Community discussions

MikroTik App
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

v7.16beta [testing] is released!

Thu Jun 06, 2024 1:39 pm

RouterOS version 7.16beta has been released on the "v7 testing" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 7.16beta7 (2024-Jul-25 12:55):

*) 6to4 - improved system stability when using 6to4 tunnel without specified remote-address;
*) 6to4 - make "remote-address" parameter not-mandatory (introduced in v7.16beta3);
*) arm64 - fixed "disable-running-check" for ARM64 UEFI;
*) arp - fixed possible issue with invalid entries;
*) bridge - added dynamic tagged entry when VLAN interface is created on vlan-filtering bridge (additional fixes);
*) bridge - added L2 MDB support for IGMP snooping (additional fixes);
*) bridge - fixed MVRP leave;
*) bridge - fixed port "point-to-point" status after first link change;
*) bth - improved stability on system time change;
*) console - added "about" filters for "find" and "print where" commands;
*) console - increased default width for bitrate type of columns;
*) dhcp - improved DHCP IPv4 and IPv6 client/relay/server underlying interface state change handling;
*) dhcpv4-server - remove corresponding dynamic leases if their address-pool gets removed;
*) discovery - added discover-interval setting (additional fixes);
*) discovery - added LLDP Port VLAN ID, Port And Protocol VLAN ID, VLAN Name TLVs support (additional fixes);
*) discovery - added LLDP-MED timeout (additional fixes);
*) discovery - changed default discover-interval setting from 60s to 30s;
*) disk - remove dummy "slot1" entries on CHR;
*) dns - added support for DoH with adlist (additional fixes);
*) dns - added support for mDNS proxy;
*) dns - fixed memory leak caused by DoH service (introduced in v7.16beta3);
*) dns - improved imported adlist parsing;
*) dns - match NXDOMAIN static entry only if other type entries for the same name are not found;
*) dns - refactored adlist service internal processes and improved logging;
*) dns - show static entry type "A" field in console;
*) ethernet - improved system stability for Alpine CPUs when dealing with unexpected non-UDP/TCP packet transmit;
*) file - renamed "creation-time" to "last-modified";
*) filesystem - improved boot speed after device is rebooted without proper shutdown (additional fixes);
*) filesystem - refactored internal processes to minimize sector writes (additional fixes);
*) iot - fixed incorrect LoRa filter export behavior;
*) iot - fixed LoRa inability to set SSL for LoRa servers via command line;
*) ipsec - improved installed SA statistics update;
*) ipsec - improved performance by balancing multicore CPU usage for key exchange calculation;
*) ipv6 - fixed pool allocated addresses missing after reboot (additional fixes);
*) ipv6 - improved handling of IPv6 address information;
*) ipv6 - improved LL address generation process (additional fixes);
*) leds - fixed rgb LED blink (introduced in v7.16beta1);
*) lte - fixed possible crash when enabling/disabling config-less modem interface;
*) lte - improved modem AT/modem port open;
*) lte - improvements to "/interface/lte/show-capabilities" command (additional fixes);
*) modem - fixed cases where USB bus could switch places (introduced in v7.16beta1) (additional fixes);
*) modem - improved support for KNOT BG77 modem firmware update (additional fixes);
*) poe-out - fixed incorrect port mapping on CRS354-48P-4S+2Q+ device (introduced in v7.16beta1);
*) ppp - added SIM hot-plug enable command to default init-string for KNOT and CME gateway;
*) ppp - fixed PPP info parser showing error for BG77 modem running on KNOT AUX AT/modem port;
*) qos-hw - added queue-buffers property to tx-manager (additional fixes);
*) qos-hw - fixed egress-rate limit validation;
*) qos-hw - fixed WRED thresholds;
*) qos-hw - improved behavior when changing ports tx-manger;
*) rose-storage - renamed sync "remote-addr" property to "remote-address";
*) route - improved route attribute handling (may increase memory usage);
*) route - improved stability when getting entries from large routing tables;
*) routerboard - improved Etherboot stability for CRS320-8P-8B-4S+ device ("/system routerboard upgrade" required);
*) sfp - fixed calculated link length based on EEPROM in certain cases (additional fixes);
*) ssh - fixed unsupported user SSH public key import (introduced in v7.15);
*) switch - fixed bonding FDB entries (introduced in v7.16beta3);
*) switch - fixed Ethernet counters after switch reset for CRS354 devices (introduced in v7.16beta1);
*) switch - improved switch reset;
*) system - added critical log message when not enough space to store new configuration;
*) system - fixed "free disk space" error message on system upgrade/downgrade;
*) system - improved internal system services messaging;
*) system - improved performance for TCP input;
*) traceroute - do not stop traceroute after 5 consecutive unreachable hops;
*) user - added inactivity timeout for non-GUI sessions (additional fixes);
*) webfig - allow to enter time that exceeds 23:59:59;
*) webfig - correctly display default value for number type;
*) webfig - enabled hotlock mode for terminal;
*) webfig - fixed an issue where wrong menu title was shown;
*) webfig - fixed sorting by datetime;
*) webfig - use "any" argument by default for Torch "Port" property;
*) wifi - added "slave-name-format";
*) wifi - added interface provisioning logs;
*) wifi - fixed packet receive when having multiple station interfaces (additional fixes);
*) wifi - improved system stability after interface hang;
*) wifi - send channel switch announcements to clients when switching channels at requested re-select intervals;
*) winbox - added "Switch/QoS" menu for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices (additional fixes);
*) winbox - added configuration settings for ROSE;
*) winbox - added extra "File System" under "Format Drive" button;
*) winbox - added missing "Default Name" property for interfaces;
*) winbox - fixed Switch menu for RB1100AHx4 device;
*) winbox - improved QR code display;
*) winbox - moved Switch menu tabs to individual menus (additional fixes);
*) winbox - properly display available address-pools for DHCPv6 server configuration;
*) winbox - renamed configurable wifi property "Tx Power" to "Max Tx Power";
*) winbox - use correct default value for "Partition Offset" property;

What's new in 7.16beta4 (2024-Jul-02 15:47):

*) discovery - added discover-interval setting;
*) disk - added "wipe-quick" file-system option to format-drive command (CLI only);
*) dns - refactored DNS service internal processes (additional fixes);
*) filesystem - improved boot speed after device is rebooted without proper shutdown;
*) filesystem - refactored internal processes to minimize sector writes;
*) health - improved voltage measurements for RB912UAG-6HPnD and RB912UAG-5HPnD devices;
*) ipv6 - do not allow to manually delete LL address (additional fixes);
*) log - added basic validation for "disk-file-name" property;
*) lte - fixed R11e-LTE no traffic flow when modem with old firmware is used;
*) poe-out - fixed possible issue with "current_too_low" on devices with a single PoE out interface (introduced in v7.16beta1);
*) routerboard - improved Etherboot stability for IPQ-40xx devices ("/system routerboard upgrade" required);
*) user - added inactivity timeout for non-GUI sessions (additional fixes);
*) x86 - fixed missing serial ports with MCS9900;

What's new in 7.16beta3 (2024-Jun-27 08:33):

*) 6to4 - fixed 6to4 tunnel LL address generation after system reboot;
*) 6to4 - limit keepalive timeout maximum value;
*) 6to4 - make "remote-address" parameter mandatory;
*) address - added "S" flag for addresses that belong to a slave interface;
*) arm64/x86 - added rtl8111/8168/8411 firmware;
*) bridge - added L2 MDB support for switch chips with HW offloaded IGMP snooping;
*) bridge - do not allow duplicate ports;
*) bth - improved system stability;
*) certificate - added support for cloud-dns challenge validation for sn.mynetname.net (CLI only);
*) certificate - automatically parse uppercase symbols to lowercase when registering domain on Let's Encrypt;
*) chr - fixed incorrect disk size for ARM64;
*) console - added additional byte-array option to :convert command;
*) console - fixed an issue where certain MAC address can be interpreted as time value;
*) console - fixed typo in firewall error message;
*) console - improved stability when pasting a large input;
*) defconf - configure the default-route property for PPP clients only on devices with a built-in modem;
*) dhcp - added comment property for matchers, options and option sets;
*) dhcpv4-server - added matcher ability to match substring;
*) dhcpv4-server - added name for "User-Class" option (77), "Authentication" option (90), "SIP-Servers-DHCP-Option" option (120) and "Unassigned" option (163-174) in debug logs;
*) dhcpv6-client - release client on failed renew attempt (additional fixes);
*) discovery - added LLDP Port VLAN ID, Port And Protocol VLAN ID, VLAN Name TLVs support;
*) discovery - added LLDP-MED timeout;
*) discovery - set unknown bit for any unspecified link type in MAC/PHY TLV;
*) disk - added log message when disks get added or removed;
*) dns - added support for DoH with static FWD entries;
*) dns - added support for mDNS proxy (CLI only);
*) dns - refactored DNS service internal processes;
*) firewall - removed unnecessary TLS host matcher from NAT tables;
*) health - removed unnecessary health settings for RB921 and RB922 devices;
*) install - allow to save old configuration during cdrom install;
*) iot - added an option to log LoRa filtered packets (additional fixes);
*) iot - added LoRa option to filter out proprietary packets (additional fixes);
*) ipip6 - make IPv6 LL address random;
*) ipsec - improved performance by balancing multicore CPU usage;
*) ipv6 - added "d" deprecated flag for expired IPv6 SLAAC addresses;
*) ipv6 - allow to properly disable address when it is generated from pool;
*) ipv6 - allow to properly move IPv6 address from slave interface to a bridge interface;
*) ipv6 - do not allow adding address with invalid prefix when using pool;
*) ipv6 - do not allow to manually delete LL address;
*) ipv6 - fixed "no-dad" functionality;
*) ipv6 - fixed SLAAC address dynamic appearance;
*) ipv6 - properly initialize default ND "interface=all" entry;
*) ipv6 - warn user that reboot is required in order to properly apply accept-router-advertisements changes;
*) leds - fixed system LED to indicate correct RAT for Chateau (introduced in v7.16beta1);
*) lte - fixed modem dialer disable for Chateau 5G devices when cellular modem support mode set to serial (introduced in v7.16beta2);
*) lte - improved system stability for MBIM modem during AT query (introduced in v7.16beta1);
*) modem - fixed cases where USB bus could switch places (introduced in v7.16beta1);
*) modem - fixed modem firmware upgrade for Chateau 5G and Chateau 5G R16 (introduced in v7.15) (additional fixes);
*) netwatch - use time format according to ISO standard;
*) port - added IPv6 support for the "remote-access" feature;
*) ppp - automatically generate IPv6 firewall rules when filter-id is specified;
*) profiler - classify wifi processing as "wireless";
*) rose-storage - fixed "/file sysnc status" parameter to be read-only;
*) rose-storage - moved "/rsync-daemon" to "/file rsync-daemon;
*) route - fixed incorrectly handled route distinguisher and route targets (introduced in v7.15);
*) sfp - fixed calculated link length based on EEPROM in certain cases;
*) ssh - improved system stability when SSH tries to bind to non-existing interface;
*) ssh - fixed SSH cryptographic accelerator selection (introduced in v7.14);
*) supout - rename "store" section to "disk";
*) switch - fixed an issue where half-duplex links could occupy Tx resources for 98DX8xxx, 98DX4xxx, 98DX325x switch chips;
*) switch - fixed an issue with Ethernet port group hang for CRS354 devices;
*) system - added "clock" logging topic for time change related messages;
*) system - do not start IPsec and certificate processes when not necessary;
*) system - fixed an issue where routing configuration was missing after performing a reset, adding a new configuration and then upgrading (introduced in v7.15);
*) system - improved reporting of total memory size;
*) tunnel - allow specifying IPv6 LL address as "remote-address" for EoIPv6, GRE6 and IPIP6 tunnels;
*) user - added inactivity timeout for non-GUI sessions;
*) wifi - added "slave-name-format" (CLI only);
*) wifi - adjusted virtual interface naming when provisioning local radios;
*) wifi - do not allow frequency-scan on virtual interfaces;
*) wifi - fixed packet receive when having multiple station interfaces;
*) wifi - fixed signal strength reporting during association (introduced in v7.15) (additional fixes);
*) wifi - improve regulatory compliance for Chateau ax devices;
*) wifi-qcom - add spectral-scan and spectral-history tools (CLI only) (additional fixes);
*) wifi-qcom-ac - count dropped packets to "tx-drop" instead of "tx-error";
*) winbox - fixed false invalid flag under "System/Ports/Remote Access" menu;
*) winbox - moved Switch menu tabs to individual menus (additional fixes);
*) winbox - separated different Watchdog settings into logical tabs;
*) winbox/webfig - fixed skins (introduced in v7.15);
*) wireless - allow unsetting signal-range and ssid-regext properties for capsman access-list (additional fixes);
*) x86 - added missing PCI ids for bnx2x driver;

What's new in 7.16beta2 (2024-Jun-12 12:03):

*) arm64 - increased reserved storage space for bootloader;
*) bgp - fixed BGP sessions missing vpnv6 afi;
*) bgp - fixed cluster-list and originator-id;
*) bridge - fixed typo in filter and NAT error message;
*) chr - added support for licensing over IPv6 network;
*) dhcpv4-server - added "class-id" parameter for DHCP server leases;
*) dhcpv4-server - fixed setting and getting "next-server" property;
*) dhcpv4-server - increased lease offer timeout to 120 seconds;
*) disk - added simple test command to test device and filesystem speeds (CLI only) (additional fixes);
*) disk - improved system stability;
*) dns - added support for DoH with adlist;
*) ethernet - fixed port speed downshift functionality for CRS354 devices;
*) firewall - added message when interface belonging to VRF is added in filter rules (additional fixes);
*) health - improved voltage measurements for RB912UAG-6HPnD device;
*) iot - added an option to delete default LoRa servers and a button to recover them if needed;
*) iot - added an option to log LoRa filtered packets;
*) ip/ipv6 - added multipath hash policy settings;
*) ip/ipv6 - warn user that reboot is required in order to properly apply changes under IP/Settings and IPv6/Settings menus;
*) ipsec - changed default dpd-interval from 2 minutes to 8 seconds and dpd-maximum-failures from 5 to 4;
*) ipv6 - fixed dynamic duplicate address showing when static address is already configured;
*) ipv6 - improved LL address generation process;
*) l2tp - improved system stability;
*) lte - fixed cases where LTE interface would take long time to become ready after bootup for Chateau 5G and Chateau 5G R16 (introduced in v7.15);
*) lte - fixed MBIM modem registration on the network (introduced in v7.16beta1);
*) modem - fixed modem firmware upgrade for Chateau 5G and Chateau 5G R16 (introduced in v7.15);
*) netinstall-cli - added support for multiple device install (additional fixes);
*) poe-out - upgraded firmware for SAMD20 PSE (AF/AT) controlled boards (the update will cause brief power interruption to PoE-out interfaces);
*) ppp - fixed dynamic queue default name (introduced in v7.15);
*) qos-hw - fixed incorrect per-port packet and byte cap (introduced in v7.16beta1);
*) queue - improved system stability;
*) route - fixed memory leak (introduced in v7.15);
*) route - fixed some missing route parameters when printing (introduced in v7.15);
*) routerboot - improved boot process ("/system routerboard upgrade" required);
*) sfp - fixed missing traffic after reboot with S-RJ01 module running at 10/100 Mbps rate on CCR2004-16G-2S+ device;
*) switch - fixed limited Tx traffic on Ethernet ports for CRS354 devices (introduced in v7.15);
*) system - added support for upgrade over IPv6 network;
*) system - improved watchdog and kernel panic reporting (additional fixes);
*) system - reduced RAM usage for ARM64 devices;
*) wifi-qcom - add spectral-scan and spectral-history tools (CLI only) (additional fixes);
*) winbox - added "Switch/QoS" menu for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) winbox - added "Trace" column under "System/History" menu;
*) winbox - do not show "Last Logged In" and "Expire Password" when creating new system user;
*) winbox - fixed "Authority" property under "System/Certificates/Requests" menu;
*) winbox - fixed error when changing wifi interface settings in some rare conditions (introduced in v7.16beta1);
*) winbox - moved DHCPv6 Server "Allow Dual Stack Queue" property from General to Queues tab;
*) winbox - moved Switch menu tabs to individual menus;
*) wireless - allow to unset signal-range and ssid-regext properties for capsman access-list;

What's new in 7.16beta1 (2024-Jun-05 11:52):

*) bgp - fixed corrupted as-path when received update with empty AS_PATH attribute (introduced in v7.15);
*) bgp - fixed vpnv6 safi;
*) bgp - small logging improvements;
*) bridge - added dynamic tagged entry when VLAN interface is created on vlan-filtering bridge;
*) bridge - added forward-reserved-addresses property which controls forwarding of MAC 01:80:C2:00:00:0x range (separated from "protocol-mode=none" functionality, disabled by default after upgrade);
*) bridge - added max-learned-entries property for bridge;
*) bridge - added message about who created a dynamic VLAN entry;
*) bridge - added MVRP support for VLANs assigned to bridge;
*) bridge - fixed BPDU address when using "ether-type=0x88a8" configuration;
*) bridge - improved system stability when removing MLAG configuration;
*) bridge - show invalid flag for ports that fails to be added to bridge (e.g. maximum port limit of 1024 is reached);
*) certificate - added no-key-export parameter for import;
*) certificate - improved DNS challenge error reporting for Let's Encrypt;
*) certificate - show validity beyond year 2038;
*) console - added "verbose=progress" mode for import status updates, and verbose output only on failures;
*) console - added dry-run parameter to simulate import of files and find syntax errors without making configuration changes (verbose only);
*) console - added limits for dst-start and dst-end clock properties;
*) console - added lock screen via :lock command;
*) console - added uppercase and lowercase transform modes to :convert command;
*) console - disallow ping command with empty address;
*) console - display hint when requesting specific argument syntax;
*) console - do not show default boot-os setting in export;
*) console - fixed negative values for gmt-offset clock property;
*) console - fixed output of ping command in certain cases;
*) console - improve large import file handling, error detection and stability;
*) console - improved :serialize and :deserialize commands and added support for DSV (delimiter separated values) format;
*) console - improved stability when removing script;
*) console - removed follow-strict parameter;
*) console - show rest-api name for active user connections;
*) container - clear VETH address on container exit and mark interface as running only when VETH is in use;
*) detnet - properly detect "Internet" status when multiple detnet instances preset in network;
*) dhcp - improved insert-queue-before, parent-queue and allow-dual-stack-queue behavior;
*) dhcpv4-client - execute script on DNS server or gateway address change;
*) dhcpv4-server - show active-server and host-name in print active command;
*) dhcpv6-client - do not add default gateway twice when both prefix and address is acquired;
*) dhcpv6-client - fixed T1, T2, valid-lifetime and preferred-lifetime compliance with RFC8415 by using value 0;
*) dhcpv6-client - pause client and remove dynamically installed objects while it becomes invalid;
*) dhcpv6-client - release client on failed renew attempt;
*) dhcpv6-client - update gateway address for default route on renew;
*) dhcpv6-server - improved system stability;
*) disk - added simple test command to test device and filesystem speeds (CLI only);
*) dude - fixed map element RouterOS package upgrade functionality;
*) fetch - handle HTTP 401 status correctly;
*) fetch - improved logging;
*) firewall - added message when interface belonging to VRF is added in filter rules;
*) firewall - fixed IPv6 "nth" matcher showing up twice in help;
*) firewall - fixed issue that prevents restoring src-address-list and dst-addres-list properties using undo command;
*) health - fixed board-temperature for KNOT device (introduced in v7.15);
*) health - fixed bogus CPU temperature spikes for CCR2216 device;
*) health - fixed missing health for CRS112-8G-4S device (introduced in v7.15);
*) health - upgraded fan controller firmware to latest version;
*) ike1 - removed unsupported NAT-D drafts with invalid payload numbers;
*) install - fixed ARM64 cdrom install (introduced in v7.15);
*) iot - added LoRa NetID and JoinEUI filtering for LNS and CUPS connections;
*) iot - added LoRa option to filter out proprietary packets;
*) iot - fixed LoRa inability to use variables for GPS-spoofing setting;
*) ip - added max-sessions property for services;
*) ipv6 - fixed pool allocated addresses missing after reboot;
*) ipv6 - respect APN settings for "add-default-route" and "use-peer-dns" also when "accept-router-advertisements=yes";
*) isis - fixed filter-chain and filter-select settings;
*) isis - install IPv6 link-local gateways correctly;
*) l3hw - added per-VLAN packet and byte counters to compatible switches;
*) l3hw - disable L3HW on bonding modes that do not support it;
*) lte - added "sms-protocol" setting in "/interface lte" menu (CLI only);
*) lte - fixed "at-chat" for DELL T99W175 (PID: 0x05c6 VID: 0x90d5);
*) lte - fixed cases where modem could be handled by multiple dialer instances;
*) lte - fixed support for Fibocom modem fm150-na;
*) lte - improvements to "/interface/lte/show-capabilities" command;
*) media - improved file indexing for DLNA;
*) modem - added authentication functionality to EC200A;
*) modem - fixed unresponsive PPP link recovery when TX bandwidth was exceeding link capacity;
*) modem - improved support for KNOT BG77 modem firmware update;
*) mqtt - broker password is no longer exported unless "show-sensitive" flag is used;
*) netinstall-cli - added check for device and package architectures match;
*) netinstall-cli - added support for multiple device install;
*) netinstall-cli - allow mixed package architectures;
*) netwatch - added DNS probe;
*) netwatch - added ttl and accept-icmp-time-exceeded properties for ICMP probe;
*) ospf - improved system stability during LSA monitoring;
*) ovpn - improved system stability;
*) pimsm - improved system stability;
*) poe-out - fixed low-voltage detection while PD is connected for KNOT device;
*) poe-out - fixed silent firmware upgrade fail on CRS112-8P-4S device (introduced in v7.15);
*) poe-out - upgraded firmware for SAMD20 PSE (AF/AT) controlled boards (the update will cause brief power interruption to PoE-out interfaces);
*) ppp - added support for IPv6-only domain names to l2tp-client, ovpn-client and sstp-client;
*) ptp - added PTP support for CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ, CRS518-16XS-2XQ, CRS504-4XQ, CRS510-8XS-2XQ devices;
*) qos-hw - added H and I flags to queues (CLI only);
*) qos-hw - added new monitoring properties for ports and global QoS stats (CLI only);
*) qos-hw - added queue-buffers property to tx-manager (CLI only);
*) qos-hw - allow port print stats, usage and pfc while QoS is disabled (CLI only);
*) qos-hw - allow to set queue-buffers in bytes, percent or auto (CLI only);
*) qos-hw - enabling ECN forces WRED (unless share is disabled);
*) qos-hw - fixed global buffer limits for 98DX8212 and 98DX8332 switches;
*) qos-hw - limit WRED to queues with enabled shared buffers;
*) quickset - removed Basic AP mode;
*) route - added ability to redistribute isis routes;
*) route - place static route in the correct VRF when vrf-interface parameter is used;
*) route - rename route type from is-is to isis;
*) rpki - fixed preference sorting;
*) sfp - fixed SFP28 interface with fec74 mode on CCR2004-1G-2XS-PCIe device;
*) sfp - fixed SFP28 jumbo frame processing on CCR2004-1G-2XS-PCIe device;
*) sms - added polling setting so that RouterOS itself checks SMS instead of relying on URC messages;
*) snmp - added support for KNOT BG77 modem cellular signal info;
*) snmp - fixed LAST-UPDATED format in MIKROTIK-MIB;
*) supout - added detnet section;
*) supout - added monitor command for all wifi interfaces;
*) supout - added netwatch section;
*) supout - added user SSH keys section;
*) supout - increased console output width;
*) supout - limit address-list and connection tracking entries to 999 in supout.rif;
*) switch - fixed Ethernet interface counter 32bit overflow for CRS354 devices;
*) switch - improved system stability on CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) system - added log message if device failed to reboot gracefully;
*) system - added more details to user initiated reboot (reset, upgrade, downgrade);
*) system - do not cancel package upgrade if another architecture packages found on the router;
*) system - do not download packages scheduled for uninstall;
*) system - fixed empty logs after reboot in certain cases;
*) system - improved system stability for RBSXTsq5nD and RBLDF-5nD;
*) system - improved system stability;
*) system - improved watchdog and kernel panic reporting;
*) system - set flash-boot mode as "boot-device" after system reset initiated by reset button ("/system routerboard upgrade" required);
*) system - set flash-boot mode as "boot-device" after system reset initiated from software;
*) user - added inactivity timeout for non-GUI sessions (CLI only);
*) user-manager - updated logo;
*) vxlan - added comment support to VTEPs;
*) vxlan - prevent creating multiple VTEPs with same IP/port combination;
*) webfig - fixed issue with incorrectly applying optional fields;
*) wifi - do not unset radio-mac and master-interface properties on reset;
*) wifi - enable creating virtual wifi interfaces using "copy-from" setting;
*) wifi - fixed signal strength reporting during association (introduced in v7.15);
*) wifi - fixed typo in log message;
*) wifi - improved interface stability when receiving invalid FT authentication frames;
*) wifi - improved WPA3 PMKSA handling when access-lists with custom passphrases are used;
*) wifi - make sniffer tool return an error when attempting to sniff with a radio which does not support it;
*) wifi - use name-format also for local interfaces when provisioning;
*) wifi-qcom - add spectral-scan and spectral-history tools (CLI only);
*) winbox - added "Import Router ID" parameter under "Routing/BGP/VPN" menu;
*) winbox - fixed duplicated "MVRP Attributes" table;
*) winbox - fixed issue with skin file appearing as unknown in user group menu (introduced in v7.15);
*) winbox - fixed signal bar "excellent" tooltip;
*) winbox - removed deprecated x86/CHR specific settings under "System/Resources" menu;
*) winbox - removed spare argument for "PFS Group" property under "IP/IPsec/Proposals" menu;
*) winbox - use CAP serial number with "Set Identity" button under "WiFi/Remote CAP" menu;
*) wireless - allow to unset signal-range and ssid-regext properties for capsman access-list (CLI only);
*) wireless - fixed dynamic VLAN assignments for vlan-filtering bridge in certain cases;
*) wireless - limit antenna-gain property to 100;
*) www - log out inactive REST API users;
*) x86 - added RTL8156 driver support;

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. The file must be generated while a router is not working as suspected or after some problem has appeared on the device

Please keep this forum topic strictly related to this particular RouterOS release.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2975
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 2:05 pm

phew!!!
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 2:24 pm

when BG--VRF--def-route can be fixed?
 
parham
Frequent Visitor
Frequent Visitor
Posts: 62
Joined: Sun Feb 15, 2015 11:35 pm

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 2:31 pm

Can you please update the Zerotier package if needed.
 
RafGan
newbie
Posts: 29
Joined: Mon Jun 06, 2011 6:17 pm
Location: Poland / Silesia

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 2:52 pm

dude - fixed map element RouterOS package upgrade functionality;

WOW! The Dude in changelog :-)
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 2:56 pm

any chance to implement ANY information with new WIFI CapsMan and SNMP ?

in old wireless capsman, there was at least some basic info, but now ... null
 
maigonis
Member Candidate
Member Candidate
Posts: 210
Joined: Sat Jul 20, 2019 8:16 pm

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 3:40 pm

any chance to implement ANY information with new WIFI CapsMan and SNMP ?

in old wireless capsman, there was at least some basic info, but now ... null
Just asked this to support, updated ww2 snmp OID is coming. No ETA.
 
spookymulder84
newbie
Posts: 30
Joined: Sat Nov 11, 2017 1:37 pm
Location: Croatia

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 4:11 pm

Damn, I was just thinking the other day how nice it would be to have spectral-history again!
Thank you!
 
User avatar
CTassisF
newbie
Posts: 36
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 4:52 pm

*) firewall - added message when interface belonging to VRF is added in filter rules;

I'm seeing this new warning message "in/out-interface matcher not possible when interface (interfaceXXX) belongs to vrf - use 'vrfXXX' interface instead" even on mangle and nat firewall rules, but I guess this new warning message should only be shown in filter rules that match in/out-interfaces within a VRF instance.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 5:45 pm

Good to see already one fix for one 7.15 bug
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 5:48 pm

This is the beta with most changes in the 7 series as far as I can see.
And my MQTT support case was fixed :)
7.16beta1	145
7.13beta1	125
7.12beta7	121
7.9beta4	113
7.15beta4	111
7.8beta2	90
7.10beta5	85
7.7beta3	82
7.11beta2	81
7.3beta33	80
7.14beta3	77
7.10beta8	56
7.5beta4	56
7.15beta8	55
7.14beta6	54
7.14beta9	53
7.3beta40	51
7.12beta3	50
 
prem2anhed
just joined
Posts: 1
Joined: Sun Feb 11, 2018 11:43 am

7.16beta1

Thu Jun 06, 2024 6:40 pm

...
Last edited by prem2anhed on Fri Jun 21, 2024 10:11 am, edited 1 time in total.
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 7:18 pm

My adguard container won't start after update , nothing in log, anyone else has problem with containers ?
 
User avatar
sirbryan
Member
Member
Posts: 400
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 7:47 pm

My adguard container won't start after update , nothing in log, anyone else has problem with containers ?
No problems here on a CCR2116. Six containers (pihole, open-speedtest, samba, uptime-kuma, home-assistant, esphome).
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 8:38 pm

My adguard container won't start after update , nothing in log, anyone else has problem with containers ?
No problems here on a CCR2116. Six containers (pihole, open-speedtest, samba, uptime-kuma, home-assistant, esphome).
I see now whats wrong, update decided to change my usb from USB2 to USB1 so paths are broken, which also some of previous updates changed from USB1 to USB2..

Why is this change happening i wonder?
Last edited by ivicask on Thu Jun 06, 2024 8:42 pm, edited 1 time in total.
 
User avatar
pcunite
Forum Guru
Forum Guru
Posts: 1347
Joined: Sat May 25, 2013 5:13 am
Location: USA

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 8:41 pm

spectral-scan, wow ... nice ...
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 161
Joined: Wed Jun 12, 2019 5:04 am

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 8:56 pm

*) bgp - fixed vpnv6 safi;
Now I manage to establish the BGP session against the route reflector. However, there are some issues:
- Although the VPNv6 session is established, it does not appear in the remote.afi parameter:
 1 E name="ROUTE_REFLECTOR-1" 
     remote.address=10.1.1.36 .as=65000 .id=10.1.1.36 .capabilities=mp,rr,as4,err .afi=vpnv4 .messages=875 .bytes=73924 .eor="" 
     local.role=ibgp .address=10.1.1.11 .as=65000 .id=10.1.1.11 .capabilities=mp,rr,gr,as4 .afi=vpnv4 .messages=291 .bytes=5624 .eor="" 
     output.procid=21 
     input.procid=21 ibgp 
     multihop=yes hold-time=3m keepalive-time=1m uptime=4h48m17s690ms last-started=2024-06-06 10:01:47 last-stopped=2024-06-06 10:01:47 prefix-count=1053
- The way the default route is represented is strange:
routing/route/print where afi=vpn6          
Flags: U - UNREACHABLE; b - BGP; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TARGET-SCOPE
    DST-ADDRESS                          GATEWAY                 AFI   DISTANCE  SCOPE  TARGET-SCOPE
UbH 65000:111                           ::ffff:10.1.1.48         vpn6       200     40            30
UbH 2001:db8::/32&65000:111             ::ffff:10.1.1.84         vpn6       200     40            30
Last edited by clambert on Thu Jun 06, 2024 11:08 pm, edited 1 time in total.
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 9:15 pm

Was hoping 7.16 to fix roaming issues, but no luck, all worked perfect until 7.15 and new drivers.
My devices keep roaming from 5ghz to 2ghz and thats very next to router under full signal, and often multiple devices roam same time(Samsung s23, LG OLED TV, ASUS tablet).
I already reduced 2ghz to 10 TX which is over 10db difference from 5ghz, dont know what else to do.
You do not have the required permissions to view the files attached to this post.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 10:25 pm

*) console - improved :serialize and :deserialize commands and added support for DSV (delimiter separated values) format;
That's going to be useful. Thought I'd provide an example, since I tested it (and works with a couple files at least).

As example script to use them... this takes the product matrix "CSV" from https://mikrotik.com/products/matrix using /tool/fetch. The file is actually a semi-colon separated file, or properly a DSV, and put into a RouterOS array for processing. And show using the newer options=json.pretty to take "DSV" and "pretty print" to JSON as string. All seems to work*.

    # fetch Mikrotik's "Product Matrix CSV" from website
    :global productDsvRaw ([/tool/fetch url="https://mikrotik.com/products/matrix" http-data="ax=matrix" output=user as-value]->"data")

    # use NEW "DSV" support to convert it to an RouterOS array
    :global productsArray [:deserialize from=dsv $productDsvRaw delimiter=";" options=dsv.plain]

    # as an array, you can use it a loops etc...
        # so to print first 20 devices from the downloaded (to memory) CSV
    :foreach k,v in=$productsArray do={ :if ($k<20) do={:put "\$productsArray->$k = $($v->1)"}}
        
        # or perhaps the count of them
    :put "\r\nNumber of devices: $([:len $productsArray] / 2 - 1)"

    # OR... the new add-on the to=json, which does a pretty print of JSON text
    :global prettyProductJson [:serialize to=json options=json.pretty $productsArray]
    :put [:pick $prettyProductJson 0 512]
        # this also useful since :put <array> is hard to read...
        # for example the array looks like
    :put [:pick [:tostr $productsArray] 0 512]
    
* the product matrix CSV is oddly formed... so product count has to be adjusted... But [:deserialize] matches exactly Numbers app on MacOS does with same file - so Mikrotik's website download... not the [:deserialize] - which seems work right given the data given
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 10:29 pm


- The way the default route is represented is strange:
It is not strange, it is how it is supposed to be when you send ipv6 routes over ipv4 session. It is ipv4 mapped address.
 
Florian
Member Candidate
Member Candidate
Posts: 124
Joined: Sun Mar 13, 2016 9:45 am
Location: France

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 10:53 pm

Still no ipv6 fastpath :/
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 10:56 pm

Was hoping 7.16 to fix roaming issues, but no luck, all worked perfect until 7.15 and new drivers.
My devices keep roaming from 5ghz to 2ghz and thats very next to router under full signal, and often multiple devices roam same time(Samsung s23, LG OLED TV, ASUS tablet).
I already reduced 2ghz to 10 TX which is over 10db difference from 5ghz, dont know what else to do.
If you deactivate 2.4, are the devices able to connect to 5?
I had the same problem and in the end it was my devices fault because they didn't "see" channels above 100.
2.4/5 GHz roaming works great in my case.
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 161
Joined: Wed Jun 12, 2019 5:04 am

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 11:07 pm

It is not strange, it is how it is supposed to be when you send ipv6 routes over ipv4 session. It is ipv4 mapped address.
I expected it to be something like "::/0&52308:1000"
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 11:11 pm

Was hoping 7.16 to fix roaming issues, but no luck, all worked perfect until 7.15 and new drivers.
My devices keep roaming from 5ghz to 2ghz and thats very next to router under full signal, and often multiple devices roam same time(Samsung s23, LG OLED TV, ASUS tablet).
I already reduced 2ghz to 10 TX which is over 10db difference from 5ghz, dont know what else to do.
If you deactivate 2.4, are the devices able to connect to 5?
I had the same problem and in the end it was my devices fault because they didn't "see" channels above 100.
2.4/5 GHz roaming works great in my case.
Roaming works fine for me when I'm at distance of router, but devices close to router are doing stupid things which they didn't before in 7.14 and all versions before.

As I said , devices roam from 5ghz to 2ghz, so yes they can connect, sometimes they are connected for hours then suddenly all roam to 2ghz, it must be router sending something, no way multiple different vendor devices decided to roam same time unless roaming protocol on mikrotik did send something..
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 11:23 pm

This was good too:
*) bridge - added dynamic tagged entry when VLAN interface is created on vlan-filtering bridge;
It even put comments on in /interface/bridge/vlan on what triggered the "D" dynamic vlan entry there, i.e. "added by pvid", "added by vlan on bridge", ...
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 11:25 pm

sometimes they are connected for hours then suddenly all roam to 2ghz
Ah OK, then maybe it depends on the DFS.
What 5GHz channel are you using?
 
killersoft
Member Candidate
Member Candidate
Posts: 263
Joined: Mon Apr 11, 2011 2:34 pm
Location: Victoria, Australia

Re: v7.16beta [testing] is released!

Thu Jun 06, 2024 11:25 pm

Was hoping 7.16 to fix roaming issues, but no luck, all worked perfect until 7.15 and new drivers.
My devices keep roaming from 5ghz to 2ghz and thats very next to router under full signal, and often multiple devices roam same time(Samsung s23, LG OLED TV, ASUS tablet).
I already reduced 2ghz to 10 TX which is over 10db difference from 5ghz, dont know what else to do.

USE
WiFi Security -> FT(TAB) --> FT Enabled = YES
Should fix that for you
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 12:23 am

sometimes they are connected for hours then suddenly all roam to 2ghz
Ah OK, then maybe it depends on the DFS.
What 5GHz channel are you using?
Not using dfs, no radar detects,5220.
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 12:24 am

Was hoping 7.16 to fix roaming issues, but no luck, all worked perfect until 7.15 and new drivers.
My devices keep roaming from 5ghz to 2ghz and thats very next to router under full signal, and often multiple devices roam same time(Samsung s23, LG OLED TV, ASUS tablet).
I already reduced 2ghz to 10 TX which is over 10db difference from 5ghz, dont know what else to do.

USE
WiFi Security -> FT(TAB) --> FT Enabled = YES
Should fix that for you
Enabled day one.
 
riv
newbie
Posts: 31
Joined: Wed Jun 07, 2006 4:16 am

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 12:29 am

IS-IS towards Cisco no longer works on ptp , only broadcast
 
User avatar
ahmdzaki18
just joined
Posts: 13
Joined: Fri Oct 06, 2023 7:52 pm
Location: Jakarta, Indonesia
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 1:40 am

Is anyone can tell slow and unstable autoneg with XL710 already fixed?
IS-IS towards Cisco no longer works on ptp , only broadcast
Also with Huawei not working on p2p Level 2.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 9:14 am

Are there any plans to bring features of wifi-qcom-ac on par with wifi-qcom ... the list of differences is growing with every new ROS version ...
 
CGGXANNX
Member Candidate
Member Candidate
Posts: 250
Joined: Thu Dec 21, 2023 6:45 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 9:58 am

Are there any plans to bring features of wifi-qcom-ac on par with wifi-qcom ... the list of differences is growing with every new ROS version ...

Probably not possible without bloating the size of the package, thus causing more problems for devices like hAP ac². wifi-qcom is over 3.5x the size of wifi-qcom-ac.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2182
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 12:57 pm

Still no ipv6 fastpath :/
So sad :(
 
WeWiNet
Long time Member
Long time Member
Posts: 610
Joined: Thu Sep 27, 2018 4:11 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 1:14 pm




USE
WiFi Security -> FT(TAB) --> FT Enabled = YES
Should fix that for you
Enabled day one.
Until Mikrotik decides to provide the correct level of logging for Wifi, and especially roaming/band steering etc. you won't be able to understand what is going on.
And as such won't know what to do and if behavior is correct.
Another missing option is to be able to set steering thresholds etc.
 
mp3turbo
newbie
Posts: 30
Joined: Fri May 29, 2009 9:24 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 1:21 pm

>> I already reduced 2ghz to 10 TX which is over 10db difference from 5ghz, dont know what else to do.

maybe a stupid workaround : allow devices to connect to 2.4GHz only if signal is WEAKER than let's say -75dBm. While it seems like very skewed logic, let me try to explain : you have approx. 10dBm difference between TX Power of 5GHz and 2.4GHz radios. That, together with slighly worse propagation compared to 5GHz, should mean that only devices which are approx. -85dBm signal on 5GHz will roam and stay on 2.4ghz : when "non-warranted" client connects to 2.4GHz (that is, a client that *should not* be connected to 2.4GHz) and the device has signal stronger than -75dBm, it will be rejected by 2.4GHz and it should reconnect back to 5GHz.

When it has -75dBm signal on 2.4GHz, it should have around -85dBm or less on 5GHz. Set this threshold per your local conditions, don't know what throughput you achieve on 5GHz with -80/-85dBm signal, don't know what you have at 2.4GHz/-75dBm. Test it out.

Sure, when such client decides to roam unnecessarily, there will be slight disruption of communication. A network outage. Correct.
The question is, if that makes a real problem for you once in a couple of hours as you said - for me, it would not be any problem at all.

Next option would be to question roaming generally : do you really need that ? Make those networks independent, connect to 2.4GHz only when necessary. Connect low-throughput devices AND DISTANT devices to 2.4GHz (air conditioning units, Alexa, intelligent house appliances...) and keep them there (no roaming at all), dedicate 5GHz for high-throughput / low-latency devices only. Don't roam.
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 1:37 pm

Yeah, but i dont want to do any workarounds when i just can just revert to 7.14.3 and i dont have any problems... Fact is new Qualcomm drivers in 7.15 messed up allot of stuff regarding wireless...

And as i said, i dont have problem at those signal levels, problem is ONLY for devices very next to router, my devices roam from (-30 db 5ghz) to (-20db 2ghz), that is the problem...
Im running 2ghz on 10tx and 5ghz on 24tx now, before on 7.14 i ran 16tx and 22tx and never devices preferred or roamed to 2ghz at such high levels of signal..
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 2:03 pm




USE
WiFi Security -> FT(TAB) --> FT Enabled = YES
Should fix that for you
Enabled day one.
Actually you shouldn't enable FT unless using CAPsMAN and multiple APs...
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 2:05 pm



Enabled day one.
Actually you shouldn't enable FT unless using CAPsMAN and multiple APs...
Not quite. It can also be used for roaming between radios of the same AP provided same SSID is used.
 
giannici
newbie
Posts: 29
Joined: Thu May 11, 2017 4:17 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 2:17 pm

*) l3hw - added per-VLAN packet and byte counters to compatible switches;
That is very interesting!
Where are these values showed? In which cli command branch?
Thanks.
 
User avatar
pekr
Member Candidate
Member Candidate
Posts: 170
Joined: Tue Feb 22, 2005 9:05 pm
Location: Czech Republic
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 2:49 pm

Are there any plans to bring features of wifi-qcom-ac on par with wifi-qcom ... the list of differences is growing with every new ROS version ...
Where such list can be found please? Looked into the docs, not being able to find any. I am just curious, if wifi-qcom-ac still does not allow 4 address (repeater mode), or if it will allow one in future?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 3:05 pm

Are there any plans to bring features of wifi-qcom-ac on par with wifi-qcom ... the list of differences is growing with every new ROS version ...

Probably not possible without bloating the size of the package, thus causing more problems for devices like hAP ac². wifi-qcom is over 3.5x the size of wifi-qcom-ac.

I wouldn't be so sure about it. I'm pretty sure the main reason for size difference is number of radio chipset drivers included and only minor size difference is due to additional functionality available in wifi-qcom.




Are there any plans to bring features of wifi-qcom-ac on par with wifi-qcom ... the list of differences is growing with every new ROS version ...
Where such list can be found please? Looked into the docs, not being able to find any. I am just curious, if wifi-qcom-ac still does not allow 4 address (repeater mode), or if it will allow one in future?

I don't think MT publishes extensive list of differences. But we all know that there are differences in VLAN tag handling (wifi-qcom-ac doesn't do it at all, wifi-qcom does it to certain extent) and the newly introduced spectral-* tools. It should be enough to check all the changelogs starting with 7.13 (when wifiwave2 got split into 3 parts), I believe that changes between wifi-qcom and wifi-qcom-ac started to accumulate since then, as far as I remember there were numerous entries about wifi-qcom and only very sparse entries about wifi-qcom-ac.
Last edited by mkx on Fri Jun 07, 2024 3:14 pm, edited 1 time in total.
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 3:08 pm



Actually you shouldn't enable FT unless using CAPsMAN and multiple APs...
Not quite. It can also be used for roaming between radios of the same AP provided same SSID is used.
Exactly, i do have CAP and roaming between them works wonderful (HAP AX3(capsman) and HAP AC3(cap)), the problem i described is roaming of devices under same AP interfaces, sometimes they even flap around 2ghz and 5ghz few times in 5mins for no apparent reason, (tv mounted on wall not moving inch and 1m from router...)
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 3:33 pm

*) l3hw - added per-VLAN packet and byte counters to compatible switches;
Where are these values showed? In which cli command branch?
You can now see Tx/Rx byte and packet counters for each VLAN interface when using L3HW for inter-VLAN routing (on compatible switches). These counters are accessible in the Interface List section of WinBox/WebFig or by running specific CLI commands.
/interface/print stats
/interface/monitor-traffic
 
templeos
just joined
Posts: 19
Joined: Mon Aug 26, 2019 3:58 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 3:45 pm

Are there any plans to bring features of wifi-qcom-ac on par with wifi-qcom ... the list of differences is growing with every new ROS version ...
Mikrotik doesn't want to touch wifi-qcom-ac for a good reason. The moment they do that complaints will start flowing because of the package size increase and lack of storage. It has been the same size for the past couple releases, but the regular wireless package gets a slimdown again. Spectral scan would be nice as well for anything that has support for wifi-qcom-ac package because that has been on the "to-do list" for almost 10 years for ac chipsets: viewtopic.php?t=89696#p455926
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 4:09 pm

Cool, 10th anniversary is around the corner. 🎉
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21893
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 4:54 pm

This was good too:
*) bridge - added dynamic tagged entry when VLAN interface is created on vlan-filtering bridge;
It even put comments on in /interface/bridge/vlan on what triggered the "D" dynamic vlan entry there, i.e. "added by pvid", "added by vlan on bridge", ...
Ammo, is that a feature that goes with MVLAN.... or whatever the acronym is for automatically adding vlans on trunk ports.
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 5:59 pm



Actually you shouldn't enable FT unless using CAPsMAN and multiple APs...
Not quite. It can also be used for roaming between radios of the same AP provided same SSID is used.
As always, is this something that is inferred or do we have a statement or wiki where this is stated?

I would ask MK (whom I thank for the excellent work he is doing version after version, for once do we want to congratulate the developers? :) ) if in a next version of ROS (or WinBox?) it is possible to add next to a command, a card or button a small guide or explanation.

For example, the FT option once and for all... is it ONLY useful with Capsman or does it actually work even without Capsamn but with the same SSID?
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 6:13 pm


It even put comments on in /interface/bridge/vlan on what triggered the "D" dynamic vlan entry there, i.e. "added by pvid", "added by vlan on bridge", ...
Ammo, is that a feature that goes with MVLAN.... or whatever the acronym is for automatically adding vlans on trunk ports.
Nope. No "vlan sharing" required (MVRP).

It radically simplifies VLAN configurations IMO.

Essentially, you can tick the "vlan-filtering=yes" on fresh config and it won't break anything (since default pvid=1 everywhere). You add a /interface/vlan vlan-id=42 (and ip address/dhcp-server) on the bridge. Then to use it on a port, just set pvid=42 in /interface/bridge/port to untag it. There is NO configuration needed in /interface/bridge/vlan - bridge is tagged on 42 automatically by using /interface/vlan & port's pvid= will also untag. The both happen in "D" dynamic entry in /interface/bridge/vlan – that's visible with print (and, correctly, not in export):
/interface/bridge/vlan> /interface/bridge/vlan/print where vlan-ids=42
Flags: D - DYNAMIC
Columns: BRIDGE, VLAN-IDS, CURRENT-TAGGED, CURRENT-UNTAGGED
 #   BRIDGE  VLAN-IDS  CURRENT-TAGGED  CURRENT-UNTAGGED
;;; added by vlan on bridge
 8 D bridge        42  bridge                          
;;; added by pvid
11 D bridge        42                  ether10         
VLAN 42 didn't exist anywhere, and bridge has mvrp=no set, and set an active port "/interface/bridge/port set ether10 pvid=42". Above was result. The comments in print aren't mine - they are added by RouterOS. If you have hybrid ports or don't want this... you can still just add "static" (normal) entries for VLAN 42 and do what you want.

Solves the whole "make sure tagged=bridge is in /interface/bridge/vlan". If you set /interface/vlan to listen on the bridge, it does automatically in 7.16beta1. Great work Mikrotik!
 
giannici
newbie
Posts: 29
Joined: Thu May 11, 2017 4:17 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 7:31 pm

*) bridge - show invalid flag for ports that fails to be added to bridge (e.g. maximum port limit of 1024 is reached);
From this line we found out that there is a limit of maximum 1024 ports per bridge!
(now we see that that limit has been added to the documentation on gen 02 2024.)

We have a CCR1072 that we use to terminate a lot of layer 2 FTTH/FTTC lines. So we have a lot of VLAN interfaces that go to a single bridge and then out on an ethernet interface.

Currently the router is working flawlessly and with veeery low CPU usage, but we are approaching this 1024 limit.

Is there any way we can overcome this limit?

Thanks.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 9:20 pm

@Valerio5000
I already gave you the answer.
But don't believe me.
Test it for yourself.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Fri Jun 07, 2024 10:50 pm

As always, is this something that is inferred or do we have a statement or wiki where this is stated?
Well, there is a YouTube video by Toms from Mikrotik. He tells us this as a fact.

viewtopic.php?p=1072359#p1072359

And 802.11r is a wireless standard. Of course it would be nice when MT would describe it in detail in their docs for their ROS specialities. But basically it is a standard implemention (by Qualcomm actually; as they use the manufacturer driver)
 
AndyBern
just joined
Posts: 18
Joined: Wed Dec 19, 2018 10:53 pm
Contact:

Re: v7.16beta [testing] is released!

Sat Jun 08, 2024 4:05 am

For ip>media, any chance to add support for sending metadata to the client? miniDLNA does this using NFO files. Otherwise, using a container will still be better.
 
User avatar
ID
newbie
Posts: 35
Joined: Tue Dec 26, 2006 10:36 pm

Re: v7.16beta [testing] is released!

Sat Jun 08, 2024 8:57 am

IPv6 PD over PPPoE still not working. Mixing user prefixes for a while.
Jun/08/2024 08:53:12 dhcp,debug processing client:005056bf3ea9 iapd:0x2
Jun/08/2024 08:53:12 dhcp,debug binding belongs to other server: 005056bf3ea9 xxxx:xxxx:3:3001::/64
Jun/08/2024 08:53:12 dhcp,debug binding not updated
Jun/08/2024 08:53:12 dhcp,debug,packet send <pppoe-user3> -> fe80::16af:edd3:0:2%2d
 
bp0
newbie
Posts: 34
Joined: Thu May 06, 2021 5:06 pm

Re: v7.16beta [testing] is released!

Sun Jun 09, 2024 7:23 pm

Running CHR on amazon ec2: 7.15 broke ipv6, but it is working again in 7.16beta1.
 
fenomen51
just joined
Posts: 7
Joined: Thu Dec 28, 2017 7:49 am

Re: v7.16beta [testing] is released!

Mon Jun 10, 2024 4:17 am

lte ep06-e
After the update, the modem does not see the iccid of the SIM card, writes: transmission failed and does not connect
 
Byron
newbie
Posts: 25
Joined: Sun Jan 09, 2022 6:46 pm
Location: South Africa

Re: v7.16beta [testing] is released!

Mon Jun 10, 2024 12:45 pm

from 7.14 to 7.15 my ssh-exec mode will not authenticate anymore. Ive tried loading a new Pub and Pri key but still no luck.

What changed and will 7.16 introduce a fix or can someone help me out with a fix on it for 7.15?
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.16beta [testing] is released!

Wed Jun 12, 2024 10:43 am

Can confirm that my devices are now stable for the first time since the ax launch, so thats good news. Ipad Air2
Would be even better if I could fully enable FT on all 4 Radios, I still have to have one Radio with FT Disabled just for the device above.
You do not have the required permissions to view the files attached to this post.
 
User avatar
hknet
Member Candidate
Member Candidate
Posts: 128
Joined: Sun Jul 17, 2016 6:05 pm
Location: Vienna, Austria
Contact:

Re: v7.16beta [testing] is released!

Wed Jun 12, 2024 5:24 pm


Where are these values showed? In which cli command branch?
You can now see Tx/Rx byte and packet counters for each VLAN interface when using L3HW for inter-VLAN routing (on compatible switches). These counters are accessible in the Interface List section of WinBox/WebFig or by running specific CLI commands.
/interface/print stats
/interface/monitor-traffic
While this is partially good news it obviously means no vlan-interface-counters for layer2 traffic only?
Also will those counters be exposed via SNMP?

thx!
hk
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 10:44 am

What's new in 7.16beta2 (2024-Jun-12 12:03):

*) arm64 - increased reserved storage space for bootloader;
*) bgp - fixed BGP sessions missing vpnv6 afi;
*) bgp - fixed cluster-list and originator-id;
*) bridge - fixed typo in filter and NAT error message;
*) chr - added support for licensing over IPv6 network;
*) dhcpv4-server - added "class-id" parameter for DHCP server leases;
*) dhcpv4-server - fixed setting and getting "next-server" property;
*) dhcpv4-server - increased lease offer timeout to 120 seconds;
*) disk - added simple test command to test device and filesystem speeds (CLI only) (additional fixes);
*) disk - improved system stability;
*) dns - added support for DoH with adlist;
*) ethernet - fixed port speed downshift functionality for CRS354 devices;
*) firewall - added message when interface belonging to VRF is added in filter rules (additional fixes);
*) health - improved voltage measurements for RB912UAG-6HPnD device;
*) iot - added an option to delete default LoRa servers and a button to recover them if needed;
*) iot - added an option to log LoRa filtered packets;
*) ip/ipv6 - added multipath hash policy settings;
*) ip/ipv6 - warn user that reboot is required in order to properly apply changes under IP/Settings and IPv6/Settings menus;
*) ipsec - changed default dpd-interval from 2 minutes to 8 seconds and dpd-maximum-failures from 5 to 4;
*) ipv6 - fixed dynamic duplicate address showing when static address is already configured;
*) ipv6 - improved LL address generation process;
*) l2tp - improved system stability;
*) lte - fixed cases where LTE interface would take long time to become ready after bootup for Chateau 5G and Chateau 5G R16 (introduced in v7.15);
*) lte - fixed MBIM modem registration on the network (introduced in v7.16beta1);
*) modem - fixed modem firmware upgrade for Chateau 5G and Chateau 5G R16 (introduced in v7.15);
*) netinstall-cli - added support for multiple device install (additional fixes);
*) poe-out - upgraded firmware for SAMD20 PSE (AF/AT) controlled boards (the update will cause brief power interruption to PoE-out interfaces);
*) ppp - fixed dynamic queue default name (introduced in v7.15);
*) qos-hw - fixed incorrect per-port packet and byte cap (introduced in v7.16beta1);
*) queue - improved system stability;
*) route - fixed memory leak (introduced in v7.15);
*) route - fixed some missing route parameters when printing (introduced in v7.15);
*) routerboot - improved boot process ("/system routerboard upgrade" required);
*) sfp - fixed missing traffic after reboot with S-RJ01 module running at 10/100 Mbps rate on CCR2004-16G-2S+ device;
*) switch - fixed limited Tx traffic on Ethernet ports for CRS354 devices (introduced in v7.15);
*) system - added support for upgrade over IPv6 network;
*) system - improved watchdog and kernel panic reporting (additional fixes);
*) system - reduced RAM usage for ARM64 devices;
*) wifi-qcom - add spectral-scan and spectral-history tools (CLI only) (additional fixes);
*) winbox - added "Switch/QoS" menu for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) winbox - added "Trace" column under "System/History" menu;
*) winbox - do not show "Last Logged In" and "Expire Password" when creating new system user;
*) winbox - fixed "Authority" property under "System/Certificates/Requests" menu;
*) winbox - fixed error when changing wifi interface settings in some rare conditions (introduced in v7.16beta1);
*) winbox - moved DHCPv6 Server "Allow Dual Stack Queue" property from General to Queues tab;
*) winbox - moved Switch menu tabs to individual menus;
*) wireless - allow to unset signal-range and ssid-regext properties for capsman access-list;
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 10:45 am

*) bridge - added dynamic tagged entry when VLAN interface is created on vlan-filtering bridge;
what a mess

i put by hand both WIFI interface as
wifi24 tagged 2,98,100 on br1
wifi58 tagged 2,98,100 on br1

and after first station is connected, no matter on what vlan,
vlan entry are AGAIN dynamically created on bridge with "D" flag, with same ID

cAPGi-5HaxD2HaxD
7.16b1

no, please, don't do this
You do not have the required permissions to view the files attached to this post.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 10:51 am

*) system - improved watchdog and kernel panic reporting (additional fixes);
I greatly appreciate that you have taken my feedback seriously and now label "duplicate" changelog entries with "(additional fixes)". Thank you very much! For reference: viewtopic.php?t=206877#p1075072
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 11:08 am

*) bgp - fixed cluster-list and originator-id;
Cisco peer will now be happy
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 11:48 am

Have not tested, but is it possible that...
*) dns - added support for DoH with adlist;
... now also allows type=FWD records (that forward to specific servers) to function with DoH? That's on my wishlist for a long time (and requested in SUP-132300), and would be nice to finally have it.
 
blacksnow
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Wed Feb 15, 2023 4:46 pm

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 12:32 pm

Awesome update, but a couple of things, all related to webfig.

1) Active Class ID is a new field under /ip/dhcp-server/leases in webfig which is really cool but not listed in the changelog.
2) VLAN packet counters are wrong. It looks like VLAN ID - 1 is counting the total of all egress traffic that comes from any of the VLAN IDs while the appropriate VLAN ID is also showing that traffic. So if VLAN 5 is sending 500MB/s, then VLAN 5 TX will show that traffic (also has an issue outlined in point 3) but VLAN 1 will also have a TX rate equaling to 500MB/s. Only occurs with wireguard traffic (I didn't test with other encryption like ipsec etc), and this traffic is cpu routed only it is never offload nor fasttracked.

3) VLAN TX/RX counters are incorrect when CPU-only traffic is flowing through the VLAN (ingress). The RX of the specific VLAN is correct but for whatever reason the TX shows double of whatever the RX is, when realistically if I am downloading to a device behind VLAN 500 at 2GB/s I expect to see the RX rate at 2GB/s and the TX rate < 10MB/s (maybe 5-10MB/s for tcp ack messages). --- Not a true bug, just the effect of linux and wireguard calculations, maybe?.

EDIT: Point 3 is not a bug or I'm not entirely sure, I realized this only applies to wireguard connections. Point 2 also only applies to wireguard connections, for whatever reason.
 
prem2anhed
just joined
Posts: 1
Joined: Sun Feb 11, 2018 11:43 am

7.16beta2

Thu Jun 13, 2024 12:59 pm

...
Last edited by prem2anhed on Fri Jun 21, 2024 10:12 am, edited 1 time in total.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 1:06 pm

Have not tested, but is it possible that...
*) dns - added support for DoH with adlist;
... now also allows type=FWD records (that forward to specific servers) to function with DoH? That's on my wishlist for a long time (and requested in SUP-132300), and would be nice to finally have it.
I am waiting for this as well. I did never understood the argument "DoH takes it all no matter what".
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 926
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 1:26 pm

CCR1009 RoS v 7.16beta2

Starting with ROS 7.16beta1 and now with RoS v 7.16beta2 my USB disk gets reset. This causes some of my scripts to fail.

Starting with Ros 7.15 Scheduler is still broken as it tries to launch my on STARTUP script ... all the scripts have been tested and have zero errors ... very annoying ...
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 6:03 pm

Yeah something is wrong with disk mounting or something.

On RB1100AHx4, it's had ROSE installed since it was in beta and is my main test box, so it's seen many beta/rc/etc's. Disk/ROSE has never messed up BEFORE... But in 7.16beta1, all containers stopped worked and could not add new ones — figured out it was there was no disk mounts. My RAID1 setup was shown as "unknown" and nothing mounted in files, other the reference to a raid1-part1 disk that should have contained a bunch of files.

I tried upgrading to 7.16beta2, but disk still in "unknown" and not mounted state. Since recovery is not document and there was nothing important on the disk, I figured go to 7.15.1 and just re-create the RAID (since it had been same for as long as ROSE) in "stable" just to sure.

Nope... when I upgrade back to the 7.16beta2: Disks are back in "unknown" state and unmounted. Formatting/setting them up in 7.16beta2 also does not survive a reboot & goes to same "unknown" state (even without a more complex partition scheme I had before):
Screenshot 2024-06-13 at 7.53.36 AM.png
LMK, I can file bug report if needed, but given @mozerd's comments, I'm guess something more generically is wrong in /disk in 7.16beta1/2.
You do not have the required permissions to view the files attached to this post.
 
zhazell
just joined
Posts: 5
Joined: Tue May 03, 2022 11:52 pm

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 7:29 pm

*) poe-out - upgraded firmware for SAMD20 PSE (AF/AT) controlled boards (the update will cause brief power interruption to PoE-out interfaces);
PoE statistics are off by 1 port on beta2. I have only 1 device plugged into ether14, but PoE statistics show on ether15. This is on my CRS354-48p-4S-+2Q+. You can see the log show ether15 powered on PoE and then ether14 showing the link.
Screenshot 2024-06-13 at 10.21.07 AM.png
You do not have the required permissions to view the files attached to this post.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.16beta [testing] is released!

Thu Jun 13, 2024 10:29 pm

LMK, I can file bug report if needed, but given @mozerd's comments, I'm guess something more generically is wrong in /disk in 7.16beta1/2.
Not too sure about that issue being generic.
No disk nor container problems on my RB5009 :?
 
txfz
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Tue Mar 10, 2020 9:02 am

Re: v7.16beta [testing] is released!

Fri Jun 14, 2024 11:32 am

May I suggest splitting change logs into additions/changes and fixes?
 
User avatar
ID
newbie
Posts: 35
Joined: Tue Dec 26, 2006 10:36 pm

Re: v7.16beta [testing] is released!

Fri Jun 14, 2024 1:48 pm

Still not fixed in v7.16beta2
IPv6 PD over PPPoE still not working. Mixing user prefixes for a while.
Jun/08/2024 08:53:12 dhcp,debug processing client:005056bf3ea9 iapd:0x2
Jun/08/2024 08:53:12 dhcp,debug binding belongs to other server: 005056bf3ea9 xxxx:xxxx:3:3001::/64
Jun/08/2024 08:53:12 dhcp,debug binding not updated
Jun/08/2024 08:53:12 dhcp,debug,packet send <pppoe-user3> -> fe80::16af:edd3:0:2%2d
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.16beta [testing] is released!

Fri Jun 14, 2024 2:14 pm

That was the solution up until now. It was not enough for some users. Previously, changes were divided "change in this release" and "other since previous stable".
May I suggest splitting change logs into additions/changes and fixes?
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Fri Jun 14, 2024 2:22 pm

I have never seen this. txfz means "group by". Like:
Fixes:

- a
- b

New in this release:

- foo
- bar

Breaking changes:

- baz
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 14, 2024 2:58 pm

I have never seen this. txfz means "group by". Like:
Fixes:

- a
- b

New in this release:

- foo
- bar

Breaking changes:

- baz
Yes! Plese do like that!

Or, at least, mark at the beginning of the line the classification.
 
txfz
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Tue Mar 10, 2020 9:02 am

Re: v7.16beta [testing] is released!

Fri Jun 14, 2024 3:05 pm

Yes, exactly. Not to replace the version specific structure, but to complement it. (probably breaking changes at the top, though)
 
ThrowMeAwayDaddy
just joined
Posts: 5
Joined: Fri Apr 12, 2024 2:11 am

Re: v7.16beta [testing] is released!

Fri Jun 14, 2024 4:53 pm

Ran into two issues:

Issue 1) Upgrading from 7.16beta1 to 7.16beta2 from WebFig caused my CRS518 to crash completely (necessitated a hard power cycle).

Issue 2) After upgrading from 7.16beta1 to 7.16beta2 on my CCR2216, IPv6 prefix delegation configuration disappeared completely; global IPv6 addresses were also not delegating to my VLAN interfaces. Downgrading to 7.15.1 stable restored both the configuration and IPv6 global addresses.

Edit:
Issue 3) On both 7.16beta1 and 7.16beta2 on my CCR2216, it appears that running dual stack (IPv4 and IPv6) and having firewall rules that permit both versions of traffic disables hardware offloading for IPv4. Blocking all IPv6 traffic with a simple firewall rule (but leaving the IPv6 addresses in place) restores hardware offloading for IPv4. Definitely an odd behaviour.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Sat Jun 15, 2024 1:22 am

LMK, I can file bug report if needed, but given @mozerd's comments, I'm guess something more generically is wrong in /disk in 7.16beta1/2.
Not too sure about that issue being generic.
No disk nor container problems on my RB5009 :?
Perhaps. It may be specific to ROSE + RAID in my case.

I narrowed down the issue after several reboot, re-formats, etc. Turn out the raid'ed hardware disks (sata1 and sata2) lose their "raid-master=raid1" settings. So adding the "lost setting" back manually restores the raid (without data loss). But this seems to be needed after EVERY REBOOT of v7.16beta2 - so not just after upgrade:
/disk set sata1 raid-master=raid1
/disk set sata2 raid-master=raid1
It might be a timing issue. I added those the settings now to a "startup" scheduler...but took adding a ":delay 2s" before them for it to work.
Last edited by Amm0 on Sat Jun 15, 2024 1:23 am, edited 1 time in total.
 
TMS1
just joined
Posts: 4
Joined: Wed Apr 10, 2024 2:55 am

Re: v7.16beta [testing] is released!

Sat Jun 15, 2024 1:23 am

Fixes:

- a
- b

New in this release:

- foo
- bar

Breaking changes:

- baz
Yes! Plese do like that!

Or, at least, mark at the beginning of the line the classification.
+1
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.16beta [testing] is released!

Sat Jun 15, 2024 3:33 pm

2024/06/15 12:29:41.394275 [fatal] writing config file: write /opt/adguardhome/conf/.AdGuardHome.yaml9142876731003399955: no space left on device

Container doesn't start after beta 2, I got 27gb free on usb...

EDIT:Update again messed up paths and keeps changing my only one usb from usb1 to usb2..
Last edited by ivicask on Sat Jun 15, 2024 6:54 pm, edited 3 times in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Sat Jun 15, 2024 4:29 pm

It would be better when all the "What's new" entries were actually put in a database, with each entry having besides the
condensed line shown here on the forum also having a more descriptive paragraph, a pointer to changed documentation,
the subsystem, a version number where the fixed bug first appeared, etc.
Then there would be a webpage where you can enter an existing and new version and you get all relevant changed between
those versions (limited to a subsystem when you also specify that). It would omit the lines for bugs that were introduced
and fixed between the versions you query (so query between 7.14.3 and 7.16beta2 would not list "introduced in 7.15" bugs).
Each entry would have a "hover" text or linked page showing the more descriptive text when available.
This same query could be made from the webfig or other UI when "update is available", just direct to the webpage with the
relevant versions. Some work to setup, but saves a lot of questions from customers so also saves time at the support department.
 
User avatar
netravnen
Frequent Visitor
Frequent Visitor
Posts: 77
Joined: Sun Dec 31, 2017 2:48 am

Re: v7.16beta [testing] is released!

Sun Jun 16, 2024 5:22 pm

RouterOS version 7.16beta has been released on the "v7 testing" channel!
https://mikrotik.com/product/product_ge ... 3_16_41_07

After upgrading to 7.16beta[1-2] I have two LTE interfaces instead of a single LTE interface on RBLHGGR...?

This behaviour is only visibile after upgrading to the 7.16beta[1-2] series ROS. (from 7.14.3/7.15.1)
[admin@RBLHGGR] > /system/routerboard/print 
       routerboard: yes
             model: RBLHGGR
     serial-number: ****
     firmware-type: a3700
  factory-firmware: 6.48.3
  current-firmware: 7.16beta2
  upgrade-firmware: 7.16beta2
[admin@RBLHGGR] > /system/resource/print    
                   uptime: 1d19h48m39s
                  version: 7.16beta2 (testing)
               build-time: 2024-06-12 09:03:28
         factory-software: 6.48.2
              free-memory: 135.6MiB
             total-memory: 256.0MiB
                      cpu: ARM64
                cpu-count: 2
                 cpu-load: 0%
           free-hdd-space: 1584.0KiB
          total-hdd-space: 16.0MiB
  write-sect-since-reboot: ****
         write-sect-total: ****
        architecture-name: arm64
               board-name: RBLHGGR
                 platform: MikroTik
[admin@RBLHGGR] > /interface/lte/print detail 
Flags: X - disabled; R - running; I - inactive 
 0   I default-name="lte1" name="lte1" mtu=1500 
       apn-profiles=default sms-read=no sms-protocol=auto 
       network-mode=gsm,3g,lte 

 1  R  default-name="lte1" name="lte2" mtu=1500 
       apn-profiles=default allow-roaming=no sms-read=no 
       sms-protocol=auto network-mode=gsm,3g,lte band=""
[admin@RBLHGGR] > /interface/lte/export 
/interface lte
set [ find default-name=lte1 ] network-mode=gsm,3g,lte sms-protocol=auto sms-read=no
set [ find default-name=lte1 ] allow-roaming=no band="" name=lte2 sms-protocol=auto sms-read=no
 
phin
just joined
Posts: 21
Joined: Mon Dec 04, 2017 11:25 pm

Re: v7.16beta [testing] is released!

Sun Jun 16, 2024 6:40 pm

Have not tested, but is it possible that...



... now also allows type=FWD records (that forward to specific servers) to function with DoH? That's on my wishlist for a long time (and requested in SUP-132300), and would be nice to finally have it.
I am waiting for this as well. I did never understood the argument "DoH takes it all no matter what".
Would also like this functionality.

Whitelist would be the obvious next item for "basic" blocklist functionality.
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Mon Jun 17, 2024 11:59 am

On this beta the switch menu is present in CHR please hide it just like with the previous CHR version
 
WildWest
just joined
Posts: 17
Joined: Sat Feb 23, 2019 12:02 am

Re: v7.16beta [testing] is released!

Mon Jun 17, 2024 5:57 pm

Updated CRS354-48P-4S+2Q+ from 7.15.1 to 7.16beta2 because of ethernet port issues (Download speed is limited to 10 Mbps)

In result on 7.16beta2 several ethernet ports have some issues with PoE - can't power the devices. The devices are High voltage PoE and can randomly stop working. Reverted back to 7.15.1 - all PoE devices are working again, but having issues again with the port speed.
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.16beta [testing] is released!

Mon Jun 17, 2024 9:22 pm

7.16b2

lots of SNMP errors
SNMP engine sometime stop and won't start until reboot, or disable/enable snmp
cAPGi-5HaxD2HaxD
You do not have the required permissions to view the files attached to this post.
 
User avatar
stmx38
Long time Member
Long time Member
Posts: 650
Joined: Thu Feb 14, 2008 4:03 pm
Location: Moldova, Chisinau

Re: v7.16beta [testing] is released!

Wed Jun 19, 2024 12:09 pm

CHR ARM on Hetzner can't detect full disk size - viewtopic.php?t=207658
Screenshot 2024-06-19 at 12.05.55.png
Screenshot 2024-06-19 at 11.56.25.png
Screenshot 2024-06-19 at 12.04.31.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.16beta [testing] is released!

Wed Jun 19, 2024 12:12 pm

look at the units, GB is not the same as GiB. Disk size is detected properly if you convert form GiB to GB
 
User avatar
stmx38
Long time Member
Long time Member
Posts: 650
Joined: Thu Feb 14, 2008 4:03 pm
Location: Moldova, Chisinau

Re: v7.16beta [testing] is released!

Wed Jun 19, 2024 12:18 pm

We have 2 VM's and both with 40GB disks.

On x86 CHR show 37.9GiB, on arm64 CHR show 9.0GiB - shouldn't they show same value in both cases?
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: v7.16beta [testing] is released!

Wed Jun 19, 2024 4:51 pm

We have 2 VM's and both with 40GB disks.

On x86 CHR show 37.9GiB, on arm64 CHR show 9.0GiB - shouldn't they show same value in both cases?
Maybe this is something you should discuss with Hetzner, after all it is their virtual platform...
On the other hand do you really need more than 9GB for CHR?
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Wed Jun 19, 2024 5:46 pm

But he pays for 40gib :D
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 914
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v7.16beta [testing] is released!

Wed Jun 19, 2024 11:10 pm

bratislav, perhaps more storage for container purposes.

Note that enabling container support (device mode) requires additional steps: viewtopic.php?t=206877#p1072366

stmx38, you can expand the filesystem manually in Hetzner rescue console:

root@rescue ~ # e2fsck -f /dev/sda2
e2fsck 1.47.0 (5-Feb-2023)
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
/dev/sda2: 45/2391200 files (2.2% non-contiguous), 620354/9991168 blocks

root@rescue ~ # resize2fs /dev/sda2
resize2fs 1.47.0 (5-Feb-2023)
Resizing the filesystem on /dev/sda2 to 39964672 (1k) blocks.
The filesystem on /dev/sda2 is now 39964672 (1k) blocks long.

root@rescue ~ # reboot

Relevant issue: SUP-151589 CHR auto expansion failed & bad disk image on Hetzner Cloud arm64 instance
 
User avatar
stmx38
Long time Member
Long time Member
Posts: 650
Joined: Thu Feb 14, 2008 4:03 pm
Location: Moldova, Chisinau

Re: v7.16beta [testing] is released!

Thu Jun 20, 2024 10:07 am

nescafe2002, thanks - that works.

But why enabling Containers is so hard on ARM, is it one more bug?

CHR x86 works with just "Power cycle" button.
Screenshot 2024-06-20 at 09.51.58.png
Screenshot 2024-06-20 at 09.52.43.png
You do not have the required permissions to view the files attached to this post.
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: v7.16beta [testing] is released!

Thu Jun 20, 2024 10:40 am

I would say it is a bug in Hetzner VM installation procedure, on x86 it automatically extends file system for given image to full HDD size, on ARM is does not so you have to do it manually...
 
User avatar
antonsb
MikroTik Support
MikroTik Support
Posts: 411
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: v7.16beta [testing] is released!

Thu Jun 20, 2024 11:16 am

I would say it is a bug in Hetzner VM installation procedure, on x86 it automatically extends file system for given image to full HDD size, on ARM is does not so you have to do it manually...
This was a RouterOS bug, and will be fixed in next version. Resize was 1/4 from actual size
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.16beta [testing] is released!

Fri Jun 21, 2024 1:52 pm

Was hoping 7.16 to fix roaming issues, but no luck, all worked perfect until 7.15 and new drivers.
My devices keep roaming from 5ghz to 2ghz and thats very next to router under full signal, and often multiple devices roam same time(Samsung s23, LG OLED TV, ASUS tablet).
I already reduced 2ghz to 10 TX which is over 10db difference from 5ghz, dont know what else to do.
Have you tried to reduce tx power on 5 GHz instead of 2,4 GHz to see how that would affect the situation? There is a possibility that high signal level (near the router as in this case) can saturate the the radio on client device causing unpredictable behaviour....
 
User avatar
mantouboji
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Aug 01, 2022 2:21 pm
Location: Shanghai

Re: v7.16beta [testing] is released!

Sun Jun 23, 2024 9:33 pm

Please add a "Client MTU" option to wireguard peer configuration page, in order to set the MTU value in some occasion。
 
User avatar
Anime4000
just joined
Posts: 18
Joined: Fri Nov 13, 2020 3:12 pm
Contact:

Re: v7.16beta [testing] is released!

Mon Jun 24, 2024 3:05 pm

2.5G SFP.png
It is possible to add [2.5G baseX] in SFP Supported based on Linux sfp-bus.c#L327
	/* If we haven't discovered any modes that this module supports, try
	 * the bitrate to determine supported modes. Some BiDi modules (eg,
	 * 1310nm/1550nm) are not 1000BASE-BX compliant due to the differing
	 * wavelengths, so do not set any transceiver bits.
	 *
	 * Do the same for modules supporting 2500BASE-X. Note that some
	 * modules use 2500Mbaud rather than 3100 or 3200Mbaud for
	 * 2500BASE-X, so we allow some slack here.
	 */
	if (linkmode_empty(modes) && br_nom) {
		if (br_min <= 1300 && br_max >= 1200) {
			phylink_set(modes, 1000baseX_Full);
			__set_bit(PHY_INTERFACE_MODE_1000BASEX, interfaces);
		}
		if (br_min <= 3200 && br_max >= 2500) {
			phylink_set(modes, 2500baseX_Full);
			__set_bit(PHY_INTERFACE_MODE_2500BASEX, interfaces);
		}
	}
Here address that indicate 2500baseX on SFP I2C:
Address: 0x06, Value: 0x00
Address: 0x0c, Value: 0x1F

Currently, Mikrotik detect these value as 10G baseSR LR which is wrong.

It would be nice if auto neg to 2.5G baseX when SFP has this: 0x06@0x00 & 0x0c@0x1F
You do not have the required permissions to view the files attached to this post.
 
User avatar
netravnen
Frequent Visitor
Frequent Visitor
Posts: 77
Joined: Sun Dec 31, 2017 2:48 am

Re: v7.16beta [testing] is released!

Tue Jun 25, 2024 7:06 pm

Please add a "Client MTU" option to wireguard peer configuration page, in order to set the MTU value in some occasion。
The interface MTU is device local. "Client MTU" must be set on the client side.

For it to be part of the "Client Config" (that can be copy-paste) provided under Wireguard > Peers > Wireguard Peer to another device. This would indeed be a need solution. Rather. Just copy the MTU value of the WG interface configured under Wireguard > Wireguard directly to the example client config shown for the individual Wireguard Peer. The Client MTU should not be ale to be set differently than the parent Wireguard interface.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1352
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.16beta [testing] is released!

Tue Jun 25, 2024 8:06 pm

Please add a "Client MTU" option to wireguard peer configuration page, in order to set the MTU value in some occasion。
The interface MTU is device local. "Client MTU" must be set on the client side.

For it to be part of the "Client Config" (that can be copy-paste) provided under Wireguard > Peers > Wireguard Peer to another device. This would indeed be a need solution. Rather. Just copy the MTU value of the WG interface configured under Wireguard > Wireguard directly to the example client config shown for the individual Wireguard Peer. The Client MTU should not be ale to be set differently than the parent Wireguard interface.
There's room for improvement in that menu. AllowedIPs was requested before, official answer 'till now was "edit it manually on the client", well that's not the point of having a qr / config generator in the first place if you still have to dig into the config to tweak missing pieces, is it?
If it was me, I'd also move the entire "client config" section (that's only used for generating the client qr/config) to another tab on the selected peers menu.
Last edited by Znevna on Sat Jun 29, 2024 9:23 am, edited 1 time in total.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Tue Jun 25, 2024 8:41 pm

If it was me, I'd also move the entire "client config" section (that's only used for generating the client qr/config) to another tab on the selected peers menu).
+1 - it is nice feature but really confusing if you don't know. If on another tab... it both be easy to have some add'l WG attributes like allowedip, mtu, or whatever & be way clear what these "Client Xxxxx:" things are used for. i.e. official WG clients only let you edit (or paste) a config file, so being able to just cut-and-paste all the right WG keys+config from RouterOS is pretty handy to setup a new peer.
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.16beta [testing] is released!

Wed Jun 26, 2024 10:13 pm

I'm running into the "client was disconnected because could not assign vlan".
Is this due to the fact I'm running hybrid (both wifi-qcom and wifi-qcom-ac? Didn't have this with an wifi-qcom-ac only environment.

Yes, I'm using FT. Would setting ft-preserve-vlanid to yes make sense in this case?
Or is it related to the existing accesslist (rejecting clients below thresshold)?

I noticed that clients also get an IP address of the untagged assigned VLAN ID DHCP server and the correct VLAN ID DHCP server (both management and corporate).
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.16beta [testing] is released!

Thu Jun 27, 2024 9:43 am

I'm running into the "client was disconnected because could not assign vlan".
Is this due to the fact I'm running hybrid (both wifi-qcom and wifi-qcom-ac? Didn't have this with an wifi-qcom-ac only environment.
I ran into the same issue at home this week when installing wAP AC using wifi-qcom-ac drivers in capsman environment.
For that device you need to set ft-preserve-vlanid to NO (open it in Winbox and leave it blank).
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.16beta [testing] is released!

Thu Jun 27, 2024 9:53 am

Thanks @holvoetn, will try this later today.

Update: Yes, this is indeed solving the issue I had.
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 926
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 28, 2024 9:26 pm

CCR1009 RoS v 7.16beta2
Starting with Ros 7.15 Scheduler is still broken as it tries to launch my on STARTUP script ... all the scripts have been tested and have zero errors ... very annoying ...
The issue with the scheduler is now solved. The first script in the “startup” chain had a delay of 10 seconds … apparently this was not enough time cause when RoS reboots the interfaces do not initialize within that time delay so the dynu scrip generates an error condition that it cannot find the pppoe interface - and that kills scheduler from proceeding … I increased the delay to 15 seconds and this time all the scripts completed their tasks … picking 15 seconds was just a random number … when I have time I play with the time element by increments of 1 second and see if I can shorten the delay.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Fri Jun 28, 2024 10:59 pm

I actually consider it a bug that the startup script (just like the "run after reset" script that can be specified in a reset-configuration) is being run before the router finishes initialization.
In the past it has caused me much hair-pulling when I wanted to reinitialize a router, doing an export, some editing, and then reset-configuration with run-after-reset. Some interfaces (like wireless) not yet present and the script is failing.
There the workaround is "insert a delay" too, but that kind of kludges should not be necessary.
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 926
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: v7.16beta [testing] is released!

Fri Jun 28, 2024 11:51 pm

There the workaround is "insert a delay" too, but that kind of kludges should not be necessary.
Yes I agree with your assessment — that it’s a bug …
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 12:11 pm

What's new in 7.16beta3 (2024-Jun-27 08:33):

*) 6to4 - fixed 6to4 tunnel LL address generation after system reboot;
*) 6to4 - limit keepalive timeout maximum value;
*) 6to4 - make "remote-address" parameter mandatory;
*) address - added "S" flag for addresses that belong to a slave interface;
*) arm64/x86 - added rtl8111/8168/8411 firmware;
*) bridge - added L2 MDB support for switch chips with HW offloaded IGMP snooping;
*) bridge - do not allow duplicate ports;
*) bth - improved system stability;
*) certificate - added support for cloud-dns challenge validation for sn.mynetname.net (CLI only);
*) certificate - automatically parse uppercase symbols to lowercase when registering domain on Let's Encrypt;
*) chr - fixed incorrect disk size for ARM64;
*) console - added additional byte-array option to :convert command;
*) console - fixed an issue where certain MAC address can be interpreted as time value;
*) console - fixed typo in firewall error message;
*) console - improved stability when pasting a large input;
*) defconf - configure the default-route property for PPP clients only on devices with a built-in modem;
*) dhcp - added comment property for matchers, options and option sets;
*) dhcpv4-server - added matcher ability to match substring;
*) dhcpv4-server - added name for "User-Class" option (77), "Authentication" option (90), "SIP-Servers-DHCP-Option" option (120) and "Unassigned" option (163-174) in debug logs;
*) dhcpv6-client - release client on failed renew attempt (additional fixes);
*) discovery - added LLDP Port VLAN ID, Port And Protocol VLAN ID, VLAN Name TLVs support;
*) discovery - added LLDP-MED timeout;
*) discovery - set unknown bit for any unspecified link type in MAC/PHY TLV;
*) disk - added log message when disks get added or removed;
*) dns - added support for DoH with static FWD entries;
*) dns - added support for mDNS proxy (CLI only);
*) dns - refactored DNS service internal processes;
*) firewall - removed unnecessary TLS host matcher from NAT tables;
*) health - removed unnecessary health settings for RB921 and RB922 devices;
*) install - allow to save old configuration during cdrom install;
*) iot - added an option to log LoRa filtered packets (additional fixes);
*) iot - added LoRa option to filter out proprietary packets (additional fixes);
*) ipip6 - make IPv6 LL address random;
*) ipsec - improved performance by balancing multicore CPU usage;
*) ipv6 - added "d" deprecated flag for expired IPv6 SLAAC addresses;
*) ipv6 - allow to properly disable address when it is generated from pool;
*) ipv6 - allow to properly move IPv6 address from slave interface to a bridge interface;
*) ipv6 - do not allow adding address with invalid prefix when using pool;
*) ipv6 - do not allow to manually delete LL address;
*) ipv6 - fixed "no-dad" functionality;
*) ipv6 - fixed SLAAC address dynamic appearance;
*) ipv6 - properly initialize default ND "interface=all" entry;
*) ipv6 - warn user that reboot is required in order to properly apply accept-router-advertisements changes;
*) leds - fixed system LED to indicate correct RAT for Chateau (introduced in v7.16beta1);
*) lte - fixed modem dialer disable for Chateau 5G devices when cellular modem support mode set to serial (introduced in v7.16beta2);
*) lte - improved system stability for MBIM modem during AT query (introduced in v7.16beta1);
*) modem - fixed cases where USB bus could switch places (introduced in v7.16beta1);
*) modem - fixed modem firmware upgrade for Chateau 5G and Chateau 5G R16 (introduced in v7.15) (additional fixes);
*) netwatch - use time format according to ISO standard;
*) port - added IPv6 support for the "remote-access" feature;
*) ppp - automatically generate IPv6 firewall rules when filter-id is specified;
*) profiler - classify wifi processing as "wireless";
*) rose-storage - fixed "/file sysnc status" parameter to be read-only;
*) rose-storage - moved "/rsync-daemon" to "/file rsync-daemon;
*) route - fixed incorrectly handled route distinguisher and route targets (introduced in v7.15);
*) sfp - fixed calculated link length based on EEPROM in certain cases;
*) ssh - improved system stability when SSH tries to bind to non-existing interface;
*) ssh - fixed SSH cryptographic accelerator selection (introduced in v7.14);
*) supout - rename "store" section to "disk";
*) switch - fixed an issue where half-duplex links could occupy Tx resources for 98DX8xxx, 98DX4xxx, 98DX325x switch chips;
*) switch - fixed an issue with Ethernet port group hang for CRS354 devices;
*) system - added "clock" logging topic for time change related messages;
*) system - do not start IPsec and certificate processes when not necessary;
*) system - fixed an issue where routing configuration was missing after performing a reset, adding a new configuration and then upgrading (introduced in v7.15);
*) system - improved reporting of total memory size;
*) tunnel - allow specifying IPv6 LL address as "remote-address" for EoIPv6, GRE6 and IPIP6 tunnels;
*) user - added inactivity timeout for non-GUI sessions;
*) wifi - added "slave-name-format" (CLI only);
*) wifi - adjusted virtual interface naming when provisioning local radios;
*) wifi - do not allow frequency-scan on virtual interfaces;
*) wifi - fixed packet receive when having multiple station interfaces;
*) wifi - fixed signal strength reporting during association (introduced in v7.15) (additional fixes);
*) wifi - improve regulatory compliance for Chateau ax devices;
*) wifi-qcom - add spectral-scan and spectral-history tools (CLI only) (additional fixes);
*) wifi-qcom-ac - count dropped packets to "tx-drop" instead of "tx-error";
*) winbox - fixed false invalid flag under "System/Ports/Remote Access" menu;
*) winbox - moved Switch menu tabs to individual menus (additional fixes);
*) winbox - separated different Watchdog settings into logical tabs;
*) winbox/webfig - fixed skins (introduced in v7.15);
*) wireless - allow unsetting signal-range and ssid-regext properties for capsman access-list (additional fixes);
*) x86 - added missing PCI ids for bnx2x driver;
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 12:22 pm

 
 *) dns - added support for mDNS proxy (CLI only);
 *) ipv6 - fixed "no-dad" functionality; 
 
finally we can test anycast now and mDNS proxy this is awesome any docs?
Last edited by loloski on Mon Jul 01, 2024 12:35 pm, edited 2 times in total.
 
Simonej
Frequent Visitor
Frequent Visitor
Posts: 60
Joined: Sun Aug 22, 2021 3:34 am

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 12:34 pm

*) dns - added support for mDNS proxy (CLI only);
OMG it is what I think is? mDNS repeater trough VLANs?
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 1:05 pm

yes, real mDNS repeater. Very simple config, just add interfaces and enable.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 1:29 pm

 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2182
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 3:27 pm

What's new in 7.16beta3 (2024-Jun-27 08:33):

*) bridge - added L2 MDB support for switch chips with HW offloaded IGMP snooping;
Am I right that this is Hardware Multicast support ?
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 4:25 pm

This update enhances the existing hardware multicast support. Now, you can create static multicast group entries using MAC addresses, for example:
/interface bridge mdb
add bridge=bridge1 group=01:00:5E:01:01:02 ports=ether2
add bridge=bridge1 group=33:33:00:00:00:02 ports=ether2,ether3
Although it may not be very useful right now, it could become helpful in the future when you need to use dynamic multicast groups with MAC addresses instead of IPs from IGMP.
 
dksoft
Member Candidate
Member Candidate
Posts: 153
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 4:30 pm

yes, real mDNS repeater. Very simple config, just add interfaces and enable.
I found /ip dns mdns-repeat-ifaces but overlooked "enable". Can you please give a hint? Thanks.
 
User avatar
msilcher
just joined
Posts: 7
Joined: Mon Mar 09, 2009 9:39 pm
Location: Argentina

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 5:24 pm

Hi there,

I'm using DNS FWD entries and usually could ping to a FQDN for those FWD entries from the terminal. This is not working anymore in 7.16. Please fix it, it is really useful.

ping portal.test.internal
invalid value for argument address:
invalid value of mac-address, mac address required
invalid value for argument ipv6-address
while resolving ip-address: name does not exist


Thank you!
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 6:28 pm

My DoH stopped working when I updated to 7.16_beta3 from beta2
I didn't reboot my router since adding the DoH function last week so it might be that. To correct the problem I had to add 1.1.1.1 to Servers
Screenshot 2024-07-01 162608.png
My previous setting was just adding the following to static, thoughts please.

Static
cloudflare-dns.com
104.16.249.249
cloudflare-dns.com
104.16.248.249
You do not have the required permissions to view the files attached to this post.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 6:41 pm

Rolling back the dns is shit
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 7:01 pm

Ok, rolled back with my old settings, all works fine!

Mikrotik ??
You do not have the required permissions to view the files attached to this post.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 7:15 pm

yes, real mDNS repeater. Very simple config, just add interfaces and enable.
I found /ip dns mdns-repeat-ifaces but overlooked "enable". Can you please give a hint? Thanks.
You just need to specify the interface where mDNS should be "shared".
/ip/dns set mdns-repeat-ifaces=vlan20,vlan10
There is no enable, just add the interfaces.

But "disable"... there is should be a "reset" in /ip/dns to do it, but isn't. But using an empty string will "disable" it:
/ip/dns set mdns-repeat-ifaces=""
 
msatter
Forum Guru
Forum Guru
Posts: 2941
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 9:13 pm

Had to revert to 16.2 due to WireGard not starting. It looked like Current Endpoint could not retrieve static DNS entries. Looking in the cache table the IP was present for the static DNS entry.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1611
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 9:22 pm

I had the same issue with WG DNS endpoints. Maybe this drop has the "overhauled" DNS?
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 01, 2024 10:37 pm

...just add interfaces and enable.
Humm... A new feature, and it already comes without support to Interface-Lists.

😭
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 12:06 am

Maybe this drop has the "overhauled" DNS?
"overhauled" DNS already makes me shiver...
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1611
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 12:28 am

Yeah, it looks like the people who managed the “refactored DNS service internal processes” didn't carry out the most basic tests. It makes me wonder if they're even conducting CI/CD pipeline test automation at all..
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 12:46 am

I would have cheered when the changelog line was "changed DNS resolver to unbound" but unfortunately that does not seem to be what is happening...
That resolver includes an elaborate regression test set and -tool in the source code. Those guys know why that is important for DNS resolvers...
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 2:15 am

And it seems like making /ip/dns VRF-aware in 7.15 according to https://download.mikrotik.com/routeros/7.15/CHANGELOG is still broken in 7.16beta3 :-(
*) dns - added VRF support;
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 3:25 am

I am assuming that the mDNS feature requires that the Firewall allows inbound on all the relevant interfaces for udp port 5353 for IP packets addressed even if addressed to 224.0.0.251 ?
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 5:25 am

@Apachez are you the same Apachez on VYOS forum, if you are I'm glad you are here too
 
Sob
Forum Guru
Forum Guru
Posts: 9188
Joined: Mon Apr 20, 2009 9:11 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 6:10 am

*) 6to4 - make "remote-address" parameter mandatory;
In other words, you're dropping support for RFC 3056. Because that needs unspecified remote address. Is it intentional?

I know that the whole thing is not very popular. Accompanied RFC 3068 is even deprecated. I'm probably one of the few who still use it (not with v7, because attempting to do so crashes it; SUP-97719). I'll (have to) survive without it, but I was hoping that you would eventually fix it, since you broke it (it works fine in Linux), and it might still be useful for someone.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 7:50 am

Static DNS querying will be fixed in the upcoming RouterOS beta release. Please remember - this is beta. Released for testing new features and fixes. Some services might not work properly, and these version should not be used on important routers. As for the DoH - we are looking into this and will update later on.
 
pfturner
newbie
Posts: 35
Joined: Fri Jun 09, 2023 4:31 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 9:40 am

In IPv6 my VLANs no longer show up dynamically under ND - only the bridge. Do I need to add them manually and the global addresses and routes? I moved from 7.15.2 stable to 7.16beta3.
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 9:48 am

Static DNS querying will be fixed in the upcoming RouterOS beta release. Please remember - this is beta. Released for testing new features and fixes. Some services might not work properly, and these version should not be used on important routers. As for the DoH - we are looking into this and will update later on.
I have had my issues where the /ip/dns VRF-awareness is failing for both the stable 7.15.1 and 7.15.2 aswell as the 7.16beta2 and 7.16beta3.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 10:16 am

Dear MikroTik team, please do not take this negatively. This is well-intentioned advice. There is a quote that even beta releases are tested by thousands of automated tests (viewtopic.php?t=208346#p1080582). Then a beta version appears with a DoH that cannot work at all - due to a dead-lock situation (static DNS entries are ignored, but DoH domains must be resolved to IP). No one tested this - not even manually. And it is not that a bug occurred somewhere one would say: "woah, that is pretty weird that this change broke unrelated functionality X". No, the feature in changelog itself was not working as intended. It would be so wise and positive to cover new features with corresponding tests! Software quality would increase dramatically! It is clear that it is almost impossible to retrospectively cover an entire ROS with automated tests; with all possible configuration options, it would be an absurd amount of effort, and probably not all cases would be covered still. But as mentioned: when adding new features, it is certainly advisable to have the basic functionality of the feature covered by a few tests.
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 10:38 am

@Apachez are you the same Apachez on VYOS forum, if you are I'm glad you are here too
Yup, thats me! (failed to find how to send you a DM so the reply is public instead).
 
txfz
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Tue Mar 10, 2020 9:02 am

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 11:07 am

This was brought up in a previous thread, but here is my proposal for formatting the change logs. Add and adjust headers as necessary.

7.16beta1 (2024-06-05 11:52)

Changes

  • supout - added netwatch section

Fixes

  • route - fixed memory leak (introduced in v7.15);
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 2:37 pm

Rolling back the dns is shit
This is a beta version, not a production version.
Using beta in production are just asking for trouble.
If you have error, report it and it many be fixed.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 3:55 pm

Yeah sure, but bugs in the DNS resolver are often complex and difficult to hunt down, I have already wasted way too much time on them.
I already made a mental note: skip 7.16 upgrades until at least 7.16.2 is released....
 
User avatar
colinardo
just joined
Posts: 19
Joined: Sun Jan 08, 2017 9:02 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 5:08 pm

I am assuming that the mDNS feature requires that the Firewall allows inbound on all the relevant interfaces for udp port 5353 for IP packets addressed even if addressed to 224.0.0.251 ?
Yes that's correct. If your firewall drops the udp multicasts on the input chain, the mDNS proxy will not see the traffic and thus does not repeat anything.
 
gfunkdave
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Tue Jan 09, 2018 12:05 am

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 6:56 pm

*) dns - added support for DoH with static FWD entries;
*) dns - added support for mDNS proxy (CLI only);

These are both so exciting!

I am assuming that the mDNS feature requires that the Firewall allows inbound on all the relevant interfaces for udp port 5353 for IP packets addressed even if addressed to 224.0.0.251 ?
Yes that's correct. If your firewall drops the udp multicasts on the input chain, the mDNS proxy will not see the traffic and thus does not repeat anything.
So does the firewall rule need to allow 5353udp on the forward chain or the input chain?
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 7:22 pm

*) dns - added support for DoH with static FWD entries;
*) dns - added support for mDNS proxy (CLI only);

So does the firewall rule need to allow 5353udp on the forward chain or the input chain?
AFAIK, repeated mDNS via input (or output) chain (NOT forward) since it's a local process in Packet Flow diagrams.

Keep in mind mDNS is just IP name resolution... So if the interface involved in mDNS repeating have firewall rules between them, you'd have to allow any protocols used by mDNS devices, in addition to 5353/udp. For example, while allowed 5353/udp is going to let you see printers/etc, if the IPP port isn't also opened (via "forward" chain)... mDNS discovery isn't going to help to print without IPP being allowed too.

If VLANs/interfaces using by mdns-repeat-ifaces= are just in the "LAN" interface-list, then the default firewall should allow repeating and protocol used. Now...If inter-VLAN routing is restricted, then you need firewall rules – both for mDNS 5353/udp & what ever protocol the discovered devices use too.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 7:40 pm

Very excipted to finally see this:
*) dns - added support for DoH with static FWD entries;
Thanks a lot, Mikrotik!

Anyway... This does not (yet) work for me.

Though... Even disabling DoH does not help here, the forwarding does not work as expected. I think I have the regular expression right, so wondering what's the deal here. Anybody else?
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 7:55 pm

This is really scary whenever someone from the dev enhancing the DNS code base one way or another they always broke the dns resolver, can you just adapt other code base like tinydns/dnscache from djb or any reputable alternatives so that you can concentrate on more pressing issues and do what you do best?, this is a recurring issues and the code is very fragile so to speak
 
pfturner
newbie
Posts: 35
Joined: Fri Jun 09, 2023 4:31 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 8:09 pm

Does the mDNS proxy handle multiple VLANs - not just two? How do I remove it if I decide to implement later instead?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 9:03 pm

@loloski @eworm yes, and now you/we are lucky because it does not work at all, a clear state. but once those bugs are fixed we again risk to be in the situation were it seems to work but it fails in all kinds of border cases, as happened several times before. a sad situation...
 
tssge
just joined
Posts: 14
Joined: Sat Aug 08, 2015 9:11 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 10:31 pm

This is really scary whenever someone from the dev enhancing the DNS code base one way or another they always broke the dns resolver ... this is a recurring issues and the code is very fragile so to speak
and
... now you/we are lucky because it does not work at all, a clear state. but once those bugs are fixed we again risk to be in the situation were it seems to work but it fails in all kinds of border cases, as happened several times before. a sad situation...
This version of RouterOS is marked as beta software. Such breaking issues are to be expected, usually one should expect far worse issues considering it's a beta (regardless of the manufacturer), and one shouldn't run such software in production eg. you should run bleeding edge software only on devices for which critical issues that cause downtime are acceptable.

If you are running beta versions on mission critical boxes where a box failing to boot causes real harm, you should re-evaluate your update preferences and use stable versions instead. That is the reason stable releases exist after all. The idea of a beta software is to surface these critical issues so that they do not end up in stable.
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 10:56 pm

But at the same time these "betas" fixes critical errors found in the "stable" releases - which gives?

Should I use a "stable" release who is more broken than the "beta" release who is just slightly broken? Which one would you recommend to be used in production?
 
tssge
just joined
Posts: 14
Joined: Sat Aug 08, 2015 9:11 pm

Re: v7.16beta [testing] is released!

Tue Jul 02, 2024 11:52 pm

But at the same time these "betas" fixes critical errors found in the "stable" releases - which gives?

Should I use a "stable" release who is more broken than the "beta" release who is just slightly broken? Which one would you recommend to be used in production?
It is totally possible for stable releases to have issues as well: no software release is perfect. However the difference is that beta software is expected to have critical issues, while stable software is not. What I'm after is that it is totally acceptable for beta software to have major issues and while these should of course be relayed to the manufacturer and fixed, also avoided by the manufacturer in the first place to the best of their abilities, it seems odd to complain about such issues existing when the expectation is that there are going to be such issues indeed. I'd understand complaints of bad quality if a stable version failed to boot due to some trivial issue, or the DNS refactoring in question was sent to stable as-is, however in beta such a thing is the norm.

Generally manufacturers (MikroTik included) backport fixes first tested in beta versions to the stable versions. These are the minor RouterOS releases you see on the stable branch (eg. 7.15.2). Why do they usually end up in beta first? Bugfixes need to be tested just like any other change to ensure they do not cause more serious bugs. This process may be expedited if the bug in question is a severe one, however expediting requires factoring in the risk and benefit ratio of the process. It's a balance.

Now back to your original question: Should I use a "stable" release who is more broken than the "beta" release who is just slightly broken? In exceptional cases with serious issues in stable using beta might make sense, however most of the time the issues uncovered in stable are relatively minor and urgent fixes will be expedited anyways. So once in a blue moon would be my answer.

This is of course a balance of personal risk factors similar to the one the manufacturer performs. For one I run beta versions "in production" for my home internet when at home, because the risk of running a beta version for me is the 15 minutes it'll take to downgrade my home router to a stable version if so required. Thus in my personal case the benefits of running beta outweigh the risk.

Would I make the same choice for an office with say 20 or 100 employees on a Monday? No way and neither if I didn't have physical access to the device. This comes from past experience of having to drive 4 hours in total to the datacenter and back in order to reboot a router. Learned my lesson.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 12:29 am

Couldn't this be solved by creating "long term" or "mature" branch which would only contain final versions of previous stable branches - which would currently be 7.14.3 (or 7.14.4 for clarity) and final version of 7.15 branch when 7.16 comes out as stable release?

This is obviously far from a perfect solution but still significantly better option than current absence of this option...
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 12:37 am

This version of RouterOS is marked as beta software. Such breaking issues are to be expected, usually one should expect far worse issues considering it's a beta
Well, after MikroTik being in the field of router software development for nearly 30 years we could kind of expect that the developers have gotten around to setting up some automated test environment that runs a series of regression tests before even a beta release hits the download servers.
That test set would contain tests for basic functionality, and also for any problems that have been found and fixed in the past.
Even when not all tests are run at every beta release (it may take too much time), one would at least expect the tests for any features that have been modified (in this case: the DNS resolver) to be run.
When beta versions can go out with such issues, at what point in time will the tests be done that make the "stable" version go out without them? Or are "we" (the users) supposed to do the testing?
 
tssge
just joined
Posts: 14
Joined: Sat Aug 08, 2015 9:11 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 2:38 am

Well, after MikroTik being in the field of router software development for nearly 30 years we could kind of expect that the developers have gotten around to setting up some automated test environment that runs a series of regression tests before even a beta release hits the download servers.
They most likely have such tests for previously identified regressions. New features are new, for a regression test to be written a regression first has to happen: either in the MikroTik internal alpha testing phase or the public beta testing phase like here.

That test set would contain tests for basic functionality, and also for any problems that have been found and fixed in the past.
Exactly, this DNS functionality is novel on RouterOS and thus these problems have not been found and fixed in the past. If they had been why would MikroTik intentionally ship bugs (without marking them as known issues)? The issues concerning this beta version may have been uncovered in this thread for the first time ever.

When beta versions can go out with such issues, at what point in time will the tests be done that make the "stable" version go out without them?
Such tests are usually ready in the release candidate phase. As the release candidate is a candidate for stable unless new issues are discovered in brief period of running a release candidate. So stable release by definition is the point in time where the tests have been done for the release to be made without these bugs present anymore. Of course this doesn't guarantee that all bugs were found.

If I had to criticize MikroTik's processes I'd point out that new features probably shouldn't be added in the release candidate phase like they commonly do. However release candidate might just be the public facing name of these releases and internally such features might have been in testing for a long time, so it's hard to tell.

Or are "we" (the users) supposed to do the testing?
Yes! That is the very definition of beta software and the reason beta versions exist in the first place. If MikroTik wouldn't like the community to help test unstable versions, they would not do beta releases: preparing such releases for no benefit would be a waste of time and effort.
 
tssge
just joined
Posts: 14
Joined: Sat Aug 08, 2015 9:11 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 2:44 am

Couldn't this be solved by creating "long term" or "mature" branch which would only contain final versions of previous stable branches - which would currently be 7.14.3 (or 7.14.4 for clarity) and final version of 7.15 branch when 7.16 comes out as stable release?
Long-term releases already exist for RouterOS, however the branch lags behind in features by a lot (as is to be expected). Right now the long term tree has yet to be updated to RouterOS 7+ for example. I'd guess the users of long-term releases have some very mission critical installations or they just want the peace of mind of not having to worry about updates as much.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 3:12 am

The beta versions are released in order to find the bugs! The more, the better. That is the whole point of betas - find issues before the stable releases. Otherwise we would not release them at all. You should use betas if you agree to risk and help for us to find issues of different kind of sets of configuration combinations. So to sum up - the goal is reached every time you report that something is not working as expected!

Beta should be used when something is not working for you and you see a fix in changelog which might help - see if it does. Or if you want to test a new feature and comment if it is working as you might expect.

Please keep this topic related to 7.16 features and fixes, not the version release concept.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 3:57 am

If you gave a little more detail on new things, people might try them. i.e.
*) ip/ipv6 - added multipath hash policy settings;
/ip/settings/set ipv4-multipath-hash-policy=<tab>
l3     l3-inner     l4   

Does "l4" mean ports/protocols? Does it work with static ECMP routes, or only some/all routing protocols?

Update: F1 does work here, that's progress.
l3 -- layer-3 hashing of src IP, dst IP
l3-inner -- layer-3 hashing or inner layer-3 hashing if available
l4 -- layer-4 hashing of src IP, dst IP, IP protocol, src port, dst port
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 9:46 am

If you gave a little more detail on new things, people might try them. i.e.
Especially how new things **should** work. So one can spot a bug eventually. E.g. mDNS proxy put up some questions.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 9:52 am

If you gave a little more detail on new things, people might try them. i.e.
It is in the manual:
https://help.mikrotik.com/docs/display/ ... CMP)routes
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 10:35 am

Fair enough. Since I use ECMP, this a great.

More that you might get more testers if they knew what to test. ;) Load balancing is always a topic. The practical effect of new "/ip/settings/set ipv4-multipath-hash-policy=l4" means there is no downside to using ECMP/routing approach over PCC/firewall approach for LB. Since IMO ECMP is WAY easier to setup, the subtle "added multipath hash policy settings" may not garner a lot of testers of it.
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 11:08 am

Well, after MikroTik being in the field of router software development for nearly 30 years we could kind of expect that the developers have gotten around to setting up some automated test environment that runs a series of regression tests before even a beta release hits the download servers.
They most likely have such tests for previously identified regressions. New features are new, for a regression test to be written a regression first has to happen: either in the MikroTik internal alpha testing phase or the public beta testing phase like here.

That test set would contain tests for basic functionality, and also for any problems that have been found and fixed in the past.
Exactly, this DNS functionality is novel on RouterOS and thus these problems have not been found and fixed in the past. If they had been why would MikroTik intentionally ship bugs (without marking them as known issues)? The issues concerning this beta version may have been uncovered in this thread for the first time ever.

When beta versions can go out with such issues, at what point in time will the tests be done that make the "stable" version go out without them?
Such tests are usually ready in the release candidate phase. As the release candidate is a candidate for stable unless new issues are discovered in brief period of running a release candidate. So stable release by definition is the point in time where the tests have been done for the release to be made without these bugs present anymore. Of course this doesn't guarantee that all bugs were found.

If I had to criticize MikroTik's processes I'd point out that new features probably shouldn't be added in the release candidate phase like they commonly do. However release candidate might just be the public facing name of these releases and internally such features might have been in testing for a long time, so it's hard to tell.

Or are "we" (the users) supposed to do the testing?
Yes! That is the very definition of beta software and the reason beta versions exist in the first place. If MikroTik wouldn't like the community to help test unstable versions, they would not do beta releases: preparing such releases for no benefit would be a waste of time and effort.
So what is your explanation that the broken VRF-support of /ip/dns which was released in 7.15 stable (and is still broken in 7.15.2 stable AND 7.16beta3) got through the basic testing internally at Mikrotik HQ (if such tests even exists)?

Its not like some exotic error with 42 dependencies that must happen with nano-second precision in order and a full moon to occur - its simple as adding the VRF syntax to the /ip/dns and try to perform a DNS lookup form within the Mikrotik verifying that the DNS service will use the configured VRF and it currently fails big time (disclaimer: it could be me who is doing something wrong here but since the other VRF-aware services works along with both ping and traceroute towards the DNS-server when selecting this VRF then I doubt the error is at my end - also if I reconfigure so I use VRF=main for both /ip/dns and the mgmt-interface (ether1) the DNS lookups works which proofs that there is not something odd going on at my end or internetconnection etc).

To me thats a hint that the quality assurance is going downhill and I agree with that other thread questioning why Mikrotik is currently rushing new features which seems to be broken rather than fixing already known issues: viewtopic.php?t=208900

Also I dont agree with your claim that betas are expected to be flawed and have errors. Its rather the other way around. Betas are something that should have passed the internal testing ready to be shown to the public but with the disclaimer that there MIGHT exist bugs, not that there WILL exist bugs. If none of the public users finds anything odd then the very same code will become the stable release. Which boils down to if none of the public users tests the betas it means that the bugs you claim WILL exist will go unnoticed into the stable release...

So yes I agree with you that betas (generally speaking) are not suitable to be used in production - but when the latest beta fixes more issues than the latest stable (who were released after the beta) I still question should I use the latest stable who is more broken than the latest beta?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 11:47 am

I don't want to get this into a long discussion as that does not belong here, but:
Exactly, this DNS functionality is novel on RouterOS and thus these problems have not been found and fixed in the past
When something is changed in a core component like the DNS resolver, I fully expect that the basic functionality is tested.
Can it resolve a static record that has been added to the router?
Even if that hasn't ever failed in a released version in the past, I still expect it to be tested.
Or are "we" (the users) supposed to do the testing?
Yes! That is the very definition of beta software and the reason beta versions exist in the first place. If MikroTik wouldn't like the community to help test unstable versions, they would not do beta releases: preparing such releases for no benefit would be a waste of time and effort.
Well, I consider it a waste of people's time and effort to release beta versions that have not been tested to a minimal level in-house.
I did not install this version anywhere except on my test CHR, and I am not affected by these problems, but I think beta testing would assume testing for complicated situations that may be present only on some customer's configuration.

More to the point of this release: I am worried that again the DNS code is being fiddled with. A DNS resolver is a complicated piece of software and it is very apparent that MikroTik (or only the developer that has been assigned to this task) severely underestimates it.
I am still a proponent of dropping the entire existing resolver and switching to "unbound", an open source resolver with a good reputation that comes with an automated test harness and many tests. Those people know what they are doing.
When there is a space issue on 16MB routers, it could be considered to have an optional package that, when installed, replaces the current DNS resolver with unbound. And that can be installed on routers with enough free space.
Besides all the features that the current resolver has or that are currently being added, unbound also supports DNSSEC.
That will certainly be a feature that people want, and at some point it will be a minus for RouterOS when it does not have it.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 12:33 pm

It is most probably about dependencies (openssl, etc.) that makes it so hard to adopt/integrate it into ROS.
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 2:41 pm

What's new in 7.16beta4 (2024-Jul-02 15:47):

*) discovery - added discover-interval setting;
*) disk - added "wipe-quick" file-system option to format-drive command (CLI only);
*) dns - refactored DNS service internal processes (additional fixes);
*) filesystem - improved boot speed after device is rebooted without proper shutdown;
*) filesystem - refactored internal processes to minimize sector writes;
*) health - improved voltage measurements for RB912UAG-6HPnD and RB912UAG-5HPnD devices;
*) ipv6 - do not allow to manually delete LL address (additional fixes);
*) log - added basic validation for "disk-file-name" property;
*) lte - fixed R11e-LTE no traffic flow when modem with old firmware is used;
*) poe-out - fixed possible issue with "current_too_low" on devices with a single PoE out interface (introduced in v7.16beta1);
*) routerboard - improved Etherboot stability for IPQ-40xx devices ("/system routerboard upgrade" required);
*) user - added inactivity timeout for non-GUI sessions (additional fixes);
*) x86 - fixed missing serial ports with MCS9900;
 
User avatar
msilcher
just joined
Posts: 7
Joined: Mon Mar 09, 2009 9:39 pm
Location: Argentina

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 3:20 pm

Hi there,

I'm using DNS FWD entries and usually could ping to a FQDN for those FWD entries from the terminal. This is not working anymore in 7.16. Please fix it, it is really useful.

ping portal.test.internal
invalid value for argument address:
invalid value of mac-address, mac address required
invalid value for argument ipv6-address
while resolving ip-address: name does not exist


Thank you!
It looks like this has been fixed in beta4, thank you!
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 3:40 pm

Anyway... This does not (yet) work for me.

Though... Even disabling DoH does not help here, the forwarding does not work as expected. I think I have the regular expression right, so wondering what's the deal here. Anybody else?
Works in 7.16beta4 now. Thanks a lot!
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 4:49 pm

Static problem resolved thanks.
 
buset1974
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Sep 13, 2006 12:12 pm
Location: Jakarta

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 5:41 pm

7.16.beta4 still have bugs in BGP VPN4 in a particular cases.
has been reported almost a month ago.
Please check ticket no SUP-3085 for details & videos what the problem is and response the ticket please


thx
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 161
Joined: Wed Jun 12, 2019 5:04 am

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 7:24 pm

What kind of errors?
 
pfturner
newbie
Posts: 35
Joined: Fri Jun 09, 2023 4:31 pm

Re: v7.16beta [testing] is released!

Wed Jul 03, 2024 9:51 pm

Has anyone found that ND "all" in IPv6 is no longer picking up VLANs (interfaces under a single Bridge) and assigning prefixes to each? It worked fine in 7.15.2 stable and then I got greedy and wanted to try the new mDNS proxy functionality.

Nothing has changed in my setup except adding in the mDNS CLI line...

What has changed in the IPv6 section that could be intentionally or unintentionally causing this?
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.16beta [testing] is released!

Thu Jul 04, 2024 10:20 am

What's new in 7.16beta5 (2024-Jul-25 15:47):

*) log - logging now following rfc 5424 standard;
I do hope to see the above message regarding logging mess SUP-105353 SUP-144261:
viewtopic.php?t=124291
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Thu Jul 04, 2024 11:01 am

Let me check my crystal ball:
What's new in 7.91beta3 (2030-Jul-25 15:47):

*) log - logging now partially following rfc 5424 standard;
😋
 
User avatar
ID
newbie
Posts: 35
Joined: Tue Dec 26, 2006 10:36 pm

Re: v7.16beta [testing] is released!

Thu Jul 04, 2024 1:35 pm

v7.16b4 still mixing IPv6 PD over PPPoE for a while.

PPPoE Server
Jul/04/2024 13:20:47 dhcp,debug,packet  -> ia_pd: 
Jul/04/2024 13:20:47 dhcp,debug,packet    t1: 43200
Jul/04/2024 13:20:47 dhcp,debug,packet    t2: 69120
Jul/04/2024 13:20:47 dhcp,debug,packet    id: 0x2
Jul/04/2024 13:20:47 dhcp,debug,packet   -> ia_prefix: 
Jul/04/2024 13:20:47 dhcp,debug,packet     prefix: xxxx:xxxx:3:3002::/64
Jul/04/2024 13:20:47 dhcp,debug,packet     valid time: 0
Jul/04/2024 13:20:47 dhcp,debug,packet     pref. time: 0
Jul/04/2024 13:21:15 dhcp,debug,packet recv server: <pppoe-user3> fe80::93bf:dd60:0:2 -> ff02::1:2
Jul/04/2024 13:21:15 dhcp,debug,packet type: solicit
Jul/04/2024 13:21:15 dhcp,debug,packet transaction-id: 3b7d34
Jul/04/2024 13:21:15 dhcp,debug,packet  -> clientid:   00030001 005056bf 3ea9
Jul/04/2024 13:21:15 dhcp,debug,packet  -> oro: 23 
Jul/04/2024 13:21:15 dhcp,debug,packet  -> elapsed_time: 56
Jul/04/2024 13:21:15 dhcp,debug,packet  -> rapid_commit: [empty]
Jul/04/2024 13:21:15 dhcp,debug,packet  -> ia_pd: 
Jul/04/2024 13:21:15 dhcp,debug,packet    t1: 0
Jul/04/2024 13:21:15 dhcp,debug,packet    t2: 0
Jul/04/2024 13:21:15 dhcp,debug,packet    id: 0x2
Jul/04/2024 13:21:15 dhcp,debug processing client:005056bf3ea9 iapd:0x2
Jul/04/2024 13:21:15 dhcp,debug binding belongs to other server: 005056bf3ea9 xxxx:xxxx:3:3002::/64
Jul/04/2024 13:21:15 dhcp,debug binding not updated
Jul/04/2024 13:21:15 dhcp,debug,packet send <pppoe-user3> -> fe80::93bf:dd60:0:2%8
Jul/04/2024 13:21:15 dhcp,debug,packet type: reply
Jul/04/2024 13:21:15 dhcp,debug,packet transaction-id: 3b7d34
Jul/04/2024 13:21:15 dhcp,debug,packet  -> clientid:   00030001 005056bf 3ea9
Jul/04/2024 13:21:15 dhcp,debug,packet  -> serverid:   00030001 005056bf 358d
Jul/04/2024 13:21:15 dhcp,debug,packet  -> rapid_commit: [empty]
Jul/04/2024 13:21:15 dhcp,debug,packet  -> dns_servers: 
Jul/04/2024 13:21:15 dhcp,debug,packet     xxxx:xxxx:0:10::10
Jul/04/2024 13:21:15 dhcp,debug,packet     xxxx:xxxx:0:10::11
Jul/04/2024 13:21:15 dhcp,debug,packet  -> ia_pd: 
Jul/04/2024 13:21:15 dhcp,debug,packet    t1: 43200
Jul/04/2024 13:21:15 dhcp,debug,packet    t2: 69120
Jul/04/2024 13:21:15 dhcp,debug,packet    id: 0x2
Jul/04/2024 13:21:15 dhcp,debug,packet   -> ia_prefix: 
Jul/04/2024 13:21:15 dhcp,debug,packet     prefix: xxxx:xxxx:3:3002::/64
Jul/04/2024 13:21:15 dhcp,debug,packet     valid time: 0
Jul/04/2024 13:21:15 dhcp,debug,packet     pref. time: 0
PPPoE Client
Jul/04/2024 13:27:03 dhcp,debug,packet send pppoe-out1 -> ff02::1:2%8
Jul/04/2024 13:27:03 dhcp,debug,packet type: solicit
Jul/04/2024 13:27:03 dhcp,debug,packet transaction-id: e50e97
Jul/04/2024 13:27:03 dhcp,debug,packet  -> clientid:   00030001 005056bf 3ea9
Jul/04/2024 13:27:03 dhcp,debug,packet  -> oro: 23 
Jul/04/2024 13:27:03 dhcp,debug,packet  -> elapsed_time: 15
Jul/04/2024 13:27:03 dhcp,debug,packet  -> rapid_commit: [empty]
Jul/04/2024 13:27:03 dhcp,debug,packet  -> ia_pd: 
Jul/04/2024 13:27:03 dhcp,debug,packet    t1: 0
Jul/04/2024 13:27:03 dhcp,debug,packet    t2: 0
Jul/04/2024 13:27:03 dhcp,debug,packet    id: 0x2
Jul/04/2024 13:27:03 dhcp,debug,packet recv client: pppoe-out1 fe80::e129:567d:f0:1 -> fe80::93bf:dd60:0:2
Jul/04/2024 13:27:03 dhcp,debug,packet type: reply
Jul/04/2024 13:27:03 dhcp,debug,packet transaction-id: e50e97
Jul/04/2024 13:27:03 dhcp,debug,packet  -> clientid:   00030001 005056bf 3ea9
Jul/04/2024 13:27:03 dhcp,debug,packet  -> serverid:   00030001 005056bf 358d
Jul/04/2024 13:27:03 dhcp,debug,packet  -> rapid_commit: [empty]
Jul/04/2024 13:27:03 dhcp,debug,packet  -> dns_servers: 
Jul/04/2024 13:27:03 dhcp,debug,packet     xxxx:xxxx:0:10::10
Jul/04/2024 13:27:03 dhcp,debug,packet     xxxx:xxxx:0:10::11
Jul/04/2024 13:27:03 dhcp,debug,packet  -> ia_pd: 
Jul/04/2024 13:27:03 dhcp,debug,packet    t1: 43200
Jul/04/2024 13:27:03 dhcp,debug,packet    t2: 69120
Jul/04/2024 13:27:03 dhcp,debug,packet    id: 0x2
Jul/04/2024 13:27:03 dhcp,debug,packet   -> ia_prefix: 
Jul/04/2024 13:27:03 dhcp,debug,packet     prefix: xxxx:xxxx:3:3002::/64
Jul/04/2024 13:27:03 dhcp,debug,packet     valid time: 0
Jul/04/2024 13:27:03 dhcp,debug,packet     pref. time: 0
Jul/04/2024 13:27:03 dhcp,debug handle reply
Jul/04/2024 13:27:03 dhcp,debug ia_pd xxxx:xxxx:3:3002:: expired- ignore
Jul/04/2024 13:27:03 dhcp,error no valid addreses received from the server
 
rpingar
Long time Member
Long time Member
Posts: 593
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.16beta [testing] is released!

Thu Jul 04, 2024 2:15 pm

on ccr2216 and large bgp enviroment with l3hw enabled for ipv4 and ipv6, we got Kernel failure with 7.16beta3:
- router was rebooted without proper shutdown, probably kernel failure
- kernel failure in previous boot

sup-135376 updated with the autosupout
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Fri Jul 05, 2024 5:17 am

Anyone else unable to get interface assigned IPv6 addresses from pools in 7.16 (running beta4 now, no change)?

Mine just says "couldn't add new IPv6 address already have such address (6)".

Here's the base config which has been working for ages. This gets a prefix, then assigns the outside interface an IPv6 Global address:
/ipv6 settings set accept-redirects=no accept-router-advertisements=no max-neighbor-entries=2048
/ipv6 dhcp-client add add-default-route=yes interface=ether2-NBN pool-name=launtel rapid-commit=no request=prefix use-peer-dns=no
/ipv6 address add advertise=no from-pool=launtel interface=ether2-NBN
Here is the command and result in the CLI when I try to add an address to an internal interface. This used to work:
/ipv6/address> add from-pool=launtel interface=IoT advertise=yes
failure: already have such address
These are the interfaces and addresses as they stand right now:
/ipv6/address> print
Flags: D - DYNAMIC; G - GLOBAL, L - LINK-LOCAL
Columns: ADDRESS, FROM-POOL, INTERFACE, ADVERTISE
#    ADDRESS                       FROM-POOL  INTERFACE      ADVERTISE
0 DL fe80::54cb:5f35:591a:9f0e/64             wireguard-vpn  no
1 D  ::1/128                                  lo             no
2 DL fe80::1afd:74ff:fe78:48c6/64             Security       no
3 DL fe80::1afd:74ff:fe78:48c6/64             bridge         no
4 DL fe80::1afd:74ff:fe78:48c6/64             IoT            no
5 DL fe80::1afd:74ff:fe78:48c7/64             ether2-NBN     no
6  G 2404:e80:XXXX::/64            launtel    ether2-NBN     no
This is the DHCP and prefix info:
/ipv6 dhcp-client
add add-default-route=yes interface=ether2-NBN pool-name=launtel request=prefix use-peer-dns=no

/ipv6/dhcp-client> print
Columns: INTERFACE, STATUS, REQUEST, PREFIX
# INTERFACE   STATUS  REQUEST  PREFIX
0 ether2-NBN  bound   prefix   2404:e80:XXXX::/48, 23h59m39s

/ipv6/pool> print
Flags: D - DYNAMIC
Columns: NAME, PREFIX, PREFIX-LENGTH, EXPIRES-AFTER
#   NAME     PREFIX              PREFIX-LENGTH  EXPIRES-AFTER
0 D launtel  2404:e80:XXXX::/48             64  23h59m20s
 
pfturner
newbie
Posts: 35
Joined: Fri Jun 09, 2023 4:31 pm

Re: v7.16beta [testing] is released!

Fri Jul 05, 2024 9:34 am

I’m not sure if your IPv6 issue is the same as mine, but before the 7.16beta my VLANs were automatically detected and assigned prefixes from the pool. Now I have to manually create the ipv6 addresses using the Bridge dynamic assignment as a guide, copying the address and changing the prefix slightly for each VLAN. Then the pool kicks in and routes and the rest get created dynamically.
 
nonolk
newbie
Posts: 26
Joined: Fri Jun 11, 2021 4:56 pm

Re: v7.16beta [testing] is released!

Fri Jul 05, 2024 9:50 am

@Kaldek, I'm facing the same as you. I rolled back to 7.15.2 for now, everything else (FWD with DOH was working fine, Capsman...) was working fine.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.16beta [testing] is released!

Fri Jul 05, 2024 10:02 am

Let me check my crystal ball:
What's new in 7.91beta3 (2030-Jul-25 15:47):

*) log - logging now partially following rfc 5424 standard;
😋
With close to 7 years since my first post, I guess we are closer to version 18 before some gets done.
For people working with more high end/larger network solutions, logging are important to get the maximum out of their networks.
So I do still hope some gets done.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Fri Jul 05, 2024 11:11 am

Aside of that rfc, I am also still hoping that at some point the assignment of topics will be cleaned up, there will be a unique "topic" for every message (a numeric code), and the "level" of the message (critical/debug/info/warning/error) would occur in each message only once and as the first topic.
Furthermore, it would be nice when logging rules could include a matching regexp on the message content.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Fri Jul 05, 2024 12:11 pm

Indeed, this weird "multi-logging" is very unique to ROS. Once I enabled "wifi,debug" then some log-messages from "wifi,info" occur as well on "wifi,debug" which bloats the log unnecessarily. Never seen such kind of logging on any other software. It's either one of those. And a message that is already output on info, should not repeat on debug level. Looks like logging levels are not hierarchical. debug logging does not include info/warn implicitly.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Fri Jul 05, 2024 1:47 pm

I think you are mistaken. It works like you described it should work.
Only problem is some messages have topics from different levels (e.g. info and debug appear in the same message), and topic is not enough to filter one unique message because different messages are sent with the same set of topics.
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Sat Jul 06, 2024 7:09 am

Now I have to manually create the ipv6 addresses using the Bridge dynamic assignment as a guide, copying the address and changing the prefix slightly for each VLAN. Then the pool kicks in and routes and the rest get created dynamically.
I'm not sure what you mean, can you explain this in more detail? I don't mind hacking things a bit to get IPv6 functionality back while Mikrotik works the problem.
 
pfturner
newbie
Posts: 35
Joined: Fri Jun 09, 2023 4:31 pm

Re: v7.16beta [testing] is released!

Sat Jul 06, 2024 10:54 am

After the upgrade I only had a global address showing for my Bridge - not my VLANs also. I copied the Bridge global address and changed the interface to my first VLAN interface and changed the global address in the 8 bits I have to work with in the /56 I am provided from 00 to 10 (for example for VLAN10). Saved the new global address.

I then saw that I had a route created, the VLAN now shows up in /IPV6/ND/Prefix…

It has been stable. I repeated the process for my other VLANs where I want IPV6.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.16beta [testing] is released!

Sat Jul 06, 2024 12:48 pm

Aside of that rfc, I am also still hoping that at some point the assignment of topics will be cleaned up, there will be a unique "topic" for every message (a numeric code), and the "level" of the message (critical/debug/info/warning/error) would occur in each message only once and as the first topic.
Furthermore, it would be nice when logging rules could include a matching regexp on the message content.
It would also be nice to be able to log stuff per IPsec tunnel, or per BGP Peer, etc.
As it is now, if you have 20-30 IPsec tunnels and turn on debugging because you have an issue with one single tunnel, good luck finding any useful logs in that sea of log entries.
Same with BGP when you have 20-30 BGP peers and you have an issue with one specific peer. Debug logging shows tons of unrelated (to the peer you care about) log entries, making it unusable.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Sat Jul 06, 2024 12:53 pm

Yes, that would often (but not always) be solved by having regexp matching on the message content, which I proposed as well.
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Sun Jul 07, 2024 3:00 am

After the upgrade I only had a global address showing for my Bridge - not my VLANs also. I copied the Bridge global address and changed the interface to my first VLAN interface and changed the global address in the 8 bits I have to work with in the /56 I am provided from 00 to 10 (for example for VLAN10). Saved the new global address.

I then saw that I had a route created, the VLAN now shows up in /IPV6/ND/Prefix…

It has been stable. I repeated the process for my other VLANs where I want IPV6.
Yeah this is not stable for me at all. There are IPv6 addresses assigned to interfaces on the router which are invisible to ROS. If you tinkered with your settings and tried to re-add them I suspect it would give you the errors I'm getting.

I know this because I had no DHCP client set up, no pools, no addressess assigned, and yet I was still seeing Router Advertisements from the router for the Global Address prefix that had was *previously* assigned before I removed it.

Ergo, IPv6 is way borked in 7.16beta4.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.16beta [testing] is released!

Sun Jul 07, 2024 1:49 pm

Yes, that would often (but not always) be solved by having regexp matching on the message content, which I proposed as well.
Unless the logs change to include some unique string, number, whatever, per BGP peer or per IPsec tunnel or per anything, regex won't really work.

I don't like the idea of regex. It will be another nail in the coffin of Winbox usability (as has happened with routing filters, with ip>routes gateway dropdown interface, etc).

Regex is something you will/can do outside ROS, after you capture a log. But for it to work there should be proper logging with unique ids/string/whatever so you can differentiate between stuff.

Besides, we already have regex support when printing the log in the terminal.
 
bommi
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Fri Jan 24, 2014 9:13 am
Location: Germany
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 08, 2024 12:03 am

I would like to see enhancements in the ipsec area like:

IPSec VTI
DH-Group 32
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Mon Jul 08, 2024 4:20 am

Ergo, IPv6 is way borked in 7.16beta4.
I have to pull back from this statement until I do further testing. My ISP also changed the way they issue default routes for IPv6 and so I now I don't know if the core issue was 7.16beta4 or the ISP change.

This particular ISP now requires that IPv6 DHCP and routes are handled like so:
/ipv6 settings set accept-redirects=no accept-router-advertisements=yes
/ipv6 dhcp-client add interface=ether2-NBN pool-name=launtel request=prefix
The change is that the DHCP-client no longer adds a default route, and the router waits for an RA before adding it. I will test this with 7.16beta4 and reply here with results.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 08, 2024 9:11 am


Unless the logs change to include some unique string, number, whatever, per BGP peer or per IPsec tunnel or per anything, regex won't really work.
Have you seen v7 BGP logs? What else is required to differentiate between BGP sessions apart from already logged session name, local/remote address ?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Mon Jul 08, 2024 11:19 am

BGP logs are now much better! At first they were completely useless, because instead of providing useful session info they logged a pointer address. But that has been improved, great!
But for IPsec that is not the case. There still are IPsec error messages like "payload missing: SA" without even mentioning the IP address that sent the message with missing payload.
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Mon Jul 08, 2024 4:33 pm

Ergo, IPv6 is way borked in 7.16beta4.
I have to pull back from this statement until I do further testing. My ISP also changed the way they issue default routes for IPv6 and so I now I don't know if the core issue was 7.16beta4 or the ISP change.

This particular ISP now requires that IPv6 DHCP and routes are handled like so:
/ipv6 settings set accept-redirects=no accept-router-advertisements=yes
/ipv6 dhcp-client add interface=ether2-NBN pool-name=launtel request=prefix
The change is that the DHCP-client no longer adds a default route, and the router waits for an RA before adding it. I will test this with 7.16beta4 and reply here with results.
You mean the ISP router waits for RA from your Mikrotik?

Another thing to lookup/verify is if your ISP actually sends you a public nexthop to be used as gateway for your Mikrotik or if they rely on linklocal address instead (which lately seems to have become a thing among ISP's)?
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1160
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.16beta [testing] is released!

Tue Jul 09, 2024 1:18 am


Unless the logs change to include some unique string, number, whatever, per BGP peer or per IPsec tunnel or per anything, regex won't really work.
Have you seen v7 BGP logs? What else is required to differentiate between BGP sessions apart from already logged session name, local/remote address ?
BGP was just an example, albeit out of date apparently since it just so happens that I didn't have to enable bgp debugging during the last few versions that it got improved, so I didn't notice... Great improvement obviously! :D

Please give the same love to IPsec, PPP, and all other areas :)
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Tue Jul 09, 2024 4:46 am

You mean the ISP router waits for RA from your Mikrotik?

Another thing to lookup/verify is if your ISP actually sends you a public nexthop to be used as gateway for your Mikrotik or if they rely on linklocal address instead (which lately seems to have become a thing among ISP's)?
No, what happens with the config I posted is that, irrespective of DHCP, the ISP regularly sends RA packets that announce the next hop router and default route. The DHCP client in ROS just requests a prefix, which can then be used to assign addresses from the prefix pool that is created.

The next hop gateway is indeed a link local address. It was always a link local address previously, but it was being issued as part of the DHCP response.
 
Sob
Forum Guru
Forum Guru
Posts: 9188
Joined: Mon Apr 20, 2009 9:11 pm

Re: v7.16beta [testing] is released!

Tue Jul 09, 2024 4:59 am

The next hop gateway is indeed a link local address. It was always a link local address previously, but it was being issued as part of the DHCP response.
Nope. It may sound weird, but DHCPv6 does not have ability to add default route. The option in RouterOS to do so is MikroTik's non-standard hack, it simply uses link-local address of DHCPv6 server as gateway. Which works only when DHCPv6 server is the same machine (uses same link-local address) as gateway, but there's no guarantee that it's always going to be that way. And if not, this hack fails.
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Tue Jul 09, 2024 8:29 pm

You mean the ISP router waits for RA from your Mikrotik?

Another thing to lookup/verify is if your ISP actually sends you a public nexthop to be used as gateway for your Mikrotik or if they rely on linklocal address instead (which lately seems to have become a thing among ISP's)?
No, what happens with the config I posted is that, irrespective of DHCP, the ISP regularly sends RA packets that announce the next hop router and default route. The DHCP client in ROS just requests a prefix, which can then be used to assign addresses from the prefix pool that is created.

The next hop gateway is indeed a link local address. It was always a link local address previously, but it was being issued as part of the DHCP response.
In that case use tcpdump and/or wireshark to find out how the ISP RA's are actually configured.

There are a couple of flags sent through RA.

The M-flag means the network is managed in other words you must use a DHCPv6-client to get the IP and not set the IP yourself based on RA information.

The O-flags means that you can use DHCPv6-client to get other information such as which DNS-resolvers to use.

And there are a few more.

So if the RA sent by your ISP does not have the M-flag set in their RA's then the Mikrotik is behaving correctly only requesting PD (prefix delegation) through its DHCPv6-client, IP and gateway is set by SLAAC (based on RA information).

But if the M-flag is set then the Mikrotik is misbehaving because set M-flag means that the client is expected to use its DHCPv6-client to request which IPv6 it should use and gateway to route through.
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Wed Jul 10, 2024 4:35 am


The O-flags means that you can use DHCPv6-client to get other information such as which DNS-resolvers to use.

But if the M-flag is set then the Mikrotik is misbehaving because set M-flag means that the client is expected to use its DHCPv6-client to request which IPv6 it should use and gateway to route through.
Confirmed via packet capture it's using the O flag, so the behaviour is valid.
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Wed Jul 10, 2024 4:39 am

It may sound weird, but DHCPv6 does not have ability to add default route. The option in RouterOS to do so is MikroTik's non-standard hack, it simply uses link-local address of DHCPv6 server as gateway. Which works only when DHCPv6 server is the same machine (uses same link-local address) as gateway, but there's no guarantee that it's always going to be that way. And if not, this hack fails.
Yikes. Thanks for that information; it explains why my ISP's change broke Mikrotik, but it probably fixed issues with a bunch of other vendors used by customers.

I did get a message from the ISP though saying that the change was they moved DHCP, which explains why it was working before when the DHCP server was the same link local address as the next hop.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Wed Jul 10, 2024 11:20 am

Unfortunately the whole address and route assignment in IPv6 (partly through RA and partly with DHCPv6) is a big mess.
This has been a major mistake in IPv6's design, and they should have abandoned it and go back to the DHCP method which always worked well. The "stateless" assignment caused many issues, and all the workarounds for the mistakes have made it only worse.
I feel with you and the ISP. Fortunately for me, over here the ISPs use PPPoE and thus we do not have this problem.
(there is no "default gateway", the ::/0 route just points to the PPPoE client interface without any IPv6 address of a gateway)
DHCPv6 is only used to request a block of prefixes to assign to the local networks.
 
nellson
newbie
Posts: 29
Joined: Wed Nov 06, 2019 9:10 am

Re: v7.16beta [testing] is released!

Sun Jul 14, 2024 8:42 pm

Just did a test with mDNS on two different vLANs, and it does not work with Netflix. It works with Chrome, Youtube, Viaplay, Etc.
Any idea why this does not work with Netflix?
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Mon Jul 15, 2024 7:27 am

Just did a test with mDNS on two different vLANs, and it does not work with Netflix. It works with Chrome, Youtube, Viaplay, Etc.
Any idea why this does not work with Netflix?
I have multiple devices which support Chromecast, but Netflix refuses to cast to most of them regardless of whether they're in the same subnet, or across VLANs and announced via mDNS. Netflix is very picky, and I can't tell you why.

Devices that work with YouTube (with mDNS or not) but don't appear for Netflix include my Nvidia Shields, and my Pixel Tablet.

Currently I'm back on 7.15.2 and using a Raspberry Pi with Avahi daemon, and have the same problem. It's not Mikrotik.
 
SMARTNETTT
just joined
Posts: 22
Joined: Mon Feb 11, 2019 9:07 pm

Re: v7.16beta [testing] is released!

Mon Jul 15, 2024 7:59 am

The DNS cache does not flush, it stays in the ram memory on x86
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.16beta [testing] is released!

Mon Jul 15, 2024 11:03 am

The DNS cache does not flush, it stays in the ram memory on x86
Are you sure it's not flushing, my cache became overwhelmed @9 days, that might explain this.....
viewtopic.php?t=209252
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 16, 2024 8:10 pm

Indeed there is a problem obtaining IPv6 addresses from pool.
I have this in the config:
/ipv6 address
add address=::2 from-pool=v6prefix interface=bridge.vlan62
add address=::2 from-pool=v6prefix interface=bridge.vlan64
The second address silently disappeared. When I try to re-add it, it says "already have such address".
Yes sure the suggested address is the same, but it is supposed to fetch another prefix from the pool and add an address using that prefix.
Sure I would like to specify which prefix, but it has never been possible in RouterOS.
So why is it now not possible to add the address from the pool?
After tinkering a bit and trying some different values in ::2 and deleting them, it suddenly is possible to add ::2 again.
Please:
- fix this bug
- add some capability to hint a prefix to be requested from the pool, e.g. ::1:0:0:0:2
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Tue Jul 16, 2024 8:52 pm

Will the same happen if you do something like this instead?

/ipv6 address
add address=::2 from-pool=v6prefix interface=bridge.vlan62
add address=::3 from-pool=v6prefix interface=bridge.vlan64
 
zhazell
just joined
Posts: 5
Joined: Tue May 03, 2022 11:52 pm

Re: v7.16beta [testing] is released!

Tue Jul 16, 2024 9:28 pm

Do recursive route no longer show up red when they are unavailable and inactive? Previous releases (can't remember how long ago), but they would show red when they were not active. Closing the route window and opening it back up does not change it.
Screenshot 2024-07-16 at 11.24.42 AM.png
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 16, 2024 9:31 pm

Will the same happen if you do something like this instead?
Maybe not. At the moment I can not test that.
But it would still be a bug!
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 16, 2024 9:33 pm

Do recursive route no longer show up red when they are unavailable and inactive?
You are doing that wrong! You should have the /32 routes with "ping" check and the recursive 0.0.0.0/0 routes without "ping".
 
zhazell
just joined
Posts: 5
Joined: Tue May 03, 2022 11:52 pm

Re: v7.16beta [testing] is released!

Wed Jul 17, 2024 12:31 am

Do recursive route no longer show up red when they are unavailable and inactive?
You are doing that wrong! You should have the /32 routes with "ping" check and the recursive 0.0.0.0/0 routes without "ping".
I've tried both ways, but this way actually let's me have two DNS checks for each WAN route. I've tested it thoroughly. If 1.1.1.1 is unreachable, but 208.67.220.220 is, it keeps the route for WAN1 active. Only if both are unreachable, does it disable the 0.0.0.0/0 route for WAN1.

Same thing for WAN2, it has 2 DNS server checks: 1.0.0.1 and 208.67.222.222.

I realized my screenshot doesn't show all the routes. See below.
Screenshot 2024-07-16 at 2.28.22 PM.png
You do not have the required permissions to view the files attached to this post.
 
zhazell
just joined
Posts: 5
Joined: Tue May 03, 2022 11:52 pm

Re: v7.16beta [testing] is released!

Wed Jul 17, 2024 12:38 am

Here is another example, more simple. WAN1 is disconnected and the 0.0.0.0/0 route with distance 1 is Unavailable and Inactive, however it does not show red or any clear indication that it's not the active route.

0.0.0.0/0 with distance 2 (WAN2) is the active one.
Screenshot 2024-07-16 at 2.37.31 PM.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 203
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.16beta [testing] is released!

Wed Jul 17, 2024 1:02 am

have you hit F5 or closed / reopened the ip/route window? The routing table doesn't get updated in realtime anymore since the release of ROS7. It's incredibly annoying, for all non-bgp users with less than <1000 routes in the routing table.
 
zhazell
just joined
Posts: 5
Joined: Tue May 03, 2022 11:52 pm

Re: v7.16beta [testing] is released!

Wed Jul 17, 2024 1:04 am

have you hit F5 or closed / reopened the ip/route window? The routing table doesn't get updated in realtime anymore since the release of ROS7. It's incredibly annoying, for all non-bgp users with less than <1000 routes in the routing table.
Yes, I've tried closing the route window, opening it back up, closing Winbox, opening it back up. It doesn't refresh nor show red anymore. I've also tried on Webfig, but it shows the same as Winbox.
Screenshot 2024-07-16 at 3.05.45 PM.png

It will show blue if WAN2 is up, but WAN1 is active (as WAN2 has a higher distance).
Screenshot 2024-07-16 at 3.07.39 PM.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 203
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.16beta [testing] is released!

Wed Jul 17, 2024 1:23 am

It's not turning red for me either, but the failover works.
But, I agree, if you‘re used to have non-working routes marked red, it can be confusing. Don‘t know if this change is intended or a bug, it has definitely worked in earlier versions of ROS7.
 
S8T8
Member Candidate
Member Candidate
Posts: 127
Joined: Thu Sep 15, 2022 7:15 pm

Re: v7.16beta [testing] is released!

Thu Jul 18, 2024 1:16 am

From v7.15 the "sanitize-names" option was implemented, there is or will be an option to :convert to/transform=sanitize-names ?
 
PortalNET
Member Candidate
Member Candidate
Posts: 153
Joined: Sun Apr 02, 2017 7:24 pm

Re: v7.16beta [testing] is released!

Thu Jul 18, 2024 11:50 pm

RouterOS version 7.16beta4

hi guys testing this version with BCM57840 quadport sfp+ it crashes mikrotik keeps rebooting server...

it was supposed to have the missing PCI IDs to bnx2x driver added.. but somehow is crashing server.. if i downgrade for 7.15stable.. it does not crash server.. but ofcourse no support because of missing missing PCI IDs to bnx2x driver.
 
gfunkdave
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Tue Jan 09, 2018 12:05 am

Re: v7.16beta [testing] is released!

Tue Jul 23, 2024 5:20 pm

Curious what the status of this version is. It has been out for a few weeks and nobody has posted about it in almost a week.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.16beta [testing] is released!

Wed Jul 24, 2024 2:25 am

Indeed there is a problem obtaining IPv6 addresses from pool.
I have this in the config:
/ipv6 address
add address=::2 from-pool=v6prefix interface=bridge.vlan62
add address=::2 from-pool=v6prefix interface=bridge.vlan64
The second address silently disappeared. When I try to re-add it, it says "already have such address".
Yes sure the suggested address is the same, but it is supposed to fetch another prefix from the pool and add an address using that prefix.
It looks like every address defined this way would be picked up as different prefix if it was defined as ::2/64 instead of ::2 which is identified as single address i.e. ::2/128. It might be that automatic picking from pool does not work as expected if address is not defined as /64. Maybe this is the problem?
 
ech1965
newbie
Posts: 37
Joined: Wed Mar 20, 2019 3:53 pm

Re: v7.16beta [testing] is released!

Wed Jul 24, 2024 5:47 am

/ipv6 address
add address=::2 from-pool=v6prefix interface=bridge.vlan62
add address=::2 from-pool=v6prefix interface=bridge.vlan64
The second address silently disappeared. When I try to re-add it, it says "already have such address".
Yes sure the suggested address is the same, but it is supposed to fetch another prefix from the pool and add an address using that prefix.
Sure I would like to specify which prefix, but it has never been possible in RouterOS.
"Sure I would like to specify which prefix," --> check the prefix-length of your pool definition
https://help.mikrotik.com/docs/display/ROS/IP+Pools
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Wed Jul 24, 2024 12:48 pm

"Sure I would like to specify which prefix," --> check the prefix-length of your pool definition
https://help.mikrotik.com/docs/display/ROS/IP+Pools
What I mean is not to set the prefix length, it is 64 which is fine.
What I mean is when I have different interfaces each with a different prefix from the pool, I want to configure which prefix goes to which interface.
E.g. we get a /48 here from the provider, so the pool has aaaa:bbbb:cccc::/48 and when I configure ::2 for an interface it will get aaaa:bbbb:cccc:0::2/64 and the next one will get aaaa:bbbb:cccc:1::2/64.
But it is not really clear which interface will get what prefix, and it can change e.g. when an interface is brought down/up it will get aaaa:bbbb:cccc:2::2/64 for example.
The only way to set it back to aaaa:bbbb:cccc:0::2/64 in that case is to release and renew the DHCPv6 prefix request, which will empty and re-fill the pool, and make all interfaces re-allocate their address.

It would be nice when there was more control.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.16beta [testing] is released!

Wed Jul 24, 2024 2:00 pm

Yes if you have multiple interfaces to assign prefix from the pool, then they will get prefixes in order that is hard to understand - but it seems to be in same order every time (if all interfaces are enabled).

One other annoyance - ND/Prefix menu does not show deprecated prefixes which are still being advertised.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Wed Jul 24, 2024 2:44 pm

It seems to be the same yes, but that is just luck and it already fails when interfaces go down/up. And unfortunately interfaces already go down/up when you change some of the settings (e.g. IPv4 ARP mode)...
Not only does the system not show the deprecated prefixes, there also is no time limit on announcing them. IMHO they should stop announcing deprecated prefixes after their original "Valid lifetime" has ended (from when they were last announced as valid).
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.16beta [testing] is released!

Wed Jul 24, 2024 3:59 pm

Yes that is other big problem - if you are given /56 then you can afford only up to 255 down/up events until prefix pool is exhausted and then you obviously are forced to reboot to mitigate the problem.

Shouldn't deprecated prefixes be removed from advertisements when their lifetime expires according to lifetime defaults set in ND/Prefix/Defaults so after 30 days at most if these values are at their defaults ("preferred" 7 days and "valid" 30 days)? If that is not honored then we have significantly bigger problem here...
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Wed Jul 24, 2024 4:50 pm

I have the "Valid lifetime" set to 1d 00:00:00 on my routers and I know for sure that it is advertising deprecated prefixes until reboot.
The deprecated prefixes were still announced weeks later when I tested that.
W.r.t. exhausting the pool, as I wrote above, you can work around that by refreshing the pool (in my case: release the DHCPv6 client lease). Still that can have impact on other interfaces.
I would prefer to be able to set a prefix hint in the interface address assignment, i.e., not only specify the local part of the address but also the preferred subnet in the global prefix.
 
latohe
just joined
Posts: 1
Joined: Fri Jul 14, 2023 10:17 pm

Re: v7.16beta [testing] is released!

Thu Jul 25, 2024 1:04 pm

DNS Adlist failed on hap ax lite every 2 days. Here is conf:
/ip dns
set allow-remote-requests=yes cache-size=51200KiB use-doh-server=https://one.one.one.one/dns-query \
    verify-doh-cert=yes
/ip dns adlist
add url=https://cdn.jsdelivr.net/gh/tarampampam/mikrotik-hosts-parser@master/.hosts/basic.txt
add url=https://raw.githubusercontent.com/What-Zit-Tooya/Ad-Block/main/Main-Blocklist/Ad-Block-HOSTS.txt
add url=https://justdomains.github.io/blocklists/lists/easyprivacy-justdomains.txt
add url=https://justdomains.github.io/blocklists/lists/easylist-justdomains.txt
add url=https://justdomains.github.io/blocklists/lists/adguarddns-justdomains.txt
add url=https://justdomains.github.io/blocklists/lists/nocoin-justdomains.txt
add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
add url=https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
add url=https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/native.winoffice.txt
add url="https://pgl.yoyo.org/adservers/serverlist.php\?hostformat=hosts&showintro=0&mimetype=plaintext"
add url=https://adaway.org/hosts.txt
All this eats up about 26MB of memory. Total free memory after boot (and updating all the adlists) is 40 MB. But time to time router says "cache full, not storing" until rebooted. It seems it doesn't clear the DNS cache before updating the adlist.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.16beta [testing] is released!

Thu Jul 25, 2024 2:45 pm

I have the "Valid lifetime" set to 1d 00:00:00 on my routers and I know for sure that it is advertising deprecated prefixes until reboot.
The deprecated prefixes were still announced weeks later when I tested that.
W.r.t. exhausting the pool, as I wrote above, you can work around that by refreshing the pool (in my case: release the DHCPv6 client lease). Still that can have impact on other interfaces.
I would prefer to be able to set a prefix hint in the interface address assignment, i.e., not only specify the local part of the address but also the preferred subnet in the global prefix.
That is true. Releasing PD lease should be possible to do with a script. If even valid lifetime is not honoured then this is a problem as well. They should be gone after valid lifetime (maximum possible lifetime) is expired.
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 10:15 am

What's new in 7.16beta7 (2024-Jul-25 12:55):

*) 6to4 - improved system stability when using 6to4 tunnel without specified remote-address;
*) 6to4 - make "remote-address" parameter not-mandatory (introduced in v7.16beta3);
*) arm64 - fixed "disable-running-check" for ARM64 UEFI;
*) arp - fixed possible issue with invalid entries;
*) bridge - added dynamic tagged entry when VLAN interface is created on vlan-filtering bridge (additional fixes);
*) bridge - added L2 MDB support for IGMP snooping (additional fixes);
*) bridge - fixed MVRP leave;
*) bridge - fixed port "point-to-point" status after first link change;
*) bth - improved stability on system time change;
*) console - added "about" filters for "find" and "print where" commands;
*) console - increased default width for bitrate type of columns;
*) dhcp - improved DHCP IPv4 and IPv6 client/relay/server underlying interface state change handling;
*) dhcpv4-server - remove corresponding dynamic leases if their address-pool gets removed;
*) discovery - added discover-interval setting (additional fixes);
*) discovery - added LLDP Port VLAN ID, Port And Protocol VLAN ID, VLAN Name TLVs support (additional fixes);
*) discovery - added LLDP-MED timeout (additional fixes);
*) discovery - changed default discover-interval setting from 60s to 30s;
*) disk - remove dummy "slot1" entries on CHR;
*) dns - added support for DoH with adlist (additional fixes);
*) dns - added support for mDNS proxy;
*) dns - fixed memory leak caused by DoH service (introduced in v7.16beta3);
*) dns - improved imported adlist parsing;
*) dns - match NXDOMAIN static entry only if other type entries for the same name are not found;
*) dns - refactored adlist service internal processes and improved logging;
*) dns - show static entry type "A" field in console;
*) ethernet - improved system stability for Alpine CPUs when dealing with unexpected non-UDP/TCP packet transmit;
*) file - renamed "creation-time" to "last-modified";
*) filesystem - improved boot speed after device is rebooted without proper shutdown (additional fixes);
*) filesystem - refactored internal processes to minimize sector writes (additional fixes);
*) iot - fixed incorrect LoRa filter export behavior;
*) iot - fixed LoRa inability to set SSL for LoRa servers via command line;
*) ipsec - improved installed SA statistics update;
*) ipsec - improved performance by balancing multicore CPU usage for key exchange calculation;
*) ipv6 - fixed pool allocated addresses missing after reboot (additional fixes);
*) ipv6 - improved handling of IPv6 address information;
*) ipv6 - improved LL address generation process (additional fixes);
*) leds - fixed rgb LED blink (introduced in v7.16beta1);
*) lte - fixed possible crash when enabling/disabling config-less modem interface;
*) lte - improved modem AT/modem port open;
*) lte - improvements to "/interface/lte/show-capabilities" command (additional fixes);
*) modem - fixed cases where USB bus could switch places (introduced in v7.16beta1) (additional fixes);
*) modem - improved support for KNOT BG77 modem firmware update (additional fixes);
*) poe-out - fixed incorrect port mapping on CRS354-48P-4S+2Q+ device (introduced in v7.16beta1);
*) ppp - added SIM hot-plug enable command to default init-string for KNOT and CME gateway;
*) ppp - fixed PPP info parser showing error for BG77 modem running on KNOT AUX AT/modem port;
*) qos-hw - added queue-buffers property to tx-manager (additional fixes);
*) qos-hw - fixed egress-rate limit validation;
*) qos-hw - fixed WRED thresholds;
*) qos-hw - improved behavior when changing ports tx-manger;
*) rose-storage - renamed sync "remote-addr" property to "remote-address";
*) route - improved route attribute handling (may increase memory usage);
*) route - improved stability when getting entries from large routing tables;
*) routerboard - improved Etherboot stability for CRS320-8P-8B-4S+ device ("/system routerboard upgrade" required);
*) sfp - fixed calculated link length based on EEPROM in certain cases (additional fixes);
*) ssh - fixed unsupported user SSH public key import (introduced in v7.15);
*) switch - fixed bonding FDB entries (introduced in v7.16beta3);
*) switch - fixed Ethernet counters after switch reset for CRS354 devices (introduced in v7.16beta1);
*) switch - improved switch reset;
*) system - added critical log message when not enough space to store new configuration;
*) system - fixed "free disk space" error message on system upgrade/downgrade;
*) system - improved internal system services messaging;
*) system - improved performance for TCP input;
*) traceroute - do not stop traceroute after 5 consecutive unreachable hops;
*) user - added inactivity timeout for non-GUI sessions (additional fixes);
*) webfig - allow to enter time that exceeds 23:59:59;
*) webfig - correctly display default value for number type;
*) webfig - enabled hotlock mode for terminal;
*) webfig - fixed an issue where wrong menu title was shown;
*) webfig - fixed sorting by datetime;
*) webfig - use "any" argument by default for Torch "Port" property;
*) wifi - added "slave-name-format";
*) wifi - added interface provisioning logs;
*) wifi - fixed packet receive when having multiple station interfaces (additional fixes);
*) wifi - improved system stability after interface hang;
*) wifi - send channel switch announcements to clients when switching channels at requested re-select intervals;
*) winbox - added "Switch/QoS" menu for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices (additional fixes);
*) winbox - added configuration settings for ROSE;
*) winbox - added extra "File System" under "Format Drive" button;
*) winbox - added missing "Default Name" property for interfaces;
*) winbox - fixed Switch menu for RB1100AHx4 device;
*) winbox - improved QR code display;
*) winbox - moved Switch menu tabs to individual menus (additional fixes);
*) winbox - properly display available address-pools for DHCPv6 server configuration;
*) winbox - renamed configurable wifi property "Tx Power" to "Max Tx Power";
*) winbox - use correct default value for "Partition Offset" property;
 
jfim88
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Tue May 07, 2024 8:57 pm

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 10:24 am

Still no fix for igmp-proxy issue SUP-152693, so waiting for it at next versions.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 10:48 am

*) file - renamed "creation-time" to "last-modified";
well, creation is not the same as modification! and never will be. What's behind this change? Wrong naming before and this is now the correct label?
*) wifi - send channel switch announcements to clients when switching channels at requested re-select intervals;
Good improvement. This should happen in any case, e.g. on DFS event the AP should also announce an alternative channel to clients. Or does this already happen?
 
User avatar
mantouboji
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Aug 01, 2022 2:21 pm
Location: Shanghai

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 10:57 am

*) dns - added support for mDNS proxy;
OK,kill a container mdns-repeater .
Works well
/ip/dns/set mdns-repeat-ifaces=bridge1,vlan1_iot
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 10:58 am

*) dns - added support for mDNS proxy;
OK,kill a container mdns-repeater .
Works well
/ip/dns/set mdns-repeat-ifaces=bridge1,vlan1_iot

Tried that when using VRFs?
 
akakua
Frequent Visitor
Frequent Visitor
Posts: 61
Joined: Mon Apr 06, 2020 4:52 pm

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 7:01 pm

In 7.16beta7 ALL (all instances in all protocols) dynamic routing and, for some reason, 6to4 tunnel breaks, when using routing filter rule with "set gw" property.
Tested on RB4011
 
User avatar
cxcool
just joined
Posts: 7
Joined: Sun May 12, 2019 5:13 am

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 7:48 pm

7.16beta7 have 2 problem ...
1 gre6 tunnel not working with old version of routeros
2 when BGP up ...don't known why , my CHR router timeout ... no crash ...seems routing table have problem .
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 9:03 pm

Hm, my device receives an address via dhcp client, but it does not set any routes... Neither default one, nor stateless ones (option 121).
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 9:56 pm

Looks like routes are there, OSPF comes up, DHCP routes are gone. 🤨
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.16beta [testing] is released!

Fri Jul 26, 2024 11:30 pm

dns/doh/adlists, the cache is auto clearing down now with a 750,000 list and the dns is much faster for responses. Thanks.
Oh I fogot to say thanks also for fixing the Channel box, only 1 now. And all wifi clients are holding steady now, Android IOS etc.
 
User avatar
CoMMyz
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Fri Dec 04, 2015 10:56 pm

Re: v7.16beta [testing] is released!

Sat Jul 27, 2024 4:04 am

7.16beta7 is causing all BGP sessions to establish and then disconnect in a loop with no error in the log. Had to rollback to stable to fix it.
 
User avatar
cxcool
just joined
Posts: 7
Joined: Sun May 12, 2019 5:13 am

Re: v7.16beta [testing] is released!

Sat Jul 27, 2024 7:03 am

7.16beta7 is causing all BGP sessions to establish and then disconnect in a loop with no error in the log. Had to rollback to stable to fix it.
same here .... using 7.15.3 or 7.16beta4 have no problem ....
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Sat Jul 27, 2024 11:09 am

Add a logging rule with topics "bgp,debug,!packet,!timer" to see what BGP is doing.
I currently have a single "testing" CHR running 7.16beta7 with a single BGP peer and it remains connected, but maybe it fails when there are multiple (I do not dare to install this version in a more complex environment now...).
I do have issues with a number of versions where disconnecting one BGP peer will disconnect them all, maybe this is a more visible version of that bug?
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Sat Jul 27, 2024 1:23 pm

This is really a sad affair only MT know what they are cooking behind the scene and release the code to the mass and hope it stick, you are the unlucky ones if the code they are messing up with broke your environment, honestly starting from 7.13 to 7.15.3 you have to have a separate semi production environment to validate the stability of each release, in our world this really cost fortune

@MT Please allow us to search and read all issues created for each stable build for us to decide whether that particular release is worth to install our environment instead of doing it by trial and error, we are using our few reserved CCR just to replicate the subset of our production environment
Last edited by loloski on Sat Jul 27, 2024 5:45 pm, edited 1 time in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Sat Jul 27, 2024 2:05 pm

Well, it has always been like "beta versions are not for testing in production environment" but lately (past 2 or 3 betas) it seems that betas are released with major issues that should have been detected by a regression test harness...
Unfortunately the change logs are too terse, and suggestions on how to make them more usable and accessible are not being taken up.
So it is always difficult to predict whether installing a beta will be OK or will be a disaster. That is not good, because fewer and fewer users will install betas on their non-critical networks outside pure test environments, and the critical bugs present in the betas will just move into the next stable.
 
ech1965
newbie
Posts: 37
Joined: Wed Mar 20, 2019 3:53 pm

Re: v7.16beta [testing] is released!

Sat Jul 27, 2024 6:15 pm

I gave up with the beta ! too risky (even in a homelab)
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Sat Jul 27, 2024 8:23 pm

it seems like "major" releases in stable branch would result in a complete disaster without public beta testing.
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 4:21 am

Confirmed IPv6 pools and SLAAC is working again in 7.16beta7.
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 7:52 am

if u want to get to the trouble, then use the new CapsMan
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 10:21 am

if u want to get to the trouble, then use the new CapsMan
Can you eleborate this? I'm onto the beta in my home environment (I know, just a small network). Haven't had any strange CAPsMAN things, at least for me it is working not any less stable than the stable version.
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 10:56 am

Does capsman + wifi-qcom-ac/wifi-qcom works with radius + 802.1x and VLAN?, aruba is so expensive for our needs but it works for us over the years, the project is few months away and it so small (10 x WIFI6 AP) and worth to take a risk and I do have enough time to do experimentation. Please could someone share their pointers if we are going to MT all the way just to jumpstart this or just to keep the ball rolling thank!

p.s I don't mean to high jack the thread! :)
 
m4rk3J
newbie
Posts: 35
Joined: Thu Jan 27, 2022 2:41 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 11:16 am

wifi-qcom-ac? No, no dynamic VLAN assignment
wifi-qcom (ax)? Yes, it should work.
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 11:27 am

wifi-qcom-ac? No, no dynamic VLAN assignment
ouch another mishap and potential savings is already lost, we got the speed we need at the expense of loosing another non optional important feature sigh...

Thanks for your reply anyway greatly appreciate it!!!
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 12:37 pm

@erlinden

i have lot of issue with that (new CapsMan) ,

The SSID sometimes it does work some time is doesn't.

Local forwarding - does not exist in the new one

In general you need to have lot of knowledge to make CapsMan works. (medium or big network)

In other vendors that has been done is few clicks, unlike in MT where we need to do a lot, just to be able to see the SSID.

If you play with the vlans (new one) , than good luck.
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 12:54 pm

just one simple.
When the interface is managed by CapsMan , when i scan with my phone there is no ssid. If i disabel CapsMan than works.
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 1:04 pm

as per the above post this is not encouraging my hopes already sunk, 802.1x + 802.1q is pretty much standard in the campus/enterprise, I'm not a native english speaker so please bare with me with the question

802.1x + 802.1q + radius (usermanager/freeradius) with wifi-qcom-ac/wifi-qcom latest and greatest driver does it work Yes/No?
802.1x + 802.1q + radius (usermanager/freeradius) with wifi-qcom-ac/wifi-qcom latest and greatest driver can this setup works with or without capsman Yes/No?
Local forwarding Yes/No?

Thanks in advance
 
whatever
Member
Member
Posts: 366
Joined: Thu Jun 21, 2018 9:29 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 1:17 pm

Local forwarding - does not exist in the new one
Of course local forwarding exists in new wifi capsman. It is the only supported forwarding mode.
 
bommi
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Fri Jan 24, 2014 9:13 am
Location: Germany
Contact:

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 1:35 pm

as per the above post this is not encouraging my hopes already sunk, 802.1x + 802.1q is pretty much standard in the campus/enterprise, I'm not a native english speaker so please bare with me with the question

802.1x + 802.1q + radius (usermanager/freeradius) with wifi-qcom-ac/wifi-qcom latest and greatest driver does it work Yes/No?
802.1x + 802.1q + radius (usermanager/freeradius) with wifi-qcom-ac/wifi-qcom latest and greatest driver can this setup works with or without capsman Yes/No?
Local forwarding Yes/No?

Thanks in advance
This is the setup I use at home:
hex S / RB760iGS as CAPsMAN + UserManager
3 cAP ax as access points controlled by CAPsMAN

This setup only uses wifi-qcom and dynamic vlans using usermanager are absolutely working as intended.
One SSID is wpa3-eap only using peap with dynamic vlans and I have two additional SSIDs using wpa2-psk/wpa3-psk both with an vlan id for each of them.
 
bommi
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Fri Jan 24, 2014 9:13 am
Location: Germany
Contact:

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 2:23 pm

I configured adlist and it can't download all of my configured lists because of insufficient storage.
I get this message in my logs:
[adlist] no space to store a file

Can you please make the storage for adlist configurable, so that I can use the sd-card in my hex S?
 
User avatar
pekr
Member Candidate
Member Candidate
Posts: 170
Joined: Tue Feb 22, 2005 9:05 pm
Location: Czech Republic
Contact:

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 2:50 pm

wifi-qcom-ac? No, no dynamic VLAN assignment
ouch another mishap and potential savings is already lost, we got the speed we need at the expense of loosing another non optional important feature sigh...

Thanks for your reply anyway greatly appreciate it!!!
What "mishap"? I have two suggestions for you:

1) Stop using Mikrotik logo in your avatar signature, it is confusing, as it seems you might represent official Mikrotik staff opinion.
2) Accept, what has been officialy stated already - no wi-fi advanced features between the wifi-qcom and wifi-qcom-ac. I have hAP ac2, and it can't and never will do a simple repeater mode for e.g.(unless you go more advanced vxlan route). Ditto for the new CapsMan mixing those two drivers imo.
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 2:57 pm

so what's with my avatar? it has nothing to do with you and it's there since day one, my opinion is mine alone I don't represent MT on any way shape or form and i'm not the only one using that kind of avatar
 
toffifee
just joined
Posts: 22
Joined: Tue Jan 02, 2018 7:46 pm
Location: Germany

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 3:03 pm

Hi,

trouble with container on RB3011: pihole and mosquitto (MQTT) in a VLAN-context: tried to update from 7.15.3 a couple of days before to 7.16.beta3 and Yesterday tried 7.16.beta7.
With 7.15.3 "stable" both container working fine as months before.

Updating to 7.16beta3 or 7: both container starting properly, but Looks like somehow isolated. pihole e.g. Access to pihole Webpage doesn't work and container has no DNS Outbound. I see traffic in the FW and DSTNAT rules, but not in SRCNAT. And Shell is accessable e.g. for "pihole -d" (Looks good beside notes for missing DNS, noted in log on start already). Same for mosquitto. Seems to run, but MQTT Explorer can't connect. Everything else (VLAN, usb-drive,... ) works fine.

Back to 7.15.3 solves it immediatly: Both container run smoothly again without any action.

As there was one other user only mentioning container issues in this thread: viewtopic.php?p=1079292#p1079292
and some follwing answer reporting no probs.
My adguard container won't start after update , nothing in log, anyone else has problem with containers ?
Any idea what could be changed from 7.15 to 7.16 in Bridge or VLAN or container handling which may cause this in a VLAN context? Any new (default?) feature which may cause this and needs just to ba adjusted?
I spent some hours to investigate, but ran out of ideas…

Thankx for any hint. Maybe someone else facing this and solvbed it. Would be happy to use 7.16 - at least for the nice mDNS-feature avoiding my mDSN repeater.
Last edited by toffifee on Mon Jul 29, 2024 11:55 am, edited 5 times in total.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 3:30 pm

wifi-qcom-ac? No, no dynamic VLAN assignment
ouch another mishap and potential savings is already lost, we got the speed we need at the expense of loosing another non optional important feature sigh...
Mikrotik is making this even worse by discontinuing ac-devices and replacing them with ax-devices where there's no way back.
We have RBD22UGS-5HPacD2HnD-15S in use to provide outdoor wifi coverage on multiple industrial sites and now only way forward is to set up new capsman and lose VLAN assignment on these as Mikrotik now provides only ax version of this device. Inconsistency is made worse by absence of any ARM-based alternatives to Groove and NetMetal family devices as these are used there as well (for warehouses)- so there is now way to avoid "dual-capsman situation".
 
tssge
just joined
Posts: 14
Joined: Sat Aug 08, 2015 9:11 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 4:50 pm

Mikrotik is making this even worse by discontinuing ac-devices and replacing them with ax-devices where there's no way back.
wifi-qcom (ax devices) does have per-client VLAN support. It's the wifi-qcom-ac package (which only works with some ac cards, not ax cards) that doesn't do per-client VLAN; this package however is optional for most ac devices and one should use wireless if per-client VLANs are a requirement.
wifi-qcom VLAN assignment
Though ax VLAN assignment is in a different menu (Wifi->Datapath or Wifi->Access List) compared to how it was before in Wireless. Maybe you have missed it or maybe I just misunderstood your post?
You do not have the required permissions to view the files attached to this post.
 
User avatar
loloski
Member
Member
Posts: 420
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 5:09 pm

This is the setup I use at home:
hex S / RB760iGS as CAPsMAN + UserManager
3 cAP ax as access points controlled by CAPsMAN

This setup only uses wifi-qcom and dynamic vlans using usermanager are absolutely working as intended.
One SSID is wpa3-eap only using peap with dynamic vlans and I have two additional SSIDs using wpa2-psk/wpa3-psk both with an vlan id for each of them
Thanks this is all I need to know, so wifi-qcom-ac is now out as I can't repurpose them, I'm going to lab this asap
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 5:59 pm

Can you please make the storage for adlist configurable, so that I can use the sd-card in my hex S?
Or the ramdisk. No need to permanently save that file, it is only a tmpfile.
 
bommi
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Fri Jan 24, 2014 9:13 am
Location: Germany
Contact:

Re: v7.16beta [testing] is released!

Sun Jul 28, 2024 8:09 pm

Can you please make the storage for adlist configurable, so that I can use the sd-card in my hex S?
Or the ramdisk. No need to permanently save that file, it is only a tmpfile.
This would be the best way.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.16beta [testing] is released!

Mon Jul 29, 2024 8:09 am

Still no fix for igmp-proxy issue SUP-152693, so waiting for it at next versions.
Still no fix for logging mess SUP-105353 SUP-144261
viewtopic.php?t=124291
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 914
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v7.16beta [testing] is released!

Mon Jul 29, 2024 9:52 am

*) dns - show static entry type "A" field in console;

Verified:

[admin@MikroTik] /ip/dns/static> add address=2.2.2.2 name=test.home.lan
[admin@MikroTik] /ip/dns/static> export
add address=2.2.2.2 name=test.home.lan type=A

Why would you include this default value in nonverbose export?

The support issue: SUP-17490 [6.47rc2] /ip dns static export should omit type=A

Has resulted in the following change earlier, and exactly this has now been reverted:

What's new in 6.48beta12 (2020-Jul-06 13:33):
*) dns - do not use type "A" for static entries with unspecified type;

What's new in 6.48 (2020-Dec-22 11:20):
*) dns - do not use type "A" for static entries with unspecified type;

And (somewhere) in the 7.1beta branch, not sure which beta:

What's new in 7.1beta5 (2021-Mar-16 14:41):

!) ported features and fixes introduced in v6.48.1;
*) other minor fixes and improvements;
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 29, 2024 9:58 am

In 7.16beta7 ALL (all instances in all protocols) dynamic routing and, for some reason, 6to4 tunnel breaks, when using routing filter rule with "set gw" property.
There is a route crash, will be fixed in next beta.
 
tim427
just joined
Posts: 6
Joined: Sat Aug 15, 2020 10:10 am

Re: v7.16beta [testing] is released!

Mon Jul 29, 2024 10:20 am

In 7.16beta7 ALL (all instances in all protocols) dynamic routing and, for some reason, 6to4 tunnel breaks, when using routing filter rule with "set gw" property.
There is a route crash, will be fixed in next beta.
Thanks for the confirmation!

FYI/Additional insights: This bug happens on a "RB4011", but it works fine one a "hAP ac" with similar config.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 29, 2024 3:04 pm

Hm, my device receives an address via dhcp client, but it does not set any routes... Neither default one, nor stateless ones (option 121).
DHCP routes installed with no issues. Contact support.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.16beta [testing] is released!

Mon Jul 29, 2024 8:33 pm

DHCP routes installed with no issues. Contact support.
I guess it is the route crash you mentioned earlier, as OSPF is involved. Waiting for next beta, will report then if the issue persists.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1352
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.16beta [testing] is released!

Tue Jul 30, 2024 11:39 am

So I have a bunch of cAP ac's on which I've decided to test the wave2 driver and panic on the low space left, standalone mode, no CAPsMAN.
All good, except one of them at a reboot I kept starring at the winbox window waiting for it to come back, all the others were already online, "welp, it bricked" I thought.
Wrong, "pfew", the bridge decided to switch the MAC to the MAC of wifi1 interface, so it got another IP from the DHCP server. Meh.
Ok, setting admin mac on all of them .......
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Tue Jul 30, 2024 11:56 am

When not setting MAC, it takes the MAC of "the first running interface on the bridge" and that is way to variable to depend on.
Always set the admin MAC!
 
didis81
just joined
Posts: 12
Joined: Mon Apr 06, 2015 1:29 am

Re: v7.16beta [testing] is released!

Tue Jul 30, 2024 4:19 pm

When not setting MAC, it takes the MAC of "the first running interface on the bridge" and that is way to variable to depend on.
Always set the admin MAC!
Thanks 🙏👍
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Wed Jul 31, 2024 2:34 am

With that being said looking at the restore script from Mikrotik even if they manually set the admin mac they still pick the first available mac from the device itself.

Below is my modified edition:
:global myFOUND "0";
#
# Function to display and log messages
#
:global debugMSG do={
    :put "DEBUG: $1";
    :log info "DEBUG: $1";
}
#
# Setting static mac-address on bridge1 if ether interface is found
#
:set myFOUND 0;
:foreach i in=[/interface find where !(slave=yes || passthrough=yes || type=loopback || name~"bridge")] do={
    :local tmpPORTNAME [/interface get $i name];
    :if ($myFOUND = 0) do={
        :if ([/interface get $i type] = "ether") do={
            :local tmpMAC [/interface get $tmpPORTNAME mac-address];
            $debugMSG ("Set bridge1 admin-mac: ".$tmpMAC);
            /interface bridge set bridge1 auto-mac=no admin-mac=$tmpMAC;
            :set myFOUND 1;
        }
    }
}
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.16beta [testing] is released!

Wed Jul 31, 2024 8:26 am

With that being said looking at the restore script from Mikrotik even if they manually set the admin mac they still pick the first available mac from the device itself.
What exactly is that you're after? Your script explicitly sets bridge MAC address to address of first listed ethernet port (even if it's not member of any bridge). Which is kind of default behaviour, only that default only considers interfaces which are actually member ports of that particular bridge. OTOH default heuristics runs every time bridge starts and if interface "enslavement" results in different port order, then bridge MAC address may change after boots. Additionally, your script changes bridge MAC address after bridge is already up&running and that can disturb (hopefully only temporarily) the traffic between bridge interface and subnet(s) attached to bridge port(s).

Setting bridge MAC address to a hand-picked static MAC address worked for me every single time without a hitch, it has to be done once when creating bridge. It's possible to take MAC address of some ethernet interface, present on device, as a basis to make probability of picking unique MAC address a bit higher.

And if by "restore script" you're talking about exported config ... if bridge MAC is manually set, then script will contain appropriate bridge definition (which includes MAC address) and according to my experience it's properly restored if exported config is properly imported again.
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Wed Jul 31, 2024 10:06 am

Auto-mac=on will pick any available mac-address of your device. There is a slight chance/risk that different interfaces will be picked during (re)boots. Which means that your Mikrotik mgmt-interface might have different mac after a (re)boot which might be a bad thing (for example if it sits behind a L2-switch which then is connected to the L3-gateway who uses ARP timeout of 4 hours and refuse to accept new mac for already learned IP-entry).

By having the restorescript to manually disable auto-mac along with setting admin-mac to a manual entry (one of the already available internal mac-addresses), which by the way Mikrotik already does when you do a reset-configuration with "no-defaults=no" set), makes your config to NOT change the admin-mac every reboot (or rather makes the risk of that down to 0% where it previously were lets say 1%).

The example I gave above is to be used as part of a restore-script. Meaning you will only run it once so there is no traffic to get disturbed since the restore-script is runned during restore when the traffic is down anyway.

By restore-script I mean when you do something like:
/system reset-configuration keep-users=yes no-defaults=yes skip-backup=yes run-after-reset=flash/custom.rsc
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Wed Jul 31, 2024 10:12 am

I don't know how you guys generate your initial configuration and how it exactly is on those CAPsMAN-managed APs, but on the usual "home router" category of devices, the automatically generated default configuration already sets the admin MAC in current versions.
Maybe try a reset-to-defaults without script and see what it generates.
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: v7.16beta [testing] is released!

Wed Jul 31, 2024 11:38 am

Auto-mac=on will pick any available mac-address of your device.
If you set admin-mac without setting auto-mac=no that configuration doesn't make any sense and therefore admin-mac would not be saved at all and auto-mac would be in effect:
interface/bridge/add name=bridge-test admin-mac=9A:3C:61:97:08:8A
interface/bridge/export
/interface bridge
add name=bridge-test
You must set both admin-mac and auto-mac to no in order to have fixed MAC...
interface/bridge/add name=bridge-test admin-mac=9A:3C:61:97:08:8A auto-mac=no
interface/bridge/export
/interface bridge
add admin-mac=9A:3C:61:97:08:8A auto-mac=no name=bridge-test
 
Apachez
Member Candidate
Member Candidate
Posts: 145
Joined: Mon Jul 01, 2024 11:45 pm

Re: v7.16beta [testing] is released!

Thu Aug 01, 2024 2:28 am

Yes thats what my (and Mikrotiks) default-configuration script do:
/interface bridge set bridge1 auto-mac=no admin-mac=$tmpMAC;
 
dksoft
Member Candidate
Member Candidate
Posts: 153
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.16beta [testing] is released!

Thu Aug 01, 2024 1:28 pm

Regarding the new mDNS feature: I would like to connect two networks with an EOIP tunnel between so that services in LAN1 are recognized in LAN2 and services in LAN2 are recognized in LAN1.

Now if I set:
"mdns-repeat-ifaces: LAN,VPN-TO-LAN2" in LAN1 and
"mdns-repeat-ifaces: LAN,VPN-TO-LAN1" in LAN2
mDNS from LAN1 got through the tunnel to LAN2 and back to LAN1.

I could live with that but MacOS has the "feature" that they recognize the repeated message and think another system is using the same name in the network. That leads to the problem that the MacOS PC always renames itself after receiving a repeated package.

Any idea how to solve this?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.16beta [testing] is released!

Thu Aug 01, 2024 1:36 pm

Of course you should EITHER use mdns repeater OR use an EOIP tunnel between the networks! Not both.
The repeater is to connect networks that are routed, not for networks that are bridged.
 
dksoft
Member Candidate
Member Candidate
Posts: 153
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.16beta [testing] is released!

Thu Aug 01, 2024 2:13 pm

Of course you should EITHER use mdns repeater OR use an EOIP tunnel between the networks! Not both.
The repeater is to connect networks that are routed, not for networks that are bridged.
Good point and my fault to uncomplete description: Both networks are routed over a WireGuard/EOIP connection, not bridged. The reason is to archive a 1500 MTU over the VPN connection.
 
hagoyi
newbie
Posts: 33
Joined: Wed May 17, 2023 8:36 pm

Re: v7.16beta [testing] is released!

Fri Aug 02, 2024 10:30 am

In 7.16beta7 ALL (all instances in all protocols) dynamic routing and, for some reason, 6to4 tunnel breaks, when using routing filter rule with "set gw" property.
Tested on RB4011
Can confirm. Now I need to add a static route (DHCP client didn't do that) so that the default WAN works as usual.
 
br0kenPKI
just joined
Posts: 1
Joined: Wed May 31, 2023 10:10 pm

Re: v7.16beta [testing] is released!

Sun Aug 04, 2024 2:49 pm

Hello.

SUP-161182

Netinstalled versions without config RouterOS 7.16beta7, RouterOS 7.16beta4, RouterOS 7.16beta3, RouterOS 7.16beta2, and RouterOS 7.16beta1 have two bugs in /ip/ipsec/mode-config/:

1) The value of the static-dns field is not saved when entered through the Terminal. The last version in which this issue does not occur is netinstalled without config RouterOS 7.15.3
2) When entered through Winbox, the value of the field is saved, but after a reboot, the value is empty again. The last version in which this issue does not occur is netinstalled without config RouterOS 7.15.3.

I am attaching Supout files:

7.16betaafterreboot.rif
7.16beta7beforereboot.rif

RouterOS 7.16beta7
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:01:34 by RouterOS 7.16beta7
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
[admin@MikroTik] > /ip/pool/add name=test ranges=192.168.200.100
[admin@MikroTik] > /ip/ipsec/mode-config/add address-pool=test address-prefix-length=32 name=test split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:01:34 by RouterOS 7.16beta7
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
/ip ipsec mode-config add address-pool=test address-prefix-length=32 name=test split-dns="" split-include=0.0.0.0/0 system-dns=no
[admin@MikroTik] > /log/print
 10:01:01 system,info router rebooted
 10:01:01 interface,info lo link up
 10:01:07 dhcp,info dhcp-client on ether1 got IP address 10.0.2.15
 10:01:15 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:01:26 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:01:34 system,info pool test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*1 = /ip pool add name=test ranges=192.168.200.100)
 10:01:34 system,info ipsec modecfg test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*2 = /ip ipsec mode-config add name=test)
RouterOS 7.16beta4
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:05:50 by RouterOS 7.16beta4
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
[admin@MikroTik] > /ip/pool/add name=test ranges=192.168.200.100
[admin@MikroTik] > /ip/ipsec/mode-config/add address-pool=test address-prefix-length=32 name=test split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:05:50 by RouterOS 7.16beta4
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
/ip ipsec mode-config add address-pool=test address-prefix-length=32 name=test split-dns="" split-include=0.0.0.0/0 system-dns=no
[admin@MikroTik] > /log/print
 10:05:22 system,info router rebooted
 10:05:22 interface,info lo link up
 10:05:22 disk,info add 
 10:05:28 dhcp,info dhcp-client on ether1 got IP address 10.0.2.15
 10:05:37 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:05:41 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:05:50 system,info pool test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*1 = /ip pool add name=test ranges=192.168.200.100)
 10:05:50 system,info ipsec modecfg test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*2 = /ip ipsec mode-config add name=test)
RouterOS 7.16beta3
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:07:50 by RouterOS 7.16beta3
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
[admin@MikroTik] > /ip/pool/add name=test ranges=192.168.200.100
[admin@MikroTik] > /ip/ipsec/mode-config/add address-pool=test address-prefix-length=32 name=test split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:07:50 by RouterOS 7.16beta3
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
/ip ipsec mode-config add address-pool=test address-prefix-length=32 name=test split-dns="" split-include=0.0.0.0/0 system-dns=no
[admin@MikroTik] > /log/print
 10:07:19 system,info router rebooted
 10:07:19 interface,info lo link up
 10:07:25 dhcp,info dhcp-client on ether1 got IP address 10.0.2.15
 10:07:39 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:07:42 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:07:50 system,info pool test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*1 = /ip pool add name=test ranges=192.168.200.100)
 10:07:50 system,info ipsec modecfg test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*2 = /ip ipsec mode-config add name=test)
RouterOS 7.16beta2
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:13:55 by RouterOS 7.16beta2
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
[admin@MikroTik] > /ip/pool/add name=test ranges=192.168.200.100
[admin@MikroTik] > /ip/ipsec/mode-config/add address-pool=test address-prefix-length=32 name=test split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:13:55 by RouterOS 7.16beta2
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
/ip ipsec mode-config add address-pool=test address-prefix-length=32 name=test split-dns="" split-include=0.0.0.0/0 system-dns=no
[admin@MikroTik] > /log/print
 10:13:32 system,info crossfig will upgrade version 6 configuration
 10:13:32 system,info router rebooted
 10:13:33 interface,info lo link up
 10:13:37 dhcp,info dhcp-client on ether1 got IP address 10.0.2.15
 10:13:47 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:13:50 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:13:55 system,info pool test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*1 = /ip pool add name=test ranges=192.168.200.100)
 10:13:55 system,info ipsec modecfg test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*2 = /ip ipsec mode-config add name=test)
RouterOS 7.16beta1
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:15:48 by RouterOS 7.16beta1
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
[admin@MikroTik] > /ip/pool/add name=test ranges=192.168.200.100
[admin@MikroTik] > /ip/ipsec/mode-config/add address-pool=test address-prefix-length=32 name=test split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:15:48 by RouterOS 7.16beta1
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
/ip ipsec mode-config add address-pool=test address-prefix-length=32 name=test split-dns="" split-include=0.0.0.0/0 system-dns=no
[admin@MikroTik] > /log/print
 10:15:02 system,info crossfig will upgrade version 6 configuration
 10:15:02 system,info router rebooted
 10:15:03 interface,info lo link up
 10:15:08 dhcp,info dhcp-client on ether1 got IP address 10.0.2.15
 10:15:41 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:15:44 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:15:48 system,info pool test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*1 = /ip pool add name=test ranges=192.168.200.100)
 10:15:48 system,info ipsec modecfg test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*2 = /ip ipsec mode-config add name=test)
RouterOS 7.15.3
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:38:10 by RouterOS 7.15.3
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
[admin@MikroTik] > /ip/pool/add name=test ranges=192.168.200.100
[admin@MikroTik] > /ip/ipsec/mode-config/add address-pool=test address-prefix-length=32 name=test split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:38:10 by RouterOS 7.15.3
# software id = 
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
/ip ipsec mode-config add address-pool=test address-prefix-length=32 name=test split-dns="" split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /log/print
 10:16:51 system,info router rebooted
 10:16:51 interface,info lo link up
 10:16:56 dhcp,info dhcp-client on ether1 got IP address 10.0.2.15
 10:38:02 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:38:06 system,info,account user admin logged in from 10.0.2.2 via winbox
 10:38:10 system,info pool test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*1 = /ip pool add name=test ranges=192.168.200.100)
 10:38:10 system,info ipsec modecfg test added by winbox-3.41/tcp-msg(winbox):admin@10.0.2.2/terminal (*2 = /ip ipsec mode-config add name=test)
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.16beta [testing] is released!

Mon Aug 05, 2024 11:43 am

Potential memory leak detected on cAP AC using wifi-qcom-ac drivers, resulting in kernel panic due to out of memory.
Simple AP config, 2 SSIDs, not even using VLANs on that device.

SUP-161244 created.
 
br0kenPKI
just joined
Posts: 1
Joined: Wed May 31, 2023 10:10 pm

Re: v7.16beta [testing] is released!

Mon Aug 05, 2024 2:02 pm

Hello.

SUP-161182
....

Hello.

I received a response from the employee. Why did I check all versions from 7.15.3 to 7.16beta7?
It seems that the files Supout sent were not opened by them, and the request was closed just like that.


He replied that he checked this on the stable version. He didn't even check it on the beta versions!

First, the values after specifying the custom DNS through the terminal are not saved, as shown in the command listing I provided.
Second, the values after specifying the custom DNS through Winbox disappear after a reboot.
In addition, please execute these commands on the netinstalled version of RouterOS

You are not a mature vendor that can handle tickets from customers?

One more time:

[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:01:34 by RouterOS 7.16beta7
# software id =
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
[admin@MikroTik] > /ip/pool/add name=test ranges=192.168.200.100
[admin@MikroTik] > /ip/ipsec/mode-config/add address-pool=test address-prefix-length=32 name=test split-include=0.0.0.0/0 static-dns=192.168.200.1 system-dns=no
[admin@MikroTik] > /ip/ipsec/mode-config/export verbose terse
# 2024-08-04 10:01:34 by RouterOS 7.16beta7
# software id =
#
/ip ipsec mode-config set [ find default=yes ] name=request-only responder=no use-responder-dns=exclusively
/ip ipsec mode-config add address-pool=test address-prefix-length=32 name=test split-dns="" split-include=0.0.0.0/0 system-dns=no

Via Terminal
Image

Via Winbox and reboot
Image
Image
Last edited by br0kenPKI on Mon Aug 05, 2024 3:50 pm, edited 2 times in total.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.16beta [testing] is released!

Mon Aug 05, 2024 3:27 pm

@br0kenPKI

No need to spam the forum by quoting your own message that are just poste above the quoted one.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6753
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.16beta [testing] is released!

Mon Aug 05, 2024 3:34 pm

Fixed.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.16beta [testing] is released!

Mon Aug 05, 2024 6:04 pm

Well, too complicated. Too much information I can't process 🤯
 
User avatar
coddy
just joined
Posts: 3
Joined: Mon Nov 11, 2013 7:13 am

Re: v7.16beta [testing] is released!

Tue Aug 06, 2024 2:37 am

@br0kenPKI

Thank you for discovering this, spending the time to investigate it, verifying each version to determine when the problem occurred, and creating a corresponding SUP. Your posts were informative and clear, and your efforts should be commended.

If MT closed the case with not a problem in release version, reopen the case, and point out this is a beta version issue that you are reporting. Sometimes people can misunderstand what you are trying to point out.

I am sure this is exactly why they have betas.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.16beta [testing] is released!

Tue Aug 06, 2024 9:42 am

I do not know the details of why @br0kenPKI is so upset, but FYI the problem is acknowledged and will be fixed.
 
msatter
Forum Guru
Forum Guru
Posts: 2941
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v7.16beta [testing] is released!

Tue Aug 06, 2024 10:00 am

Maybe because he is let in the dark about that it was acknowledged and not ignored.
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.16beta [testing] is released!

Tue Aug 06, 2024 10:58 am

Version 7.16rc1 has been released.
viewtopic.php?t=209903

Who is online

Users browsing this forum: rook001 and 5 guests