Software-update: RouterOS 7.4

MikroTik heeft versie 7.4 van RouterOS uitgebracht. RouterOS is een besturingssysteem dat zich richt op het uitvoeren van routertaken. Denk daarbij natuurlijk aan het routeren van netwerkverkeer, maar ook aan bandbreedtemanagement, een firewall, het aansturen van draadloze accesspoints, een hotspotgateway en een vpn-server. Het kan zowel op de hardware van MikroTik als op x86- of virtuele machines zijn werk doen. Voor het gebruik is een licentie nodig, die bij de aankoop van MikroTik-hardware is inbegrepen. De changelog voor deze uitgave kan hieronder worden gevonden.

Important note!!!

• Container package is not available in v7.4. Development and testing continues in "testing" channel.

Changes in this release:

• api - fixed comma encoding within URL when using the ".proplist" argument
• bridge - properly process IPsec decapsulated packets through the firewall when the "use-ip-firewall" option is enabled
• capsman - require a unique name for configuration and configuration pre-sets
• certificate - fixed new CRL updating
• chr - fixed booting with added additional SCSI disk
• cloud - print critical log message when system clock gets synchronized
• console - added ":retry" command
• console - fixed situation when print output was not consistent
• defconf - fixed default configuration loading on devices with WifiWave2 package
• dhcp-relay - fixed DHCPv6 relay forward and reply creation (introduced in v7.1.3)
• dhcp-server - change "vendor-class-id" matcher to generic option matcher
• dhcpv4-server - disallowed overriding message type option
• dhcpv4-server - log message when user option updates existing option
• dhcpv4-server - placed option 53 as the first one in the packet
• dns - convert the domain name to lowercase before matching regex
• dot1x - fixed "undo" command for server instances
• e-mail - added VRF support
• filesystem - fixed repartition on RB5009 series devices
• firewall - added "srcnat" and "dstnat" flags to IPv6/Firewall/Connection table
• firewall - added support for IPv6/Firewall/NAT action=src-nat rules
• firewall - fixed IPv6 NAT functionality when processing GRE traffic on TILE devices
• firewall - fixed IPv6/Firewall/RAW functionality
• firewall - include "connection-mark", "connection-state", and "packet-mark" when packet logging is enabled
• firewall - properly handle interface matcher when VRF interface is specified
• health - fixed requesting data from sensor when issuing "get" command
• health - fixed voltage reporting on some RBmAP-2nD devices
• hotspot - fixed ARP resolution for clients when address pool is specified on the server
• hotspot - fixed Walled Garden entries with action=deny
• ipv6 - fixed system stability when adding/removing IPv6 address
• l2tp - improved stability when establishing l2tp-ether connection (introduced in v7.3)
• ldp - correctly handle AFI selection for usage on dual-stack peers
• leds - fixed GPS LED configuration on LtAP LTE kit
• leds - fixed LTE signal strength LED configuration on LHGG LTE kit
• leds - fixed LTE signal strength LED configuration on LtAP LTE kit
• lte - added AT chat support for Dell dw5821e modem
• lte - fixed LTE interface running state after modem reconnection
• lte - fixed Telit AT interface numbering
• lte - improved LTE interface detection for LtAP-2HnD devices
• lte - keep MBIM working even if AT channel fails to respond in the initialization stage
• lte - request connect with the same IP type as in LTE attach status for MBIM
• lte - show current value for "antenna" parameter when auto antenna selection fails
• lte - validate LTE attached IP type in MBIM mode
• mmips - improved USB device detection after system bootup
• mpls - fixed VPLS functionality when PW peer is an immediate neighbor
• mpls - improved stability with enabled loop-detect
• mqtt - fixed log flooding with disconnect messages
• mqtt - fixed socket error handling
• netwatch - added support for more advanced probing
• ntp - added VRF support for client and server
• ntp - fixed manycast server support
• ntp - improved "debug" log level logging
• ovpn - added "AUTH_FAILED" control message sending
• ovpn - fixed "called-station-id" RADIUS attribute value for OVPN server
• ovpn - use selected cipher by default when the server does not provide "cipher" option
• pimsm - improved system stability when changing configuration
• poe - hide "poe-voltage" parameter on devices that do not support it
• ppp - do not fail connection when trying to add existing IP address to address list
• ppp - log warning message when remote IP address can not be added
• ppp - properly try to use different authentication algorithms when Conf-Rej is received during the LCP phase
• quickset - specify the "in-interface-list=WAN" attribute on firewall rules created through "Port Mapping"
• radius - added VRF support for RADIUS client
• route - added option to join static IGMP and MLD groups (available in "/routing/gmp" menu)
• route - expose all valid routes to route select filter from BGP
• route - expose all valid routes to route select filter from OSPF and RIP
• route - fixed false route type detection as blackhole
• route - fixed log messages when changing routing configuration
• route - made export run faster on tables with a large number of dynamic routes
• route - provide more detailed information about prefixes when using "discourse" tool
• route-filter - fixed route select filter rules
• routing - moved "/interface bgp vpls" to "/routing bgp vpls" menu
• routing-filter - added origin matcher to match for example routes of a specific OSPF instance
• routing-filter - fixed regexp community matcher
• routing-filter - made "do-jump" work in select rules
• rpki - fix potential memory leak
• ssh - disable ssh-rsa when strong-crypto=yes and use rsa-sha2-sha256
• ssh - fixed host key generation (introduced in v7.3)
• ssh - implemented "server-sig-algs" extension in order to improve rsa-sha2-sha256 support
• switch - disabled second CPU core for CRS328-24P-4S+ device in order to improve SFP+ link stability
• switch - fixed multicast flooding when HW offloaded bridge port gets disabled
• system - added "shutdown" parameter for reset-configuration (CLI only)
• system - fixed configuration reset with "run-after-reset" with file stored on ramdisk
• upgrade - ignore same version packages during upgrade procedure
• upgrade - improved RouterOS upgrade stability with attached USB modem on MIPSBE, SMIPS and MMIPS devices
• vpls - improved system stability with enabled connection tracking
• vxlan - allow to specify MAC address manually
• w60g - fixed interface "reset-configuration" on Cube 60 devices
• w60g - improved interface initialization after being inactive for a while
• w60g - improved system stability when using mismatched L2MTU between station and AP
• webfig - updated WebFig HTML files with the new MikroTik logo and removed Telnet option from index page
• webfig - updated link to the WinBox executable
• webfig - updated link to the documentation
• wifiwave2 - added initial support for roaming (802.11r) between local AP interfaces
• wifiwave2 - fixed "frequency-scan" functionality (introduced in v7.3)
• wifiwave2 - improved WPA3 support stability
• winbox - add a log and log-prefix options to IPv6 firewall NAT and mangle rules
• winbox - added "name" parameter under "Routing/BGP/Session" menu
• winbox - added "to-address" and "to-ports" parameters under "IPv6/Firewall/NAT" menu
• winbox - added support for "veth" interface types
• winbox - fixed "inactive" flag naming under "MPLS/Local Mapping" menu
• winbox - fixed IP/Route and IPv6/Route OSPF type value
• winbox - fixed filename dropdown value filtering
• winbox - fixed minor typo under "Interface" stats
• winbox - fixed units for "reachable-time" parameter under "IPv6/ND" menu
• winbox - removed "TLS Host" parameter from "IP/Firewall/NAT" menu
• winbox - removed duplicate signal strength column under "Wireless/Registration Table" menu
• winbox - removed unused "Apply Changes" button from BGP sessions menu
• wireguard - fixed system stability when adding/removing WireGuard interface
• wireless - fixed possible traffic flooding to WDS clients when using Nv2 and multicast helper
• x86 - fixed Broadcom NIC support
• x86 - fixed keep old configuration functionality during x86 setup installation
• x86 - improved log warning message on failed downgrade attempt
• x86 - removed "hdd-model" information from installation screen