RouterOS 7.15 [stable] released

RouterOS 7.15 [stable] released



What's new in 7.15 (2024-May-29 15:44):


!) system - added support for AMPERE (R) and ARM64 CHR installations (new ARM64 CHR image available);

!) system - added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package);

*) bgp - added initial vpnv6 support;

*) bgp - correctly synchronize input.accept-nlri address list;

*) bgp - fixed prefix count when BGP sessions run with multiple AFIs;

*) bgp - fixed selecting local.default-address from wrong VRF;

*) bgp - use IPv6 as default address-family for IPv6 sessions;

*) bgp-vpn - use VRF interface as gateway for leaked connected routes;

*) branding - added option to hide default configuration prompt;

*) branding - added option to hide or replace default caps-mode-script;

*) bridge - added error message if MLAG peer-port is configured with "mlag-id";

*) bridge - added MLAG peer-port events to logs;

*) bridge - added MVRP support;

*) bridge - do not allow multiple bonds with same "mlag-id";

*) bridge - improved protocol-mode STP, RSTP and MSTP stability;

*) bridge - rename monitor property "path-cost" to "actual-path-cost";

*) bridge - reworked dynamic VLAN creation;

*) bridge - use default "edge=auto" for dynamically bridged interfaces (PPP, VPLS, WDS);

*) certificate - added support for different ACME servers for ssl-certificate (CLI only);

*) certificate - added support for importing pbes2 encrypted private keys with aes128;

*) certificate - added trusted parameter for certificate import;

*) certificate - allow replacing certificate with internal import;

*) certificate - delete certificate related files automatically from storage after import;

*) certificate - improved RSA key signature processing speed;

*) chr - allow to "generate-new-id" only while CHR is running on level "free" license;

*) chr - fixed bogus messages printed out while booting up the system (introduced in v7.14);

*) chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);

*) console - added "byte-array" option to ":convert" command;

*) console - added "proplist" parameter to interactive commands;

*) console - added "rows" property for sniffer quick mode;

*) console - added "sanitize-names" property under "/console/settings" menu (option for replacing reserved characters with underscores for files, disabled by default);

*) console - added "type" parameter to ":resolve" command;

*) console - added "use-script-permissions" option when running scripts from CLI;

*) console - added hotkey "F8" to print entire multiline input;

*) console - added link from "/iot/lora" to "/lora";

*) console - added log for script execution failures;

*) console - added multi-line print in "/file" menu;

*) console - added option to get "about" value (dynamically created text field by RouterOS services like CAPsMAN);

*) console - added option to read and change file line endings in full-screen editor;

*) console - added warning log for modified filenames due to reserved characters;

*) console - covert spaces, CR, LF in ":convert to=url" command;

*) console - do not convert string to array in ":deserialize" command;

*) console - fixed ":onerror" behavior when "do" block is missing;

*) console - fixed "export where" functionality in certain menus;

*) console - fixed console prompt when entering hot lock mode with "F7";

*) console - fixed DHCP server "authoritative=no" configuration export;

*) console - fixed do/while implementation not working with variables (introduced in v7.14);

*) console - fixed filtering by "dhcp" flag in "/ip/arp" menu;

*) console - fixed multiple typos in help;

*) console - improved stability;

*) console - optimized configuration export to prevent startup of processes without any configuration;

*) console - remove unnecessary serial ports for Alpine CPUs;

*) console - show system note before serial login if enabled;

*) console - use user permissions when running scripts from WinBox and WebFig;

*) container - do not allow negative number for "ram-high" setting;

*) defconf - do not override default DHCP server lease time;

*) defconf - fixed 5ghz-ax channel width for L11, L22 devices;

*) defconf - fixed unknown topics in log messages;

*) defconf - minor configuration script updates;

*) dhcpv4-relay - added VRF support;

*) discovery - added LLDP MAC/PHY Configuration/Status TLV support;

*) discovery - added LLDP Maximum Frame Size TLV support;

*) discovery - added LLDP Port Description TLV support;

*) discovery - advertise only physical interface name for LLDP PortID TLV;

*) discovery - always send LLDP MED Power TLV if MED was received;

*) discovery - fixed high CPU utilization when "tx-only" mode is set;

*) discovery - optimized LLDP information update;

*) disk - added option to auto configure media sharing;

*) disk - added support for formatting exfat file-system;

*) disk - improved support for file systems with non-ascii characters in file names;

*) disk - improved support for formatting ext4 file-system;

*) disk - improved system stability when adding partition with no parent;

*) disk - improved system stability;

*) disk - the "scan" command will now detect and include USB drives that were previously ejected;

*) dns - added support for "adlist";

*) dns - added VRF support;

*) dns - improved system stability when caching entries;

*) eap - improved eap-peap, eap-mschap2 client authentication (dot1x/wireless/ipsec);

*) ethernet - fixed default names for CRS310-8G+2S+ device (introduced in v7.14);

*) ethernet - fixed interface disable for CRS326-4C+20G+2Q;

*) ethernet - fixed management port disable/enable on CCR2004-1G-12S+2XS, CCR2004-1G-2XS-PCIe, CCR2216, CCR2116 devices;

*) ethernet - improved port speed downshift functionality for CRS326-4C+20G+2Q;

*) fetch - added "idle-timeout" parameter;

*) fetch - changed topic "info" to "error" for permission denied logs;

*) fetch - fixed slow throughput due to "raw" logging which occurred even when not listening to the topic (introduced in v7.13);

*) file - allow adding and renaming files and directories;

*) file - avoid refreshing whole file system during file modification;

*) file - improved external storage detection;

*) health - added "cpu-temperature" for IPQ50xx devices;

*) health - added log for fan state changes on CRS3xx, CRS5xx, CCR2xxx, CCR1016r2, CCR1036r2 devices;

*) health - fixed fan behavior for CRS310-1G-5S-4S+ (introduced in v7.14);

*) health - fixed rogue voltage on CRS510-8XS-2XQ-IN;

*) install - cdrom and hdd install images contain additional packages that can be interactively selected;

*) ipv6 - properly initialize default ND "interface=all" entry;

*) leds - fixed LEDs for L22 device;

*) lora - removed LoRa WinBox and console functionality duplication (moved to IoT package since v7.11);

*) lte - added "at-chat" support for DELL T99W175 (PID: 0x05c6 VID: 0x90d5);

*) lte - added support for concatenated AT commands in "modem-init" string;

*) lte - added support to set "modem-init" string for "dialer-less" modems;

*) lte - apply the same configuration for Microsoft branded EM12-G modem (Surface Mobile Broadband) as for Quectel EM12-G;

*) lte - do not show persistent interfaces for multi-apn slave interfaces;

*) lte - dropped support for R11e-LTE-US FOTA firmware update;

*) lte - fixed R11e-LTE-US modem dial-up;

*) lte - fixed situation where link is not restored after Quectel MBIM modem firmware update;

*) lte - improved FG621-EA modem APN authentication;

*) lte - make interface persistent (unused interface configs can be removed, allow to export and examine current configuration without the device present);

*) lte - removed 2 APN restriction for RG520F-EU modem;

*) lte - use the correct network interface for multi-interface LTE modems;

*) media - added support for DLNA;

*) metarouter - removed support;

*) modem - send APN authentication for BG77 modem also if ppp-client interface created manually;

*) netinstall - improved stability;

*) netinstall-cli - fixed incorrect server address assignment (introduced in v7.14);

*) ovpn - fixed import ovpn config when remote port is missing;

*) ovpn - fixed minor typo in error message;

*) poe-out - added LLDP power management support for devices with single PoE-out port;

*) poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);

*) poe-out - improved firmware upgrade stability for AF/AT controlled boards;

*) poe-out - moved "PoE LLDP" property from "/interface/ethernet/poe" to "/ip/neighbor/discovery-settings" and enable it by default;

*) ppp - added "enable-ipv6-accounting" option under PPP AAA menu (CLI only);

*) ppp - added log when disconnecting a client due to "WISPr-Session-Terminate-Time" RADIUS attribute;

*) ppp - allow underscores in domain names;

*) ppp - enabled monitoring of registration state, RSRP, RSRQ, SINR, PCI, CellID for BG77 modem;

*) ppp - fixed "Framed-IPv6-Pool" usage when received from RADIUS;

*) ppp - fixed "on-down" script running even when tunnel was not up;

*) profiler - added "neighbor-discovery" task;

*) ptp - added PTP support for CCR2116 device;

*) qos-hw - added "offline" tx-manager (CLI only);

*) qos-hw - added "profile" and "map" support for CPU port;

*) qos-hw - added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only);

*) qos-hw - added ECN marking support for compatible switches;

*) qos-hw - added per-queue traffic shapers (CLI only);

*) qos-hw - added Priority Flow Control for compatible switches (CLI only);

*) qos-hw - added support for QoS profile assignment via ACL rules;

*) qos-hw - added WRED support for compatible switches;

*) qos-hw - fixed port "print stats/usage" when using "from" property;

*) qos-hw - replaced buffer with bytes in QoS monitor;

*) queue - improved system stability (introduced in v7.6);

*) quickset - only show LTE mode for devices without other wireless interfaces;

*) radius - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Accept/Challenge/Reject messages;

*) radius - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;

*) route - do not allow routes with empty "dst-address";

*) route - do not redistribute loopback address as connected route;

*) route - fixed bgp-vpn prefix import with the same route distinguisher (RD);

*) route - improved system stability;

*) route - rework of route attributes;

*) route - show route-distinguisher (RD) in route print;

*) route-filter - allow setting different AFI gateways;

*) route-filter - fixed ext community list matcher;

*) sfp - added "100M-baseFX" link mode support for compatible devices;

*) sfp - added "sfp-ignore-rx-los" setting;

*) sfp - fixed "sfp-tx-fault" state indication for CRS510;

*) sfp - fixed link establishment with 100Mbps optical modules (requires "/interface ethernet reset" or adding "100M-baseFX" modes for advertise or speed properties);

*) sfp - fixed missing Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases;

*) sfp - ignore SFP RX LOS signal for modules with bad EEPROM;

*) sfp - improved "sfp-tx-power" value monitoring in certain cases;

*) sfp - improved auto-negotiation linking for some MikroTik cables and modules;

*) sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14);

*) sfp - improved system stability with some GPON modules for CCR2004 and CCR2116 devices;

*) smb - added logs for share connection requests;

*) smb - do not allow setting empty "comment" or "domain" properties;

*) sms - added option to select SMS storage;

*) sms - added SMS PDU to SMS inbox "print detail";

*) sms - added workaround for modems which do not notify regarding new SMS arrival (missing URC);

*) sms - improved SMS handling;

*) sms - removed SMS for SMIPS;

*) sms - use "gsm" logging topic for serial modem SMS logs;

*) snmp - added missing PoE-out status codes to MIKROTIK-MIB;

*) snmp - added new "mtxrOpticalVendorSerial" OID to MIKROTIK-MIB;

*) socks - attempt to parse domain name as IP before resolving;

*) ssh - added support for user Ed25519 private keys;

*) ssh - export host Ed25519 public key;

*) ssh - fixed bogus output;

*) ssh - fixed permissions to run ".auto.rsc" scripts;

*) ssh - require "policy" user policy when adding public key;

*) sstp - added SNI support;

*) sstp - disconnect clients when server is disabled;

*) storage - improved configuration storing process on first system boot after configuration reset;

*) switch - added support for multiple ingress and egress port mirroring on 98DXxxxx switches;

*) switch - added support for RSPAN mirroring on 98DXxxxx switches;

*) switch - fixed L3HW and QoS monitor during switch reset;

*) system - added resource values (Product name, File name and File version) for Windows executable files;

*) system - general work on optimizing the size of RouterOS packages;

*) system - show "cpu-frequency" for Alpine CPUs;

*) system - skip configuration upgrade from RouterOS v6 on configuration reset;

*) system - updated office address in RouterOS license;

*) system - updated online manual links from "wiki" to the help documentation;

*) timezone - updated timezone information from "tzdata2024a" release;

*) traffic-flow - detect IPv4 source address if not set;

*) traffic-flow - improved system stability;

*) userman - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Request messages;

*) userman - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;

*) vlan - added MVRP (applicant) configuration option;

*) vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;

*) vlan - fixed MTU reset on bridge after reboot;

*) vlan - limit "vlan-id" range from 1-4095 to 1-4094;

*) vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);

*) webfig - allow pasting with ctrl+v into terminal;

*) webfig - fixed column preferences for ordered tables;

*) webfig - show inherited properties for wifi interfaces;

*) wifi - added "reselect-interval" support;

*) wifi - changed interface default to "disabled=yes";

*) wifi - do not report disabled state for CAPsMAN managed interface;

*) wifi - fixed configuration export for "disabled" property;

*) wifi - improve channel selection after radar detection events;

*) wifi - improve regulatory compliance for L11, L22 devices;

*) wifi - improved interface initialization reliability on DFS channels;

*) wifi - improved stability of DFS check in the 5GHz-A band;

*) wifi - improved system stability when provisioning CAPs in certain cases;

*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;

*) wifi - report current CAPsMAN address and identity on CAP;

*) wifi - show inherited properties with "print" command (replaces "actual-configuration") and added "print config" for showing only configured values;

*) wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances;

*) wifi-qcom - updated driver;

*) winbox - added "Download" and "Flush" buttons under "System/Certificates/CRL" menu;

*) winbox - added "Flat Snoop" button under "WiFi" menu;

*) winbox - added "FT Preserve VLAN ID" setting under "WiFi/Configuration/FT" menu;

*) winbox - added "Request logout" button under "System/Users/Active Users" menu;

*) winbox - added "Trusted" checkbox under "System/Certificates/Import" menu;

*) winbox - added drop down menu for "User" property when importing SSH key under "System/User/SSH Keys" and "System/User/SSH Private Keys" menus;

*) winbox - added invalid flag under "IP/DHCP Relay" menu;

*) winbox - added key type and key length column for user SSH keys;

*) winbox - added missing SFP monitoring properties under "Interface/SFP" menu;

*) winbox - added passphrase option for SSH host key export;

*) winbox - added passphrase option for SSH host key import;

*) winbox - allow specifying size and rtmpfs size with M, G units under "System/Disks" menu;

*) winbox - allow to specify "M" or "G" postfix for download, upload or total limits under "User Manager/Limitations" menu;

*) winbox - do not show "Host Key Size" when using ed25519 key under "IP/SSH" menu;

*) winbox - fixed the issue where the skin file fails to appear in the user group menu after creation;

*) winbox - renamed "Channel" column to "Current Channel" under "Wifi" menu;

*) winbox - show "Valid Servers" and "Unknown Servers" column by default under "IP/DHCP Server/Alerts" menu;

*) winbox - show inherited properties for wifi interfaces;

*) winbox - show SIM settings for SXTR device under "Interfaces/LTE/Modem" menu;

*) winbox - updated icons for certain menus;

*) winbox - use correct values for "Jump Target" property under "IPv6/Firewall/Filter Rules" menu;

*) wireguard - added option to mark peer as responder only;

*) wireguard - added peer "name" field and display it in logs;

*) wireguard - do not attempt to connect to peer without specified endpoint-address;

*) wireguard - fixed "auto" argument usage for "private-key" and "preshared-key" settings;

*) wireguard - fixed performance issues showing QR code;

*) wireless - perform shorter channel availability check for 5600-5650MHz if regulatory domain permits it;

*) x86 - fixed ixgbe Tx hang by disabling TSO;

*) x86 - fixed VLAN tagged packet transmit for ice driver;

*) x86 - ice driver update to v1.13.7;

*) x86 - improved stability for RTL8125 driver;

*) x86 - ixgbe driver update to 5.19.9;

*) x86/chr - improved panic saving (increased minimal RAM requirements to 256MB);

Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org