v7.1rc6 [development] is released!

emils · Mon Nov 08, 2021 12:40 pm

RouterOS version 7.1rc6 has been released in public "development" channel!

What's new in 7.1rc6 (2021-Nov-04 18:20):

*) bgp - fixed connection establishment if peer is in VRF;
*) bgp - fixed interface addition to "link-local" nexthops;
*) capsman - fixed CAP upgrade process when upgrading from RouterOS v6;
*) certificate - improved stability when sending bogus SCEP message;
*) certificate - resolveed issue with public key generation when digest algorithm is unspecified and processing certificate signing requests;
*) l3hw - fixed HW offloading for connected bridge routes;
*) l3hw - fixed source MAC address usage for routed packets for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) lte - added AT chat support for Telit LN960;
*) lte - do not allow to run "scan" and "cell-monitor" commands if SIM is not present;
*) lte - fixed modem port initialization on KNOT;
*) ospf - properly set instance after upgrade from RouterOS v6;
*) route-filters - added "suppress-hw-offload" parameter;
*) route-filters - fixed "as-path" regexp matcher;
*) ssh - made SSH work in VRF's;
*) system - improved system stability if device is upgraded from RouterOS and/or RouterBOOT v6.41.4 or older;
*) tile - improved system stability when sending EoIP packet over interface that is being disabled;
*) wifiwave2 - fixed assignment of channel profiles to interfaces;
*) wifiwave2 - fixed interface list matching in "access-list";

All released RouterOS v7 changelogs are available here:
https://mikrotik.com/download/changelog ... lease-tree

elbob2002 · Mon Nov 08, 2021 12:48 pm

Upgraded an RB5009 and a chateau LTE 12 and getting ERROR: file not found on the package screen after rebooting.

Screenshot from 2021-11-08 10-46-50.png

Chupaka · Mon Nov 08, 2021 12:53 pm

Still no changelog shown in System -> Packages for v7...

patrick7 · Mon Nov 08, 2021 1:00 pm

Any updates to the LoRa package?
And is there a way to disable unused packages in v7?

emils · Mon Nov 08, 2021 1:11 pm

Changelog and future upgrade channels are now fixed.

tiftok · Mon Nov 08, 2021 1:27 pm

how to upgread usermanger-db ??

Halfeez92 · Mon Nov 08, 2021 1:42 pm

No container package? Didn't mentioned in the changelog.

pe1chl · Mon Nov 08, 2021 1:42 pm

*) route-filters - fixed "as-path" regexp matcher;

Please document the as-path matching syntax. It looks like the work on the help page stopped in the middle of this.

Mon Nov 08, 2021 1:43 pm

No container package? Didn't mentioned in the changelog.

Was already removed for 7.1rc5.
Being worked on.

Stick with 7.1rc4 if you need it for now.

StubArea51 · Mon Nov 08, 2021 1:46 pm

*) ssh - made SSH work in VRF's;

Yay, i've been waiting for a long time on this one!

Hopefully Winbox in a VRF will follow?

kaixinwang · Mon Nov 08, 2021 2:38 pm

thank you very much mikrotik!

Mon Nov 08, 2021 3:07 pm

*) route-filters - fixed "as-path" regexp matcher;
Please document the as-path matching syntax. It looks like the work on the help page stopped in the middle of this.

documentation updated with some of examples to start with.

dksoft · Mon Nov 08, 2021 3:12 pm

If found that L2TP client login reboots my CCR2004. Have to disable L2TP-server for stable system.
This did not happen with rc4.

rpingar · Mon Nov 08, 2021 3:55 pm

[SUP-61316]: v7.1rc4 and bonding on x86 Intel Cards - 2 issues
still not fixed!!!!

any update about correct intel ethernet interface implementation?

regards
Ros

pe1chl · Mon Nov 08, 2021 4:07 pm

Please document the as-path matching syntax. It looks like the work on the help page stopped in the middle of this.
documentation updated with some of examples to start with.

The added examples are regexp strings, but of course we already know these from RouterOS v6.
What I am looking for is the syntax for a rule matching as-path.
So like:

if ( bgp-med < 30 ) { accept }

But now with as-path instead of bgp-med. Anything I try gets rejected as a syntax error.

Also, a clarification of what this text means:

There are two common ways how to operate with AS Path data:

    convert whole AS path to string and let regexp operate on the string (ROS v6 or Cisco style)
    let regexp operate on each entry in the AS path as a number (ROS v7, Juniper style)

The latter method is much faster and less resource-intensive than the string matching approach.

This would seem to indicate that the as-path match gets passed a list of AS numbers and there are operators that would match one (e.g. the last) or "any item" in that list.
But the regexp examples still seem to assume the match is against an expanded numeric string of the entire path, mentioned above as "ROS v6 or Cisco style".
So, is v7 still using that style?

osc86 · Mon Nov 08, 2021 4:09 pm

when will PIM-SM be fixed? it isn't working at all currently.

Mon Nov 08, 2021 4:44 pm

But now with as-path instead of bgp-med. Anything I try gets rejected as a syntax error.

/routing/filter/rule/add rule="if ( bgp-as-path ^1234 ) { accept }" chain=test

No syntax error, all of provided regexp examples from the documentation works without syntax errors

This would seem to indicate that the as-path match gets passed a list of AS numbers and there are operators that would match one (e.g. the last) or "any item" in that list.
But the regexp examples still seem to assume the match is against an expanded numeric string of the entire path.

No examples represent exactly what documentation says, you should look through examples more carefully (look at what is matched and what is not matched from the example).
String matching would work differently, lets look at very basic example: regex "^1234" in ROS v7 will match AS Path that starts exactly with ASN 1234, but string matching would match string that starts with ^1234, which means that it will match AS path that could start with 1234, 12345, 1234..n
Basically on string regexp you are performing per character match, on v7 style matching you are performing per ASN match.

w0lt · Mon Nov 08, 2021 4:49 pm

when will PIM-SM be fixed? it isn't working at all currently.

I second that !!
Plus proper documentation !!

pe1chl · Mon Nov 08, 2021 4:52 pm

But now with as-path instead of bgp-med. Anything I try gets rejected as a syntax error.
Code: Select all
/routing/filter/rule/add rule="if ( bgp-as-path ^1234 ) { accept }" chain=test
No syntax error, all of provided regexp examples from the documentation works without syntax errors

Ok I have been trying with regexp in { } brackets (as it was previously listed in the documentation, but that has now been removed I see) and also with the keyword "regexp" and the operator ~ and with the regexp in quotes as it is usually required.
Will try again with the form shown above, thanks for the hint.
It would not hurt to show at least one such example in the documentation...

sep · Mon Nov 08, 2021 4:52 pm

does l3hw work for ipv6 yet ?

eworm · Mon Nov 08, 2021 4:56 pm

Looks like link local addresses are still missing for Wireguard interfaces. I had hoped to see this fixed in the release...

markandrew88 · Mon Nov 08, 2021 5:08 pm

done my update on rb5009 still cant get my wireless voucher generating working in my portal it prompts "transaction cancelled, please refresh page" upon ticking the button to execute a popup menu to insert coins in vendo machine for hotspot voucher generation. i have no problem or issues about these in my hex750gr3 and hex760s both running on fw routeros-mmips-6.48.4. hope the dev can resolve these issue regarding hotspot /wireless just like the stable fw routeros-mmips-6.48.4.

Grant · Mon Nov 08, 2021 5:15 pm

Low wi-fi speed if fasttrack is disabling

Hap ac2

markandrew88 · Mon Nov 08, 2021 5:24 pm

@Grant newbie in mikrotik where can i execute or to set that in winbox?

Grant · Mon Nov 08, 2021 6:31 pm

@Grant newbie in mikrotik where can i execute or to set that in winbox?

yes, you can test wi-fi speed with enabled fasttrack and without fasttrack

rutman286 · Mon Nov 08, 2021 7:11 pm

Upgraded my CRS328-24P, CRS112-8P, and RB5009UG.
Upgraded them all from the WebUI, from version 7.1rc5. (I use a Mac for my daily driver, and was being lazy.)
No issues to report from the upgrade process.

pe1chl · Mon Nov 08, 2021 7:33 pm

No examples represent exactly what documentation says, you should look through examples more carefully (look at what is matched and what is not matched from the example).

Well, the examples are getting better now and I managed to enter some rules with bgp-as-path matching (which I previously had in v6) but note there still are some quirks.
When entering the $ as shown in the examples from commandline, it has to be entered as \$ instead. Of course, because $ would introduce a variable.
When using "print detail" or when viewing it in winbox, it still shows as a plain $. When looking in /export, it is showing as \$.
This is of course common in all commandline input but it makes the entry of the patterns a little confusing when not having a bit more feel of what is expected.

The winbox view of the filters is still quite useless, as it is shown sorted by some unrelated column instead of on rule sequence number as with other similar config lists.

Edit: the matches of bgp-as-path still do not work, no matter if a 12345$ or 12345+ match is used. It won't match.
Test case used: rule="if (bgp-as-path 4220406100+ and dst == 0.0.0.0/0) { accept; }"

Panbambaryla · Mon Nov 08, 2021 8:02 pm

If found that L2TP client login reboots my CCR2004. Have to disable L2TP-server for stable system.
This did not happen with rc4.

Confirmed!
Downgrade to 7.1rc4 resolves problem.
Procedure:
https://help.mikrotik.com/docs/display/ ... g+RouterOS
Package available here:
https://download.mikrotik.com/routeros/ ... -arm64.npk

Znevna · Mon Nov 08, 2021 8:06 pm

Why from softpedia?
What's wrong with the official download for 7.1rc4 / arm64 ? https://download.mikrotik.com/routeros/ ... -arm64.npk

sutrus · Mon Nov 08, 2021 8:23 pm

Update to CRS326-24G-2S+ ends with kernel failure.

Panbambaryla · Mon Nov 08, 2021 8:31 pm

Why from softpedia?
What's wrong with the official download for 7.1rc4 / arm64 ? https://download.mikrotik.com/routeros/ ... -arm64.npk

Right, couldn't find it. Corrected the download link. Thanks!

hecatae · Mon Nov 08, 2021 9:12 pm

hAP Lite upgraded successfully.

Amm0 · Mon Nov 08, 2021 9:25 pm

*) lte - added AT chat support for Telit LN960;

One issue that keep hoping that is just going to fixed one day in v7...but still hasn't is "signal reporting with the TelIt 940/960s"

If you use MBIM mode, you pretty much only get RSSI in the CLI/Winbox (without using "at-chat" commands), which alone isn't all that useful:

While you do get the tower and other info (RSRQ) when using the less preferable ECM mode:

But neither mode seem to report any CA info, that available via "AT#CAINFO?" or "AT#CQI" for the Telit's. While not the most readable format, you can see the chip is doing CA using at-chat – so that command does work in rc6:

/interface/lte/at-chat lte1 input="AT#CAINFO?"
  output: #CAINFO: 121,800,5,457,-119,-82,-14,92,8b1e,11,1,1,123,2000,3,40,-112,
          -90,-5,0,1,0,2,131,5110,3,125,-116,-86,-13,0,1,0,0 OK

But the same at-chat command using ppp-client does not work (not important to me, just a curiosity):

/interface/ppp-client/at-chat ppp-out1 input="AT#CAINFO?"
  output: ERROR: reply timeout

(in this case, the Ports show the ppp/USB1 port being used. And even /system/serial-terminal doesn't work - but /interface/lte/at-chat seem to work with the Telit's pretty reliability.

mducharme · Mon Nov 08, 2021 10:19 pm

/routing/rules still incorrectly handles min-prefix=0

No VPLS fix? VPLS is crashing the router in rc4 and rc5 whenever you try to put traffic through it, and I don't see any fixes in rc6. IMO, it really shouldn't be "green" in the v7 routing protocol status page like it is. A tunnel coming up but crashing the device whenever you actually try to send packets through doesn't really qualify as "working".

mducharme · Mon Nov 08, 2021 10:22 pm

Hopefully Winbox in a VRF will follow?

Winbox in a VRF is already there it looks like, but is missing from the changelog. It is in the v7 Routing Protocol Status page.

Edit: They appear to have just edited the page to remove the "winbox" mention after I posted that, but the setting is still there. Probably it is there but does not work yet.

Mon Nov 08, 2021 10:33 pm

Edit: the matches of bgp-as-path still do not work, no matter if a 12345$ or 12345+ match is used. It won't match.
Test case used: rule="if (bgp-as-path 4220406100+ and dst == 0.0.0.0/0) { accept; }"

Please provide full AS path that this rule supposedly should match.

pe1chl · Mon Nov 08, 2021 10:46 pm

Edit: the matches of bgp-as-path still do not work, no matter if a 12345$ or 12345+ match is used. It won't match.
Test case used: rule="if (bgp-as-path 4220406100+ and dst == 0.0.0.0/0) { accept; }"
Please provide full AS path that this rule supposedly should match.

It should match any path that ends in 4220406100 (I also tried \$ instead of +) like:
4220404000,4220407200,4220403600,4220406000,4220406100
4220406100

These are shown as "filtered" after applying the above filter, also when using this: "if (dst == 0.0.0.0/0 and bgp-as-path 4220406100\$) { accept; }"
but when using the rule "if (dst == 0.0.0.0/0) { accept; }" they are accepted.
I also tried using a num-set but I cannot find the syntax to use it.
"if (dst == 0.0.0.0/0 and bgp-as-path [[num-set-name]]\$) { accept; }" is refused (after creating name=num-set-name with range=4220406100).

Panbambaryla · Tue Nov 09, 2021 12:04 am

proxy-arp on bridge not working (running 7.1rc4 - as 7.1rc6 reboots 2004 router during IPsec/L2TP connection).
In case anybody asked - to define split VPN without extra routes and to not create extra phase 2 definitions for site-2-site IPSec VPN.
It just simplifies configuration significantly.
This RoS development sucks... they are using users to test the software... My 2004 is completely unusable in this state.
Is there any option to get back to 7.0.4 factory installed?

mjbnz · Tue Nov 09, 2021 12:52 am

Edit: the matches of bgp-as-path still do not work, no matter if a 12345$ or 12345+ match is used. It won't match.
Test case used: rule="if (bgp-as-path 4220406100+ and dst == 0.0.0.0/0) { accept; }"
Please provide full AS path that this rule supposedly should match.

I have a similar issue for ASNs in the 4,200,000,000 to 4,294,967,294 range, in fact, for anything greater than 2147483647 (32bit signed max int). I'm guessing the matcher is operating on the ASN as a signed integer, not an unsigned as it should be.

anav · Tue Nov 09, 2021 1:01 am

Are blackhole and prohibit no longer types (under ip routes) available?

mjbnz · Tue Nov 09, 2021 1:13 am

It should match any path that ends in 4220406100 (I also tried \$ instead of +) like:
4220404000,4220407200,4220403600,4220406000,4220406100
4220406100

These are shown as "filtered" after applying the above filter, also when using this: "if (dst == 0.0.0.0/0 and bgp-as-path 4220406100\$) { accept; }"
but when using the rule "if (dst == 0.0.0.0/0) { accept; }" they are accepted.
I also tried using a num-set but I cannot find the syntax to use it.
"if (dst == 0.0.0.0/0 and bgp-as-path [[num-set-name]]\$) { accept; }" is refused (after creating name=num-set-name with range=4220406100).

try:

if (dst == 0.0.0.0/0 and bgp-as-path -74561196\$) { accept; }

edit: spoiler: it's definitely a signed/unsigned bug.

edielson_atm · Tue Nov 09, 2021 3:29 am

using RouterOS 7.1RC6 with EVE-NG, when we configure OSPFv3 when starting the routers, everything works perfectly when turning off the lab and turning on OSPV3 again stops working, and does not form a neighbor

MK-01
/routing ospf instance
add name=ospf-instance-v4 originate-default=always router-id=10.255.255.1
add name=ospf-instance-v6 originate-default=always router-id=10.255.255.1 version=3
/routing ospf area
add instance=ospf-instance-v4 name=ospf-area-0-v4
add instance=ospf-instance-v6 name=ospf-area-0-v6
/ip address
add address=10.250.2.1/30 interface=ether2 network=10.250.2.0
add address=10.250.4.1/30 interface=ether4 network=10.250.4.0
add address=10.250.6.1/30 interface=ether6 network=10.250.6.0
add address=10.255.255.1 interface=loopback network=10.255.255.1
add address=172.16.11.1/30 interface=ether10 network=172.16.11.0

/ipv6 address
add address=fd00:255:255::1/128 advertise=no interface=loopback
add address=fd00:aaaa:aaaa::1 interface=ether2
add address=fd00:aaaa:aaa4::1 interface=ether4
add address=fd00:aaaa:aaa6::1 interface=ether6

/routing ospf interface-template
add area=ospf-area-0-v6 interfaces=ether2 type=ptp
add area=ospf-area-0-v6 interfaces=loopback passive type=ptp
add area=ospf-area-0-v6 interfaces=ether4 type=ptp
add area=ospf-area-0-v6 interfaces=ether6 type=ptp

add area=ospf-area-0-v4 interfaces=loopback passive type=ptp
add area=ospf-area-0-v4 interfaces=ether2 type=ptp
add area=ospf-area-0-v4 interfaces=ether4 type=ptp
add area=ospf-area-0-v4 interfaces=ether6 type=ptp

MK-02

/routing ospf instance
add name=ospf-instance-v4 router-id=10.255.255.2
add name=ospf-instance-v6 router-id=10.255.255.2 version=3

/routing ospf area
add instance=ospf-instance-v4 name=ospf-area-0-v4
add instance=ospf-instance-v6 name=ospf-area-0-v6

/ip address
add address=10.250.2.2/30 interface=ether1 network=10.250.2.0
add address=10.250.2.5/30 interface=ether3 network=10.250.2.4
add address=10.255.255.2 interface=loopback network=10.255.255.2

/ipv6 address
add address=fd00:255:255::2/128 advertise=no interface=loopback
add address=fd00:aaaa:aaaa::2 interface=ether1
add address=fd00:aaaa:aa23::1 interface=ether3

/routing ospf interface-template
add area=ospf-area-0-v4 interfaces=loopback passive type=ptp
add area=ospf-area-0-v4 interfaces=ether1 type=ptp
add area=ospf-area-0-v4 interfaces=ether3 type=ptp

add area=ospf-area-0-v6 interfaces=ether1 type=ptp
add area=ospf-area-0-v6 interfaces=loopback passive type=ptp
add area=ospf-area-0-v6 interfaces=ether3 type=ptp

with OSPFv4 everything works normally

mducharme · Tue Nov 09, 2021 3:48 am

using RouterOS 7.1RC6 with EVE-NG, when we configure OSPFv3 when starting the routers, everything works perfectly when turning off the lab and turning on OSPV3 again stops working, and does not form a neighbor

Confirmed, OSPFv3 is also not working for me in rc6. It was working in rc5 I'm pretty sure.

Correction, I have it working now. There was an errant setting network="" for an interface-template. When I removed that, the OSPFv3 neighbor came up.

Halfeez92 · Tue Nov 09, 2021 5:55 am

proxy-arp on bridge not working (running 7.1rc4 - as 7.1rc6 reboots 2004 router during IPsec/L2TP connection).
In case anybody asked - to define split VPN without extra routes and to not create extra phase 2 definitions for site-2-site IPSec VPN.
It just simplifies configuration significantly.
This RoS development sucks... they are using users to test the software... My 2004 is completely unusable in this state.
Is there any option to get back to 7.0.4 factory installed?

You have to create a support ticket to them I think. I got my own RB5009 still with factory ROS 7.05. I believe they already came out with 7.0.9 factory ROS. Try asking them if they can give, but till now I have not upgrade my RB5009 to any RC version,afraid I can't go back to factory if got any bugs from my use perspective.

mkx · Tue Nov 09, 2021 8:34 am

I have not upgrade my RB5009 to any RC version,afraid I can't go back to factory if got any bugs from my use perspective.

If you have NPK files for 7.0.5 (or 7.0.9) and you also have netinstall of corresponding version, then you should be able to go to that ROS version from RC. So when asking for that special stable ROS version your unit came with, ask them for netinstall as well.

siuswat · Tue Nov 09, 2021 9:58 am

If found that L2TP client login reboots my CCR2004. Have to disable L2TP-server for stable system.
This did not happen with rc4.

Yes, it starts from rc5 when IPSec hardware acceleration support is introduced. My CCR2004 will be rebooted within a minute once IPSec tunnel is connected.
Raised support ticket since day 1 of rc5 release and I have given what they asked for. But I haven't got any reply afterwards, so I don't think it will be fixed soon

pe1chl · Tue Nov 09, 2021 10:54 am

try:
Code: Select all
if (dst == 0.0.0.0/0 and bgp-as-path -74561196\$) { accept; }
edit: spoiler: it's definitely a signed/unsigned bug.

Yes that works! Indeed a signed/unsigned bug. Let's hope it will be fixed soon because we use this range all over the (closed) network.
Did you get the num-set feature working? I cannot figure out how it should work from the docs (commandline config does not like [[ nor \[\[ or similar)...

Also for @mrz: please note the several comments about BGP I made in the v7.1rc5 topic as they are still valid.

Tue Nov 09, 2021 11:03 am

Did you get the num-set feature working? I cannot figure out how it should work from the docs (commandline config does not like [[ nor \[\[ or similar)...

rule="if (bgp_as_path [[:numset_name:]]) {accept}"

pe1chl · Tue Nov 09, 2021 11:21 am

rule="if (bgp_as_path [[:numset_name:]]) {accept}"

Ok thanks, I was just thinking that might be it (borrowed from another context) and now I see the documentation has been fixed.
I tried it and indeed it works, even with the unsigned AS number in the num-set it matches OK (which does not work with the AS number in the rule itself).

haedertowfeq · Tue Nov 09, 2021 1:54 pm

CAKE queue still not fix yet on hexS with
pppoe-server

Router reboot

ivicask · Tue Nov 09, 2021 2:55 pm

CAKE queue still not fix yet on hexS with
pppoe-server

Router reboot

IM also able to crash my 4011 in matter of 5min by setting codel queue, sent several logs, i think they really need to add some better debugging, they never find any crash log in supout that router self generates...

nannou9 · Tue Nov 09, 2021 4:30 pm

My audience wifiwave2 is finally stable on latest rc builds.
It has been very unstable on betas, dropping clients sometimes every few minutes.
Thanks for fixing this!
I haven’t spotted however anything on any tv release notes which would explain improvement.

edielson_atm · Tue Nov 09, 2021 4:32 pm

using RouterOS 7.1RC6 with EVE-NG, when we configure OSPFv3 when starting the routers, everything works perfectly when turning off the lab and turning on OSPV3 again stops working, and does not form a neighbor @mrz

irghost · Tue Nov 09, 2021 4:34 pm

High memory usage on Caplite and RB750gr3 after 7.1b6
(About 16 MB more than version 6.49 )
6.49 => 44.1MB free memory
7.1b6 => 27MB free memory

aleksis · Tue Nov 09, 2021 4:57 pm

using RouterOS 7.1RC6 with EVE-NG, when we configure OSPFv3 when starting the routers, everything works perfectly when turning off the lab and turning on OSPV3 again stops working, and does not form a neighbor @mrz

Can you show the output of these commands when ospf adjacency is not forming?
/routing/ospf/interface/print
/routing/ospf/neighbor/print?

elbob2002 · Tue Nov 09, 2021 5:01 pm

High memory usage on Caplite and RB750gr3 after 7.1b6
(About 16 MB more than version 6.49 )
6.49 => 44.1MB free memory
7.1b6 => 27MB free memory

Big jump in Linux kernel version. What else would you expect?

pe1chl · Tue Nov 09, 2021 5:30 pm

High memory usage on Caplite and RB750gr3 after 7.1b6
(About 16 MB more than version 6.49 )
6.49 => 44.1MB free memory
7.1b6 => 27MB free memory

That is probably a quite complicated configuration or it has something like a DNS blocklist with thousands of items loaded.
For me on a RB750Gr3 under 6.xx it is more common to see like 190MB of free memory, 150MB more than you have.
And on my RB4011 running 7.1rc6 I have 908 MB free memory, or 116MB in use, which should be no problem on a RB750Gr3 (which has 256MB memory) either.
And that is a complicated config as well.

I do not have any logs of what the memory usage of 6.x vs 7.1 is, but I would not be worried by 16MB extra memory usage in a 256..1024MB router.
Of course it could be a problem in a router with only 32MB memory, but these things will be end-of-life anyway due to upgrade problems (not enough space).

doubleluck · Tue Nov 09, 2021 6:41 pm

Still wrong voltage 0,5v and missing temperature in System health. Rb750Gr3

mjbnz · Wed Nov 10, 2021 12:30 am

Yes that works! Indeed a signed/unsigned bug. Let's hope it will be fixed soon because we use this range all over the (closed) network.

I have a support case open from way back in August requesting 7.1beta7 to test the new filters, where I found this and reported it. Māris tells me that this will be fixed in the next RC.

Did you get the num-set feature working? I cannot figure out how it should work from the docs (commandline config does not like [[ nor \[\[ or similar)...

No, I haven't played with the num-set feature at all, but I see @mrz helped you out there.

Wed Nov 10, 2021 8:25 am

My audience wifiwave2 is finally stable on latest rc builds.
It has been very unstable on betas, dropping clients sometimes every few minutes.
Thanks for fixing this!
I haven’t spotted however anything on any tv release notes which would explain improvement.

Thank you for the feedback.
When changes do not specifically address a reported problem, adding them to a changelog may require a description that's either too technical for a changelog or too vague to be worth including.
There have been changes to our WPA3 implementation to eliminate a non-conformity with the 802.11 spec, which may have resolved your issue.

Znevna · Wed Nov 10, 2021 11:08 am

I think most people will appreciate the extended/full changelog, not just about reported issues.
Even so, my ticket with the RB750Gr3 block diagram / port per cpu lane layout was fixed in rc5: viewtopic.php?f=3&p=848197#p888484
And no mention about that.
Was it fixed by accident? ^^

borr · Wed Nov 10, 2021 12:31 pm

viewtopic.php?t=179755#p887914

resolved after manually reentered peer allowed addresses via winbox

nicolap · Wed Nov 10, 2021 3:35 pm

hAP lite (RB941-2nD) - Ros 7.1 rc6

Executing thin terminal the command: "export terse file=terse" I see a file "terse.rsc.in_progress" and the terminal stop responding.
After a reboot, the file is correctly named terse.rsc but his content is incomplete:

# nov/10/2021 11:25:50 by RouterOS 7.1rc6
# software id = xxxx-xxxx
#
# model = RB941-2nD
# serial number = xxxx
/interface pwr-line set [ find default-name=pwr-line1 ] disabled=yes
/interface bridge add name=bridge1
/interface wireless set [ find default-name=wlan1 ] ssid=MikroTik
/interface list add name=WAN
/interface list add name=LAN
/interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik
/ip pool add name=pool1 ranges=192.168.202.2-192.168.202.20
/ip dhcp-server add add-arp=yes address-pool=pool1 interface=bridge1 name=server1
[b]#interrupted[/b]

Exactly the same with other options, even without "file" the export command hangs.
I see that this bug was already reported for version 7.1 rc3.

After some time (3h...) I exported the verbose file (still working!) and in the text there are some errors:

...
#error exporting /mpls/traffic-eng/path
...
#error exporting /routing/bgp/template
#error exporting /routing/pimsm/instance
...
#error exporting /interface/vpls/bgp-vpls
...
#error exporting /mpls/interface
#error exporting /mpls/ldp
#error exporting /mpls/ldp/accept-filter
#error exporting /mpls/ldp/advertise-filter
#error exporting /mpls/ldp/interface
#error exporting /mpls/ldp/local-mapping
#error exporting /mpls/ldp/neighbor
#error exporting /mpls/ldp/remote-mapping
#error exporting /mpls/traffic-eng/interface
#error exporting /mpls/traffic-eng/tunnel
...
#error exporting /routing/bgp/connection
#error exporting /routing/bgp/vpn
...
#error exporting /routing/pimsm/bsr/candidate
#error exporting /routing/pimsm/bsr/rp-candidate
#error exporting /routing/pimsm/interface-template
#error exporting /routing/pimsm/static-rp
...

N
Edit: after 4h it completed the verbose export. Update the error list.

VitohA · Wed Nov 10, 2021 6:46 pm

ccr2004-1g-12s+2xs: all update channels except the long-term point to 7.1rc6 version, graphing through https still broken (404).

miononno · Wed Nov 10, 2021 8:55 pm

rc6

i don't know if it is a bug or if i'm missing some setting, however graphs in interface/lte (chateau 5g) are cut at 300mbps (web ui)

Schermata 2021-11-10 alle 19.53.59.png

Znevna · Thu Nov 11, 2021 12:05 pm

hAP ac2, 7.1rc6, winbox 3.31, missing routerboard options: protected routerboot, reformat-hold-button and reformat-hold-button-max.
Also hitting System / Shutdown does a reboot, it does not stay off.

hAP ac2 routerboard settings.PNG

pe1chl · Thu Nov 11, 2021 12:24 pm

hAP ac2, 7.1rc6, winbox 3.31, missing routerboard options: protected routerboot, reformat-hold-button and reformat-hold-button-max.

I consider it an improvement! Hopefully the features protected routerboot, reformat-hold-button and reformat-hold-button-max are being discontinued.
Or moved into some separate package that is not easily installed.

Znevna · Thu Nov 11, 2021 12:53 pm

Your comment is very valuable to my report, thank you!
Still, for now, it's a discrepancy between CLI and WinBox/WebFig.

Halfeez92 · Thu Nov 11, 2021 1:28 pm

There is bug on routing table. When routes from ospf is added, the routes will become invalid and filtered. To overcome this, you need to create a static route to each route destination, enable it and disable it back, the ospf routes will become accessible.The picture below is an example, where destination to 172.24.203.4 is invalid and filtered, I have to create static route to said destination, and it will become available aagain with "DAo" status.

ospf invalid-filtered.png

Thu Nov 11, 2021 1:51 pm

Probably your route windows was not refreshed, hit F5 to refresh.

hecatae · Thu Nov 11, 2021 3:46 pm

hAP lite (RB941-2nD) - Ros 7.1 rc6
Edit: after 4h it completed the verbose export. Update the error list.

Nice to know the issue from the 7.0rc is still present, it's very hard to provide a supout when the process to create one take 4 hours to complete.

nicolap · Thu Nov 11, 2021 3:48 pm

hAP lite (RB941-2nD) - Ros 7.1 rc6
Edit: after 4h it completed the verbose export. Update the error list.
Nice to know the issue from the 7.0rc is still present, it's very hard to provide a supout when the process to create one take 4 hours to complete.

In the mean time it generated also a supout.rif, say in 5 minutes!

sander123 · Thu Nov 11, 2021 3:51 pm

using RouterOS 7.1RC6 with EVE-NG, when we configure OSPFv3 when starting the routers, everything works perfectly when turning off the lab and turning on OSPV3 again stops working, and does not form a neighbor @mrz

I see the same thing happening, this also happens when the link between routers disconnect/connect.
V2 seems to have no problem so far.

After disable and enable the opsf-v3 instance it works again.

hecatae · Thu Nov 11, 2021 6:37 pm

Nice to know the issue from the 7.0rc is still present, it's very hard to provide a supout when the process to create one take 4 hours to complete.
In the mean time it generated also a supout.rif, say in 5 minutes!

That's an improvement, my rb941 is timing out and dropping winbox, telnet and web sessions at present, it's working it just refuses to let me login, only been up 50 hours.

pe1chl · Thu Nov 11, 2021 7:32 pm

I think the "/export" or supout generation takes very long problem is caused by inconsistent internal configuration.
This is something that happened to everyone in some earlier betas, but at the moment with v7.1rc6 on my RB4011 this does not happen.
It may be a good idea to export the config (with a lot of patience), then reset to factory defaults (or even netinstall without keeping config) and then rebuild the config from the /export.
That will probably solve your problem. Of course it should not be this way, and it could be that it solves itself in a future version.

pe1chl · Thu Nov 11, 2021 11:00 pm

What entries are to be expected in /routing/table ?
I have converted my v6.xx config with 3 routing tables (main and two others) to v7 and now I see these strange entries in /routing/table placed by the conversion:

/routing table
add fib name=main

There is also a D (dynamic) entry "main" so I wonder why there is both a static and a dynamic entry? Can the static entry be deleted?

add fib name=""

What is that for? Maybe a result of incorrect conversion? Can it be deleted?

soheilsh · Thu Nov 11, 2021 11:56 pm

socks 5 proxy not working

mducharme · Fri Nov 12, 2021 2:43 am

What entries are to be expected in /routing/table ?

I had the same issue with a dynamic and static "main" table after upgrading from ROS 6. I had to reset configuration to no-defaults and paste the .rsc back in to fix it. It did not seem to be possible to delete the extra static "main" table, because it had the same name as the dynamic one, although that was several versions ago when I tried.

I have not seen the one with the null name (at least not that I recall), but that one you can probably delete.

EDIT: one of my devices actually has that blank one and I deleted it successfully.

cohortcw · Fri Nov 12, 2021 4:33 am

My scripts and Netwatch was working fine before the upgrade from v6.48.5 to v7.1. Tried on v7.1rc4 thro rc6. The interesting thing is the below Netwatch is working fine for both v6 and v7.1rcX.

Netwatch Host 10.10.99.214
:log warning "Pi-Hole back online. Changing DNS"
/ip firewall nat disable [find comment=pihole_bypass];
:delay 10s;
/tool fetch "https://api.callmebot.com/whatsapp.php? ... sappBotKey"

I got an alert on my WhatsApp for the above on both v6 and v7.1rcX.

However this does not, regardless on which method I've tried (via scheduler "startup") or via Netwatch as below:
Netwatch Host 10.10.99.1
# Get Public IP
:delay 10s
/tool fetch url="http://myip.dnsomatic.com/" mode=http keep-result=yes dst-path=pubIP.txt
:local cIP [file get pubIP.txt contents]
:log info "Current Public IP is: $cIP"
:delay 2s
/tool fetch "https://api.callmebot.com/whatsapp.php? ... sappBotKey" keep-result=no

And I've checked from my log that my WAN port had already obtained a public IP before my Pihole came back online. So is strange that I did not get an alert for the 2nd Netwatch Host 10.10.99.1.

I got an alert on my WhatsApp for the above only on v6. It works fine in v7.1rcX when it is manually triggered.

Fri Nov 12, 2021 10:07 am

What entries are to be expected in /routing/table ?

Duplicate "main" and empty table appearing after the upgrade will be fixed in the next RC.

helectro · Fri Nov 12, 2021 11:56 am

Upgraded an RB5009 Turn Off and no return, I have takeoff the plug and plug again and Turn on Ok is very
It is very worrying to take it to a mountain more than 100 kilometers away and that the electricity goes away and does not return until someone goes to turn it on again

I think the first impressions lacks adjustments to put it into production critical sites

I tried to dowgreade to version 6.49 but he sent me a message version 7 is the minimum

down to version 7.1rc4 and when I turn off the electricity, it turns on again without problem

time to boot is longer than 4011

rpingar · Fri Nov 12, 2021 1:44 pm

bug about bgp nexthop in role=ibgp documented in ticket #[SUP-65783]
next hop=force self doesnt do anything.

they will fix in following releases.

regards
Ros

Jotne · Fri Nov 12, 2021 2:15 pm

It is very worrying to take it to a mountain more than 100 kilometers away and that the electricity goes away and does not return until someone goes to turn it on again

Simple solution: Do not use beta software in production.
And always test software and upgrade on an equal local device before upgrade system remote.

DenisPDA · Fri Nov 12, 2021 2:38 pm

It is very worrying to take it to a mountain more than 100 kilometers away and that the electricity goes away and does not return until someone goes to turn it on again
Simple solution: Do not use beta software in production.

This is by definition not possible.
RB5009UG+S+IN
Operating System: RouterOS (v7 only)

Dude2048 · Fri Nov 12, 2021 3:28 pm

By definition possible. Contact MikroTik for the proper release.

Jotne · Fri Nov 12, 2021 3:38 pm

This is by definition not possible.
RB5009UG+S+IN
Operating System: RouterOS (v7 only)

You are correct. In that case, if it works, do not upgrade until propper version has been released and tested.
I any case, you can do a local test before you try to upgrade some remote.

helectro · Fri Nov 12, 2021 4:05 pm

If that is the case, we are doing it locally, but our network like everyone else's, the network is not local, the question I have is how long it will take to really put these routers to work, we already have several in our hands and not even if I will appear on the arm64 web and for the stable version 7 software I do not want to assume anything but how long it has been developing and until now there is no stable version I think it was preferable to start with version 6

[/img][/img]

gabacho4 · Fri Nov 12, 2021 4:11 pm

My understanding is that the factory installed version (now at 7.0.9) is considered stable for the device. It won’t have all the tweaks that have been made in RC that are released after the factory installed version was created, but it’s suppose to be stable. So if you’re really worried, stick with the factory version for now. If you’ve already updated your RB5009 to an RC you can email support and they can provide you the 7.0.9 image and/or netinstall just in case you need it.

Panbambaryla · Fri Nov 12, 2021 5:05 pm

My understanding is that the factory installed version (now at 7.0.9) is considered stable for the device. It won’t have all the tweaks that have been made in RC that are released after the factory installed version was created, but it’s suppose to be stable. So if you’re really worried, stick with the factory version for now. If you’ve already updated your RB5009 to an RC you can email support and they can provide you the 7.0.9 image and/or netinstall just in case you need it.

Not true either...
Was able to downgrade and install 7.0.9 for 2004-16g-2s+ (ARM64), both software and firmware. Bridge proxy-arp neither ipsec/l2tp vpn doesn't work. VPN connection attempt reboots the router. Proxy-arp configuration works fine with older hw/sw versions (RB4011, 6.48.4) but not with the same configuration on 7.0.9 (no communication to proxied local network, syntax is correct).

pe1chl · Fri Nov 12, 2021 7:05 pm

when creating a /system/script of a single command and /export'ing it, the export does not properly quote the script and it cannot be imported.

Fri Nov 12, 2021 7:40 pm

Panbambaryla please email support@mikrotik.com and report all these issues you are having

Panbambaryla · Fri Nov 12, 2021 7:58 pm

Panbambaryla please email support@mikrotik.com and report all these issues you are having

Thanks Normis, I did.
Running now 7.1rc4 which allows me to use IPSec/L2TP (no reboots while Road Warrior connection) but proxy-arp still not working. 7.1rc6 reboots - so I can assume it has something to do with IPSec hardware acceleration introduced in 7.1.rc5.

Halfeez92 · Sat Nov 13, 2021 5:00 pm

I have received a lot of this warning message on my RB5009 over my neighbor which is using ROS v6.49. Is this a bug from the beta3 version?

ospflsack.png

mhugo · Sat Nov 13, 2021 5:03 pm

I have received a lot of this warning message on my RB5009 over my neighbor which is using ROS v6.49. Is this a bug from the beta3 version?

I see these too on multiple RC6 systems but not quite so often. Just a couple per day and not from all neighbours.

/Mikael

fflo · Sat Nov 13, 2021 5:39 pm

OSPFv2 and OSPFv3 got unusable since v7.1rc5.

OSPFv2 is struggling with error messages like using md5 auth:

OspfInterface { { *12 0.0.0.0 0 ROUTERIP } Backup DR Broadcast } auth data corrupted from REMOTEIP

OSPFv3 requires to disable and re-enable any GLOBAL /ipv6/address to start working with v7.1rc5.
With v7.1rc6 it is not working at all.

Please make OSPF running stable with the next RC. It's a basic networking feature needed for stable network operation on our devices.

anthonws · Sun Nov 14, 2021 12:42 pm

Severe port flapping with RB4011iGS+5HacQ2HnD + rc6.

Submitted supout: https://help.mikrotik.com/servicedesk/s ... /SUP-65942

Disabling auto negotiation does not fix this. Disabling port and re-enabling it fixes it (temporarily).

erlinden · Sun Nov 14, 2021 12:48 pm

Severe port flapping with RB4011iGS+5HacQ2HnD + rc6.

As far as I know you are posting logging of a wireless client that is losing wireless connection. Is this client the only client connected? Why do you think this is a case of port flapping? I always assumed that port flapping is a port that is disabled and enabled unintended.

[Update]
Oops, got distracted by the hidden MAC addresses...you were referring to the ether1 port. I'm not experiencing this in RC6 (as well).
Have you tried changing network cable?

pe1chl · Sun Nov 14, 2021 12:48 pm

Severe port flapping with RB4011iGS+5HacQ2HnD + rc6.

I see nothing like that, ethernet ports rock solid here on my RB4011.
It looks like it only happens on ether1, try to plug the device into another port and see if the problem moves with the device or stays with the port...

anthonws · Sun Nov 14, 2021 1:05 pm

@erlinden
Thanks for the feedback.
@pe1chl
No issues when was using RC5... I've restarted both the router and the ONT. Let us see, but I suspect this is going to continue to happen after a while.

I'll share more info today/tomorrow.

pe1chl · Sun Nov 14, 2021 1:53 pm

I have several different devices connected to my RB4011, at 1Gbps, 100Mbps and even 10Mbps, but I have never seen this (I have used 6.49, 7.1rc5 and 7.1rc6).
However in the past I think there have been reports about it. There may be different hardware revisions of the RB4011.

I have seen flapping ports in other routers and it normally was caused by bad wiring. But in your case it probably is just a short standard patchcable that connects it.

kickdown · Sun Nov 14, 2021 2:22 pm

On ROS x86 starting from 7.1rc1, it is not possible to upgrade in the standard way.
That is, from ROS 7.1beta6 to 7.1rc1 it was updated normally, but for example, as of ROS 7.1rc5, it does not upgrade to ROS 7.1rc6 in the standard way. I click Download & install, after which the firmware is downloaded, the router reboots but does not update. You have to update every time using a DVD drive, which is very inconvenient. Please fix the update in the standard way.

mkx · Sun Nov 14, 2021 2:54 pm

Anything in logs after unsuccessfull upgrade?

kickdown · Sun Nov 14, 2021 4:07 pm

Anything in logs after unsuccessfull upgrade?

system,error,critical kernel failure in previous boot

gumilev · Mon Nov 15, 2021 12:02 am

Low wi-fi speed if fasttrack is disabling

Hap ac2

Chateau 12 is the same. It's the same on previous versions. wrote in support - no result.
https://youtu.be/y_6K_3qtIdw

Add Russian language to tools-sms-inbox, instead of text I see only question marks ?????????

brg3466 · Mon Nov 15, 2021 4:18 am

Severe port flapping with RB4011iGS+5HacQ2HnD + rc6.

Submitted supout: https://help.mikrotik.com/servicedesk/s ... /SUP-65942

Disabling auto negotiation does not fix this. Disabling port and re-enabling it fixes it (temporarily).

Does the ether1 connect to a LAN device (not WAN) ? If you switch to another ethernet port , do you still have this port flapping ? If yes, it could be the issue of the device. for example: the apple TV 4K has this issue (if it is wire connection). It is a well known issue of Apple TV.

AshuGite · Mon Nov 15, 2021 10:35 am

on CCR2004-16G-2S+ we have 2 of them in production running around 100 pppoe clients each i get random reboot every 3-5 days. have you found any solution regarding the same. 1 running 7.1rc5 and 1 running 7.1rc6. generated a ticket already on support

Panbambaryla · Mon Nov 15, 2021 10:45 am

on CCR2004-16G-2S+ we have 2 of them in production running around 100 pppoe clients each i get random reboot every 3-5 days. have you found any solution regarding the same. 1 running 7.1rc5 and 1 running 7.1rc6. generated a ticket already on support

Hi!
Give it a try and install 7.1rc4 which seems to be more stable as rc5 introduces IPSec hardware accelleration what could be the problem. Look at my previous posts.

AshuGite · Mon Nov 15, 2021 11:22 am

on CCR2004-16G-2S+ we have 2 of them in production running around 100 pppoe clients each i get random reboot every 3-5 days. have you found any solution regarding the same. 1 running 7.1rc5 and 1 running 7.1rc6. generated a ticket already on support
Hi!
Give it a try and install 7.1rc4 which seems to be more stable as rc5 introduces IPSec hardware accelleration what could be the problem. Look at my previous posts.

had the same issue on factory installed 7.0.4 stable i dont use L2TP

Fesiitis · Mon Nov 15, 2021 11:59 am

Since v7.1rc5 on RB5009, I experience weird issue where router at some point is unable to access to internet anymore. No error logs, no nothing. I can access to router, but there's nothing I can do there. I have to restart the router to get access to internet again.

I thought problem is related to IPSec hardware accelleration, but even after I recreated all IPsec connections and associated certificates, problem still persists. There is no specific time when problem appears again - I mean after first restart router can work without problem for one day, but after second restart for three days.

Looks like I will downgrade it back to rc4, because it was more stable.

anthonws · Mon Nov 15, 2021 12:15 pm

Does the ether1 connect to a LAN device (not WAN) ? If you switch to another ethernet port , do you still have this port flapping ? If yes, it could be the issue of the device. for example: the apple TV 4K has this issue (if it is wire connection). It is a well known issue of Apple TV.

Ether1 connects to ONT. Downgraded to RC5 and have zero issues for more than 12h... when in RC6 after a couple of minutes from restart/port disable and re-enable it would show the same behavior.
Clearly a bug in my book, hence why I opened a SUP.

Jotne · Mon Nov 15, 2021 12:19 pm

on CCR2004-16G-2S+ we have 2 of them in production, 1 running 7.1rc5 and 1 running 7.1rc6. generated a ticket already on support

I would not have run beta software in production. Only if there was no other solution. Even then I would have looked for other solution.

AshuGite · Mon Nov 15, 2021 1:29 pm

on CCR2004-16G-2S+ we have 2 of them in production, 1 running 7.1rc5 and 1 running 7.1rc6. generated a ticket already on support
I would not have run beta software in production. Only if there was no other solution. Even then I would have looked for other solution.

i alreday tried same with factory install 7.0.4 but the issue is same

AshuGite · Tue Nov 16, 2021 7:20 pm

update replaced 1 CCR2004-16G with RB5009 the problem remains same so clearly it os issue.. please provide proper fix..

jookraw · Wed Nov 17, 2021 11:54 am

I would not have run beta software in production. Only if there was no other solution. Even then I would have looked for other solution.

Mikrotik support itself says that the 7.1rcx is better than the factory rOS 7.0.x (RB5009 and CCR2004-16G-2S+)
at least was what I got when asking for the factory 7.0.x install images

soheilsh · Wed Nov 17, 2021 12:54 pm

socks5 not working in ros7
viewtopic.php?t=180440

osc86 · Thu Nov 18, 2021 5:21 pm

Updated a CCR1009 from rc5 to rc6:
- /ip ipsec identities were wiped, and newly created ones get deleted with every reboot
- deleted my Loopback Bridge Interface
- deleted all GRE+EOIP+WG Tunnel Interfaces
- didn't update zerotier package; deleted it instead

pe1chl · Thu Nov 18, 2021 5:34 pm

...

Yeah it looks like there are still some cases of "configuration deemed to be invalid, deleted".
I had issues like that when upgrading my RB4011 from 6.49 to 7.1rc5. Fortunately I had partitioned my router and did a "test conversion" first, then after seeing what went wrong I went back to 6.49, adjusted the config, and tried again.
For example, it looks like disabled items in the IPsec config cause problems.
When I upgraded from rc5 to rc6 I did not have those issues again, but probably I was just lucky... I have learned by now that after every reboot of v7 one should export the config and diff it to an export made before the reboot, to make sure nothing was silently lost.
(and I often have to do that twice because the first time I forget to add the show-sensitive parameter...)

gumilev · Fri Nov 19, 2021 6:37 pm

A strange situation has arisen with the keys. Previously, devices did not turn off in batches

disconnected, group key exchange timeout

I temporarily solved the situation by changing the "Group Key Update" parameter from 00:05:00 to 02:00:00
I hope there will be a full-fledged solution to this problem

Mikrotik Chateau 12
v7.1rc6

drasir · Fri Nov 19, 2021 10:18 pm

Anybody had any chance repartioning from 1 to 2 partions on rc6?
Yesterday, a sudden power outage somehow corrupted rc4 on my RB4011, had to netinstall rc6 because i did not download rc4 when it was live.
To prevent this from happening again i wanted to move to 2 partions, but repartitioning the device results in kernel panic booting either of those..

pe1chl · Fri Nov 19, 2021 10:56 pm

I repartitioned my RB4011 under 6.49, copied to both partitions and upgraded one to 7.1rc5, now rc6.
That all worked fine. So I am not sure if repartition works on v7 but running from a partition certainly does.

drasir · Fri Nov 19, 2021 11:01 pm

I repartitioned my RB4011 under 6.49, copied to both partitions and upgraded one to 7.1rc5, now rc6.
That all worked fine. So I am not sure if repartition works on v7 but running from a partition certainly does.

Ah, good to know!

Actually did Just that, downgrade to 6.48.1, rewrite Firmware, partion, Upgrade to rc6, Upgrade Firmware, Copy partion.. Looks good, Thank you!

pe1chl · Sat Nov 20, 2021 12:23 pm

A strange situation has arisen with the keys. Previously, devices did not turn off in batches
disconnected, group key exchange timeout

I have seen it happen once now on my RB4011 that has been running rc6 since it was released.
It is certainly not something that happens at every group key exchange!

cohortcw · Sat Nov 20, 2021 12:36 pm

It seems that I am too facing port flapping issue on my 4011. ether7 is connected to a Unifi AC Pro and the situation was worst (Nov/19/2021) when i upgraded from rc5 to rc6. My ether8 which is also connected to a Unifi AC Lite did not encounter similar issues. I then downgraded to rc5 (Nov/20/2021) and it still exhibited some connection issues somewhat. Changed my bridge from STP protocol mode "RSTP" to "none" and move back to rc4. So far all is good now.

nithinkumar2000 · Sun Nov 21, 2021 9:25 am

Delegated IPv6 Prefix Parameter is still not included in Radius Accounting Packet for PPP Service.

mducharme · Sun Nov 21, 2021 9:41 am

Delegated IPv6 Prefix Parameter is still not included in Radius Accounting Packet for PPP Service.

As I said before, If I were you, I would try to create an SQL script that automatically updates the PPP accounting sessions with the IPv6 DHCP accounting information. It should be possible at least, now that everything is being stored in RADIUS.

kenyloveg · Mon Nov 22, 2021 4:12 am

I've been running 7.1rc6 on RB5009 and HAP AC2, with simple preshared key ikev2 site to site setup.
Everything is fine except hardware acceleration did not work, or downgraded (20-40% CPU compared to 15% CPU on previous stabled build)

diecode · Mon Nov 22, 2021 8:22 pm

I am using RB4011 with 7.1rc6 and ipsec freeze after user disconnect (l2tp/ipsec vpn). After freeze, no more any setup, peers and active connections in ipsec menu and cpu usage is too high (28-30% instead of 2-3%). When I check it in profile, then it show that ipsec using the cpu. After router restart, then all are working fine until user no disconnect again.

3bs · Tue Nov 23, 2021 3:15 am

RB5009 IGMP Proxy not working

osc86 · Tue Nov 23, 2021 10:48 am

Unlike pim, igmp-proxy is working fine here on 2 different devices. I can't imagine it only doesn't work on a RB5009. Check that you don't accidently block igmp, and make sure the RB5009 is the igmp-querier for all downstream interfaces. Also try to disable and re-enable igmp-snooping in bridge settings.

pe1chl · Tue Nov 23, 2021 10:56 am

I can't imagine it only doesn't work on a RB5009.

Unfortunately I have lost my trust in that aspect of RouterOS, now that I have a confirmed problem on my RB4011 (arm) that does not occur with exactly the same configuration on my RB2011 (mipsbe).
Apparently there really can be architecture-dependent bugs. They could probably be triggered by:
- different endianness
- different wordsize
- compiler bugs

huntermic · Tue Nov 23, 2021 11:11 am

Works great here on my RB5009

RB5009 IGMP Proxy not working

3bs · Tue Nov 23, 2021 2:22 pm

Unlike pim, igmp-proxy is working fine here on 2 different devices. I can't imagine it only doesn't work on a RB5009. Check that you don't accidently block igmp, and make sure the RB5009 is the igmp-querier for all downstream interfaces. Also try to disable and re-enable igmp-snooping in bridge settings.

Tried disable snooping, still not work.

3bs · Tue Nov 23, 2021 2:23 pm

Works great here on my RB5009

RB5009 IGMP Proxy not working

In my configuration not work.

pe1chl · Tue Nov 23, 2021 2:36 pm

In my configuration not work.

Your configuration is missing from your post. At least do a /routing igmp-proxy export and post the output here.

huntermic · Tue Nov 23, 2021 2:46 pm

In my configuration not work.
Your configuration is missing from your post. At least do a /routing igmp-proxy export and post the output here.

/routing igmp-proxy
set quick-leave=yes
/routing igmp-proxy interface
add interface=bridge-local
add alternative-subnets=\
10.237.224.0/19,213.75.167.0/24,213.75.112.0/21,217.166.224.0/22 interface=
vlan4 upstream=yes

3bs · Tue Nov 23, 2021 3:05 pm

In my configuration not work.
Your configuration is missing from your post. At least do a /routing igmp-proxy export and post the output here.

/routing igmp-proxy interface
add interface=bridge1
add alternative-subnets=198.18.56.226/32,46.61.193.82/32 interface=ether3 upstream=yes

fragtion · Wed Nov 24, 2021 2:28 am

...
When I upgraded from rc5 to rc6 I did not have those issues again, but probably I was just lucky... I have learned by now that after every reboot of v7 one should export the config and diff it to an export made before the reboot, to make sure nothing was silently lost.
(and I often have to do that twice because the first time I forget to add the show-sensitive parameter...)

Diff an export after each reboot? What a headache. I'm also seeing regular configuration loss on reboot, particularly on devices which I've been actively working/making changes on. Configuration loss is not something we should be seeing at RC level, alpha and maybe beta, sure. I really hope Mikrotik are prioritizing this issue for next updates. Also the need to disable and re-enable bgp-networks address-list after reboot or intermittent issues, is really frustrating

pe1chl · Wed Nov 24, 2021 11:13 am

is really frustrating

Well I have posted several issues with BGP in the rc5 and rc6 release topics, both cosmetic and frustrating.
We can only hope that MikroTik reads the topic of beta and rc releases and notes down everything in work items for the upcoming versions...
As it is now, it is certainly not ready for deployment into our network (were several different admins each have to upgrade one or more routers).

gumilev · Wed Nov 24, 2021 1:01 pm

A strange situation has arisen with the keys. Previously, devices did not turn off in batches
disconnected, group key exchange timeout
I temporarily solved the situation by changing the "Group Key Update" parameter from 00:05:00 to 02:00:00
I hope there will be a full-fledged solution to this problem
Mikrotik Chateau 12
v7.1rc6

My laptop is stationary but loses connection regularly. Reconnection is in progress. This was not the case before.
Mikrotik Chateau 12
v7.1rc6
wifi5

Rox169 · Wed Nov 24, 2021 1:29 pm

When I upgraded from rc5 to rc6 I did not have those issues again, but probably I was just lucky... I have learned by now that after every reboot of v7 one should export the config and diff it to an export made before the reboot, to make sure nothing was silently lost.
(and I often have to do that twice because the first time I forget to add the show-sensitive parameter...)
Diff an export after each reboot? What a headache. I'm also seeing regular configuration loss on reboot, particularly on devices which I've been actively working/making changes on. Configuration loss is not something we should be seeing at RC level, alpha and maybe beta, sure. I really hope Mikrotik are prioritizing this issue for next updates. Also the need to disable and re-enable bgp-networks address-list after reboot or intermittent issues, is really frustrating

Its not RC as RC, in another company is RC usually prity stabel. But in mikrotik, is RC deep beta, stable is RC and long term is stable. But the last time they suppriesed all of us, and after upgrading to long term version many devices did not start again,..so not even the long term version is stable

nithinkumar2000 · Wed Nov 24, 2021 9:09 pm

Delegated IPv6 Prefix Parameter is still not included in Radius Accounting Packet for PPP Service.
As I said before, If I were you, I would try to create an SQL script that automatically updates the PPP accounting sessions with the IPv6 DHCP accounting information. It should be possible at least, now that everything is being stored in RADIUS.

Hi mducharme,

Can you please suggest me some examples???

mducharme · Thu Nov 25, 2021 12:37 am

I don't know the exact command, but you would need to do an UPDATE query with a LEFT JOIN for the same table twice (the radacct table both times) WHERE the delegatedipv6prefix field is NULL to SET delegatedipv6prefix to the prefix found in the matching accounting entry for DHCPv6 RADIUS accounting (using the MAC address to match in the LEFT JOIN). You may also need to add another custom field to indicate whether this was done successfully, as otherwise this query would needlessly run for IPv4-only sessions and put a higher load on the device if you run it on a scheduled basis.

int0 · Thu Nov 25, 2021 4:07 pm

fasttrack doesn't seem to work (CHR on ESXi 6.7) VMXNET3

erkexzcx · Fri Nov 26, 2021 8:51 am

Hi. RB4011iGS+ model here with v7.1rc6 - today I wake up with internet not working. Turns out DNS not working everywhere, even in router (nslookup google.com). Querying manually on PC (nslookup google.com 1.1.1.1) also did not return anything. Like - there is no connectivity at all... But I was able to connect to the router via IP (not via ip>cloud) and perform reboot.

After reboot it's fixed. Before that router was up for several days/weeks without being touched at all and everything worked great.

It's a first time Mikrotik device got fixed by rebooting it.

If this happens again, I will sure raise a ticket to Mikrotik support to get this issue fixed. I did not take supout and therefore not raising any ticket now.

pe1chl · Fri Nov 26, 2021 10:53 am

When it happens again, it is a good idea to look at the DNS window to see what values it has for "cache used" and also open the Cache subpage to see how many items are there.
And of course take a supout file when that still works...

emils · Fri Nov 26, 2021 11:09 am

New version 7.1rc7 has been released in development RouterOS channel:

viewtopic.php?t=180675

Who is online