Mikrotik RouterOS 6.46 is out

What’s new in 6.46 (2019-Dec-02 11:16):

Lots of fixes in this.  Many LTE, WInbox, SNMP fixes.  CRS fixes as well.
Notable Changes (not all but ones I think are worth pulling out). Full changelog can be foudn at https://www.mikrotik.com/download

*) backup – fixed automatic backup file generation when configuration reset by button;
*) backup – store automatically created backup file in “flash” directory;
*) bonding – correctly remove HW offloaded bonding with ARP monitoring;
*) bonding – properly handle MAC addresses when bonding WLAN interfaces;
*) bridge – disable/enable bridge port when setting bpdu-guard;
*) bridge – do not add bridge as untagged VLAN member when frame-types=admit-only-vlan-tagged;
*) bridge – do not add dynamically VLAN entry when changing “pvid” property for non-vlan aware bridge;
*) bridge – include whole VLAN-id in DHCP Option 82 message;
*) ccr – improved general system stability;
*) crs1xx/2xx – allow to set trunk port as mirroring target;
*) crs3xx – correctly handle L2MTU change;
*) crs3xx – do not send pause frames when ethernet “tx-flow-control” is disabled on CRS326/CRS328/CRS305 devices;
*) crs3xx – improved interface initialization;
*) crs3xx – improved switch-chip resource allocation on CRS317-1G-16S+, CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices;
*) crs3xx – improved system stability on CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices;
*) defconf – require “policy” permission to print default configuration;
*) dhcpv6-client – fixed timeout when doing rebind;
*) dhcpv6-client – properly update bind time when unused prefix received from the server;
*) dhcpv6-client – properly update IPv6 address on rebind;
*) dhcpv6-server – fixed logged error message when using “address-pool=static-only”;
*) dhcpv6-server – ignore prefix-hint from client’s DHCPDISCOVER if static prefix received from RADIUS;
*) dhcpv6-server – include “User-Name” parameter in accounting requests;
*) dhcpv6-server – made “calling-station-id” contain MAC address if DUID contains it;
*) dot1x – added “reject-vlan-id” server parameter (CLI only);
*) dot1x – added support for dynamic switch rules from RADIUS;
*) dot1x – added support for “mac-auth” authentication type (CLI only);
*) ethernet – automatically detect interface when using IP address for power-cycle-ping;
*) ethernet – do not enable interface after reboot that is already disabled;
*) ipsec – fixed DNS resolving when domain has only AAAA entries;
*) ipsec – fixed policy “sa-src-address” detection from “local-address” (introduced in v6.45);
*) ipv6 – changed “advertise-dns” default value to “yes”;
*) route – fixed area range summary route installation in VRF;
*) sniffer – allow filtering by packet size;
*) usb – general USB modem stability improvements;

Network wide Mikrotik RouterOS updates with Unimus

https://unimus.net/blog/network-wide-mikrotik-routeros-upgrade.html

This article will focus on MikroTik – we will show you how you can do a network wide mass upgrade of RouterOS using Unimus, and the RouterOS Package Source feature. What’s even better, doing the entire upgrade process (including setup of Unimus and RouterOS Package Source) can be done in under an hour.

10 Gig SpeedTest server Intel Nuc

Recently a client testing their 5G solution came to me asking for a solution to testing speed from their CBRS/5G/802.11ax clients.  One of the requirements was it had to support greater than 1 gig speedtests as close to the devices as possible. This particular client has a small cell device which has room for a small form factor PC. The challenge was finding a small PC that could handle a 10 gig port.

In steps my buddy John from Columbus.  John is up on hardware more than I am.  After some talks, we settled on the following two pieces of hardware.

https://www.amazon.com/NUC8i7BEH-Quad-Core-i7-8559U-Bluetooth-Thunderbolt/dp/B07JJPF8MV/

https://www.amazon.com/Sonnet-Technologies-Thunderbolt-10GBASE-T-SOLO10G-TB3/dp/B07BZRK8R8/

Intel Nuc, Sonnet 10 Gig adaptor, Mikrotik HexS

Once we assembled this we need a router for the Internet and DHCP. We chose a RouterBoard hexS
https://www.ispsupplies.com/MikroTik-RouterBOARD-RB760iGS

As a not both of these will run off DC power.  The Nuc comes with a 19Volt power supply so if you are running Pure DC you may want to drop from, say a 24volt battery bank to 19 volt with a Meanwell converter.

The Software
Proxmox was installed on the Nuc.  Nothing crazy about this. Just make sure the thunderbolt adaptor is plugged in during install.  For our purposes, we are just using the 10 gig adaptor.  Proxmox recognizes the adaptor without a hiccup.

In some earlier blog posts I wrote about the self-hosted speedtests.
https://blog.j2sw.com/networking/self-hosted-speed-test/
https://blog.j2sw.com/xisp/self-hosted-speedtest/ (Patreon Subscription Required)

I installed the self-hosted speedtest under a Centos Minimal Install. Everything was put on a 172.16.x.x network.  This was done in order to prevent any conflicts with various types of Internet the Mikrotik may be plugged into.  By default, port 1 is set up to be a DHCP client.  In our setup, the Internet is the bottleneck, but we are not testing the Internet.  We are testing clients on the 5g/CBRS/802.11ax network. Our 10 gig port on the nuc will be plugged into a 10 gig switch at the small cell, and not into our routerboard.  The routerboard is just there to hand out DHCP and allow Internet access, if available.

 

 

 

 

For Patreon Subscribers: Access to Mikrotik Speedtest servers

I am happy to announce a special new tier for my Patreon subscribers. I have now installed a network of speedtest servers in 15 locations in the United States and one overseas as part of stage 1. Patreon subscribers who subscribe to this extra tier of service will be presented with a members-only username and password for testing to each of these.

Stage two will be a looking glass so you can test how your BGP routes look in various spots on the Internet. You will know what Upstreams each location has to better assist you in diagnosing BGP or just getting a view of how your network interacts with the Internet.

Visit my Patreon Page for more details.

RouterOS v7 limited beta

I did an overall video of the New Mikrotik RouterOS v7.

From Mikrotik forum: https://forum.mikrotik.com/viewtopic.php?f=1&t=152003

We have released a very limited test variant of RouterOS v7. Currently only available for ARM systems with a slightly limited feature set.

What is currently unlocked / available:

– Only available for ARM architecture
– Based on Kernel 4.14.131, which is currently the latest and most supported LTS version
– New CLI style, but compatible with the old one for compatibility
– New routing features, but see below
– OpenVPN UDP protocol support
– NTP client and server now in one, rewritten application
– removed individual packages, only bundle and extra packages will remain

Other features not yet public.

What is not available:

– BGP / MPLS disabled
– Extra packages
– Winbox does not show all features, use CLI for most functionality

DO NOT USE IT FOR ANYTHING IMPORTANT, THIS RELEASE IS STRICTLY FOR TESTING AND DOES CONTAIN BUGS

Download link: https://mt.lv/v7

Mikrotik Scripting

This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.
To view this content, you must be a member of Justin Wilson's Patreon at "Patrons Only" or higher tier
Already a Patreon member? Refresh to access this post.