v7.5 [stable] is released!

emils · Wed Aug 31, 2022 1:54 pm

RouterOS version 7.5 is released in the "v7 stable" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during the upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 7.5 (2022-Aug-30 12:25):

*) bgp - fixed remote refuse capability options, max prefix limit errors and administrative stop;
*) bgp - improved stability when "default-originate" is configured;
*) bridge - fixed "new-priority" value validation for NAT rules;
*) capsman - added randomized range option for "reselect-interval" parameter (CLI only);
*) certificate - fixed handling of empty AKID by SCEP client;
*) console - fixed automatic command completion with keypress;
*) container - added support for running Docker (TM) containers on ARM, ARM64 and x86 (containers created before v7.4 must be recreated);
*) defconf - fixed loading of default configuration on RB4011 with WifiWave2 package enabled;
*) dhcpv4-server - fixed removal of dynamic leases when server is removed;
*) dhcpv6-client - moved invalid lifetime logging message from "debug" to "error" topic;
*) dhcpv6-client - use /128 prefix for IA_NA addresses;
*) dhcpv6-relay - fixed relay forwarding (introduced in v7.1.5);
*) dhcpv6-server - improved stability when acquiring binding;
*) dns - added "address-list" parameter for static DNS entries (CLI only);
*) dns - added "match-subdomain" option for static entries (CLI only);
*) firewall - added support for RTSP helper;
*) health - fixed "temperature" and "power-consumption" readings on RB1100x4;
*) health - improved voltage reading on CRS112-8P-4S;
*) health - renamed "cpu-temperature" to "switch-temperature" on CRS312-4C+8XG, CRS326-24S+2Q+, CRS354-48P-4S+2Q+, CRS354-48G-4S+2Q+, CRS504-4XQ-IN, CRS518-16XS-2XQ;
*) hostpot - fixed Walled Garden functionality for HTTPS sites;
*) hotspot - automatically reject all HTTPS requests passing through HotSpot server for unauthorized users;
*) hotspot - improved stability when receiving bogus packets;
*) hotspot - limit maximum allowed connections based on free RAM resources;
*) hotspot - removed "https-redirect" option;
*) ike2 - allow sending certificate chain as initiator;
*) interface - fixed default interface naming on RB1100x2;
*) l3hw - fixed HW offloaded NAT;
*) leds - fixed default LED configuration for RBwsAP-5Hac2nD;
*) leds - fixed wireless LED functionality on LHGG;
*) lora - do not ignore negative sign for spoofed GPS coordinates;
*) lte - added at-chat and NMEA port support for Simcom modems, USB composition (device id - 0x9003);
*) lte - added at-chat support for Simcom modems, USB composition (device id - 0x9005);
*) lte - added "SIM not inserted" and "SIM failure" messages to "status" and "monitor" commands for AT modems;
*) lte - changed cell ID info display to short format for 3G connections;
*) lte - disallow empty APN name only for default entry;
*) lte - fixed AT channel for Sierra Wireless modems with device ID 0x9091;
*) lte - fixed LTE interface presence for Telit LN940;
*) lte - fixed UDP performance on MMIPS devices;
*) lte - improved antenna scan for Chateau devices with switchable antennas;
*) lte - improved configuration export when multiple LTE interfaces are present;
*) lte - modem dialer, do not reset dialing sequence if modem reply with error to user set init-string;
*) netinstall - fixed Netinstall procedure for ARM devices;
*) netwatch - automatically start migrated probes from previous RouterOS versions;
*) netwatch - changed ICMP default packet loss fail threshold to 85%;
*) ntp - fixed NTP server when "use-local-clock" is used;
*) ospf - fixed handling of external forwarding address;
*) ospf - improved stability when interface is being disabled during database exchange;
*) ovpn - fixed encryption key renewal process which caused periodic session disconnects;
*) ovpn - improved system stability when hardware acceleration is used on ARM64 devices;
*) ovpn - moved disconnected user logging message from "debug" to "info" topic;
*) ping - improved service stability;
*) port - added support for D-Link DWM-222 in serial/PPP mode (device id - 0xac01/0x7e3d);
*) port - added support for Huawei/ZTE K5006z in serial/PPP mode (device id - 0x1017/0x1018);
*) ppp - improved service stability under high load;
*) ppp - use /32 as default netmask if not specified for "routes" parameter;
*) ptp - improved system stability on CRS devices;
*) quickset - removed PPTP and SSTP server addition for "VPN" checkbox;
*) rb5009 - fixed ether1 status reporting after system reboot;
*) route-filter - fixed "delete bgp-communities" command;
*) routerboard - added "reset-button" script feature for TILE devices;
*) sfp - fixed "eeprom" reading on single SFP port ARM devices;
*) sfp - fixed QSFP+ and QSFP28 interface disable when using breakout cable;
*) sfp - fixed unresponsive "sfp1" interface after disabling "ether1" on NetMetal devices;
*) sfp - improved combo SFP ports initialization handling on CRS312-4C+8XG, CRS328-4C-20S-4S+;
*) sfp - improved stability when using 2.5G optical modules in CCR2116, CCR2216 and CRS518;
*) snmp - fixed usage of VRF after system startup;
*) socks - fixed "dst-port" usage when checking access list;
*) ssh - added AES support for PEM decryption;
*) ssh - fixed importing of public keys;
*) ssh - fixed minor typo issue when importing public key;
*) sstp - fixed client stuck in "nonce matching" state;
*) switch - fixed ACL rules for 98DXxxxx switches with more than 28 ports (introduced in v7.3);
*) switch - removed limit for number of hardware-offloaded bonding interfaces;
*) swos - enabled SwitchOS support for CRS310-1G-5S-4S+;
*) swos - fixed SwOS upgrade procedure on CRS305-1G-4S+;
*) traceroute - added "do-not-fragment" parameter support (CLI only);
*) traceroute - increased packet size limit to 65535;
*) vrrp - added "sync-connection-tracking" compatibility with preemption-mode;
*) vrrp - fixed high CPU usage when "sync-connection-tracking=yes" and the backup router goes offline;
*) vrrp - fixed HW offloaded bridge MAC address learning when changing from VRRP master to backup;
*) vrrp - fixed initial connection tracking synchronization, a backup router now always receives all existing connections;
*) vrrp - improved connection tracking synchronization protocol (CTSYNC), the new protocol is incompatible with previous RouterOS versions with "sync-connection-tracking=yes";
*) webfig - allow to specify NTP server as domain name;
*) webfig - fixed displaying of grahs in status pages;
*) webfig - fixed floating point field's negative value in -0.*** format;
*) wifiwave2 - added "sae-pwe" parameter with hash-to-element mechanism for SAE PWE derivation;
*) wifiwave2 - added support for 802.11k;
*) wifiwave2 - disable wireless interface after wireless configuration reset;
*) wifiwave2 - fixed displaying of AKM in scan results;
*) wifiwave2 - fixed duplicated AKM in RSN message;
*) wifiwave2 - fixed group key update for client devices which connect via fast BSS transition;
*) wifiwave2 - fixed incorrect AKM usage for FT-WPA3-EAP-192;
*) wifiwave2 - fixed reassociation response sending for fast transition over DS;
*) wifiwave2 - fixed setting of "ft-nas-identifier" parameter;
*) wifiwave2 - fixed usage of Canada country setting on US locked devices;
*) wifiwave2 - improved default channel width selection for interfaces in station mode;
*) winbox - do not show previously attached LTE interfaces while establishing LTE connection;
*) winbox - enabled all filters by default under "Tools/Torch" menu;
*) winbox - fixed "Enable", "Disable" and "Comment" functions for L2TP-ether type interfaces;
*) winbox - fixed "Next Run" parameter displaying under "System/Scheduler" menu;
*) winbox - fixed "Type" and "Value" field displaying under "System/Health" sub-menu's;
*) winbox - show warning messages for BGP connection entries;
*) wireless - fixed interface initialization on x86 devices;
*) x86 - allow downgrading to RouterOS v6 only if it was previously installed;
*) x86 - fixed advertising of 2500M and 5000M link speeds on ixgbe driver;

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while the router is not working as suspected or after some problem has appeared on the device

Please keep this forum topic strictly related to this particular RouterOS release.

Rox169 · Wed Aug 31, 2022 1:58 pm

first :) Please let me know on what devices did you try this STABLE version...especially HAP AC3, HAP AC2, any 60 Ghz device....

templeos · Wed Aug 31, 2022 2:12 pm

*) webfig - fixed displaying of grahs in status pages

Progress, but you still have work to do. Memory usage and Disk usage gives: ERROR: NO ACCESS!
CPU usage is fine and interfaces.

While you are at it fix mikrotik_logo.png on WebFig. Please make background transparent and not white.

EDIT: the hardware is hAP ac² and is added image where only CPU is present

CPU_only.png

giulianoz · Wed Aug 31, 2022 2:36 pm

*) container - added support for running Docker (TM) containers on ARM, ARM64 and x86 (containers created before v7.4 must be recreated);

Can you explain this, please?

rextended · Wed Aug 31, 2022 2:44 pm

Containers are removed on 7.4 and reintroduced again on 7.5
On changelog of the stable are considerered only the change between previous stable and this version.

rextended · Wed Aug 31, 2022 2:50 pm

*) webfig - fixed displaying of grahs in status pages;
Progress, but you still have work to do. Memory usage and Disk usage gives: ERROR: NO ACCESS!

Hardware used: hAP ac²
After trying several times to install 6.44.6, activate the graphs, have them recorded, then update to 7.5,
and repeat the process with 6.46.8 and 6.48.6, I was unable to duplicate the problem.
All the times the graphs worked perfectly.

Probably is a problem on your filesystem, and since you don't give a damn about contacting technical support(*) , I'ts your problem.

(*) On removed useless posts, the user do not want provide supout.rif to technical support at support@mikrotik.com

rextended · Wed Aug 31, 2022 3:04 pm

While you are at it fix mikrotik_logo.png on WebFig. Please make background transparent and not white.

What is the problem???

eworm · Wed Aug 31, 2022 3:08 pm

It looks ugly to have a white rectangle on a grey gradient...

th0massin0 · Wed Aug 31, 2022 3:33 pm

SUP-67642 (SSTP long connecting).

winap · Wed Aug 31, 2022 3:38 pm

So tell me, is there any difference between RC2 and final?
Thanks

rextended · Wed Aug 31, 2022 3:45 pm

The differences reported are between 7.4.1 and 7.5, it should not be changed between 7.5rc2 and 7.5

****************************

@eworm

It looks ugly to have a white rectangle on a grey gradient...

I try to use my monitor at home, thanks.

mmc · Wed Aug 31, 2022 4:14 pm

*) ospf - fixed handling of external forwarding address;

was this a bug regarding ospf redistribution - does somebody have more info about it?

Ullinator · Wed Aug 31, 2022 4:16 pm

Update successfully done without problems (ROS and FW) from 7.4.1 to 7.5 on the following devices:

hc_247.jpg

DL7JP · Wed Aug 31, 2022 4:47 pm

CRS125-24G, hAP ac, hAP ac^2, CCR2004-16G: Upgraded, no problems noticed.

jvanhambelgium · Wed Aug 31, 2022 4:54 pm

Updated RB3011 from 7.5RC2 to 7.5 "Stable" , no imminent issues ;-) for now.

BrateloSlava · Wed Aug 31, 2022 5:06 pm

*) capsman - added randomized range option for "reselect-interval" parameter (CLI only);

Example, please.

didis81 · Wed Aug 31, 2022 5:17 pm

Updated a small network about 50 device to 7.5 Stable no issues for now.
All good

rextended · Wed Aug 31, 2022 5:44 pm

*) capsman - added randomized range option for "reselect-interval" parameter (CLI only);
Example, please.

This example is for obtain a random FIXED time everytime the script is called, or when creating new interface,
but after first creation, or after set, the time between intervals still the same.

/caps-man/interface set <CAPSMAN INTERFACE NAME> channel.reselect-interval=[:rndnum 86400 172800]

On next @Guntis post, you have the example to set a range between two values for channel.reselect-interval,
with that values when the channel.reselect-interval expire, the memorized values are used for choose everytime a different time interval between two channel-reselection.

Wed Aug 31, 2022 6:28 pm

Example: caps-man/configuration/add channel.reselect-interval=10m..20m
It will run channel reselection at a random interval that is within the defined range.

mseidler · Wed Aug 31, 2022 6:38 pm

Upgraded an RB3011, RB4011, CRS326-24G-2S+, CRS1128-8P-4S and CRS309-1G-8S+, 2x wAP G-5HacT2HnD without issues.

TIS · Wed Aug 31, 2022 7:25 pm

Upgraded from 7.4.1 to 7.5 CHR Amazon + HEX 750G r3 flight normal :)

juniorespow · Wed Aug 31, 2022 7:37 pm

Issue showing uptime and Remote ID of BGP SESSIONS after upgrading to 7.5

Wed Aug 31, 2022 8:20 pm

2x hap AC3 upgraded (home network, wifiwave2 and VLANs, nothing fancy), no noticeable issues.

tarikin · Wed Aug 31, 2022 8:39 pm

After reboot lost my home hap ac2 7.4.1 -> 7.5 with:
- vrrp master
- capsman
- dual pppoe wan ipv4, ipv6
- some other functions

Got boot loop.

Another hap ac2 with similar configuration upgraded without issues
- configured but disabled vrrp slave interface

nexusds · Wed Aug 31, 2022 8:54 pm

WAP60G station-bridge (WAP60G-AP are ok as bridge-ap) causing high bandwidth (20-30Gbps) only on wlan60-1 interface and 1xcore CPU spike upon management login. 7.4.1 works fine - only a problem on 7.5

Panbambaryla · Wed Aug 31, 2022 9:51 pm

Why does it take so long to run SFP+ Mikrotik transceiver on RB4011iGS+5HacQ2HnD? It started to behave this way a few 7 releases back and since that moment I always have to wait much longer for communication with my LAN.

Interfaces1.jpg

Interfaces2.jpg

revilo · Wed Aug 31, 2022 9:59 pm

RB5009UG+S+ Moved from 7.4 to 7.5 - ppp client not connecting after upgrade (connected once during multiple reboots)
Moved to 7.5rc2 now and it's connecting normally again.

LonDat · Wed Aug 31, 2022 10:38 pm

*) netinstall - fixed Netinstall procedure for ARM devices;

Does it mean, I should do Netinstall again when I did Netinstall on AC3 and Audience (both ARM) with OS 7.3.1 and 7.4.1?

draid · Wed Aug 31, 2022 10:41 pm

The SFP module information is still missing and this is getting really frustrating. I understand if it was some kind of 3rd party SFP module, but one would expect a MT branded module to work out of the box with a MT device as intended. HexS and S-85DLC05D. I'm tired of rolling back to 6.49 every time. At least give some information on this problem...

Rox169 · Wed Aug 31, 2022 10:57 pm

WAP60G station-bridge (WAP60G-AP are ok as bridge-ap) causing high bandwidth (20-30Gbps) only on wlan60-1 interface and 1xcore CPU spike upon management login. 7.4.1 works fine - only a problem on 7.5

Hi,

anyone else has this issue? Have you log SUP to Mikrotik?

nexusds · Wed Aug 31, 2022 11:28 pm

Yes Support as an auto generated supout since it crashed the CPU with the load.

Guscht · Thu Sep 01, 2022 12:52 am

Without incident my homenetwork:

Screenshot 2022-08-31 235114.jpg

lelmus · Thu Sep 01, 2022 3:07 am

Updated to 7.5 stable and have issue with sfp+. Every time I software reboot RB4011iGS+5HacQ2HnD, I keep getting "sfpplus1 fcs error on link" on sfpplus1 of CCR1016-12S-1S+. Winbox is connected to CCR1016-12S-1S+ as its the main router that everything connects to. The way to fix RB4011iGS+5HacQ2HnD is by hard rebooting with complete power loss for 10+ seconds. Doing a software reboot RB4011iGS+5HacQ2HnD locks me up again. All sfp+ ports are on default settings.

aglabs · Thu Sep 01, 2022 3:50 am

*) l3hw - fixed HW offloaded NAT;

Interesting, on my CCR2116 l3hw nat was working fine for me before 7.5. Post 7.5 traffic that is natted has high % drop rate so high not even a TLS session can establish. Disabling l3hw removes the packet loss behavior.

nichky · Thu Sep 01, 2022 4:19 am

Example: caps-man/configuration/add channel.reselect-interval=10m..20m
It will run channel reselection at a random interval that is within the defined range.

@Guntis
so that one will have effect only if the channel is auto , if i specify it, then there is no point using that , am i correct?

hoeser · Thu Sep 01, 2022 5:02 am

VRRP issues between a setup with an x86 & CCR2004 master/slave preemptive setup on 7.5 (both devices) - both nodes showing master, packet sniffing confirms all traffic including broadcast is seen by both nodes.

I wanted to start debugging this outside production on pair lab HEXs - both on 7.5, both fresh barebones configs - ended up with a completely different VRRP problem - vrrp IP and vrrp interfaces stay in invalid state on both routers despite valid shared /32 address in the same address space as the parent interface.. was using ether3 on both lab hex routers connected directly.

So, VRRP seems a little janky on 7.5

sirbryan · Thu Sep 01, 2022 5:25 am

Code: Select all
*) l3hw - fixed HW offloaded NAT;
Interesting, on my CCR2116 l3hw nat was working fine for me before 7.5. Post 7.5 traffic that is natted has high % drop rate so high not even a TLS session can establish. Disabling l3hw removes the packet loss behavior.

I confirmed this on my 2115 as well. L3HW switching was enabled on the switch and NAT worked prior to 7.5. After upgrade NAT was broken until I disabled L3HW switching on the switch.

nexusds · Thu Sep 01, 2022 7:13 am

Updated to 7.5 stable and have issue with sfp+. Every time I software reboot RB4011iGS+5HacQ2HnD, I keep getting "sfpplus1 fcs error on link" on sfpplus1 of CCR1016-12S-1S+. Winbox is connected to CCR1016-12S-1S+ as its the main router that everything connects to. The way to fix RB4011iGS+5HacQ2HnD is by hard rebooting with complete power loss for 10+ seconds. Doing a software reboot RB4011iGS+5HacQ2HnD locks me up again. All sfp+ ports are on default settings.

Similar issue on RB4011 - SFP+ 10G Copper.. had to disable/enable/change auto to hard code and back again a few times then it would work fine. (did try cold reboot as you did)

Rox169 · Thu Sep 01, 2022 8:03 am

*) netinstall - fixed Netinstall procedure for ARM devices;

Is the netinstall necessary or it is enough only when I flash this firmware?

nichky · Thu Sep 01, 2022 9:21 am

how to get to :

*) dns - added "address-list" parameter for static DNS entries (CLI only);
*) dns - added "match-subdomain" option for static entries (CLI only);

rextended · Thu Sep 01, 2022 10:02 am

@Guntis
so that one will have effect only if the channel is auto , if i specify it, then there is no point using that , am i correct?

I'm not @Guntis, but if is only one channel in list, is useless, but if you set two or more channels on list, the choice is made on the better on that list.

rextended · Thu Sep 01, 2022 10:07 am

*) netinstall - fixed Netinstall procedure for ARM devices;

@LonDat, @Rox169
Is a fix inside the Netinstall program, that do not work correctly with some arm device.
Is not needed to netinstall the RouterBOARD or upgrade RouterOS for this program bug.

infabo · Thu Sep 01, 2022 11:04 am

Chateau LTE12, hap lite and map lite -> updated without issues.

Thu Sep 01, 2022 11:44 am

Code: Select all
*) l3hw - fixed HW offloaded NAT;
Interesting, on my CCR2116 l3hw nat was working fine for me before 7.5. Post 7.5 traffic that is natted has high % drop rate so high not even a TLS session can establish. Disabling l3hw removes the packet loss behavior.
I confirmed this on my 2115 as well. L3HW switching was enabled on the switch and NAT worked prior to 7.5. After upgrade NAT was broken until I disabled L3HW switching on the switch.

Before 7.5, FastTrack NAT connections could be reported as hw-offloaded despite still getting processed by the CPU. In 7.5 those are actually hw-offloaded. Maybe the problem is that the hardware cannot handle some types of connections (e.g. a tunneled connection), so those shouldn't be offloaded in the first place. Please create a support ticket, so we can investigate the problem.

Thu Sep 01, 2022 11:52 am

VRRP issues between a setup with an x86 & CCR2004 master/slave preemptive setup on 7.5 (both devices) - both nodes showing master, packet sniffing confirms all traffic including broadcast is seen by both nodes.

I wanted to start debugging this outside production on pair lab HEXs - both on 7.5, both fresh barebones configs - ended up with a completely different VRRP problem - vrrp IP and vrrp interfaces stay in invalid state on both routers despite valid shared /32 address in the same address space as the parent interface.. was using ether3 on both lab hex routers connected directly.

So, VRRP seems a little janky on 7.5

Are you using sync-connection-tracking=yes? We have identified the issue where sync-connection-tracking didn't work on HEX (and on any MIPS device); the fix will be released in the next beta.

Regarding the VRRP setup between x86 and CCR2004, please post your "/interface export" and "/ip export" configurations from both devices. I suggest creating a separate forum thread here.

Ullinator · Thu Sep 01, 2022 12:40 pm

Updated to 7.5 stable and have issue with sfp+. Every time I software reboot RB4011iGS+5HacQ2HnD, I keep getting "sfpplus1 fcs error on link" on sfpplus1 of CCR1016-12S-1S+. Winbox is connected to CCR1016-12S-1S+ as its the main router that everything connects to. The way to fix RB4011iGS+5HacQ2HnD is by hard rebooting with complete power loss for 10+ seconds. Doing a software reboot RB4011iGS+5HacQ2HnD locks me up again. All sfp+ ports are on default settings.
Similar issue on RB4011 - SFP+ 10G Copper.. had to disable/enable/change auto to hard code and back again a few times then it would work fine. (did try cold reboot as you did)

Sorry, but I can´t agree. My RB4011iGS+5HacQ2HnD is connected via SFP+ with my CRS326-24S+2Q+ with an MikroTik DAC-Cable and regardless if I soft- or hardreboot my device the SFP+ connection came up without any issues.
So maybe it´s a device specific problem with your CCR or with your SFP+ GBIC.

honzam · Thu Sep 01, 2022 1:01 pm

Hello. CubeG-5ac60ay with 7.5 as client = kernel failure every minute.
After downgrade to 7.4.1 = everything OK

ticket: SUP-91404

hecatae · Thu Sep 01, 2022 1:01 pm

Hap AC Lite upgraded without issues.
Anyone upgraded a RB2011 or RB3011 yet?

jvanhambelgium · Thu Sep 01, 2022 1:42 pm

Yep, RB3011 went OK.
Only 1 PPPoE to ISP , no complex setup, no routing-protocols etc. Typical home-usage.

osc86 · Thu Sep 01, 2022 2:01 pm

2x CubeG-5ac60ad constantly rebooting every 1-3 Minutes, both upgraded from 7.4.1 to 7.5.
EDIT: The issue seems to be related to the W60G interface, once disabled, the reboots stop.
Downgraded to 7.4.1 and devices are stable again with W60G interface enabled.

vecernik87 · Thu Sep 01, 2022 2:04 pm

Updated to 7.5 stable and have issue with sfp+.

Similar issue on RB4011 - SFP+ 10G Copper..

I just had similar (although not same) experience. CRS328-24P-4S+ upgraded from 7.4 to 7.5. After reboot, SFP+ (FS SFP-10GSR-85) said Link OK and showed both RX and TX traffic. However, on the other end there was no RX traffic!

I tried to enable/disable the port on both ends, change autonegotiation to manual and back, reboot the switch few times and then downgrade back to 7.4 , but there was no change - still broken. So I physically removed the SFP module, plugged it into next SFP+ port and it started working. Plugged it back, it still works. Second time upgraded and it did not break.

Since RouterOS was claiming there are TX data but the other side didn't see any RX, I am assuming there was an issue with the SFP+ module itself. Possibly some random fail during initialization after the upgrade? Definitely worth looking into because it shouldn't report "link ok" if the link isn't in fact ok.

Anyway, I would not recommend other people to upgrade remote devices which rely on SFP ports. If you think that another link with RSTP failover will save you - you are wrong. In my case, the affected switch was further from root switch, so the broken SFP was the root uplink. Affected switch thought it works fine (because it saw RX and TX packets) so it disabled alternate uplinks and essentially cut itself from the the rest of the network.

hecatae · Thu Sep 01, 2022 2:07 pm

Hello. CubeG-5ac60ay with 7.5 as client = kernel failure every minute.
After downgrade to 7.4.1 = everything OK

ticket: SUP-91404

I take it this was both RouterOS and Routerboard updated to 7.5?

Rox169 · Thu Sep 01, 2022 2:08 pm

2x CubeG-5ac60ad constantly rebooting every 1-3 Minutes, both upgraded from 7.4.1 to 7.5.

It is sad to see, that MK is not testing new "STABLE" version again after recently bricked soo many devices....

hoeser · Thu Sep 01, 2022 3:59 pm

Are you using sync-connection-tracking=yes? We have identified the issue where sync-connection-tracking didn't work on HEX (and on any MIPS device); the fix will be released in the next beta.

Regarding the VRRP setup between x86 and CCR2004, please post your "/interface export" and "/ip export" configurations from both devices. I suggest creating a separate forum thread here.

Neither setup was using connection tracking.

pe1chl · Thu Sep 01, 2022 4:07 pm

Issue showing uptime and Remote ID of BGP SESSIONS after upgrading to 7.5

This problem was introduced in the 7.5beta and reported, but it has been ignored so now it ends up in the "stable" release...

iliyah · Thu Sep 01, 2022 5:44 pm

powerpc - after the upgrade from v7.4.1, the router drops all incoming vpn connection every 5 minutes or so.

sterod · Thu Sep 01, 2022 8:07 pm

All devices with ARM cpu's are coming up at the wrong frequency after the 7.4.1 to 7.5 upgrade. You see this in the System / RouterBOARD menu. A warning appears that the cpu is not running at the default frequency. Clicking on the "Settings" button, you see it is incorrectly set to 716MHz and needs to be manually changed back to auto.

kalamaja · Thu Sep 01, 2022 8:13 pm

*) webfig - fixed displaying of grahs in status pages
Progress, but you still have work to do. Memory usage and Disk usage gives: ERROR: NO ACCESS!
CPU usage is fine and interfaces.

I have opposite situation with hEX S at 7.5: HDD and Memory available, but CPU missing from Resource Graphs and webfig gives "no access" to CPU.

lelmus · Thu Sep 01, 2022 8:32 pm

Similar issue on RB4011 - SFP+ 10G Copper.. had to disable/enable/change auto to hard code and back again a few times then it would work fine. (did try cold reboot as you did)
Sorry, but I can´t agree. My RB4011iGS+5HacQ2HnD is connected via SFP+ with my CRS326-24S+2Q+ with an MikroTik DAC-Cable and regardless if I soft- or hardreboot my device the SFP+ connection came up without any issues.
So maybe it´s a device specific problem with your CCR or with your SFP+ GBIC.

Good point, maybe its the SFP+ module brand I'm using as they are not a Mikrotik brand and probably don't get tested at Mikrotik. The SFP+ I'm using at both ends the Maxxwave MW-SX+MM-US. But it worked perfect all these years till the moment of the latest 7.5 [stable] update, so it only makes sense its a bug since 7.5beta11 worked perfectly.

Maxxwave site claims MIkrotik compatibility on this SFP+ module: https://www.maxxwave.com/portfolio/mult ... er-module/

Thu Sep 01, 2022 8:42 pm

All devices with ARM cpu's are coming up at the wrong frequency after the 7.4.1 to 7.5 upgrade. You see this in the System / RouterBOARD menu. A warning appears that the cpu is not running at the default frequency. Clicking on the "Settings" button, you see it is incorrectly set to 716MHz and needs to be manually changed back to auto.

I'm not seeing that on hap ac3 coming from 7.4.1, nor on ac3 coming from 7.5rc2 (which also was on 7.4.1 some versions before).
Maybe you never set it to auto before when this was introduced ?

honzam · Thu Sep 01, 2022 9:03 pm

Hello. CubeG-5ac60ay with 7.5 as client = kernel failure every minute.
After downgrade to 7.4.1 = everything OK

ticket: SUP-91404
I take it this was both RouterOS and Routerboard updated to 7.5?

YES. Problem is only if CubePRO is in station bridge mode. AP mode works.
@mikrotik.com It is so hard to test before you release it to the world?

Please add warning to changelog and download page.

Remote downgrade is not possible. You need to connect via ETH. Turn off the w60g interface and then downgrade

templeos · Thu Sep 01, 2022 9:32 pm

Progress, but you still have work to do. Memory usage and Disk usage gives: ERROR: NO ACCESS!
CPU usage is fine and interfaces.
I have opposite situation with hEX S at 7.5: HDD and Memory available, but CPU missing from Resource Graphs and webfig gives "no access" to CPU.

Yes. I saw another topic that is pretty much the same like yours, but that was on a RB750Gr3 on RouterOS v7.1.3. -> viewtopic.php?p=954791
So it must be related. After an upgrade it breaks graphs.

pe1chl · Thu Sep 01, 2022 9:38 pm

The graphs work fine here. For such cases of strange behavior that other people do not see, I advise jumping through the export-netinstall-import hoop.

rb9999 · Thu Sep 01, 2022 11:45 pm

Upgraded about 5 hapac2 from 7.1.5 and 7.4.1 to 7.5 - they all seem up and running, will test out rtsp helper tomorrow, can't wait!

yo3gjc · Fri Sep 02, 2022 2:51 am

Upgraded for v741 to v75 and Mikrotik IKEv2 stop working after few minutes. Active peer up but no traffic

nichky · Fri Sep 02, 2022 5:29 am

since we got new feature with vrrp "sync-connection-tracking=yes"

what/where do we need to see that to confirm that sync-connection-tracking=yes it works.

honeyfairy · Fri Sep 02, 2022 9:37 am

BGP Session uptime bug in this version!

buset1974 · Fri Sep 02, 2022 9:48 am

For my mpls + bgp network, for safety ikeep stay on 6.49.x
My CCR2004 only test bench, so unused
To much hoping

chiem · Fri Sep 02, 2022 10:01 am

how to get to :

*) dns - added "address-list" parameter for static DNS entries (CLI only);
*) dns - added "match-subdomain" option for static entries (CLI only);

match-subdomain was demonstrated here: viewtopic.php?t=187950#p948005

It's the same functionality as using a regex, but I suppose it's a little cleaner.

I still haven't seen "address-list" demonstrated.

It would be nice if there was official documentation on these features.

abdurrazaqa · Fri Sep 02, 2022 10:51 am

Hi,
Please check on the all the Ros7 on RB1100AH*2 showing duplicates of ethernet 13 on interface real name

rextended · Fri Sep 02, 2022 10:54 am

@Maggiore81 / @eworm

Don't pollute this topic. Open a separate topic for installation package assistance, or better use search, and you'll find dozens of similar cases.
But what @Znevna suggest is right: do not upgrade remotely from v6 to v7...

revellion · Fri Sep 02, 2022 11:24 am

2x CubeG-5ac60ad constantly rebooting every 1-3 Minutes, both upgraded from 7.4.1 to 7.5.
EDIT: The issue seems to be related to the W60G interface, once disabled, the reboots stop.
Downgraded to 7.4.1 and devices are stable again with W60G interface enabled.

I have a similar issue with a pair of wireless wire that started to get flaky after upgrading from 7.4.1 to 7.5. gonna test a downgrade with netinstall today and see

Edit: downgraded to 7.4.1 with netinstall and the link is stable again.

bajodel · Fri Sep 02, 2022 11:39 am

Mikrotik devs, please .. bring back the useful [ /ip route check x.x.x.x ] command (or tell us how to do the same in v7).
Thanks

EDIT:
feature request ticket opened
SUP-91496

DL7JP · Fri Sep 02, 2022 2:10 pm

All devices with ARM cpu's are coming up at the wrong frequency after the 7.4.1 to 7.5 upgrade. You see this in the System / RouterBOARD menu. A warning appears that the cpu is not running at the default frequency. Clicking on the "Settings" button, you see it is incorrectly set to 716MHz and needs to be manually changed back to auto.

My hAP ac^2 (arm) came back with "auto".

roe1974 · Fri Sep 02, 2022 2:55 pm

Hi !
Anyone tested allready if ovpn ist stable now with this version ?
thx, Richard

swa69er · Fri Sep 02, 2022 2:56 pm

RB5009UGS v7.4.1 to v7.5 so far so good. no issue at the moment

mkx · Fri Sep 02, 2022 5:16 pm

This is really getting stale .... after upgrading Audience with wifiwave2 package from 7.4.1 to 7.5:

  MikroTik RouterOS 7.5 (c) 1999-2022       https://www.mikrotik.com/

Press F1 for help
sep/02/2022 16:13:17 system,error,critical error while running customized default configuration script: bad command name wireless (line 985 column 25)
sep/02/2022 16:13:17 system,error,critical

Is this really so hard to fix?

mozerd · Fri Sep 02, 2022 5:18 pm

CCR1009 ... upgrade from 7.4.1 to 7.5 stable

Under Winbox v3.37
Disks do not show the installed number of Disks .... attached image shows that under Files does show the proper number of disks but under Disks only 2 disks are visible

disks.GIF

Disk2 is USB and named Disk2 but as shown in screen shot as directory

Fri Sep 02, 2022 5:23 pm

Is this really so hard to fix?

There is an option to retrieve the script being used at startup, I believe ?
You should be able to see specifically what the error is about since the exact location has been mentioned ?

mkx · Fri Sep 02, 2022 5:30 pm

Is this really so hard to fix?
There is an option to retrieve the script being used at startup, I believe ?
You should be able to see specifically what the error is about since the exact location has been mentioned ?

No need to dig into it, error message says it loud and clear:

bad command name wireless

If wifiwave2 package is installed, then /interface/wireless disapears and /interface/wifiwave2 appears. So it's only necessary to wrap the legacy wireless setup with check whether legacy wireless exists or not.

My question was rather rhetorical one.

CTassisF · Fri Sep 02, 2022 5:31 pm

Is this really so hard to fix?
There is an option to retrieve the script being used at startup, I believe ?
You should be able to see specifically what the error is about since the exact location has been mentioned ?

It is probably the router trying to load the default configuration for /interface wireless which can't be done when WifiWave2 (/interface wifiwave2) is installed.
This issue was fixed some time ago in 7.5beta4 so I guess it won't happen from now on.
It's just a warning anyway. Annoying, yes, but nothing dangerous.

mkx · Fri Sep 02, 2022 5:35 pm

This issue was fixed some time ago in 7.5beta4 so I guess it won't happen from now on.

So when can I expect the fix to kick in? I did a couple of reboots after installing 7.5 (if not for other things to bring routerboot version up) and the message is shown every time ... my feelingnis that this fix is one of those that need to be included in several ROS releases before they're done correctly.

Fri Sep 02, 2022 5:36 pm

My question was rather rhetorical one.

I know it's already a long standing one waiting for an answer :lol:

CTassisF · Fri Sep 02, 2022 5:47 pm

This issue was fixed some time ago in 7.5beta4 so I guess it won't happen from now on.

So when can I expect the fix to kick in? I did a couple of reboots after installing 7.5 (if not for other things to bring routerboot version up) and the message is shown every time ... my feelingnis that this fix is one of those that need to be included in several ROS releases before they're done correctly.

I don't know, I don't have an Audience device. But this same issue used to happen to me on my hAP ac3 every so often when upgrading from one v7 to another and I haven't seen it happening again for quite some time now.

I guess doing netinstall can help in these cases (to wipe old, hidden on export configurations). Maybe an /export show-sensitive file=export + /system/reset-configuration run-after-reset=export.rsc can help too.

mkx · Fri Sep 02, 2022 6:02 pm

I guess doing netinstall can help in these cases (to wipe old, hidden on export configurations).

Perhaps. I did netinstall when first installing v7 on this device (I think it was 7.1rc2 or something) so no v6 config lingering in backgroud.
Not sure if it would work in this case though ... message clearly says it's "customized default script" doing it and AFAIK that's script which is "burned in" with netinstall. But I never installed anything like that hence it must be MT's script. Could be that issue would not arise if wifiwave2 package was installed as a part of netinstall process (it is possible to upload multiple packages) but I kind of doubt it.

Znevna · Fri Sep 02, 2022 6:10 pm

CCR1009 ... upgrade from 7.4.1 to 7.5 stable

Under Winbox v3.37
Disks do not show the installed number of Disks .... attached image shows that under Files does show the proper number of disks but under Disks only 2 disks are visible
disks.GIF

Disk2 is USB and named Disk2 but as shown in screen shot as directory

How is Disk2 and Disk3 connected?
You only seem to have one usb device connected with one partition.

mozerd · Fri Sep 02, 2022 7:05 pm

How is Disk2 and Disk3 connected?
You only seem to have one usb device connected with one partition.

Good catch Znevna …. In fact disk3 is microSD card and disk2 is microUSB …..

rextended · Fri Sep 02, 2022 8:09 pm

This is really getting stale .... after upgrading Audience with wifiwave2 package from 7.4.1 to 7.5:
[...]
Is this really so hard to fix?

@mkx
Please attach the txt files obtained on this way:

/system default-configuration print file=defaultconfigscripts

thanks.

pe1chl · Fri Sep 02, 2022 8:20 pm

When I last tried that on v7.5 (and now also on v7.6 beta) it said:
error - contact MikroTik support and send a supout file (10)

rextended · Fri Sep 02, 2022 8:26 pm

??? ah...

I tested on 7.2.1 and it works (no wifiwave2 package, is one RB5009 on production)

mkx · Fri Sep 02, 2022 9:29 pm

/system default-configuration print file=defaultconfigscripts

Currently I'm on my phone so it's not easy to attach output of command above. But guess what? Command produces only 203 lines whereas error message mentions line 985 ...

theosoft · Fri Sep 02, 2022 10:01 pm

RB5009 running 7.5. I prepared installation for 7.6 Beta. I copied the running partion to backup.
I saw strange percentages in progress bar. finaly at 760% copy progress finished :-)

Fri Sep 02, 2022 10:33 pm

@mkx

I sense it is time to netinstall again...

elgrandiegote · Sat Sep 03, 2022 1:09 am

Hi !
Anyone tested allready if ovpn ist stable now with this version ?
thx, Richard

ovpn udp, the client disconnects and the server (mikrotik) never drops the connection, even for hours...

guipoletto · Sat Sep 03, 2022 2:46 am

*) interface - fixed default interface naming on RB1100x2;

<< i'm having trouble testing this one

on a RB1100AHX2 running 7.4, the total used disk space is 43.5MB, leaving 20.5Mb free, when 20.6 are required for the update

/export yields a 12K file, and the backup file is 340K (not that big...) and /files is clean (deleted all old backups and export files)

any suggestions? (except Netinstall)

rextended · Sat Sep 03, 2022 3:25 am

@mkx

sep/02/2022 16:13:17 system,error,critical error while running customized default configuration script: bad command name wireless (line 985 column 25)
sep/02/2022 16:13:17 system,error,critical

When the "get-custom-defconf" is interrupted for some reason, the "flag" get-custom-defconf runned successfully is not set, and everytime at reboot it try to run the script,
is why everytime, for every reboot, you get that error.
(The error is on the file "get-custom-defconf" on system package, not on wifiwave2 package)

MikroTik Staff, please, deliver to who manage the get-custom-defconf script this message:

   # wait wlan3 it takes 7sec slower to load than wlan1/2 on Audience
    $addCL ("  :local count 0;")
    $addCL ("  :while ([/interface wireless find default-name=\"wlan3\"] = \"\") do={ ")
    $addCL ("    :if (\$count = 15) do={")
    $addCL ("      :log warning \"DefConf: Unable to find wlan3 interface\";")
    $addCL ("      /quit")
    $addCL ("    }")
    $addCL ("    :delay 1s; :set count (\$count +1);")
    $addCL ("  };")

    # TODO: set band and ext, probably use setWlan function
    $addCL ("  /interface wireless {")
    $addCL ("    :local wl3 [find default-name=\"wlan3\"]")
    $addCL ("    :local wlanMac  [get \$wl3 mac-address];")
    $addCL ("    :set ssid \"SYNC-\$[:pick \$wlanMac 9 11]\$[:pick \$wlanMac 12 14]\$[:pick \$wlanMac 15 17]\"")
    $addCL ("    set \$wl3 disabled=no mode=ap-bridge band=5ghz-a/n/ac ssid=\$ssid security-profile=wpsSync wps-mode=push-button")
    # set channnel width 20/40/80mhz-XXXX (russia 20/40mhz-XX)


<<< LINE 983 >>>    # wait wlan3 it takes 7sec slower to load than wlan1/2 on Audience
    :local count 0;
<<< @mkx LINE 985 >>>    :while ([/interface wireless find default-name="wlan3"] = "") do={
      :if ($count = 30) do={
        :log warning "DefConf: Unable to find wlan3 interface";
        /quit
      }
      :delay 1s; :set count ($count +1);
    };

<<< LINE 993 >>>    :local hwInfo [/interface wireless info hw-info [.. find where default-name="wlan3"] as-value];
      $addDL ("#|     channel-width: 20/40mhz-XX;")
<<< LINE 995 >>>      $addCL ("    set \$wl3 channel-width=20/40mhz-XX")
    $addCL ("  };")
}

Accidentally the already converted block was not deleted, old code and unused chunks were left from line 983 to line 995.
[Also on line 993 is present a useless local variable (never used anywhere) that give error, becase call directly /int wireless for set his value]

Simply deleting the lines from 983 to 995 solve the Audience problem.

Thanks.

roe1974 · Sat Sep 03, 2022 8:32 am

Hi !
Anyone tested allready if ovpn ist stable now with this version ?
thx, Richard

ovpn udp, the client disconnects and the server (mikrotik) never drops the connection, even for hours...

.... means the connection stays open at the mikrotik router (ovpn server) even if the client disconnect ?

mobyfab · Sat Sep 03, 2022 1:37 pm

I confirmed this on my 2115 as well. L3HW switching was enabled on the switch and NAT worked prior to 7.5. After upgrade NAT was broken until I disabled L3HW switching on the switch.

Before 7.5, FastTrack NAT connections could be reported as hw-offloaded despite still getting processed by the CPU. In 7.5 those are actually hw-offloaded. Maybe the problem is that the hardware cannot handle some types of connections (e.g. a tunneled connection), so those shouldn't be offloaded in the first place. Please create a support ticket, so we can investigate the problem.

I'm having the same issue. Those connections were definitely offloaded (no cpu activity at high rates) before and worked fine.

elgrandiegote · Sat Sep 03, 2022 7:29 pm

ovpn udp, the client disconnects and the server (mikrotik) never drops the connection, even for hours...
.... means the connection stays open at the mikrotik router (ovpn server) even if the client disconnect ?

yes, even with the option explicit-exit-notify 1
the server does not drop the connection and the client when reconnecting gives an error that it is already in use

pe1chl · Sat Sep 03, 2022 7:59 pm

I would not recommend mixing the use of OpenVPN with MikroTik OVPN. It is not the same thing. And it is not tracking the releases of the real thing.
It seems better to run a small container with the real OpenVPN software.

rumahnetmks · Sun Sep 04, 2022 2:39 pm

hapAC3 upgrade works fine, no noticeable error so far.
Time to test Container ^_^

Rox169 · Sun Sep 04, 2022 4:03 pm

no need to quote preceding post - use "Post Reply"

Hi,

im just wondering which container app will you try? Hap AC3 has limited cpu power..

gaid78 · Mon Sep 05, 2022 9:11 am

marked this one device

ssbaksa · Mon Sep 05, 2022 11:06 am

Hi,
I have successfully updated few CRS226-24G-2S+, and RBwAPR-2nD, 2011UiAS-2HnD, CRS326-24G-2S+ but my RB1200 doesn't "like" this update. It shows it as available but that's it. Update process can't find it on-line. I can do it manually but ...

[admin@ko4-mt-internet-1] /system package update> check-for-updates
channel: upgrade
installed-version: 6.49.6
latest-version: 7.5
status: New version is available
[admin@ko4-mt-internet-1] /system package update> install
channel: upgrade
installed-version: 6.49.6
latest-version: 7.5
status: routeros-powerpc-7.5.npk missing, use ignore-missing or disable package(s)

Mon Sep 05, 2022 11:58 am

This has happened in the past because of a change in naming convention and it was specifically on powerpc if my memory serves me well (why on earth they decided to do that eludes me. At least they could have foresee a shortcut-link to the old naming for these cases :rolleyes: ).
Since you move from 6.xx to 7.xx this might very well be the problem here.

Can you update manually ?
Subsequent versions should go fine then.

jbl42 · Mon Sep 05, 2022 12:00 pm

Updated two RB4011 and one RB5009 in our testlab and one RB5009 at my home network 7.4.1 -> 7.5 without issues so far.
Used features: intra VLAN routing (no BGP/OSPF) with srcNAT towards WAN, bridging 5-7 VLANs with HW filtering, 30-50 FW rules, some simple queues, NTP server/client, DHCP server/client, IPsec, Wireguard

Nevon · Mon Sep 05, 2022 12:07 pm

Upgraded a CRS354-48P-4S+2Q+RM MLAG paired stack. After this weekend customer reported extreme slow network speed.
Made a return to 7.2.3 and now everything works again.

I made a ticket with Mikrotik support last week when we ran into a problem on SW02 in the MLAG stack where port 1-12 stopped working for some users. I was recommended to upgrade to 7.5. I did this this weekend and today I got the from the customer that network was slow. I tried to pinpoint the problem. Made 2-3 speedtest from servers and had full speed. But traffic internal like SQL, SMB and RDP where very slow. At some time my winbox timed out towards both switches. When I connected to the switches with mgmt on bridge it was also slow and hard to download and upload files.
Connected with cable to MGMT port and MAC adress then it was OK. Didn't have time for more so I downgraded to 7.2.3 that we had been running for some months before without problems.

Dude2048 · Mon Sep 05, 2022 12:11 pm

Can you elaborate on that problem?

Rox169 · Mon Sep 05, 2022 12:44 pm

Hi,

Still no fix for 60 GHz devices? No info in firmware log to warn users with those devices?

Nevon · Mon Sep 05, 2022 12:58 pm

Can you elaborate on that problem?

Updated my ticket.

ruwi000 · Mon Sep 05, 2022 5:50 pm

how to get to :

*) dns - added "address-list" parameter for static DNS entries (CLI only);
*) dns - added "match-subdomain" option for static entries (CLI only);
match-subdomain was demonstrated here: viewtopic.php?t=187950#p948005

It's the same functionality as using a regex, but I suppose it's a little cleaner.

I still haven't seen "address-list" demonstrated.

It would be nice if there was official documentation on these features.

Could address-list be related to views in DNS? Different clients getting different answers?

benlg · Mon Sep 05, 2022 5:58 pm

Upgraded a CRS354-48P-4S+2Q+RM MLAG paired stack. After this weekend customer reported extreme slow network speed.
Made a return to 7.2.3 and now everything works again.

What about 7.4.1 ?

armandfumal · Mon Sep 05, 2022 11:25 pm

Issue showing uptime and Remote ID of BGP SESSIONS after upgrading to 7.5
This problem was introduced in the 7.5beta and reported, but it has been ignored so now it ends up in the "stable" release...

same issue CCR2216....crazy to have bug like this,..Is it me or BGP is not an important protocol to be first running correctly on V7 ?

spippan · Tue Sep 06, 2022 1:26 am

This problem was introduced in the 7.5beta and reported, but it has been ignored so now it ends up in the "stable" release...
same issue CCR2216....crazy to have bug like this,..Is it me or BGP is not an important protocol to be first running correctly on V7 ?

hope this gets sorted soon
have some tiks and ~4-6 bgp sessions to manage and still no correct "prefix counter"

Sob · Tue Sep 06, 2022 2:55 am

Could address-list be related to views in DNS? Different clients getting different answers?

No, it adds resolved addresses to address list. AFAIK there's still no official documentation, so check this: viewtopic.php?p=952360#p952360

rumahnetmks · Tue Sep 06, 2022 8:47 am

no need to quote preceding post - use "Post Reply"
Hi,

im just wondering which container app will you try? Hap AC3 has limited cpu power..

Hi there. I will try hAP-AC3 with pihole or AdGuard. This router is just for a small home network (really small network :D).
Since from mikrotik manual help page mention about its better to have different storage for the container, hAP-AC3 i think better with its USB port (will use USB to Sata3 SSD).
Moreover I'm just a noob that try to learn :D

Ah. Later I check adguard need min 256MB RAM while pihole 512MB. Sadly hAPAC3 only 256MB RAM...
Too much if have to switch to RB5009, while AX2 dont have USB.
Will wait for AX3 (pls have USB3 :D)

ssbaksa · Tue Sep 06, 2022 9:14 am

This has happened in the past because of a change in naming convention and it was specifically on powerpc if my memory serves me well (why on earth they decided to do that eludes me. At least they could have foresee a shortcut-link to the old naming for these cases :rolleyes: ).
Since you move from 6.xx to 7.xx this might very well be the problem here.

Can you update manually ?
Subsequent versions should go fine then.

With manual package upload and reboot it works just fine. There was no problem with version change but since this is spare/test router I didn't expect problems.
I couldn't say the same for updating main one because I am reluctant to try it for now. That one is essential and I must get permission for update/reboot.

Well, name change! Huh! Why would you do that? There should be a symlink or something like that to ease transition.

Tnx for pointing me to right direction.

ttrs · Tue Sep 06, 2022 1:13 pm

Openvpn mikrotik-to-mirkotik is still not tested before stable releases and is not working, since 7.4 viewtopic.php?t=187760#p946943

EDIT: must be verified: viewtopic.php?p=955836#p955836

PUDIS · Tue Sep 06, 2022 5:44 pm

After upgrade CCR1016 from V6.49.6 to V7.5 - IPsec NAT not working anymore!
Downgrade back to 6.49.6 ... and working again

rextended · Tue Sep 06, 2022 5:46 pm

This is too general, it may depend on how you have configured the device.
There have been many changes from 6.x to 7.x, especially in BGP and Routing,
which probably make the configuration incompatible with what you expect.

mmc · Tue Sep 06, 2022 6:11 pm

ros 7.5 stable breaks pppoe / l2tp with ip pool.

the used ip pool adresses never get released when a ppp session ends. after a while (two days) the whole pppoe server crashed with the log message 'cannot create service connection'. a downgrade to 7.4.1 fixed the problem...

kenyloveg · Tue Sep 06, 2022 6:35 pm

According the help page
https://help.mikrotik.com/docs/display/ROS/Container

/container/set 0 start-on-boot=yes

while i get bad command

johnson73 · Tue Sep 06, 2022 6:49 pm

after upgrade from v6.49.6 to v7.5 on CCR1009 without problems.
I wonder why the new Ros v7 consumes so much more memory? For example, on the CCR1009 router with v.6.49.6, the ram consumption was around 740MiB at medium load
With version v7.5 ram already shows 670 MiB. What if I put this version on hAP lite which has only 32Mib total memory? Will he be able to work with this?

pe1chl · Tue Sep 06, 2022 6:51 pm

It is not advisable to install RouterOS v7 on a hAP lite or hAP mini.

marlab · Tue Sep 06, 2022 11:10 pm

Is anyone else having problems with Capsman? With 7.5 I had to give up using Capsman, as the speed with hap ac2 access points went down to 30 Mbps... :/ The same devices without Capsman are easily reaching over 250 Mps... Capsman is installed on the main router, RB4011, I use vlans, so I do not see a reason for such a drastic drop in wireless speed.

Wed Sep 07, 2022 1:46 am

Too many other variables which might be responsible for that speed drop instead of blaming capsman.
Best to start a separate thread and post your config so it can be inspected.

nclmrc · Wed Sep 07, 2022 9:27 am

Is anyone else having problems with Capsman? With 7.5 I had to give up using Capsman, as the speed with hap ac2 access points went down to 30 Mbps... :/ The same devices without Capsman are easily reaching over 250 Mps... Capsman is installed on the main router, RB4011, I use vlans, so I do not see a reason for such a drastic drop in wireless speed.

i had a similar problem; streaming and file trasnfer in LAN stopped suddenly, i resolved downgrade to 7.4.1 all CHR, Hex POE, HAP AC, then i reinstalled 7.5 starting from CHR (no problem) then Hex POE (no problem) then HAP AC (no problem)

marlab · Wed Sep 07, 2022 10:19 am

Too many other variables which might be responsible for that speed drop instead of blaming capsman.

Too many variables? Capsman ON = low speed. Capsman off and individual access points activated on hap a2 = full speed. The location of Capsman (server) does not seem to be relevant (I've tried 2 routers). When Capsman is on, the traffic seems to go via CPU on hAP (load goes up to ca. 50%). When it is off, traffic goes via vlans and CPU remains below 10%. There are no firewall/NAT/mange rules activated, no other tunnels on hAP ac2 devices.

LSan83 · Wed Sep 07, 2022 10:40 am

With local forwarding activated or disabled? If you want speed you need to use local forwarding in Capsman.

rextended · Wed Sep 07, 2022 11:08 am

@marlab

@holvoetn wrote
Best to start a separate thread and post your config(s) so it can be inspected.

@LSan83: se rispondi al post sopra, per favore non quotare.

ssbaksa · Wed Sep 07, 2022 11:32 am

Openvpn mikrotik-to-mirkotik is still not tested before stable releases and is not working, since 7.4 viewtopic.php?t=187760#p946943

I have tested it and it works for me. At home (server) 2011UiAS-2HnD with 7.5 installed. At work, as a separate router (only for this test , all other traffic is routed trough other routers) RB952Ui-5ac2nD - hAP ac lite with ROS 7.5 as a client. It all works well. No disconnects observed.

Normally I use OpenVPN client on Windows 10 or in Linux Mint to connect to home office and other sites. No problems observed. And I am using this setup for at least 5 years.

own3r1138 · Wed Sep 07, 2022 11:51 am

No disconnects were observed.

Key encryption renewal process which caused periodic session disconnects. as the change log clearly said. Although still, one problem exists, rarely does a client get disconnected for whatever reason But, the server shows the connection active.

marlab · Wed Sep 07, 2022 12:22 pm

With local forwarding activated or disabled? If you want speed you need to use local forwarding in Capsman.

Enabled of course. That's why I mentioned this problem in 7.5 thread, I've been using Capsman for a while..

Wed Sep 07, 2022 12:53 pm

Wifi settings the same with and without capsman ?
Same channels ?
Same width ?
Same security ?
...

rextended · Wed Sep 07, 2022 4:14 pm

According the help page
https://help.mikrotik.com/docs/display/ROS/Container
Code: Select all
/container/set 0 start-on-boot=yes
while i get bad command

@Znevna is right

What's new in 7.6beta6 (2022-Sep-07 12:06):
*) container - added "start-on-boot" parameter for automatic container startup;

pe1chl · Wed Sep 07, 2022 5:36 pm

It sucks that the help.mikrotik.com site does not mention version numbers or has different "views" depending on version numbers.
How is a user of stable version 7.5 supposed to know that a feature described in the online manual is not available in that version, but only in the next beta?
So either each newly added feature/command should have some standard note like "available from version 7.6" or there should be a selection at the top where you can set "see the manual as it is for 7.5" where all new entries added for later versions are not visible...

szeffancs · Thu Sep 08, 2022 9:52 am

Hy everyone!

I have a problem with Router OS 7.5 on my LTAP mini (RB912r-2ND-ltn).
My Ipsec connection dose not work while I upgrade on 7.4.1 to 7.5 OS.
The firmware type is qca9531L, current firmware is 7.5.
Anybody knows what a problem is?

I see my log where I find that massage
ipsec,error unable to get local issuer certificate(20) at depth:0 cert:(this is my remote certificate name)

thanks

own3r1138 · Thu Sep 08, 2022 10:43 am

ipsec,error unable to get local issuer certificate(20) at depth:0 cert:(this is my remote certificate name)

A simple google search will do more than enough.
mikrotik ipsec,error unable to get local issuer certificate(20) at depth:0 cert site=https://forum.mikrotik.com

viewtopic.php?t=162145
viewtopic.php?t=145608

Larsa · Thu Sep 08, 2022 12:11 pm

It sucks that the help.mikrotik.com site does not mention version numbers or has different "views" depending on version numbers...

Concur indeed. And since the help site is using Confluence/JIRA it should be no problem to version control the help pages if they ever should choose to do so.

szeffancs · Thu Sep 08, 2022 12:30 pm

ipsec,error unable to get local issuer certificate(20) at depth:0 cert:(this is my remote certificate name)
A simple google search will do more than enough.
mikrotik ipsec,error unable to get local issuer certificate(20) at depth:0 cert site=https://forum.mikrotik.com

viewtopic.php?t=162145
viewtopic.php?t=145608

Thanks for the nothing because there's no answer these websites to my problems! My certificates just work fine...

rextended · Thu Sep 08, 2022 12:37 pm

Thanks for the nothing

nice s–t answer...

own3r1138 · Thu Sep 08, 2022 1:12 pm

Thanks for the nothing because there's no answer these websites to my problems! My certificates just work fine...

You're welcome anyway. :)

mmc · Thu Sep 08, 2022 6:11 pm

for me ospf v3 with ipv6 multiple instances doesn't work with ros7.5 'stable'.
only the first ipv6 interface sends ospf packets, all others stay in passive by themself and just do nothing. happens only when you have multiple instances & areas.

anybody got this working?

anrich · Fri Sep 09, 2022 10:31 am

Hy everyone!

I have a problem with Router OS 7.5 on my LTAP mini (RB912r-2ND-ltn).
My Ipsec connection dose not work while I upgrade on 7.4.1 to 7.5 OS.
The firmware type is qca9531L, current firmware is 7.5.
Anybody knows what a problem is?

I see my log where I find that massage
ipsec,error unable to get local issuer certificate(20) at depth:0 cert:(this is my remote certificate name)

thanks

I had a feeling this might be related to ROS7.5, I'm experiencing the same issue: viewtopic.php?p=955390

Have you found a solution yet? I haven't made any progress unfortunately.

own3r1138 · Fri Sep 09, 2022 10:51 am

this might be related to ROS7.5

2022-09-09_12-17-47.jpg

Timti · Fri Sep 09, 2022 11:11 am

My wAP 60Gx3 AP does not work with v7.5!
When I ping my wAP 60Gx3 AP, it keeps disconnecting on Ethernet.
In the terminal I found:

mikrotik system,error,critical kernel failure in previous boot

I downgraded to 7.4 and now everything works as usual.

anrich · Fri Sep 09, 2022 11:12 am

this might be related to ROS7.5
2022-09-09_12-17-47.jpg

Interesting. Are you using NordVPN? Did you load any certificates other than the Root CA certificate?

Screenshot from 2022-09-09 10-07-13_redact.png

aurelmarius · Sun Sep 11, 2022 11:49 am

CCR1009 running routeros 7.5 stable, when i try to set up pimsm, router reboots with kernel panic.

Chiara · Mon Sep 12, 2022 6:11 pm

Dear Sirs,

I've noticed "secrets" have disappeared from exported .rsc configuration files, is there a way to take these back in the file?

Thanks, BR

eworm · Mon Sep 12, 2022 6:12 pm

/export show-sensitive

Jotne · Mon Sep 12, 2022 7:06 pm

I can confirm that in 7.5 user password is not sown even with show-sensitive (do not remember if I have seen them)

/user> export show-sensitive
/user
add address=192.168.10.0/24 comment="system default user" disabled=yes group=full name=admin
add group=full name=demo
add address=192.168.10.50/32 comment="Use to get remote SSH information." group=full name=admin-ssh

But it does show password for ipsec key when using show-sensitive

/ip/ipsec/identity> export  show-sensitive
/ip ipsec identity
add generate-policy=port-override peer=peer1 remote-id=ignore secret=Complicated_Password

/ip/ipsec/identity> export 
/ip ipsec identity
add generate-policy=port-override peer=peer1 remote-id=ignore

moskovskiy82 · Mon Sep 12, 2022 8:23 pm

Is there any FAQ what to expect when switching from stable 6.49?

Dalo · Tue Sep 13, 2022 9:33 am

Upgraded a CRS354-48P-4S+2Q+RM MLAG paired stack. After this weekend customer reported extreme slow network speed.
Made a return to 7.2.3 and now everything works again.
What about 7.4.1 ?

I had the same behavior with 7.4.1, extreme low speed over the LAN, in RB3011, and hEX POE, causing to roll back to the previous version. For the moment the most stable version for my environment is 7.3.1.

soulreaver1 · Tue Sep 13, 2022 5:53 pm

Recently I've updated the following RBs. I have had only issues with updating RB1100x2 and RB1200 - needed to manually update them becouse the RouterOS was unable to download the update.

CCR1009-7G-1C-1S+ (3 pieces)

1100x2 (3 pieces)

1100Dx4 Dude Edition

1200

2011UiAS

951G-2HnD (2 pieces)

750Gr3

Tue Sep 13, 2022 5:57 pm

@soulreaver1:
RB1100/1200:
Coming from which version ?
There was a "hickup" for powerPC where the naming convention of the update files was changed on server-side so it could not retrieve the updates automagically anymore.
Probably that was your problem.
(I still call it neglect that no symlink was foreseen for the old naming to circumvent such issues...)

soulreaver1 · Wed Sep 14, 2022 9:49 am

@holvoetn All devices were at 6.49.6 before updating to 7.5.

Chiara · Wed Sep 14, 2022 4:37 pm

RB912R-2nD upgraded from 6.49.6 to 7.5, is it standard behavior that lte1 iterface goes down every 4 hours?

lte1 link down
lte1: not registred, state: 0
lte1: registered home
lte1 link up

this haappen exactly every 4 hours: i.e.
14:34:29
10:34:29
06:34:29 and so on
Is there some scheduler that can be removed to avoid this?

nmt1900 · Wed Sep 14, 2022 7:53 pm

All devices with ARM cpu's are coming up at the wrong frequency after the 7.4.1 to 7.5 upgrade. You see this in the System / RouterBOARD menu. A warning appears that the cpu is not running at the default frequency. Clicking on the "Settings" button, you see it is incorrectly set to 716MHz and needs to be manually changed back to auto.

That is interesting - has the default changed with introduction of v7, because at least as far as i remember all ipq4000 devices were defaulted to this same 716 MHz before and same is mentioned in the hardware specifications as well (yes I know that "auto" setting was there in v6 for quite some time...)?

I finally jumped on v7 bandwagon and this was the first surprise I got - and yes warning disappeared when frequency was set to "auto" and it was immediately obvious that frequency change behaviour is different than it was on v6 with "auto" setting - at least ipq4000 now jumps all over the place from 448 up to 800+ MHz. It was way more "conservative" on v6.

pothi · Thu Sep 15, 2022 4:57 am

@Chiara There is no new scheduler in RouterOS 7.5, as far as I know. Kindly create a support ticket. Support staff may guide you with troubleshooting this specific issue.

Paternot · Thu Sep 15, 2022 5:41 am

That is interesting - has the default changed with introduction of v7, because at least as far as i remember all ipq4000 devices were defaulted to this same 716 MHz before and same is mentioned in the hardware specifications as well (yes I know that "auto" setting was there in v6 for quite some time...)?

Before the CPU was running at a fixed frequency: 716MHz. This is why it's set to 716MHz after upgrade. Problem is: RoS now wants to run with "auto", and shows this complain when set to 716MHz.

rextended · Thu Sep 15, 2022 10:58 am

@pothi

@Chiara ...

Can be simply the LTE operator that do not want one user to stay linked forever...

LSan83 · Thu Sep 15, 2022 11:15 am

@Chiara
With which operator you have the reset of connection?
Wind3 in Italy? They reset every connection after 4 hours, you can't avoid this.

pe1chl · Thu Sep 15, 2022 11:48 am

Wind3 in Italy? They reset every connection after 4 hours, you can't avoid this.

He wrote that he upgraded from 6.49.6 to 7.5. But he did not tell if before it was the same thing. Hopefully he watched the logging before he upgraded.
Here with T-Mobile it is normal that the connection is interrupted every 24 hours. But sometimes I see interruption every 8 hours for a while.
Probably the providers are playing with such a parameter to try to solve problems in their network, e.g. overloading of particular cells.

mkx · Thu Sep 15, 2022 2:21 pm

Probably the providers are playing with such a parameter to try to solve problems in their network, e.g. overloading of particular cells.

Mobility is taken very seriously in standardization phase of every generation of mobile technology ... so no, disconnecting clients is not necessary to move users between cells. And it doesn't work for "smart" clients who use cell lock on their devices anyway. There are a few other problems MNOs might try to solve by disconnecting clients, one is clearing up PDP/EPS contexts in their core network nodes (in the same manner as rebooting computer to "fix" memory leak), another one is making sure clients (at least most of them) don't run service off their mobile subscription plan (with its dumping price).

pe1chl · Thu Sep 15, 2022 7:34 pm

another one is making sure clients (at least most of them) don't run service off their mobile subscription plan (with its dumping price).

Normally the clients are behind CGNAT so running services on them does not make much sense anyway.
We use 4G backup of fixed line connection to branch routers, I have L2TP/IPsec from the branch to the central office and every day they disconnect and reconnect.
Fortunately the disconnects are done at exact 24h intervals (normally) and as I have a secheduled job to apply updates during the night, the disconnects also happen during the night.

rushlife · Sun Sep 18, 2022 9:31 am

Hi,
yesterday first problem with 7.5stable.
On RBLHGG-60ad units, boot error, kernel panic.
Reverting back to 7.4.1 solved that problem.

Be careful with upgrade on these units guys.

HasanAlawlaki · Mon Sep 19, 2022 12:11 pm

بدون عنوان.png

No session time left
No limit bytes total

How to fix that

Rox169 · Mon Sep 19, 2022 1:03 pm

Hi,
yesterday first problem with 7.5stable.
On RBLHGG-60ad units, boot error, kernel panic.
Reverting back to 7.4.1 solved that problem.

Be careful with upgrade on these units guys.

Be carefull on 7.4.1 I had problem on ROS 7.4 few days ago....I upgraded especially because this fix *) w60g - improved interface initialization after being inactive for a while;

But on WAP60Ghz happend exactly what should this fix fixed.

ArShuRaZ · Mon Sep 19, 2022 4:35 pm

ping - improved service stability;

Is this version (7.5) already fixed ping issue (Cannot ping to everywhere after run for a while)?

eworm · Mon Sep 19, 2022 4:36 pm

Is this version (7.5) already fixed ping issue (Cannot ping to everywhere after run for a while)?

Yes.

ArShuRaZ · Mon Sep 19, 2022 4:45 pm

thank you :)

prawira · Tue Sep 20, 2022 8:16 am

the recursive work, but no recursive via words on /ip route menu

the display of routing table sometime does not represent the current situation after the interface changed.

the table routing have to close and open again to see the correct situation

pe1chl · Tue Sep 20, 2022 11:10 am

the recursive work, but no recursive via words on /ip route menu

You may need to enable an extra column in the display to see that.

rb9999 · Tue Sep 20, 2022 10:21 pm

Issues upgrading RB951-2n frmo 7.1.5 to 7.5.0... nothing fancy, some vlans, some bridged ports, it seems its reverts to 7.1.5 and gets unresponsive.

rb9512n-715-750.png

prawira · Wed Sep 21, 2022 5:00 am

dear pe1chl,

normally we can see recursive via both on gui and cli. i can not see it on v7.x; check on target-scope>30

also, no-more unreachable (U) and or prohibit (P) options for routing, thus no (B) flag shown on blackhole entries.

/ip route
add check-gateway=ping disabled=no distance=1 dst-address=10.1.2.0/30 gateway=10.1.1.2
add check-gateway=ping disabled=no distance=1 dst-address=10.1.3.0/30 gateway=10.1.2.2 target-scope=31
add check-gateway=ping disabled=no distance=1 dst-address=192.168.2.0/29 gateway=10.1.1.2
add check-gateway=ping disabled=no distance=1 dst-address=192.168.3.0/29 gateway=10.1.2.2 target-scope=31
add check-gateway=ping disabled=no distance=1 dst-address=192.168.4.0/29 gateway=10.1.3.2 target-scope=32
add disabled=no distance=2 dst-address=10.1.2.0/30 gateway=10.1.4.1
add disabled=no distance=2 dst-address=10.1.3.0/30 gateway=10.1.4.1
add disabled=no distance=2 dst-address=192.168.2.0/29 gateway=10.1.4.1
add disabled=no distance=2 dst-address=192.168.3.0/29 gateway=10.1.4.1
add disabled=no distance=2 dst-address=192.168.4.0/29 gateway=10.1.4.1
[admin@R1] /ip/route> print detail
Flags: D - dynamic; X - disabled, I - inactive, A - active; c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, y - copy; H - hw-offloaded; + - ecmp 
   DAd   dst-address=0.0.0.0/0 routing-table=main pref-src="" gateway=10.31.31.1 immediate-gw=10.31.31.1%ether1 distance=1 scope=30 target-scope=10 vrf-interface=ether1 suppress-hw-offload=no 

   DAc   dst-address=10.1.1.0/30 routing-table=main gateway=ether3 immediate-gw=ether3 distance=0 scope=10 suppress-hw-offload=no local-address=10.1.1.1%ether3 

 0   s   dst-address=10.1.2.0/30 routing-table=main pref-src="" gateway=10.1.4.1 immediate-gw=10.1.4.1%ether4 distance=2 scope=30 target-scope=10 suppress-hw-offload=no 

 1  As   dst-address=10.1.2.0/30 routing-table=main pref-src="" gateway=10.1.1.2 immediate-gw=10.1.1.2%ether3 check-gateway=ping distance=1 scope=30 target-scope=10 suppress-hw-offload=no 

 2   s   dst-address=10.1.3.0/30 routing-table=main pref-src="" gateway=10.1.4.1 immediate-gw=10.1.4.1%ether4 distance=2 scope=30 target-scope=10 suppress-hw-offload=no 

 3  As   dst-address=10.1.3.0/30 routing-table=main pref-src="" gateway=10.1.2.2 immediate-gw=10.1.1.2%ether3 check-gateway=ping distance=1 scope=30 target-scope=31 suppress-hw-offload=no 

   DAc   dst-address=10.1.4.0/30 routing-table=main gateway=ether4 immediate-gw=ether4 distance=0 scope=10 suppress-hw-offload=no local-address=10.1.4.2%ether4 

   DAc   dst-address=10.31.31.0/24 routing-table=main gateway=ether1 immediate-gw=ether1 distance=0 scope=10 suppress-hw-offload=no local-address=10.31.31.230%ether1 

   DAc   dst-address=192.168.1.0/29 routing-table=main gateway=ether2 immediate-gw=ether2 distance=0 scope=10 suppress-hw-offload=no local-address=192.168.1.1%ether2 

 4   s   dst-address=192.168.2.0/29 routing-table=main pref-src="" gateway=10.1.4.1 immediate-gw=10.1.4.1%ether4 distance=2 scope=30 target-scope=10 suppress-hw-offload=no 

 5  As   dst-address=192.168.2.0/29 routing-table=main pref-src="" gateway=10.1.1.2 immediate-gw=10.1.1.2%ether3 check-gateway=ping distance=1 scope=30 target-scope=10 suppress-hw-offload=no 

 6   s   dst-address=192.168.3.0/29 routing-table=main pref-src="" gateway=10.1.4.1 immediate-gw=10.1.4.1%ether4 distance=2 scope=30 target-scope=10 suppress-hw-offload=no 

 7  As   dst-address=192.168.3.0/29 routing-table=main pref-src="" gateway=10.1.2.2 immediate-gw=10.1.1.2%ether3 check-gateway=ping distance=1 scope=30 target-scope=31 suppress-hw-offload=no 

 8   s   dst-address=192.168.4.0/29 routing-table=main pref-src="" gateway=10.1.4.1 immediate-gw=10.1.4.1%ether4 distance=2 scope=30 target-scope=10 suppress-hw-offload=no 

 9  As   dst-address=192.168.4.0/29 routing-table=main pref-src="" gateway=10.1.3.2 immediate-gw=10.1.1.2%ether3 check-gateway=ping distance=1 scope=30 target-scope=32 suppress-hw-offload=no

Znevna · Wed Sep 21, 2022 7:10 am

Dear @prawira (trainer), I suggest to read the documentation provided that brings some answers to some of the things you've mentioned.
Moving from ROSv6 to v7 with examples

v7 introduces a new menu /routing route, which shows all address family routes as well as all filtered routes with all possible route attributes. /ip route and /ipv6 route menus are used to add static routes and for simplicity show only basic route attributes.
For more in-depth information on routing see this article (IP Routing).

pe1chl · Wed Sep 21, 2022 12:20 pm

normally we can see recursive via both on gui and cli. i can not see it on v7.x; check on target-scope>30

also, no-more unreachable (U) and or prohibit (P) options for routing, thus no (B) flag shown on blackhole entries.

That is all correct. There are no unreachable or prohibited routes anymore, and when you had them they are converted to blackhole.
And blackhole is no longer a flag. There is a separate column "Blackhole" with a yes/no value in it.
As Znevna already wrote, a lot of things have changed in the routing between v6 and v7 and you will have to learn about it. These are not bugs.

anoka · Mon Sep 26, 2022 1:46 am

Hi!

When I use CAPsMAN for local WLAN interface, then it's displayed as disabled port, but running.

[…]

rextended · Mon Sep 26, 2022 1:50 am

@anoka
Do you talk to others by images?
Did you see that there are two red writing above the wireless interface?
Maybe try reading them.

For help open another topic and do not continue here.

Tue Sep 27, 2022 12:34 pm

Upgraded cAP AC XL from 6.49.6 using Winbox.
After reboot, device became unresponsive.

Netinstall 7.5 doesn't seem to work (linux). It requests the package, it starts and then it starts all over again after some time.
Same with 6.49.6 and latest 7.6beta.

Sweet ... I've got a couple of other XLs, I guess I keep them on 6.49.6 for now.
SUP-93559 created.
EDIT: got a first reply, this is going to be fun if the response I get is to use netinstall ...

Tue Sep 27, 2022 2:02 pm

Success !
Powered everything down incl laptop with Linux.
Went for lunch
Powered everything up again and used netinstall.
Instead of nothing after the recognition of the device, I immediatelly saw a line "formatting". And then I knew it was going to work !
cAP XL is running 7.6beta8 now.

But something ODD: it remembered the user passwd (I did change it before the upgrade, one of the first things I do on a new device next to activating ROMON).
Also on wireless I changed (before upgrade) the settings for country and installation. Those were remembered as well.
Ergo: netinstall did not format that device completely...

mkx · Tue Sep 27, 2022 4:16 pm

User manual, the linux section, describing command line options for netinstall executable, mentions

-r resets the configuration upon reinstallation procedure, optional

So by default, linux netinstall keeps configuration.

Znevna · Tue Sep 27, 2022 4:19 pm

Don't use netinstall on an empty stomach.

mkx · Tue Sep 27, 2022 4:24 pm

Before using netinstall, have a light meal and read some literature ;-)

Tue Sep 27, 2022 4:26 pm

@mkx: hmmm ... missed that. Good to know !
But then it is inconsistent with the Windows version since there you explicitely need to tick the option to keep user config.
Confusing ...

@Znevna: seems to be a solution for quite a lot of things.

mkx · Tue Sep 27, 2022 6:11 pm

@mkx: hmmm ... missed that. Good to know !
But then it is inconsistent with the Windows version ...

The inconsistence continues beyond that ... UI is completely different.
I'm not trying to argue about what you're saying, what I'm trying to say is that both versions (linux and windows), although having same name and basically doing same job, are completely different beasts. Additionally, CLI doesn't offer any clues about available toggles and switches, so reading manual is pretty smart thing to do (which I usually try to avoid myself as well, making me sound a smart ass right now).

gotsprings · Sun Oct 02, 2022 2:56 am

Took a factory Fresh RB3011 and Updated it to 7.5.

Opening terminal would cause the CPU to shoot up and terminal not to work.

Downgraded to 7.4.1 and saw a warning that stated there had been a reboot for kernel failure.

Will check the router in a few days and see if its stable. It was a had to replace a unit that ate some voltage during a storm.

/log print
 18:50:00 system,error,critical router was rebooted without proper shutdown, pro
bably kernel failure
 18:50:01 system,error,critical kernel failure in previous boot

Znevna · Sun Oct 02, 2022 11:14 am

I'd stay with v6 on that one.

gotsprings · Sun Oct 02, 2022 11:17 am

Can't.

System requires Wireguard.

Should be using Zerotier... Which also requires 7.x + extra packages.

Sun Oct 02, 2022 12:04 pm

Took a factory Fresh RB3011 and Updated it to 7.5.

Regular update or netinstall ?
I'd try netinstall...

gotsprings · Sun Oct 02, 2022 3:20 pm

moderator note: why do you quote whole preceding post? Use "Post Reply" instead.

/System package update install

Now hold on a second... I can take a "default the unit after update"... But there had better be a clear warning that is gonna be needed BEFORE I CAN EVEN DOWNLOAD THE UPDATE.

If we need to start doing netinstalls before sending them out in the field... I wanna see a big f--king warning on the top of EVERYTHING from the Mikrotik domain.

Sun Oct 02, 2022 3:52 pm

There will/might come a point when moving from ROS6 to ROS7 you may see erratic and inexplicable behavior.
At that moment it is advised to perform a pristine clean install to clear any inconsistencies (from ROS7 point of view) left-over from previous version.
A.k.a. Netinstall.

mozerd · Sun Oct 02, 2022 4:52 pm

If we need to start doing netinstalls before sending them out in the field... I wanna see a big f--king warning on the top of EVERYTHING from the Mikrotik domain.

@gotsprings ....
My speculation is that over the last 2 years many personnel changes have take place in the Tik developer domain so the expertise needed to get 7.x to where it should be will take much more time ....

With Tailscale [WireGuard management system] you can have your Cake and Eat it and performance is wonderful. Mastering Tailscale is no big deal exploiting Tailscale Subnet routers and traffic relay nodes provides a great deal of power in your hands.

Znevna · Sun Oct 02, 2022 5:27 pm

Talk about Tailscale has no place in this topic.

socs · Tue Oct 04, 2022 6:20 pm

I'm unable to pull containers when using custom registry-url that is not "registry-1.docker.io". Here's the log,

14:53:18 container,info,debug importing remote image: routeros-container/routeros-container, tag: latest
14:53:18 system,info item added by admin
14:53:18 container,info,debug failed to parse www-auth
14:53:18 container,info,debug was unable to import, container 4558db4a-cc1f-4f92-825c-c1c1f94fbb86

This is from a self-hosted registry but the result are the same for other official registries, eg gcr.io.

edit: fixed in 7.6rc1

SiB · Thu Oct 06, 2022 1:27 am

ros6 show one ping as one row and I see the TX RX in one entry, as send and proper back package in one session.
ros7 show me two entry/row, please fix this in Torch

pe1chl · Thu Oct 06, 2022 10:21 am

This is because your DSCP is different between the two directions, and you selected a matching with DSCP (even when it is "any").

SiB · Thu Oct 06, 2022 4:38 pm

pe1chl write:

This is because your DSCP is different between the two directions

Thanks, it's true in this case.

and you selected a matching with DSCP (even when it is "any").

This is default settings in ros7, I not enabled that by myself.
True, after disable this selector the entry is one row, like old ros6. Thanks !.

anav · Thu Oct 06, 2022 4:42 pm

With Tailscale [WireGuard management system] you can have your Cake and Eat it and performance is wonderful. Mastering Tailscale is no big deal exploiting Tailscale Subnet routers and traffic relay nodes provides a great deal of power in your hands.

Hi mozerd, can you confirm its easy to implement 2FA with tailscale, vice wireguard which seems to be a bit of a challenge.

mozerd · Thu Oct 06, 2022 6:11 pm

Hi mozerd, can you confirm its easy to implement 2FA with tailscale, vice wireguard which seems to be a bit of a challenge.

Greetings anav
When you establish an account with Tailscale you are provided with a number of options including the most popular 2FA identity provider like google, Microsoft
Tailscale relies on existing identity provider to authenticate users. Any authentication settings from your identity provider are automatically used by Tailscale, including MFA

For Example I use google .... many people I know like to use Microsoft etc. So for example once you have a Gmail account and enabled 2FA on it --- that will now be used by Tailscale as the screen following depicts. Its very easy :-)

MFA.GIF