Новый релиз MikroTik RouterOS (v7.12)

Новый релиз MikroTik RouterOS (v7.12) внесет ряд значительных улучшений и обновлений, укрепляя надежность и функциональность вашей сети.



































































What's new in 7.12 (2023-Nov-09 09:45):

!) ethernet - changed "advertise" and "speed" arguments, and removed "half-duplex" setting under "/interface ethernet" menu;
!) health - removed "temperature" health entry from boards, where it was the same as "sfp-temperature";
!) sfp - convert configuration to support new link modes for SFP and QSFP type of interfaces;
*) api - fixed fetching objects with warning option from REST API;
*) bfd - fixed sessions when setting VRF;
*) bfd - improved system stability;
*) bgp - fixed "atomic-aggregate" always set in output;
*) bgp - fixed "input.filter-chain" argument selection in VPN configuration;
*) bgp - fixed local and remote port settings for BGP connections;
*) bgp - fixed typos and missing spaces in log messages;
*) bgp - implemented IGP metric sending in BGP messages;
*) bgp - improved logging;
*) bgp - increase "hold-time" limit to 65000;
*) bluetooth - added basic support for connecting to BLE peripheral devices;
*) bluetooth - use "g" units when decoding MikroTik beacon acceleration on peripheral devices menu;
*) bridge - fixed fast-path forwarding with HW offloaded vlan-filtering (introduced in v7.11);
*) bridge - fixed untagged VLAN entry disable;
*) bridge - fixed vlan-filtering stability with HW and non-HW offloaded ports (introduced in v7.10);
*) bridge - improved system stability;
*) bridge - improved vlan-filtering bridge stability with CAPsMAN (introduced in v7.11);
*) bth - added "Back To Home" VPN service for ARM, ARM64, and TILE devices;
*) calea - improved system stability when trying to add rules without the CALEA package;
*) certificate - allow to get and maintain Let's Encrypt certificate in IPv6 environment;
*) certificate - allow to remove issued certificates when CRL is not used;
*) certificate - fixed "subject-alt-name" duplicating itself when SCEP is used;
*) certificate - fixed certificate auto renewal via SCEP;
*) certificate - improved certificate validation logging error messages;
*) certificate - log CRL HTTP errors under the "error" logging topic;
*) chr - iavf updated driver to 4.9.1 version;
*) chr - increased OVA default RAM amount from 160MB to 256MB;
*) console - added ":jobname" command;
*) console - added "as-string" and "as-string-value" properties for "get" command;
*) console - added "terminal/ask" command;
*) console - added "transform" property for ":convert" command;
*) console - display "End-User License Agreement" prompt after configuration reset;
*) console - export required properties with default values;
*) console - fixed scheduler "on-event" script highlighting when editing;
*) console - improved ":totime" and ":tonum" commands and added ":tonsec" command for time value manipulation;
*) console - improved multi-argument property parsing into array;
*) console - improved randomness for ":rndstr" and ":rndnum" commands;
*) console - improved stability and responsiveness;
*) console - improved stability when editing long scripts;
*) console - improved stability when using "special-login";
*) console - improved system stability through RoMON session;
*) console - improved system stability when using autocomplete;
*) console - improved system stability;
*) console - restrict permissions to "read,write,reboot,ftp,romon,test" for scripts executed by DHCP, Hotspot, PPP and Traffic-Monitor services;
*) console - show full date and time in scheduler "next-run" property;
*) dhcp - fixed DHCP server and relay related response delays;
*) email - rename "address" property to "server";
*) ethernet - added "supported" and "sfp-supported" values for "monitor" command;
*) firewall - added "ein-snat" and "ein-dnat" connection NAT state matchers for filter and mangle rules;
*) flash - show more accurate "total-hdd-space" resource property;
*) gps - expose GPS port for Quectel EM12-G (vendor-id="0x2c7c", device-id="0x0512");
*) ike1 - fixed invalid key length on phase1 negotiation;
*) ike1 - log an error when non-RSA keys are being used;
*) ike2 - improved rekey collision handling;
*) interface - added "macvlan" interface support;
*) iot - fixed an issue where applying a script to GPIO pin caused GPIO to stop working;
*) iot - fixed behavior where GPIO output state would change on boot;
*) ipsec - fixed Diffie-Hellman public value encoding size;
*) ipsec - fixed IPSec policy when using modp3072;
*) ipsec - fixed minor typo in logs;
*) ipsec - reduce disk writes when started without active configuration;
*) ipv6 - fixed IPv6 RA delay time from 5s to 500ms according to RFC;
*) ipv6 - send RA and RA deprecate messages out three times instead of just once;
*) l3hw - fixed IPv6 route suppression;
*) l3hw - improved system stability during IPv6 route offloading;
*) l3hw - prioritize local IP addresses over the respective /32 and /128 routes;
*) led - fixed "interface-status" configuration for virtual interfaces;
*) led - fixed 5G modem mobile network category LED colours;
*) leds - added "dark-mode" functionality for RBwAPG-5HacD2HnD;
*) leds - added "wireless-status" and "wireless-signal-strength" configuration types for wifiwave2 interfaces;
*) log - improved logging for user actions;
*) lora - added LNS protocol support;
*) lte - added at-chat support and increased wait time on modem at-chat for Dell DW5821e, DW5821e-eSIM, DW5829e and DW5829e-eSIM;
*) lte - added SINR reporting for FG621-EA modem;
*) lte - changed R11e-LTE ARP behavior to NoArp;
*) lte - fixed 5G data-class reporting for Chateau 5G;
*) lte - fixed APN authentification in multi APN setup for R11e-LTE6;
*) lte - fixed FG621-EA possible timeouts during firmware upgrade;
*) lte - fixed IPv6 prefix for MBIM modems in multi-apn setup when IPv6 APN used as not first APN;
*) lte - fixed RSSI for FG621-EA modem to show the correct value;
*) lte - fixed Sierra modem detection for modems with vendor-specific USB descriptors;
*) lte - fixed Sierra modem initialization;
*) lte - fixed startup race condition when SIM card is in "up" slot for LtAP mini;
*) lte - fixed sub-interface auto-removal in multiple APN setups;
*) lte - show correct data class when connected to 5G SA network;
*) lte - use more compact logging messages;
*) modbus - added additional security settings for Modbus TCP;
*) mpls - added option to match and set MPLS EXP with bridge and mangle rules;
*) mpls - fixed "propagate-ttl=no" setting;
*) mpls - improved FastPath next-hop selection hash algorithm;
*) mqtt - added on-message feature for subscribed topics;
*) mqtt - added parallel-scripts-limit parameter to set maximum allowed number of scripts executed at the same time;
*) mqtt - added wildcard topic subscription support;
*) netinstall - added option to discard branding package;
*) netinstall - display package filename in GUI Description column if package description is not specified;
*) netinstall-cli - added empty configuration option "-e";
*) netinstall-cli - added option to discard branding package;
*) netinstall-cli - allow ".rsc" script filenames;
*) netinstall-cli - prioritise interface option over address option;
*) netinstall-cli - updated configuration option description;
*) netwatch - decreased "thr-tcp-conn-time" maximum limit to 30 seconds;
*) ospf - fixed adding ECMP routes;
*) ospf - fixed BFD on virtual-link with configured VRF;
*) ospf - fixed OSPFv3 authentication header length calculation;
*) ospf - fixed OSPFv3 not working with NSSA areas;
*) ospf - fixed parsing of opaque LSAs used by TE;
*) ospf - fixed translated NSSA routes not showing in backbone;
*) ovpn - added "tls-auth" option support for imported .ovpn profiles;
*) ovpn - improved system stability;
*) pimsm - fixed BSR update process;
*) pimsm - fixed UIB update process;
*) pimsm - improved system stability;
*) poe-out - driver optimization for AF/AT controlled boards;
*) poe-out - fixed rare CRS328 poe-out menu and poe-out port config loss after reboot;
*) poe-out - improved "auto" mode for devices with single PoE-out port;
*) poe-out - removed "auto" mode support for L009 devices;
*) port - add support for Huawei MS237h-517;
*) port - expose NMEA/DIAG ports for Dell DW5821e and DW5821e-eSIM;
*) qsfp - added 50Gbps rate support for QSFP28 interfaces;
*) qsfp - fixed incorrect QSFP temperature readings in negative temperature;
*) qsfp - improved auto link detection for AOC cables;
*) qsfp - use sub-interface configuration for establishing link (for 40Gbps and 100Gbps links, all sub-interfaces must be enabled);
*) quickset - fixed "LAN" interface list members if configuration does not contain bridge;
*) rip - added BFD support;
*) rip - fixed session not working in VRF;
*) route - added "single-process" configuration setting, enabled by default on devices with 64MB or less RAM memory;
*) route - added "suppress-hw-offload" setting for IPv6 routes;
*) route - fixed gateway after link restart;
*) route - removed deprecated "received-from" property;
*) route - reverse community "delete" and "filter" command behavior;
*) routerboard - added "reset-button" support for RB800, RB1100 and RB1100AHx2 devices;
*) routerboard - fixed "reset-button" support for wAP ac and wAP R ac devices;
*) sfp - added 5Gbps rate for SFP+ interface on 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) sfp - fixed missing "rx-power" monitor with certain modules (introduced in v7.10);
*) sfp - fixed occasional bad EEPROM data reading for L009 devices;
*) sfp - improved interface stability for SFP and QSFP types of interfaces;
*) sfp - improved system stability with certain modules for 98DX224S, 98DX226S, 98DX3236, 98DX8216 and 98DX8208 switch chips;
*) snmp - changed "mtxrGaugeValue" type to integer;
*) ssh - added support for user ed25519 public keys;
*) ssh - allow to specify key owner on import;
*) ssh - fixed SSH tunnel performance (introduced in v7.10);
*) ssh - improved connection stability when pasting large chunks of text into console;
*) supout - added interface list members section;
*) supout - added LLDP power to supout.rif;
*) supout - fixed BFD section;
*) switch - improved resource allocation for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) switch - improved switch chip stability for CCR2004-16g-2s+ devices;
*) system - fixed process multithreading (introduced in v7.9);
*) system - improved system stability during booting for L009 devices;
*) system - improved system stability when MD5 checksums are used;
*) tftp - fixed empty file name matching;
*) tile - improved system stability when using queues;
*) traffic-generator - added "priority" property for "inject" command;
*) traffic-generator - fixed traffic-generator on CHR and x86;
*) usb - added support for RTL8153 USB ethernet on ARM, ARM64 and x86;
*) vrf - limit maximum VRFs to 1024;
*) vxlan - improved system stability for Tile devices;
*) webfig - fixed "Days" property configuration change under "IP/Firewall" menu;
*) webfig - fixed timezone for interface "Last Link Down/Up Time";
*) webfig - improved Webfig performance and responsiveness;
*) webfig - try to re-establish connection after disconnect;
*) wifiwave2 - added an alternative QoS priority assignment mechanism based on IP DSCP;
*) wifiwave2 - added comment property for registration-table;
*) wifiwave2 - added station-bridge interface mode;
*) wifiwave2 - correctly add interface to specified "datapath.interface-list";
*) wifiwave2 - do not show default "l2mtu" on compact export;
*) wifiwave2 - enable changing interface MTU and L2MTU;
*) wifiwave2 - fixed malformed Interworking packet elements;
*) wifiwave2 - fixed PTK renewal for interfaces in station mode;
*) wifiwave2 - fixed re-connection failures for 802.11ax interfaces in station mode;
*) wifiwave2 - fixed sniffer command not receiving any QoS null function frames when using 802.11ax radios;
*) wifiwave2 - fixed untagged VLAN 1 entry when using "vlan-id" setting together with vlan-filtering bridge;
*) wifiwave2 - fixed warning on CAP devices when radar detected;
*) wifiwave2 - implemented an option to transmit IP multicast packets as unicasts;
*) wifiwave2 - improved compliance with regulatory requirements;
*) wifiwave2 - limit L2MTU to 1560 until a fix is available for a bug causing interfaces to fail transmitting larger frames than that;
*) wifiwave2 - list APs with a higher maximum data rate as more preferable roaming candidates;
*) wifiwave2 - log more information regarding authentication failures;
*) wifiwave2 - make 4-way handshake procedure more robust when acting as supplicant (client);
*) wifiwave2 - use CAPsMAN's "datapath.vlan-id" on CAP for bridge port "pvid";
*) winbox - added "Addresses" property under "Routing/BFD/Configuration" menu;
*) winbox - added "BUS" property for USB Power Reset button for LtAP-2HnD and CCR1072;
*) winbox - added "Comment" under "Routing/BFD/Configuration" menu;
*) winbox - added "g" flag under "IPv6/Routes" menu;
*) winbox - added "Host Key Type" setting under "IP/SSH" menu;
*) winbox - added "Key Owner" setting under "System/User/SSH Keys" and "System/User/SSH Private Keys" menus;
*) winbox - added "Name Format" property under "WifiWave2/Provisioning" menu;
*) winbox - added "Remote Min Tx" parameter under "Routing/BFD/Session" menu;
*) winbox - added "Startup Delay" setting under "Tools/Netwatch" menu;
*) winbox - added "USB" button under "System/RouterBOARD" menu for LtAP-2HnD;
*) winbox - added "Use BFD" setting under "Routing/RIP/Interface-Template" menu;
*) winbox - added Enable/Disable button under "Routing/RIP/Static Neighbors" menu;
*) winbox - added missing properties under "WifiWave2" menu;
*) winbox - added MQTT subscription menu;
*) winbox - allow to change port numbers for SCTP, DCCP, and UDP-LITE protocols under "IP/Firewall" menus;
*) winbox - allow to set multiple addresses and added IPv6 support under "Interface/VETH" menu;
*) winbox - allow to specify server as DNS name under "Tools/Email" menu;
*) winbox - changed "MBR Partition Table" checkbox to unchecked by default under "System/Disks/Format-Drive" menu;
*) winbox - do not show "F" flag for disabled entries under "IP/Routes" menu;
*) winbox - fixed "Address" property under "WifiWave2/Remote-CAP" menu;
*) winbox - fixed "Do" property under "Routing/Filters/Select Rule" menu;
*) winbox - fixed "Group Key Update" maximum value under "WifiWave2/Security" menu;
*) winbox - fixed "Range" property under "Routing/Filters/Num Set" menu;
*) winbox - fixed "Switch" menu for CCR2004-16G-2S+;
*) winbox - fixed entry numbering and ordering under "WifiWave2/Provisioning" menu;
*) winbox - fixed minor typos;
*) winbox - improved support for certain properties under "WifiWave2/Interworking Profiles" menu;
*) winbox - rename "DSCP" setting to "DSCP (+ECN)" under "Tools/Traffic-Generator/Packet-Templates" menu;
*) winbox - rename "Name" setting to "List" under "IP,IPv6/Firewall/Address-List" menu;
*) winbox - rename "Password" button to "Change Now" under "System/Password" menu;
*) winbox - show "unknown" value for "FS" property under "System/Disks" menu if the data is not available;
*) wireguard - added "auto" and "none" parameter for "private-key" and "presharde-key" parameters;
*) wireguard - added "wg-export" and "wg-import" functionality (CLI only);
*) wireguard - allow to specify client settings under peer menu which will be included in configuration file and QR code;
*) wireguard - request public or private key to be specified in order to create peer;
*) wireless - added more "radius-mac-format" options (CLI only);
*) wireless - fixed malformed Interworking packet elements;
*) www - fixed allowed address setting for REST API users;
*) www - fixed fragmented POST data for SCEP service;
*) x86 - added support for Mellanox ConnectX-6 Dx NIC;
*) x86 - i40e updated driver to 2.23.17 version;
*) x86 - igb updated driver to 5.14.16 version;
*) x86 - igbvf updated driver from in-tree Linux kernel;
*) x86 - igc updated driver to 5.10.194 version;
*) x86 - ixgbe updated driver to 5.19.6 version;
*) x86 - Realtek r8169 updated driver;
*) x86 - updated latest available pci.ids;


Теги: mtcna routerosv7