running a hAP ac², hAP and a RB1100AHx4D on 7.8 without any issues or reboots. even running wireguard and BGP sessions with no problems on it. 4 VLANs and the rb1100 does the inter-vlan routing with remarkable speeds

please, as far as possible/feasable, do a FRESH netinstall to problematic devices. and of course create a binary and text backup and copy those to a local pc or NAS (if you have one) before doing so!

... with 7.8 my core router (CRS326-24S+2Q+RM) did 3 times spontaneous reboots initiated from watchdog in the last 12 days ... back to 7.7 solves the problem.

Could you try a Netinstall and see if that changes anything?

Hardware offload does not work in bridge - ports on hAP ax3

... with 7.8 my core router (CRS326-24S+2Q+RM) did 3 times spontaneous reboots initiated from watchdog in the last 12 days ... back to 7.7 solves the problem.

Could you try a Netinstall and see if that changes anything?

Sorry, but the last netinstall was 7.4, or 7.5 (I can´t remember...) and it can´t be the way to netinstall every new stable version, to eliminate problems we didn´t have with the previous version.
And the name "core switch" indicates the function ;-)
Until now I saw the problem only on my MIBSBE router, not on one of my several ARM based onces.
One of my CAP AC reboots with an "out-of-memory" message (what it never did before...), but after a manual reboot it happens (until now...) never again. We´ll see how it´ll goes forward...

Hardware offload does not work in bridge - ports on hAP ax3

Check the list of switch chips that supports hardware offloading - https://help.mikrotik.com/docs/display/ ... Offloading

Hello guys, I have set up RB1100AHx4 switching so some vlans, some ports tagged some untagged, all works file on 6.49.7 but once i upgrade to 7.8 all vlans stops working , I have to disable vlan filtering on the bridge and to re-enable to start it working but after reboot of the router all stops working again. Downgraded back to version 6 all works fine. Have similar setup on other RB4011 router OS 7.6 all works fine. Its it something wrong with 7.8?

In my case its affection only RB1100AHx4 model as took one of my RB5009 upgraded to 7.8 all switching works nothing breaks all good.

... the last netinstall was 7.4, or 7.5 ... it can´t be the way to netinstall every new stable version ...

Okay, thank you. I wasn't sure if you ever had. I agree. If you've already Netinstalled to v7, then I think that is adequate.

Sorry, but the last netinstall was 7.4, or 7.5 (I can´t remember...) and it can´t be the way to netinstall every new stable version, to eliminate problems we didn´t have with the previous version.

Unfortunately I even had to netinstall my RB5009, which is ROS7 only, after upgrading from ROS7.6 to ROS7.7.
I had some some misteriously disappearing GRE config and some weird logs.
My HEXs stopped working after an unsuccessful ROS7.4 to ROS7.7 upgrade and had to netinstall it too. (It was netinstalled from ROS6.x)
The same issues did not happen after the upgrade to ROS7.8.
I don´t find it funny either.

RB1100AHx4:
IKEv2 client peer does not connect to the server after upgrading to 7.8 I did not change any settings, it worked in 7.7, not in 7.8. There were no network changes before or after the router.
In order for the connection to be established, I need to disable and re-enable the peer.

Ipsec client config: Nothing interesting in the log, just silence until I disable and enable peer:

hap ac3 with the same config (as client too) works well.

ok more and more people reporting problems so 7.8 is not that stable :) needs a lot of fixes

ok more and more people reporting problems so 7.8 is not that stable :) needs a lot of fixes

When v7 gets to be 7.99999 (that's five nines), I'll be ready to consider it stable.

When 6.x go out... dramatic change... From the 6.23.5 it was more than stable, with the exception of some later versions, which were then fastly corrected...

I dislike the use of the word "stable" in release names.
When manufacturers (including MikroTik) use the word "stable", they mean: no frequent changes to this version, not used as a development version.
But customers infer that it means: does not crash, provides the functions I expect without issues.
So they become disappointed whrn a version labeled "stable" shows obvious bugs or outright crashes.

This update completely broke my RB3011UiAS.
Both cpu cores are at a constant 100%

I believe the issue is with the OpenVPN client interface, it requires a profile but doesn't have one, yet is still enabled. Can't disable or remove it, always results in a timeout error.

Creating a new profile results in timeout too.

Anyone any ideas..?

edit: my PPPoe interface responsible for the WAN connection has a similar problem. Also no profile configured yet enabled.

edit 2:
tried adding it via the terminal using

Code: Select all

ppp profile add

but after entering a name it once again resulted in a timeout

tried

Code: Select all

ppp profile set *0

too but once I typed the asterisk the terminal froze, this happens every time I try it

supout.rif has been generating for about 15 minutes now too, and is stuck at 98%

edit 3: after a reboot the PPP profiles show briefly, then quickly all disappear

edit 4:
I managed after the reboot to quickly disable both the OVPN client interface and PPPoe interface after which the CPU was normal and profiles stayed visible.

Then enabled PPPoe, everything still normal.

Once I enabled the OVPN client interface all the issues returned. So this seems specifically related to my OVPN Client interface configuration

edit 5:
sent mikrotik support an email with all information and details. Hopefully this can help them figure out a fix.

we are having same issue ovpn chokes a cpu core to 100% randomly whenever tunnel gets interrupted and router becomes unusable this issue is on v7 only on all models we have..

I dislike the use of the word "stable" in release names.

While I mostly agree with you, it is also a matter of perception.
For most home users or devices being used with less complex configuration, stable is just that. Stable.
I have it on my devices running without any problem but my configurations are pretty simple. Routing, dhcp,vlan, wireguard, wifi, some firewall stuff...,nothing fancy.
Rock solid. Hence stable.

However, for users like yourself, I can understand the frustration.
For you beta should be alpha and stable is beta.
There is no stable yet for your set of requirements.
At least not until at least all features from ROS6 works at least equally well in ROS7.

Router OS support plans for HP dual SFP+ 10G card?

Hi guys i am trying out the x64 bits RoS v7 stable on and old PC servers.. just to compare some results with CCRs

so far so good.. pretty impressive results on the troughout internal core cpus.. as it shows 24 cores as described on the picture below..

its a Dell Server with Dual CPU six core / twelve treads per core 3.05ghz cpus..

on the system resources its showing up 24 cores.. i guess its reading the threads perhaps.. but the cpu frequency is setup only at 1580mhz.... i am wondering if we can tune this up to the 3.05ghz from the cpu core speeds..


Also on the PCi-e it displays the 10G card NIC.. but on the interfaces its not displaying the 2 SFP+ ports..
anything else i could test to see if i can make the NIC sfp+ card to work .. i am doing all the tests i need to , before i go ahead and buy LIcense 6 Key..

So far.. i am impressed we did get better results on 11G generation dell server than on the CCR1036 2S+ rev2 tests we done on the TCP troughput..

just need to make 10G fiber nic to work properly so we can test some more features of BGP routing etc...


Also below small video of test done on the strees cpu bandwitdh tests..

https://www.youtube.com/watch?v=MqPW2moD4VU

Is anyone having problems with devices unable to get the local IP using RB4011 (RTL8367) from v7.8?
With v7.7 everything worked well, no config changes after the update to v.7.8, solved disabling Bridge Hardware Offload.
Already wrote to support and spent a couple of days also doing Netinstall.

No such issue here!

Oh no... my partion problem is back.

Same story. I wanted to prepare 7.9Beta4 testing. Started Copy to 2. Partition...
Progressbar runs up to 500-600%.
Copy results into 2.Partion empty....

Device: rb5009 running 7.8 STABLE :-(

regards

I tried the workaround regarding VETH.
viewtopic.php?p=961590&hilit=theosoft#p961612

Update:
Tried the workaround again. I've missed to remove them from the bridge as port before. Now the workaround was successful.
But i've thought, that the cause/bug was found and fixed?? Why the handling of dev is still wrong??


Doesn't help

Anyone else having this thingy with USB storage that keeps changing with each reboot from usb1-part1 to usb2-part1 etc ? Basically breaking containers etc between reboots.
Was it possible to refer to a "label" in the container-settings ?

/container mounts
add dst=/etc/pihole name=etc_pihole src=/usb1-part1/etc
add dst=/etc/dnsmasq.d name=dnsmasq_pihole src=/usb1-part1/etc-dnsmasq.d

So my "label" for usb1-part1 is set to DATA , but can I refer to this on the container mounts ?
Doesn't seem so, it seems to create the folder on the main storage of my RB5009.

Yeah, was driving me crazy until I noticed it.
Been rearranging stuff in the house yesterday (moving RB5009 down as main router, AX3 up to office): 2 reboots of RB5009 without a problem, 3th one wiped everything. Sweet ...

Anyone else having this thingy with USB storage that keeps changing with each reboot from usb1-part1 to usb2-part1 etc ? Basically breaking containers etc between reboots.
Was it possible to refer to a "label" in the container-settings ?

yes, add "slot=DATA" parameter to your disk setting. has to be done from commandline at the moment.

After upgrading from V7.7 to V7.8 on RB3011, external USB disk root directory changed name from /disk1 to /usb1-part1, rendering DUDE disabled. What needs to be changed to return the main partition to /disk1 ?

Disk print detail on a V7.7 system:

[suporte@gatekeeper] > disk/print detail
Flags: X - disabled, E - empty, M - mounted, F - formatting; f - raid-member-failed; r - raid-member; p - partition; m - manual-partition; o - read-only; b - block-device
0 b slot="usb1" slot-default="usb1" parent=none device="sda" model="Samsung Flash Drive FIT" serial="0339422040007128" size=128 320 801 792 interface="USB 3.10 5000Mbps" interface-speed=5.0Gbps raid-master=none nvme-tcp-export=no
iscsi-export=no nfs-export=no smb-export=no

1 M p b slot="disk1" slot-default="usb1-part1" parent=usb1 device="sda1" label="dude" uuid="8ae6cb6a-6a4c6da3-deb3a883-2335c4a5" fs=ext4 serial="@512-128320801792" size=128 320 801 280 free=127 223 844 864 partition-number=1 partition-offset=512
partition-size=128 320 801 280 raid-master=none nvme-tcp-export=no iscsi-export=no nfs-export=no smb-export=no
[suporte@gatekeeper] >

Disk print detail on a upgraded V7.8 system:

[monitor@bastion] > disk print detail
Flags: X - disabled, E - empty, B - block-device; M - mounted, F - formatting; f - raid-member-failed; r - raid-member, c - encrypted; g - guid-partition-table, p - partition;
t - nvme-tcp-export, i - iscsi-export, s - smb-export; n - nfs-export; O - tcg-opal-self-encryption-enabled, o - tcg-opal-self-encryption-supported
0 B slot="usb1" slot-default="usb1" parent=none device="sda" model="HooToo iPlugmate" serial="37170314425019" fw-version="~\FFQ\CF\00\03" size=128 043 712 512 interface="USB 3.00 5000Mbps"
interface-speed=5.0Gbps raid-master=none nvme-tcp-export=no iscsi-export=no nfs-export=no smb-export=no

1 BM p type=partition slot="usb1-part1" slot-default="usb1-part1" parent=usb1 device="sda1" label="DATA" uuid="bb001df2-8ec5-4e17-9ee8-75cd229bd2ed" fs=ext4 serial="@512-128'043'712'512" size=128 043 712 000
free=126 479 204 352 partition-number=1 partition-offset=512 partition-size=128 043 712 000 raid-master=none nvme-tcp-export=no iscsi-export=no nfs-export=no smb-export=no

Mauricio

Yeah, was driving me crazy until I noticed it.
Been rearranging stuff in the house yesterday (moving RB5009 down as main router, AX3 up to office): 2 reboots of RB5009 without a problem, 3th one wiped everything. Sweet ...

And now it gets completely weird ...
since the disk was being shown as empty (only usb1, no partition anymore), I wanted to reformat it. I couldn't.
Ejected the disk and physically reinserted it, same problem.
Removed the disk, it didn't come back, whatever I tried via CLI or GUI.

So ... rebooted router and now disk is back WITH contents. Container, Dude, all the stuff I put on there.

please check SUP-111974
There is a chance that DNS response may get stuck, and the DNS cache may become invalid.
The CNAME set in DNS Static will also not take effect.

Hi,

I have problem with:
board-name: RB1100AHx4
model: RB1100x4
revision: r2
serial-number: xxxxxxx90618B
firmware-type: al2
factory-firmware: 6.45.9
current-firmware: 7.8

It was working OK, with 7.7:

- 3 vlans interface
- 3 ether ports as trunk ports for the same vlans on each port
- IP address on each vlan interface

After upgrade to 7.8:
- ping from the device A(non-mikrotik) to device B(non Mikrotik) in the same vlan is OK(it was OK also in 7.7)
- ping from device A(non-mikrotik) to IP of the vlan interface(the same vlan) of the RB1100x4 is NOT OK
- the same is for any other vlan IP of RB1100x4
- if I remove this 3 vlan interface(including bridge vlans rules), AND I recreate them again(copy / paste), all the vlans are working, but at the next restart, it is the same problem
- on any vlan interface I see only TX traffic, and no traffic on RX(0 bytes), even after 30 min of tests in STATUS tab

I have make 3 different test, and after the reboot I see the same problem for each test.
I also try for 3 times, to downgrade to v 7.7(all vlans are OK), and upgrade at v 7.8 with the same BAD result

To me, it seem to be a BUG ;)

How can I solve this?

Thx. in advance, and good luck to all!

I have the very same problem. Upgraded from 7.6 to 7.8 and I wasn't able to log in, every port in VLAN bridge were completely dead. I've noticed the bridge has same address like ether1, connected the cable to different port and it seems it helped. No STP is enabled, even tried disable it on switches.
If you have RB1100AHx4 and use VLANs, DO NOT INSTALL 7.8!

@Lojza007 with RB4011 I'm having a similar issue, in my case is related to Hardware Offload and is "partially solved" with hw=no on the Bridge Ports or completely disabling it.
Another test suggested is to disable ports on Switch 2.

In my case, the SFP port is working well due to not being connected to the switch. Coming from v7.7, everything was fine.
Make a few reboots and good luck!

Strange, I see no such issue on my RB4011 and I have a complicated VLAN-filtering bridge with hw accel enabled. It has never caused problems.

Lucky you @pe1chl, it's verified on two different devices with similar config., dealing with support for assistance, hope it's my fault, had an entire company blocked due to this issue.

Try turning off STP (STP Protocol Mode: none). I always have that disabled, so maybe that is a key factor?

You mean "Protocol Mode" in bridge set to "None"?
I have this set to None on all my devices including the RB1100, all my reported 7.8 problems were with it set to None.

I also tried disabling Fast Track as this was also mentioned somewhere up this thread and changelog. Didn't help, although I am tempted to say that when I had it disabled the problem happend more often (but didn't try to reproduce/confirm).
Didn't yet try disabling HW offload, even if the changes in 7.8 shouldn't affect RB1100 switch chip.

from v7.8 changelog: as reported few posts before, I was fooled by the change of protocol-mode from MSTP to None, this worked but it was a strange behaviour.
Already lost some days of headache on this, ended enabling IGMP-Snoppimg on bridge (not related with the issue, was just to quickly disable HW offload).

Sorry, my fault... mixed it up with the switch line only mentioning 98DX... chips.

hope it's my fault, had an entire company blocked due to this issue.

And you do not have done any test (for some months at least...) separately before upgrade to latest OS, that have just a month, one device on production????
It's your fault for sure...

After upgrading from V7.7 to V7.8 on RB3011, external USB disk root directory changed name from /disk1 to /usb1-part1, rendering DUDE disabled. What needs to be changed to return the main partition to /disk1 ?

It may be easier to just change "Data Directory" in Dude > Setting in winbox to just use /usb1-part1. If you disable/renable Dude, it should just pick up the change. The "bus-part" naming scheme is relatively new and by design. You may be able to change the "slot" in the CLI /disk to rename it to disk1 too.

The OVPN service is unstable, and it will cause a Kernel crashes after 2,3 hours of uptime.
SUP-96432

I'm having the same problem here, on an RB4011. After updating to 7.8, the system has a kernel error and restarts before completing 5 minutes of uptime. I have about 150 ovpn connections.

We had simillar problem on CCR1009-8G-1S-1S+ with RouterOS 7.8 (we upgraded from 6.X to 7.X last week).
When one of clients become unstable and generated many reconnects, we experienced "rebooted without proper shutdown, probably kernel failure" errors and reboots.
For some reason it helped to switch OVPN to UDP transport and it's OK since then. Anyone with same experience?

We did the change to an UDP before we read this thread and this similar one. So not sure if 7.7 is a solution as many comments says - since situation is stable on UDP, we stick with 7.8 for now.

7.7 and 7.8beta3 are the most stable in recent releases for the OVPN server.

May I ask, if anybody is using BGP route reflector and route reflector client roles. I have problems distributing l2vpn and vpnv4 routes. It looks like with normal (no role) iBGP these kind of routes are distributed, once switched to rr and rr client, they are gone. Are any special filters that should be used with those roles to pass the routes?

May I ask, if anybody is using BGP route reflector and route reflector client roles. I have problems distributing l2vpn and vpnv4 routes. It looks like with normal (no role) iBGP these kind of routes are distributed, once switched to rr and rr client, they are gone. Are any special filters that should be used with those roles to pass the routes?

no but to stay at v6 if BGP is in serious demand.

You mean "Protocol Mode" in bridge set to "None"?
I have this set to None on all my devices including the RB1100, all my reported 7.8 problems were with it set to None.

I also tried disabling Fast Track as this was also mentioned somewhere up this thread and changelog. Didn't help, although I am tempted to say that when I had it disabled the problem happend more often (but didn't try to reproduce/confirm).
Didn't yet try disabling HW offload, even if the changes in 7.8 shouldn't affect RB1100 switch chip.

I don't know if this will help with RB1100, but on RB4011 with a recent version (7.6?), with the way HW offload works with multiple chips, you have to make the bridge a part of all VLANs that cross the chips (and to SFP/SFP+), because that has to be done in software.

Indeed in my RB4011 (in which I have no problems) I use a single bridge with all ports 2-10 and some of them being trunks and some being untagged on a VLAN. All with hw accel.

I don't know if this will help with RB1100, ....

can confirm - running a RB1100AHx4 (v7.8) with vlan-filtering enabled on a single bridge which contains all ports 2-10 is hw-offloaded
no IGMP or DHCP snooping enabled

In my case, the SFP port is working well due to not being connected to the switch. Coming from v7.7, everything was fine.
Make a few reboots and good luck!

Issue confirmed by Support, SUP-110494;
...it seems to be related to bridge HW offloading for devices with multiple switch chips, and it seems to be introduced in RouterOS v7.8 due to this change...

For now, I can only suggest disabling HW offloading or downgrading.

Hello, I am new in Mikrotik and in routing and maybe do not understand something, but I thought, the below filter should allow access to my CCR2116 only from the interface ether13, but I can access it with WinBox from all ports. I have tried different orders and with additional multiple lines and with lists for the same, but all the same. Whereby the same filter works on my RB750Gr3. Does anyone maybe know what my mistake is?

/ip firewall filter
add action=accept chain=input connection-state=established,related,untracked
add action=drop chain=input connection-state=invalid
add action=accept chain=input protocol=icmp
add action=drop chain=input in-interface=!ether13

open a separate topic, do not go offtopic here

Updated four devices, so far without issues -

RB2011iLS
CRS305-1G-4S+
CRS226-24G-2S+
cAP

Upgraded fine from 6 to 7.8 on my x86. Works fine until its loaded. Have Xeon E3-1200v2 4GB RAM and I350 dualport NIC. When load gets to around 800Mbit it reboots after 10 seconds. CPU load around 15%. 3670MB ram free, pure hardware no VM, no special features just NAT, queues, RIP, OSPF, native ipv6, and HE tunel as backup....... Sometimes it works fine on load for some time and then goes down with kernel failure,... It die only if IPv6 stack is used. I tested this with BTest on ipv6. Btest on ipv4 is ok. Same happens if i try bandwith test to some internet speedtest on IPv6. So i hope i can revert it back without license loss,.... IT IS NOT STABLE !!!

Why not? For me is stable... Never rebooted or blocked on CCR.

The word "stable" can be given different meanings, and depending on what you use it can be stable for me, not for you.
Since you also have customized hardware instead of (for example) a CCR,
MikroTik do not has a duplicate of all the machines in the world to try it only for YOUR combination of Hardware and Software.
So don't shout, and contact support@mikrotik.com providing the supout.rif and problem description.

Yes i should write "IT IS NOT STABLE on my CUSTOMIZED hardware". I understand that ROS cant be tested on x86 and no problem with it. I just tested it for everyone who have similar hardware and it just die. No problem sending suppout if it can realy help to fix this problem.

The support for multiple hardware platforms is a Mikrotik choice that should be factored in the regression tests for new versions. That said, the perceived instability of new "stable" releases shows Milrotik should improve their release testing in order to build confidence that a software release candidate is ready for end users.

@highlander
Does it run ok with just default configuration?

Reverted back to 6 so i cant test this for now, network is in use, and people will got angry,.. :) But i will try this on some HDD with clean instalation and i want just swap disks for quick test in 24hour mode.

I suggest you to do some test first, before updating from 6.x to 7.8...
Hint: netinstall the device, not upgrade only....

Netinstall is repaired or not ??? viewtopic.php?p=911370#p911370

Not.... But old 6.x can install v7...

Perfect, thank you.

Anyone else having this thingy with USB storage that keeps changing with each reboot from usb1-part1 to usb2-part1 etc ? Basically breaking containers etc between reboots.
Was it possible to refer to a "label" in the container-settings ?

yes, add "slot=DATA" parameter to your disk setting. has to be done from commandline at the moment.

Does not work. I've added it and started creating some container under the /DATA/... reference. All went well as long as the RB5009 kept running.
1 reboot and dang, suddenly a usb1-part1 device/partition. Before the reboot it was usb2 ...
Absolute annoyance.

L3HW offload on CCR2116 doesn't seem to work on 7.8. Reverting back to 7.7 fixes that problem. But it did seem to fix issues on CRS310 (fingers crossed).

Hi,

cAP ac, admin user, can’t save or add new skin, as clicking “Save”, throws me to the login page:

RouterOS WebFig Login
Login:
admin
Login
Password:
••••••••
Authentication failed: invalid username or password.

Also the changed columns width is not saved.

More:

Before the 6.49.7 > 7.8 netinstall I did a config backup and was able to restore the config in 7.8, but when I went back to 6.49.7 I couldn't restore the 6.49.7 original configuration - "Restore failed system configuration operation failed (6)".

Netinstall is repaired or not ??? viewtopic.php?p=911370#p911370

Nope, I used netinstall 7.7 to install routeros 7.8.

I am seeing something very odd

I am using an AX2, I create a wifi configuration *in station mode*, basic stuff. I turn on the wifi and it connects. I create 2 dhcp clients one on each wifi link and both get an ip. no problems so far.

Now comes the weird part:
Create bridge1, add wifi1 as a port of this new bridge, create a dhcp client on bridge1, and it will never get a dhcp address

But if I remove it from the bridge1 and update the dhcp client to use wifi1 directly it works

Does this mean in my device wifi can't be used in a bridge?
Can anyone check if you are seeing this weird behaviour? I seeing this in version 7.8, in fact this is why I have not installed ax2 yet. I have 7 devices sitting in their boxes because of this weird behaviour that took me a bit to reduce to this repeatable steps.

EDIT: Clarification that the wifi is being used in station mode.
EDIT: tested v7.9rc2 bug is still present there.
Note: AX2 was released with firmware 7.5, I upgraded this unit before testing, previous units i think I tested had versions 7.5 and 7.7 but I am not 100% sure so I removed the stated versions from the comment

As far as I know, wifiwave2 can not ( yet ? ) use station Bridge mode.

@kryztoval

Just read manual, is clearly wroten from the start:
Do not support any 4MAC mode (WDS / bridge & Co.)

True, they do document it. But it's fair point if someone used V6 before and "upgraded" to latest hardware... it would seem more like a bug... And the reading the docs doesn't exactly "solve" the underlying problem.

Do not support any 4MAC mode (WDS / bridge & Co.)

Can you point me to the location of the document that countains this?
Cause I did try support/docs and there were no references to bridge or 4mac on wifiwave2 in the 7.8 release
I did read the 7.8 patch notes and I also found no information or text that said 4mac at all

I would like to know what document you got this from so, next time, I know where to look for this information.

Thanks :)

True, they do document it. But it's fair point if someone used V6 before and "upgraded" to latest hardware... it would seem more like a bug... And the reading the docs doesn't exactly "solve" the underlying problem.

Yes, this also applies if you used the AC2 or AC3 and just bought the AX2 or AX3 as an obvious upgrade and suddenly you can't use it as a replacement because the previous device with the same software version did support bridge and 4mac but the new one doesn't yet support it.

https://help.mikrotik.com/docs/display/ROS/WifiWave2

The following notable features of the bundled wireless package do not yet have equivalents in the wifiwave2 package

Station-bridging or other 4-address modes
Nstreme and Nv2 wireless protocols

Not the same software.
Other wifi package!

From Help pages

Lost features
The following notable features of the bundled wireless package do not yet have equivalents in the wifiwave2 package

Station-bridging or other 4-address modes
Nstreme and Nv2 wireless protocols

Holvoetn I know it is a different driver, it was so in ac3 as well if you choose to upgrade it.

The section is ”lost features” and the wording changes the setting name into a gerund, no wonder I didn't find it on a search, thank you very much Kanzler and Holvoetn, now I will watch out for changes like this. 😄

I had already forgotten why station-bridge was a 4 address mode already. Reminded me of the time I learnt openwrt's implementation of bridge is not compatible with mikrotik's version of a bridge.

Do the ax2 and ax3 not work when you remove or disable the wifiwave2 package?
(i.e. does the wifi hardware not work with the old wifi drivers?)

No. It's needed on those devices.

Hi. My rb750gr3 and 2x hap lite haven’t got the update yet. They are all currently at 6.49.7 stable (firmware too). Do i need to wait for the update to come up? I saw other people using v7.x on rb750gr3, could region be the reason? Im in Europe/Cyprus.

Hi. My rb750gr3 and 2x hap lite haven’t got the update yet. They are all currently at 6.49.7 stable (firmware too). Do i need to wait for the update to come up? I saw other people using v7.x on rb750gr3, could region be the reason? Im in Europe/Cyprus.

for the switch v6->v7 you need to choose the "upgrade" channel on "check for updates" window

Hi. My rb750gr3 and 2x hap lite haven’t got the update yet. They are all currently at 6.49.7 stable (firmware too). Do i need to wait for the update to come up? I saw other people using v7.x on rb750gr3, could region be the reason? Im in Europe/Cyprus.

for the switch v6->v7 you need to choose the "upgrade" channel on "check for updates" window

Thanks alot. Is there any chance that upgrading to v7.8 will slow down any of those devices?

Hex, not that much depending on your use case.
Hap lite, that can be tricky resource wise.

Hex, not that much depending on your use case.
Hap lite, that can be tricky resource wise.

It's the secondary router for the second floor. There are only PCs, Access point and a Linux server which is connected via EoIP/L2TP/IPSec on the main router (first floor, RB5009) to avoid double natting. The hap lite ones are already kinda slow, i think i will keep them on 6.49.7.

You should in fact not upgrade hAP Lite past 6.47.9 when you want decent WiFi performance...

for the switch v6->v7 you need to choose the "upgrade" channel on "check for updates" window

Thanks alot. Is there any chance that upgrading to v7.8 will slow down any of those devices?

hEX (S) should be fine. keep in mind, most of the time it is depending on your setup but as little as you described it, this should be fine on the hEX.

the hap lite also is able to work on v7.x but i would not recommend it. tested 2 lite devices on 7.x - not happy with it x-)
BUT: 3 RB952Ui-5ac2nD are quite okay as AP/sub-switch on v7.7 for example of which one of them is currently active for connectivity down to my cellar

Thanks alot guys for the recomendations and guidance. Will upgrade the hex and keep the lites on v6.

Thanks alot guys for the recomendations and guidance. Will upgrade the hex and keep the lites on v6.

for the time being ... if you do not need a certain function only available in v7, there is no big deal staying with v6 atm.
v7 still has some weird quirks sometimes. keep that in mind ;)

Hello,

I use a router hAP AC3 (RBD53iG-5HacD2HnD) with RouterOS 7.8

My bug is:

"invalid-before" and "invalid-after" are incorrect.

The router is using an NTP server and the date is correct.

I tried with a router RB750 with RouterOS 6.49.7: "invalid-before" and "invalid-after" are correct dates.

Why the router hAP AC3 has a problem?

Always interesting to see bugs that are present on the ARM architecture and not on MIPSBE!
I'm still suspecting there are subtle bugs in the toolchain used for ARM code generation...

This command just adds a kind of template, no? It needs to be signed to become a real certificate. I bet that will have the correct dates.
You should read the documentation about certificates.

To compare with 6.49.7 to show a difference does not help here. Some changes are by intention.

Chateau LTE18 ax on ros7.8. Running containers on new and healthy Sandisk 3.2 usb-stick:

Constantly getting my containers screwed up after some time.
After adding some additional container, its tag gets transferred to previous containers, after that they cant start.
And the tag thing is not to be changed by the user, so the only fix is to delete the damaged one and create a new container.
And then you again wait for another container to become broken... very annoying.

In the attached image check the tags of 0, 1 and 4.
The first two have the tag of the last one X(

Constantly getting my containers screwed up after some time.
After adding some additional container, its tag gets transferred to previous containers, after that they cant start.
And the tag thing is not to be changed by the user, so the only fix is to delete the damaged one and create a new container.

This happens because someone or a software is changing the contents of the container folders.
Create a folder for each container's data, not a shared folder for all containers.
Files and data in the Container Root Dir must not be accessible to everyone or shared via SMB.

This happens because someone or a software is changing the contents of the container folders.
Create a folder for each container's data, not a shared folder for all containers.
Files and data in the Container Root Dir must not be accessible to everyone or shared via SMB.

Well, i'm pretty sure that no one changed any container files. I do have an SMB share, but it's read only - just for remote access to tramsmission's downloads folder.
And for sure it couldn't have been done by another containers as their scopes are limited to their own folders.
I do have separate folders for containers.

It seems i've found the origins of the problem. It starts to happen right after I try to add a container with a veth already used by another container.
My mistake for sure, but shouldn't it be somehow restricted by routeros to 1 veth = 1 container?

hapac2, upgrade on 6.49.6, in version 7.8, I can't see the items in the winbox /system resource - write sector total , write sector since reboot . . . Winbox 3.37 64bit

I am new in MikroTik. I use CCR2116.
After updated to 7.8 there is problem in web-interface - see difference between FireFox & Chrome - in both web-browser tab IP=>ROUTES is broken. In FireFox is empty, in Chrome without menu.

Sometimes you have to force refresh your browser's cache. There are subtle differences between the versions of Webfig. Other times I've found with certain devices on my network (for whatever unknown reason), I have to reload/refresh the page to get routes (or DHCP leases, or other large tables) to load.

We have also issues with kernel panic after some hours.
One more issue is that if you try to kick a connected ovpn client their IP still remain in the address list with unknown interface.

*) dns - do not query upstream DNS servers for matched regex records;

Anyone can confirm this claim? I have no success. Static DNS entry (type=FWD) here with very simple regexp, but still it forwards the request to upstream dns.

Sometimes you have to force refresh your browser's cache. There are subtle differences between the versions of Webfig. Other times I've found with certain devices on my network (for whatever unknown reason), I have to reload/refresh the page to get routes (or DHCP leases, or other large tables) to load.

Something strange - I had to clean up full FF...
THX - I forgot about this one. I didn't remember when I cleaned up any web-browser.

I am new in MikroTik. I have moved configuration rule-by-rule from RB2011 with system version 6 to CCR2116 with system version 7.
I have got dual WAN and based on the net I changed marking packages in /IP/ROUTES from marking to FIB-table.

I see something strange - or something I don't understand - but I have got 3 pairs or rules and 1 of them doesn't work. The rule #2: chain=dstnat action=dst-nat to-addresses=10.0.3.223 protocol=udp dst-address={IP.PUBLIC.1} dst-port=1048 log=yes log-prefix="VM223-1" doesn't work.

The pair #0 & #1 and #4 & #5 work correct.

Is this problem with version 7 or do I something wrong? Change/renumber sequence changes nothing with rule #2.

Probably you have a typo that we cannot see because you removed your address...

I have problem with mikrotik hex 750gr3
When i update from 6.48.6 to v 7.8
my cpu is 25-45% v 6.48.6
my cpu is very busy 80%-100%. v 7.8
Why this happen? i dont have any rules only masqarade and 200-300mbps throughput.
now i have to use fasttrack to get the router to push 300mbps.
Will mikrotik fix this or is it time to buy a new router?

If you use tool/profile, all, what shows as top resource consumer ?

"Considerably slower" is relative to the hardware. My ARM, ARM64, and Tile boxes have seen significant improvements. Under 6.48.x my CCR1036 was showing 2-3% on 2Gbps of traffic. Now it shows 0% on the same traffic. ARM64 devices will see an improvement because they're not running 32-bit software. And then there's L3HW offload for CRS300 series.

MIPS is probably hit and miss, depending on what you're making the router do. The route caching from 6 is gone in 7, so any traffic that would benefit from that (speed tests) will suffer as a result.

The route caching from 6 is gone in 7, so any traffic that would benefit from that (speed tests) will suffer as a result.

Yes, it is more interesting to see the CPU load figures under typical load than the "speed test maximum speed"...

prefix count not found..
please fix it in the next version.
we are tired of waiting for this fix



https://prnt.sc/l89saIevRRoO

"Considerably slower" is relative to the hardware. My ARM, ARM64, and Tile boxes have seen significant improvements. Under 6.48.x my CCR1036 was showing 2-3% on 2Gbps of traffic. Now it shows 0% on the same traffic.

take a look using tools profiling using ALL cores option to view individual core Load, you will see similar consumption like 6.x

i think in Tile CCR's 10xx Ros 7.x has a different way of measunring CPU usage wich leads to a irreal lower value

I found a bug.
Default route to VXLAN interface doesn't work but all other subnet routes work.
Even adding 0.0.0.0/1 + 128.0.0.0/1 makes the same problem

Details here:
viewtopic.php?p=997060

I have problem with mikrotik hex 750gr3
When i update from 6.48.6 to v 7.8
my cpu is 25-45% v 6.48.6
my cpu is very busy 80%-100%. v 7.8
Why this happen? i dont have any rules only masqarade and 200-300mbps throughput.
now i have to use fasttrack to get the router to push 300mbps.
Will mikrotik fix this or is it time to buy a new router?

Try to netinstall your router and then add config groupe by group.
My 750gr3 are runing at 30-40%CPU. I do only have 200Mbps line.

I have problem with mikrotik hex 750gr3
When i update from 6.48.6 to v 7.8
my cpu is 25-45% v 6.48.6
my cpu is very busy 80%-100%. v 7.8
Why this happen? i dont have any rules only masqarade and 200-300mbps throughput.
now i have to use fasttrack to get the router to push 300mbps.
Will mikrotik fix this or is it time to buy a new router?

Try to netinstall your router and then add config groupe by group.
My 750gr3 are runing at 30-40%CPU. I do only have 200Mbps line.

Do you use OVPN? This can happen because of the very unstable OpenVPN implementation right now.

Well, i'm pretty sure that no one changed any container files. I do have an SMB share, but it's read only - just for remote access to tramsmission's downloads folder.
And for sure it couldn't have been done by another containers as their scopes are limited to their own folders.
I do have separate folders for containers.

It seems i've found the origins of the problem. It starts to happen right after I try to add a container with a veth already used by another container.
My mistake for sure, but shouldn't it be somehow restricted by routeros to 1 veth = 1 container?

Ok, my assumption was wrong. Now I did everything very carefully, and faced that issue again, fourth time in a row. Just after adding ~5th container it starts like overriding previous ones...
Quite a weird behaviour... One container is stopped and its tag messed.
Fixed by: reboot, find that the messed container is absent from containers list but it's files are in place, pull it once again to the same dir with the same envs and everything... profit.
But the problem is persistent, waiting for a fix.

Well, i'm pretty sure that no one changed any container files. I do have an SMB share, but it's read only - just for remote access to tramsmission's downloads folder.
And for sure it couldn't have been done by another containers as their scopes are limited to their own folders.
I do have separate folders for containers.

It seems i've found the origins of the problem. It starts to happen right after I try to add a container with a veth already used by another container.
My mistake for sure, but shouldn't it be somehow restricted by routeros to 1 veth = 1 container?

Ok, my assumption was wrong. Now I did everything very carefully, and faced that issue again, fourth time in a row. Just after adding ~5th container it starts like overriding previous ones...
Quite a weird behaviour... One container is stopped and its tag messed.
Fixed by: reboot, find that the messed container is absent from containers list but it's files are in place, pull it once again to the same dir with the same envs and everything... profit.
But the problem is persistent, waiting for a fix.

For low end routers like "hap lite" I've tested with version 7.6 and above, and CPU stucks at 100% very often and even reboot occured due to some hang up state.
I recommend strongly to use v.6.49 for low end routers.
Formatting and netinstall won't help as I've tested it over 7 low end routers and results were the same even with very basic configuration (PPPOE over ADSL, NAT and drop rule on firewall)
V.7 is very buggy, eg I've reported an intrupting bug about VXLAN on version 7.8, that I came to v7 for.
I hope in future releases these bugs will be fixed as v7 is far from stable in CPU usage on low end products and new features.

If you use tool/profile, all, what shows as top resource consumer ?

networking is most used


upload and share images

Best to post a separate thread with full config and description.
Post link here.

Your 4 cores are getting pretty loaded so something is happening there.
Never seen that happen on my Hex.
Never had a problem to fully use 300/30 link.

I'm afraid ROS 7.8 broke my GPS. I have an LTAP LTE which worked on ROS 6.x. This was going very well, until this weekend I decided to upgrade to ROS 7.8.

Since then my script no longer sends coordinates to my server. Nor do I get to see the GPS coordinates in Winbox.

Apart from the update, nothing has changed on the device. The GPS antenna is an external magnet antenna that has always worked fine and should definitely get a GPS lock at the moment.

[admin@ON3KDR/M] > /system/console/

[admin@ON3KDR/M] /system/console> /port/print
Columns: NAME, CHANNELS, USED BY, BAUD RATE
# NAME CHANNELS USED BY BAUD RATE
0 serial0 1 GPS auto
1 gps 1 115200
2 usb3 1 9600

[admin@ON3KDR/M] /system/console> /system/gps/

[admin@ON3KDR/M] /system/gps> export
# Apr/21/2023 00:59:42 by RouterOS 7.8
# software id = FFGV-E8L3
#
# model = RBLtAP-2HnD
# serial number = D7290C74C2DD
/systemgps
set coordinate-format=dd enabled=yes gps-antenna-select=external port=serial0

[admin@ON3KDR/M] /system/gps> /system/gps/

[admin@ON3KDR/M] /system/gps> print
enabled: yes
port: serial0
channels: 0
init string:
set-system-time: no
coordinate format: dd
gps-antenna-select: external

[admin@ON3KDR/M] /system/gps> monitor
date-and-time: Apr/20/2023 22:42:06
latitude: none
longitude: none
altitude: none
speed: none
destination-bearing: none
true-bearing: none
magnetic-bearing: none
valid: no
satellites: 0
fix quality: 0
data age: never

More details on routing bug about v7.8:
As I mentioned here:
viewtopic.php?p=997060

There was a problem with routing when:
the gateway of a routing table is set to IP of VXLAN interface of opposite tunneled router
The problem shows itself when the traffic ignores the gateway route of table traffic routed to

Now I suggest that this bug happens whenever I use IP instead of interface in any routing table on gateway (0.0.0.0/0) even on other protocols such as IPIPv6 and GREv6.

The bug is confirmed on these protocols by me but I think it's more generic and has something to do with using IP as default route.

So it's a routing table bug around using IP instead of interface on default route and not a protocol specified bug.
No problem with routes, other than 0.0.0.0/0

The bug occures whenever IP of opposite router interface destined as default gateway instead of interface with the address itself.

To simulate the problem:
1. Make a tunnel based on VXLAN or IPIPv6 or GREv6 between two routers.
2. Assign an IP address to tunnel interfaces on each side and test the ping of other side IP.
3. Add a NAT rule on router2 with internet interface as outgoing interface if you want to test with internet hosts.
4. Make a table on router1 with gateway (0.0.0.0/0) of opposite router tunnel interface IP.
5. Mangle some clients and mark it with built routing table.
6. Set proper NAT rule for the outgoing interface of tunnel on router1 or make the returning route on the opposite router.
7. Test it on clients you have mangled. Try to ping the router2 IP of tunnel interface. Timeout happens. Try to ping an internet host and you get the same result.
8. To confirm the bug more obviously, edit the built table 0.0.0.0/0 route to a smaller route like 0.0.0.0/1 or even a /32 route.
9. Now test that destined subnet route or/32 destination from the same clients and it will be accessible. And even more strange, now you can ping router2 tunneling interface IP from clients!
10. Additionally you can edit the same route and assign appropriate interface as gateway instead of IP (if possible in tested protocol), and even 0.0.0.0/0 will work.

Is it a proper topic to report this important bug or should I send email to support?

Best to send mail to support.
Provide link to this post.

Best to send mail to support.
Provide link to this post.

How can I obtain the post url to send?

Right top of the post there is a number (right from report and quote).
That's the link directly to the post.

I found bugs in VLAN for Wave2 wireless on hAP ax 3.

In my configuration I use datapath with VLAN 31. When I connect to the wifi interface it is added dynamically as port to the bridge, but with the default VLAN (1), so my VLAN settings are not respected.

If I add manually wifi interface as a bridge port with VLAN 31 it works just fine.

I found another bug in Wave2 wireless on hAP ax 3.

Two master interfaces with the same password, on 5 GHz is OK, on 2 GHz password is not respected (it is set by configuration and visible in status) and AP SSID is open. On all wireless interfaces VLAN ID is not respected and not added to the bridge.

I think I had enough for my first bump with v7. I will return all 4 hAP ax 3 devices and check again after 1-2 years. I hope that v6 devices will be on stock...

yes, it make sence to return all AX3 devices buy 4xAC deices and after one year to throw 4xAC devices and buy 4xAX devices...you must be very smart :) is not better to wait till next beta ROS come? :)

Without the slightest shadow of a doubt, the skins produced by WebFig on 7.8 do not work on WinBox.
(Obviously the skins produced by previous 7.7 versions work on winbox 7.8)
WebFig 7.8 creates skins with " instead of ' and then WinBox doesn't recognize them.

viewtopic.php?t=195501#p998421

It is probably related to one of these fixes on v7.8:

*) webfig - fixed editing of multi-field parameters with "not" checkbox;
*) webfig - improved skin file parsing;

is there any problem with rebooting with v7.8 ?
my new router C53UiG+5HPaxD2HPaxD is rebooting non stop ??

apr/26/2023 10:32:12 system,error,critical router rebooted without proper shutdown, probably power outage
apr/26/2023 10:32:12 system,error,critical kernel failure in previous boot
apr/26/2023 10:32:43 system,error,critical router rebooted without proper shutdown, probably power outage
apr/26/2023 10:32:43 system,error,critical kernel failure in previous boot

You are the first that report that. Netinstall the device.

Did this temperature is normal 58 C on CPU ?

Yes.

Netinstall and/or check power supply.

yes, it make sence to return all AX3 devices buy 4xAC deices and after one year to throw 4xAC devices and buy 4xAX devices...you must be very smart :) is not better to wait till next beta ROS come? :)

I will get AX again when first long-term ROS 7.x is released :)

Is there a WORKING example of CAPsMAN with two separated VLANs for v7.8?

is there any problem with rebooting with v7.8 ?
my new router C53UiG+5HPaxD2HPaxD is rebooting non stop ??

No problems with reboots, my is running many days nonstop already.
Are you using original power supply delivered with your hAP ax³?

is there any problem with rebooting with v7.8 ?
my new router C53UiG+5HPaxD2HPaxD is rebooting non stop ??

No problems with reboots, my is running many days nonstop already.
Are you using original power supply delivered with your hAP ax³?

Yes it's original. I forget to tell that I have one USB drive Kingston on it 64GB. I have remove it and plug it again and the problem is gone for now. Flash Drive is absolutely 100% good.
Is it possible that it is from the USB flash drive?


P.S. problem found. Router cant format correctly flash drives on it. Test with 5 flash drives. if system on them is different from ext3 or ext4, formatting stop and give partition error witch on some reason reboot router . I format drives on PC with ext4, after that formatting even on mikrotik is successful and system work stable.

RouterOS v7.9 has been released
viewtopic.php?t=195845