I have started testing this version. So far the issue of one client having high download causing slowness to other clients has been resolved. Mikrotik great and good work on this. We are going somewhere now
One question is dynamic downlink ratio behaviour changed? In 6.42.2 with ratio of 60% ap can shoot to 90-100mbps download speed to a client but now in 6.42.3 I can only shoot to around 60-70mbps. I changed the ratio to 70% in 6.42.3, I can see the same results as 6.42.2(with 60% ratio) but with better sharing between clients than previous versions
I can't guarantee that this'll work for you, but it worked for me (try at your own risk, and try on some local devices first):What should I do? The device is on remote location so it's not an option to netinstall it. So far I can not upgrade to any new version.
How can I clean up these extra files/data? If I format the flash then the device won't boot afterwards, isn't it?
Frankly this was my plan, too, but once I did that and out of sudden cleared the device config (don't know the reason why) so it was a bit... bad idea.I can't guarantee that this'll work for you, but it worked for me (try at your own risk, and try on some local devices first):
If you don't have 'Keepalive' enabled, side A doesn't know that the tunnel is disabled on side B, so it keeps sending packets.I have 2 locations. Location A and location B.
From A to B working EoIP tunnel.
In tunnel going multicast traffic in direction from A to B.
On side "B" I do EoIP tunnel disable, it show like not active.
Multicast flow stop on side "B", but income traffic on my WAN port
on side "B" is still going.
Why so, if EoIP tunnel not active and no connection through EoIP?
Traffic on side "B" on WAN port stop going only if I disable EoIP tunnel on
source side "A".
The only thing I need is some confirmation from someone wise that repartition won't crear up whole disk so ROS won't be able to load.I would try to repartition it to 1 partition, upgrade and repartition back to 2 partitions. But:
1. Don't forget about backup.
2. Make sure that new version does not leak free space :)
You most notice the dynamic downlink radio settings is really doing something when your APs are getting close to client throughput saturation (such as peak hours when everybody is doing something). Under light throughput loads (non-peak usage periods), you should not normally see much of a difference.I have started testing this version. So far the issue of one client having high download causing slowness to other clients has been resolved. Mikrotik great and good work on this. We are going somewhere now
One question is dynamic downlink ratio behaviour changed? In 6.42.2 with ratio of 60% ap can shoot to 90-100mbps download speed to a client but now in 6.42.3 I can only shoot to around 60-70mbps. I changed the ratio to 70% in 6.42.3, I can see the same results as 6.42.2(with 60% ratio) but with better sharing between clients than previous versions
Dear friend, I have been testing with dynamic downlink ratio and I have not noticed any difference in altering this value. Do you really notice difference in leaving it at 50%? Thank you
/interface bridge settings set use-ip-firewall=yes use-ip-firewall-for-pppoe=yes
/interface bridge settings set use-ip-firewall=no
I guess just you: https://www.screencast.com/t/V6dfdHvvMy terminal doesn't work in Webfig. It shows just an empty space.
Can you please check if it is me only or you also have that problem?
Can you describe is wrong with CHR on Hyper-V?Still no fix for chr hyperv?
A simple reboot usually removes those invisible left overs.How can I clean up these extra files/data? If I format the flash then the device won't boot afterwards, isn't it?
It would be great if we get this fix into the next current release, aswell.Version 6.43rc17 has been released.
*) wireless - fixed wireless interface lockup after period of inactivity;
Not that many competitors are there so far. AP mabe but not routers. VyOS on Ubiquity routers maybe?Confirm further aggregate throughput increase on AP. Almost there Mikrotik soon be overtaking the the competition in performance as well as price. Well done dev team excellent work, go have yourselves a well deserved beer :-)
Reboot won't helped at all, I tried that first. Will try mess with individual packages, but that looks risky.A simple reboot usually removes those invisible left overs.How can I clean up these extra files/data? If I format the flash then the device won't boot afterwards, isn't it?
If still not enough, a trick I use on an overloaded 941-2nD. Push manually first only some core packages (system and as much as needed for accessing the device after reboot). Then after reboot push the rest of the packages needed for full operation. Hope it helps and MT team will eventually improve in this area as well.
Definitely I agree with you..Now we need to improve in nv2 ptp since we can not get past those 100 mbps in ptp mode as well.
Is EoIP active on router A (meaning that you have disabled keepalive) ?
We have exactly the same issue, we reported it to Mikrotik with Ticket#2018051822005031, there beautiful answer was to remove the partitioning (which i've done) but just resulted in 1 bigger partition with still invisible files using up all the diskspace.I'll repeat my question here:
I have a ccr1009 with flash partitioned into 2 partitions. So each of that flash parts are of 32 Mb, which was ok for me so far.
After recent upgrade to 6.42.1 I found all of my flash almost taken by unknown (invisible) files or data. Right now I have only 10 Mb of flash and the upgrade to 6.42.2 needs ~15Mb. I asked this in different topic and got viewtopic.php?f=2&t=134713&p=663589#p663890 this answer saying I'm not along with the problem, so looks like 6.42.1 upgrade script won't do its job well, or something. Not sure is this can be more widespread or not, and surely don't know if this can happen to any new version.
What should I do? The device is on remote location so it's not an option to netinstall it. So far I can not upgrade to any new version.
How can I clean up these extra files/data? If I format the flash then the device won't boot afterwards, isn't it?
some one have this problems?ifthen have promlems:Code: Select all/interface bridge settings set use-ip-firewall=yes use-ip-firewall-for-pppoe=yes
1. dont work simple queues (upload)
2. and then other mikrotik connect to this mikrotik by pppoe then have 0.1 mbit/s download speed, and unlocked speed upload (promlem 1)
ifall okCode: Select all/interface bridge settings set use-ip-firewall=no
I have downgraded to 6.42.1 and the ICMP rules on the input chain are picking up traffic again and loging it.So in the 42.3 a simple rule that logs ICMP would not do anything while a ICMP rule on the forward chain would not pick up all ICMP traffic.On 6.42.1 the things seem to be working properly ,same firewall ruleset made from within the winbox interface keep in mind.There is some issue with firewall rules or maybe they work differently now.I think it started with 42.2 version.
My ICMP rules made on input and/or forward chains are ignored.
They were working just fine in 42.1.
I usually drop ICMP Type 8 Echo Request when i am not playing online games from WAN (BF4 for example requires it otherwise you get kicked).
When this rule was enforced no ping could be seen in BF4 players list , now the ping shows up with the exact same rules .So what s the problem ?
Why is ICMP going thru even when no rule is allowing it ?
Has something changed in relation to firewall rules since 42.2 ?
I would have if it wasn't locked.... *facepalm*timoid - Please try to keep this forum topic strictly related to v6.42.3 release;
Please be more specific on this problem - what is your configuration on the AP, can you provide us support output file to support@mikrotik.com?After upgrading to 6.42.3 I had lots of trouble with the Wifi on my CRS125-24G-1S-2HnD, clients kept being deauthed which I believe is more a side effect of the SSID not getting broadcasted
Downgraded to 6.42.2 and immediately it started broadcasting the SSID and my clients (17) popped back in and have been since.
Smell like a bug
Is it happening on both 2.4ghz and 5ghz? Please provide support output file when this happens and send to support@mikrotik.comwAP AC: With 6.43rc12 a user was able to connect with its Huawei smartphone. Now with 6.42.3 he is unable to connect at all, neither with WPA2/EAP nor with open/unprotected SSID. There´s no entry within the log when he tries to connect. After upgrading to 6.43rc12 he can happily connect again.
Can we have an explanation on this one. How is it improved? What did not happen before? If client is set at 20Mhz where AP is at 40Mhz or higher client simply can't communicate on anything wider then 20Mhz isn't it? So what is improved now?RouterOS version 6.42.3 has been released in public "current" channel!
*) wireless - improved client "channel-width" detection;
Does this improvement need an upgrade of AP only or all CPE's need to have the upgrade? Or if not, what minimal version do CPE's need to have to work with this improvement?RouterOS version 6.42.3 has been released in public "current" channel!
*) wireless - improved Nv2 PtMP performance;
Try on my CCR1009, with 6.42.3 drop ICMP type 8 working correctly, it also work in raw(prerouting)I have downgraded to 6.42.1 and the ICMP rules on the input chain are picking up traffic again and loging it.So in the 42.3 a simple rule that logs ICMP would not do anything while a ICMP rule on the forward chain would not pick up all ICMP traffic.On 6.42.1 the things seem to be working properly ,same firewall ruleset made from within the winbox interface keep in mind.There is some issue with firewall rules or maybe they work differently now.I think it started with 42.2 version.
My ICMP rules made on input and/or forward chains are ignored.
They were working just fine in 42.1.
I usually drop ICMP Type 8 Echo Request when i am not playing online games from WAN (BF4 for example requires it otherwise you get kicked).
When this rule was enforced no ping could be seen in BF4 players list , now the ping shows up with the exact same rules .So what s the problem ?
Why is ICMP going thru even when no rule is allowing it ?
Has something changed in relation to firewall rules since 42.2 ?
It s like ICMP would go around the firewall in 42.3 ,on it s own:)
Jun/04/2018 11:47:58 system,info,account user admin logged out from 192.168.1.250 via winbox
Jun/04/2018 11:48:02 system,info
Jun/04/2018 11:48:02 system,info
Jun/04/2018 11:48:02 system,info
Jun/04/2018 11:48:02 system,info
Jun/04/2018 11:48:02 system,info
Jun/04/2018 11:48:03 system,info router rebooted
Jun/04/2018 11:50:04 system,info,account user admin logged in from 192.168.1.250 via winbox
I recon you have your reasons!? But to me it sounds like bad design, burdening down the router with 1200 instances of DHCP servers. One server could off course serve many more scopes or you perhaps should rethink your DHCP strategy and relay requests a couple of hops away into a redundant DHCPServer setup else where in your net....6.42.x breaks sometching quite badly in DHCP server.
I have a setup where a CCR1016 serves several VLANs, with a dedicated DHCP server to each VLAN.
6.41.4 works beautifully without any sort of hiccups.
6.42.x sometimes won't bring the DHCP instances up in the first boot.
If i reboot the CCR, then sometimes the system brings part of the DHCP servers up.
Sometimes all DHCP servers will be up at boot time, but an hour or so later customers start calling and... AHA! --All DHCP servers are RED again :headbang:
i had this happen in two different CCR1016's, they have twin configurations, altough the only unnusual condition in these is the sheer number of DHCP instances(600 and 1200) respectivelly.
[romas@ns0 unbound]# dig mikrotik.com AAAA
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.5 <<>> mikrotik.com AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21383
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;mikrotik.com. IN AAAA
;; ANSWER SECTION:
mikrotik.com. 7200 IN AAAA 2a02:610:7501:1000::2
;; AUTHORITY SECTION:
mikrotik.com. 6743 IN NS mimas.mt.lv.
mikrotik.com. 6743 IN NS moon.mt.lv.
;; Query time: 63 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jun 6 16:26:14 2018
;; MSG SIZE rcvd: 102
> tool tracero 2a02:610:7501:4000::226
# ADDRESS LOSS SENT LAST AVG BEST WORST
1 2a07:4480:0:1401:0:1:: 0% 4 4ms 3.9 3.3 4.1
2 2a07:4480:0:1401:: 0% 4 3.3ms 3.1 2.7 3.3
3 2a00:1248:8180:1::10 0% 4 2.7ms 3.4 2.7 4.8
4 100% 4 timeout
5 2a00:1248:7fff:fffe:c3ef:fca2... 0% 4 40.8ms 40.9 40.4 41.3
6 10.222.78.133 0% 4 52.8ms 53.1 52.1 54.5
7 10.222.78.101 0% 4 65.7ms 59.5 57.2 65.7
8 2a02:2330:f:41::2 0% 4 63ms 62.2 61.2 63
9 2a02:2330:c:36::2 0% 3 61.3ms 62.2 61.3 63.6
10 100% 3 timeout
11 2a02:610:7501:4000::1 0% 3 58.5ms 59.1 58.5 60
12 2a02:610:7501:4000::226 0% 3 59ms 59 58.8 59.2
> tool tracero download.mikrotik.com
# ADDRESS LOSS SENT LAST AVG BEST WORST
1 100% 2 timeout
2 100% 2 timeout
3 100% 2 timeout
4 100% 1 timeout
5 100% 1 timeout
viewtopic.php?t=116480#p577004Any idea why sometimes WLAN drop my connection by this reason: Unicast key exchange timeout
.
Is it that 6.42.3 won't work on RB750GL's?
Is it that I could already have been infected with VPNFilter?
Anyone have suggestions?
Unfortunately netinstall did not work either, yet the device appairs in netinstall and you can begin an "install", but the completeness bar does not move and after some time the device goes goes back in ready.Hello Folks!
Unfortunately the WIFI (802.11N in this case) problems remains in this version.
Connecting to WiFI and Loading the router with some wifi traffic causes CPU go sky high 100% at all time, and traffic goes down from normal 20-30Mbit/s to 0.5Mbit/s and starts to interrupt all the time. Ultimately the router crashes after some time.
An attempt to downgrade to 6.41.3 lead to)
RouterBOOT booter 6.42.3
RouterBoard 411
CPU frequency: 300 MHz
Memory size: 32 MiB
NAND size: 64 MiB
Press any key within 2 seconds to enter setup..
loading kernel... OK
setting up elf image... OK
jumping to kernel code
Starting...
Generating SSH 2048bit RSA host key...
T�����偳�ٕ�́����嵉����������5r�Generating SSH 1024bit DSA?host key...
Too many levels of symbolic links
Then the device just sits there forever, next will now be a try using netinstall.
I have had this same issue in the past with 411 boards. But since I removed almost all 4xx, and 7xx boards from my system I don't have that issue. I think these 'old' boards are just not good enough anymore to run the latest ROS. No matter what they say about compatibility. I would start replacing these board for more modern (and thus faster) units and that way also stay out of these issues....Unfortunately netinstall did not work either, yet the device appairs in netinstall and you can begin an "install", but the completeness bar does not move and after some time the device goes goes back in ready.Hello Folks!
Unfortunately the WIFI (802.11N in this case) problems remains in this version.
Connecting to WiFI and Loading the router with some wifi traffic causes CPU go sky high 100% at all time, and traffic goes down from normal 20-30Mbit/s to 0.5Mbit/s and starts to interrupt all the time. Ultimately the router crashes after some time.
An attempt to downgrade to 6.41.3 lead to)
RouterBOOT booter 6.42.3
RouterBoard 411
CPU frequency: 300 MHz
Memory size: 32 MiB
NAND size: 64 MiB
Press any key within 2 seconds to enter setup..
loading kernel... OK
setting up elf image... OK
jumping to kernel code
Starting...
Generating SSH 2048bit RSA host key...
T�����偳�ٕ�́����嵉����������5r�Generating SSH 1024bit DSA?host key...
Too many levels of symbolic links
Then the device just sits there forever, next will now be a try using netinstall.
Indeed they are aged, we have many of them still in production, we replace them when they fail or when customer experience some issues. But it does not happen to often I must say, so we still need our old RB411 devices. We actually freezed upgrading them some time ago, disabling but not uninstall all unneeded packages and so on to minimize the resource usage.I have had this same issue in the past with 411 boards. But since I removed almost all 4xx, and 7xx boards from my system I don't have that issue. I think these 'old' boards are just not good enough anymore to run the latest ROS. No matter what they say about compatibility. I would start replacing these board for more modern (and thus faster) units and that way also stay out of these issues....Unfortunately netinstall did not work either, yet the device appairs in netinstall and you can begin an "install", but the completeness bar does not move and after some time the device goes goes back in ready.Hello Folks!
Unfortunately the WIFI (802.11N in this case) problems remains in this version.
Connecting to WiFI and Loading the router with some wifi traffic causes CPU go sky high 100% at all time, and traffic goes down from normal 20-30Mbit/s to 0.5Mbit/s and starts to interrupt all the time. Ultimately the router crashes after some time.
An attempt to downgrade to 6.41.3 lead to)
RouterBOOT booter 6.42.3
RouterBoard 411
CPU frequency: 300 MHz
Memory size: 32 MiB
NAND size: 64 MiB
Press any key within 2 seconds to enter setup..
loading kernel... OK
setting up elf image... OK
jumping to kernel code
Starting...
Generating SSH 2048bit RSA host key...
T�����偳�ٕ�́����嵉����������5r�Generating SSH 1024bit DSA?host key...
Too many levels of symbolic links
Then the device just sits there forever, next will now be a try using netinstall.
To give you some hope, I'd remember that some boards needed several attempts before they finally took the netinstall upgrade. And do the system package only. Needs less memory.
I had the feeling at those days it was more a memory issue with bad sectors after so many read/writes over the years so the new packages simply couldn't installed properly.
This approach was actually presented on recent MUM Melbourne where local ISP Tasmanet solved need to do DHCP with static reservations per each customer. They ended up with ton of /32 DHCP servers which each serve exactly one customer. If customer switch their router (come up with different MAC), DHCP will not get confused and customer will get same IP.But to me it sounds like bad design, burdening down the router with 1200 instances of DHCP servers.
You are correct, very large jump. Maybe that was it. Maybe I was already infected. Weekend of playing, luckily I had an older 750GL I could use offline to restore my old configs from backups. (I won't use this method again) so that I could export to a file the configuration script. Then I was able to bare metal the bricked 750GLs by using NetInstall and 15 second reset to put them in NetInstall mode. I loaded the new v6.42.3 and manually worked on importing the saved scripts on each. Modifying things that have changed since the old v5 versions of RouterOS..
Is it that 6.42.3 won't work on RB750GL's?
Is it that I could already have been infected with VPNFilter?
Anyone have suggestions?
That's a very large jump in software. I recall 6.29 was a robust early version that might be worth using as an intermediate stepping version. From your brief summary it appears you haven't upgraded to the latest firmware, ( \system\routerboard ) you need to do this with each upgrade.
With your current situation I'd try a Netinstall with your laptop and router both connected to a dumb switch and no other devices.
[Toto@TOPPA-DIS1] > ping d4ca6d9eb709
SEQ HOST SIZE TTL TIME STATUS
0 D4:CA:6D:9E:B7:09 70 33ms
0 D4:CA:6D:9E:B7:09 70 33ms
1 D4:CA:6D:9E:B7:09 70 29ms
1 D4:CA:6D:9E:B7:09 70 29ms
2 D4:CA:6D:9E:B7:09 70 21ms
2 D4:CA:6D:9E:B7:09 70 22ms
3 D4:CA:6D:9E:B7:09 70 14ms
3 D4:CA:6D:9E:B7:09 70 14ms
4 D4:CA:6D:9E:B7:09 70 14ms
4 D4:CA:6D:9E:B7:09 70 15ms
5 D4:CA:6D:9E:B7:09 70 20ms
5 D4:CA:6D:9E:B7:09 70 20ms
6 D4:CA:6D:9E:B7:09 70 14ms
6 D4:CA:6D:9E:B7:09 70 14ms
7 D4:CA:6D:9E:B7:09 70 12ms
7 D4:CA:6D:9E:B7:09 70 12ms
8 D4:CA:6D:9E:B7:09 70 16ms
8 D4:CA:6D:9E:B7:09 70 16ms
9 D4:CA:6D:9E:B7:09 70 13ms
9 D4:CA:6D:9E:B7:09 70 13ms
sent=10 received=20 packet-loss=-100% min-rtt=12ms avg-rtt=18ms max-rtt=33ms
Sent from my SM-A520W using TapatalkVirtual AP seems to be broken in 6.42.3, I upgraded an AP and a CPE and they did not reconnect. AP shows authentification errors. Moved the config of the virtual AP Interface to the main interface and connection comes up. Protocol is 802.11/WPA2 PSK. Updating the CPE was not the problem. As soon as the AP is upgraded problem started.
03:56:56 wireless,info 00:0C:42:2B:YY:XX@vapinterface: disconnected, received deauth: authentication not valid (2)
Are you certain that you do not have some feature which would consume lot of ram? Logs, packet sniffer, http proxy etc... ? Even if you did not set it up manually, check these things.Current version has an important memory leakage.
I don't think it's 6.42.3 specific or a new issue. Perhaps new dedicated thread or feature request could be good.FW: 6.42.3 (stable) If my Mikrotik router(RB433L) is configured in native Ipv6 mode(without IPV4 address) i cant get package update from mikrotik CDN.
It seems that Mikrotik does not receive AAAA from my DNS, but if I make a request through DIG - my DNS gives AAAA
[romas@ns0 unbound]# dig mikrotik.com AAAA