot_20240611_210312.png
I think I fixed the LLDP discovery of GS2210... I don't see the above failed error. Can we please get more info other than failed?!!!
I also added on the mikrotik logs for ldp but I get nothing!
Please advise and thanks in advanced.
Cannot comment on 3rd party software error logging, but you should provide more details about how you fixed the error, only then further conclusion can be made.
MikroTik logs does not provide errors because it does not see any. I'd recommend continuing this discussion with support@mikrotik.com to determine whether changes should be made on our side.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15 [stable] is released!

Wed Jun 12, 2024 10:45 am

i tried a clean winbox from a virtual machine and connects to the same devices from the same location using romon perfectly

i am using winbox 3-40

if i connect with the option session = <none> problem disappears
Unfortunately that sometimes happens after upgrades.
It seems that the link between the items in the session files and on the router is via identifiers like a column name or a window name, and developers aren't very careful to make sure they are unique when assigning them.
There are several duplicate names for columns everwhere, and sometimes it also happens for windows.
E.g. with the transition from the old to the new WiFi drivers, some things got the same names in both, and Winbox was very confused.
And indeed, often that can be resolved by "simply deleting the session file".
(unfortunately it seems MikroTik aren't aware how valuable session files are for some people. there is a lot of work in setting up everything with the correct columns, widths, sizes etc, and losing all that to solve a minor issue is a real pain. I asked several times to change the session file format to something like JSON or XML so that we could at least see what is wrong and make minor corrections, but it seems unlikely to happen)
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 11:15 am

Upgraded map lite, cap ac and chateau lte12 to 7.15.1. No issues so far. Thank you Mikrotik!
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 2:28 pm

Skins on webfig, for the RB750GR3, are still not working. ......
.
Actually, after further testing, skins on webfig are not working AT ALL with 7.15.1, tested on different models (2011s, 3011s, 4011s, different CCRs). Skin can be selected correctly on System/Users/Groups, but never applies. 7.15.1 completely killed skins on the webfig.
 
ksteink
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Thu Mar 31, 2016 6:54 pm

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 5:00 pm

Updated a bunch of devices and no issues so far (all upgrades were smooth and no detected issues with current configurations):

- CRS326-24G
- CRS312
- hEX S
- hAP AC2
- RB2011
- RB3011
- RB4011
- RB5009
- cAP
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 5:48 pm

*) wifi - added "reselect-interval" support;
Dear Mikrotik: I would like to see log entries in "wireless, info" topic when channel frequency changes on interface due to reselect. Thank you!
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 5:56 pm

I upgraded a vultr CHR 7.15 to 7.15.1 using the internal upgrade function and after the necessary restart my wireguard vpns stopped working. Downgrading to 7.15 fixed the problem. So please deploy with caution.
I have Wireguard running ever since ROS 7 was still in 7.1 beta. Can't remember ever having troubles after an upgrade with Wireguard. Just works. Even in 7.15.1.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 7:47 pm

I was doing upgrade 7.13.5 -> 7.14.3 on one network today and after that one single wireguard peer become unresponsive to connection attempts while others were OK.

One thing helped - changing some less important setting in that peer (I appended list of allowed addresses - it was not ::/0 peer), clicking Apply and then changing it back to previous value. Simple disabling and re-enabling peers and interfaces did not help, but something might have got "corrupted" in that one peer which got corrected by (essentially) overwriting the configuration of this peer. It is not exactly related to 7.15/7.15.1 (have not seen that problem with 7.15.x yet), but it might help...
 
MTNick
Member Candidate
Member Candidate
Posts: 106
Joined: Fri Nov 24, 2023 6:43 am

Re: v7.15.1 [stable] is released!

Wed Jun 12, 2024 8:13 pm

RB5009, hex & hex-s upgrade went well & working as intended. System seems more responsive, especially on both hex’s
 
Edified
newbie
Posts: 38
Joined: Thu Sep 16, 2010 9:02 am

Re: WG Client Config AllowedIPs

Wed Jun 12, 2024 9:30 pm

[Req] Please add a Wireguard/Peer field for Client AllowedIPs.

I have quite some VPN clients that only to send certain traffic over the VPN and right now it's an annoyance that the QR code always includes a AllowedIPs: 0.0.0.0/0, ::/0 since their WG server isn't even set up to route WG traffic to the internet.

Currently the Docs (https://help.mikrotik.com/docs/display/ROS/WireGuard) read:
*AllowedIPs configuration that is provided to the client through WireGuard peer export (configuration file or QR code) can not be changed and will be "0.0.0.0/0, ::/0" at the moment. If it is necessary to change these values on remote end, then that is up to the remote peer software used for WireGuard connection.

It seems to me that the whole point of generating QR codes is to simplify config distribution and AllowedIPs is a critical field. I can't think of one but is there a reason to rely on editing the setting in the peer's interface rather than including it in the QR code?
I tested producing a QRcode locally using Python's qrencode including:
AllowedIPs = 10.0.0.0/24,172.16.100.0/24
And the resulting QRcode scanned correctly into WireGuard iOS. So it seems it would work...
 
User avatar
Kentzo
Long time Member
Long time Member
Posts: 618
Joined: Mon Jan 27, 2014 3:35 pm
Location: California

Re: v7.15 [stable] is released!

Thu Jun 13, 2024 1:54 am

[deleted]
Last edited by Kentzo on Fri Jun 14, 2024 8:39 am, edited 1 time in total.
 
nexusds
newbie
Posts: 30
Joined: Fri Aug 16, 2019 6:51 am

Re: v7.15 [stable] is released!

Thu Jun 13, 2024 6:31 am

ACHTUNG !!! ALERT !
Do not use this version with CRS354 !!!

Huge packetloss, huge performance drop, unusable on some ports.
Seeing downloads go to 10mbps, while upload works fine.. then fine for a bit after a reboot.. definitely something odd going on (link state is full1Gbps) and transfer is to internet or between hosts, so its specific to ports as other ports work fine.
 
Atmis
just joined
Posts: 1
Joined: Mon May 22, 2023 6:24 pm

Re: v7.15.1 [stable] is released!

Thu Jun 13, 2024 9:14 am

Exact same situation here with a CRS354, downloads goes to 10Mbps on some ports while upload is fine. Ok after a reboot for a little moment before it start again. I had to rollback to 7.14.3.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15.1 [stable] is released!

Thu Jun 13, 2024 10:13 am

The CRS354 issue has been found and will be fixed in 7.16beta2 and 7.15.2
 
guru431
just joined
Posts: 18
Joined: Fri Nov 29, 2019 10:37 am

Re: v7.15.1 [stable] is released!

Thu Jun 13, 2024 10:40 am

Hi everyone!

The /ip/dns/adlist function is not working correctly on my RB750Gr3.
This function (especially with that many lists) is not intended for a small router like the RB750Gr3...
Get something like a RB5009 or better.

Naturally, I try to upload these lists not simultaneously, but one by one.

The files are saved in the NAND before being loaded into RAM, if you don't have free space in the flash you can't download the host file.

SUP-146323
Thank you for contacting MikroTik Support.
It looks like your device doesn't have enough storage on the device to use adlist. At the moment the adlist is downloaded to the NAND as well as stored in RAM, we are looking in to maybe changing the behavior, but sadly can't provide more details at the moment.

I think the problem is not only in free space.
I have 3500 KB of free space on my router.

And these files are uploading:
https://pgl.yoyo.org/adservers/serverli ... ip=0.0.0.0
https://v.firebog.net/hosts/Prigent-Crypto.txt
Their sizes are 88 KB and 302 KB respectively

And this source is not uploaded:
https://raw.githubusercontent.com/FadeM ... Spam/hosts
Although its size is only 1.6 KB.

And if I move these files to my server and upload from it, then only one of 3 files is added - Prigent-Crypto.txt
Although it is the largest.

There is definitely something else influences here besides the size of files and free space on the router.
Probably the configuration of web servers. For example, encryption or timeouts.
 
jecoronas
just joined
Posts: 5
Joined: Sun Mar 03, 2019 5:39 pm
Location: Venezuela

v7.15.1 PPPoE Dynamic Queue default name fixed

Thu Jun 13, 2024 11:57 am

Hi, Thanks to Mikrotik for fix the issue about the default name of the dynamic queue for PPPoE server...
You do not have the required permissions to view the files attached to this post.
 
kos
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Mon Oct 31, 2016 11:51 am

Re: v7.15.1 [stable] is released!

Thu Jun 13, 2024 12:16 pm

Could someone explain what "*) ppp - fixed "on-down" script running even when tunnel was not up:" means? It was a perfect option to execute a "port knocking" mechanism but it doesn't work anymore.

If I have a VPN client, is it normal after restart (the tunnel "was not up"), when the connection fails, to not execute "on-down" script?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15.1 [stable] is released!

Thu Jun 13, 2024 1:59 pm

I observed the problem that when PPP on-down script was executed when the router attempted to get PPP connected, failed, and the connection remained down.
That was causing some problems in my case, but I worked around it and did not report it. Still I am happy that it is resolved.
I do not understand what this has to do with a port-knocking mechanism.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15.1 [stable] is released!

Thu Jun 13, 2024 2:01 pm

I think the problem is not only in free space.
I have 3500 KB of free space on my router.
Did you already increase the DNS cache size? It can be changed from 2048 to 20480 without issue on that router.
 
kos
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Mon Oct 31, 2016 11:51 am

Re: v7.15.1 [stable] is released!

Thu Jun 13, 2024 2:42 pm

I do not understand what this has to do with a port-knocking mechanism.
When a VPN serve has a "port-knocking" implemented, the client must "knock" in order to connect. Until 7.14.1 "on-down" script was performing the "knocking" perfectly.

Who is online

Users browsing this forum: eworm, olegin, timotei and 8 guests