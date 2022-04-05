MikroTik heeft versie 7.2 van RouterOS uitgebracht, een besturingssysteem dat zich richt op het uitvoeren van routertaken. Denk daarbij natuurlijk aan het routeren van netwerkverkeer, maar ook aan bandbreedtemanagement, een firewall, het aansturen van draadloze accesspoints, een hotspotgateway en een vpn-server. Het kan zowel op de hardware van MikroTik als op x86- of virtuele machines zijn werk doen. Voor het gebruik is een licentie nodig, die bij de aankoop van MikroTik-hardware is inbegrepen. Versie 7.2 moet diverse problemen verhelpen in de begin december verschenen grote update versie 7.1.

What's new in 7.2: api - accept "Content-Type" with specified charset

arm - fixed "auto" CPU frequency setting

arm - fixed "shutdown" command on hAP ac^2

arm64 - improved Watchdog initiated reboot reason reporting

arm64 - improved low disk space handling condition on upgrade

backup - added "force-v6-to-v7-configuration-upgrade" option on backup load to clear RouterOS v7 configuration and trigger reimport of RouterOS v6 route configuration (CLI only)

backup - fixed automatic backup generation when resetting configuration

backup - fixed cloud backup's creation timezone

bgp - added BGP advertisements display (requires output.keep-sent-attributes to be set)

bgp - do not export default BGP values

bgp - fixed VPNv4 route sending to remote peer

bgp - fixed link-local iBGP address selection

bgp - fixed network advertisement from address-lists after reboot

bgp - fixed routing table and BGP configuration order in export

bgp - improvements on detecting peers local address when IPv6 link-local addresses are used

bluetooth - allow to export device, advertiser and scanner configuration

bluetooth - disable scanning by default

bridge - added fast-path and inter-VLAN routing FastTrack support when vlan-filtering is enabled

bridge - fixed FastPath when using "frame-types=admit-only-untagged-and-priority-tagged" setting

bridge - fixed PPPoE packet forwarding when using "use-ip-firewall-for-pppoe" setting

bridge - fixed bridge filter and NAT rules on ARM64 and TILE devices

bridge - fixed destination NAT when using "use-ip-firewall" setting

bridge - fixed filter and NAT "set-priority" action

bridge - fixed filter and NAT "set-priority" on ARM64 devices

bridge - fixed filter rules when using interface lists

bridge - fixed firewall "ingress-priority" matcher and "new-priority=from-ingress" action settings from VLAN tagged frames

bridge - fixed priority tagged frame forwarding when using "frame-types=admit-only-untagged-and-priority-tagged" setting

capsman - improved stability when running background scan on CAP

capsman - improved system stability when processing CAP packet by Mangle

ccr2004 - improved PCI timeout handling on CCR2004-1G-2XS-PCIe

ccr2004 - improved system stability on CCR2004-12S+2XS

certificate - allow to choose digest algorithm for CSR signing

certificate - made "fingerprint" parameter read-only

chr - improved system stability when writing into memory

chr - temporarily suspended downgrade to RouterOS v6

clock - properly notify all instances about time changes

conntrack - properly detect helper status

console - fixed "print" command with additional "where" condition

console - improved console responsiveness when processing received characters

console - made "password" parameter mandatory when creating a new user

console - properly erase CLI history after configuration reset

console - updated copyright notice

crs1xx/2xx - fixed static switch host addresses after link down

crs1xx/2xx - ignore static bridge host addresses (switch unicast-fdb should be used instead)

crs3xx - fixed CPU load balancing for ARM dual core devices

crs3xx - fixed QSFP+ interface LEDs

crs3xx - fixed watchdog timer functionality

crs3xx - improved SFP+ interface linking after reboot for CRS312 device

crs3xx - improved maximum allowed ACL rule calculation

crs3xx - improved system stability when creating many ACL rules on CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices

defconf - made "192.168.188.1/24" the default LAN IP address for LTE CPE devices

dhcp-server - fixed DHCP Option decimal value parsing

dhcp-server - fixed statistics sending in "Accounting Stop" packets

dhcp-server - send "Class" attribute in "Accounting Request" when provided by RADIUS

dhcpv4-server - allow adding comments

dhcpv4-server - remove dynamic leases when server configuration is removed

dhcpv4-server - reset dynamic "bcast" flag when receiving offer from DHCP relay

dhcpv4-server - reset offer counter when receiving offer from DHCP relay

dhcpv6 - added VRF support

dot1x - added "server-fail-vlan-id", "guest-vlan-id" and "reauth-timeout" settings for dot1x server

dot1x - added "src-address", "src-mac-address" and "src-port" settings for dynamic switch rules

dot1x - added NAS-Port-ID attribute for RADIUS Access-Request

dude - fixed The Dude client compatibility with RouterOS v7

dude - fixed The Dude compatibility with ARM64

ethernet - improved system stability when receiving large packets on devices with 88F3720 CPU (nRAY, LHGG)

firewall - improved available port lookup for source NAT when free port range is exhausted

graphing - properly generate interface graph for traffic higher than 2.1Gbps

hotspot - fixed login page over HTTPS

hotspot - fixed memory leak on every web page loading

hotspot - fixed web page loading using HTTPS

ike2 - ignore "INITIAL-CONTACT" payload on responder when "send-initial-contact" is disabled

interface - fixed minor memory leak when interface or connected route is changed

ipsec - added hardware acceleration support for CCR2116

ipsec - fixed "identities" menu emptying after RouterOS upgrade/reboot

ipv6 - do not add duplicate dynamic prefix when static already exists

ipv6 - fixed "retransmissit-interval" unit value

ipv6 - fixed VLAN tagged PPPoE packet receiving on RB5009

l2tp - fixed CHAP challenge packet processing over IPsec

l2tp - improved service stability when disabling L2TP server with connected clients

l2tp - improved system stability when processing L2TP control messages

l3hw - added HW offloaded FastTrack support for inter-VLAN routing

l3hw - fixed HW offloaded NAT

l3hw - fixed HW offloaded routing when using 7 or more VLAN interfaces

l3hw - fixed ICMP message when routed packet exceeds MTU and DF flag is set

l3hw - fixed bonding source MAC address

l3hw - fixed default route offloading for CRS305, CRS326-24G-2S+, CRS328, netPower, netFiber devices

l3hw - improved routing table offloading for CRS305, CRS326-24G-2S+, CRS328, netPower, netFiber devices

l3hw - improved system stability when using 7 or more VLAN interfaces

led - fixed LED behavior on Audience

led - reduced LTE signal LED range to -70

leds - fixed user LED on RB750Gr3

log - added warning message when connection tracking table is full

log - include message also in e-mail body

lora - fixed "antenna-gain" parameter unit

lte - add IPv6 address on interface as well

lte - added 3 APN profile support and APN name re-using on R11e-LTE6

lte - added MAC address and IPv6 LL address persistence after reboot on EG12 and EG18 modems

lte - added basic information support for Telit LM960 and LM940 in MBIM mode

lte - added class based support for configless RNDIS LTE modems

lte - added support for Uplink CA reporting

lte - changed "CS/PS" registration type from "both" to "any" on R11e-LTE un R11e-LTE6

lte - do not loose "band" configuration after reboot on Chateau 5G

lte - do not show external antenna selector on devices that does not support it

lte - enabled multi-APN and name re-use support for Chateau

lte - expose diagnostics channel for all modems

lte - fixed "monitor" command to not report old info

lte - fixed AT command response handling on R11e-LTE

lte - fixed IPv6 address addition after startup on R11e-LTE6

lte - fixed MBIM modem reset on AT timeout

lte - fixed link flapping when loosing cellular signal on R11e-LTE un R11e-LTE6

lte - fixed packet forwarding on R11e-4G and R11e-LTE-US

lte - fixed possible timeouts when sending SMS in LTE only mode on R11e-LTE

lte - fixed support for Sierra MC7710

lte - fixed support for Telit 960

lte - improved stability on "+EGMR" response in MBIM mode

lte - improved stability when modem disappears during firmware upgrade

lte - improved support for sending/receiving SMS in LTE only mode on R11e-LTE6

lte - made "no" the default value for "use-network-apn" parameter

lte - properly recognize MBIM modem in USB port as LTE on Chateau 5G

ntp - allow adding duplicate server address if dynamic entry exists

ntp - fixed multicast mode support

ntp - improved IPv6 address support

ntp - improved service stability when none of the NTP servers are reachable for a while

ntp - improved source address usage for reply packets

ntp - print log change time with time-zone applied

ospf - added "ptmp-broadcast" interface type (compatible with RouterOSv6 PTMP type)

ospf - convert ospf "static" redistribute to "static,dhcp,modem,vpn" after update from RouterOS v6

ospf - fixed MD5 authentication

ospf - fixed NBMA hello's not being sent if priority is set to 0

ospf - fixed default route origination when "default-originate=if-installed" "redistribute" is enabled

ospf - fixed default type-3 LSA's not being injected to stub area

ospf - fixed distance if "originate-default" is set to "always"

ospf - fixed external LSA not updating after prefix netmask change

ospf - fixed incorrect LSA types when changing area types

ospf - fixed neighbor election failure

ospf - fixed neighbor stuck in ExStart

ospf - fixed simple authentication

ospf - general stability improvements

ospf - improved DB retransmit logging

ospf - improved logging

ospf - improved overall stability

ospf - improved stability for very large LSDB

ospf - improved stability on OSPFv3 instance disabling

ospf - improved stability when DR goes down

ospf - improves stability when handling looped back OSPF packets

ospf - properly set VRF for gateway

ospf - send notifies for neighbors

ovpn - added SHA2 authentication algorithm support

ovpn - added hardware acceleration support for IPQ4018/IPQ4019 and AL* series chipsets

ovpn - added option to send disconnect message in UDP mode

ovpn - fixed large option message parsing

ovpn - improved UDP session handling

ovpn - improved memory allocation on Tile in "ethernet" mode

ovpn - improved system stability in high load scenarios

pimsm - fixed menu prints

pimsm - general stability improvements

poe - fixed PoE driver loading on CRS354-48P-4S+2Q+

poe - update PoE firmware only on devices that support it

ppp - added "comment" option for PPPoE servers

ppp - fixed AT+CPIN chat when SIM PIN is specified

ppp - improved stability when handling large amount of connections simultaneously

ppp - show local and remote IPv6 addresses (CLI only)

pppoe - added option to configure "host-uniq" parameter

pppoe - added option to ignore PADI messages with empty service name

pppoe - use default MTU of 1492

pptp - added insecure connection warning

pptp - show insecure connection warning on dynamic interfaces

qsfp - correctly display auto-negotiation status

queue - fixed queued IPv6 traffic considered as "invalid" by Firewall

queue - improved system stability when processing traffic

queue - improved system stability when using more than 255 unique packet marks

rb4011 - fixed jumbo frame processing on SFP+ port when using 1G module

rip - added logging

rip - fixed route metrics

rip - fixed route redistribution

rip - use nexthop with interface

route - allow OSPF and RIP redistributed routes to be matched by routing filters

route - fixed "min-prefix" configuration when set to 0

route - fixed "suppress-hw-offload" update

route - fixed "table" menu emptying after RouterOS upgrade

route - fixed BGP atomic aggregate value

route - fixed ECMP load balancing in FastPath

route - fixed ECMP route removal

route - fixed route addition to VRF from BGP

route - fixed router's LSA for PTP networks

route - fixed routing configuration export on SMIPS devices

route - general stability improvements

route - improved routing table print speed

route - show OSPF and RIP specific attributes in "/routing route" table

route-filter - fixed "return" action

route-filter - fixed complex matchers with "|| or and &&"

route-filter - fixed incorrect invert-match configuration upgrade from RouterOS v6

route-filter - fixed range conversion after update from RouterOS v6

route-filters - allow to filter and modify default route if "originate-default" is set to "always"

route-filters - fixed possible address list race condition and memory leak

route-filters - renamed "*-set" to "*-list"

routerboard - fixed "ether2" interface presence on some RBwAPGR devices

routerboard - fixed WPS button functionality on Audience

routing - added PCAP viewer tool for BGP advertisements debugging purposes

routing-filter - fixed "bgp-*-communities-empty" matcher

rpki - made RPKI verify non-strict, introduces new state "unverified"

rpki - show expire timer

sfp - improved SFP module detection on CRS106 and CRS112

smb - fixed SMB2.0 disk size reporting

smips - improved RAM allocation

sms - increased "at-chat" timeout when sending SMS

snmp - added SFP vendor name to optical table

snmp - added support for "ipv6AddrPrefixTable" and "ipv6RouteNumber" OID's

snmp - allow two level nesting for vlan, bonding speed query

socks - fixed SOCKS5 support

ssh - fixed forwarding with IPv6 link-local addresses

ssl - fixed CA certificate processing when "subjAltName" is marked as critical

supout - added "port-controller" bridge section

switch - added "rx-overflow" counter for 88E6393X (RB5009) and 88E6191X (CCR2004-16G-2S+) switch chips

switch - fixed port-isolation misconfiguration detection when using multiple switches

switch - improved packet forwarding with enabled "cpu-flow-control" setting between different rate interfaces for 88E6393X (RB5009) and 88E6191X (CCR2004-16G-2S+) switch chips

switch - improved switch chip initialization process on bootup for CCR2004-16g-2s+ devices

switch - properly limit maximum number of switch rules to 256 on RB5009

system - fixed license loss on some RB1100Dx4 and RB4011 devices

tr069-client - accept 200-299 codes for HTTP diagnostics

tr069-client - added support for 5G band configuration

tr069-client - added support for wireless "skip-DFS" configuration

tr069-client - added support for wireless client uptime reporting

tr069-client - fixed RPC download of "3 Vendor Configuration File" with branding package

traffic-flow - do not handle NAT events when "nat-events" is disabled

traffic-generator - fixed transmit speed for multiple asymmetric streams

upgrade - improved 404 error handling when checking for new versions

upgrade - improved downgrade prompt message

ups - fixed UPS support

usb - fixed display of incorrect port count for USB serial ports

user - removed obsolete "tikapp" policy

user - send "Class" attribute in "Accounting Request" when provided by RADIUS

vlan - fixed improper VLAN priority addition for routed packets

vxlan - allow unsetting "group" and "interface" properties

vxlan - fixed running state after reboot when using "interface" and "group" settings

webfig - do not show side menu if WebFig is disabled by skin

webfig - fixed default configuration popup presence

webfig - fixed user policy lookup for skin designer

wifiwave2 - added "client-isolation" feature

wifiwave2 - added support for handling disconnect request messages from RADIUS servers

wifiwave2 - fixed calling "scan" and "frequency-scan" commands through the API

winbox - added "Disconnect Notify" checkbox to "Interface/OVPN Client" menu

winbox - added "Freq. Usage" and "Scan" buttons for WifiWave2 interfaces

winbox - added "Ignore Missing" selector to "System/Packages" menu

winbox - added "Mode" parameter under "Wireless" menu with WifiWave2 package

winbox - added "Routing Table" parameter for IPv6 routes

winbox - added "TLS Version" parameter for "Interface/OVPN"

winbox - added "VPN" tab to "Routing/BGP" menu

winbox - added "VRF" parameter for "SSH" and "Telnet" menus

winbox - added "VRF" parameter to "IP/Services" menu

winbox - added "comment" parameter to "User Manager/Users" menu

winbox - added "host-uniq" parameter to PPPoE client interface

winbox - added MLAG support

winbox - added SHA256 and SHA512 "Auth" values for OVPN menu's

winbox - added ZeroTier support

winbox - added explicit "Upload" and "Download" names for "Bucket Size" parameters under "Queues" menu

winbox - added interface list support for "IP/Traffic Flow" menu

winbox - added local/remote CPU load parameters for "Bandwidth Test"

winbox - added missing "3GGP RAW" parameter under "Interface/Wireless/Interworking Profile" menu

winbox - added missing "accounting", "interim-update" and "radius-password" parameters under "IP/DHCP Server" menu

winbox - added support for "Tool/Speedtest" menu

winbox - added support for W60G align tool

winbox - allow adding more than 100 tagged/untagged interfaces under "Bridge/VLAN" menu

winbox - allow configuring "VTEP" under "Interface/VXLAN" menu

winbox - allow setting "Interface" parameter for 100G LED types

winbox - changed "Accept Redirects" parameter type under "IPv6/Settings" menu

winbox - do not require "name" and "file name" parameters for certificate import/export

winbox - do not show "Antenna Scan" button on devices that do not support it

winbox - do not show connection tracking table if it has more than 10000 entries

winbox - fixed "00:00:00" time printing

winbox - fixed "Switch" menu on Chateau devices

winbox - fixed "action" field in "IP/Web Proxy/Access" menu

winbox - fixed "expires-after" certificate parameter value

winbox - fixed CHR License renewing process

winbox - fixed address list type parameters in "Routing" menu

winbox - fixed content filtering in "Tools/Packet Sniffer/Packets" menu

winbox - fixed entry order in "Tools/Packet Sniffer/Packets" menu

winbox - fixed error message when adding NTH rule with "0" value

winbox - fixed minor typo under "LTE" interface menu

winbox - fixed switch related settings for MT7621 switch chip (hEX, hEX S, RBM33G, RBM11G, LtAP)

winbox - made "9" the default value for "Target" parameter under "IP/Traffic Flow" menu

winbox - made "Routing Filters/Rules" table sortable

winbox - made OSPF interface type names consistent between CLI and GUI

winbox - moved "IP/Route/Nexthops" and "IPv6/Route/Nexthops" menus to "Routing/Nexthops"

winbox - moved IPv4 and IPv6 "Rules" menus under "Routing" menu

winbox - properly limit "Disconnect Timeout" value under "CAPsMAN/Configuration" menu

winbox - properly save "IPv6/Settings" menu in session file

winbox - properly show "v" flag instead of "y" under "IP/Route" menu

winbox - properly update ethernet auto negotiation status on CHR

winbox - properly update server list under "System/NTP Client/Servers" menu

winbox - renamed "Keep user configuration" to "Keep users" under "System/Reset Configuration" menu

winbox - renamed "MBPS" to "Mbps" value unit name in "Tools/Traffic Generator" menu

winbox - renamed "Revoked" parameter to "Revoked Time" under "System/Certificates" menu

winbox - report local terminal session as "local" instead of "telnet"

winbox - require existing pool for "Address Pool" parameter under "IPv6/DHCP Server" menu

winbox - require non empty "Packet Mark" value under "Queues" menu

winbox - show "H" flag for offloaded connections in "IP/Firewall/Connections" menu

winbox - show "Lost Ratio" column by default under "Tools/Traffic Generator" menu

winbox - show "Routes" column by default under "PPP/Secrets" menu

winbox - show "System/Health/Settings" only on boards that have configurable values

winbox - show "System/SwOS" menu only on boards that have dual boot

winbox - show additional columns by default for "Wireless" menu with WifiWave2 package

winbox - sort "Address List" parameter values alphabetically in "IP/DHCP Server/Leases" menu

winbox - updated default "Routing/BGP/Peer Cache" table appearance

winbox - use "total" as default value for "Tools/Profile"

wireguard - allow same peer's public key for different interfaces

wireguard - fixed IPv6 LL address generation

wireguard - fixed IPv6 traffic processing with multiple peers

wireguard - made "preshared-key" and "private-key" values sensitive

wireless - added "3gpp-info" parameter to interworking configuration

wireless - added EAP-AKA to interworking's realm configuration

wireless - added information about client signal strength to log messages about disconnections

wireless - correctly preserve WMM priority when receiving packets

wireless - fixed frequency range information for IPQ4019 interfaces

wireless - fixed interface initialization on Metal 2SHPn

wireless - improved nv2 link stability

wireless - improved wireless connection stability during background scans

www - fixed "tls-version" for SSL

x86 - added support for Intel E810 NIC

x86 - allow to select disk for install image

x86 - fixed NVME partition path

x86 - fixed VLAN tagged packet transmit

x86 - made "no" the default value for "disable-running-check" ethernet parameter

x86 - properly distinguish multiple NICs that share the same PCI bus number

zerotier - fixed IPv6 support

zerotier - made MAC and MTU values read-only

zerotier - properly handle IP address change