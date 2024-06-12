MikroTik heeft versie 7.15.1 van RouterOS uitgebracht, een besturingssysteem dat zich richt op het uitvoeren van routertaken. Denk daarbij natuurlijk aan het routeren van netwerkverkeer, maar ook aan bandbreedtemanagement, een firewall, het aansturen van draadloze accesspoints, een hotspotgateway en een vpn-server. Het kan zowel op de hardware van MikroTik als op x86- of virtuele machines zijn werk doen. Voor het gebruik is een licentie nodig, die bij de aankoop van MikroTik-hardware is inbegrepen. De changelog sinds versie 7.14.2 kan hieronder worden gevonden.

What's new in 7.15.1: bgp - fixed BGP sessions missing vpnv6 afi

bgp - fixed corrupted as-path when received update with empty AS_PATH attribute (introduced in v7.15)

bgp - fixed vpnv6 safi

health - fixed board-temperature for KNOT device (introduced in v7.15)

health - fixed missing health for CRS112-8G-4S device (introduced in v7.15)

install - fixed ARM64 cdrom install (introduced in v7.15)

lte - fixed cases where LTE interface would take long time to become ready after bootup for Chateau 5G and Chateau 5G R16 (introduced in v7.15)

lte - fixed cases where modem could be handled by multiple dialer instances

modem - fixed unresponsive PPP link recovery when TX bandwidth was exceeding link capacity

poe-out - fixed silent firmware upgrade fail on CRS112-8P-4S device (introduced in v7.15)

ppp - fixed dynamic queue default name (introduced in v7.15)

route - fixed memory leak (introduced in v7.15)

route - fixed some missing route parameters when printing (introduced in v7.15)

wifi - fixed signal strength reporting during association (introduced in v7.15)

wifi - improved WPA3 PMKSA handling when access-lists with custom passphrases are used

winbox - fixed issue with skin file appearing as unknown in user group menu (introduced in v7.15)

winbox - fixed missing system note on login (introduced in v7.15) What's new in 7.15: system - added support for AMPERE (R) and ARM64 CHR installations (new ARM64 CHR image available)

system - added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package)

bgp - added initial vpnv6 support

bgp - correctly synchronize input.accept-nlri address list

bgp - fixed prefix count when BGP sessions run with multiple AFIs

bgp - fixed selecting local.default-address from wrong VRF

bgp - use IPv6 as default address-family for IPv6 sessions

bgp-vpn - use VRF interface as gateway for leaked connected routes

branding - added option to hide default configuration prompt

branding - added option to hide or replace default caps-mode-script

bridge - added error message if MLAG peer-port is configured with "mlag-id"

bridge - added MLAG peer-port events to logs

bridge - added MVRP support

bridge - do not allow multiple bonds with same "mlag-id"

bridge - improved protocol-mode STP, RSTP and MSTP stability

bridge - rename monitor property "path-cost" to "actual-path-cost"

bridge - reworked dynamic VLAN creation

bridge - use default "edge=auto" for dynamically bridged interfaces (PPP, VPLS, WDS)

certificate - added support for different ACME servers for ssl-certificate (CLI only)

certificate - added support for importing pbes2 encrypted private keys with aes128

certificate - added trusted parameter for certificate import

certificate - allow replacing certificate with internal import

certificate - delete certificate related files automatically from storage after import

certificate - improved RSA key signature processing speed

chr - allow to "generate-new-id" only while CHR is running on level "free" license

chr - fixed bogus messages printed out while booting up the system (introduced in v7.14)

chr - fixed Xen and Vultr missing ethernet (introduced in v7.14)

console - added "byte-array" option to ":convert" command

console - added "proplist" parameter to interactive commands

console - added "rows" property for sniffer quick mode

console - added "sanitize-names" property under "/console/settings" menu (option for replacing reserved characters with underscores for files, disabled by default)

console - added "type" parameter to ":resolve" command

console - added "use-script-permissions" option when running scripts from CLI

console - added hotkey "F8" to print entire multiline input

console - added link from "/iot/lora" to "/lora"

console - added log for script execution failures

console - added multi-line print in "/file" menu

console - added option to get "about" value (dynamically created text field by RouterOS services like CAPsMAN)

console - added option to read and change file line endings in full-screen editor

console - added warning log for modified filenames due to reserved characters

console - covert spaces, CR, LF in ":convert to=url" command

console - do not convert string to array in ":deserialize" command

console - fixed ":onerror" behavior when "do" block is missing

console - fixed "export where" functionality in certain menus

console - fixed console prompt when entering hot lock mode with "F7"

console - fixed DHCP server "authoritative=no" configuration export

console - fixed do/while implementation not working with variables (introduced in v7.14)

console - fixed filtering by "dhcp" flag in "/ip/arp" menu

console - fixed multiple typos in help

console - improved stability

console - optimized configuration export to prevent startup of processes without any configuration

console - remove unnecessary serial ports for Alpine CPUs

console - show system note before serial login if enabled

console - use user permissions when running scripts from WinBox and WebFig

container - do not allow negative number for "ram-high" setting

defconf - do not override default DHCP server lease time

defconf - fixed 5ghz-ax channel width for L11, L22 devices

defconf - fixed unknown topics in log messages

defconf - minor configuration script updates

dhcpv4-relay - added VRF support

discovery - added LLDP MAC/PHY Configuration/Status TLV support

discovery - added LLDP Maximum Frame Size TLV support

discovery - added LLDP Port Description TLV support

discovery - advertise only physical interface name for LLDP PortID TLV

discovery - always send LLDP MED Power TLV if MED was received

discovery - fixed high CPU utilization when "tx-only" mode is set

discovery - optimized LLDP information update

disk - added option to auto configure media sharing

disk - added support for formatting exfat file-system

disk - improved support for file systems with non-ascii characters in file names

disk - improved support for formatting ext4 file-system

disk - improved system stability when adding partition with no parent

disk - improved system stability

disk - the "scan" command will now detect and include USB drives that were previously ejected

dns - added support for "adlist"

dns - added VRF support

dns - improved system stability when caching entries

eap - improved eap-peap, eap-mschap2 client authentication (dot1x/wireless/ipsec)

ethernet - fixed default names for CRS310-8G+2S+ device (introduced in v7.14)

ethernet - fixed interface disable for CRS326-4C+20G+2Q

ethernet - fixed management port disable/enable on CCR2004-1G-12S+2XS, CCR2004-1G-2XS-PCIe, CCR2216, CCR2116 devices

ethernet - improved port speed downshift functionality for CRS326-4C+20G+2Q

fetch - added "idle-timeout" parameter

fetch - changed topic "info" to "error" for permission denied logs

fetch - fixed slow throughput due to "raw" logging which occurred even when not listening to the topic (introduced in v7.13)

file - allow adding and renaming files and directories

file - avoid refreshing whole file system during file modification

file - improved external storage detection

health - added "cpu-temperature" for IPQ50xx devices

health - added log for fan state changes on CRS3xx, CRS5xx, CCR2xxx, CCR1016r2, CCR1036r2 devices

health - fixed fan behavior for CRS310-1G-5S-4S+ (introduced in v7.14)

health - fixed rogue voltage on CRS510-8XS-2XQ-IN

install - cdrom and hdd install images contain additional packages that can be interactively selected

ipv6 - properly initialize default ND "interface=all" entry

leds - fixed LEDs for L22 device

lora - removed LoRa WinBox and console functionality duplication (moved to IoT package since v7.11)

lte - added "at-chat" support for DELL T99W175 (PID: 0x05c6 VID: 0x90d5)

lte - added support for concatenated AT commands in "modem-init" string

lte - added support to set "modem-init" string for "dialer-less" modems

lte - apply the same configuration for Microsoft branded EM12-G modem (Surface Mobile Broadband) as for Quectel EM12-G

lte - do not show persistent interfaces for multi-apn slave interfaces

lte - dropped support for R11e-LTE-US FOTA firmware update

lte - fixed R11e-LTE-US modem dial-up

lte - fixed situation where link is not restored after Quectel MBIM modem firmware update

lte - improved FG621-EA modem APN authentication

lte - make interface persistent (unused interface configs can be removed, allow to export and examine current configuration without the device present)

lte - removed 2 APN restriction for RG520F-EU modem

lte - use the correct network interface for multi-interface LTE modems

media - added support for DLNA

metarouter - removed support

modem - send APN authentication for BG77 modem also if ppp-client interface created manually

netinstall - improved stability

netinstall-cli - fixed incorrect server address assignment (introduced in v7.14)

ovpn - fixed import ovpn config when remote port is missing

ovpn - fixed minor typo in error message

poe-out - added LLDP power management support for devices with single PoE-out port

poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9)

poe-out - improved firmware upgrade stability for AF/AT controlled boards

poe-out - moved "PoE LLDP" property from "/interface/ethernet/poe" to "/ip/neighbor/discovery-settings" and enable it by default

ppp - added "enable-ipv6-accounting" option under PPP AAA menu

ppp - added log when disconnecting a client due to "WISPr-Session-Terminate-Time" RADIUS attribute

ppp - allow underscores in domain names

ppp - enabled monitoring of registration state, RSRP, RSRQ, SINR, PCI, CellID for BG77 modem

ppp - fixed "Framed-IPv6-Pool" usage when received from RADIUS

ppp - fixed "on-down" script running even when tunnel was not up

profiler - added "neighbor-discovery" task

qos-hw - added "offline" tx-manager (CLI only)

qos-hw - added "profile" and "map" support for CPU port

qos-hw - added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only)

qos-hw - added ECN marking support for compatible switches

qos-hw - added per-queue traffic shapers (CLI only)

qos-hw - added Priority Flow Control for compatible switches (CLI only)

qos-hw - added support for QoS profile assignment via ACL rules

qos-hw - added WRED support for compatible switches

qos-hw - fixed port "print stats/usage" when using "from" property

qos-hw - replaced buffer with bytes in QoS monitor

queue - improved system stability (introduced in v7.6)

quickset - only show LTE mode for devices without other wireless interfaces

radius - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Accept/Challenge/Reject messages

radius - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services

route - do not allow routes with empty "dst-address"

route - do not redistribute loopback address as connected route

route - fixed bgp-vpn prefix import with the same route distinguisher (RD)

route - improved system stability

route - rework of route attributes

route - show route-distinguisher (RD) in route print

route-filter - allow setting different AFI gateways

route-filter - fixed ext community list matcher

sfp - added "100M-baseFX" link mode support for compatible devices

sfp - added "sfp-ignore-rx-los" setting

sfp - fixed "sfp-tx-fault" state indication for CRS510

sfp - fixed link establishment with 100Mbps optical modules (requires "/interface ethernet reset" or adding "100M-baseFX" modes for advertise or speed properties)

sfp - fixed missing Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases

sfp - ignore SFP RX LOS signal for modules with bad EEPROM

sfp - improved "sfp-tx-power" value monitoring in certain cases

sfp - improved auto-negotiation linking for some MikroTik cables and modules

sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14)

sfp - improved system stability with some GPON modules for CCR2004 and CCR2116 devices

smb - added logs for share connection requests

smb - do not allow setting empty "comment" or "domain" properties

sms - added option to select SMS storage

sms - added SMS PDU to SMS inbox "print detail"

sms - added workaround for modems which do not notify regarding new SMS arrival (missing URC)

sms - improved SMS handling

sms - removed SMS for SMIPS

sms - use "gsm" logging topic for serial modem SMS logs

snmp - added missing PoE-out status codes to MIKROTIK-MIB

snmp - added new "mtxrOpticalVendorSerial" OID to MIKROTIK-MIB

socks - attempt to parse domain name as IP before resolving

ssh - added support for user Ed25519 private keys

ssh - export host Ed25519 public key

ssh - fixed bogus output

ssh - fixed permissions to run ".auto.rsc" scripts

ssh - require "policy" user policy when adding public key

sstp - added SNI support

sstp - disconnect clients when server is disabled

storage - improved configuration storing process on first system boot after configuration reset

switch - added support for multiple ingress and egress port mirroring on 98DXxxxx switches

switch - added support for RSPAN mirroring on 98DXxxxx switches

switch - fixed L3HW and QoS monitor during switch reset

system - added resource values (Product name, File name and File version) for Windows executable files

system - general work on optimizing the size of RouterOS packages

system - show "cpu-frequency" for Alpine CPUs

system - skip configuration upgrade from RouterOS v6 on configuration reset

system - updated office address in RouterOS license

system - updated online manual links from "wiki" to the help documentation

timezone - updated timezone information from "tzdata2024a" release

traffic-flow - detect IPv4 source address if not set

traffic-flow - improved system stability

userman - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Request messages

userman - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services

vlan - added MVRP (applicant) configuration option

vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU

vlan - fixed MTU reset on bridge after reboot

vlan - limit "vlan-id" range from 1-4095 to 1-4094

vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14)

webfig - allow pasting with ctrl+v into terminal

webfig - fixed column preferences for ordered tables

webfig - show inherited properties for wifi interfaces

wifi - added "reselect-interval" support

wifi - changed interface default to "disabled=yes"

wifi - do not report disabled state for CAPsMAN managed interface

wifi - fixed configuration export for "disabled" property

wifi - improve channel selection after radar detection events

wifi - improve regulatory compliance for L11, L22 devices

wifi - improved interface initialization reliability on DFS channels

wifi - improved stability of DFS check in the 5GHz-A band

wifi - improved system stability when provisioning CAPs in certain cases

wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel

wifi - report current CAPsMAN address and identity on CAP

wifi - show inherited properties with "print" command (replaces "actual-configuration") and added "print config" for showing only configured values

wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances

wifi-qcom - updated driver

winbox - added "Download" and "Flush" buttons under "System/Certificates/CRL" menu

winbox - added "Flat Snoop" button under "WiFi" menu

winbox - added "FT Preserve VLAN ID" setting under "WiFi/Configuration/FT" menu

winbox - added "Request logout" button under "System/Users/Active Users" menu

winbox - added "Trusted" checkbox under "System/Certificates/Import" menu

winbox - added drop down menu for "User" property when importing SSH key under "System/User/SSH Keys" and "System/User/SSH Private Keys" menus

winbox - added invalid flag under "IP/DHCP Relay" menu

winbox - added key type and key length column for user SSH keys

winbox - added missing SFP monitoring properties under "Interface/SFP" menu

winbox - added passphrase option for SSH host key export

winbox - added passphrase option for SSH host key import

winbox - allow specifying size and rtmpfs size with M, G units under "System/Disks" menu

winbox - allow to specify "M" or "G" postfix for download, upload or total limits under "User Manager/Limitations" menu

winbox - do not show "Host Key Size" when using ed25519 key under "IP/SSH" menu

winbox - fixed the issue where the skin file fails to appear in the user group menu after creation

winbox - renamed "Channel" column to "Current Channel" under "Wifi" menu

winbox - show "Valid Servers" and "Unknown Servers" column by default under "IP/DHCP Server/Alerts" menu

winbox - show inherited properties for wifi interfaces

winbox - show SIM settings for SXTR device under "Interfaces/LTE/Modem" menu

winbox - updated icons for certain menus

winbox - use correct values for "Jump Target" property under "IPv6/Firewall/Filter Rules" menu

wireguard - added option to mark peer as responder only

wireguard - added peer "name" field and display it in logs

wireguard - do not attempt to connect to peer without specified endpoint-address

wireguard - fixed "auto" argument usage for "private-key" and "preshared-key" settings

wireguard - fixed performance issues showing QR code

wireless - perform shorter channel availability check for 5600-5650MHz if regulatory domain permits it

x86 - fixed ixgbe Tx hang by disabling TSO

x86 - fixed VLAN tagged packet transmit for ice driver

x86 - ice driver update to v1.13.7

x86 - improved stability for RTL8125 driver

x86 - ixgbe driver update to 5.19.9

x86/chr - improved panic saving (increased minimal RAM requirements to 256MB) What's new in 7.14.3: bgp - correctly synchronize input.accept-nlri address list

bridge - use default "edge=auto" for dynamically bridged interfaces (PPP, VPLS, WDS)

disk - improved system stability

fetch - fixed slow throughput due to "raw" logging which occurred even when not listening to the topic (introduced in v7.13)

queue - improved system stability (introduced in v7.6)

wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances (CLI only)