Mikrotik Routeros 7.0beta7

What’s new in 7.0beta7 (2020-Jun-3 16:31):

!) added Layer3 hardware offloading support for CRS317-1G-16S+RM more info here: https://wiki.mikrotik.com/wiki/Manual:CRS3xx_series_switches#L3_Hardware_Offloading
!) enabled BGP support with multicore peer processing (CLI only);
!) enabled RPKI support (CLI only);
!) ported features and fixes introduced in v6.47;
!) routing updates, complete status report: https://help.mikrotik.com/docs/display/ROS/v7+Routing+Protocol+Status
!) system kernel has been updated to version 5.6.3;
*) other minor fixes and improvements;

Mikrotik 6.45.9 Noteables

What’s new in 6.45.9 (2020-Apr-30 10:25):
https://www.mikrotik.com/download

*) chr – added support for file system quiescing;
*) chr – enabled support for VMBus protocol version 4.1;
*) chr – improved system stability when running CHR on Hyper-V;
*) crs3xx – fixed frame forwarding after disabling/enabling bridge hardware offloading for CRS354-48G-4S+2Q+ device;
*) crs3xx – fixed interface statistics for CRS354-48G-4S+2Q+ and CRS354-48P-4S+2Q+ devices;
*) crs3xx – fixed switch rule “dst-port” parameter for IPv6 traffic on CRS305-1G-4S+, CRS326-24G-2S+, CRS328-24P-4S+, CRS328-4C-20S-4S+, netPower 15FR devices;
*) crs3xx – improved SFP+ DAC cable initialization for CRS326-24S+2Q+ device;
*) defconf – added welcome note with common first steps for new users;
*) discovery – do not send CDP and LLDP packets on interfaces that does not have MAC address;
*) ipsec – improved system stability when handling fragmented packets;
*) lte – added “phy-cellid” value support for LTE-US;
*) lte – fixed IP type selection from APN on RBSXTLTE3-7;
*) lte – improved system stability when performing firmware update on R11e-LTE6;
*) ssh – added support for RSA keys with SHA256 hash (RFC8332);
*) system – correctly handle Generic Receive Offloading (GRO) for MPLS traffic;
*) system – improved system stability when forwarding traffic from switch chip to CPU (introduced in v6.43);
*) system – improved system stability when receiving/sending TCP traffic on multicore devices;

Mikrotik Router OS 6.46.2 is out

Notables from the changelog of Mikrotik RouterOS 6.46.2

*) console – prevent “flash” directory from being removed (introduced in v6.46);
*) crs305 – disable optical SFP/SFP+ module Tx power after disabling SFP+ interface;
*) defconf – fixed default configuration loading on RBwAPG-60adkit (introduced in v6.46);
*) lora – fixed packet sending when using “antenna-gain” higher than 5dB;
*) lte – fixed “cell-monitor” on R11e-LTE in 3G mode;
*) lte – fixed “earfcn” reporting on R11e-LTE6 in UMTS and GSM modes;
*) lte – report only valid info parameters on R11e-LTE6;
*) qsfp – do not report bogus monitoring readouts on modules without DDMI support;
*) qsfp – improved module monitoring readouts for DAC and break-out cables;
*) security – fixed vulnerability for routers with default password (limited to Wireless Wire), admin could login on startup with empty password before default configuration script was fully loaded;
*) system – fixed “*.auto.rsc” file execution (introduced in v6.46);
*) traffic-generator – improved memory handling on CHR;
*) winbox – fixed “Default Route Distance” default value when creating new LTE APN;

Full changelog at
https://mikrotik.com/download

RouterOS 7.0Beta4 released on Dec 6 2019

!) included all features and fixes from 6.46 version;
!) implemented completely new User Manager package;
*) dhcpv4-server – added “option-set” parameter for each “vendor-class-id”;
*) dhcpv4-server – added “radius-password’ parameter under “config” menu;
*) dhcpv6-client – allow reading passed options in script;
*) dhcpv6-relay – include client’s Link-Layer address in option 79;
*) interface – improved support for Intel, Mellanox and other generic network cards;
*) ipsec – fixed action=none policies;
*) ipv6 – added “disable-ipv6” parameter;
*) lte – added support for Quectel EC25-E;
*) lte – added support for Sierra Wireless MC7304;
*) lte – improved system stability when resetting modem;
*) package – fixed USB and CD-ROM installs;
*) ssh – improved key exchange algorithm support;
*) system – fixed port duplication on each system reboot;

Mikrotik RouterOS 6.46 is out

What’s new in 6.46 (2019-Dec-02 11:16):

Lots of fixes in this.  Many LTE, WInbox, SNMP fixes.  CRS fixes as well.
Notable Changes (not all but ones I think are worth pulling out). Full changelog can be foudn at https://www.mikrotik.com/download

*) backup – fixed automatic backup file generation when configuration reset by button;
*) backup – store automatically created backup file in “flash” directory;
*) bonding – correctly remove HW offloaded bonding with ARP monitoring;
*) bonding – properly handle MAC addresses when bonding WLAN interfaces;
*) bridge – disable/enable bridge port when setting bpdu-guard;
*) bridge – do not add bridge as untagged VLAN member when frame-types=admit-only-vlan-tagged;
*) bridge – do not add dynamically VLAN entry when changing “pvid” property for non-vlan aware bridge;
*) bridge – include whole VLAN-id in DHCP Option 82 message;
*) ccr – improved general system stability;
*) crs1xx/2xx – allow to set trunk port as mirroring target;
*) crs3xx – correctly handle L2MTU change;
*) crs3xx – do not send pause frames when ethernet “tx-flow-control” is disabled on CRS326/CRS328/CRS305 devices;
*) crs3xx – improved interface initialization;
*) crs3xx – improved switch-chip resource allocation on CRS317-1G-16S+, CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices;
*) crs3xx – improved system stability on CRS309-1G-8S+, CRS312-4C+8XG, CRS326-24S+2Q+ devices;
*) defconf – require “policy” permission to print default configuration;
*) dhcpv6-client – fixed timeout when doing rebind;
*) dhcpv6-client – properly update bind time when unused prefix received from the server;
*) dhcpv6-client – properly update IPv6 address on rebind;
*) dhcpv6-server – fixed logged error message when using “address-pool=static-only”;
*) dhcpv6-server – ignore prefix-hint from client’s DHCPDISCOVER if static prefix received from RADIUS;
*) dhcpv6-server – include “User-Name” parameter in accounting requests;
*) dhcpv6-server – made “calling-station-id” contain MAC address if DUID contains it;
*) dot1x – added “reject-vlan-id” server parameter (CLI only);
*) dot1x – added support for dynamic switch rules from RADIUS;
*) dot1x – added support for “mac-auth” authentication type (CLI only);
*) ethernet – automatically detect interface when using IP address for power-cycle-ping;
*) ethernet – do not enable interface after reboot that is already disabled;
*) ipsec – fixed DNS resolving when domain has only AAAA entries;
*) ipsec – fixed policy “sa-src-address” detection from “local-address” (introduced in v6.45);
*) ipv6 – changed “advertise-dns” default value to “yes”;
*) route – fixed area range summary route installation in VRF;
*) sniffer – allow filtering by packet size;
*) usb – general USB modem stability improvements;

Network wide Mikrotik RouterOS updates with Unimus

https://unimus.net/blog/network-wide-mikrotik-routeros-upgrade.html

This article will focus on MikroTik – we will show you how you can do a network wide mass upgrade of RouterOS using Unimus, and the RouterOS Package Source feature. What’s even better, doing the entire upgrade process (including setup of Unimus and RouterOS Package Source) can be done in under an hour.

Mikrotik releases 6.45.7

MAJOR CHANGES IN v6.45.7:
———————-
!) lora – added support for LoRaWAN low-power wide-area network technology for MIPSBE, MMIPS and ARM;
!) package – accept only packages with original filenames (CVE-2019-3976);
!) package – improved package signature verification (CVE-2019-3977);
!) security – fixed improper handling of DNS responses (CVE-2019-3978, CVE-2019-3979);
———————-

RouterOS v7 limited beta

I did an overall video of the New Mikrotik RouterOS v7.

From Mikrotik forum: https://forum.mikrotik.com/viewtopic.php?f=1&t=152003

We have released a very limited test variant of RouterOS v7. Currently only available for ARM systems with a slightly limited feature set.

What is currently unlocked / available:

– Only available for ARM architecture
– Based on Kernel 4.14.131, which is currently the latest and most supported LTS version
– New CLI style, but compatible with the old one for compatibility
– New routing features, but see below
– OpenVPN UDP protocol support
– NTP client and server now in one, rewritten application
– removed individual packages, only bundle and extra packages will remain

Other features not yet public.

What is not available:

– BGP / MPLS disabled
– Extra packages
– Winbox does not show all features, use CLI for most functionality

DO NOT USE IT FOR ANYTHING IMPORTANT, THIS RELEASE IS STRICTLY FOR TESTING AND DOES CONTAIN BUGS

Download link: https://mt.lv/v7

Mikrotik 6.46 beta34 noteable things

This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.
To view this content, you must be a member of Justin Wilson's Patreon
Already a qualifying Patreon member? Refresh to access this content.