Επιστροφή στο Forum : Περί ROS ο λόγος...
Καλησπερα, εγω παντως λεω να περιμενω οπως ειδα σφαιρα την ΒΑΠΤΙΣΑΝ!!! stable! ΔΕΝ μπορει ! τοσο απλα....περιμενετε να δειτε ποσο γρηγορα θα βγαλουν αλλη.
Επισης για καποιο λογο που δεν ξερω στο εξοχικο στο 951 εχω συνδεσει ενα ovislink 5460AP για μια απομακρυσμενη wifi ip camera σε ρολο wireless repeater.
Oποτε κανει reboot το 951 χανει το wifi και μετα πρεπει να μπω απευθειας στο ovislink να σκαναρω απο το μενου του για να ξανασυνδεθω, δεν ξερω αν εχει σχεση το 951 ή ειναι καθαρα θεμα του ovislink, οποτε βαριεμαι τα updates και εχει την 7αρα.
Το αλλο εiναι το 109. Ολα τα αλλα τα εχω ακομα στην 6 κατι. Μονο για το wireguard τα εχω παει τα 2 αυτα στην 7αρα. Εχω βρει την ηρεμια μου με τα αλλα στην 6.Χ που δεν παιρνoυν updates....:p:)
Τα έχουμε πει αυτά.
Όλα τα upds απ όπου και να προέρχονται έχουν bugs.
Αν η x-stable έχει πρόβλημα στο wireguard και εγώ παίζω με ovpn τότε για εμένα είναι τέλεια.
Για εσένα όμως που χρησιμοποιείς wireguard η x-stable είναι προβληματική.
Δεν υπάρχει, δεν υπήρξε και δεν θα υπάρξει ποτέ απροβλημάτιστο sw (και hw).
Ο κανόνας όμως είναι μία stable (να μήν πώ long-term) έχει λιγότερα bugs απο μία beta.
Οπότε οι πιθανότητες κάτι να μή δουλεύει σε κάποιον είναι λιγότερες.
Τώρα με τη 7αρα τα έχουμε κάνει σαλάτα και ψάχνουμε την έκδοση που δουλεύει σε εμάς καλύτερα άσχετα απο stable/beta/development.
Οπότε, όσοι δε φοβούνται ας τη βάλουν μπας και πάρουμε long-term στην 7αρα κάποια στιγμή :p
*) rb4011 - fixed reporting of current CPU frequency and changed default frequency to "auto";
Σήμερα έκανα το update.
Στο παραπάνω fixed δεν βλέπω CPU frequency στο RB4011 εκτός αν κατάλαβα λάθος.
Αυτο ακριβως ειναι το θεμα.
Σε προηγουμενη rc το ειχαν φτιαξει και μετα ξαναχαλασε.
Το εχουν αναφερει στο φορουμ τους.
Οπως και αλλα που λενε...
Γι αυτο σωστα αναφερθηκε οτι ειναι beta και οχι stable.
Αυτο ακριβως ειναι το θεμα.
Σε προηγουμενη rc το ειχαν φτιαξει και μετα ξαναχαλασε.
Το εχουν αναφερει στο φορουμ τους.
Οπως και αλλα που λενε...
Γι αυτο σωστα αναφερθηκε οτι ειναι beta και οχι stable.
Ναι το αναφέρουν και στο forum τους. Έχεις δίκιο.
Από cli το βλέπεις.
244883
244883
Νομιζω οτι αν ειναι στο auto δεν την εμφανιζει.
Νομιζω οτι αν ειναι στο auto δεν την εμφανιζει.
Ας πούμε ότι θέλω να αλλάξω το frequency από που; Δεν υπάρχει η επιλογή.
- - - Updated - - -
Από cli το βλέπεις.
DeniSun εσύ το βλέπεις από cli?
Ας πούμε ότι θέλω να αλλάξω το frequency από που; Δεν υπάρχει η επιλογή.
winbox -> routerboard -> settings δε δίνει CPU frequency ;
Όχι δεν το εμφανίζει ούτε στο winbox, ούτε με cli (είχαν πει ότι θα το έδιναν μόνο σε cli).
Νομιζω στην rc3 επαιζε και μετα ξαναχαλασε.
Στο 4011 υπαρχει αυτο το bug δεν αφορα ολα τα RB.
Δεν έτυχε να ελέγξω ποτέ την τιμή του οπότε δεν ξέρω να σου πω στα σίγουρα.
Δεν έτυχε να ελέγξω ποτέ την τιμή του οπότε δεν ξέρω να σου πω στα σίγουρα.
Ούτε εγώ....:)
- - - Updated - - -
winbox -> routerboard -> settings δε δίνει CPU frequency ;
Ότι είπε ο Deni δεν το εμφανίζει.
Λοιπόν, ούτε στο CRS305 το εμφανίζει. Όχι ότι και γω θα το αλλάξω ποτέ σε κάποια συσκευή. Ενώ στο CRS125 το έχει. Και στα δύο με ROSv7.
RouterOS version 7.8 has been released in the "v7 stable" channel!
What's new in 7.8 (2023-Feb-24 11:03):
!) storage - added new "rose-storage" package support for extended disk management and monitoring functionality (ARM, ARM64, Tile and x86) (CLI only);
*) bgp - fixed setting of "default-prepend" parameter;
*) bridge - fixed adding disabled MSTI;
*) bridge - fixed DHCP packet flow when using DHCP snooping, HW offloading and "use-ip-firewall";
*) bridge - fixed possible DHCP packet corruption when using DHCP snooping;
*) bridge - fixed PVID warning typo;
*) bridge - improved HW offloading logic;
*) certificate - fixed export of a certificate when the last line of the certificate is exactly 64 bytes long;
*) certificate - fixed PBES2 certificate import;
*) certificate - improved certificate management, signing and storing processes;
*) certificate - improved multiple certificate import process;
*) conntrack - improved system stability when changing connection tracking state;
*) conntrack - improved system stability when PPTP helper is used;
*) console - added "as-string" parameter to the ":execute" command;
*) container - added authentication option for registry (CLI only);
*) container - fixed ".type" file ownership;
*) container - fixed file ownership after system upgrade for containers running on internal disk;
*) container - fixed multiple container automatic startup on boot;
*) dhcpv4-client - send DHCPv4 unicast requests to DHCPv4 relay, instead of server when it is being used;
*) disk - limit maximum TMPFS size;
*) dns - added configurable DoH concurrent query limitation parameters;
*) dns - do not cache results from ":resolve" command with specific server;
*) dns - fixed CNAME reading from the cache;
*) dns - limited "DoH max concurrent queries reached" logging messages to once per minute;
*) dns - respond with "NOERROR" to DNS requests for static domain names when appropriate type record is not configured or found on upstream server;
*) firewall - fixed bridge priority target;
*) firewall - fixed DSCP priority target for IPv6 Mangle;
*) firewall - fixed netmap range maximum address calculation for IPv6 NAT;
*) graphing - fixed hiding of target queues when "allow-target" is disabled;
*) graphing - fixed sorting of interface and queue graphs;
*) graphing - properly handle disabled and static-binding interface graphs;
*) graphing - removed "move" command for graphing rules;
*) health - fixed "temperature" and "power-consumption" readings for RB1100AHx4;
*) hotspot - fixed setting of "address" parameter for IP binding;
*) hotspot - restore cookie timeout on reboot;
*) ike2 - added support for "address", "key-id" and "dn" for Remote ID matching (CLI only);
*) ike2 - fixed active SA flush on responder after an unsuccessful peer connection attempt;
*) ipsec - added support for "Framed-Route" RADIUS attribute support;
*) ipsec - do not match incoming IKE requests by unresolved DNS name peers;
*) ipsec - fixed peer matcher for incoming connection with unresolved DNS;
*) ipv6 - added "pref64" option configuration for RA;
*) ipv6 - improved handling of "advertise" IPv6 address status changes;
*) ipv6 - limited "hop-limit" parameter value range to 255;
*) ipv6 - made distributed DNS lifetime RFC8106 compliant;
*) l3hw - added destination MAC address check for offloaded FastTrack connections;
*) led - fixed signal reading for KNOT device;
*) leds - always require to set interface name when setting "modem-signal" indication;
*) lte - added AT support for Telit LE910C4 in MBIM mode;
*) lte - fixed APN setting usage on initial connection attempt for AT based Quectel and Neoway modems;
*) lte - fixed automatic antenna selection on Chateau LTE12/LTE18;
*) lte - fixed dialing for Fibocom L850-GL module;
*) lte - fixed displaying of "subscriber-number";
*) lte - fixed possible memory leak when using passthrough mode on Chateau 5G;
*) lte - improved AT port matching for SIMCom, Huawei, WeLink, Cinterion, BandLuxe and Sierra modems;
*) lte - improved modem detection speed in lower mini-PCIe slot on LtAP;
*) lte - improved stability for R11e-LTE6, skip connection reset on first EEMGINFO command timeout;
*) lte - LtAP improved modem detection in lower mini-PCie slot ("/system routerboard upgrade" required);
*) lte - parse USSD even if encoding is unsupported;
*) mpls - fixed handling of more than 9 VRF's;
*) mpls - fixed LDP listen socket creation before IPv6 address is ready for use;
*) mpls - improved stability when neighboring router reboots;
*) ospf - fixed "ospf-type" parameter for OSPFv3 routes;
*) ospf - fixed simple auth for OSPFv3;
*) ovpn - added AES-GCM and multicore encryption support;
*) ovpn - improved server stability;
*) ovpn - improved TLS-related error logging;
*) pimsm - improved system stability;
*) poe - added LLDP power management support for 802.3at PSE;
*) poe - properly turn off power when link not detected on hAP ax2 and hAP ax3;
*) port - fixed modem channel number on KNOT;
*) pppoe - fixed PPPoE client scan showing only one server;
*) resource - show filesystem related statistics on CCR2004;
*) route - fixed IPv6 default route presence when received from RA;
*) route - fixed printing of routing table's "count-only" parameter;
*) route - show hoplimit and MTU properties under the "/routing route" menu for SLAAC routes;
*) routerboot - fixed format storage for RBM33G device ("/system routerboard upgrade" required);
*) routerboot - fixed protected routerboot for RBM33G device ("/system routerboard upgrade" required);
*) sfp - fixed false link detection with S+RJ10 on RB5009;
*) sfp - fixed reading of SFP EEPROM on single SFP port devices;
*) sfp - improved optical modules SFP compatibility on CCR2004-16G-2S+, CCR2004-1G-12S+2XS, CCR2116-12G-4S+ devices;
*) sms - improved reporting of SMS sending errors;
*) sms - log USSD response when USSD is sent over MBIM;
*) sniffer - added additional filtering parameters;
*) snmp - do not show identity in LLDP when branding is used with hide SNMP data;
*) snmp - fixed handling of disabled routes;
*) snmp - fixed reporting of total number of routes counter;
*) ssh - hard-coded "localhost" address for forwarding requests;
*) ssh - improved system stability when processing none-crypto SSH connection;
*) sstp - fixed TLS session establishment when "connect-to" is DNS name;
*) switch - fixed SFP rate select for CRS354 devices;
*) switch - improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) switch - improved system stability for 98DXxxxx switch chips;
*) swos - removed "/system swos" menu for CRS5xx series switches;
*) torch - allow "without-paging" parameter for Torch;
*) traffic-generator - increased maximum allowed stream count;
*) upgrade - show error message when license prohibits upgrade;
*) usb - changed USB auto detect behavior to default to the external USB, when no internal USB devices detected;
*) vxlan - added "dont-fragment" setting that allows managing fragmentation;
*) vxlan - added "max-fdb-size" parameter;
*) vxlan - added FastPath support;
*) webfig - allow setting numeric values in time interval fields;
*) webfig - fixed accessing of WebFig when "Interface" menu is disabled by skin;
*) webfig - fixed editing of multi-field parameters with "not" checkbox;
*) webfig - fixed handling of empty skin files;
*) webfig - improved navigation responsiveness;
*) webfig - improved skin file parsing;
*) webfig - improved terminal operation;
*) webfig - properly escape all reserved URI characters;
*) webfig - updated WebFig and graph web pages to HTML5;
*) wifiwave2 - added wireless sniffer tool to capture wireless transmissions (CLI only);
*) wifiwave2 - adjust monitoring of station interfaces to report when an interface is authorized, not just connected;
*) wifiwave2 - enabled additional channels in UNII-3 and UNII-4 bands for Europe and USA on hAP ax^2, hAP ax^3 and Chateau ax;
*) wifiwave2 - fixed compatibility with third-party devices when using SAE hash-to-element authentication with DH groups 20 and 21;
*) wifiwave2 - fixed SAE authentication for interfaces in station mode when trying to connect to APs which require an anti-clogging token (introduced in RouterOS 7.4);
*) wifiwave2 - implement 802.11w management protection SA Query procedures;
*) wifiwave2 - improve protections from denial-of-service attacks on WPA3;
*) winbox - added "Connect" button under "WifiWave2/Scan" menu;
*) winbox - added "Disable/Enable" buttons under "WifiWave2" menu;
*) winbox - added "Match Subdomain" parameter under "IP/DNS/Static" menu;
*) winbox - added "Provision" button under "WifiWave2" menu;
*) winbox - added "Start On Boot" checkbox under "Container" menu;
*) winbox - added "Tx Rate" and "Rx Rate" columns under "WifiWave2/Registration" menu;
*) winbox - added missing properties when setting "Use DoH Server";
*) winbox - added missing WifiWave2 related parameters under "WifiWave2" menu;
*) winbox - added support for manual RAM file system (TMPFS) creation under "System/Disk" menu;
*) winbox - added Type "https-get" parameter under "Tools/Netwatch" menu;
*) winbox - allow selecting bridge for static entries under "Bridge/MDB" menu;
*) winbox - fixed displaying of "Default Prepend" value under "Routing/BGP/Sessions" menu;
*) winbox - fixed displaying of "Tx/Rx CCQ" values under "Wireless/Registration" menu;
*) winbox - fixed displaying of flags under "System/Console" menu;
*) winbox - fixed displaying of multiple character flags;
*) winbox - fixed usage of IPv6 family addresses under "IP/Web Proxy/Access" menu;
*) winbox - hide "TTL" value for static DNS entries with FWD type;
*) winbox - hide unnecessary properties for virtual interfaces under "WifiWave2" menu;
*) winbox - improved mouseover hint for "local" policy under "System/Users/Groups" menu;
*) winbox - rename "Multicast Router" monitoring property to "Is Multicast Router" under "Bridge" menu;
*) winbox - show "Gateway" column by default under "IPv6/Routes" menu;
*) x86 - added support for TP-Link TG-3468;
*) x86 - fixed SR-IOV support for Intel X710 series NIC;
*) x86 - improved Intel 500 series 10G SFP module support;
*) x86 - improved stability for Intel X550 series NIC with SR-IOV;
*) zeroter - fixed routes after VRF change;
Τα εχουν κάνει μαντάρα διαβάζω...
κατα το γνωστο φτιάχνω 1 χαλαω 2
καλημερα, καλο μηνα! με τοσες πολλες αλλαγες σκιαχτηκα!
λεω να περιμενω να ωριμασει σαν το καλο bourbon whiskey....:lol:
κατα το γνωστο φτιάχνω 1 χαλαω 2
Κλασική περίπτωση των προγραμματιστών.
Μετά το 7, ποτέ δεν βάζω νέα "stable" πριν περάσουν καμιά 15αριά μέρες. Με έχει σώσει παραπάνω από μία φορά ;)
Πάντα περνάω "stable" εκδόσεις αμέσως. Ποτέ δεν είχα πρόβλημα.
Πάντα περνάω "stable" εκδόσεις αμέσως. Ποτέ δεν είχα πρόβλημα.
Σε ευχαριστούμε :p
Εγώ την έχω πάθει και έχω μάθει.
Περιμένω την long-term 7αρα να "ησυχάσω".
What's new in 7.9 (2023-May-02 08:35):
*) bgp - improved BGP VPN selection;
*) bridge - added warning log when "ageing-time" exceeds supported hardware limit for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) bridge - fixed FastPath when setting "use-ip-firewall-for-vlan" or "use-ip-firewall-for-pppoe" without enabled "use-ip-firewall";
*) certificate - fixed bogus log messages;
*) chr - fixed public SSH key pulling when running on AWS;
*) console - added "/task" submenu (CLI only);
*) console - added option to create new files using "/file add" command (CLI only);
*) console - improved stability when doing "/console inspect" in certain menus;
*) console - improved stability when editing long strings;
*) console - improved system stability;
*) console - removed bogus "reset" command from "/system resource usb" menu;
*) console - rename flag "seen reply" to "seen-reply" under "/ipv6 firewall connection" menu;
*) console - replaced "fingerprint" with "skid" in "/certificate print";
*) console - show Ethernet advertise, speed and duplex settings depending on configured auto-negotiation;
*) container - fixed invoking "container shell" more than once;
*) container - improved "container pull" to support OCI manifest format;
*) defconf - added CAPs mode script for wifiwave2 devices;
*) detnet - fixed interface state detection after reboot;
*) dhcp - changed the default lease time for newly created DHCP servers to 30 minutes;
*) dhcpv4-server - release lease if "check-status" reveals no conflict;
*) disk - improved system stability when removing USB while formatting;
*) ethernet - fixed half-duplex forced mode at 10Mbps and 100Mbps on ether1 for RB5009, Chateau 5G ax and hAP ax3 devices;
*) filesystem - fixed partition "copy-to" function;
*) firewall - added "connection-nat-state" to IPv6 mangle and filter rules;
*) health - added limited manual control over fans for CRS3xx, CRS5xx, CCR2xxx devices;
*) health - fixed bogus value reporting for CRS510 device;
*) ike2 - fixed minor logging typo;
*) ipsec - added error log message when peer ID does not match certificate;
*) ipsec - fixed packet processing by hardware encryption engine on RB850Gx2 device;
*) ipsec - refactor X.509 implementation;
*) ipv6 - added "valid" and "lifetime" parameters for SLAAC IPv6 addresses;
*) ipv6 - send out RA packet with "preferred-lifetime" set to "0" when IPv6 address is deactivated;
*) l3hw - improved route offloading for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) leds - disable LEDs after "/system shutdown";
*) lte - capped maximum lifetime of SLAAC address to 1 hour;
*) lte - fixed CA band clearing on RAT mode change;
*) lte - fixed duplicate IPv6 route for lte interface when "ipv6-interface" setting is used;
*) lte - fixed LTE interface not showing up when resetting RouterOS configuration;
*) lte - fixed passthrough mode when used together with another APN for Chateau 5G;
*) lte - fixed R11-LTE-US in LTE passthrough mode;
*) lte - fixed R11e-LTE-US reporting of RSSI in LTE mode;
*) lte - fixed re-attach in some cases where module would stay in not-running state after network detach;
*) lte - fixed second modem halt on dual R11e-LTE6 setup;
*) lte - improved system stability when changing LTE interface configuration during network scan with MBIM modems (introduced in v7.8);
*) mpls- fixed LDP "preferred-afi" parameter;
*) netinstall-cli - improved device reinstall on failed attempt;
*) netwatch - added "startup-delay" setting (CLI only);
*) netwatch - improved ICMP status evaluation when no reply was present;
*) netwatch - limit "start-delay" range;
*) ospf - fixed processing of fragmented LSAs;
*) ovpn - added support for OVPN server configuration export and client configuration import from .ovpn file;
*) ovpn - improved system stability for Tile devices;
*) quickset - fixed displaying of "SINR" when value is 0;
*) rose-storage - added option to nvme-discover with hostname (CLI only);
*) rose-storage - fixed crash on nvme-tcp disable;
*) rose-storage - fixed rsync transfer permissions;
*) rose-storage - various stability fixes;
*) route - fixed "dynamic-id" for VRF tables;
*) route - improved system stability when making routing decision;
*) route - show SLAAC routes under the "/routing route" menu;
*) route-filter - improved stability when matching blackhole routes;
*) routerboot - added "preboot-etherboot" and "preboot-etherboot-server" settings ("/system routerboard upgrade" required) (CLI only);
*) sfp - added log warning about failed auto-initialization on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp - allow modules that hold "TX_FAULT" high signal all the time on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp - allow modules with bad or no EEPROM in forced mode on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp - fixed "rate-select" functionality on CCR2004-16G-2S+ and CCR2004-1G-12S+2XS devices (introduced in v7.8);
*) sfp - fixed combo-ether link monitor for CRS328-4C-20S-4S+ switch;
*) sfp - improved module initialization and display more detailed initialization status on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp - improved SFP28 interface stability with some optical modules for CRS518 switch;
*) sfp - improved system stability with some SFP GPON modules on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) snmp - fixed SNMPv3 "Reportable" flag behavior;
*) snmp - improved outputting of routes;
*) socks - added VRF support;
*) ssh - added Ed25519 host key support;
*) ssh - added support for Ed25519 key export and import in PKCS8 format;
*) ssh - do not allow SHA1 usage with strong crypto enabled;
*) ssh - improved service responsiveness when changing SSH service settings;
*) ssh - improved SSH key import process;
*) storage - mount RAM drive for devices with 32MB flash;
*) supout - added DHCP server network section;
*) switch - fixed ACL rules matching IPv6 packets when using only IPv4 matchers;
*) switch - improved system stability during rapid MAC flapping for 98DXxxxx switches;
*) switch - improved system stability for 98DX8208, 98DX8216, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) timezone - updated timezone information from "tzdata2023c" release;
*) vrrp - added "self" value for "group-master" setting;
*) vxlan - added forwarding table;
*) vxlan - fixed packet drops when host moves between remote VTEPs;
*) webfig - added inline comments;
*) webfig - fixed "Destination" value under "MPLS/Forwarding-Table" menu;
*) webfig - fixed issue where "Certificate" value disappears under "IP/Services" menu;
*) webfig - fixed issue where entries might be missing under "IP/DHCP-Server" menu;
*) webfig - various stability fixes;
*) wifiwave2 - added "radio/reg-info" command to show regulatory requirements (currently implemented for 802.11ac interfaces) (CLI only);
*) wifiwave2 - added ability to configure antenna gain;
*) wifiwave2 - added ability to configure beacon interval and DTIM period;
*) wifiwave2 - added information on additional interface capabilities to radio parameters;
*) wifiwave2 - automatically add a VLAN-tagged interface to the appropriate bridge VLAN;
*) wifiwave2 - exit sniffer command and return error when trying to sniff on an unsupported channel;
*) wifiwave2 - fixed 802.11r roaming for clients that performed initial authentication with an AP which has been restarted since;
*) wifiwave2 - fixed issue of some supported channels not being listed in the radio parameters;
*) wifiwave2 - fixed issue which lead to VLAN-tagged wireless clients receiving tagged traffic from other VLANs;
*) wifiwave2 - fixed key handshake timeout for re-associating client devices on 802.11ac interfaces;
*) wifiwave2 - fixed VLAN tagging for unencrypted (open) APs;
*) wifiwave2 - improved general interface stability;
*) wifiwave2 - improved regulatory compliance for hAP ax^2, hAP ax^3 and Chateau ax;
*) wifiwave2 - improved WPS connection speed;
*) wifiwave2 - increased maximum value for "channel.frequency" to 7300;
*) wifiwave2 - show information on captured packets and added ability to save them locally in a pcap file;
*) winbox - added "MTU" and "Hoplimit" properties under "IPv6/Routes" menu;
*) winbox - added "Preferred AFI" property under "MPLS/LDP-Instance" menu;
*) winbox - added "S" flag under "IPv6/Firewall/Connections" menu;
*) winbox - added "Tx Power" property under "Wifiwave2/Status" menu;
*) winbox - added "Tx Queue Drops" property under interface settings "Traffic" tab;
*) winbox - added "Username" and "Password" properties under "Container/Config" menu;
*) winbox - added "Valid" and "Preferred" properties under "IPv6/Address" menu;
*) winbox - added missing properties for "Remote ID Type" under "IP/IPsec/Identities" menu;
*) winbox - changed route flag name from "invalid" to "inactive";
*) winbox - fixed "TLS" property under "Tools/Email" menu;
*) winbox - fixed "Type" property under "System/Disk" menu when "rose-storage" package is installed;
*) winbox - fixed changing slot name under "System/Disk" menu;
*) winbox - fixed default value for "Allow managed" property under "Zerotier" menu;
*) winbox - fixed duplicate "My ID" column under "IP/IPsec/Identities" menu;
*) winbox - fixed minor typo in "WifiWave2/Radios" menu;
*) winbox - fixed missing "Sector Writes" for certain devices under "System/Resources" menu (introduced in v7.8);
*) winbox - improved Ethernet advertise, speed and duplex settings;
*) winbox - only show permitted countries for wifiwave2 interfaces;
*) winbox - show missing "Designated Bridge" and "Designated Port Number" monitoring data under "Bridge/Port menu;
*) www - allow unsecure HTTP access to REST API;
*) x86 - fixed changing software-id (introduced in v7.7);
*) zerotier - upgraded to version 1.10.3;
Έχετε παρατηρήσει κάτι κάποιος με το πρόβλημα που έχει παρουσιαστεί στο 4011 μετά την αναβάθμιση στην 7.9;
RB4011iGS+5HacQ2HnD
After upgrade - lost packets (3%-7%).
After downgrade to 7.8 - the problem is gone
https://forum.mikrotik.com/viewtopic.php?t=195845#p999788
Δοκιμαστικά το πέρασα σε 2 cAP AC έτσι για πρώτη μυρουδιά, όλα καλά.
Έχετε παρατηρήσει κάτι κάποιος με το πρόβλημα που έχει παρουσιαστεί στο 4011 μετά την αναβάθμιση στην 7.9;
RB4011iGS+5HacQ2HnD
After upgrade - lost packets (3%-7%).
After downgrade to 7.8 - the problem is gone
https://forum.mikrotik.com/viewtopic.php?t=195845#p999788
Πολύ αόριστο.
Από που χάνονται τα πακέτα;
Σε smokeping που έχω στο εσωτερικό δίκτυο δεν έχω καθόλου χαμένα πακέτα προς τα έξω.
Πολύ αόριστο.
Από που χάνονται τα πακέτα;
Σε smokeping που έχω στο εσωτερικό δίκτυο δεν έχω καθόλου χαμένα πακέτα προς τα έξω.
Μου έδωσες ιδέα με το smokeping να το εγκαταστήσω στο docker και να το παρακολουθώ...:oneup:
xristostsilis
05-05-23, 11:20
στο chateau εντωμεταξυ εχουν λυσει και κατι προβληματα με τα 2 apn ταυτόχρονα μαλλον. ζαχαρωνω και εγω να την περασω αλλα θα περιμενω
στο chateau εντωμεταξυ εχουν λυσει και κατι προβληματα με τα 2 apn ταυτόχρονα μαλλον. ζαχαρωνω και εγω να την περασω αλλα θα περιμενω
lte - fixed passthrough mode when used together with another APN for Chateau 5G;
Αφορά το Chateau 5G που θα πιθανολογώ να είχε θέμα με το 2πλο APN μέσω passthrought.
Το αναφέρω γιατί έχω ήδη setup με 2πλο apn μέσω passthrought στο Chateau 4G εδώ και αρκετό καιρό χωρίς κανένα απολύτως πρόβλημα.
Προς ενημέρωση την έχω ήδη περάσει.
What's new in 7.9.1 (2023-May-19 15:11):
!) ipv6 - fixed DNS server processing by IPv6/ND services (CVE-2023-32154);
On 10/05/2023 (May 10th, 2023) MikroTik received information about a new vulnerability, which is assigned the ID CVE-2023-32154. The report stated, that Vendor (MikroTik) was contacted in December, but we did not find record of such communication. The original report also says, that vendor was informed in person in an event in Toronto, where MikroTik was not present in any capacity.
What this issue affects: The issue affects devices running MikroTik RouterOS versions v6.xx and v7.xx with enabled IPv6 advertisement functionality. You are only affected if one of the below settings is applied:
ipv6/settings/ set accept-router-advertisemnets=yes
or
ipv6/settings/set forward=no accept-router-advertisemnets=yes-if-forwarding-disabled
If the above settings are not set up like in the example, you are not affected. Note that the vulnerable setting combination is not normally found in routers and is rarely or never used.
What this issue can cause: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability.
Recommended course of action: You can disable IPv6 advertisements, or upgrade to RouterOS 7.10beta7, 7.9.1, 6.49.8 or newer versions. Some versions are not yet released, please monitor our download page for changes.
:oneup:
ουτε λεξη για το wifi προβλημα που υπαρχει...
Περαστικά μας.
What's new in 6.49.8 (2023-May-22 16:07):
!) ipv6 - fixed DNS server processing by IPv6/ND services (CVE-2023-32154);
*) console - updated copyright notice;
*) defconf - fixed invalid default password setting after configuration reset for 60GHz interface (introduced in v6.49.5);
*) firewall - fixed IRC NAT helper (CVE-2022-2663);
*) hotspot - improved stability when receiving bogus packets;
*) smb - fixed SMB2 file list reporting;
What's new in 6.48.7 (2023-May-23 08:27):
!) ipv6 - fixed DNS server processing by IPv6/ND services (CVE-2023-32154);
*) capsman - improved stability when running background scan on CAP;
*) console - updated copyright notice;
*) firewall - fixed IRC NAT helper (CVE-2022-2663);
*) hotspot - improved stability when receiving bogus packets;
*) smb - fixed SMB2 file list reporting;
*) snmp - fixed IPsec-SA byte and packet counter reporting;
Release 7.9.2 Stable
What's new in 7.9.2 (2023-May-30 16:49):
*) routerboard - improved RouterBOOT stability for Alpine CPUs ("/system routerboard upgrade" required);
*) sfp - improved SFP interface handling for RB4011 device;
Release 7.10 Stable
What's new in 7.10 (2023-Jun-15 08:17):
!) ipv6 - fixed DNS server processing by IPv6/ND services (CVE-2023-32154);
!) route - added BFD;
*) bgp - allow to filter BGP sessions by AFI;
*) bgp - changed default VPNv4 import distance to iBGP value (200);
*) bgp - do not check route distinguisher on import;
*) bgp - fixed "as-override" and rename to "output.as-override";
*) bgp - fixed "remove-private-as" and rename to "output.remove-private.as";
*) bgp - show address family in advertisements;
*) bgp - show approximate received prefix count by the session;
*) branding - fixed custom logo (introduced in v7.8);
*) bridge - fixed HW offloaded STP state on port disable;
*) bridge - fixed HW offloading for vlan-filtered bridge on devices with multiple switches (introduced in v7.8);
*) bridge - fixed incorrect host moving between ports with enabled FastPath;
*) certificate - fixed displaying of certificate serial number;
*) certificate - improved error reporting for Let's Encrypt certificate;
*) certificate - restore available "key-usage" property options;
*) conntrack - added read-only "active-ipv4" and "active-ipv6" fields to "/ip/firewall/connection/tracking" (CLI only);
*) console - added timeout error for configuration export;
*) console - changed time format according to ISO standard;
*) console - disable output when using "as-value" parameter;
*) console - fixed ":terminal inkey" input when resizing terminal;
*) console - fixed "print without-paging" output in some cases;
*) console - hide past commands with sensitive arguments;
*) console - improved stability when using command completion;
*) container - fixed "container pull" to support OCI manifest format;
*) container - fixed crash due to missing system directories;
*) container - improved default internal environment values;
*) defconf - allow to use device factory preset credentials in Flashfig and Netinstall configuration files;
*) defconf - fixed default configuration for RBSXTLTE3-7;
*) dhcp-server - fixed accounting on RADIUS interim update;
*) dhcpv4-server - added name for "IPv6-Only Preferred" option (108) in debug logs;
*) doh - less verbose logging;
*) firewall - added "endpoint-independent-nat" support;
*) firewall - added "nth" option for IPv6 firewall;
*) gps - expose GPS port for Quectel RM520N-GL;
*) ike2 - improved child SA delete request processing;
*) iot - added option to send Modbus function code commands directly from RouterOS (CLI only);
*) ipsec - added hardware acceleration support for IPQ-5010 (hAP ax lite);
*) ipsec - refactor public key authentication;
*) ipsec - removed "ec2n185" and "ec2n155" values from proposal configurations;
*) ipv6 - fixed IPv6 address removal;
*) l3hw - added "autorestart" option to L3HW settings;
*) l3hw - added advanced configuration options for fine-tuning the L3HW offload (l3hw-settings are cleared after upgrade or downgrade) (CLI only);
*) l3hw - added error message and reset "l3-hw-offloading=no" if L3HW driver fails to start;
*) l3hw - added monitoring options for L3HW utilization (CLI only);
*) l3hw - fixed /32 route deletion;
*) l3hw - fixed IPv6 ECMP route offloading;
*) l3hw - fixed offloading of /32 IPv4 and /128 IPv6 routes;
*) l3hw - fixed route table offloading during large volume of route updates;
*) l3hw - improved host and nexthop offloading;
*) l3hw - improved offloading of IPv6 hosts after L3HW driver restart;
*) l3hw - improved performance of partial offloading;
*) l3hw - improved route offloading after gateway change;
*) l3hw - improved system stability for partial routing table offload;
*) leds - fixed modem RAT mode indication on hAP ac^3 LTE6 WPS mode button LEDs;
*) lora - improved gateway card detection and upgrade logic;
*) lora - updated firmware version for LoRaWAN gateway (for R11e-LoRa8, R11e-LoRa9 cards);
*) lte - added serving cell query for MBIM modems with necessary MBIM extension;
*) lte - disable DHCP request filtering (UDP port 67) for Chateau 5G;
*) lte - fixed APN authentication for R11e-LTE6 modem;
*) lte - fixed Google Pixel 7 tethering support;
*) lte - improved MBIM modem firmware reported error handling when settings RAT modes;
*) lte - improved modem firmware upgrade stability for MBIM modems;
*) lte - improved stability for Chateau 5G LTE modem firmware upgrade;
*) lte - reduced SIM slot switchover time for MBIM modems with UUIC reset support;
*) lte - stop "cell-monitor" on LTE interface configuration change for MBIM modems;
*) mpls - added FastPath support;
*) netwatch - added warning about non-running probe due to "startup-delay" (CLI only);
*) ovpn - added initial support for V2 data transfer protocol;
*) ovpn - improved system stability;
*) poe - fixed bogous "poe-in-voltage" values when using DC jack for RB5009;
*) pppoe - fixed PPPoE client scan when server is sending PADO messages without Service-Name tag;
*) qos-hw - added QoS marking support for 98DXxxxx switches (CLI only);
*) qos-hw - renamed VLAN "priority" field to "pcp" to avoid confusion;
*) rose-storage - added support for multiple smb users and smb shares;
*) route - improved system stability when removing multicast forwarding entries;
*) routerboard - fixed memory test on CCR2116-12G-4S+ ("/system routerboard upgrade" required);
*) routerboard - improved RouterBOOT stability for Alpine CPUs ("/system routerboard upgrade" required);
*) routerboot - increased "preboot-etherboot" maximum value to 30 seconds ("/system routerboard upgrade" required);
*) scheduler - fixed incorrectly started scheduler during reboot or shutdown;
*) sfp - fixed "rate" monitor value for SFP interface on L009UiGS series devices;
*) sfp - fixed combo-ether link monitor for CRS328-4C-20S-4S+ switch;
*) sfp - fixed combo-sfp linking at 1G rate for CRS312 switch;
*) sfp - improved 10G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 based switches;
*) sfp - improved module compatibility with bad EEPROM data for RB4011, RB5009, CCR2xxx, CRS312 and CRS518 devices;
*) sfp - improved Q/SFP interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) sfp - improved SFP interface handling for RB4011, RB5009, CCR2xxx and CRS518 devices;
*) sfp - improved system stability with certain SFP modules for CCR2216 and CRS518 devices;
*) sfp - report EEPROM data even if "auto-init-failed" has occurred;
*) smb - improved SMB v1 operation;
*) sniffer - fixed large .pcap file limit;
*) snmp - added "engine-id-suffix" setting and display actual "engine-id" as read-only property;
*) snmp - added BGP peer table support IPv4 only (1.3.6.1.2.1.15.3.1);
*) snmp - added new "mtxrInterfaceStatsTxRx1024ToMax" OID to MIKROTIK-MIB;
*) ssh - added inline key "passphrase" property;
*) ssh - fixed RouterOS SSH client login when using a key (introduced in v7.9);
*) switch - added more precise "storm-rate" configuration options for 98DXxxxx switches (CLI only);
*) switch - fixed storm rate on 10G links for 98DX8208, 98DX8216, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255 switches;
*) system - improved watchdog reporting in log after reboots for several ARM and ARM64 devices;
*) system - reduced RAM usage for SMIPS devices;
*) tile - fixed support for microSD card;
*) tr069 - added 5G SCC "SNR" parameter for modems that report it;
*) upgrade - do not run manual upgrade if some packages are missing;
*) ups - fixed updating of "battery-voltage" property;
*) vrrp - added warning if "sync-connection-tracking=yes" while the global connection tracking is inactive;
*) vrrp - added warning if the VRRP group is misconfigured;
*) vrrp - added warning if VRRP or its interface does not have an IP address;
*) vrrp - do not start connection synchronization if the global connection tracking is inactive;
*) vrrp - fixed issue where disabled VRRP interface is affecting group;
*) vrrp - fixed VRRP interface state on physical cable disconnection;
*) vrrp - improved system stability on changing "group-authority" or "sync-connection-tracking";
*) vrrp - renamed "group-master" to "group-authority" to avoid confusion with VRRP master;
*) vrrp - send VRRP announcements only by "group-authority";
*) w60g - improved interface stability for PTMP setups;
*) webfig - added high-resolution favicon;
*) webfig - allow limitless upper bounds for number range;
*) webfig - allow to set "0" second time for fields with default values;
*) webfig - changed time format according to ISO standard;
*) webfig - display date and time in local time zone;
*) webfig - fixed missing "WifiWave2" menu;
*) webfig - fixed missing property names in "WifiWave2" menu;
*) webfig - redesigned item configuration display;
*) webfig - redesigned top menu bar;
*) webfig - removed "Tools/Telnet" menu;
*) webfig - removed auto-login with default credentials (admin without a password);
*) wifiwave2 - avoid transmitting extra bytes at the end of the packet after stripping a VLAN tag;
*) wifiwave2 - do not show placeholder transmit power values on interface startup;
*) wifiwave2 - fixed CAP connection when provisioning "manager=capsman";
*) wifiwave2 - fixed CAP interface name when using "name-format";
*) wifiwave2 - fixed connectivity issues wheen access-list is used;
*) wifiwave2 - fixed DFS channel availability warning (introduced in v7.9);
*) wifiwave2 - fixed dynamic interface adding to bridge on CAP device;
*) wifiwave2 - fixed inability to disable CAPsMAN when there are RADIUS-authenticated clients connected;
*) wifiwave2 - fixed incorrect limits on number of interfaces in station mode;
*) wifiwave2 - fixed interface name change when restoring backup;
*) wifiwave2 - fixed key handshake timeout with re-associating clients;
*) wifiwave2 - fixed OWE authentication compatibility with 802.11ax client devices;
*) wifiwave2 - fixed OWE authentication compatibility with third-party client devices (introduced in v7.8);
*) wifiwave2 - fixed wireless throughput issues after 802.11r client roaming events on 802.11ac devices;
*) wifiwave2 - improve protections against DoS attacks on WPA3-PSK;
*) wifiwave2 - improved logging when an interface is unable to assign a VLAN tag to client;
*) wifiwave2 - improved system stability when trying to exceed virtual AP limit;
*) wifiwave2 - less verbose logging when WPA3-PSK clients are connecting;
*) wifiwave2 - other system stability improvements;
*) wifiwave2 - restore interface running state when connection to CAPsMAN is lost;
*) winbox - added "MPLS/Settings" menu;
*) winbox - added "Queues" configuration tab when creating new entries under "IPv6/DHCP-Server" menu;
*) winbox - rename "URL" property to "Action data" under "IP/Web-Proxy/Access" menu;
*) wireguard - fixed IPv6 traffic processing with multiple peers;
*) wireguard - retry "endpoint-address" DNS query on failed resolve;
*) x86 - ice driver update to v1.11.14;
*) zerotier - make "identity" setting sensitive;
Διαβαζω πολλα προβληματα στο φορουμ της Μικροτικ.
Θα προτεινα να περιμενετε και να μην πατε στην 7.10 stable.
Το ξερω οτι μερικοι απο μας δεν κρατιουνται και με το που βλεπουν stable την κανουν αμεσα.
Φρονώ οτι καλο ειναι να περασει και η επομενη βδομαδα για να εχουμε ολοκληρωμενη αποψη.
Πιστευω οτι οπως εγω αλλα και οσοι δοκιμασαν και εχουν καλη ή κακη εμπειρία να γραψουν τις εντυπωσεις τους.
Για παραδειγμα σημερα το failover δεν μου επαιζε σε ac3 (Lte στην eth1 και speedport οτε στην eth2)
Κατι που το εχω και παιζει σε απειρα σεταπ με την 7.7 version.
Οπως κι εγινε με το που εκανα downgrade
Τι να πω περα απ το ο θεος βοηθός....:)
Πρόβλημα στο openvpn το οποίο δεν έλυσαν από τις rc και το πέρασαν στις stable.
Άλλαξαν και εμφανίσεις date/time στην κονσόλα και ψαχνόμουν με τα script.
Για το πρώτο... πέρασα σε wireguard και αν αποδειχθεί σταθερό τώρα το καλοκαίρι θα το ξηλώσω το openvpn.
Για το δεύτερο... τροποποίησα τα script με τις νέες μορφές και όλα καλά.
Εκτος του ovpn και αλλαγη του iso time με αποτελεσμα να χτυπανε τα script οπως ανεφερες και τα παρακατω εχουν θεματα
wifi wave2, ipsec, containers, ssh clients, recursive failover κλπ
- - - Updated - - -
πέρασα σε wireguard
Χαίρομαι που ηρθες στο σωστο δρόμο...:oneup:
Θα χαρεις ταχύτητα ασφάλεια σταθερότητα με ενα συγχρονο vpn που δειχνει να παιζει καλα στο Mikrotik.
Μη ξεχασεις να ριξεις μια ματια στα σκριπτακια ενημερωσης του endpoint που εχουμε βαλει στο νημα με τα scripts.
Εκτος του ovpn και αλλαγη του iso time με αποτελεσμα να χτυπανε τα script οπως ανεφερες και τα παρακατω εχουν θεματα
wifi wave2, ipsec, containers, ssh clients, recursive failover κλπ
Πιθανόν.
Απλά δεν τα χρησιμοποιώ και δεν το παρατήρησα.
Θα χαρεις ταχύτητα ασφάλεια σταθερότητα με ενα συγχρονο vpn που δειχνει να παιζει καλα στο Mikrotik.
Κυρίως με ενδιαφέρει η σταθερότητα.
Το openvpn ήταν βράχος.
- - - Updated - - -
Μη ξεχασεις να ριξεις μια ματια στα σκριπτακια ενημερωσης του endpoint που εχουμε βαλει στο νημα με τα scripts.
Αφορούν την δήλωση endpoint.
Δεν δηλώνω κάτι εκεί.
Για το πρώτο... πέρασα σε wireguard και αν αποδειχθεί σταθερό τώρα το καλοκαίρι θα το ξηλώσω το openvpn.
Καλημέρα έκανες πάρα πολύ καλά.
Θα συγκρίνεις και θα το καταλάβεις.
Θα προτεινα να περιμενετε και να μην πατε στην 7.10 stable.
Θα συμφωνήσω. Τώρα τελευταία περιμένω και εγώ αρκετά μέχρι διαπιστώσω ότι όλα είναι καλά.
Κυρίως με ενδιαφέρει η σταθερότητα.
Το openvpn ήταν βράχος.
Σε μενα ποτε δεν επαιξε οπως θα το ηθελα.
Δηλαδη να εχω το μαξ ταχυτητας με τους clients.
Ασε το udp που ποτε δεν μου εκατσε καλα.
Με το WG εχω το 95% της ταχυτητας upload της γραμμης μου διαθεσιμο προς τα peers.
Αφορούν την δήλωση endpoint.
Αν βαλεις εκτος του 4011 που εχεις κι αλλο Μικροτικ στο παιχνιδι τοτε θα πρεπει σε εκεινο το Μικροτικ να βαλεις σκριπτακι.
Αν οι συσκευες που συνδεονται ειναι ανοιξε κλεισε περιστασιακα δεν χρειαζεται να κανεις κατι στο 4011.
Αν βαλεις εκτος του 4011 που εχεις κι αλλο Μικροτικ στο παιχνιδι τοτε θα πρεπει σε εκεινο το Μικροτικ να βαλεις σκριπτακι.
Αν οι συσκευες που συνδεονται ειναι ανοιξε κλεισε περιστασιακα δεν χρειαζεται να κανεις κατι στο 4011.
Άλλη μια παρατήρηση.
Το conf που έχω αφορά client-to-site.
Η δήλωση endpoint είναι χρήσιμη σε συνδέσεις site-to-site.
Στο αντίστοιχο θέμα για το wireguard γίνεται σύγχιση σχετικά με την δήλωση του cloud service
όπου ο ένας μιλάει για script που παίρνει ανανεώνει την IP του cloud της απέναντι πλευράς (Β)
ενώ ο άλλος μιλάει, εσφαλμένα, για την ΙΡ του cloud του ΜΤ της πλευράς (Α).
Στο αντίστοιχο θέμα για το wireguard γίνεται σύγχιση σχετικά με την δήλωση του cloud service
Οπως και να εχει ομως το Wireguard ειπαμε οτι εχει γνωστο bug.
Αυτο αν χρειαστει το λυνουμε με το σκριπτ οπως σωστα καταλαβες.
Στην 7.10 βεβαια διαβασα οτι το εφτιαξαν με μηχανισμο μεσα απ το Μικροτικ αλλα οι χρηστες
και παλι λενε οτι χρειαζεται σκριπτ.
λενε οτι χρειαζεται σκριπτ
Στην 7.11 beta 2
wireguard - fixed peer connection using DNS name on IP change;
οποτε αναμενουμε την stable
Στην 7.11 beta 2
wireguard - fixed peer connection using DNS name on IP change;
οποτε αναμενουμε την stable
Ήταν δίκαιο και έγινε πράξη :p
What's new in 7.10.1 (2023-Jun-27 12:03):
*) ovpn - fixed OVPN server peer-id negotiation;
*) webfig - use router time zone for date and time;
*) ovpn - fixed OVPN server peer-id negotiation;
Άργησε.
Πλέον είμαι με wireguard και αν βγάλει το καλοκαίρι δεν γυρίζω ξανά σε openvpn.
Ίσως το κρατήσω για backup και δεν το ξηλώσω τελείως.
What's new in 7.10.1 (2023-Jun-27 12:03):
*) ovpn - fixed OVPN server peer-id negotiation;
*) webfig - use router time zone for date and time;
ακομα να φτιαξουν ομως τα αλλα μειονεκτηματα του ovpn σε σχεση με το κανονικο openvpn! και ειναι λειψο!
εχω βαλει wireguard καιρο τωρα το εχω για backup λογους με gateway distances...
@ ADSLgr.com All rights reserved.