Community discussions

MikroTik App
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

v7.17rc [testing] is released!

Fri Nov 22, 2024 6:12 pm

RouterOS version 7.17rc has been released on the "v7 testing" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during the upgrade process;
3) Device has enough free storage space to download all RouterOS packages.

What's new in 7.17rc3 (2024-Dec-10 09:40):

!) webfig - redesigned HTML, styling and functionality (additional fixes);
*) console - fixed missing arguments in wifi menu in certain cases;
*) container - improved "start-on-boot" stability;
*) discovery - added support for LLDP DCBX (additional fixes);
*) file - improved service stability when accessing files list from other system services;
*) iot - fixed LoRa behavior, where join eui or dev eui could be incorrectly converted during forwarding;
*) ippool - removed maximum "63 bit" prefix length limitation;
*) ipv6 - added support for manual link-local address configuration (additional fixes);
*) qos-hw - improved system stability when enabling QoS;
*) route - improved stability (additional fixes);
*) webfig - Skin Designer moved to centralized page (additional fixes);

What's new in 7.17rc2 (2024-Nov-28 16:09):

!) webfig - redesigned HTML, styling and functionality (additional fixes);
*) bridge - added message for inactive port reason (additional fixes);
*) device-mode - added routerboard, install-any-version and partitions features (additional fixes);
*) dhcpv6-server - fixed DHCPv6 server "address-pool" property showing in command line as "unknown" when real value is "static-only";
*) dns - added option to create named DNS servers that can be used as forward-to servers (additional fixes);
*) file - improved service stability when processing a lot of files (introduced in v7.17rc1);
*) ipv6 - added support for manual link-local address configuration (additional fixes);
*) webfig - allow style.css and script.js in branding packages;
*) webfig - redirect "/help/license.html" to "/license.txt" for backwards compatibility;
*) winbox - clear "Value" field when unset under "IP/DNS/Static" menu;

What's new in 7.17rc1 (2024-Nov-22 11:42):

!) webfig - redesigned HTML, styling and functionality (additional fixes);
*) bridge - added priority setting to manually elect primary MLAG peer;
*) container - do not log start, end events unless logging is enabled;
*) log - fixed e-mail logging (introduced in v7.16);
*) lte - improved recovery after unexpected modem reboot for Chateau's 5G and 5G R16 series devices (additional fixes);
*) netwatch - added "ignore-initial-up" and "ignore-initial-down" properties;
*) netwatch - fixed multiple variables;
*) poe-out - improved PoE-out configuration handling when doing reset-configuration command;
*) ptp - fixed packet receive with enabled igmp-snooping;
*) romon - send uptime in discovery;
*) route - improved stability with static route configuration;
*) winbox - added "Copy to Access List" option under "WiFi/Registration" menu;
*) winbox - added "Max Entries" and "Total Entries" properties under "IP/Firewall/Connections/Tracking" menu;
*) winbox - added missing "bus" option for compatible devices under "System/RouterBOARD/USB Power Reset" menu;
*) winbox - hide LCD menu for devices without display;
*) winbox - hide LTE "External Antenna" menu for devices without switchable antenna option;
*) winbox - show "FEC" property on status tab for interfaces that use it;
*) winbox - updated properties and behavior under "Switch/QoS" menu;

Other changes since v7.16:

!) device-mode - after upgrade, mode "enterprise" is renamed to "advanced" and traffic-gen, partition (command "repartition"), routerboard and install-any-version features will be disabled (additional fixes);
*) 6to4 - fixed issue where 6to4 relay would not forward traffic unless destination address is set;
*) adlist - improved logging;
*) adlist - improved system stability;
*) adlist - optimized import on system with low disk space;
*) api - fixed REST API serialization of binary data;
*) arm64 - fixed for bare-metal servers to be able to access more than 2GB RAM;
*) arm64 - show CPU frequency on bare-metal installations;
*) arm64/x86 - added missing PCI id for mlx4 driver;
*) bonding - hide mlag-id property on non-compatible devices;
*) bridge - add HW offload support for active-backup bonds on 98DXxxxx, 88E6393X, 88E6191X and88E6190 switches;
*) bridge - added interface-list support for VLANs;
*) bridge - added message for inactive port reason;
*) bridge - correctly display PPP interfaces in VLAN menu;
*) bridge - disallow duplicate static VLAN entries;
*) bridge - disallow multicast MAC address as admin-mac;
*) bridge - enable faster HW offloading when detect-internet is disabled;
*) bridge - fixed bridge packet transmit if dhcp-snooping is enabled (introduced in v7.17beta5);
*) bridge - fixed first host table response for SNMP;
*) bridge - fixed incorrect HW offloaded port state in certain cases on MSTI add;
*) bridge - fixed missing slave flag on port in certain cases;
*) bridge - fixed MVRP registrar and applicant port options;
*) bridge - fixed port monitor with interface-lists;
*) bridge - fixed port move command;
*) bridge - fixed setting bridge MTU to L2MTU value;
*) bridge - fixed VLAN overlap check;
*) bridge - ignore disabled interfaces when calculating bridge L2MTU;
*) bridge - improved port handling;
*) bridge - improved stability;
*) bridge - prioritize MAC selection from Ethernet interfaces when using auto-mac feature;
*) bridge - re-synchronize MLAG system-id when bridge MAC changes;
*) bridge - removed support for master port config conversion (used before version 6.41);
*) bridge - update dynamic MSTI priority value when changing configuration;
*) bth - improved stability on system time change;
*) certificate - do not download CRL if there is not enough free RAM;
*) certificate - do not show not relevant values for certificate template (CLI only);
*) certificate - fixed handling of capsman-cap certificates (introduced in v7.16);
*) certificate - removed unstructured address field support;
*) chr - added Chelsio VF driver for PCIID 5803;
*) chr/arm64 - fixed kernel crypto use without crypto extensions for RPi CM4;
*) cloud - changed ddns-enabled setting from "no" to "auto" (service is enabled when BTH is enabled);
*) cloud - improved DDNS and VPN state stability;
*) console - added :range command;
*) console - added group-by property for print command;
*) console - added json.no-string-conversion to :serialize;
*) console - added lf/crlf options to :convert transform;
*) console - added more argument definitions for mac-protocol property;
*) console - added password property to "/system/ssh-exec" command;
*) console - added to/from=num option for :convert command;
*) console - allow clearing history for a specific user;
*) console - allow setting width to supout.rif output;
*) console - clear history when removing user;
*) console - disallow autocomplete hints for user without read policy;
*) console - execute :return command without error;
*) console - fixed endless loop when closing input prompt;
*) console - force print paging when output does not fit terminal width;
*) console - improved printing output in some menus;
*) console - improved scripting system stability;
*) console - increased w60g scan-list size to 6;
*) console - print warning in CLI after enabling protected bootloader;
*) console - removed "chain" names from print parameter list and show all print parameters in "/ipv6/firewall/filter" directory;
*) console - show system-id in export for CHR;
*) container - allow import from .tar.gz file;
*) container - fixed user and group ID range;
*) container - improved container shell;
*) crypto - improve crypto speeds (additional fixes);
*) crypto - use hardware accelerator for GCM cipher in TLS connection on Alpine CPUs;
*) defconf - changed wireless installation from "indoor" to "any";
*) defconf - disable 5GHz secondary channel on RB4011;
*) defconf - do not add default password for CAP mode configuration on older Audience devices without a password;
*) defconf - fixed new port name recognition;
*) detnet - remove dynamic DHCP client creation;
*) device-mode - added "allowed-versions" list which are allowed to be installed without "install-any-version" mode enabled;
*) device-mode - added "basic" mode;
*) device-mode - added routerboard, install-any-version and partitions features;
*) device-mode - allow feature and mode update on x86 via power button and reboot/shutdown from AWS;
*) device-mode - changed "partition" to allow activate and do not allow repartition (introduced in v7.17beta2);
*) device-mode - fixed feature and mode update on ARM64 Hetzner;
*) device-mode - fixed feature and mode update via power-reset on MIPSBE devices;
*) device-mode - limit "/tool/ping-speed" and "/tool/flood-ping" under "traffic-gen" feature;
*) device-mode - limit device-mode update maximum allowed attempt count which can be reset only with reboot or button press;
*) device-mode - provide more precise device-mode update action printout;
*) device-mode - show all features and active restrictions with "print" command;
*) dhcp-relay - added "local-address-as-src-ip" property;
*) dhcp-server - improved stability (introduced in v7.17beta4);
*) dhcp-server - use interface ID for NAS-Port and added interface name to NAS-Port-ID attribute in RADIUS requests;
*) dhcp-server - use single RADIUS accounting session for IPv4 and IPv6 when dual stack is used (additional fixes);
*) dhcpv4-client - correctly handle adding/setting emtpy dhcp-options;
*) dhcpv4-client - fixed crash when releasing disabled DHCP client;
*) dhcpv4-client - respect Renewal-Time (58) and Rebinding-Time (59) options;
*) dhcpv4-server - do not remove options set config when DHCP network is changed;
*) dhcpv4-server - properly detect DHCP server address when underlying interface has multiple IP addresses configured;
*) dhcpv4-server/relay - added additional error messages for DHCP servers and relays;
*) dhcpv4/v6-server - added address-list parameter to which address will be added if the lease is bound;
*) dhcpv6-client - added prefix-address-list parameter;
*) dhcpv6-client - improved system stability when DHCPv6 client is enabled on non-existing interface;
*) dhcpv6-client - log message when response with invalid transaction-id received;
*) dhcpv6-client/server - added support for DHCPv6 reconfigure messages;
*) dhcpv6-server - added IPv6 address delegation support;
*) dhcpv6-server - improved system stability when removing actively used DHCPv6 server;
*) dhcpv6-server - include all existing prefixes (with lifetime 0) in renew reply and new prefix if RADIUS returns different prefix;
*) discovery - added support for LLDP DCBX (additional fixes);
*) discovery - use LLDP description field to populate platform, version and board-name;
*) disk - add support for SWAP, currently allowed on any block device with "set x swap=yes" when container package is installed (CLI only);
*) disk - added "type=file" for file-based block devices, useful for using file as a swap, or when having file-based filesystem images (CLI only);
*) disk - added btrfs filesystems list (CLI only);
*) disk - added mount-read-only and mount-filesystem options to allow read-only mounts and prevent mounting device at all (CLI only);
*) disk - added sshfs client to "/disk" menu (CLI only);
*) disk - allow to configure global and per disk mountpoint template - [slot],[model],[serial],[fw-version],[fs-label],[fs-uuid],[fs] variables supported;
*) disk - auto mount iso and squashfs images;
*) disk - fixed managing and cleaning up mount points;
*) disk - fixed raid role auto selection for up to 64 drives;
*) disk - improve slot naming and improvements for visualizing complex hardware topology;
*) disk - improve test to report zero byte iops;
*) disk - improved system stability;
*) disk - read/show exfat filesystem label;
*) disk - recognize virtual sd* interfaces;
*) disk - remove 32 character slot name limit;
*) disk - save raid superblock and raid bitmap superblock on member devices in 1.2 format/location;
*) disk - show detailed mountpoint users when unable to unmount;
*) disk - show usage as percentage (CLI only);
*) disk - try all NFS versions (4.2,4.1,4.0,3,2) when mounting NFS in that order;
*) disk,nvme - show nvme namespaces if configured more than one on a nvme drive;
*) dns - added option to create named DNS servers that can be used as forward-to servers (additional fixes);
*) dns - do not look up local cache when executing ":resolve" command with specified "server" parameter (introduced in v7.16);
*) dns - DoH whitelist support for adlist using static FWD entries;
*) dns - refactored DNS service internal processes;
*) dns - whitelist support for adlist using static FWD entries;
*) ethernet - improved interface stability for RB4011 devices;
*) ethernet - improved linking after reboot for hAP ax lite devices ("/system routerboard upgrade" required);
*) ethernet - improved stability after reboot for Chateau PRO ax;
*) ethernet - improved system stability for CCR2004-1G-2XS-PCIe device;
*) ethernet - log warning only about excessive broadcast (do not include multicast) and reduced log count;
*) fetch - fixed certificate check when provided hostname is IP address;
*) fetch - fixed large file (over 4GB) fetch in HTTP/HTTPS mode;
*) file - correctly identify mounted disks;
*) file - do not needlessly scan large filesystems, could prevent unmounting;
*) file - improved handling of changes to the file system;
*) file - support files over 4GB size;
*) file - update file size before trying to request content;
*) firewall - added none-dynamic and none-static arguments for IPv6 address-list-timout settings;
*) firewall - added support for random external port allocation;
*) firewall - added warning log for TCP SYN flood;
*) firewall - fixed "dst-limit" and "limit" mathers when using zero value for burst argument;
*) firewall - improved matching from deeply nested interface-lists (additional fixes);
*) firewall - improved matching from deeply nested interface-lists;
*) firewall - removed default mangle passthrough=yes configuration from export;
*) ftp - added VRF support;
*) gps - changed default GPS antenna setting for LtAP mini with internal LTE/GPS combo antenna;
*) graphing - fixed graphing rule removal (additional fixes);
*) graphing - fixed queue graph storing on disk;
*) health - added cpu-overtemp-check on ARM, ARM64 devices (CLI only);
*) health - changed PSU state from "no-ac" to "no-input";
*) health - hide settings in CLI if there is nothing to show;
*) health - removed board-temperature on RB5009UPr+S+IN device;
*) igmp-proxy - refactored IGMP querier (additional fixes);
*) ike2 - improved performance by balancing multicore CPU usage for key exchange calculation also for initiator;
*) iot - added additional debug for LoRa logging;
*) iot - added an option to print out LoRa traffic in CLI (not GUI-only option anymore);
*) iot - added new LoRa traffic FCnt packet counter parameter;
*) iot - added support for USB Bluetooth dongles (LE 4.0+) which enables Bluetooth functionality;
*) iot - bluetooth peripheral device menu now displays correct iBeacon major/minor values;
*) iot - fixed duplicate LoRa payloads in the traffic tab;
*) iot - fixed incorrect LoRa joineui filter export behavior;
*) iot - improvements to LoRa device's stats tab;
*) iot - limit mqtt publish message size to 32 KB;
*) iot - LoRa LNS improvement;
*) iot - LoRa traffic tab RSSI now shows proper values for ARM architecture;
*) iot - modbus rework which improves Tx Rx switching behavior;
*) iot - mqtt improvement to support large payloads and gracefully discard payloads above size limit;
*) iot - removed crc-disabled and crc-error options from the LoRa forwarding;
*) iot - removed LoRa pause traffic option/setting;
*) iot - removed some LoRa radio related parameters (e.g. RSSI-OFF and Tx-enabled) that were not meant to be changed (additional fixes);
*) ipsec - ike2 improved process for policies;
*) ipv6 - added comment property to "/ipv6/nd/prefix" menu;
*) ipv6 - added IPv6 settings related to stale IPv6 neighbor cleanup;
*) ipv6 - added support for manual link-local address configuration;
*) isis - do not disable fast-path when isis is enabled on an interface;
*) isis - fixed console flags;
*) isis - fixed invalid L2 LSP type;
*) isis - make it work when MTU is larger than 1500;
*) isis - update interface MAC address on change (caused neighbor to stuck in init state);
*) kid-control - use time format according to ISO standard;
*) l3hw - improved system stability;
*) l3hw - rate limit error logging;
*) leds - fixed issue where interface LEDs might not properly disable in some cases;
*) log - added basic validation for "disk-file-name" property;
*) log - added hostname support to remote logging action;
*) log - added regex parameter for log filtering in rules;
*) log - use time format according to ISO standard;
*) lte - added option to check/install modem firmware from early-access/testing channel (CLI only);
*) lte - added provider specific firmware update (FOTA) for Cosmote GR networks on Chateau 5G;
*) lte - disabled ims service for Chateau 5G on operator "3 AT" network (PLMN ID 23205);
*) lte - drop operator selection support for R11e-4G modem as it is unreliable;
*) lte - fixed "default-name" property in export when multiple LTE interfaces are used;
*) lte - fixed "lte monitor" signal reporting for RG520F-EU modem when connected to 5G SA network;
*) lte - fixed "operator" setting for EC200A-EU modem;
*) lte - fixed long "PLMN search in progress" for SXT 3-7;
*) lte - fixed LTE band setting for SXT LTE 3-7;
*) lte - fixed network registration for R11e-4G modem (introduced in v7.17beta2);
*) lte - fixed roaming barring (allow-roaming=no) for EC200A-EU modem;
*) lte - fixed signal info reporting for FG621-EA modem in UMTS network;
*) lte - fixed SMS sender parsing;
*) lte - improved modem FW upgrade for Chateau 5G;
*) lte - improved R11eL-EC200A-EU modem firmware upgrade procedure;
*) lte - improvements to modem "firmware-upgrade" command (additional fixes);
*) lte - MBIM increased assignable APN profile count up to 8 then modem firmware allows it;
*) lte - modem firmware update (FOTA), added support to install provider specific version (additional fixes);
*) lte - removed trailing "F" symbol from uicc;
*) lte - set "sms-read=no" and "sms-protocol=auto" as default values;
*) lte - set IPv6 address reporting format in modem init for AT modems and MBIM modems with AT channel;
*) mac-server - allow MAC-Telnet access through any bridged port when bridge interface is allowed;
*) mac-telnet - use ASCII DEL as erase/backspace char instead of BS (fixes mac-telnet backspace for WinBox4);
*) macvlan - improved error when trying to create new interface on already busy parent interface;
*) macvlan - updated driver;
*) modem - KNOT BG77 modem, improved handling of modem unexpected restarts;
*) mpls - added fast-path support for VPLS (additional fixes);
*) mpls - added MPLS mangle support;
*) mpls - added support for "ICMP Fragmentation needed";
*) mpls - do no drop LDP peering session on PW deactivation;
*) mpls - do not reconnect VPLS on name or comment changes;
*) netinstall - removed unused "Get key" button;
*) netinstall - save and restore device-mode configuration on format;
*) netinstall-cli - added "-o" option to install devices only once per netinstall run;
*) netinstall-cli - fixed x86 detection;
*) netwatch - fixed probe toggle when adding a comment;
*) ospf - fixed memory corruption;
*) ospf - improved stability on configuration update;
*) ovpn - added VRF support to OVPN server (server menu now supports multiple entries and previous server configuration is automatically imported);
*) ovpn - improved system stability;
*) ovpn-client - added tls-crypt, tls-crypt-v2 support;
*) ovpn-server - added "user-auth-method" property and allow mschap2 for RADIUS authentication;
*) pimsm - improved system stability after interface disable;
*) poe-out - added low-voltage-too-low status;
*) poe-out - upgraded firmware for CRS354-48P-4S+2Q+ device (the update will cause brief power interruption to PoE-out interfaces);
*) poe-out - upgraded firmware for PSE (BT) controlled boards (the update will cause brief power interruption to PoE-out interfaces);
*) port - display a warning when using invalid log-file with the "remote-access" feature;
*) port - more detailed print command output, include in "USED-BY" property channel number(s);
*) ppp - add routes in matching VRF;
*) ppp - added support for bridge-port-pvid configuration via ppp profile (additional fixes);
*) ppp - added support for bridge-port-trusted configuration via ppp profile;
*) ppp - do not print local/remote pool related errors in log when configuration does not require pool usage;
*) ppp - fixed typos in log message;
*) ppp - reuse link-local IPv6 address for static bindings when possible;
*) ppp - set APN/PDN type "IPv4/v6" according assigned PPP profile protocol setting;
*) pppoe - added support for PPPoE server over 802.1Q VLANs (additional fixes);
*) profiler - classify ppp processing;
*) profiler - improved process classification;
*) profiler - renamed radv process to radvd;
*) ptp - added dynamic switch ACL rules in order to trap PTP packets to CPU instead of forwarding;
*) ptp - added option to configure L2 transport with forwardable and non-forwardable MAC destination;
*) ptp - added PTP support for CRS320-8P-8B-4S+ and CRS326-4C+20G+2Q+ devices;
*) ptp - display warning when none of the PTP ports has a link;
*) ptp - fixed DSCP values for IPv4 packets;
*) ptp - fixed synchronization on QSFP28 interfaces (additional fixes);
*) ptp - make PTP process more stable and deterministic when applying configuration;
*) ptp - restrict configuring g8275 profile with IPv4 transport;
*) qos-hw - allow to disable/enable profiles, disabled or removed profile gets replaced with the default (additional fixes);
*) qos-hw - enabling PFC on port also requires setting egress-rate-queueN;
*) qos-hw - fixed export when changing default Tx Manager;
*) qos-hw - fixed incorrect port byte-use counter;
*) qos-hw - improved PFC behavior (additional fixes);
*) qos-hw - improved WRED and ECN behavior (additional fixes);
*) qos-hw - rename pfcN-pause and pfcN-resume to pfcN-pause-threshold and pfcN-resume-threshold;
*) qos-hw - reworked PCP and DSCP mapping (now supports single, multiple and range values, previous configuration with minimal value mapping is converted to a single value);
*) qos-hw - switch-cpu port trust settings are forced to "keep";
*) queue - improved system stability when too many simple queues are added;
*) quickset - added "LTE AP" quickset profile with one wifi interface;
*) rip - improved stability when changing metric;
*) romon - added dynamic switch rules on devices supporting it when enabling the service;
*) romon - added interface-list support;
*) rose-storage - allow to set iscsi-iqn only when type=iscsi and allow nvme-tcp-name only when type=nvme-tcp;
*) rose-storage - do not allow to format exported disks;
*) rose-storage - enable autocomplete for local-path property in "/file/sync" menu;
*) rose-storage - enable more threads for faster RAID sync;
*) rose-storage - ensure unique nvme-tcp-names for nvme-tcp clients;
*) rose-storage - improved error messages;
*) rose-storage - improved system stability;
*) rose-storage,raid - improved stability of degraded arrays on startup;
*) rose-storage,raid - store superblock in 1.2 format, show raid super block info when detected to help with reassembling arrays;
*) route - fixed discourse attribute print;
*) route - fixed minor typo in failure message;
*) route - fixed possible issue with inactive routes after reboot (introduced in v7.16);
*) route - improved stability;
*) route - increased interface name length limit in log messages;
*) route - removed possibility for IPv6 routes to specify interface in the dst-address;
*) routerboot - fixed boot MAC for devices with Alpine CPU ("/system routerboard upgrade" required);
*) routerboot - fixed boot MAC for MIPSBE CRS3xx and CRS5xx switches ("/system routerboard upgrade" required);
*) routerboot - improved stability for IPQ8072 and IPQ6010 when flash-boot is used ("/system routerboard upgrade" required);
*) routing-filter - fixed subtract and add for numerical values (+x, -x);
*) rsync - fixed when used over ssh and spaces in directory names;
*) sfp - fixed 1Gbps supported rate for RB960 and RB962 devices;
*) sfp - fixed linking with 1Gbps optical modules with "combo-mode=sfp" configuration for CRS312 device;
*) sfp - improved initialization and linking for some SFP modules;
*) sfp - improved initialization for certain SFP modules on CRS309 and CRS317 devices ("/system routerboard upgrade" required);
*) sfp - improved power control configuration for QSFP optical modules according to the EEPROM field;
*) sfp - improved SFP auto-negotiation for L22, L23 devices;
*) sfp - improved SFP28, QSFP28 interface stability using DAC cable for CRS520 switch;
*) smb - stability improvements for client/server (additional fixes);
*) snmp - added wifi fields to MIKROTIK-MIB (additional fixes);
*) socks - fixed comment property for access configuration;
*) ssh - added option to configure SSH ciphers (replaced allow-none-crypto parameter);
*) ssh - do not regenerate host key after update from RouterOS version older than 7.9;
*) ssh - fixed password authentication (introduced in v7.17beta2);
*) ssh - improved logging;
*) ssh - improved speed;
*) ssh - prefer GCM ciphers for arm64 and x86 devices when ciphers=auto;
*) ssl/tls - improved performance;
*) sstp - added pfs=required option to allow only ECDHE during TLS handshake;
*) storage - preserve permissions,owners,attributes when syncing under "/file/sync";
*) storage,rsync - fixed to work with clients passing "-a" option;
*) supout - added BGP advertisements section;
*) supout - added device-mode section;
*) supout - do not create autosupout.rif for second time after system reboot;
*) supout - print non BGP and OSFP routes if route list is too large;
*) supout - reduce minimal RAM required for export to be included;
*) supout - use separate LTE section;
*) switch - added "all" argument for "new-dst-ports" switch rule property for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) switch - added IPv6 flow label matching in switch rules for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) switch - allow bond interfaces in switch rules for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) switch - allow matching network bitmask for IPv4 and IPv6 dst/src-address properties in switch rule;
*) switch - disallow switch-cpu in "ports" and "new-dst-ports" rule properties for CRS3xx, CRS5xx, CCR2116, CCR2216 and RB5009 devices;
*) switch - fixed L2MTU for 25Gbps ports;
*) switch - fixed RSPAN error message when using mirror-target=cpu;
*) switch - fixed rule disable in certain cases for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) switch - fixed storm-rate accuracy on 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) switch - force "mac-protocol" when matching IPv4 or IPv6 specific properties;
*) switch - improved CPU performance for CRS328-24P-4S+ switch;
*) switch - improved system stability for RB5009 and CCR2004-16G-2S+ devices;
*) switch - make switch rule "ports" property not required and unsettable (allows matching packets on all switch ports);
*) switch - updated dynamic switch rules when using HW bridge with IGMP snooping (224.0.0.0/24 and ff02::/16 destination addresses are forwarded and copied to CPU) (additional fixes);
*) system - make ICMP error source address selection configurable (icmp-errors-use-inbound-interface-address parameter in ip settings);
*) system - make TCP timestamp handling configurable (tcp-timestamps parameter in ip settings);
*) system - moved "/system/upgrade" to "/system/package/local-update";
*) tftp - improved stability;
*) upnp - rename service description file from gateway_description.xml back to gateway.xml;
*) user-manager - improved stability;
*) vpls - added support for bridge-pvid configuration;
*) vrf - fixed packet handling with enabled queues;
*) vxlan - fixed issue causing to loose IPv6 VTEP address setting;
*) webfig - added search option for settings;
*) webfig - allow download from file details;
*) webfig - fixed uploading files with Windows style newlines;
*) webfig - hide inherited wifi password;
*) webfig - improved keyboard navigation (additional fixes);
*) webfig - reduce flickering when table is sorted by column with duplicate values (additional fixes);
*) webfig - Skin Designer moved to centralized page;
*) webfig - status page is deprecated, old status page config will work, but can't be updated or created;
*) webfig - support unicode strings;
*) wifi - add information to each interface, showing which CAPsMAN manages it or which CAP hosts it when applicable;
*) wifi - added a debug log entry when switching channel;
*) wifi - added ability to set security.owe-transition-interface to "auto";
*) wifi - added access-list stats (CLI only);
*) wifi - added configuration.installation property to limit use of indoor-only channels;
*) wifi - added debug log messages on station authentication mismatch;
*) wifi - added extra info to CAPsMAN about message;
*) wifi - added last-activity property in registration table;
*) wifi - added multi-passphrase (PPSK) support (CLI only);
*) wifi - added option to reset MAC address (CLI only);
*) wifi - added station-roaming support (additional fixes);
*) wifi - allow IPv6 LL address in caps-man-addresses;
*) wifi - disabled 802.11h on 2.4GHz station;
*) wifi - fixed "disabled" property in certain cases;
*) wifi - fixed failure to resume operation after DFS non-occupancy period has elapsed;
*) wifi - fixed failure with "auto" peer update on the OWE interface;
*) wifi - fixed occasional failure to bring up management frame protection and channel switch capabilities;
*) wifi - fixed the "no available channels" message still being displayed after a setting change has made some channels available;
*) wifi - improved FT roaming with WPA3 for some Apple devices;
*) wifi - indicate radios' ability to perform a channel switch in their "hw-caps" attribute;
*) wifi - indicate which channels are subject to DFS, or are indoor-only in output of "monitor" command;
*) wifi - re-word the "SA Query timeout" log message to "not responding";
*) wifi - show authentication type and wireless standard used by each client in registration table;
*) wifi - show regulatory limits on maximum bandwidth in output of radio/reg-info command;
*) wifi - when operating in station mode, log more information when AP switches to an unsupported channel;
*) wifi-qcom - added Superchannel country profile;
*) wifi-qcom - updated regulatory info for Ukraine, Australia and United States;
*) wifi-qcom-ac - allow use of channel 144 under "Japan" regulatory domain;
*) wifi-qcom-ac - fix possible conflict between radio and USB initialization on hAP ac2;
*) wifi-qcom-ac - improved CPU load balancing and system stability;
*) winbox - added "Scan" and "Test Disks" features under "System/Disks" menu;
*) winbox - added Enable/Disable buttons under "Tools/Graphing" menus;
*) winbox - added MAC address support for "Group" property under "Bridge/MDB" menu;
*) winbox - added missing properties under "IP/Neighbors" menu;
*) winbox - allow to edit Ethernet MAC address;
*) winbox - fixed duplicate timezone names;
*) winbox - fixed typo in "System/Reset Configuration" menu;
*) winbox - improved stability;
*) winbox - minimal required version is v3.41;
*) winbox - refresh values under "Bridge/VLANs/MVRP Attributes" menu;
*) winbox - renamed and moved "System/Auto Upgrade" to "System/Packages" menu;
*) winbox - renamed wrong invalid interface flag to inactive;
*) winbox - show MLAG settings for CRS326-4C+20G+2Q+ device;
*) wireguard - do not initiate handshake when peer is configured as responder;
*) wireless - added option to reset MAC address (CLI only);
*) wireless - added vlan-id to registration-table;
*) wireless - allow to set Canada2 country profile when locked with US lock package for CubeG device;
*) wireless - enable all chains by default for RB911 and RB922 series devices;
*) wireless - fixed antenna gain for SXT5ac device;
*) wireless - preserve configured country while using setup-repeater, added "country" argument (CLI only);
*) x86 - Realtek r8169 updated driver;
*) zerotier - added debug logging;
*) zerotier - do not show default settings in export;
*) zerotier - upgraded to version 1.14.0;

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, please send a supout file from your router to support@mikrotik.com. File must be generated while a router is not working as suspected or after some problem has appeared on the device

Please keep this forum topic strictly related to this particular RouterOS release.
 
User avatar
tangent
Forum Guru
Forum Guru
Posts: 1656
Joined: Thu Jul 01, 2021 3:15 pm
Contact:

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 8:06 pm

Why are all of my unused network ports now marked with red "not running" errors in WinBox and matching comments in "/interface/bridge/export" output? Unused ports is not an error. I'm not going to remove these ports from the bridge just because there isn't something plugged into them at the moment.

Note that this is not specific to WinBox, else I might believe it's a 4.0beta12 issue instead. I believe it might have appeared in 7.17beta6, not rc1. (Why the rush on getting to RC, by the way?)

It's happening with all three devices here, from very different points in the MT lineup.
 
User avatar
Paternot
Forum Guru
Forum Guru
Posts: 1056
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 8:08 pm

Ah, finally a way to manually set link local address! :D

*) ipv6 - added support for manual link-local address configuration;
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1092
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 8:13 pm

Why are all of my unused network ports now marked with red "not running" errors in WinBox and matching comments in "/interface/bridge/export" output? Unused ports is not an error. I'm not going to remove these ports from the bridge just because there isn't something plugged into them at the moment.
Yes, that is a bad thing... It may make sense when printing information, but it is terrible for exports. This will cause differing output in export when ever a cable is connected or disconnected, or a wireless client is connected or disconnected. I want to see real configuration changes there only. Exclusively.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 8:24 pm

I like the colorization, but that's it. Agree with @eworm, it should not be in an export. And not sure the "extra" comments are needed in winbox/webfig if it's already colorized (but the color is kinda handy).
 
guipoletto
Member Candidate
Member Candidate
Posts: 201
Joined: Mon Sep 19, 2011 5:31 am

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 8:25 pm

""Yes, that is a bad thing... It may make sense when printing information""
It's bad when just printing too, because "comments" break tabulation, and make the output a lot harder to parse
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 8:28 pm

In the new webfig, I'm not sure the skin designer is working. I cannot seem to figure out how to create a new skin. When I do a "Design Skin", it shows a blank list and I don't see anyway to select things. Either I'm missing something in how to use new webfig's skin support, or it just is broken.

Also, given the device-mode and password are no longer null... can you finally remove the default "admin" username in webfig login screen (since ideally never be admin, and means editing the username every time).
 
eddieb
Member
Member
Posts: 354
Joined: Thu Aug 28, 2014 10:53 am
Location: Netherlands

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 9:25 pm

I am running 7.17rc on my 4 HAPAX3 here ... 1 is CAPsMAN, 3 are CAP
All works fine here, about 30 active wifi clients, mostly Apple, some W11, some IOT. No issues
 
User avatar
dang21000
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Feb 25, 2023 2:30 pm
Location: France

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 11:00 pm

WebUI is nice.
Dark mode is pleanned ?

/graphs need a relooking too.
 
User avatar
dang21000
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Feb 25, 2023 2:30 pm
Location: France

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 11:07 pm

Is it normal on RB5009 to have this value as no ?
                                 
[admmikrotik@router70a] > /system/device-mode/print 
                 mode: advanced     
           ......
          routerboard: no           
 
User avatar
gabacho4
Member
Member
Posts: 399
Joined: Mon Dec 28, 2020 12:30 pm
Location: Earth

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 11:17 pm

Is it normal on RB5009 to have this value as no ?
                                 
[admmikrotik@router70a] > /system/device-mode/print 
                 mode: advanced     
           ......
          routerboard: no           
Yes...read the thread.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Fri Nov 22, 2024 11:38 pm

impossible that webfig skin designer is broken in a RC release.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 12:01 am

impossible that webfig skin designer is broken in a RC release.
There was another thread where someone else in beta4 had the same issue. I'll note that it does work fine on a KNOT running 7.17rc1, but I reset the default configuration with the first 7.17 beta on the KNOT. But on the RB1100AHx4, it never show anything - main difference (other platform/arch) is that test RB1100 has been only upgraded, and never netinstalled/reset-configuration ever.
But this is what the RB1100AHx4 shows:
skins-show-nothing.png
You do not have the required permissions to view the files attached to this post.
 
syue87
just joined
Posts: 2
Joined: Sun Aug 16, 2020 4:18 am

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 5:14 am

On my CCR2116-12G-4S+, I can no longer connect to L2TP over IPsec VPN server with 7.17. Reverting to 7.16.1 fixed the problem.
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1389
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 6:41 am

*) netwatch - added "ignore-initial-up" and "ignore-initial-down" properties;

what exactly this does?
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 9:41 am

@webfig: maybe you need to clear browser cache (or open devtools by F12 and disable cache). Just to be sure it is not missing browser cache invalidation in webfig.
 
wispmikrotik
Member Candidate
Member Candidate
Posts: 144
Joined: Tue Apr 25, 2017 10:43 am

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 9:44 am

What's new in 7.17rc1 (2024-Nov-22 11:42):

*) health - removed board-temperature on RB5009UPr+S+IN device;

Why is it deleted? Is this value going to come back?
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 10:03 am

What's the point if there is no temperature sensor ?
 
wispmikrotik
Member Candidate
Member Candidate
Posts: 144
Joined: Tue Apr 25, 2017 10:43 am

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 10:19 am

Do I understand that in previous versions the data was fictitious?
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 11:28 am

My mistake. It should be there. It's not listed in pheripherals section but others.
 
User avatar
Ullinator
just joined
Posts: 17
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 3:04 pm

I had a strange behaviour after updating my both CHR CAPsMAN (AX) from 7.17beta6 to 7.17RC1. Both devices lost their CAPsMAN config. All entries were emty (wifi -> Config, Channel, Security, datapath aso.)
Next I tried to re-import the settings from an RSC-file, but the import hangs while importing the channel-config.
My only solution was to revent an snapshot back to 7.16.1. :-/
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 4:25 pm

that's frightening 🙀
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 5:53 pm

updated now a HAP AC2 from 7.16.1 to 7.17 RC.. All ok but I'm noticing a free space of only 192 KB, before the update I had about 450 Kb free. The only package I have is ROS and wifi-qcom-ac. I have no residues of old configurations as the 7.16.1 was reset from scratch for another problem not related to ROS. Mine is just a report, I don't know if this represents an actual problem.

I also wanted to thank Mikrotik for listening to us regarding the restrictions that were initially implemented in the first versions of 7.17, it would be even more beautiful if in the near future through this forum you could compare with us end users regarding advice and opinions on a new RB device ;) ;)
 
deadmaus911
just joined
Posts: 1
Joined: Wed Apr 25, 2018 3:47 pm

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 6:06 pm

I noticed that when a DNS forwarder is set up with DoH servers, but DoH server is not used in the DNS settings, forwarding does not work. Is this how it's supposed to work?
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Sat Nov 23, 2024 6:48 pm

I had a strange behaviour after updating my both CHR CAPsMAN (AX) from 7.17beta6 to 7.17RC1. Both devices lost their CAPsMAN config. All entries were emty (wifi -> Config, Channel, Security, datapath aso.)
Next I tried to re-import the settings from an RSC-file, but the import hangs while importing the channel-config.
My only solution was to revent an snapshot back to 7.16.1. :-/
No issue on RB5009 with capsman.
Just FYI.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 9:53 am

I noticed that when a DNS forwarder is set up with DoH servers, but DoH server is not used in the DNS settings, forwarding does not work. Is this how it's supposed to work?
Yes, according to docs these forwarders are used for DNS FWD entries only.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 4:24 pm

Anybody give an OK for Hap ax2 running capsman, I wouldn't want my config to explode!
 
nick533
just joined
Posts: 1
Joined: Thu Nov 07, 2024 6:26 am

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 5:18 pm

Here, I have my 4 HAPAX3 running 7.17rc. Three is CAP, and one is CAPsMAN.
With roughly 30 active wifi clients—mostly Apple, some W11, and some IOT—everything is operating smoothly here. No problems Tiblor
Last edited by nick533 on Fri Dec 06, 2024 10:32 am, edited 1 time in total.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 5:26 pm

Cheers Nick
 
oreggin
Member Candidate
Member Candidate
Posts: 201
Joined: Fri Oct 16, 2009 9:21 pm

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 10:13 pm

Anybody give an OK for Hap ax2 running capsman, I wouldn't want my config to explode!
You can try it without harm. Repartition the hapax2 with two partition, on part0, stay 7.16.1, copy that onto part1 and switch to part1, then upgrade it to 7.17. If it is messed up itself, you can switch back to part0.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 10:20 pm

Anybody give an OK for Hap ax2 running capsman, I wouldn't want my config to explode!
You can try it without harm. Repartition the hapax2 with two partition, on part0, stay 7.16.1, copy that onto part1 and switch to part1, then upgrade it to 7.17. If it is messed up itself, you can switch back to part0.
I'm not sure that help... Maybe? But it be predicated on unlocking device-mode to change the partition to "switch partition" once at 7.17. So if it theoretically didn't boot, you won't be able to switch.
 
Sheriff1972
newbie
Posts: 31
Joined: Fri Feb 16, 2018 7:48 pm

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 10:43 pm

Cheers Nick
Keen to hear how you get on here!
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Sun Nov 24, 2024 11:47 pm

The new webfig has a similar problem to winbox4 where that status/flags are very difficult to interpret. For example, LINK OK and NO LINK are radically different states - yet the only difference is the text inside.
Screenshot 2024-11-22 at 7.31.57 PM.png
Screenshot 2024-11-22 at 7.32.11 PM.png

Being disabled/reversed is what old webfig did and it was far more readable. Or perhaps using colors and/or being positional by state allow you can "see" the different states more visually.
Screenshot 2024-11-22 at 7.31.38 PM.png
You do not have the required permissions to view the files attached to this post.
 
Arthur2000
just joined
Posts: 5
Joined: Wed Jul 12, 2023 9:40 am

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 6:13 am

bug report:
Files window is empty in version 7.17rc1 (whatever WinBox v3.x or v4.x), but more than 30000 files could be shown in version 7.16.1.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 7:36 am

syue87, Arthur2000 - Please send supout file from your router to support@mikrotik.com.
deadmaus911 - We will look into this forwarders issue.
Ullinator - Please send supout file from your router to support@mikrotik.com. If you refer to the old CAPsMAN - are you sure that wireless package is installed?
 
ajdmh
just joined
Posts: 11
Joined: Wed Mar 31, 2021 2:45 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 9:14 am

In some cases, editing the <default.json> file incorrectly can cause the web page to become inaccessible. However, what surprises me is that the Winbox client also crashes directly. Why does the Winbox client share the same JSON file with the web interface? I can't understand this design choice.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 9:21 am

Why does the Winbox client share the same JSON file with the web interface? I can't understand this design choice.

It is possible to create a "skin" ... like hiding certain interface items. And at least winbox 3 did conform to those skin settings. Which probably means that winbox is supposed to read that same JSON. As to crashing due to incorrect settings ... that's something shouldn't happen.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 9:29 am


You can try it without harm. Repartition the hapax2 with two partition, on part0, stay 7.16.1, copy that onto part1 and switch to part1, then upgrade it to 7.17. If it is messed up itself, you can switch back to part0.
I'm not sure that help... Maybe? But it be predicated on unlocking device-mode to change the partition to "switch partition" once at 7.17. So if it theoretically didn't boot, you won't be able to switch.
I've just updated My Hap ax2 with the following settings via the normal upgrade path.
system/device-mode/print             
                 mode: advanced
              flagged: no      
     flagging-enabled: yes     
            scheduler: yes     
                socks: yes     
                fetch: yes     
                 pptp: yes     
                 l2tp: yes     
       bandwidth-test: yes     
          traffic-gen: no      
              sniffer: yes     
                ipsec: yes     
                romon: yes     
                proxy: yes     
              hotspot: yes     
                  smb: yes     
                email: yes     
             zerotier: yes     
            container: no      
  install-any-version: yes     
           partitions: no      
          routerboard: no      
        attempt-count: 0
 
ajdmh
just joined
Posts: 11
Joined: Wed Mar 31, 2021 2:45 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 9:52 am

Why does the Winbox client share the same JSON file with the web interface? I can't understand this design choice.

It is possible to create a "skin" ... like hiding certain interface items. And at least winbox 3 did conform to those skin settings. Which probably means that winbox is supposed to read that same JSON. As to crashing due to incorrect settings ... that's something shouldn't happen.
What's even more unbelievable is that resetting doesn't resolve the issue, the client keeps crashing, and the only solution is to use Netinstall. Therefore, everyone must remember not to edit the default default.json file. Always create a new JSON file for editing. Never modify the skin files used by the administrator!
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 10:09 am

just delete the default.json file. did this not help?
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 10:16 am

device mode with partitions=no only denies creating new partitions, you can still switch partitions like you used to do
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 11:58 am

And probably delete partitions is restricted as well.
 
WeWiNet
Long time Member
Long time Member
Posts: 610
Joined: Thu Sep 27, 2018 4:11 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 12:21 pm

*) winbox - added "Copy to Access List" option under "WiFi/Registration" menu;
YES! Finally this is back.
Thanks Mikrotik!

(adding also the IP address per client in the registration table, as it was in ROS6, would be fantastic).
 
User avatar
cyrq
just joined
Posts: 10
Joined: Sat Mar 11, 2023 12:19 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 1:32 pm

Updated from 7.16.1, hAP ax^3. Everything works except there was an ovpn server created (not by me); this was reported by someone in one of the earlier betas.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 3:10 pm

See the changelog:

*) ovpn - added VRF support to OVPN server (server menu now supports multiple entries and previous server configuration is automatically imported);

That first OVPN server that you have is the default server, same as there was one before.
 
sinisa
newbie
Posts: 34
Joined: Sun Apr 17, 2011 12:46 am

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 3:23 pm

*) winbox - added "Copy to Access List" option under "WiFi/Registration" menu;
YES! Finally this is back.
Thanks Mikrotik!

(adding also the IP address per client in the registration table, as it was in ROS6, would be fantastic).
I seem to remember that in (one if the) previous Capsman(s) there was even name from dhcp server if client registers one.
I'd love to see that next to MAC in Registration table...
 
User avatar
Ullinator
just joined
Posts: 17
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 3:41 pm

syue87, Arthur2000 - Please send supout file from your router to support@mikrotik.com.
deadmaus911 - We will look into this forwarders issue.
Ullinator - Please send supout file from your router to support@mikrotik.com. If you refer to the old CAPsMAN - are you sure that wireless package is installed?
done.
SUP-172313
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 3:44 pm

See the changelog:

*) ovpn - added VRF support to OVPN server (server menu now supports multiple entries and previous server configuration is automatically imported);

That first OVPN server that you have is the default server, same as there was one before.
I'd like to add this:

This shows you the "default configuration". One disabled ovpn-server was/is always there - even if you do not use ovpn server at all.
/interface/ovpn-server/export verbose
 
igorr29
Frequent Visitor
Frequent Visitor
Posts: 83
Joined: Tue Jan 02, 2024 12:53 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 5:07 pm

first time seeing the DEVICE MODE. upgrading from beta2, this was a nightmare.
it didn't want to upgrade by simply copying the npk into files. when i wanted to reboot it into netinstall - it said DEVICE MODE doesn't allow me to do it ! after checking which device mode i'm in - i'm in advanced mode. why it wouldn't let me change boot mode in advanced mode?

then i had to netinstall it manually - and it went back to using the DEVICE PASSWORD that is on the sticker on the device itself. really!? can that default password somehow be deleted forever so it doesn't pop up after 5 years again? because if that happens again, i'll just throw the device in the garbage out of stress.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 5:26 pm

One disabled ovpn-server was/is always there - even if you do not use ovpn server at all.
Configuration is upgraded and new server is created only if in older version at leat one parameter in server configuration was set by you to non-default value.
 
Guntis
MikroTik Support
MikroTik Support
Posts: 203
Joined: Fri Jul 20, 2018 1:40 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 5:32 pm

can that default password somehow be deleted forever so it doesn't pop up after 5 years again?
You can set a custom configuration with help of branding, or you can choose not to apply default configuration in Netinstall.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 5:57 pm

One disabled ovpn-server was/is always there - even if you do not use ovpn server at all.
Configuration is upgraded and new server is created only if in older version at leat one parameter in server configuration was set by you to non-default value.
Word. I am going to observe/check once 7.17 final arrives and I upgrade my devices.
 
CGGXANNX
Member Candidate
Member Candidate
Posts: 250
Joined: Thu Dec 21, 2023 6:45 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 6:29 pm

One disabled ovpn-server was/is always there - even if you do not use ovpn server at all.
Configuration is upgraded and new server is created only if in older version at leat one parameter in server configuration was set by you to non-default value.
There's the certificate parameter that, once set, can no longer be removed anymore.
 
User avatar
sirbryan
Member
Member
Posts: 400
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 6:34 pm

The new webfig has a similar problem to winbox4 where that status/flags are very difficult to interpret. For example, LINK OK and NO LINK are radically different states - yet the only difference is the text inside.

Being disabled/reversed is what old webfig did and it was far more readable. Or perhaps using colors and/or being positional by state allow you can "see" the different states more visually.
Screenshot 2024-11-22 at 7.31.38 PM.png
Agreed.

While I appreciate the desire to "modernify" things, let's not do "fancy new stuff" at the cost of usability and "muscle memory" loss.

Graphic designers (and the bosses who approve their decisions) almost never seem to be the type of people who have to use the stuff they design, particularly when under pressure (network down, clients mad, etc.). When you're "under the gun," so to speak, you don't have time to "read" all the words. Your eyes scan the interface for visual clues like different colors, shapes, icons, etc.

In other words, making everything look the same makes it harder to use the product, not easier.

I will repeat my requests from the WinBox 4 thread: we need visual cues like contrast and separation (lines, alternating colors/grays) with such an information-dense environment.
 
igorr29
Frequent Visitor
Frequent Visitor
Posts: 83
Joined: Tue Jan 02, 2024 12:53 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 8:18 pm

can that default password somehow be deleted forever so it doesn't pop up after 5 years again?
You can set a custom configuration with help of branding, or you can choose not to apply default configuration in Netinstall.
can you elaborate the 1st part? i'm used to mikrotik devices not having a default password. i want the ones i admin to be the same. i'll change the password later on, but the default one should be empty.
 
codelogic
just joined
Posts: 15
Joined: Fri Dec 20, 2019 2:18 am

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 8:22 pm

In other words, making everything look the same makes it harder to use the product, not easier.

I will repeat my requests from the WinBox 4 thread: we need visual cues like contrast and separation (lines, alternating colors/grays) with such an information-dense environment.
1000% agree. I don’t mind a redesign but usability suffers greatly in this new “look” vs the traditional webfig, by FAR. The colors/contrast between buttons/items in the old design was a huge assist. The display was also “denser” and I could see more at a glance compared to this newfangled design…
 
pyfgcrl
just joined
Posts: 8
Joined: Tue Nov 20, 2012 11:26 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 8:30 pm

first time seeing the DEVICE MODE. upgrading from beta2, this was a nightmare.
it didn't want to upgrade by simply copying the npk into files. when i wanted to reboot it into netinstall - it said DEVICE MODE doesn't allow me to do it ! after checking which device mode i'm in - i'm in advanced mode. why it wouldn't let me change boot mode in advanced mode?

then i had to netinstall it manually - and it went back to using the DEVICE PASSWORD that is on the sticker on the device itself. really!? can that default password somehow be deleted forever so it doesn't pop up after 5 years again? because if that happens again, i'll just throw the device in the garbage out of stress.
/system/device-mode settings were applied when you upgraded to 7.17beta2, which is why you are having difficulty on 7.17rc1 after not reading the notes and help pages.

https://help.mikrotik.com/docs/spaces/R ... evice-mode

You didn't have to netinstall to update to 7.17rc1 — you could have just changed your device mode settings.

As for the password when you reset to default, the password is algorithmically assigned based on the product serial number of the device. That was done a while back for newer devices as part of the legislative directives in many locales about not having a static trivial password like "admin" or "default" or <blank/no password> as you may have recalled from the past. The default password on newer devices when reset is unique to your device and was included on the sticker in the leaflet in the box.

Personally, I always think it's a good idea to understand what has changed in (especially beta) software you are installing so as to not get angry over changes that were stated at the time of the beta release…
 
toxicfusion
Member
Member
Posts: 324
Joined: Mon Jan 14, 2013 6:02 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 9:25 pm

first time seeing the DEVICE MODE. upgrading from beta2, this was a nightmare.
it didn't want to upgrade by simply copying the npk into files. when i wanted to reboot it into netinstall - it said DEVICE MODE doesn't allow me to do it ! after checking which device mode i'm in - i'm in advanced mode. why it wouldn't let me change boot mode in advanced mode?

then i had to netinstall it manually - and it went back to using the DEVICE PASSWORD that is on the sticker on the device itself. really!? can that default password somehow be deleted forever so it doesn't pop up after 5 years again? because if that happens again, i'll just throw the device in the garbage out of stress.
I agree

The randomized device password on the bottom of the device on "enterprise" series equipment is bullshit. After 12-years we're DONE with MikroTik and slowly moving away, moving to another vendor [Camb...] for these set of customers. [Portion of customers we dont deploy Meraki or Fortinet]

Device-mode, and the randomized password.

We cannot even set a new admin password on reset, have to keep track of EVERY customer MikroTik device - documented/noted in-case device is factory reset.

IE: We had this issue when resetting for CAPS mode, device would have sticker password. Huge pain in ass.

Until MikroTik pulls head out of their ass with this added layer of complexity. They need to look to what other vendors are doing.

For the hAP or SOHO series, sticker password is fine for residential consumers.
CCR, Enterprise level hardware from MikroTik -- we have to ask our Distributors for the device password after purchase, and have it well documented.

Then any outdoor equipment that is exposed to weather and elements. That sticker will fade and not hold up.... RIP
Last edited by toxicfusion on Mon Nov 25, 2024 9:31 pm, edited 1 time in total.
 
toxicfusion
Member
Member
Posts: 324
Joined: Mon Jan 14, 2013 6:02 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 9:28 pm

I must say.

if MIkroTik would ADOPT a CLOUD provisioning portal for us WISP/SOHO/Enterprise - make it licensed or free. This would ALL be resolved. We can register the serial and then perform the configuration. That way device is locked to a controller or management, locally made changes will not persist reboots. This is what other vendors do.
 
S8T8
Member Candidate
Member Candidate
Posts: 127
Joined: Thu Sep 15, 2022 7:15 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 9:39 pm

Following all the v7.17 topics, between various complaints, it's not clear what are the know issues.
Couple release ago we had an improvement in the changelog, a step further would be nice, as example take a look at TrueNAS or Uptime-Kuma release notes.
https://www.truenas.com/docs/core/13.0/ ... easenotes/
- New features
- Improvement
- Bug
- Know issues
are perfectly understandable.

@Normis is trying a better approach with Winbox 4.
Manual edit of the first post form EdPa, Guntis or other experts is a good start, not only for consumers but also for expert who can't experience issues.
Sometimes @Normis and support suggest to "try" beta release but something could be fixed and else broken.

Thanks!
 
rzirzi
Member
Member
Posts: 393
Joined: Mon Oct 09, 2006 2:33 pm

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 10:43 pm

DEVICE MODE and blocked some features/services/functions - are NIGHTMARE.
MikroTik Team should withdraw that "feature" or leave default enabled all functions.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Mon Nov 25, 2024 10:55 pm

Following all the v7.17 topics, between various complaints, it's not clear what are the know issues.
Agree on known issues for beta, but by "rc", ideally there shouldn't be any.

Now device-mode does deserve "top billing" with the !) since it changes behavior...
 
RavenWing71
newbie
Posts: 36
Joined: Thu May 12, 2011 3:52 am

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 3:08 am

Has anyone gotten
*) dhcpv6-server - added IPv6 address delegation support;
working yet? I see in Winbox where there is now an Address Pool setting. But I can't seem to figure out what the settings for the Pool need to be. It was mentioned in the Beta thread that the prefix length should be 128, but if you attempt to create a pool with prefix-length=128 you get "failure: up to 63bit prefix blocks are supported!"
Does the Interface need a global address, or do I leave it with just it's Link Local address?
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 8:11 am

Address pool must be /64 or smaller to be divided into /128 prefixes. Currently, IPv6 pool does not support "more prefixes" per pool.
Has anyone gotten
*) dhcpv6-server - added IPv6 address delegation support;
working yet? I see in Winbox where there is now an Address Pool setting. But I can't seem to figure out what the settings for the Pool need to be. It was mentioned in the Beta thread that the prefix length should be 128, but if you attempt to create a pool with prefix-length=128 you get "failure: up to 63bit prefix blocks are supported!"
Does the Interface need a global address, or do I leave it with just it's Link Local address?
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 8:14 am

Those of you who tried early BETA versions will have entirely different behavior of device mode and other functions. Do not upgrade your production devices to BETA versions to avoid undesired behavior. The experience of upgrading stable to stable will be different. The point of beta versions is to test features, report issues etc. which is why features such as device mode can get entirely different functionality during the beta phase. If you are not prepared for testing and failing, please do not install the betas.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 8:20 am

Upgraded home-RB5009 from 7.17beta6 to rc1, containers, capsman, ...
Winbox3.41

- lots of dialogs with empty info at first (Files, Wireless Registration, Capsman Remote Cap, DHCP Lease, ...). Only after sometimes minutes the info came through.
- some containers started, some not. No reason visible why.
- change of settings on some items not saved
- disconnects from Winbox after some minutes, restores connection and then disconnects again after some minutes.
- overall it feels incredibly sluggish.

Reverted back to 7.17beta6. All normal again.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 8:34 am

Really hope you made a supout.rif file and sent to support, before downgrading back to beta
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 8:48 am

Nope, didn't have the time to do so ( and to be honest, totally forgot).
I had to get my network back up because I had to start working.

I may try again this evening.
 
lubomirs
just joined
Posts: 6
Joined: Tue Feb 05, 2019 4:07 pm

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 9:00 am

"... The default password on newer devices when reset is unique to your device and was included on the sticker in the leaflet in the box. ..."
But only for a while before you lose the box and the labels with your fingers when you download them, like on my ac2. . .
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 9:10 am

lubomirs, how many things can you lose, especially if you know those things are important? put them in a safe!

label is on 3 different things: device, box, instruction sheet.
password is also available online in your account (or at the distributor).
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 10:12 am

Upgraded home-RB5009 from 7.17beta6 to rc1, containers, capsman, ...
Winbox3.41

- lots of dialogs with empty info at first (Files, Wireless Registration, Capsman Remote Cap, DHCP Lease, ...). Only after sometimes minutes the info came through.
- some containers started, some not. No reason visible why.
- change of settings on some items not saved
- disconnects from Winbox after some minutes, restores connection and then disconnects again after some minutes.
- overall it feels incredibly sluggish.

Reverted back to 7.17beta6. All normal again.
I had 100% same issue few times now on HAP AX3 after some beta updates where exactly everything was empty as you described, i couldnt create supout no matter how i tried.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 10:14 am

Without RIF file, we can't fix issues that only some people have observed.
 
sinisa
newbie
Posts: 34
Joined: Sun Apr 17, 2011 12:46 am

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 11:01 am

password is also available online in your account...
How? I don't see any option to add devices/passwords to my account...
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 11:11 am

If you bought the device from a distributor, not by yourself, you will have to ask the company you bought the device from
 
lubomirs
just joined
Posts: 6
Joined: Tue Feb 05, 2019 4:07 pm

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 11:45 am

password is also available online in your account...
How? I don't see any option to add devices/passwords to my account...
What account are we talking about here? Did I miss something? I'm just a home user, an amateur, but a fan
You can't find a lot of things when downloading :-), but the point was that you can wipe the pressure on the AC2 label with your finger. . . .
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 11:52 am

Please read my responses, before asking the same thing again.
hAP ac2 is an older product. New product stickers are durable.
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 4:42 pm

DEVICE MODE and blocked some features/services/functions - are NIGHTMARE.
MikroTik Team should withdraw that "feature" or leave default enabled all functions.
I'm inclined to agree...

The end of the year is coming, and so is Black Friday[1]

My suggestion would be something like:
In this upcoming version, implement this compartmentalization of features that is already proposed, but for now, let's go with all of them enabled (or at least almost all of them).
And for the first version of 2025, start selectively disabling the functions.

[1] For the love of God, they're not going to release a stable version on Black Friday like they did sometimes in the past... It's already a hectic day in the life of every network operator... Another little surprise as a software update wouldn't be pleasant.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 4:50 pm

[1] For the love of God, they're not going to release a stable version on Black Friday like they did sometimes in the past... It's already a hectic day in the life of every network operator... Another little surprise as a software update wouldn't be pleasant.
And ??
You're not letting updates pass through automatically, are you ?
What's the issue then ?
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 5:31 pm

And ??
You're not letting updates pass through automatically, are you ?
What's the issue then ?
Me? No! I do not!

I don't know if I've ever mentioned this before.
But I really like sleeping! And I hate being woken up in the middle of the night.
Yeah, I know, it's a contradiction for someone who works in Telecommunications, right?

Well, like I said... I don't let updates pass through automatically.

But it's a fact that as ASN operators, the stability of the networks we operate ends up being more influenced by the actions of third parties than by our own.
And since I serve several networks that use RouterOS, the choice of freezing or not ends up directly influencing the interruptions to my sleep...
 
User avatar
Paternot
Forum Guru
Forum Guru
Posts: 1056
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 6:00 pm

I don't know if I've ever mentioned this before.
But I really like sleeping! And I hate being woken up in the middle of the night.
You slacker! To the mines with You!
HUEHUEHUE BR BR BR
 
RavenWing71
newbie
Posts: 36
Joined: Thu May 12, 2011 3:52 am

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 7:25 pm

Address pool must be /64 or smaller to be divided into /128 prefixes. Currently, IPv6 pool does not support "more prefixes" per pool.
Has anyone gotten working yet? I see in Winbox where there is now an Address Pool setting. But I can't seem to figure out what the settings for the Pool need to be. It was mentioned in the Beta thread that the prefix length should be 128, but if you attempt to create a pool with prefix-length=128 you get "failure: up to 63bit prefix blocks are supported!"
Does the Interface need a global address, or do I leave it with just it's Link Local address?
I'm still not understanding somehow. I interpret what you said to be:
[admin@TestMTik2] > /ipv6/pool add name=IA-Pool_2024-11-26 prefix=abcd:ef12:fffe:ffff::/64 prefix-length=128
failure: up to 63bit prefix blocks are supported!
So, could you give an example of creating a pool that will work as an address pool?
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 8:02 pm

Without RIF file, we can't fix issues that only some people have observed.
Funny, i just upgraded SXTsq to 7.17rc and same thing happend, all menus empty and winbox keeps disconnecting over ip, mac or romon, dont know how to give you any usefull log...
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 9:41 pm

some post moved to new place.
viewtopic.php?t=212859

Continue the complaining there please.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Tue Nov 26, 2024 10:01 pm

Without RIF file, we can't fix issues that only some people have observed.
For your convenience I upgraded again to 7.17rc1.

Result:
2024-11-26_20-26-16.jpg
Nice empty windows. Supout could not be created (dead hang and frequent disconnect from Winbox).

Downgrading resulted in dead device. I had to power toggle to bring it back to its senses (luckily it was only that) and then it was still at 7.17rc1.
2nd attempt worked. BTW loading the "downgrade" packages first time (ROS, zerotier, container and dude) was SUPER slow. On a direct 1Gb link from PC to device ??
Had to reboot AGAIN and then speed was normal.

SUP-172464 created.
No way to create supout.rif after upgrade (it hangs at 2%) therefor I added pre-upgrade sup so you guys can upgrade on your material and see what happens (I learned from previous mistakes, you see ...).

Oddly enough, Hex Refresh upgraded without a hitch. Coming from the same 7.17beta6.

In a couple of weeks I will have some down-time from work, maybe I should use that time to netinstall that RB5009 (has been quite a while since I did that since I have it).
You do not have the required permissions to view the files attached to this post.
 
User avatar
ghostinthenet
Trainer
Trainer
Posts: 34
Joined: Sun Apr 04, 2021 1:36 pm
Location: Niagara-on-the-Lake, Canada
Contact:

Re: v7.17rc [testing] is released!

Wed Nov 27, 2024 1:13 am

Ah, finally a way to manually set link local address! :D

*) ipv6 - added support for manual link-local address configuration;

Now we just need a way to disable or remove the dynamic link-local address once we've set an administrative one. That's still not there.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.17rc [testing] is released!

Wed Nov 27, 2024 8:07 am

My apologies for the "wrong" explanation. I did mean smaller than /64 - 65, 66, ...
Address pool must be /64 or smaller to be divided into /128 prefixes. Currently, IPv6 pool does not support "more prefixes" per pool.

I'm still not understanding somehow. I interpret what you said to be:
[admin@TestMTik2] > /ipv6/pool add name=IA-Pool_2024-11-26 prefix=abcd:ef12:fffe:ffff::/64 prefix-length=128
failure: up to 63bit prefix blocks are supported!
So, could you give an example of creating a pool that will work as an address pool?
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Wed Nov 27, 2024 12:01 pm

One disabled ovpn-server was/is always there - even if you do not use ovpn server at all.
Configuration is upgraded and new server is created only if in older version at leat one parameter in server configuration was set by you to non-default value.
I installed 7.16.1 from scratch on AC2 without default configuration, gradually applying my changes from the RSC file. Since I've been using ROS I've never used OpenVPN because I was using L2TP and now Wireguard. From 7.16.1 I switched to 7.17rc1 and I find a disabled OpenVPN server and, going to recheck my RSC backup files I don't have any OpenVPN entries. If I understand what you mean, if ROS during the upgrade did not detect any changes to the default configuration it did NOT create any OpenVPN server, but in my case it appeared anyway. Mine is just a report hoping to be of some help
 
azerty
just joined
Posts: 2
Joined: Fri Jan 20, 2023 5:55 pm

Re: v7.17rc [testing] is released!

Wed Nov 27, 2024 8:06 pm

Hi @strods and @normis, problem with device-mode with TR069 without physical access SUP-172578
 
sjoukes
just joined
Posts: 9
Joined: Wed Nov 01, 2017 5:44 pm

Re: v7.17rc [testing] is released!

Thu Nov 28, 2024 10:48 am

Is it possible to provide a bit more information on this change?
*) ethernet - improved interface stability for RB4011 devices;
Which problem does it solve and when/why did it occur on previous versions.
 
whatever
Member
Member
Posts: 366
Joined: Thu Jun 21, 2018 9:29 pm

Re: v7.17rc [testing] is released!

Thu Nov 28, 2024 12:14 pm

*) ethernet - improved interface stability for RB4011 devices;
Any chance this fixes interface flapping which occurs when directly connecting to specific devices, like AVM 6591?
 
azerty
just joined
Posts: 2
Joined: Fri Jan 20, 2023 5:55 pm

Re: v7.17rc [testing] is released!

Thu Nov 28, 2024 5:38 pm

For device-mode, it’s not possible to get/print the value of activation-timeout in cli/script.
The device mode menu is not present on the last winbox beta.

SUP-172644
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.17rc [testing] is released!

Thu Nov 28, 2024 8:18 pm

Is it possible to provide a bit more information on this change?
*) ethernet - improved interface stability for RB4011 devices;
Which problem does it solve and when/why did it occur on previous versions.
.
I have quite a few RB4011s and, to be honest, never faced any problems at all with ethernet interfaces stability or anything like that.
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 9:49 am

Just attempted to upgrade to 7.17 RC - have to rollback immediately. No devices will connect to 5 GHz - have no time to spend on further investigation, but something appears not to be OK for sure...
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 10:10 am

Just attempted to upgrade to 7.17 RC - have to rollback immediately. No devices will connect to 5 GHz - have no time to spend on further investigation, but something appears not to be OK for sure...
Next time choose a moment where you can do some investigation. There could be a perfect good reason (DFS scanning for 10 min?) why clients couldn't connect. As well provide relevant info like device model. Did you also upgrade firmware? What config are you using?
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 10:41 am

What's new in 7.17rc2 (2024-Nov-28 16:09):

!) webfig - redesigned HTML, styling and functionality (additional fixes);
*) bridge - added message for inactive port reason (additional fixes);
*) device-mode - added routerboard, install-any-version and partitions features (additional fixes);
*) dhcpv6-server - fixed DHCPv6 server "address-pool" property showing in command line as "unknown" when real value is "static-only";
*) dns - added option to create named DNS servers that can be used as forward-to servers (additional fixes);
*) file - improved service stability when processing a lot of files (introduced in v7.17rc1);
*) ipv6 - added support for manual link-local address configuration (additional fixes);
*) webfig - allow style.css and script.js in branding packages;
*) webfig - redirect "/help/license.html" to "/license.txt" for backwards compatibility;
*) winbox - clear "Value" field when unset under "IP/DNS/Static" menu;
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 10:48 am

Just attempted to upgrade to 7.17 RC - have to rollback immediately. No devices will connect to 5 GHz - have no time to spend on further investigation, but something appears not to be OK for sure...
Next time choose a moment where you can do some investigation. There could be a perfect good reason (DFS scanning for 10 min?) why clients couldn't connect. As well provide relevant info like device model. Did you also upgrade firmware? What config are you using?
Well, bad went to worse... My RB5009 router lost a lot of config when reverting... All leases are gone, DHCP is not responding to requests... Need to find a backup file and restore...
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 11:02 am

Router restored with backup... Now on to figure out what the heck has happened... Seems dangerous to revert from 7.17RC to 7.16 Stable...
Scary... Need to check that my AP´s config is also OK...
Seems like devices are now able to connect to 5G at least, something weird happened in 7.17RC...
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 11:03 am

... something weird happened in 7.17RC...
Really ?
viewtopic.php?p=1111415#p1111415
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 11:30 am

Next time partition the router and copy partition before upgrade, then you can simply revert by switching partitions as long as the device isn't completely corrupted...
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 11:33 am

Will consider partitioning next time... My bad, though....
 
azerty
just joined
Posts: 2
Joined: Fri Jan 20, 2023 5:55 pm

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 12:14 pm

For device-mode, it’s not possible to get/print the value of activation-timeout in cli/script.
The device mode menu is not present on the last winbox beta.

SUP-172644
Same problem with RC2.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 1:12 pm

Activation is intended to be "started" while command is being viewed. Thus, the error is not some kind of parameter, but an informative message. Why would you need to get it into a variable?

Yes, device-mode is currently not implemented in GUI. These are not issues/bugs.
 
azerty
just joined
Posts: 2
Joined: Fri Jan 20, 2023 5:55 pm

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 2:17 pm

Activation is intended to be "started" while command is being viewed. Thus, the error is not some kind of parameter, but an informative message. Why would you need to get it into a variable?

Yes, device-mode is currently not implemented in GUI. These are not issues/bugs.
I need to get this value because the command /system device-mode update activation-timeout=1h ... is launch in a script (default custom configuration). I would like to modify this timeout when router is in "production" but i need to compare value for knowing if i need to run a new command.

Can Mikrotik staff add a feature for set device-mode parameters in branding package?
 
User avatar
baragoon
Member
Member
Posts: 382
Joined: Thu Jan 05, 2017 10:38 am
Location: Kyiv, UA
Contact:

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 5:31 pm

Next time partition the router and copy partition before upgrade, then you can simply revert by switching partitions as long as the device isn't completely corrupted...
partitioning is a great thing, but... it is not available everywhere, I wish to have it for CHR, but again... but... but... but...
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 6:27 pm

Next time partition the router and copy partition before upgrade, then you can simply revert by switching partitions as long as the device isn't completely corrupted...
partitioning is a great thing, but... it is not available everywhere, I wish to have it for CHR, but again... but... but... but...
The user I replied to has an RB5009 which is well suited to partitioning.
Indeed it would be nice when it would be added to CHR as well, but usually CHR is run under a hypervisor and it already has features for snaphot or image backup.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1518
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 8:26 pm

Just tested with my RB5009 and upgrade to 7.17rc2 went without a problem. I did a config backup just in case.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 8:37 pm

Well, that planned netinstall came earlier then expected.
Wanted to partition my device for future mishaps. Completely bricked.

Luckily I had an export from 3 days ago. Biggest problem was getting netinstall to work (after some attempts with Windows. I used container on AX3, first time right).
 
RavenWing71
newbie
Posts: 36
Joined: Thu May 12, 2011 3:52 am

Re: v7.17rc [testing] is released!

Fri Nov 29, 2024 10:08 pm

My apologies for the "wrong" explanation. I did mean smaller than /64 - 65, 66, ...


I'm still not understanding somehow. I interpret what you said to be:
[admin@TestMTik2] > /ipv6/pool add name=IA-Pool_2024-11-26 prefix=abcd:ef12:fffe:ffff::/64 prefix-length=128
failure: up to 63bit prefix blocks are supported!
So, could you give an example of creating a pool that will work as an address pool?
Requiring that the pool's prefix be longer than a /64 feels weird. The RFCs and IPv6 educational materials all stress assigning a /64 to a point-to-multipoint interface and even say to allocate a /64 when using a pair of /128s for a point-to-point link. But... This does work:
/ipv6/pool add name=IA-Pool_2024-11-29 prefix=abcd:ef12:fff0:ffff::/65 prefix-length=128
Note: When I assigned an IPv6 Address from the IA-Pool to the DHCPv6 server's interface, it assigned abcd:ef12:fff0:ffff::0/128 to the interface, which is reserved as an anycast address for all routers on the link. While I doubt it will cause me any grief, I do think it's worth noting.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.17rc [testing] is released!

Sat Nov 30, 2024 12:20 pm

Just tested with my RB5009 and upgrade to 7.17rc2 went without a problem. I did a config backup just in case.
Which version did you come from, just curious..
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.17rc [testing] is released!

Sat Nov 30, 2024 12:31 pm

cAP AX/hAP AX updated to 7.17RC2 from RC1 no problems to report.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1518
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.17rc [testing] is released!

Sat Nov 30, 2024 2:20 pm

Just tested with my RB5009 and upgrade to 7.17rc2 went without a problem. I did a config backup just in case.
Which version did you come from, just curious..
7.17beta2
 
itimo01
newbie
Posts: 26
Joined: Thu Jun 29, 2023 2:55 am
Location: Germany
Contact:

Re: v7.17rc [testing] is released!

Sat Nov 30, 2024 9:39 pm

Well, that planned netinstall came earlier then expected.
Wanted to partition my device for future mishaps. Completely bricked.
+1 here

Partitioning deleted the RouterOS Install, which made the router boot loop. (ax3)
Was on rc1 when i partitioned.

I also noticed if you do an export, the "remote-image" variable for containers won't be exported.
And it exported this bridge entry for me:
add bridge=bridge interface=*9 internal-path-cost=10 path-cost=10
Which it can't import since it doesn't understand what interface *9 is.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Sat Nov 30, 2024 11:04 pm

That container thing I saw as well.
Luckily it was pretty straightforward to bring them back to life.
 
User avatar
Kentzo
Long time Member
Long time Member
Posts: 618
Joined: Mon Jan 27, 2014 3:35 pm
Location: California

Re: v7.17rc [testing] is released!

Sat Nov 30, 2024 11:54 pm

*) dhcpv6-server - added IPv6 address delegation support;
Do I understand it correctly that it's for RFC 8415 Section 6.2 DHCP for Non-temporary Address Assignment? Because if it is, then I agree with @RavenWing71 in that it should not have assigned the reserved anycast address (RFC 5453) nor restricted pool's prefix length to be >64.
 
techfellow
just joined
Posts: 4
Joined: Wed Mar 06, 2024 7:51 pm

Re: v7.17rc [testing] is released!

Sun Dec 01, 2024 11:06 am

I have upgraded from 7.17 beta to rc2 and I started to see strange connections to Mikrotik servers every 2-4 minutes:
I think it is related to "Cloud" DDNS settings as it uses same port - https://help.mikrotik.com/docs/spaces/R ... 9929/Cloud
I see there is also change in /IP/Cloud/DDNS Enabled settings - from 'On'/'Off' it changed to 'auto'/'yes' <lol>
Why Mikrotik would turn it on for all devices ?

2024-12-01 07:12:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:56093->159.148.147.201:15252, len 66
 2024-12-01 07:14:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50341->159.148.172.251:15252, len 66
 2024-12-01 07:16:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:41291->159.148.147.201:15252, len 66
 2024-12-01 07:18:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:44424->159.148.172.251:15252, len 66
 2024-12-01 07:20:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:42243->159.148.147.201:15252, len 66
 2024-12-01 07:22:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:56078->159.148.172.251:15252, len 66
 2024-12-01 07:24:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:34422->159.148.147.201:15252, len 66
 2024-12-01 07:26:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:46383->159.148.172.251:15252, len 66
 2024-12-01 07:28:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43185->159.148.147.201:15252, len 66
 2024-12-01 07:30:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43861->159.148.172.251:15252, len 66
 2024-12-01 07:32:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43470->159.148.147.201:15252, len 66
 2024-12-01 07:34:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:53107->159.148.172.251:15252, len 66
 2024-12-01 07:36:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:46675->159.148.147.201:15252, len 66
 2024-12-01 07:38:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:40088->159.148.172.251:15252, len 66
 2024-12-01 07:40:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:54119->159.148.147.201:15252, len 66
 2024-12-01 07:42:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:34392->159.148.172.251:15252, len 66
 2024-12-01 07:44:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:45126->159.148.147.201:15252, len 66
 2024-12-01 07:46:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:37292->159.148.172.251:15252, len 66
 2024-12-01 07:48:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:38440->159.148.147.201:15252, len 66
 2024-12-01 07:50:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:41124->159.148.172.251:15252, len 66
 2024-12-01 07:52:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:49589->159.148.147.201:15252, len 66
 2024-12-01 07:54:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:48507->159.148.172.251:15252, len 66
 2024-12-01 07:56:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:33504->159.148.147.201:15252, len 66
 2024-12-01 07:58:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:59985->159.148.172.251:15252, len 66
 2024-12-01 08:00:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:48983->159.148.147.201:15252, len 66
 2024-12-01 08:02:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:47348->159.148.172.251:15252, len 66
 2024-12-01 08:04:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43148->159.148.147.201:15252, len 66
 2024-12-01 08:06:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50844->159.148.172.251:15252, len 66
 2024-12-01 08:08:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50804->159.148.147.201:15252, len 66
 2024-12-01 08:10:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:53287->159.148.172.251:15252, len 66
 2024-12-01 08:12:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:36030->159.148.147.201:15252, len 66
 2024-12-01 08:14:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:47792->159.148.172.251:15252, len 66
 2024-12-01 08:16:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:51584->159.148.147.201:15252, len 66
 2024-12-01 08:18:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:40583->159.148.172.251:15252, len 66
 2024-12-01 08:20:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:60838->159.148.147.201:15252, len 66
 2024-12-01 08:22:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:44444->159.148.172.251:15252, len 66
 2024-12-01 08:24:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:37638->159.148.147.201:15252, len 66
 2024-12-01 08:26:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:35850->159.148.172.251:15252, len 66
 2024-12-01 08:28:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:36910->159.148.147.201:15252, len 66
 2024-12-01 08:30:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43886->159.148.172.251:15252, len 66
 2024-12-01 08:32:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:56011->159.148.147.201:15252, len 66
 2024-12-01 08:34:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:35554->159.148.172.251:15252, len 66
 2024-12-01 08:36:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:58921->159.148.147.201:15252, len 66
 2024-12-01 08:38:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:35105->159.148.172.251:15252, len 66
 2024-12-01 08:40:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43739->159.148.147.201:15252, len 66
 2024-12-01 08:42:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:38011->159.148.172.251:15252, len 66
 2024-12-01 08:44:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:60764->159.148.147.201:15252, len 66
 2024-12-01 08:46:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:44064->159.148.172.251:15252, len 66
 2024-12-01 08:48:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:37899->159.148.147.201:15252, len 66
 2024-12-01 08:50:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:51115->159.148.172.251:15252, len 66
 2024-12-01 08:52:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:52500->159.148.147.201:15252, len 66
 2024-12-01 08:54:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:58028->159.148.172.251:15252, len 66
 2024-12-01 08:56:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43131->159.148.147.201:15252, len 66
 2024-12-01 08:58:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:59525->159.148.172.251:15252, len 66
 2024-12-01 09:00:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50985->159.148.147.201:15252, len 66
 2024-12-01 09:02:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:38185->159.148.172.251:15252, len 66
 2024-12-01 09:04:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50388->159.148.147.201:15252, len 66
 2024-12-01 09:06:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:46448->159.148.172.251:15252, len 66
 2024-12-01 09:08:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:41606->159.148.147.201:15252, len 66
 2024-12-01 09:10:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:40086->159.148.172.251:15252, len 66
Last edited by tangent on Sun Dec 01, 2024 8:37 pm, edited 1 time in total.
Reason: Wrapped log output in code tag
 
merkkg
just joined
Posts: 22
Joined: Thu Jan 19, 2017 11:50 am

Re: v7.17rc [testing] is released!

Sun Dec 01, 2024 2:05 pm

 
VoltageWar
just joined
Posts: 3
Joined: Wed May 29, 2024 1:03 am

Re: v7.17rc [testing] is released!

Sun Dec 01, 2024 3:17 pm

After upgrading from 7.17rc1 to 7.17rc2 I am not able to connect to the container IP, even ping not working.
 
HamRadio
just joined
Posts: 19
Joined: Wed Feb 15, 2017 5:33 pm

Re: v7.17rc [testing] is released!

Sun Dec 01, 2024 4:48 pm

Any chance we could update to ZeroTier 1.14.2?
https://github.com/zerotier/ZeroTierOne ... E-NOTES.md

1.14.2 has multithreading if enabled!
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.17rc [testing] is released!

Sun Dec 01, 2024 9:08 pm

Please MikroTik, check SUP-172111 before release 7.17 stable.
SMB is unstable with hAP ac2.
Thanks
 
User avatar
tangent
Forum Guru
Forum Guru
Posts: 1656
Joined: Thu Jul 01, 2021 3:15 pm
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 12:57 am

In prior versions, this worked:

/ipv6/firewall/nat
add action=dst-nat chain=dstnat dst-port=53 protocol=udp to-address=::1/128
add action=dst-nat chain=dstnat dst-port=53 protocol=tcp to-address=::1/128

The intent behind this is to redirect all IPv6 DNS requests from the LAN to the local DNS server on the router in order to force them through the DoH path. I believe this stopped working with rc2.

I've fixed it by giving a to-address naming the full globally routable address of my router, but the problem with that is that my ISP has assigned a different /64 to me from one modem reboot to the next, and likely will again in the future.

I realize this ::1/128 address is somewhat ambiguous. (Localhost where?) What I really want is a way to specify the address of the local DNS server by way of the IPv6 address pool so that when DHCPv6 pulls a different PD, the firewall NAT rule tracks the change automatically.
 
CGGXANNX
Member Candidate
Member Candidate
Posts: 250
Joined: Thu Dec 21, 2023 6:45 pm

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 3:37 am

I've fixed it by giving a to-address naming the full globally routable address of my router, but the problem with that is that my ISP has assigned a different /64 to me from one modem reboot to the next, and likely will again in the future.

You can alternatively add an ULA address to any of the router's interfaces (with Advertise unchecked) and use that as the fixed to-address target.
 
User avatar
tangent
Forum Guru
Forum Guru
Posts: 1656
Joined: Thu Jul 01, 2021 3:15 pm
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 5:38 am

add an ULA address

Yes, that's a superior solution, because it solves a second, related problem: what to put in for "/ipv6/nd/set … dns=??" Before, I was using ::1 from my ISP-assigned GUA pool, but now I'm telling peers to send it to the ULA. Because the ULA range isn't advertised, none of them know they could be on that /64, but it doesn't matter because DNS is on the default router, and the router of course knows how to get packets to ::1 in the ULA scheme.

I'd still like to know why my old "localhost" scheme now fails, though.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 7:52 am

If the setting is set to "auto", then it works as "disabled" unless you enable BTH functionality. If you enable BTH, then it will automtically enable Cloud service, since it can not work without it.

It seems that your router simply tried to reach Cloud. Maybe it was not reachable? Is it working just fine now?

Also, System/Clock time-zone-autodetect uses Cloud.
https://help.mikrotik.com/docs/spaces/R ... Updatetime
I have upgraded from 7.17 beta to rc2 and I started to see strange connections to Mikrotik servers every 2-4 minutes:
I think it is related to "Cloud" DDNS settings as it uses same port - https://help.mikrotik.com/docs/spaces/R ... 9929/Cloud
I see there is also change in /IP/Cloud/DDNS Enabled settings - from 'On'/'Off' it changed to 'auto'/'yes' <lol>
Why Mikrotik would turn it on for all devices ?

2024-12-01 07:12:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:56093->159.148.147.201:15252, len 66
 2024-12-01 07:14:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50341->159.148.172.251:15252, len 66
 2024-12-01 07:16:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:41291->159.148.147.201:15252, len 66
 2024-12-01 07:18:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:44424->159.148.172.251:15252, len 66
 2024-12-01 07:20:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:42243->159.148.147.201:15252, len 66
 2024-12-01 07:22:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:56078->159.148.172.251:15252, len 66
 2024-12-01 07:24:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:34422->159.148.147.201:15252, len 66
 2024-12-01 07:26:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:46383->159.148.172.251:15252, len 66
 2024-12-01 07:28:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43185->159.148.147.201:15252, len 66
 2024-12-01 07:30:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43861->159.148.172.251:15252, len 66
 2024-12-01 07:32:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43470->159.148.147.201:15252, len 66
 2024-12-01 07:34:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:53107->159.148.172.251:15252, len 66
 2024-12-01 07:36:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:46675->159.148.147.201:15252, len 66
 2024-12-01 07:38:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:40088->159.148.172.251:15252, len 66
 2024-12-01 07:40:07 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:54119->159.148.147.201:15252, len 66
 2024-12-01 07:42:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:34392->159.148.172.251:15252, len 66
 2024-12-01 07:44:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:45126->159.148.147.201:15252, len 66
 2024-12-01 07:46:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:37292->159.148.172.251:15252, len 66
 2024-12-01 07:48:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:38440->159.148.147.201:15252, len 66
 2024-12-01 07:50:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:41124->159.148.172.251:15252, len 66
 2024-12-01 07:52:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:49589->159.148.147.201:15252, len 66
 2024-12-01 07:54:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:48507->159.148.172.251:15252, len 66
 2024-12-01 07:56:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:33504->159.148.147.201:15252, len 66
 2024-12-01 07:58:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:59985->159.148.172.251:15252, len 66
 2024-12-01 08:00:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:48983->159.148.147.201:15252, len 66
 2024-12-01 08:02:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:47348->159.148.172.251:15252, len 66
 2024-12-01 08:04:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43148->159.148.147.201:15252, len 66
 2024-12-01 08:06:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50844->159.148.172.251:15252, len 66
 2024-12-01 08:08:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50804->159.148.147.201:15252, len 66
 2024-12-01 08:10:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:53287->159.148.172.251:15252, len 66
 2024-12-01 08:12:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:36030->159.148.147.201:15252, len 66
 2024-12-01 08:14:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:47792->159.148.172.251:15252, len 66
 2024-12-01 08:16:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:51584->159.148.147.201:15252, len 66
 2024-12-01 08:18:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:40583->159.148.172.251:15252, len 66
 2024-12-01 08:20:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:60838->159.148.147.201:15252, len 66
 2024-12-01 08:22:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:44444->159.148.172.251:15252, len 66
 2024-12-01 08:24:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:37638->159.148.147.201:15252, len 66
 2024-12-01 08:26:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:35850->159.148.172.251:15252, len 66
 2024-12-01 08:28:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:36910->159.148.147.201:15252, len 66
 2024-12-01 08:30:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43886->159.148.172.251:15252, len 66
 2024-12-01 08:32:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:56011->159.148.147.201:15252, len 66
 2024-12-01 08:34:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:35554->159.148.172.251:15252, len 66
 2024-12-01 08:36:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:58921->159.148.147.201:15252, len 66
 2024-12-01 08:38:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:35105->159.148.172.251:15252, len 66
 2024-12-01 08:40:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43739->159.148.147.201:15252, len 66
 2024-12-01 08:42:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:38011->159.148.172.251:15252, len 66
 2024-12-01 08:44:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:60764->159.148.147.201:15252, len 66
 2024-12-01 08:46:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:44064->159.148.172.251:15252, len 66
 2024-12-01 08:48:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:37899->159.148.147.201:15252, len 66
 2024-12-01 08:50:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:51115->159.148.172.251:15252, len 66
 2024-12-01 08:52:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:52500->159.148.147.201:15252, len 66
 2024-12-01 08:54:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:58028->159.148.172.251:15252, len 66
 2024-12-01 08:56:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:43131->159.148.147.201:15252, len 66
 2024-12-01 08:58:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:59525->159.148.172.251:15252, len 66
 2024-12-01 09:00:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50985->159.148.147.201:15252, len 66
 2024-12-01 09:02:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:38185->159.148.172.251:15252, len 66
 2024-12-01 09:04:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:50388->159.148.147.201:15252, len 66
 2024-12-01 09:06:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:46448->159.148.172.251:15252, len 66
 2024-12-01 09:08:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:41606->159.148.147.201:15252, len 66
 2024-12-01 09:10:08 firewall,info mkt_ output: in:(unknown 0) out:ether1, connection-state:new proto UDP, MYPUBLICIP:40086->159.148.172.251:15252, len 66
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 8:42 am

Please MikroTik, check SUP-172111 before release 7.17 stable.
SMB is unstable with hAP ac2.
Thanks
I did search the forum to try to see what you are asking for, but there are no post about SUP-172111
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 9:37 am

Forum users can't check support tickets, so no reason to post ticket numbers here
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 9:48 am

Please MikroTik, check SUP-172111 before release 7.17 stable.
SMB is unstable with hAP ac2.
Thanks
I did search the forum to try to see what you are asking for, but there are no post about SUP-172111
SUP-172111 is the new ticket for a bug that was already fixed in the 7.15rc (SUP-151054):
viewtopic.php?p=1071424&hilit=151054#p1071424

It's back from 7.17beta: hAP ac2 restarts itself when copying a large file using SMB.
Forum users can't check support tickets, so no reason to post ticket numbers here
You're right Normis, I didn't mean to cause confusion...
 
techfellow
just joined
Posts: 4
Joined: Wed Mar 06, 2024 7:51 pm

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 11:11 am

Thank you @Strods for reply

I had never used the BTH feature, and the Time Update feature before 7.17 was only sending 4 packets every time the router reboots and not as it is now - doing flood every 2 minutes.
Additionally this statement is as good as the functionality: "If the setting is set to "auto", then it works as "disabled" unless ..."

If the setting is set to "auto", then it works as "disabled" unless you enable BTH functionality. If you enable BTH, then it will automtically enable Cloud service, since it can not work without it.

It seems that your router simply tried to reach Cloud. Maybe it was not reachable? Is it working just fine now?

Also, System/Clock time-zone-autodetect uses Cloud.
https://help.mikrotik.com/docs/spaces/R ... Updatetime
I have upgraded from 7.17 beta to rc2 and I started to see strange connections to Mikrotik servers every 2-4 minutes:
I think it is related to "Cloud" DDNS settings as it uses same port - https://help.mikrotik.com/docs/spaces/R ... 9929/Cloud
...
Last edited by techfellow on Mon Dec 02, 2024 12:35 pm, edited 1 time in total.
 
Atmis
just joined
Posts: 1
Joined: Mon May 22, 2023 6:24 pm

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 11:27 am

Before 7.15, there were stability issues with some SFP ONU sticks and CRS305. (Suddenly, TX Power was showing -40.0dBm with FS.com GPON-ONU-34-20 BI).
Issue was fixed in 7.15 (* sfp - improved "sfp-tx-power" value monitoring in certain cases;)
I have updated my CRS305 to 7.17RC2 (firmware upgrade too) and the issue is back (4 crashes in few days, after months of stability).
I have reopened the original ticket on support side.
 
jaclaz
Forum Guru
Forum Guru
Posts: 1981
Joined: Tue Oct 03, 2023 4:21 pm

Re: v7.17rc [testing] is released!

Mon Dec 02, 2024 4:57 pm

Forum users can't check support tickets, so no reason to post ticket numbers here
It is of no use for other common forum members, but this way you or other Mikrotik staff happening to pass by and interested in a report on the forum may be able to check in more detail what the issue is, without needing to ask for the ticket number.

I thought it was a good thing to do to cite the ticket number?
 
User avatar
mark99i
just joined
Posts: 7
Joined: Sat Jun 20, 2020 12:17 pm

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 12:24 am

it seems that in versions 7.17beta/rc there is some kind of problem that is actively consumes space on a flash

on my ac2, I successfully used 7.16rcX for several months without errors, but after updating to 7.17rc2, less than a day later, dozens of saving errors began to appear
another ac2, located in a different location and with a different configuration, but updated to 7.17beta/rc, faced the same problem

multiple messages:
could not save configuration changes, not enough storage space available.
of course, I went to files and saw that 0% of the space was available and 16 out of 16 were occupied, but it was obvious before that
however, it is not at all obvious why this is happening: I almost did not change the configuration and did not upload anything to the files
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 2:15 am

ROS 7.17 silently disables "Accept Router Advertisements" in IPv6 settings. This caused IPv6 to no longer be able to route to the Internet for my ISP.

I am not sure why it does this. The closest release note item is this one which might be related?
*) ipv6 - added IPv6 settings related to stale IPv6 neighbor cleanup;
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 4:37 pm

it seems that in versions 7.17beta/rc there is some kind of problem that is actively consumes space on a flash

on my ac2, I successfully used 7.16rcX for several months without errors, but after updating to 7.17rc2, less than a day later, dozens of saving errors began to appear
Did you check space after upgrading? Especially on the hAP ac2, space has always been very critical because it is an architecture with relatively large binaries and the flash space is less than 16MB (so it does not conform to specs!).
It may be that after the upgrade you were at almost zero free space...
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 5:46 pm

it seems that in versions 7.17beta/rc there is some kind of problem that is actively consumes space on a flash

on my ac2, I successfully used 7.16rcX for several months without errors, but after updating to 7.17rc2, less than a day later, dozens of saving errors began to appear
Did you check space after upgrading? Especially on the hAP ac2, space has always been very critical because it is an architecture with relatively large binaries and the flash space is less than 16MB (so it does not conform to specs!).
It may be that after the upgrade you were at almost zero free space...
All ARM 32 ac (hAP ac2, cAP, wAP) devices that have 16MB flash have pretty much the same specs (same ipq-4018 SOC and flash chip), use the same binaries and have the same storage space issue and that is if you use wifi-qcom-ac which is almost twice the size (and actually grew up a bit in 7.17) than older wireless package...
My experience so far is that wifi-qcom-ac is just not worth the trouble, it is way more unstable and there is no significant performance gain so if you don't absolutely need new CAPsMAN just stay with the older wireless package...
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 6:12 pm

I disagree.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 6:32 pm

My experience so far is that wifi-qcom-ac is just not worth the trouble, it is way more unstable and there is no significant performance gain so if you don't absolutely need new CAPsMAN just stay with the older wireless package...
I disagree.
+1 on disagreeing. MAJOR difference in performance between wireless and wifi-qcom-ac given identical HW devices.
It has nothing to do with using capsman or not. Even as standalone AP the difference is really noticeable.
Using capsman there are some quirks to pay attention to (mainly when using VLANs) but even that can be handled.

You are correct on the size issue and I haven't paid attention yet on the fact it got bigger (current setups capable of using it are still on 7.16.2) so that's a good one to keep in mind.
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 7:04 pm

ROS main package size increased in 7.17. But I think not more than around 200kb. On 7.16.2 it reports 765KiB "free-hdd-space". So not to worry right now. But Mikrotik needs to keep an eye on that. I hope 7.14 was enough of the trouble.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1518
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 7:50 pm


My experience so far is that wifi-qcom-ac is just not worth the trouble, it is way more unstable and there is no significant performance gain so if you don't absolutely need new CAPsMAN just stay with the older wireless package...
I've had much better wireless experience with wifi-qcom-ac drivers on cAP ac when comparing legacy drivers...
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.17rc [testing] is released!

Tue Dec 03, 2024 11:16 pm

Forum users can't check support tickets, so no reason to post ticket numbers here
Basically, this is the way many of us find to make public that there are problems and that they have been documented (not just by the Forum) with the aim of avoiding excuses like "oh, but we didn't know".
 
hagoyi
newbie
Posts: 33
Joined: Wed May 17, 2023 8:36 pm

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 10:04 am

Hmm. I can see the secret hidden route (but MT can't).
First, everything looks good:
[admin@MikroTik] /ip/route> export  
# 2024-12-04 21:41:47 by RouterOS 7.17rc2
# software id = ****-****
#
# model = RB4011iGS+
# serial number = ************
/ip route
add blackhole distance=254 routing-table=route1
add blackhole distance=100 dst-address=192.168.12.0/24 gateway=gw1
add check-gateway=ping gateway=192.168.12.3 routing-table=route1
add gateway=11.22.33.44 routing-table=guest
But soon... Where is blackhole with distance=254?!
[admin@MikroTik] /ip/route> export where blackhole 
# 2024-12-04 21:42:37 by RouterOS 7.17rc2
# software id = ****-****
#
# model = RB4011iGS+
# serial number = ************
/ip route
add blackhole distance=100 dst-address=192.168.12.0/24 gateway=gw1
Anyway. How about route with table=guest?
[admin@MikroTik] /ip/route> export where routing-table=guest 
 
# 2024-12-04 21:47:37 by RouterOS 7.17rc2
# software id = ****-****
#
# model = RB4011iGS+
# serial number = ************
Well, I can reboot it, but wtf?
 
User avatar
infabo
Forum Guru
Forum Guru
Posts: 1465
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 10:29 am



I did search the forum to try to see what you are asking for, but there are no post about SUP-172111
SUP-172111 is the new ticket for a bug that was already fixed in the 7.15rc (SUP-151054):
viewtopic.php?p=1071424&hilit=151054#p1071424

It's back from 7.17beta: hAP ac2 restarts itself when copying a large file using SMB.
Forum users can't check support tickets, so no reason to post ticket numbers here
You're right Normis, I didn't mean to cause confusion...
In this specific case I would say that it was justified to post the SUP number publicly here. Causing a reboot just by copying a large file via SMB sounds like a big issue that should be fixed before reaching final. And when there is no response in the ticket system, one must use other channels to get attention.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 10:54 am

Causing a reboot just by copying a large file via SMB sounds like a big issue that should be fixed before reaching final.
Well, for me it sounds like an irrelevant issue because a router is not an SMB server and the whole SMB function should not have been there...
For me, the big problems in BGP should be fixed before reaching final, but they are not even touched.
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 12:30 pm

Hmm. I can see the secret hidden route (but MT can't).

But soon... Where is blackhole with distance=254?!

Anyway. How about route with table=guest?

Well, I can reboot it, but wtf?
This smells to be related to the same "thing" that happens when you try to see IPv4 or IPv6 routes and the route count shows the total number of routes. The same thing happens with vpnv4 and vpnv6 routes.

This attempt to abstract what is RIB and what is FIB into a single "thing" seems very weird.

By the way, it is worth mentioning that the syntax between routing and routes is still incongruent:
[administrator@fischerdouglas] > /routing/bgp/connection/print where address-families=
ip     ipv6     l2vpn     l2vpn-cisco     vpnv4     vpnv6
[administrator@fischerdouglas] > /routing/route/print where afi=  
bad     ip4     ip6     l2vpn     l2vpn-cisco     l2vpn-link     link     mip4     mip6     vpn4     vpn6
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 12:52 pm

Causing a reboot just by copying a large file via SMB sounds like a big issue that should be fixed before reaching final.
Well, for me it sounds like an irrelevant issue because a router is not an SMB server and the whole SMB function should not have been there...
For me, the big problems in BGP should be fixed before reaching final, but they are not even touched.
Hmm... I agree, but I disagree!

I agree with you that these extra features, unrelated to the basic concept of a Routing Operating System (RouterOS) should not be in the core of the system.

But if the features are activated through extra packages, it is correct to expect that they work at least in a stable manner.
And more important than working stably, that they under no circumstances affect the functioning of the base system.

This brings me to the succession of suggestions that I have already made through tickets on Jira and also shared in several topics here on the forum... (Posts that have even been deleted. Hello @normis !)

Features such as SMB/CIFS/DNLA and similar should be removed from the system's base package and placed only as additional packages.

In addition to possibly reducing the size of the base package (which has been a problem for some hardware models), it would certainly result in fewer system malfunctions due unwanted interactions of extra functions that may be misbehaving.

Furthermore, these complementary functionalities mentioned, as well as others that are not dispensable(such as routing, or Queues) that needs to be in the base package, should be runs in the backend in a container regime (as in Junos-Evo, IOS-XR, even in VyOS) and imposing reservations and limits on the use of computing resources...
 
User avatar
StubArea51
Trainer
Trainer
Posts: 1742
Joined: Fri Aug 10, 2012 6:46 am
Location: stubarea51.net
Contact:

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 5:27 pm

Any chance we could update to ZeroTier 1.14.2?
https://github.com/zerotier/ZeroTierOne ... E-NOTES.md

1.14.2 has multithreading if enabled!

I would love to see this as well!
 
Smokeshow
just joined
Posts: 10
Joined: Thu Mar 16, 2017 10:30 pm

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 7:21 pm

Any real world experience with the VPLS fastpath?

Wondering how much CPU improvements are realized on CCR2xxx devices.
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 161
Joined: Wed Jun 12, 2019 5:04 am

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 8:16 pm

I don't even know where to look if FastPath is active for VPLS.
Hopefully they will update the documentation with information about what limitations exist for enabling FastPah for VPLS.
 
rpingar
Long time Member
Long time Member
Posts: 593
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 10:25 pm

Any real world experience with the VPLS fastpath?

Wondering how much CPU improvements are realized on CCR2xxx devices.
I don't see any difference between 7.16 or earlier and 7.17rc

hope only they fix some crash about crr2216 and traffic that goes slowpath-fastpath in mpls (vpls tunnels dounw/up due to poor links) (kernel failure) in 7.16.x

regards
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 10:52 pm

As I had severe issues with my RB5009, which using Capsman locked all users out from 5GHz - anyone having similar experiences?

Unfortunately, I did not investigate a lot and rather reverted ASAP to 7.16.2, BUT then my RB5009 went crazy with lots of config gone. Had to use a fresh backup.

So, is something wrong with 7.17RC for RB5009 with Capsman? Or was I just very unlucky for some reason?
 
User avatar
gabacho4
Member
Member
Posts: 399
Joined: Mon Dec 28, 2020 12:30 pm
Location: Earth

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 10:56 pm

So, is something wrong with 7.17RC for RB5009 with Capsman? Or was I just very unlucky for some reason?
I'm using the exact same setup and have not experienced any such issues whatsoever.
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Wed Dec 04, 2024 11:32 pm

I would like to try again, but maybe only initially upgrade my RB5009 Capsman and leave CAPs on 7.16.2?
 
Kaldek
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.17rc [testing] is released!

Thu Dec 05, 2024 6:43 am

I would like to try again, but maybe only initially upgrade my RB5009 Capsman and leave CAPs on 7.16.2?
I had all my cAp ax units on 7.17rc1 and upgraded the RB5009 to 7.17rc1. The only issue I had was the change in IPv6 settings I mentioned in an earlier post.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Thu Dec 05, 2024 8:23 am

So, is something wrong with 7.17RC for RB5009 with Capsman? Or was I just very unlucky for some reason?
I don't think it has anything to do with capsman.
I had a complete crash on my RB5009 (needed to power cycle to get it back) and had to revert to 7.17b6.
After trying to partition that device, it went really dead.
So netinstall.
After that I was able to upgrade to 7.17rc2 without issues and re-apply config from earlier made export (using the sensible way: block by block copy-paste in terminal).
But it's a home setup I use for testing such stuff so no harm done (apart from some down-time and grabbing my good old Hex as backup router while I figured everything out on RB5009 :lol: ).

I made a ticket to support about it and they suspect it has something to do with containers starting up before mount point is available.

Right now that device is running stable with capsman and several AX-type devices as cap (all on 7.17rc2).
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Thu Dec 05, 2024 8:52 am

OK, will wait until I have a calm state with no critical users - my wife.... Would like to see that my issue with 5GHz network hopefully does not reappear...
 
Network5
newbie
Posts: 30
Joined: Sat Mar 22, 2014 11:42 pm

Re: v7.17rc [testing] is released!

Thu Dec 05, 2024 4:13 pm

Any real world experience with the VPLS fastpath?

Wondering how much CPU improvements are realized on CCR2xxx devices.
I don't see any difference between 7.16 or earlier and 7.17rc
hope only they fix some crash about crr2216 and traffic that goes slowpath-fastpath in mpls (vpls tunnels dounw/up due to poor links) (kernel failure) in 7.16.x
I was doing some tests in the LAB on CCR2216, because we had huge problems with MPLS. If using it as a Provider router, jitter (or packets drop) is introduced if the interfaces are part of the bridge and VLANs are on it. There are no jitter or drops if the interfaces are not part of the bridge. But I have to test it more extensively. In other words, when LDP is enabled and running on the transport interfaces, these interfaces drop packets randomly, only on CCR2216. But this is my experience.
I reported the problem long ago; it was acknowledged, and the ticket was closed. No changes since then.
 
jszakmeister
just joined
Posts: 1
Joined: Tue May 14, 2024 2:11 pm

Re: v7.17rc [testing] is released!

Thu Dec 05, 2024 4:46 pm

I upgraded my two hAP ax2 devices at home, and it looks like I'm seeing a regression. Apple iPhone devices seem to be disconnecting and reconnecting rather frequently, even when sitting on a desk three feet from the unit. It's very odd. I didn't see this with 7.17rc1.
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 161
Joined: Wed Jun 12, 2019 5:04 am

Re: v7.17rc [testing] is released!

Thu Dec 05, 2024 6:34 pm

I was doing some tests in the LAB on CCR2216, because we had huge problems with MPLS. If using it as a Provider router, jitter (or packets drop) is introduced if the interfaces are part of the bridge and VLANs are on it. There are no jitter or drops if the interfaces are not part of the bridge. But I have to test it more extensively. In other words, when LDP is enabled and running on the transport interfaces, these interfaces drop packets randomly, only on CCR2216. But this is my experience.
I reported the problem long ago; it was acknowledged, and the ticket was closed. No changes since then.
To which bridge do you add the LDP interfaces?
 
Network5
newbie
Posts: 30
Joined: Sat Mar 22, 2014 11:42 pm

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 9:14 am

@clambert: The one bridge with hardware offloading.

Most of my configurations use one bridge for the core network and one for the overlay network. Thus, I can use L3 HW Offload for the core network.
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 161
Joined: Wed Jun 12, 2019 5:04 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:05 pm

Ah, I understand. However, please note that MPLS is not supported by L3HW offload feature.
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:11 pm

OK, will wait until I have a calm state with no critical users - my wife.... Would like to see that my issue with 5GHz network hopefully does not reappear...
Upgraded again, after a couple of hours Capsman devices are unable to connect to 5GHz or they connect but are isolated and cannot connect to Internet anymore...
I have created a supout file...
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:20 pm

Can you share your config, @epkulse? And anything in the logging that could explain the situation?
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:26 pm

There is nothing spcific present in the log. But my MAC and iPhone do not get a IP-address so something strange is happening with the DHCP-server...
Which is the best way to share config to you?
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:31 pm

The standard way is:
/export file=anynameyoulike
Remove serial and any other private info and post between code tags by using the </> button.

Always good to have more eyes watching.
Can you als supply all involved (MikroTik) hardware?
Did you also upgrade firmware besides the RouterOS upgrade?
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:43 pm

Can i pass it on to you?
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:48 pm

Will try to reboot the router now... Can´t wait anymore... Worst case, I have to revert to 7.16.2...
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 1:57 pm

Checked another laptop which could connect to wifi on 5G, So, actually rebooted my MAC and it works now... Also iPhone connects OK... So, I didn´t check everything properly it seems. Have not rebooted the router - will leave it for now...
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 4:20 pm

Well, I have to give up. My MAC refused again to connect, or basically the DHCP-server did not provide an IP-address. Other devices encountered the same and I am not able to figure out what happened.
And, again, when reverting my RB5009 to 7.16.2 some config was lost - especially it seems to be related to the DHCP-server as the configured static lease table was empty.
Enough hassle now for a full day. Will create and supplement data to Support - and I will be very careful to upgrade to 7.17. Probably need to do a complete fresh start then...
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 4:25 pm

My experience so far is that wifi-qcom-ac is just not worth the trouble, it is way more unstable and there is no significant performance gain so if you don't absolutely need new CAPsMAN just stay with the older wireless package...
I disagree.
+1 on disagreeing. MAJOR difference in performance between wireless and wifi-qcom-ac given identical HW devices.
It has nothing to do with using capsman or not. Even as standalone AP the difference is really noticeable.
Using capsman there are some quirks to pay attention to (mainly when using VLANs) but even that can be handled.

You are correct on the size issue and I haven't paid attention yet on the fact it got bigger (current setups capable of using it are still on 7.16.2) so that's a good one to keep in mind.
Would be interesting to see what that MAJOR difference in performance is, for example connect 10 users to the same AP and share the average results in speeds with wireless vs wifi-qcom-ac package...

You cannot manage devices using old wireless package with the new capsman that is compatible only with wifi-qcom, so what I meant to say is that if you absolutely need to manage all your devices within a single capsman instance you must upgrade all to wifi-qcom-ac... but since VLAN assignment doesn't work with wifi-qcom-ac devices you would still need to make separate configuration in capsman and also in bridge on every single device for those so it makes it more troublesome for me than maintaining separate capsman instances...
 
User avatar
Paternot
Forum Guru
Forum Guru
Posts: 1056
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 4:32 pm

And, again, when reverting my RB5009 to 7.16.2 some config was lost - especially it seems to be related to the DHCP-server as the configured static lease table was empty.
Do yourself a favor: partition the device. This way You can boot the "backup" partition, copy it over the "production" one, and go from there. Much easier than playing around with netinstall.
 
epkulse
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Sat Oct 27, 2012 12:57 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 4:43 pm

OK, have never tried that. Fortunately, I was able to access it and restore a backup...
 
Network5
newbie
Posts: 30
Joined: Sat Mar 22, 2014 11:42 pm

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 4:57 pm

Ah, I understand. However, please note that MPLS is not supported by L3HW offload feature.
Yes, I know, but regular traffic is supported. I don't understand why, in this specific configuration, the CCR2216 is dropping packets / introducing jitter if LDP is enabled.
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 8:35 pm

HAP AC2 with 7.17rc2: I have a 128GB USB stick formatted in Ext4. SanDisk stick just discarded new. via IP>SMB I shared a folder. If from a phone connected to wifi I copy any file of average size 296MB, the transfer starts well but randomly in a percentage that is always different, the router goes into kernel panic and restarts completely. I formatted in ROS if it can be a detail.. Serious BUG !!
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 8:58 pm

HAP AC2 with 7.17rc2: I have a 128GB USB stick formatted in Ext4. SanDisk stick just discarded new. via IP>SMB I shared a folder. If from a phone connected to wifi I copy any file of average size 296MB, the transfer starts well but randomly in a percentage that is always different, the router goes into kernel panic and restarts completely. I formatted in ROS if it can be a detail.. Serious BUG !!
Even using fat32 and extfat the problem occurs again, the first moments it also reaches a good speed for being USB 2, I see the CPU reach even 40% then everything dies. From the LOGs I read "kernel failure".. In my opinion a serious bug to be fixed before the stable release!
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Fri Dec 06, 2024 9:36 pm

HAP AC2 with 7.17rc2:[...] If from a phone connected to wifi I copy any file of average size 296MB, the transfer starts well but randomly in a percentage that is always different, the router goes into kernel panic and restarts completely. I formatted in ROS if it can be a detail.. Serious BUG !!
Even using fat32 and extfat the problem occurs again, the first moments it also reaches a good speed for being USB 2, I see the CPU reach even 40% then everything dies. From the LOGs I read "kernel failure".. In my opinion a serious bug to be fixed before the stable release!
You might want to collect a supout.rif and submit a ticket if you're seeing a panic, as the supout.rif should have more info for Mikrotik to figure it out.
 
ajdmh
just joined
Posts: 11
Joined: Wed Mar 31, 2021 2:45 pm

Re: v7.17rc [testing] is released!

Sat Dec 07, 2024 4:36 am

Could the 7.17rc version of Design Skin be as intuitive and straightforward as 7.15.1? The editing method in 7.17 is frankly a bit ridiculous...
 
User avatar
mark99i
just joined
Posts: 7
Joined: Sat Jun 20, 2020 12:17 pm

Re: v7.17rc [testing] is released!

Sat Dec 07, 2024 7:26 am

it seems that in versions 7.17beta/rc there is some kind of problem that is actively consumes space on a flash

on my ac2, I successfully used 7.16rcX for several months without errors, but after updating to 7.17rc2, less than a day later, dozens of saving errors began to appear
Did you check space after upgrading? Especially on the hAP ac2, space has always been very critical because it is an architecture with relatively large binaries and the flash space is less than 16MB (so it does not conform to specs!).
It may be that after the upgrade you were at almost zero free space...
unfortunately, I did not look at the place immediately after the update.
but after analyzing the size of the packages with ROS, I came to the conclusion that the difference is about 300 kb. there are still 2 MB free, which is in 7.16.2, which is in the current 17rc2.

this is not so small, in the MT device, the size of a regular configuration is unlikely to ever exceed 100Kb, judging by the size of the backup, so this is hardly a problem.

It still seems to me that this is some kind of mistake that leads to running out of space.

the current status of both my devices is: they are loaded (with a power reboot) and they are working. they don't soft reboot: system reboot, package downgrade, and upgrade don't do anything in either winbox or the cli. it seems the only option is netinstall

upd: just netinstall 7.17rc2 on one of devices with keep old configuration - 348kb free space. I'm watching
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Sat Dec 07, 2024 11:10 am

Yes, that is quite low, my hAP ac2 runs with 1400 kB free at the moment, but it does not have wifi-qcom-ac installed.
I noticed that the "Total HDD size" is now reported as 16.0 MiB while I am sure it was like 15.2 MiB before, so that has changed in some recent release.
No idea if they really found a few hundred KB extra HD space, it may well be that not the entire chip was mapped into the address space or that a too-large area was reserved for bootloader or so. But it seems that the free space is now more than it was around the 7.13-7.15 era, when this device was nearly dying.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.17rc [testing] is released!

Sat Dec 07, 2024 11:29 am

I noticed that the "Total HDD size" is now reported as 16.0 MiB while I am sure it was like 15.2 MiB before, so that has changed in some recent release.

Seeing your post I went to check my hAP ac2 running 7.16.2 ... and my hAP ac2 also shows 16.0MB total flash size. So this flash size increase isn't specific to 7.17rc, it's been "backported". My hAP ac2 runs now with 2.7MB free (also without wifi drivers installed). Upgrade from 7.15.x to 7.16.2 did increase flash usage (judging from graphs by a few 100kB).
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Sat Dec 07, 2024 5:45 pm


Even using fat32 and extfat the problem occurs again, the first moments it also reaches a good speed for being USB 2, I see the CPU reach even 40% then everything dies. From the LOGs I read "kernel failure".. In my opinion a serious bug to be fixed before the stable release!
You might want to collect a supout.rif and submit a ticket if you're seeing a panic, as the supout.rif should have more info for Mikrotik to figure it out.
done now SUP-173480 ;)
 
User avatar
mark99i
just joined
Posts: 7
Joined: Sat Jun 20, 2020 12:17 pm

Re: v7.17rc [testing] is released!

Sat Dec 07, 2024 8:44 pm

But it seems that the free space is now more than it was around the 7.13-7.15 era, when this device was nearly dying.
with qc-ac installed on my ac2 7.15.3 (capsman ap) free 760kb flash. on other ac2+qc-ac with 7.17rc2 300-350kb flash free.
I would not say that the device is on the verge while MT officially supports them. by and large, we don't care how much free space there is: 50Kb or 1000KB, it doesn't change anything if the functions work normally

apparently, there were some errors in beta2-5 7.17, which caused the place to run out over time when working.
this is strange, because nothing should be written to flash.
 
KozmoNaut
just joined
Posts: 4
Joined: Fri Nov 29, 2024 7:40 pm

Re: v7.17rc [testing] is released!

Sun Dec 08, 2024 11:51 am

Around 740 KiB free on both my wAP AC and cAP AC, with 7.16.2 and a minimal configuration. Reset to CAPS mode, enabled IPv6 and put a simple VLAN setup on top.
 
User avatar
nithinkumar2000
Member Candidate
Member Candidate
Posts: 167
Joined: Wed Sep 11, 2019 7:42 am
Location: Coimbatore
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 09, 2024 10:51 am

Hello Everyone!!!

*) mpls - added fast-path support for VPLS (additional fixes);

Can anyone please explain the above

Dose this means now MPLS/VPLS will use multiple cores or will it speedup packet processing???

I observe that when we implement VPLS/MPLS with ROS the entire load is on single core,,, Any workaround for this kind of issue.

Thanks in advance
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Mon May 05, 2014 10:36 am

Re: v7.17rc [testing] is released!

Mon Dec 09, 2024 12:20 pm

FastPath will allow for faster packet processing basically skipping entire bridge packet flow... if preconditions for FastPath allows it...
https://help.mikrotik.com/docs/spaces/R ... S-FastPath
Last edited by BartoszP on Mon Dec 09, 2024 1:01 pm, edited 1 time in total.
Reason: Removed excessive quoting
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2182
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 09, 2024 3:22 pm

Dose this means now MPLS/VPLS will use multiple cores or will it speedup packet processing???
Yes
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 163
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 09, 2024 4:20 pm

7.17rc2

Making skin with Skin Designer, save it, jason file present in the disk skin directory, but in user group cannot see it.
Even if I try to edit in skin designer, i cannot read it because not present in drop box...
seems system not load existing skin...
 
User avatar
clambert
Member Candidate
Member Candidate
Posts: 161
Joined: Wed Jun 12, 2019 5:04 am

Re: v7.17rc [testing] is released!

Mon Dec 09, 2024 4:40 pm

Dose this means now MPLS/VPLS will use multiple cores or will it speedup packet processing???
Yes
The answer is yes, but only for the part of speeding up packet processing.
 
nizce
just joined
Posts: 23
Joined: Tue Sep 15, 2009 3:19 pm

Re: v7.17rc [testing] is released!

Mon Dec 09, 2024 9:12 pm

Hi,
I upgraded to RC2 from RC1 on my RB5009 which runs new capsman.
It has 2x CAP ax connected to it it CAPs mode. What happened is that one of the CAPs suddenly got its eth port(used as uplink) disabled in the bridge.
I think this has happened before but has no idea why this would happen. The other CAP continued to work however.
Any idea why it would get disabled? It seemed to work after I manually enabled it.
 
CBVista
just joined
Posts: 3
Joined: Tue May 23, 2023 7:00 am

Re: v7.17rc [testing] is released!

Tue Dec 10, 2024 6:34 am

DNS in a VRF still doesn't work... 7.17rc2
[vista@R1] > /ip/dns/print 
                      servers: 172.17.99.1
              dynamic-servers:            
               use-doh-server:            
              verify-doh-cert: no         
   doh-max-server-connections: 5          
   doh-max-concurrent-queries: 50         
                  doh-timeout: 5s         
        allow-remote-requests: no         
          max-udp-packet-size: 4096       
         query-server-timeout: 2s         
          query-total-timeout: 10s        
       max-concurrent-queries: 100        
  max-concurrent-tcp-sessions: 20         
                   cache-size: 2048KiB    
                cache-max-ttl: 1w         
      address-list-extra-time: 0s         
                          vrf: mgmt       
           mdns-repeat-ifaces:            
                   cache-used: 43KiB      
[vista@R1] > ping 172.17.99.1 vrf=mgmt 
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                                                                                                                                                                          
    0 172.17.99.1                                56 255 124us     
    1 172.17.99.1                                56 255 83us      
    2 172.17.99.1                                56 255 89us      
    sent=3 received=3 packet-loss=0% min-rtt=83us avg-rtt=98us max-rtt=124us 

[vista@R1] > ping google.com
invalid value for argument address:
    invalid value of mac-address, mac address required
    invalid value for argument ipv6-address
    while resolving ip-address: could not get answer from dns server
17:31:20 echo: dns local query: #5 google.com. A
17:31:20 echo: dns done query: #5 dns server failure
17:31:47 echo: dns local query: #6 cloud2.mikrotik.com. AAAA
17:31:47 echo: dns done query: #6 dns server failure
17:31:47 echo: dns local query: #7 cloud2.mikrotik.com. A
17:31:47 echo: dns done query: #7 dns server failure
17:33:47 echo: dns local query: #8 cloud2.mikrotik.com. A
17:33:47 echo: dns done query: #8 dns server failure
17:33:47 echo: dns local query: #9 cloud2.mikrotik.com. AAAA
17:33:47 echo: dns done query: #9 dns server failure
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7186
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.17rc [testing] is released!

Tue Dec 10, 2024 10:24 am

DNS in a VRF still doesn't work... 7.17rc2
As explained already before, setting VRF parameter allows to listen for DNS queries in a VRF. Feature to connect to remote DNS servers via VRF does not exist yet.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Tue Dec 10, 2024 1:36 pm

DNS in a VRF still doesn't work... 7.17rc2
As explained already before, setting VRF parameter allows to listen for DNS queries in a VRF. Feature to connect to remote DNS servers via VRF does not exist yet.
That detail should be in the docs, not just this beta thread, too: https://help.mikrotik.com/docs/spaces/R ... 748767/DNS
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 340
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.17rc [testing] is released!

Tue Dec 10, 2024 3:43 pm

What's new in 7.17rc3 (2024-Dec-10 09:40):

!) webfig - redesigned HTML, styling and functionality (additional fixes);
*) console - fixed missing arguments in wifi menu in certain cases;
*) container - improved "start-on-boot" stability;
*) discovery - added support for LLDP DCBX (additional fixes);
*) file - improved service stability when accessing files list from other system services;
*) iot - fixed LoRa behavior, where join eui or dev eui could be incorrectly converted during forwarding;
*) ippool - removed maximum "63 bit" prefix length limitation;
*) ipv6 - added support for manual link-local address configuration (additional fixes);
*) qos-hw - improved system stability when enabling QoS;
*) route - improved stability (additional fixes);
*) webfig - Skin Designer moved to centralized page (additional fixes);
 
dooh
just joined
Posts: 14
Joined: Fri May 19, 2023 9:55 pm

Re: v7.17rc [testing] is released!

Tue Dec 10, 2024 4:33 pm

Thanks for the updates and new features, but can you explain what means route improvements that we see in almost any release?
route - improved stability (additional fixes);
 
User avatar
Ullinator
just joined
Posts: 17
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.17rc [testing] is released!

Tue Dec 10, 2024 4:48 pm

I did just a few minutes ago the update from 7.17rc2 to rc3 and again (see SUP-172313) the names for the internal disks were changed.
Now with every reboot the names between disk1 and disk2 switches….
sata1 and sata2 flip their names with every reboot…..
You can see it in the screenshots.

Before reboot:
before reboot.jpg
...and after reboot:
after reboot.jpg
You do not have the required permissions to view the files attached to this post.
 
User avatar
mark99i
just joined
Posts: 7
Joined: Sat Jun 20, 2020 12:17 pm

Re: v7.17rc [testing] is released!

Thu Dec 12, 2024 3:43 am



Did you check space after upgrading? Especially on the hAP ac2, space has always been very critical because it is an architecture with relatively large binaries and the flash space is less than 16MB (so it does not conform to specs!).
It may be that after the upgrade you were at almost zero free space...
unfortunately, I did not look at the place immediately after the update.
but after analyzing the size of the packages with ROS, I came to the conclusion that the difference is about 300 kb. there are still 2 MB free, which is in 7.16.2, which is in the current 17rc2.

this is not so small, in the MT device, the size of a regular configuration is unlikely to ever exceed 100Kb, judging by the size of the backup, so this is hardly a problem.

It still seems to me that this is some kind of mistake that leads to running out of space.

the current status of both my devices is: they are loaded (with a power reboot) and they are working. they don't soft reboot: system reboot, package downgrade, and upgrade don't do anything in either winbox or the cli. it seems the only option is netinstall

upd: just netinstall 7.17rc2 on one of devices with keep old configuration - 348kb free space. I'm watching
there is still a second ac2, which has this error.
I cannot change the routerboard boot order setting, as it is blocked via device-mode.

It is connected via POE from another mikrotik and /system/device-mode/update is not applied, apparently because there is not enough memory
Developers, why did you do this?

how do I force it to be downloaded via etherboot so as not to climb under the ceiling? I can create the vlan from ether1 to flash it with netinstall, but I need to enable etherboot for this
 
User avatar
nithinkumar2000
Member Candidate
Member Candidate
Posts: 167
Joined: Wed Sep 11, 2019 7:42 am
Location: Coimbatore
Contact:

Re: v7.17rc [testing] is released!

Thu Dec 12, 2024 7:57 am

If MPLS/VPLS starts utilizing multiple Cores then its great.

Some Routers which i am using has 4Cores but when VPLS is running entire load is currently on single core. rest of the cores are idle or not getting used.

CCR2004, CCR2116, CCR2216, Ax2, AX3, RB5009...etc

its actually not allowing the full potential of Mikrotik Devices.
 
Network5
newbie
Posts: 30
Joined: Sat Mar 22, 2014 11:42 pm

Re: v7.17rc [testing] is released!

Thu Dec 12, 2024 10:20 am

Do you have any problems running MPLS/VPLS with CCR2216? I mean, jitter or dropped packets?
 
User avatar
nithinkumar2000
Member Candidate
Member Candidate
Posts: 167
Joined: Wed Sep 11, 2019 7:42 am
Location: Coimbatore
Contact:

Re: v7.17rc [testing] is released!

Thu Dec 12, 2024 11:16 am

Do you have any problems running MPLS/VPLS with CCR2216? I mean, jitter or dropped packets?
I am using CCR2216 major issues is single core getting overeloaded
 
RavenWing71
newbie
Posts: 36
Joined: Thu May 12, 2011 3:52 am

Re: v7.17rc [testing] is released!

Fri Dec 13, 2024 1:51 am

*) dhcpv6-server - added IPv6 address delegation support;
Do I understand it correctly that it's for RFC 8415 Section 6.2 DHCP for Non-temporary Address Assignment? Because if it is, then I agree with @RavenWing71 in that it should not have assigned the reserved anycast address (RFC 5453) nor restricted pool's prefix length to be >64.
You are correct. This "new to RouterOS" feature is able to assign IPv6 addresses to host interfaces through DHCPv6. As of 7.17rc3, I can now use a /64 for the pool prefix, so the address pool no longer feels funny.
/ipv6/pool add name=IA-Pool_2024-11-29 prefix=abcd:ef12:fff0:ffff::/64 prefix-length=128
BUT, when /ip/address was told to assign an IPv6 address from the pool to the interface the DHCPv6 server is on, it still assigned abcd:ef12:fff0:ffff::0 to the interface. So long as this router is the only "router" on the network segment, it will likely work fine, but I have had some services balk when given the reserved anycast address because they were expecting a unicast address, and they knew that abcd:ef12:fff0:ffff::0 is not unicast.
 
AlexandruL
just joined
Posts: 12
Joined: Wed Oct 30, 2024 9:58 pm

Re: v7.17rc [testing] is released!

Fri Dec 13, 2024 9:01 pm

Regarding the way interfaces are shown in the wifiwave2 WiFi tab. I think it's better to add another column for operated by CAP and traffic processing.
Adding the red line of text makes the interfaces names hard to read.

Also the hw-caps attributes is not shown on any type of wi-fi interface, N, AC or AX, it's the same as in 7.16.2. And yes, I updated both the controller and the caps to the same routeros and firmware version.
 
AlexandruL
just joined
Posts: 12
Joined: Wed Oct 30, 2024 9:58 pm

Re: v7.17rc [testing] is released!

Fri Dec 13, 2024 10:50 pm

My mistake regarding hw-caps, they are shown using CLI.
 
RESPL
just joined
Posts: 2
Joined: Thu Dec 12, 2024 9:30 pm

Re: v7.17rc [testing] is released!

Mon Dec 16, 2024 1:00 am

RouterOS version 7.17rc has been released on the "v7 testing" channel!

What's new in 7.17rc3 (2024-Dec-10 09:40):

[...]
*) sfp - improved SFP28, QSFP28 interface stability using DAC cable for CRS520 switch;
[...]
We tested this change. The improvement was minimal, the problems with DAC cables on QSFP28 ports still occur.
See the videos recorded before and after the upgrade for details:

7.16.2: https://youtu.be/4jiZP0HSBXE
7.17rc3: https://youtu.be/oBZ4NMrXVqk
 
patrick7
Member
Member
Posts: 351
Joined: Sat Jul 20, 2013 2:40 pm

Re: v7.17rc [testing] is released!

Mon Dec 16, 2024 2:00 am

DHCPv6 broken when using RADIUS Delegated-IPv6-Prefix & PPP
 
merkkg
just joined
Posts: 22
Joined: Thu Jan 19, 2017 11:50 am

Re: v7.17rc [testing] is released!

Mon Dec 16, 2024 12:37 pm

Lets get 7.17 out so we can start to talk about 7.18 beta thread.
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 16, 2024 2:11 pm

DHCPv6 broken when using RADIUS Delegated-IPv6-Prefix & PPP
Could you please tell us a bit more about this?

Did you test with Framed-IPv6-Prefix and Framed-IPv6-Pool?

I would not be surprise if this "thing" of not working with Framed-IPv6-Prefix and only working just with Framed-IPv6-Pool wolud come back...
This is recurrent since 2-3 years.
 
deadmaus911
just joined
Posts: 1
Joined: Wed Apr 25, 2018 3:47 pm

Re: v7.17rc [testing] is released!

Tue Dec 17, 2024 10:33 am

*) health - added cpu-overtemp-check on ARM, ARM64 devices (CLI only);
Please, tell us about this function. How do they work?
 
AlexandruL
just joined
Posts: 12
Joined: Wed Oct 30, 2024 9:58 pm

Re: v7.17rc [testing] is released!

Tue Dec 17, 2024 3:13 pm

Something to be added to the manual.
Whenever there is a mix of AX and AC APs using wifiwave2 drivers, use the same configuration on all of them regarding VLANS.

As described in the manual 802.11ac chipsets does not support VLAN tagging in the wifiwave2 driver and the interfaces must be manually configured on the bridge, however 802.11ax chipsets do not have this issue and the user would create a configuration with VLANs defined in the configuration.

Whenever there is a mix of AX and AC devices using wifiwave2 driver, manually configure all interfaces on the bridge in the same manner on all devices.

One of the symptoms I would get is that the Stations would not roam from AX to AC and on the interface I would get the error: client was disconnected because could not assign vlan.
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.17rc [testing] is released!

Tue Dec 17, 2024 4:58 pm

One of the symptoms I would get is that the Stations would not roam from AX to AC and on the interface I would get the error: client was disconnected because could not assign vlan.
Turned out (for me) that by setting ft-preserve-vlanid=no explicitely on the ac devices, roaming worked fine.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Tue Dec 17, 2024 5:36 pm

The whole VLAN stuff still s*cks!
Any reasonable WiFi network has the capability to assign a different VLAN to each client either via RADIUS or via access list rules.
The AP network interface has to support tagged VLANs and the connected clients receive the assigned VLAN untagged, and that should not have to be statically configured on a bridge. At most the allowed VLAN tags would be configured on the trunk.
It all worked just fine in the old WiFi driver (with the exception that a MikroTik-private RADIUS attribute was used instead of the industry standard Tunnel-XXX attributes).
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4324
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.17rc [testing] is released!

Tue Dec 17, 2024 6:03 pm

The whole VLAN stuff still s*cks!
Any reasonable WiFi network has the capability to assign a different VLAN to each client either via RADIUS or via access list rules.
While perhaps the older ac chipset cannot directly handle VLAN in hardware... the whole idea of RouterOS is these hardware difference are abstracted. So I've never understood why a Wi-Fi interface's VLAN on the AC devices cannot not just be a dynamic bridge port (i.e. "D" in /interface/bridge/port and added VLAN in /interface/bridge/vlan), similar to how MVRP/L3 VLANs are handled in 7.16.

The "mixed" ac/ax in CAPsMAN is not well covered in docs either. I'm not sure I would not have gotten to figuring out to use ft-preserve-vlanid=no to solve the post above's AX/AC+capsman issues...
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Tue Dec 17, 2024 10:24 pm

While perhaps the older ac chipset cannot directly handle VLAN in hardware...
It is a nice try, but the UBNT accesspoints I use at work use the same QCA9984 chip as is used in older MikroTik AC hardware, but it fully supports VLAN assignment per client... and I don't think that would be a software workaround.
And when it is, indeed it should be something that MikroTik should do as well.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Tue Dec 17, 2024 11:44 pm

While perhaps the older ac chipset cannot directly handle VLAN in hardware...
It is a nice try, but the UBNT accesspoints I use at work use the same QCA9984 chip as is used in older MikroTik AC hardware, but it fully supports VLAN assignment per client... and I don't think that would be a software workaround.
And when it is, indeed it should be something that MikroTik should do as well.
It works with the old drivers so the HW is capable to do so.
 
patrick7
Member
Member
Posts: 351
Joined: Sat Jul 20, 2013 2:40 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 1:59 am

The whole VLAN stuff still s*cks!
Any reasonable WiFi network has the capability to assign a different VLAN to each client either via RADIUS or via access list rules.
Works like a charm.

/user-manager user group
add attributes=Mikrotik-Wireless-VLANID:1337,Mikrotik-Wireless-VLANIDtype:0,Mikrotik-Wireless-PSK:tralala name=lan-psk outer-auths=pap,chap

/user-manager user
add attributes=Mikrotik-Wireless-Comment:Laptop comment=Laptop group=lan-psk name=AA:BB:CC:DD:EE:FF shared-users=10
 
patrick7
Member
Member
Posts: 351
Joined: Sat Jul 20, 2013 2:40 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 2:00 am

Did you test with Framed-IPv6-Prefix and Framed-IPv6-Pool?
No, I need a DHCPv6 Server
 
AlexandruL
just joined
Posts: 12
Joined: Wed Oct 30, 2024 9:58 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 11:13 am

One of the symptoms I would get is that the Stations would not roam from AX to AC and on the interface I would get the error: client was disconnected because could not assign vlan.
Turned out (for me) that by setting ft-preserve-vlanid=no explicitely on the ac devices, roaming worked fine.
It works, but only if you are willing to give up the feature mentioned in the quotes "The default behavior is essential when relying on a RADIUS server to assign VLAN IDs to users, since a RADIUS server is only used for initial authentication."

Thank you!
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 163
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 11:28 am

7.17.rc3

still not working.
Profile designer is make json file on disk but no more usable by winbox to assign to user group ou web interface, the profile is not listed after creation.

7.17rc2

Making skin with Skin Designer, save it, jason file present in the disk skin directory, but in user group cannot see it.
Even if I try to edit in skin designer, i cannot read it because not present in drop box...
seems system not load existing skin...
 
AlexandruL
just joined
Posts: 12
Joined: Wed Oct 30, 2024 9:58 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 11:28 am

Another feature that I desperately want is minimum rates. I want to disable DSSS and any OFDM rates below 24Mbps, this way I can better isolate the APs and the management frames are sent faster, it really helps for high client density:
https://www.cisco.com/c/en/us/td/docs/w ... DEEFE9AE47
https://documentation.meraki.com/MR/Rad ... te_Control

Setting the classic capsman rates like below does wonders for evicting sticky clients and not using those pesky access rules that don't cut it (pun intended):
/caps-man rates
add basic=24Mbps name=OFDM supported=24Mbps,36Mbps,48Mbps,54Mbps

And if you really have a lot of APs, you can set the minimum rate to 54Mbps for very tight cells, clients will always check the signal quality and a 54Mbps minimum rate wi-fi cell will have a lower quality over a closer wifi-cell, forcing the client to roam in an elegant way. Just remember that some devices will not connect, only 6,12 and 24Mbps rates are mandatory.

I've also opened a feature request, let's hope someone pushes this feature for RouterOS 7.18.
 
irghost
Member
Member
Posts: 308
Joined: Sun Feb 21, 2016 1:49 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 12:40 pm

waiting for this
viewtopic.php?t=213301
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 1:03 pm

waiting for this
viewtopic.php?t=213301
From thread:
There was a problem with resolving BGP gateways. Next beta version will have the fix.
That would be the 7.18 beta, since 7.17 are in RC.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 1:09 pm

Hopefully there will be a round of BGP fixes in the 7.18 betas so we have something to look forward to...
(there is of course no hope for the bugs to be fixed in 7.17 as there isn't any bgp changelog line...)
 
merkkg
just joined
Posts: 22
Joined: Thu Jan 19, 2017 11:50 am

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 1:11 pm

thats why 7.17 needs to go to release and 7.18 beta can come out... hopefully before Christmas.
 
teslasystems
just joined
Posts: 23
Joined: Sun Aug 09, 2015 3:00 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 5:06 pm

*) health - added cpu-overtemp-check on ARM, ARM64 devices (CLI only);
Please, tell us about this function. How do they work?
+1
There is nothing about this function in the documentation. It's only mentioned once in SNMP, but no any information about the function itself.
 
irghost
Member
Member
Posts: 308
Joined: Sun Feb 21, 2016 1:49 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 7:15 pm

waiting for this
viewtopic.php?t=213301
From thread:
There was a problem with resolving BGP gateways. Next beta version will have the fix.
That would be the 7.18 beta, since 7.17 are in RC.
thats not A good news
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.17rc [testing] is released!

Wed Dec 18, 2024 11:08 pm

7.17.rc3
still not working.
Profile designer is make json file on disk but no more usable by winbox to assign to user group ou web interface, the profile is not listed after creation.
.
This is not new to 7.17rc, and i've faced this for a few versions. Most of the times, after creating a new json file, it only shows for config after a reboot. While I don't know exactly when this started, i can confirm this is *NOT* 7.17 new.
 
Fazio8
just joined
Posts: 3
Joined: Wed Feb 28, 2024 2:45 pm

Re: v7.17rc [testing] is released!

Thu Dec 19, 2024 12:42 pm

I'm facing issues too with Container since testing 7.17rc. Following the reboot, no container start and no log is shown. Any hint?
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Thu Dec 19, 2024 1:10 pm

Known issue. They are working on it.
 
jresins
just joined
Posts: 1
Joined: Wed Dec 18, 2024 2:06 pm

Re: v7.17rc [testing] is released!

Thu Dec 19, 2024 3:32 pm

RB5009, ipv6 nd prefix default Configuration does not take effect.
it seems that "valid lifetime, preferred lifetime" does not take effect in routeros 7.16 and 7.17.
when the IPv6 prefix of the lan changed dynamically, the previous IPv6 address of the client pc does not age.
routeros 7.15 just work fine.

Image
 
sergiot77
just joined
Posts: 7
Joined: Tue Mar 28, 2023 1:14 am

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 12:02 am

With all 7.17 version both beta and rc, when dns adlist was downloaded and applied one cpu stucks at 100% and dns service is unresponsive. After about one minute cpu usage become normal and dns works as expected. I experienced this both on 4011 and 5009
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 10:07 am

fischerdouglas this thread is only about release to release changes. Please just make other topics about your other concerns. This has been said multiple times, and you are refusing to do that, and then are complaining on the internet, that your post is getting deleted. Do not post offtopic in this thread!
 
erlinden
Forum Guru
Forum Guru
Posts: 2626
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 10:19 am

With all 7.17 version both beta and rc, when dns adlist was downloaded and applied one cpu stucks at 100% and dns service is unresponsive. After about one minute cpu usage become normal and dns works as expected. I experienced this both on 4011 and 5009
Haven't seen this myself. Can you share your /ip dns export?
 
User avatar
fischerdouglas
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Thu Mar 07, 2019 6:38 pm
Location: Brazil
Contact:

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 11:47 am

fischerdouglas this thread is only about release to release changes. Please just make other topics about your other concerns. This has been said multiple times, and you are refusing to do that, and then are complaining on the internet, that your post is getting deleted. Do not post offtopic in this thread!
"this thread is only about release to release changes", you said... Right?


This is a quote of your own "release notes":
RouterOS version 7.17rc has been released on the "v7 testing" channel!

*) l3hw - improved system stability;

This a thread to Release Candidate, and according to semantic versioning and as a DeFacto standard, RC versions are exactly to users pointing bugs to be corrected BEFORE the stable release.
A release candidate (RC), also known as gamma testing or "going silver", is a beta version with the potential to be a stable product, which is ready to release unless significant bugs emerge.

This is a quote of MikroTiks team recognizing that there is a bug related exactly to a theme that is on your release notes.
There was a problem with resolving BGP gateways. Next beta version will have the fix.

But, as can be seen and interpreted, this will not be addressed on this(7.17) pre-stable version...
What leads to the conclusion that MikroTik will release a "stable" version knowing there is a bug.

P.S.: About "complaining on the internet", it's not a complain. It's just a warning my own friends about what is happening.
But a good way to avoid that "complaining"(that I prefer to call of "public reports of facts") is dealing with the problems here, like growing mans, and not pretending that the problems don't exist.

Well... I proved that exists a problem RELATED to THIS 7.17RC.
And all I'm asking is a statement in this thread recognizing what is happening. And if needed, communicate (on this thread) that this know bug will not be addressed in this Release Candidate version.

But I'm again predicting this post will be deleted again.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26912
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 11:56 am

please learn the term "offtopic", as it seems you do not understand it again.
if issue is not mentioned in changelog, it is not useful to repeat it every release. wait until you see it in the changelog. otherwise, do not spam the topic.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 2:11 pm

It would be nice when there was a list of known problems in a stable release, possibly later updated with new known problems introduced with the release.
There could be a link to a webpage that has such info and that is updated when new issues are recognized and planned to be fixed, in what version.
That would make it easier to refer people who try to discuss problems not immediately related to a beta/rc release in the release topic.
It would also serve to warn people about upgrading to a release that may introduce problems that affect their usage, and that are already known.
 
AlexandruL
just joined
Posts: 12
Joined: Wed Oct 30, 2024 9:58 pm

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 3:08 pm

Another feature that I desperately want is minimum rates. I want to disable DSSS and any OFDM rates below 24Mbps, this way I can better isolate the APs and the management frames are sent faster, it really helps for high client density:
https://www.cisco.com/c/en/us/td/docs/w ... DEEFE9AE47
https://documentation.meraki.com/MR/Rad ... te_Control

Setting the classic capsman rates like below does wonders for evicting sticky clients and not using those pesky access rules that don't cut it (pun intended):
/caps-man rates
add basic=24Mbps name=OFDM supported=24Mbps,36Mbps,48Mbps,54Mbps

And if you really have a lot of APs, you can set the minimum rate to 54Mbps for very tight cells, clients will always check the signal quality and a 54Mbps minimum rate wi-fi cell will have a lower quality over a closer wifi-cell, forcing the client to roam in an elegant way. Just remember that some devices will not connect, only 6,12 and 24Mbps rates are mandatory.

I've also opened a feature request, let's hope someone pushes this feature for RouterOS 7.18.
For whoever is interested I have a detailed description of my issue here:
viewtopic.php?t=213414
 
merkkg
just joined
Posts: 22
Joined: Thu Jan 19, 2017 11:50 am

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 4:32 pm

It would be nice when there was a list of known problems in a stable release, possibly later updated with new known problems introduced with the release.
There could be a link to a webpage that has such info and that is updated when new issues are recognized and planned to be fixed, in what version.
That would make it easier to refer people who try to discuss problems not immediately related to a beta/rc release in the release topic.
It would also serve to warn people about upgrading to a release that may introduce problems that affect their usage, and that are already known.
This is good idea and will avoid duplicate posting
 
federalbr
just joined
Posts: 1
Joined: Fri Nov 17, 2023 4:44 pm
Location: Natal, Brazil
Contact:

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 6:13 pm

Anyone having trouble changing the www service port?
 
lekr74
just joined
Posts: 1
Joined: Tue Jan 24, 2023 3:08 pm

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 9:48 pm

On my CCR2116-12G-4S+, I can no longer connect to L2TP over IPsec VPN server with 7.17. Reverting to 7.16.1 fixed the problem.
I'm experiencing the same issue here, tested on both CCR2216 and CCR2004 on 7.7rc3. Without IPsec enabled, no issues arise, but when I enable IPsec on the client-side, I receive a "failed to authenticate" message in the client's log.
Interestingly, there's no similar problem on CHR with the same configuration.
 
CGGXANNX
Member Candidate
Member Candidate
Posts: 250
Joined: Thu Dec 21, 2023 6:45 pm

Re: v7.17rc [testing] is released!

Fri Dec 20, 2024 11:44 pm

After upgrading my RB5009 from 7.16.2 to 7.17rc3, to fix this issue viewtopic.php?t=211778, User Manager stops working as RADIUS server for my UniFi APs (for WPA3 Enterprise). It looks like the issue is due to UDP packet fragmentation, namely with the Access-Challenge message that User Manager sends to the APs, the message containing the EAP data, including the certificates.

User Manager is setup to use the certificate from Let's Encrypt (obtained with /certificate/enable-ssl-certificate), the WiFi WPA2/3 Enterprise clients use PEAP and MSCHAPv2 for phase 2. The setup worked without problems for RouterOS <= 7.16.2. After upgrading to 7.17rc3, the authentication now hangs and times out.

When I use Packet Sniffer on the router, I can see that User Manager produces an Access-Challenge response message (it has the certificate data) that is larger than the payload of a 1500-byte UDP packet. The payload is 1478 bytes, 6 bytes larger than the limit. As a result, the message is fragmented into two fragments, one full size 1500-byte packet (1514-byte frame) and one 26-byte packet (20-byte IP header and the 6 bytes remaining, producing the 40-byte ethernet frame).

user-man-1.png

However, there is no response to the challenge from the APs, and after a while, a "Fragment reassembly time exceeded" ICMP message is returned. When I run captures on the remote devices, I can see that the first fragment of the message (the 1514-byte ethernet frame) does reach the destination, but the 2nd fragment (the 40-byte frame) never arrives.

To rule out that the issue is on the APs, I ran eapol_test https://manpages.debian.org/testing/eap ... .8.en.html on different computers, with the following simple config file:
network={
        ssid="example"
        key_mgmt=WPA-EAP
        eap=PEAP
        identity="my-user"
        anonymous_identity="AAA"
        password="my-password"
        phase2="auth=MSCHAPV2"
}
and the command
eapol_test -c test.conf -a 10.20.30.40 -s SECRET

And the packet capture shows the same problem with the missing 2nd fragment (with the tool producing "EAPOL test timed out" error message). The UniFi APs are directly connected to the etherX ports of the router (no switches in between).

If I increase the MTU on the router and on the devices to 1508, the Accept-Challenge message is sent as one single 1506-byte IP packet (1520-byte frame) and authentication works (also when tested with eapol_test).

I don't know if it's some change in 7.17 that causes the Accept-Challenge message to be larger than before, thus requiring fragmentation, and the fragmentation bug was always there; or the message has always been that large, even with <= 7.16.2, and there is a new bug with the fragments' handling?
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Sat Dec 21, 2024 12:08 pm

Make sure that you don't have some firewall somewhere that drops the 2nd fragment of the transmission because it does not have a valid UDP header (with permitted ports in the firewall)....
Can you send a long ping to your APs? (without "do not fragment" option, of course)
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 163
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.17rc [testing] is released!

Sat Dec 21, 2024 1:41 pm

ok thanks.

even reboot, json file is on disk but not loaded, so no available.
7.17.rc3
still not working.
Profile designer is make json file on disk but no more usable by winbox to assign to user group ou web interface, the profile is not listed after creation.
.
This is not new to 7.17rc, and i've faced this for a few versions. Most of the times, after creating a new json file, it only shows for config after a reboot. While I don't know exactly when this started, i can confirm this is *NOT* 7.17 new.
 
CGGXANNX
Member Candidate
Member Candidate
Posts: 250
Joined: Thu Dec 21, 2023 6:45 pm

Re: v7.17rc [testing] is released!

Sat Dec 21, 2024 2:13 pm

Make sure that you don't have some firewall somewhere that drops the 2nd fragment of the transmission because it does not have a valid UDP header (with permitted ports in the firewall)....
Can you send a long ping to your APs? (without "do not fragment" option, of course)

My firewall rules are actually just the defconf firewall (no Raw rules, no Mangle rules), with the VLAN interfaces in the LAN interface list, of course. Also, no custom routing rules. And the devices are plugged directly to the router's ports. Pings from the router to the APs work normally, I tried with packet sizes of both 1600, as well as 1506.

As you can see from the screenshots of the dump, there is no problem handling the fragmented ICMP packets. For the ping with size=1506 we have the same split with one 1514-byte and one 40-byte frame.

Before the upgrade to 7.17rc3, no changes have been made on the APs for months (they had uptimes of over 100 days, I've since rebooted them multiple times with no improvements).
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Sat Dec 21, 2024 2:41 pm

Ok I just wanted to make sure that it is not a simple issue related to the fragmenting of packets...
I use UniFi APs with EAP and RADIUS, but not with MikroTik usermanager (I use FreeRadius).
I would not expect that IP fragmentation would be a problem. Long messages are quite usual in these scenarios.
I send the authentication over a tunnel with 1400 byte MTU without problem...
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Sun Dec 22, 2024 8:42 pm

HAP AC2 with 7.17rc2: I have a 128GB USB stick formatted in Ext4. SanDisk stick just discarded new. via IP>SMB I shared a folder. If from a phone connected to wifi I copy any file of average size 296MB, the transfer starts well but randomly in a percentage that is always different, the router goes into kernel panic and restarts completely. I formatted in ROS if it can be a detail.. Serious BUG !!
Hi guys, I reported this bug to MK service who only reduced the appearance of this, in my opinion, serious problem. It got to the point that I was asked to do a test using CAPSMAN with the normal legacy wireless package instead of the current wifi-qcom-ac all on HAP AC2. The problem is that I don't have the possibility to proceed to this point. Can someone actually try to make this bug appear?

You may not even need to use capsman

Ticket: SUP-173480
 
AlexandruL
just joined
Posts: 12
Joined: Wed Oct 30, 2024 9:58 pm

Re: v7.17rc [testing] is released!

Sun Dec 22, 2024 11:08 pm

I've noticed a bug on the Mikrotik Wifi drivers (both wifi-qcom and wifi-qcom-ac), configured 2.4GHz N interface shows as being AC on Windows 10 devices.

BSSID 3 : <BSSID>
Signal : 60%
Radio type : 802.11ac
Channel : 1
Basic rates (Mbps) : 1 2 5.5 11
Other rates (Mbps) : 6 9 12 18 24 36 48 54

It can't be 802.11ac since is 5GHz band only.

The wireless packages doesn't have this issue.

The bug doesn't seem to affect 2.4GHz functionality.
 
itimo01
newbie
Posts: 26
Joined: Thu Jun 29, 2023 2:55 am
Location: Germany
Contact:

Re: v7.17rc [testing] is released!

Sun Dec 22, 2024 11:10 pm

HAP AC2 with 7.17rc2: I have a 128GB USB stick formatted in Ext4. SanDisk stick just discarded new. via IP>SMB I shared a folder. If from a phone connected to wifi I copy any file of average size 296MB, the transfer starts well but randomly in a percentage that is always different, the router goes into kernel panic and restarts completely. I formatted in ROS if it can be a detail.. Serious BUG !!
Hi, i used to have a similar issue cause the USB Drive just wasn't fast enough. (the wait time for the device exploded)
Using an AX3 though.

Some update fixed it, but I also swapped it with a cheap USB SSD (transcend ESD310C) and tbh it's a lot nicer now
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 11:39 am

HAP AC2 with 7.17rc2: I have a 128GB USB stick formatted in Ext4. SanDisk stick just discarded new. via IP>SMB I shared a folder. If from a phone connected to wifi I copy any file of average size 296MB, the transfer starts well but randomly in a percentage that is always different, the router goes into kernel panic and restarts completely. I formatted in ROS if it can be a detail.. Serious BUG !!
Hi, i used to have a similar issue cause the USB Drive just wasn't fast enough. (the wait time for the device exploded)
Using an AX3 though.

Some update fixed it, but I also swapped it with a cheap USB SSD (transcend ESD310C) and tbh it's a lot nicer now
hi, the USB stick is 3.2 if I remember correctly and in any case it is at least a brand new original SanDisk USB 3, I struggle to believe that in this case an AC2 is so fast in USB transfer that it sends everything haywire... does anyone have an AC2 or AC3 (or even the AX series) with the RC3 with the new wifi drivers to test?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 11:54 am

CPU in hAP ax3 can shuffle around 2.5Gbps (look at test results for bridging) and that's pretty lean on CPU (no packet processing, only passing between two ethernet interfaces). With SMB there's plenty of processing involved. And USB in SoC IPQ-6010 is 3.0, so max 5Gbps (including overhead) possible.

Add bugs in ROSE (kernel panics point in that direction) and interference between USB 3 and WiFi 2.4GHz ... and you get what you get.
Last edited by mkx on Mon Dec 23, 2024 12:51 pm, edited 1 time in total.
 
itimo01
newbie
Posts: 26
Joined: Thu Jun 29, 2023 2:55 am
Location: Germany
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 12:25 pm

does anyone have an AC2 or AC3 (or even the AX series) with the RC3 with the new wifi drivers to test?
I have an ac2 with 7.17rc3 and a cheap USB drive connected I'll check when I'm home.
Add bugs in ROSE (kernel panics point in that direction) and interference between USB 3 and WiFi 2.4GHz ... and you get what you get.
I switched to rose cause I thought it would get better but nope. Only 7.15 or 7.16 or something like that fixed the kernel panic.
I tried the USB drives on a computer and they do get similar results with the wait time exploding.

That is for 2 SanDisk Ultra and 2 Lexar ones I don't remember the model of.

Don't know how far 2.4ghz interference can go for USB3.
The test computer is around 2/3 meters away from the next AP.

But tbh the difference between the "normal" USB drives and the SSD is literally extreme.
Since the speed stays stable even when running big transfers.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 12:50 pm

Don't know how far 2.4ghz interference can go for USB3.
The test computer is around 2/3 meters away from the next AP.

The big problem is interference between locally connected interfaces (i.e. hAP ax3 with flakey USB3 stick plugged in and 2.4GHz radio ... USB3 activity will interfere with Rx path of 2.4GHz radio).

And regarding USB flash sticks: there are surprisingly many which outright suck at performance. Brand name doesn't matter, many brands have performance lines and comodity lines. Sticks with larger storage sizes suck relatively more than the ones with smaller sizes, it has to do with size of blocks (chips with larger storage size tend to have larger blocks and operations, both read and write, are done on entire block at once).
 
itimo01
newbie
Posts: 26
Joined: Thu Jun 29, 2023 2:55 am
Location: Germany
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 1:31 pm

I have an ac2 with 7.17rc3 and a cheap USB drive connected I'll check when I'm home.
I just use the ac2 as a wireless bridge here. Connected with its 5Ghz interface to an ax3.
It's using wifi-qcom-ac drivers and has a really, really cheap 32GB USB drive connected to it for some log files (aliexpress USB drive that cost me a total of 3€)


I just copied over around 1GB of video files to my ac2. No Kernel Panic whatsoever
But winbox became very, very slow (basically unusable).
Connecting with SSH was a bit nicer.

EDIT: I do have to say i didnt upgrade routerboot since 7.17rc1

And it kept throwing me this error in the winbox terminal
[admin@3_AC2_Bridge] > /disks
Console does not respond.
Restart console (this will terminate all active sessions)? [y/N]

[admin@3_AC2_Bridge] /disk> print
Flags: B - BLOCK-DEVICE; M - MOUNTED; p - PARTITION
Columns: SLOT, MOUNT-POINT, MODEL, SERIAL, INTERFACE, SIZE, FREE, USE, FS, FS-LABEL
#     SLOT        MOUNT-POINT  MODEL         SERIAL                  INTERFACE                   SIZE            FREE  USE  FS     FS-LABEL
0 B   usb1                     USB Disk 2.0  9446581253875077817     USB 2.00 480Mbps  31 457 280 000
1 BMp usb1-part1  usb1-part1   USB Disk 2.0  @32'768-31'457'280'000                    31 457 247 232  30 368 100 352  3%   fat32  NO NAME


[admin@3_AC2_Bridge] /disk> monitor-traffic 1
                  slot:    usb1-part1
              read-ops:         3 005
   read-ops-per-second:             0
            read-bytes:    31 628 800
             read-rate:          0bps
           read-merges:        58 694
             read-time:       51s77ms
             write-ops:        43 040
  write-ops-per-second:             0
           write-bytes: 1 404 362 752
            write-rate:          0bps
          write-merges:         5 138
            write-time:   21m28s565ms
         in-flight-ops:             0
           active-time:    4m34s350ms
             wait-time:   18m44s980ms
           discard-ops:             0
         discard-bytes:             0
        discard-merges:             0
          discard-time:           0ms
             flush-ops:             0
            flush-time:           0ms
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 1:37 pm

does anyone have an AC2 or AC3 (or even the AX series) with the RC3 with the new wifi drivers to test?
I have an ac2 with 7.17rc3 and a cheap USB drive connected I'll check when I'm home.
Add bugs in ROSE (kernel panics point in that direction) and interference between USB 3 and WiFi 2.4GHz ... and you get what you get.
I switched to rose cause I thought it would get better but nope. Only 7.15 or 7.16 or something like that fixed the kernel panic.
I tried the USB drives on a computer and they do get similar results with the wait time exploding.

That is for 2 SanDisk Ultra and 2 Lexar ones I don't remember the model of.

Don't know how far 2.4ghz interference can go for USB3.
The test computer is around 2/3 meters away from the next AP.

But tbh the difference between the "normal" USB drives and the SSD is literally extreme.
Since the speed stays stable even when running big transfers.
it would be of great help if you could do this test, mostly because I'm sorry to have opened a Ticket with MK but leave it pending. unfortunately, I repeat, they asked me to do the same test with legacy wireless drivers and capsman but I can't reconfigure everything... the test would be 1. legacy wireless + SMB 2. legacy wireless + capsman + SMB. Regarding USB3-wifi2.4Ghz interference, I don't get it because this KernelPanic appeared indicatively from ROS 7.16.2 (almost certainly that on 7.16.1 and 7.16 it was not present). We remain waiting so as to communicate the outcome to MK, always with a view to mutual collaboration ;)
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 1:39 pm

I have an ac2 with 7.17rc3 and a cheap USB drive connected I'll check when I'm home.
I just use the ac2 as a wireless bridge here. Connected with its 5Ghz interface to an ax3.
It's using wifi-qcom-ac drivers and has a really, really cheap 32GB USB drive connected to it for some log files (aliexpress USB drive that cost me a total of 3€)


I just copied over around 1GB of video files to my ac2. No Kernel Panic whatsoever
But winbox became very, very slow (basically unusable).
Connecting with SSH was a bit nicer.

EDIT: I do have to say i didnt upgrade routerboot since 7.17rc1

And it kept throwing me this error in the winbox terminal
[admin@3_AC2_Bridge] > /disks
Console does not respond.
Restart console (this will terminate all active sessions)? [y/N]

[admin@3_AC2_Bridge] /disk> print
Flags: B - BLOCK-DEVICE; M - MOUNTED; p - PARTITION
Columns: SLOT, MOUNT-POINT, MODEL, SERIAL, INTERFACE, SIZE, FREE, USE, FS, FS-LABEL
#     SLOT        MOUNT-POINT  MODEL         SERIAL                  INTERFACE                   SIZE            FREE  USE  FS     FS-LABEL
0 B   usb1                     USB Disk 2.0  9446581253875077817     USB 2.00 480Mbps  31 457 280 000
1 BMp usb1-part1  usb1-part1   USB Disk 2.0  @32'768-31'457'280'000                    31 457 247 232  30 368 100 352  3%   fat32  NO NAME


[admin@3_AC2_Bridge] /disk> monitor-traffic 1
                  slot:    usb1-part1
              read-ops:         3 005
   read-ops-per-second:             0
            read-bytes:    31 628 800
             read-rate:          0bps
           read-merges:        58 694
             read-time:       51s77ms
             write-ops:        43 040
  write-ops-per-second:             0
           write-bytes: 1 404 362 752
            write-rate:          0bps
          write-merges:         5 138
            write-time:   21m28s565ms
         in-flight-ops:             0
           active-time:    4m34s350ms
             wait-time:   18m44s980ms
           discard-ops:             0
         discard-bytes:             0
        discard-merges:             0
          discard-time:           0ms
             flush-ops:             0
            flush-time:           0ms
exactly!! from RC3 the appearance of Kernel Panic is much reduced but Winbox becomes unusable for the entire duration of the transfer!
 
itimo01
newbie
Posts: 26
Joined: Thu Jun 29, 2023 2:55 am
Location: Germany
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 1:46 pm

Regarding USB3-wifi2.4Ghz interference,
The hap ac line doesnt have USB3 (as far as i know) so no issue there.
I'll check with legacy drivers later. But won't be able to test with legacy capsman
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 2:23 pm

Regarding USB3-wifi2.4Ghz interference,
The hap ac line doesnt have USB3 (as far as i know) so no issue there.
I'll check with legacy drivers later. But won't be able to test with legacy capsman
right I hadn't thought of that and I confirm that the AC line has a USB 2.0. It would be great if you could at least test with the legacy driver to see if you have the same effect
 
itimo01
newbie
Posts: 26
Joined: Thu Jun 29, 2023 2:55 am
Location: Germany
Contact:

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 3:32 pm

right I hadn't thought of that and I confirm that the AC line has a USB 2.0. It would be great if you could at least test with the legacy driver to see if you have the same effect
So the result with "legacy" wireless driver is the following.
But before i start i must state that i didnt netinstall. I just removed the qcom-wifi-ac package and installed wireless.

Copying around 1GB again the speed is a lot faster at first. (6MB/s instead of 3) and then it goes crashing down to basically no traffic at all. But it came back up after a while. Maybe issue caused by the USB Drive. Screenshot says canceling since i accidentally hit space. Woops
Screenshot 2024-12-23 142555.png
I noticed that with wireless theres about 20MiB more RAM free.
Also winbox worked fine (maybe a tiny bit slower than no load)

Heres the disk stats:
[admin@3_AC2_Bridge] > /disk/monitor-traffic 1
                  slot:    usb1-part1
              read-ops:         3 059
   read-ops-per-second:             0
            read-bytes:     6 652 416
             read-rate:          0bps
           read-merges:             0
             read-time:      31s607ms
             write-ops:        42 230
  write-ops-per-second:             0
           write-bytes: 1 338 432 000
            write-rate:          0bps
          write-merges:         5 425
            write-time:   14m18s448ms
         in-flight-ops:             0
           active-time:    4m16s240ms
             wait-time:    11m4s120ms
           discard-ops:             0
         discard-bytes:             0
        discard-merges:             0
          discard-time:           0ms
             flush-ops:             0
            flush-time:           0ms
You do not have the required permissions to view the files attached to this post.
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 6:12 pm

Nothing, we are not there...

I have tried now with a 16GB Kingston USB key from...2011 or 2010 perfectly working formatted by ROS in Ext4. I started a transfer of a folder in total 1.8 GB on my Samsung Android S24 Plus and the transfer starts without problems but 1. Winbox becomes completely unusable and many times it exits and in the attempt to re-enter it asks me to activate the Legacy mode which however does not work. After a while on Android I lose the wifi signal and the transfer stops, the time it reconnects to the wifi does this a couple of times then the main HAP AC2 restarts in kernel panic. During the transfer, the CPU usage reaches a maximum of 40% and there is enough RAM left, the flash memory is around 200-230 Kb as per various ROS releases. Note that my S24 was connected to a HAP AC2 which acts as a simple access point configured as a CAP. I did a second test by connecting my S24 directly to the wlan1 and wlan2 of the Main AC2 and I have to say that the transfer was perfectly stable without an error and a drop in speed, at the same time I had winbox open on a Windows PC connected via wifi to a CAP and Winbox never slowed down. Now I have to do this evening or tomorrow at most a test with a PC connected via ethernet in this way we exclude any problem with the wifi, capsman and the new drivers... let's hope we understand something more...
 
pe1chl
Forum Guru
Forum Guru
Posts: 10529
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 7:31 pm

a hAP AC2 is not a NAS!
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 9:47 pm

a hAP AC2 is not a NAS!
and who says otherwise? in fact under the AC2 there is a nice Synology.. but if there is a USB port and there is also a ROS function to share folders and files I would like it to work and not send the whole system into kernel panic
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3343
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 10:16 pm

Christmas is coming, will 7.17 be released? :)
 
holvoetn
Forum Guru
Forum Guru
Posts: 6752
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 10:25 pm

Doubtful IMHO.
There is a confirmed bug with container startup crashing the whole system.
That needs to be fixed or it will be a very eventful release.
 
AV1234
just joined
Posts: 3
Joined: Fri Dec 15, 2023 4:11 pm

Re: v7.17rc [testing] is released!

Mon Dec 23, 2024 11:43 pm

Hap AC2. I have a 500/500 mbit plan and im trying to speedtest via wifi during upload a got this from time to time:
2024-12-23 02:09:47 system,error,critical router was rebooted without proper shutdown, probably kernel failure
2024-12-23 02:09:48 system,error,critical kernel failure in previous boot
2024-12-23 02:09:48 system,error,critical out of memory condition was detected
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Tue Dec 24, 2024 12:40 am

Tested with a PC connected via cable to AC2, the transfer never stopped and was also quite fast. However, in my opinion there are one or more bugs that concern SMB and capsman and/or the wifi-qcom-ac driver. According to the LOGs and my wifi devices connected simultaneously to the transfer, Capsman completely loses the connection of my two CAPs (both AC2 always wifi-qcom-ac) remaining active only the local interfaces of the same AC2, after a few seconds always viewing the LOGs the CAPs reconnect but, always during the SMB transfer this phenomenon continues until the end of the transfer. The thing that makes you think is that I made two transfers: a single 1.5 GB ZIP file that took 4 minutes in total and there were no apparent problems, and a folder with many 1.6 GB internals, the latter is the one that caused the problems mentioned. It seems that under load ROS is unable to manage the wifi compartment (and/or Capsman) this explains why with the PC via cable Winbox never slowed down during the transfer while with the PCs via wifi even when they were not the ones making the transfer, but another wireless client, WInbox slowed down to the point of closing and showing windows with nothing inside. I specify that AC2 never restarted or gave kernel panic errors when making the transfer via cable.,.. Mikrotik can you replicate this situation in your lab? In my opinion it is serious
 
wispmikrotik
Member Candidate
Member Candidate
Posts: 144
Joined: Tue Apr 25, 2017 10:43 am

Re: v7.17rc [testing] is released!

Tue Dec 24, 2024 10:11 am

New beta 7.18 for christmas?
 
merkkg
just joined
Posts: 22
Joined: Thu Jan 19, 2017 11:50 am

Re: v7.17rc [testing] is released!

Tue Dec 24, 2024 12:47 pm

New beta 7.18 for christmas?
I wish
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12979
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.17rc [testing] is released!

Tue Dec 24, 2024 3:33 pm

New beta 7.18 for christmas?
I wish

Not likely. So far, beta only came out after previous version was released as stable. 7.17 is still Release Candidate and folks @MT are running out of time ... it's almost Christmas eve, Latvia is at UTC+2 which means it's 3:30 PM and almost end of office time.
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.17rc [testing] is released!

Tue Dec 24, 2024 4:36 pm

I specify that AC2 never restarted or gave kernel panic errors when making the transfer via cable.,..
I have always used the ethernet cable and yet it always restarted.
viewtopic.php?t=212754#p1112414

They are aware of the problem and are working on it.
 
Valerio5000
Member Candidate
Member Candidate
Posts: 104
Joined: Fri Dec 06, 2013 2:38 am

Re: v7.17rc [testing] is released!

Tue Dec 24, 2024 7:52 pm

I specify that AC2 never restarted or gave kernel panic errors when making the transfer via cable.,..
I have always used the ethernet cable and yet it always restarted.
viewtopic.php?t=212754#p1112414

They are aware of the problem and are working on it.
hi, it's exactly the same problem I'm having! probably the fact of restarting only with wifi is a coincidence, anyway good to know!

Who is online

Users browsing this forum: No registered users and 9 guests