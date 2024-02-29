MikroTik heeft versie 7.14 van RouterOS uitgebracht. RouterOS is een besturingssysteem dat zich richt op het uitvoeren van routertaken. Denk daarbij natuurlijk aan het routeren van netwerkverkeer, maar ook aan bandbreedtemanagement, een firewall, het aansturen van draadloze accesspoints, een hotspotgateway en een vpn-server. Het kan zowel op de hardware van MikroTik als op x86- of virtuele machines zijn werk doen. Voor het gebruik is een licentie nodig, die bij de aankoop van MikroTik-hardware is inbegrepen. De changelog voor deze uitgave kan hieronder worden gevonden.

What's new in 7.14: rose-storage - moved SMB service to the RouterOS bundle

smb - removed legacy SMB service (replaced with newer and faster ROSE SMB service, compatible with SMB 2.1, SMB 3.0 and SMB 3.1.1)

6to4 - make "ipsec-secret" sensitive parameter

api - improved REST API stability when processing invalid requests

api - properly return SNMP OIDs when requested

arm - improved system stability when using microSD on RB1100Dx4

arp - added ARP status

bgp - allow to leak routes between local VRFs

bridge - added MLAG support for MSTP bridges

bridge - avoid per-VLAN host flushing on HW offloaded bridge

bridge - fixed auto "path-cost" for bonding interfaces (introduced in v7.13)

bridge - fixed MLAG connection after peer-link flap (introduced in v7.13)

bridge - fixed packet forwarding after changing HW offloaded bridge interface settings in certain cases (introduced in v7.13)

bridge - improved bridge VLAN configuration validation

bridge - improved configuration speed on large VLAN setups

bridge - improved protocol-mode MSTP functionality

bridge - improved protocol-mode STP and RSTP functionality

bridge - make "point-to-point=yes" default value for non-wireless bridge ports

bridge - removed "mst-config-digest" from MSTI menu

bridge - try to set wireless bridge ports as edge ports automatically

bth - added simple "Back To Home Users" manager under IP/Cloud menu

calea - improved system stability when adding bridge rule without "calea" package installed

certificate - improved certificate validation performance

console - added ":tolf" and ":tocrlf" commands for converting line break to/from LF or CRLF

console - added "show-at-cli-login" option to display a note before telnet login

console - added missing "where" clause for "/ipv6/firewall/filter" table print command

console - do not accept negative or too large values for ":delay" command

console - do not allow to use out-of-range values for time type fields

console - fix configuration export when user does not have a "sniff" policy

console - fixed delayed output from ":grep" command in certain cases

console - fixed incorrect behavior of ":onerror" command in certain cases

console - hint on reset command help that ".rsc file" is required for "run-after-reset" parameter

console - improved editor functionality in full screen mode

console - improved stability when using autocomplete with "export"

console - increased maximum file content length that can be managed through command line to 60 KB

console - updated copyright notice

container - improved VETH interface management responsiveness and reliability

container - restrict "/container/shell" menu for users without "write" permissions

defconf - added log about configuration reset due to pressed reset button

defconf - fixed Audience scanning-for-wps-ap timeout

defconf - fixed configuration script on KNOT devices if "ppp-out" interface is removed

defconf - fixed firewall rule for IPv6 UDP traceroute

defconf - fixed wifi configuration if interface MAC address is changed

defconf - improved wifi interface detection after upgrade

defconf - increased LTE interface wait time

defconf - updated health settings on configuration revert

defconf - use "fq_codel" queue as default interface queue for wired ports on LTE devices

dhcpv6-client - install dynamic IPv6 blackhole routes in corresponding routing-table

dhcpv6-client - updated error logging when multiple prefixes received on renew

disk - added exFAT and NTFS mount/read/write support

disk - added global disk "settings" menu

disk - fixed changing settings on some GPT formatted disks

disk - properly unmount disk when it is disconnected

dns - do not add new entries to cache if "cache-size" is reached

dns - fixed domain name lookup resolving for internal services

ethernet - fixed issue with default interface names for CRS310-8G+2S+ in rare cases

ethernet - improved cable-test reliability for hAP ax3 PoE out port

ethernet - resolved minor memory leak while processing packets

fetch - added "head" option for "http-method"

fetch - added "patch" option for "http-method"

fetch - allow specifying link-local address in FTP mode

fetch - allow to use certificate and check-certificate parameters only in HTTPS mode

fetch - do not require "content-length" for HTTP (introduced in v7.13)

fetch - fixed DNS resolving when domain has only AAAA entries (introduced in v7.13)

fetch - fixed fetch execution when unexpected data is received in HTTP payload

fetch - fixed fetch when using "src-path" with HTTP/HTTPS modes (introduced in v7.13)

fetch - fixed fetch when using "src-path" with SFTP mode (introduced in v7.13)

fetch - fixed incorrect "src-path" error message when "upload=yes"

fetch - fixed IPv4 address logging (introduced in v7.13)

fetch - improved fetch stability in SFTP mode

fetch - improved file download stability with HTTP/HTTPS modes

fetch - less verbose logging

fetch - print all "Set-Cookies" headers in response

fetch - treat any 2xx HTTP return code as success (introduced in v7.13)

filesystem - improved filesystem integrity for several RB3011 units with automatic firmware upgrade

firewall - added "creation-time" parameter for IPv6 address list entries

firewall - fixed underlying CAPsMAN tunnel reusing packet marks of encapsulated packets

firewall - fixed underlying VXLAN/EoIP tunnel reusing packet marks of encapsulated packets

firewall - increased default "udp-timeout" value from 10s to 30s

health - added limited manual control over fans for CCR1016r2, CCR1036r2 devices

health - changed default "fan-min-speed-percent" from 0% to 12%

health - improved fan control on CRS3xx and CCR1016-12S-1S+r2

health - show voltage when powering KNOT R through Micro-USB

health - updated health properties for CCR1016r2, CCR1036r2 devices

iot - added bluetooth whitelist wildcard asterisk support

iot - added LoRa CUPs protocol support

iot - fixed modbus partial frame reception issue

iot - improved LoRa LNS

iot - improved modbus Tx/Rx switching behaviour

iot - improvements to GPIO behavior on boot

iot - improvements to LoRa CUPS

iot - removed bluetooth whitelist maximum entry limit of 8

ipv6 - made "valid" and "lifetime" parameters dynamic for SLAAC IPv6 addresses

isis - show passive interface active levels

l3hw - fixed IPv6 host offloading in certain cases

l3hw - fixed neighbor offloading after link flap

l3hw - preserve offloading for VLANs when bridge ports are down

leds - added "dark-mode" functionality for hAP ax3 and Chateau ax series devices

leds - do not show LTE connection state/mode using RGB power LED from configless LTE modems

leds - fixed "type=on" LED behaviour after reboot

leds - fixed default LTE LED configuration for wAPR-2nD

leds - fixed modem LED indication for SXT LTE 3-7

leds - fixed wireless type of LED triggers for routers using WiFi package

lte - added "at-chat" support for Sierra Wireless EM9293 5G modem

lte - added AT channel support for Quectel EM120K-GL modem

lte - added redial timer when the MBIM modem fails to register or does not receive APN activation notification

lte - don't duplicate primary band in 5G SA mode for chateau 5G

lte - fixed "use-peer-dns" setting for EC200A modem

lte - fixed an issue for EC200A modem that IPv6 address could be added as IPv4 address

lte - fixed APN authentication for FG621-EA modem

lte - fixed MBIM interface enabling for Quectel EC25 modem (introduced in v7.13)

lte - fixed Simcom modem support in 0x9000; 0x9002, 0x9002; 0x901a and 0x901b USB compositions

lte - fixed Simcom modem support in 0x9001 USB composition

lte - fixed support for config-less modem detection (introduced in v7.13)

lte - fixed USB mode switch and initialization race condition for configless USB modems

lte - improved FG621-EA modem firmware upgrade

lte - improved modem recovery after failed IPv4 configuration

lte - improved support for "ACER" and "MSFT" branded EM12-G modems

lte - optimized "at-chat" response reading

lte - refactored AT command control for AT modems

modem - fixed SMS removal (introduced in v7.13)

modem - improved stability when performing modem FOTA upgrade

mpls - fixed VPN fragmentation when forwarding IP traffic

netinstall-cli - check package and device architecture before formatting

ovpn - added support for pushing routes

ovpn - improved "push-routes" option handling when large amount of routes is specified

ovpn - improved key-renegotiation process

ovpn - improved OVPN configuration file import process

ovpn - improved system stability when using HW encryption on ARM64 devices (introduced in v7.13)

ovpn - limit the maximum length for "push-routes" up to 1400 characters

package - added "size" property

package - reduced "wireless" package size for ARM, ARM64, MIPSBE, MMIPS devices

package - reduced package size for SMIPS

poe-out - driver optimization for AF/AT controlled boards

poe-out - fixed "power-cycle" for CRS354-48P-4S+2Q+ device (introduced in v7.13)

poe-out - improved 802.3at classification and measurement accuracy

poe-out - improved cable test for hAP ac3 and hAP ax3 devices

poe-out - improved PoE out reliability on routers with a single PoE out interface

port - fixed support for USB/serial adapters (introduced in v7.13)

port - removed bogus serial port on RB750Gr3, RB760iGS and RBM11G devices

ppp - added support for "WISPr-Session-Terminate-Time" RADIUS attribute

ppp - log an error when IPv6 DHCP pool is exhausted

ptp - added "aes67" and "smpte" profiles

ptp - added configurable "domain" and "priority2" parameters

ptp - added support for Management message forwarding in BC

ptp - fixed "default" and "g8275.1" profiles go into "slave" instead of "uncalibrated" state

ptp - fixed default values for "802.1as" profile

ptp - fixed flags in Announce message

ptp - fixed potential error in packet exchange

ptp - make clock go into grandmaster state if slave port goes down

qos-hw - fixed "tx-queue7-packet" counter

route - fixed gateways of locally imported vpnv4 routes

route - improved route print "count-only" process speed

route - improved stability on route table lookup

route-filter - added option to set "isis-ext-metric"

route-filter - fixed AS path matchers when input and output chains are used

routerboard - added "reset-button" support for RBwAPR-2nD device

sfp - added support for modules requiring single byte I2C read transactions

sfp - fixed corrupted Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases

sfp - fixed corrupted Tx traffic at 10Gbps rate on RB4011 in rare cases

sfp - improve high-power SFP module initialization

sfp - improved combo-sfp handling for CRS328-4C-20S-4S+

sfp - improved link establishment for RB4011 devices

smb - added option to specify SMB service mode as "auto"

sms - fixed SMS inbox for FG621-EA modem (introduced in v7.13)

sms - fixed SMS sending from WinBox and WebFig (introduced in v7.13)

sms - improved system stability when working with SMS

sms - increased SMS read timeout

snmp - added "bgpLocalAs" and "bgpIdentifier" OID reporting

snmp - fixed "bgpPeerFsmEstablishedTime" OID reporting

snmp - hide "MikroTik" in LLDP MIB when branding with hide SNMP option is used

snmp - updated timeout log

ssh - improved SSH performance on ARM, MIPS, MMIPS, SMIPS and TILE devices

ssh - refactored SSH service internal processes

sstp - added support for "aes256-gcm-sha384" encryption

sstp - improved system stability for PPC devices

supout - added PTP section

switch - fixed Ethernet disable/enable for CRS310-8G+2S+ devices

switch - fixed reserved multicast receive on Atheros-8327, QCA8337 switches for R/STP bridge

switch - improved 100G interface stability for 98DX4310 and 98DX8525 switches

switch - minimise potential packet overflows on CRS354

system - changed build time format according to ISO standard

system - expose "lo" and "vrf" interfaces

system - fixed "cpu-frequency" for CRS3xx ARM devices

system - improved memory allocation for ARM64 devices

system - improved RAM allocation for L009UiGS-RM

system - improved system stability when processing packets in FastPath (introduced in v7.13)

system - properly assign destination port for HTTP/S connections initiated by the router (introduced in v7.13)

system - properly close HTTP/S connections initiated by the router

system - provide more precise "total-memory" value for ARM devices

system - provide more precise "total-memory" value under "System/Resources" menu for L009 and hAP ax lite routers

tftp - improved invalid request processing

timezone - updated timezone information from "tzdata2023d" release

tr069 - don't duplicate cellular info in "X_MIKROTIK_5G" nodes when connected in NR SA mode

tr069 - fixed bandwidth test

tr069-client - show 5G signal info in X_MIKROTIK_5G nodes only for 5G NSA bands

traffic-flow - use 64bit counters for v9 and IPFIX flows

traffic-generator - improved system stability when receiving bogus traffic

usb - show "Supermicro CDC" adapter as Ethernet interface

vlan - fixed non-running VLAN interface after failed MTU change

vrf - prevent VRF interface name collision with interface lists

vxlan - fixed underlying tunnel reusing routing marks of encapsulated packets

webfig - fixed routing table filter under "IP/Routes" menu

webfig - fixed setting the user's password

webfig - fixed showing WireGuard peers

webfig - improved stability when adding new entries under "IP/Routes" menu

wifi - added "station-pseudobridge" interface mode

wifi - fixed issue with setting country profile (introduced in v7.13.1)

wifi - improved handling of CAP connections in dual CAPsMAN scenario

wifi - increased value for SAE retransmit period to 3s to improve WPA3 compatibility with IoT client devices

wifi - use "Latvia" as the default value for "country" property

wifi - use correct CAP identity for interface name provisioning after it has been changed by remote-cap/set-identity

wifi-qcom - enable display of regulatory information on L11,L22 devices

wifi-qcom - fixed new connections, when maximum supported number of MAC addresses behind connected station-bridges is reached

wifi-qcom - improve system stability for L11, L22 devices

wifi-qcom - improved memory allocating process

wifi-qcom - improved regulatory compliance for L11, L22 devices

wifi-qcom - improved system stability when using FastPath (introduced in v7.13)

winbox - added "accept-protocol-version" parameter to the L2TP server settings

winbox - added "mode-button" and "switch" menus for L41G-2axD&FG621-EA

winbox - added "Name" parameter under "Tools/Netwatch" menu

winbox - added "page-refresh" setting to the Graphing settings

winbox - added "Port Cost Mode" setting under "Bridge" menu

winbox - added "VRF" parameter under "Tools/Ping" menu

winbox - added "x25519" argument for "DH Group" parameter under "IP/IPsec/Profiles" menu

winbox - added missing "Protocol" arguments under "IPv6/Firewall" menu

winbox - added missing monitoring properties under "WireGuard/Peers" menu

winbox - added Preboot Etherboot settings to the System/RouterBOARD/Settings menu

winbox - do not show USB settings for CRS devices that does not need it

winbox - fixed "Bridge Cost" range under "Interfaces/VPLS" menu

winbox - fixed "Password" button under "Quick Set" menu

winbox - improved connection speed and reliability

winbox - improved route table automatic refresh process for static routes

winbox - improved status values under "System/PTP" menu

winbox - improved system stability with large packets

winbox - include "te-tunnel" parameter in VPLS interface monitor

winbox - properly validate "passthrough-subnet-size" in the LTE APN settings

winbox - remove "Root Bridge ID" property under "Bridge/MSTIs" menu

winbox - removed "sfp all" option from combo port settings

winbox - renamed "Wireless Table" menu to "Wifi"

winbox - show "routing-table" column under IP/Route menu by default

winbox - show all columns under "Routing/PIM SM/Static RP" menu by default

wireguard - do not allow to use multiple WireGuard interfaces on the same "listen-port"

wireguard - optimised and improved WireGuard service logging

x86 - fixed VLAN tagged packet transmit for igb (introduced in v7.12)