RouterOS version 6.47.9 has been released in public "long-term" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.47.9 (2021-Feb-05 15:22):

Changes since 6.47.8:

*) bgp - fixed VPNV4 RD byte order;
*) branding - fixed LCD logo loading from new style branding package;
*) crs312 - fixed missing SwOS firmware on revision 2 devices;
*) crs3xx - correctly filter packets by L2MTU size;
*) crs3xx - improved system stability when receiving large frames for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices (introduced in v6.47.5);
*) defconf - fixed default configuration loading on RBcAP-2nD and RBwAP-2nD;
*) hotspot - fixed "idle-timeout" usage with RADIUS authentication;
*) hotspot - fixed special character parsing in "target" variable (CVE-2021-3014);
*) package - do not include multiple The Dude packages in HDD installer;
*) snmp - fixed "send-trap" functionality;
*) webfig - fixed new interface addition;
*) winbox - fixed enable/disable button presence for "Bridge/Hosts" menu;
*) winbox - renamed IP protocol 41 to "ipv6-encap";
*) winbox - show "System/Health" only on boards that have health monitoring;
*) winbox - use health values reported by gauges for "System/Health" menu;
*) wireless - renamed "macedonia" regulatory domain information to "north macedonia";
*) wireless - updated "indonesia5" regulatory domain information;

For a full changelog please visit https://mikrotik.com/download/changelogs

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

Please keep this forum topic strictly related to this specific RouterOS release.

Is DoH now part from longterm 6.47.9 (i am coming from 6.47.7 stable) ?
br, Richard

roe1974 - DoH support was already added in v6.47.

I cant see memory leak on DoH is in the fixed log!!!
Until its fixed, I do not recommend use DoH

what is this "memory leak" ?
I use DoH since 6.47 with more or less no problems.... (ltAp, R4011)
br, Richard

Do a search in goolge (or at the forum) for "mikrotik doh memory leak"
Yes it work, but have a look of used memory every day and you see it goes up and down.

Eks
viewtopic.php?p=804384#p804384

Thank you for promoting 6.47 to long term - had a lot of success with this release stream - has given me an opportunity to easily rollback/forward between 6.48.x while work continues - safe and easy fallback to 6.47 :-)

Got it installed on my RB4011/CRS112/2xcAP ac/wAP ac (coming from 6.478.1), will monitor. Upgrade went very smooth!

Thank you for promoting 6.47 to long term - had a lot of success with this release stream - has given me an opportunity to easily rollback/forward between 6.48.x while work continues - safe and easy fallback to 6.47 :-)

Totally concur!
Thank you!

I updated to this version and enabled DoH. So far everything seems to work as expected. Will keep an eye on the memory usage.

Awesome been waiting for the "real" stable release. Long term it is!!

Thank you for not breaking the IKE 2. On the stable version, dynamic connections with LTE, without real IP addresses disappear, I don't know how to solve.

Bug (/system health) in WebFig and Winbox for the Mikrotik hEX RB750Gr3
Firmware v6.47.9
Bootloader v6.46.7
WebFig and Winbox
(/System health) from WebFig and Winbox does not display system voltage or system temperature
Terminal
(/system health print) does display system voltage and system temperature
Does the bootloader need to be updated?

Bug (/system health) in WebFig and Winbox for the Mikrotik hEX RB750Gr3
Firmware v6.47.9
Bootloader v6.46.7
WebFig and Winbox
(/System health) from WebFig and Winbox does not display system voltage or system temperature
Terminal
(/system health print) does display system voltage and system temperature
Does the bootloader need to be updated?

Try rebooting to find out?
Your bootloader wasn't even on latest for the 6.46 minor release; 6.46.8 was previous.

It's hard to call this a bug for sure when your bootloader is a minor-release behind.

Bug (/system health) in WebFig and Winbox for the Mikrotik hEX RB750Gr3
Firmware v6.47.9
Bootloader v6.46.7
WebFig and Winbox
(/System health) from WebFig and Winbox does not display system voltage or system temperature
Terminal
(/system health print) does display system voltage and system temperature
Does the bootloader need to be updated?

Try rebooting to find out?
Your bootloader wasn't even on latest for the 6.46 minor release; 6.46.8 was previous.

It's hard to call this a bug for sure when your bootloader is a minor-release behind.

Upgraded firmware to v6.47.9 still no display from WebFig (/system health)

It's been 84 years...
Have been waiting for long-term 6.47.X to release, so I could upgrade to it directly from stable 6.46.5 on RB760iGS and cAP AC, given how poor a lot of recent stable 6.47.X (and .48, oh man, oh god) releases were received. But, generally speaking, is it a good idea (meaning "is it safe?") to do both things at the same time - to upgrade to next major version (from .46 to .47) and to hop to different release tree? Well, there are backups of course, so it's just my curiousity itching.

It's been 84 years...
Have been waiting for long-term 6.47.X to release, so I could upgrade to it directly from stable 6.46.5 on RB760iGS and cAP AC, given how poor a lot of recent stable 6.47.X (and .48, oh man, oh god) releases were received. But, generally speaking, is it a good idea (meaning "is it safe?") to do both things at the same time - to upgrade to next major version (from .46 to .47) and to hop to different release tree? Well, there are backups of course, so it's just my curiousity itching.

I've been in a not-too-dissimilar boat.

I've been waiting for a good time to hop to long-term as well. I held off on the 6.48 jump really hoping 6.47 would get promoted to long-term. I'm glad i did. Just upgraded my whole infrastructure, some of it was on 6.47.8, the rest (wifi/caps) was all 6.46.8.

Now everything is happy all together on a single slow-moving and hopefully well-understood train. :-)

It's been 84 years...
Have been waiting for long-term 6.47.X to release, so I could upgrade to it directly from stable 6.46.5 on RB760iGS and cAP AC, given how poor a lot of recent stable 6.47.X (and .48, oh man, oh god) releases were received. But, generally speaking, is it a good idea (meaning "is it safe?") to do both things at the same time - to upgrade to next major version (from .46 to .47) and to hop to different release tree? Well, there are backups of course, so it's just my curiousity itching.

I've been in a not-too-dissimilar boat.

I've been waiting for a good time to hop to long-term as well. I held off on the 6.48 jump really hoping 6.47 would get promoted to long-term. I'm glad i did. Just upgraded my whole infrastructure, some of it was on 6.47.8, the rest (wifi/caps) was all 6.46.8.

Now everything is happy all together on a single slow-moving and hopefully well-understood train. :-)

We live good with a very lazy update strategy. So we will install 6.46.8 for some months from now. As a long time MT user ...

I was hoping for at least an 6.46.9 version if not more, with more fixes than with added features.. Oh well.

Hello,
Switch have broken sfp module after resetting to default switch CRS309-1G-8S+ with 6.47.9
We had similar situations with CRS326-24S+2Q+, after firmware upgrade UBNT 10g modules stopped working.

How to deal with such situation in future? It is not possible safely to upgrade o reset the switch. Has anyone similar experience?

Thanks, Albertas

8 out of ~100 hap lite were bricked during upgrade from 6.46.8 to 6.47.9 and required netinstall.
In some cases (seems totally random) Avaya IP phones can't get IP address from Mikrotik with ROS 6.47.9, ROS 6.46.8 is working fine.
Will revert to 6.46.8 everywhere.

Upgraded from 6.44 and 6.46 and went largely without incident. Mix of RB4011, RB3011, RB2011, hAP ac lite, hEX PoE, CRS112-8P, CRS326-24G, hAP ac, hAP ac², wAP ac, and cAP ac. This feels like a good update. Time will tell. I miss antenna gain on the AP's but at least can get to it via CLI.

I upgraded a hAP mini from 6.47.8 and got the same WiFi problem as with 6.48, fixed by downgrading.
The issue is that on a WiFi connection with 90% CCQ there are interruptions in the traffic every couple of seconds.
As if the retransmit timer is too long (like 200-500ms).
I wonder why this happens on upgrade (nothing is mentioned in the release notes except changes for other countries) and also I do not quite understand why the CCQ is not closer to 100%, the hAP mini is only a meter away from a Chromebook.

I upgraded a hAP mini from 6.47.8 and got the same WiFi problem as with 6.48, fixed by downgrading.

After upgrading RouterOS and RouterBOARD, then doing a reset, then adding back your config via console, do you still have the same issues?

After upgrading RouterOS and RouterBOARD, then doing a reset, then adding back your config via console, do you still have the same issues?

No idea, and I don't think it should be required to do that on upgrade.
The firmware is on 6.47.7 both before and after test.

RB2011 upgraded, works fine so far.

Lost a hAP lite on upgrade from 6.46.8 to 6.47.9 as well. Everything else (2011/3011/OmniTik/RB951) seems to have survived the upgrade just fine.

hAP mini (is about the same thing as hAP lite I think) did upgrade from 6.47.8 to 6.47.9 here OK but I had already reduced my install to 6 packages instead of combined package.
(system/advanced-tools/dhcp/ppp/security/wireless)
This gives it some more breathing space when updating, very important for these devices with only 32MB RAM.

I did not find where to report bugs so...

routerboard: yes
model: 450
serial-number: DELETED
firmware-type: ar7100
factory-firmware: 2.20
current-firmware: 6.47.9
upgrade-firmware: 6.47.9

Issue:
Changing the name of an interface does not update view in all places when using WebFig.

Can reproduce:
Yes

Workaround:
Log out of WebFig and in again.

Not affected:
Terminal, is showing the correct information.
Router, change is commit

Browser used:
Name Firefox
Version 85.0.2
Build ID 20210208133944
Distribution ID
Update Folder
/Users/DELETED/Library/Caches/Mozilla/updates/Applications/Firefox
Update History
Update Channel release
User Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0
OS Darwin 20.3.0 Darwin Kernel Version 20.3.0: Thu Jan 21 00:07:06 PST 2021; root:xnu-7195.81.3~1/RELEASE_X86_64

I did not find where to report bugs so...

Correct is to send this to support@mikrotik.com
This forum is mostly a user forum.

With 6.47.9, there is currently no indication of memory leaking when DoH is used.

Will upgrade my CCR but leave my capacs where they are for now. To many indications of wifi issues.

With 6.47.9, there is currently no indication of memory leaking when DoH is used.

That is a plus, but strange it was not in the change log.

With 6.47.9, there is currently no indication of memory leaking when DoH is used.

That is a plus, but strange it was not in the change log.

Didn't memory issue appear in 6.48 branch, not 6.47?
I upgraded all my devices to 6.47.9 with no immediate issues.

No, the DNS server change to enable DoH caused problems from the beginning. In my case the solution is simple: do not use DoH.

Memory leak on my hap ac^2 after upgrade

Didn't memory issue appear in 6.48 branch, not 6.47?
I upgraded all my devices to 6.47.9 with no immediate issues.

Memory leakage may have come with the fist version of 6.47 (that wast the first with DoH support), but since not everyone measure memory level its not easy say when it was there first (at least som 6.47.x version and above. It does not break the router, but usage of memory slowly increases over days, before it drop down and goes up again. Saw-toot wave.

strange, I still see no increase in memory usage. The screenshot I posted is from a 750G r3 (hEX). Does this only occur on arm devices?
We use this device at work to provide internet access to guests, not too much traffic, around 100GB/month.

strange, I still see no increase in memory usage. The screenshot I posted is from a 750G r3 (hEX). Does this only occur on arm devices?
We use this device at work to provide internet access to guests, not too much traffic, around 100GB/month.

Not only ARMs devices, at RB951G-2HnD the same situation

hap ac2, exact same dns configuration. There must be something different on those devices showing this problem. Maybe it's a service or setting interacting with the dns, which is disabled on my devices.. just a guess. (Graph)

hap ac2, exact same dns configuration. There must be something different on those devices showing this problem. Maybe it's a service or setting interacting with the dns, which is disabled on my devices.. just a guess.

Maybe, in my cases usage of CRL is disabled. I use a Cloudflare DoH servers

I see issues with DoH 1.1.1.1 and certificate validation (clickable image in high res), rb4011

hEX PoE with 48V Power Supply still have bug with attached cameras powered by poe. It's powered on only then PoE out is "Forced On".

If cable connecting hEX PoE and camera is long, then detecton/negotiation can fail due to excessive cable resistence. In such case forcing PoE out can help but it also depends on voltage drop over cable, 802.3 af/at requires at least 37V at PD (camera).

If cable connecting hEX PoE and camera is long, then detecton/negotiation can fail due to excessive cable resistence. In such case forcing PoE out can help but it also depends on voltage drop over cable, 802.3 af/at requires at least 37V at PD (camera).

Unfortunetly not long. About 10 meters.
Netmetal ac can not be turned on from this hEX at 3-4 meters of cable.
System - Health of hEX PoE shows 47.9 Volts.

The PoE issue was introduced in 6.46.8, as the comments from that release prove it.
Going back to 6.46.7 fixes it. Someone complained in IRC too about that.
One of the reasons I was hoping for a 6.46.9 bugfix release.

The PoE issue was introduced in 6.46.8, as the comments from that release prove it.
Going back to 6.46.7 fixes it. Someone complained in IRC too about that.
One of the reasons I was hoping for a 6.46.9 bugfix release.

Just tried to install 6.46.7. Same problem... PoE out status - waiting for load.
Maybe it is hardware bug. Mikrotik does not admit this and did not say a word about this problem.

The PoE issue was introduced in 6.46.8, as the comments from that release prove it.

Using a hEX PoE to power two Dahua SD1A203T-GN. PoE set to auto on. Firmware v6.47.9 without issue. I think these units are 2 or 3 years old. Factory firmware was 6.42.7.

The PoE issue was introduced in 6.46.8, as the comments from that release prove it.

Using a hEX PoE to power two Dahua SD1A203T-GN. PoE set to auto on. Firmware v6.47.9 without issue. I think these units are 2 or 3 years old. Factory firmware was 6.42.7.

I also have only one of many hEX PoE routers which works without problems with the same cameras (Hikvision) in "auto on" PoE mode with ROS 6.47.8. It doesn't depend on cameras or power supply. I tryed to change it. This gives reason to think this is hardware bug.

Thank you for not breaking the IKE 2. On the stable version, dynamic connections with LTE, without real IP addresses disappear, I don't know how to solve.

Interesting... I have big issues with IKEv2 behind NAT on both sides with actual 6.48.1, but still no news from MT. Was you able to run IKEv2 OK with this latest long term? Do you have your responder (server) behind nat on LTE connection? (see my other post viewtopic.php?f=2&p=844118#p844118)

Hola/Hello from Spain
Bugs 6.47.9 Just-work on 6.46.8
Error: Scripting not global or local variable work
Mikrotik Ticket: SUP-42106

My script: Update DNS and find dns-name where I add ip route rule add


:foreach i in=[/ip dns cache all find where (name~"dns-name") && (type="A") && (data!="240.0.0.1")] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=3000ms

:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");

/ip firewall address-list remove [/ip firewall address-list find list="list_name"];
/ip route rule remove [find table=INTERNET];
/ip route rule add dst-address=1.1.1.1 action=lookup table=INTERNET;
/ip route rule add dst-address=$tmpAddress action=lookup table=INTERNET;
/ip firewall address-list add address=$tmpAddress list=list_name; } }


Best regard,

wiyat

For me scripting works just fine. Can you be more precise what you think does not (or no longer) work?

Hi eworm

can you test my script into your equipment Mikrotik 6.47.9 but remember to replace:
replace dns-name for mikrotik.com
replace list_name for mikrotik1

What do you will be expect after execute my script:
A. /ip route rule print -----> you will be see add two new rule with table=INTERNET
B. /ip firewall address-list -----> you will be see one list=list_name


:foreach i in=[/ip dns cache all find where (name~"dns-name") && (type="A") && (data!="240.0.0.1")] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=3000ms

:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");

/ip firewall address-list remove [/ip firewall address-list find list="list_name"];
/ip route rule remove [find table=INTERNET];
/ip route rule add dst-address=1.1.1.1 action=lookup table=INTERNET;
/ip route rule add dst-address=$tmpAddress action=lookup table=INTERNET;
/ip firewall address-list add address=$tmpAddress list=list_name; } }

When do you finish please let me know if it work for you,

Gracias / Thank you

The problem is that /ip dns cache does no longer have an attribute "address", it was renamed to "data".
So replace that in the line where tmpAddress is assigned.

Hi [hola] eworm

Work ok. just replace address by data

:foreach i in=[/ip dns cache all find where (name~"dns-name") && (type="A") && (data!="240.0.0.1")] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=3000ms


Question:
1. How do you know that this attribute changes on this version?
2. where is the documentation for read it about the changes that affect to the attribute on the new RouterOS version?

Thank you,

Best regards

On the version 6.47.9 command repartition (e.g. "/partitions repartition partitions =2") causes the router's cyclic reboot (about every 10 seconds). On versions 6.47.x situation the same.
On the version 6.46.X and 6.48.X this command works correctly

Ticket SUP-32199 29/Oct/20 6:33 PM

How could a company release an LTS version with such a bug? And there was a ticket from 29 / Oct / 20

1. How do you know that this attribute changes on this version?
2. where is the documentation for read it about the changes that affect to the attribute on the new RouterOS version?

Just get the column name from CLI, Winbox, Webfig, ...

I do not think that the changes are documented. Whenever something breaks you have to investigate and change the script.

Hi, today unfortunately we tried to update 3 Haplite and they all crashed after updating to version 6.47.9 from 6.40.8. They no longer respond to the winbox and the connected ethernet ports go up and down continuously.
If instead we switch to version 6.48.1 everything is ok. Has this happened to anyone? this is very concerning.

I also have a similar problem with 2 hap light and 1 hap classic.
The problem is one to one as you describe.

The problem must be in your network, maybe one or more of your configured DNS resolvers does not respond.

Hi, today unfortunately we tried to update 3 Haplite and they all crashed after updating to version 6.47.9 from 6.40.8. They no longer respond to the winbox and the connected ethernet ports go up and down continuously.
If instead we switch to version 6.48.1 everything is ok. Has this happened to anyone? this is very concerning.

I also have a similar problem with 2 hap light and 1 hap classic.
The problem is one to one as you describe.

Hi, is there a confirmation from MikroTik of this issue and if so, is there any plan for fixing long-term stream? I have planned remote upgrade of hap lite devices and want to make sure that it is safe. Thank You

Hi, is there a confirmation from MikroTik of this issue and if so, is there any plan for fixing long-term stream? I have planned remote upgrade of hap lite devices and want to make sure that it is safe. Thank You

I would recommend to do a manual upgrade in any case. You can control what version gets installed rather than the actual version offered by MikroTik, which could change halfway through your update project.

You can write some script that will upload the desired version to the devices and issues a reboot command, or to make the devices download it and reboot.
I would advise to check if you can use a subset of the available packages (e.g. you do not need routing or mpls or ipv6 etc) and install only those packages that you require instead of the whole "combined" package.
That will save some valuable space on these tiny devices.

Hi, is there a confirmation from MikroTik of this issue and if so, is there any plan for fixing long-term stream? I have planned remote upgrade of hap lite devices and want to make sure that it is safe. Thank You

I would recommend to do a manual upgrade in any case. You can control what version gets installed rather than the actual version offered by MikroTik, which could change halfway through your update project.

You can write some script that will upload the desired version to the devices and issues a reboot command, or to make the devices download it and reboot.
I would advise to check if you can use a subset of the available packages (e.g. you do not need routing or mpls or ipv6 etc) and install only those packages that you require instead of the whole "combined" package.
That will save some valuable space on these tiny devices.

I would love to stay on long-term branch as I have good experience with stability and preformace of those bits so far. What I am asking for is a confirmed safe way how to upgrade hap lite to from 6.46.8 to 6.47.9. As I wrote this upgrade is done remotely and I do not have possibility to travel to fix those devices physically :(. Thank You

- download all_packages.zip file for the version you want to install
- unpack the file and select only the packages you need
- put these files on a location accessible to the routers
- write a small script that fetches the files (/tool fetch) and reboots the router
- upload that script to every router and execute it

when you have remote access to the routers, there is no need to visit them.

8 out of ~100 hap lite were bricked during upgrade from 6.46.8 to 6.47.9 and required netinstall.
In some cases (seems totally random) Avaya IP phones can't get IP address from Mikrotik with ROS 6.47.9, ROS 6.46.8 is working fine.
Will revert to 6.46.8 everywhere.

Same exact thing happened to me with hap lite. It was 2 of 3 bricked and I stopped.

No problems so far, Updated my Mikrotikerl.... all fine :-)
Mikrotik HEX S (RB760iGS), CRS109-8G-1S-2HnD-IN, CRS-112-8G-4S, hAP RBD52G-5HacD2HnD-TC, cAP ac RBcAPGi-5acD2nD.

v6.47
*) ipsec - added "split-dns" parameter support for mode configuration;

But in v6.47.9 in Webfig there is NOT the option.
Only via terminal. Please, implement in Webfig.

Thank you
Best regards

Bug (/system health) in WebFig and Winbox for the Mikrotik hEX RB760GS
Firmware v6.47.9
Bootloader v6.47.9
WebFig and Winbox
(/System health) from WebFig and Winbox does not display system voltage or system temperature

Terminal

system health print
voltage: 12.9V
temperature: 44C

It does on my hEX S, @yreks. Are you using the default power adapter? I thought it was either 24V or 48V (where I'm using an 48V adapter. Not sure if that is related.

BUG:
viewtopic.php?f=2&t=174719

CCR1009 maybe others
how to set on manually?

v 6.46.8 and 6.47.9

BUG on winbox, do not maximize the inside window, sometime menu disappear and/or are not drawed

Not fixed. Read this:
viewtopic.php?f=2&t=174836

CRS112-8P-4S : A temperature reading is missing in the WinBox and gauges CLI command output (RouterOS/RouterBOOT version 6.47.9)

New version 6.47.10 has been released in long-term RouterOS channel:

viewtopic.php?f=21&t=175735