v6.49.2 [stable] is released!

emils · Mon Dec 06, 2021 1:29 pm

RouterOS version 6.49.2 has been released in public "stable" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49.2 (2021-Dec-03 14:53):

*) device-mode - improved flagged router configuration detection;

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

Please keep this forum topic strictly related to this particular RouterOS release.

mkx · Mon Dec 06, 2021 1:56 pm

*) device-mode - improved flagged router configuration detection;

Any other (minor) difference to 6.49.1? I'm wondering if it's worth upgrading from 6.49.1 if one isn't interested in this functionality?

eworm · Mon Dec 06, 2021 2:08 pm

Is there a non-dangerous configuration we can add to test the flagging?

karina · Mon Dec 06, 2021 2:28 pm

Is this version still bricking mipsbe devices, especially SXT's ? I haven't dared to upgrade any devices since the 6.49 release broke half my network.

Poundbury · Mon Dec 06, 2021 3:29 pm

I had some issues upgrading Tile to 6.49.1 (viewtopic.php?p=894934#p894934)
Are there any changes in the RouterBoot code that might help me in 6.49.2

kehrlein · Tue Dec 07, 2021 12:08 am

Same as with 6.49.1:
Upgrade to 6.49.2 resulted in a boot loop of hEX S (RB760iGS, mmips).
No access to device was possible until Netinstall, which solved the issue.

r00t · Tue Dec 07, 2021 2:09 am

Ouch... the routerboot fix should have been in this version, it's rather important!

nichky · Tue Dec 07, 2021 7:06 am

regarding flagged from wiki:

"RouterOS employs various mechanisms to detect tampering with it's system files"

How that has been done, give us an e.g.

Beachbum · Tue Dec 07, 2021 7:08 am

After upgrading to 6.49.2 The Dude stopped working for me. I also noticed that I am unable to upgrade to 7.1 as it just sits on calculating download size. Are both of these bugs or just weirdness? I typically don't upgrade this close to releases but was looking to try out wireguard.

mkamenjak · Tue Dec 07, 2021 10:47 am

After upgrading to 6.49.2 The Dude stopped working for me. I also noticed that I am unable to upgrade to 7.1 as it just sits on calculating download size. Are both of these bugs or just weirdness? I typically don't upgrade this close to releases but was looking to try out wireguard.

Can you check if the Dude package is installed? Can you check from Winbox if Dude is running? Have you updated your Dude client(in windows you need to do a 'run as admin')? I have upgraded to 6.49.2 and dude runs.

But I have another regression. After updating to 6.49.2 my test RB1100AHx4(dude edition), it deleted my user and enabled the default admin. The rest of the config is still there(I think).

Tue Dec 07, 2021 12:31 pm

Hi kehrlein,

I tried to repeat the same problem on our hEX S, but did not see any boot loop after the upgrade.

Did you already report this to support, do you have a SUP ticket number?

Some other questions that might help us identify the problem:
Did the device successfully upgrade to 6.49.1 or 6.49.2, or did the boot loop only start after the RouterBOOT upgrade (after the second reboot)?
What RouterOS (/system resource print) and RouterBOOT (/system routerboard print) versions were installed before the upgrade?
What configuration was used on the devices?
Were there any SFP or USB devices connected?
Can you repeat the problem?

I would appreciate it if you could share as many details as possible, so we could recreate the same problem in our lab.

krafg · Tue Dec 07, 2021 12:45 pm

Maybe some config is causing that HEX S keeps stuck after upgrade.

I suggest post your configs to do the respective tests.

Today I will upgrade a HEX.

Regards.

Poundbury · Tue Dec 07, 2021 8:23 pm

My issue with 6.49.1 is here: SUP-67276

Mine was Tile - No sfp modules installed on the ones I tried. (CCR1036).
Recoverable with a console cable, but no good if remote.

Did the device successfully upgrade to 6.49.1 or 6.49.2, or did the boot loop only start after the RouterBOOT upgrade (after the second reboot)?
Yes! - this was exactly it - details in the ticket.

I was really hoping that 6.49.2 might solve it.

Mike

carobeppe · Tue Dec 07, 2021 8:39 pm

Someone tested on SEXTANTs devices? We throw away about 10 units with the old 6.49.1 because the update bricked those devices. Thanks

kehrlein · Tue Dec 07, 2021 9:20 pm

Hi EdPa,
thanks for your reply!

Did you already report this to support, do you have a SUP ticket number?

Created SUP-68147 right now. Let me know if you need further information.

Did the device successfully upgrade to 6.49.1 or 6.49.2, or did the boot loop only start after the RouterBOOT upgrade (after the second reboot)?

Due to an automatically script for firmware update, I can't say if the issue occured after installing the software or the firmware.

What RouterOS (/system resource print) and RouterBOOT (/system routerboard print) versions were installed before the upgrade?

6.49.1 both

Were there any SFP or USB devices connected?

No.

Can you repeat the problem?

I've tried to repeat the problem with another hEX S (identical config) but in this case, the update of Soft- and Firmware was ok.

What configuration was used on the devices?

/interface bridge
add admin-mac=42:8F:5A:12:AB:12 auto-mac=no frame-types=admit-only-vlan-tagged ingress-filtering=yes name=bridge1 pvid=999 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] comment="Uplink"
set [ find default-name=ether2 ] comment="Samsung TV (private)"
set [ find default-name=ether3 ] comment="Yamaha (private)"
set [ find default-name=ether4 ] comment="unused (private)"
set [ find default-name=ether5 ] comment="unused (guest)"
set [ find default-name=sfp1 ] disabled=yes
/interface vlan
add comment="private for Mgmt" interface=bridge1 name=bridge1_vlan2 vlan-id=2
/snmp community
set [ find default=yes ] addresses=192.168.3.60/32 authentication-password=xxxxxx encryption-password=yyyyyyy security=private
/system logging action
set 1 disk-file-count=3 disk-lines-per-file=10000
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged ingress-filtering=yes interface=ether1 pvid=999
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether2 pvid=2
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether3 pvid=2
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether4 pvid=2
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether5 pvid=3
/ip neighbor discovery-settings
set discover-interface-list=all
/interface bridge vlan
add bridge=bridge1 comment=private tagged=ether1,bridge1 untagged=ether2,ether3,ether4 vlan-ids=2
add bridge=bridge1 comment=guest tagged=ether1 untagged=ether5 vlan-ids=3
/ip dhcp-client
add disabled=no interface=bridge1_vlan2
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=1122
set api address=192.168.3.60/32
set api-ssl disabled=yes
/ipv6 dhcp-client
add add-default-route=yes interface=bridge1_vlan2 request=address use-peer-dns=no
/snmp
set contact="aaa bbb" enabled=yes location=muc.domain.tld
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=test2.domain.tld
/system leds settings
set all-leds-off=after-1h
/system logging
set 0 disabled=yes
set 1 disabled=yes
set 2 disabled=yes
set 3 disabled=yes
add action=disk topics=critical
add action=disk topics=error
add action=disk topics=warning
add action=disk topics=system
/system ntp client
set enabled=yes
/system scheduler
add interval=1m name=refresh-ipv6 on-event="/ipv6 dhcp-client renew [find interface=bridge1_vlan2]" policy=read,write start-date=feb/13/2016 start-time=20:50:46
/tool romon
set enabled=yes secrets=xxyyzz

eddieb · Tue Dec 07, 2021 9:51 pm

upgraded all my devices from 6.491 to 6.49.2 as always with 2nd reboot to upgrade firmware. No problems ...
CCR1009 took 30 sec to flash and reboot, 2nd reboot took less than 15 seconds
------------------------------------------------------------------------------------------------------------------

icosasupport · Wed Dec 08, 2021 4:16 am

Hi,

I recently upgraded from 6.49 to 6.49.2 and noticed that the firewall conntrack entry size has reverted even though the previous release notes state:
" conntrack - increased total connection tracking table size based on installed RAM size;"'

Just as a note all I did was upgrade, the RAM size is still the same.

Here's a couple screen shots of before and after.
BEFORE 6.49.2

CHR-6.49-Connection Entries.PNG

AFTER 6.49.2:

CHR-6.49.2-Connection Entries.PNG

Does anyone @MT there test this at all before sending it out as a "stable" release??
Please fix this oversight.

eworm · Wed Dec 08, 2021 8:32 am

I think the wording is a bit misleading here, but probably you see what's expected. The number of max entries depends on your installed RAM.
Currently you have 3888 items with a maximum of 1048576. This is hardly an issue, no? If it is you have to add more RAM I guess.

Wed Dec 08, 2021 9:18 am

I think the wording is a bit misleading here, but probably you see what's expected. The number of max entries depends on your installed RAM.
Currently you have 3888 items with a maximum of 1048576. This is hardly an issue, no? If it is you have to add more RAM I guess.

I think the determining factor might be free RAM.
What's the difference between 6.49 and 6.49.2 for that aspect ?

Though I do agree over 1million possible connections can not really be seen as an issue...

Znevna · Wed Dec 08, 2021 11:02 am

Hi,

I recently upgraded from 6.49 to 6.49.2 and noticed that the firewall conntrack entry size has reverted even though the previous release notes state:
" conntrack - increased total connection tracking table size based on installed RAM size;"'

Ok, 6.49 had this:
*) conntrack - increased total connection tracking table size based on installed RAM size;
Then in 6.49.1 this:
*) conntrack - limit total connection tracking table size based on installed RAM size;
And since your screenshots are from 6.49 and 6.49.2, I'm assuming there was some error with the change done in 6.49 and corrected in 6.49.1.

DocSledge · Wed Dec 08, 2021 3:18 pm

I am using mikrotik for 4 years now. Since at least 1,5 years I notice that every "stable" verison / update has bugs in it. I am still on 6.48.3 and I am happy with that. Probably I will update to 6.48.4
But for shure I am right now switching to another brand because I am tired of that mikrotik-pain. I only have a little Home-Network but 4 RPi´s running with different servers who are important for me. And of course it is no question if I am running 1 or 1000 devices. If the firmware is crap - it is crap.
Done with mikrotik

Znevna · Wed Dec 08, 2021 3:25 pm

What bugs did you encounter, reported, and didn't get fixed?

dermawas · Wed Dec 08, 2021 3:40 pm

Successfully updated my router
Hardware Model: RB750Gr3
RouterOS Version: 6.49.2
Current Firmware: 6.49.2
Upgrade Firmware: 6.49.2
FYI I have a USB modem connected during the update

icosasupport · Wed Dec 08, 2021 6:48 pm

I think the wording is a bit misleading here, but probably you see what's expected. The number of max entries depends on your installed RAM.
Currently you have 3888 items with a maximum of 1048576. This is hardly an issue, no? If it is you have to add more RAM I guess.

There's nothing misleading about saying before an upgrade the conntrack entries were X, now after the upgrade they're Y, when the only thing that's changed is the OS. According to the release note the only variable here is the amount of RAM which has not changed. Maybe it'll be an issue when that router sees full traffic maybe it won't, that not the point here.

So I figured I should bring this to MT's attention since for some users it might be a huge problem.

icosasupport · Wed Dec 08, 2021 6:53 pm

Hi,

I recently upgraded from 6.49 to 6.49.2 and noticed that the firewall conntrack entry size has reverted even though the previous release notes state:
" conntrack - increased total connection tracking table size based on installed RAM size;"'
Ok, 6.49 had this:
*) conntrack - increased total connection tracking table size based on installed RAM size;
Then in 6.49.1 this:
*) conntrack - limit total connection tracking table size based on installed RAM size;
And since your screenshots are from 6.49 and 6.49.2, I'm assuming there was some error with the change done in 6.49 and corrected in 6.49.1.

I'm guessing that only MT would be able to say if that's the case, however I didn't see anything in the 6.49.2 release notes about it, but I guess sometimes I expect too much from those.

hatred · Thu Dec 09, 2021 1:20 pm

What bugs did you encounter, reported, and didn't get fixed?

DoH Certificate memory leak.

Jotne · Thu Dec 09, 2021 3:01 pm

For me that was fixed by change DoH provider. Why one give memory leakage I do not know.

bpwl · Thu Dec 09, 2021 3:13 pm

After upgrading to 6.49.2 The Dude stopped working for me. I also noticed that I am unable to upgrade to 7.1 as it just sits on calculating download size. Are both of these bugs or just weirdness? I typically don't upgrade this close to releases but was looking to try out wireguard.

For upgrading from 6.x to 7.x first remove ALL optional packages in 6.x or it will calculate download size forever.

llpax · Thu Dec 09, 2021 6:19 pm

For me that was fixed by change DoH provider. Why one give memory leakage I do not know.

No, its dont fixed by change DoH provider, only by disabling Verify Certificate..

R1CH · Fri Dec 10, 2021 3:21 am

Still nervous to upgrade any device to RouterOS with "device mode" until I know what triggers it. How can RouterOS distinguish my access from a hacker?

Jotne · Fri Dec 10, 2021 12:30 pm

Still nervous to upgrade any device to RouterOS with "device mode" until I know what triggers it. How can RouterOS distinguish my access from a hacker?

You need to press a button to accept some changes. How can a hacker do that remote?

karolkaz · Fri Dec 10, 2021 2:41 pm

Still nervous to upgrade any device to RouterOS with "device mode" until I know what triggers it. How can RouterOS distinguish my access from a hacker?

I'm also nervous about this. can someone give some advice and assurance on upgrade

apestalménos · Fri Dec 10, 2021 4:08 pm

Updated hAP AC with no issues. In fact, I've never had an issue with upgrades! Firmware and software upgrades have never failed. Best $125 I've ever spent on a network device.

R1CH · Fri Dec 10, 2021 6:46 pm

Still nervous to upgrade any device to RouterOS with "device mode" until I know what triggers it. How can RouterOS distinguish my access from a hacker?
You need to press a button to accept some changes. How can a hacker do that remote?

? There's nothing in the docs about pressing buttons.

RouterOS now can analyse the whole configuration at system startup, to determine if there are any signs of unauthorized access to your router. If suspicious configuration is detected, the suspicious configuration will be disabled and the flagged parameter will be set to "yes". The device has now a Flagged state and enforces certain limitations.

https://help.mikrotik.com/docs/display/ROS/Device-mode

No mention of what "suspicious configuration" is. How do I know it won't delete my remote access rules and lock me out of a device on the other side of the world?

Jotne · Sat Dec 11, 2021 9:18 am

? There's nothing in the docs about pressing buttons.

What is this then from the docs?

The device mode can be changed by the user, but remote access to the device is not enough to change it. After changing the device-mode, you need to confirm it, by pressing a button on the device itself, or perform a "cold reboot" - that is, unplug the power.

https://help.mikrotik.com/docs/display/ROS/Device-mode

If you have hacked the power plant for a city or region, you can then hack all MikroTik and then take down the power to the city :)

R1CH · Sat Dec 11, 2021 7:31 pm

That is talking about switching device mode between enterprise and home, used to lock down configuration to users (eg ISPs limiting what users can do on their router). The flagged config part of device mode seems entirely unrelated to the mode it is in. I don't even know why it's considered part of the device mode.

kehrlein · Sun Dec 12, 2021 1:06 am

Updated soft- and firmware on these models without any issues:
mAP 2nD
RBcAPGi-5acD2nD (cAP ac)
CRS309-1G-8S+
CRS328-24P-4S+
RB750GL
CCR2004-1G-12S+2XS
CCR1009-7G-1C-1S+
x86

Additional models (12.12.2021):
CRS112-8P-4S
RB1100AHx4

nithinkumar2000 · Sun Dec 12, 2021 10:11 am

Facing issue with Ipv6 Dhcpv6 Server. When PPP Delegation happens DUID is 0x000000000

Refer Image Below:

Capture.JPG

Hominidae · Tue Dec 14, 2021 9:45 am

...updated several hap-ac3, wap-ac, cap-ac, one CRS326 and one RB4011.

After a couple days, some WiFi users started complaining about I-Net speed degraded (WAN1 is a 1Gbps DOCSIS cable link). Rebooted the AP in their zone and performance was back to normal.
After the same issue occurred today, I tested WAN-Speed with some wired clients and found it to be seriously degraded. However, LAN speed, including inter-VLAN traffic was doing fine. Traffic on WAN/ether1 was very low (so no unsolicited visitor at work here either).
ISP claims that Modem is accessible at full speed (1154Mbps) from their side (they to have a speedtest, doing that).

Well, now....After a reboot of the RB4011, all is back to normal.
I am highly suspicious that someone messed with the NAT / conntrack table Management, hmmmm??

msdte · Wed Dec 15, 2021 2:48 pm

I think to have found a bug in current stable version 6.49.2. When exporting the /interface lte apn section, the use-peer-dns parameter is not exported regardless of its value. Please fix this.

Example:

[admin@arh-v116-mkr] > /interface lte apn set 1 use-peer-dns=no 
[admin@arh-v116-mkr] > /interface lte apn export compact terse 
# dec/15/2021 15:27:56 by RouterOS 6.49.2
# software id = XXXX-XXXX
#
# model = RB750Gr3
# serial number = XXXXXXXXXX
/interface lte apn add apn=internet name=mts
[admin@arh-v116-mkr] > /interface lte apn set 1 use-peer-dns=yes
[admin@arh-v116-mkr] > /interface lte apn export compact terse 
# dec/15/2021 15:28:04 by RouterOS 6.49.2
# software id = XXXX-XXXX
#
# model = RB750Gr3
# serial number = XXXXXXXXXX
/interface lte apn add apn=internet name=mts

techlord · Mon Dec 20, 2021 2:59 pm

Upgraded RB952Ui-5ac2nD (HAP AC LITE). Everything seems to work fine except packages channels. Switching between channels (long term, stable, etc) does not do anything, it always shows:
Installed Version 6.49.2
Latest Version 6.49.2
Has anyone experienced this before?

Jotne · Fri Dec 24, 2021 11:20 pm

Mine works fine with:
https://dns.nextdns.io/dns-query
and Verify Certificate selected.

lvader · Mon Dec 27, 2021 1:37 pm

Tried to upgrade to 6.49.x on my CRS112-8P-4S. Two SFP-RJ45 adapters stopped to work ("no link") that were previously worked great for almost 4 years.
Reverting back to 6.48.6 solved the issue. :(

SFP info: marked as "juniper networks":
Vendor Name Methode Elec.
Vendor Part Number SP7041-M1-JN

pribeiro · Thu Jan 06, 2022 12:01 pm

Since v6.48 all the releases seem to have some incompatibility/bug in IKEv2 with Windows10 that causes all connections to fail after about 7h40 after establishing.
With this release the problem remains and had to downgrade to v6.47.10

Happening with all the IKEv2 users each in his own location/home network/PC.

On access/authentication EAP/RADIUS the server returns "Session-Timeout = 36000" that should grant 10h of session ...

The reason given for the connection drop is "IPsec-SA expired before finishing rekey:", that don't happen on v6.47

The full debug log from the drop moment is documented at: https://www.dropbox.com/s/d6k25fgwgrsq6 ... m.txt?dl=0

regards!

hecatae · Wed Jan 12, 2022 2:13 pm

Running perfectly stable on a RB941-2ND as a Home AP, holding a PPPoE connection, serving DHCP and wirelessly connecting a IoT network.

Beachbum · Sat Jan 15, 2022 6:35 am

I upgrade a sites hEXS to 6.49.2 from 6.49.1 and haven’t been able to make an L2TP/IPSec tunnel since. I then tried to upgrade to 7.1.1 and didn’t have any luck either. I then tried Netinstall to do a fresh install of 7.1.1 and still had the issue. I then tried Netinstall with 6.49.2 and still can’t remedy the issue. I have combed the logs from IPSec and it looks like the hEXS isn’t checking the full IPSec config. This config has worked for 4 years no without any issues until these updates. I need to restore this issue asap as it is a primary site. I did try rolling back to several older configs that were known good and untouched by the update with no luck. I have tried contacted Mikrotik Support and got no where.

It appears to be an issue with the 6.49.2 through 7.1.1 firmware specially on the hEX S (MMIPS) platform. It doesn’t appear to be checking the config even after I apply the changes; even after disabling and reenabling. I have attached a screenshot of the hEX S and RB4011 config. The RB4011 is a known good and working config used on multiple sites and the hEX S matches but doesn't work. One note worth thing is the hEX S appears to be having trouble with the MODP group. I tried disabling it and then using 1024 which is what the log was suggesting but that didn't work.

Sob · Sat Jan 15, 2022 9:13 pm

@Beachbum: Look closely, the non-working one doesn't have modp4096, which is also what you can see not matching in the log.

Beachbum · Mon Jan 17, 2022 4:56 am

@Beachbum: Look closely, the non-working one doesn't have modp4096, which is also what you can see not matching in the log.

Unfortunately, that was remnants from me trying to disable and enable different options trying to get it to try different options. Enabling that has no change as it appears to be stuck on 1024 vs 4096.

Kentzo · Tue Jan 18, 2022 7:58 pm

The IPv6 bug where addresses disappear on reboot (viewtopic.php?p=906528#p906528) is still here.

jult · Tue Jan 18, 2022 10:05 pm

RB3011UiAS - After update to RouterOS 6.49.2 I can't update to 7.1.1 version.
System - Packages - Check for update show only 6.49.2 on ALL update channels
Please, help me update to 7.1.1 version!

Same here. 7.1.1 is shown as "testing" and "upgrade", but none of those work, when I try and tell it to download, it stalls and it isn't at my end of the line..

9b204744-9d7d-4abd-8e9f-c5799eeac4da.tmp_cr.png

Beachbum · Wed Jan 19, 2022 12:53 am

@juit I ran into this on several of my devices. You have to remove all extra packages in order to upgrade. So if you had the UPS or User Manager, you have to uninstall then you can upgrade, and then reinstall the available ones in 7.1.1.

jult · Thu Jan 20, 2022 3:35 pm

@juit I ran into this on several of my devices. You have to remove all extra packages in order to upgrade. So if you had the UPS or User Manager, you have to uninstall then you can upgrade, and then reinstall the available ones in 7.1.1.

Only problem is: I never installed any extra packages. This is how the RouterBoard came. The only thing I've done is upgrade firmware and update packages every once in a while..

pe1chl · Fri Jan 21, 2022 10:40 am

The Traffic Flow feature sends unidentified reports. This is probably due to this change in 6.49.1:

*) traffic-flow - added systematic count-based packet sampling support;

Since version 6.49.1 (but I upgraded to 6.49.2 to verify that it is still the case) the Traffic Flow feature (IPFIX mode) sends reports with template ID 260, but it never sends a description of this template!
The IDs 258 (IPv4 traffic) and 259 (IPv6 traffic) templates are sent correctly.

frank333 · Sat Jan 22, 2022 11:23 am

Good morning,
I have a rb3011 with ros6.46.8 and a configuration with dual wan in load balancing,
I would like to upgrade to 6.49.2 to take advantage of wireguard and DoH .
Someone who has tried can confirm or not the success?

eworm · Sat Jan 22, 2022 11:27 am

Version 6.49.2 does not provide Wireguard.

frank333 · Sat Jan 22, 2022 11:34 am

@eworm tnx, i could continue to use l2tp , do you know if there are any problems also for DoH ?

pe1chl · Sat Jan 22, 2022 1:05 pm

There are some issues with DoH, you should read about it on the forum. But upgrading your RouterOS is advisable anyway.

frank333 · Sun Jan 23, 2022 10:05 am

@pe1chl ,
I've read several posts on the forum about DoH; but with ros version 6.49.2 it's not clear to me if in case of doh block the router continues to work with unencrypted dns.
I also read that someone has chosen the longterm version 6.48.6 preferring it to the stable version.
I'm gripped by doubts and worried because it would be appropriate to update my router for a security issue, but especially because I would not want to have the router blocked for several hours not having a second backup.

pe1chl · Sun Jan 23, 2022 1:27 pm

I run 6.49.2 on several routers without issue, but I do not use DoH anywhere. I have no need for it.
Other things appear to work fine on this version. I also run 7.x versions on some routers but they have a lot more issues, so even though they support wireguard I would be careful when upgrading to that.

frank333 · Sun Jan 23, 2022 2:59 pm

ok, I'll ask again in a few posts on the DoH if anyone still had problems and then I think I'll update (hoping not to use netinstall and revert to the previous version)

pe1chl · Sun Jan 23, 2022 7:39 pm

When you have a 3011 you should partition it in two partitions and copy part0 to part1 before you upgrade and then you can always make part1 active and reboot when the upgrade is causing problems.
You should do the same thing before you attempt to upgrade to v7.x.

frank333 · Sun Jan 23, 2022 9:38 pm

It is very interesting to create two partitions, I have 85 MB out of a total of 128. I've read the manual a little bit but it doesn't explain in detail how to do it and I would surely mess up, I'll open a post to get some advice.

pe1chl · Sun Jan 23, 2022 11:12 pm

Simply repartition and set 2 partitions (it reboots) then copy part0 to part1

Ullinator · Mon Feb 14, 2022 11:01 am

CAPsMAN in ROS 6.49.2 (and even 7.X.X is not usable) is a catastrophy. Regardless if I use 6.49.2, 7.0.5, 7.1.1, 7.1.2 or 7.2RCX, in every ROS version I found a full hand of bugs.
I´ve configured all from scratch (no config update from ROS 6.X), but nothing worked.
The errors are:
- no DHCP leases
- no traffic from or to the CAPs after a few minutes
- no traffic from or to the CAPsMAN after a few minutes
- unregulary disconnects from the WLAN every 10-60 sec. (with a bunch of devices)
The config was not really complicate, only 2 vLANS and 5 CAPs with auto-Provisioning. DHCP for LAN is served from a Windows Server, the GUEST DHCP comes from the MT router.

After netinstall 6.48.6 and recreate the config from scratch everything is working again without problems.
(The config within ROS 6 and 7 was exactly the same.)
It was a really nightmare weekend... :-(

Tue Feb 15, 2022 11:32 am

New version 6.49.3 has been released in stable RouterOS channel:

viewtopic.php?t=183257