Описание прошивки MikroTik RouterOS 7.11
Компания MikroTik обновила версию прошивки на канале stable до версии 7.11
Прошивку можно скачать с сайта https://mikrotik.com/download
Дата выхода прошивки: 15.08.2023
Версия прошивки 7.11 содержит такие доработки и исправления:
What’s new in 7.11 (2023-Aug-15 09:33):
*) api – disallow executing commands without required parameters;
*) bfd – fixed “actual-tx-interval” value and added “remote-min-tx” (CLI only);
*) bfd – improved system stability;
*) bluetooth – added “decode-ad” command for decoding raw Bluetooth payloads (CLI only);
*) bluetooth – added “Peripheral devices” section which displays decoded Eddystone TLM and UID, iBeacon and MikroTik Bluetooth payloads;
*) bluetooth – added new AD structure type “service-data” for Bluetooth advertisement;
*) bridge – added more STP-related logging;
*) bridge – added warning when VLAN interface list contains ports that are not bridged;
*) bridge – fixed MAC learning on “switch-cpu” port with enabled FastPath;
*) bridge – fixed MSTP BPDU aging;
*) bridge – fixed MSTP synchronization after link down;
*) bridge – prevent bridging the VLAN interface created on the same bridge;
*) certificate – allow to import certificate with DNS name constraint;
*) certificate – fixed PEM import;
*) certificate – fixed trust store CRL link if generated on an older version (introduced in v7.7);
*) certificate – improved CRL download retry handling;
*) certificate – removed request for “passphrase” property on import;
*) certificate – require CRL presence when using “crl-use=yes” setting;
*) certificate – restored RSA with SHA512 support;
*) conntrack – fixed “active-ipv4” property;
*) console – added “:convert” command;
*) console – added default value for “rndstr” command (16 characters from 0-9a-zA-Z);
*) console – fixed incorrect date when printing “value-list” with multiple entries;
*) console – fixed minor typos;
*) console – fixed missing “parent” for script jobs (introduced in v7.9);
*) console – fixed missing return value for ping command in certain cases;
*) console – fixed printing interval when resizing terminal;
*) console – improved flag printing in certain menus;
*) console – improved stability and responsiveness;
*) console – improved stability when canceling console actions;
*) console – improved stability when using fullscreen editor;
*) console – improved timeout for certain commands and menus;
*) console – improved VPLS “cisco-id” argument validation;
*) container – added IPv6 support for VETH interface;
*) container – added option to use overlayfs layers;
*) container – adjust the ownership of volume mounts that fall outside the container’s UID range;
*) container – fixed duplicate image name;
*) container – fixed IP address in container host file;
*) defconf – do not change admin password if resetting with “keep-users=yes”;
*) dhcp-server – fixed setting “bootp-lease-time=lease-time”;
*) discovery – fixed “lldp-med-net-policy-vlan” (introduced in v7.8);
*) dns – improved system stability when processing static DNS entries with specified address-list;
*) ethernet – fixed forced half-duplex 10/100 Mbps link speeds on CRS312 device;
*) ethernet – improved interface stability for CRS312 device;
*) fetch – improved timeout detection;
*) firewall – added warning when PCC divider argument is smaller than remainder;
*) firewall – fixed mangle “mark-connection” with “passthrough=yes” rule for TCP RST packets;
*) firewall – improved system stability when using “endpoint-independent-nat”;
*) graphing – added paging support;
*) health – added more gradual control over fans for CRS3xx, CRS5xx, CCR2xxx devices;
*) health – fixed configuration export for “/system/health/settings” menu;
*) hotspot – allow number as a first symbol in the Hotspot server DNS name;
*) ike1 – fixed Phase 1 when using aggressive exchange mode (introduced in v7.10);
*) ike2 – improved SA rekeying reply process;
*) ike2 – improved system stability when closing phase1;
*) ike2 – improved system stability when making configuration changes on active setup;
*) ike2 – log “reply ignored” as non-debug log message;
*) ipsec – fixed public key export (introduced in v7.10);
*) ipsec – fixed signature authentication using secp521r1 certificate (introduced in v7.10);
*) ipsec – improved IKE2 rekey process;
*) ipsec – properly check ph2 approval validity when using IKE1 exchange mode;
*) l3hw – changed minimal supported values for “neigh-discovery-interval” and “neigh-keepalive-interval” properties;
*) l3hw – fixed /32 and /128 route offloading after nexthop change;
*) l3hw – fixed incorrect source MAC usage for offloaded bonding interface;
*) l3hw – improved system responsiveness during partial offloading;
*) l3hw – improved system stability during IPv6 route offloading;
*) l3hw – improved system stability;
*) led – fixed manually configured user LED for RB2011;
*) leds – blink red system-led when LTE is not connected to the network on D53 devices;
*) leds – fixed system-led color for “GSM EGPRS” RAT on D53 devices;
*) lora – added new EUI field;
*) lora – added uplink message filtering option using NetID or JoinEUI;
*) lora – moved LoRa service to IoT package;
*) lora – properly apply configuration changes when multiple LoRa cards are used;
*) lora – updated LoRa firmware for R11e-LR8, R11e-LR9 and R11e-LR2 cards;
*) lte – added “at-chat” support for Dell DW5821e-eSIM modem;
*) lte – added “at-chat” support for Dell DW5829 modem;
*) lte – added “at-chat” support for Fibocom L850-GL modem;
*) lte – added “at-chat” support for SIMCom 8202G modem;
*) lte – added “band” info to the “monitor” command for MBIM modems that support serving cell info reporting over MBIM;
*) lte – added extended support for Neoway N75 modem;
*) lte – fixed Dell DW5221E “at-chat” support;
*) lte – fixed LtAP mini default SIM slot “down” changeover to “up” after an upgrade (introduced in v7.10beta1);
*) lte – fixed NR SINR reporting for Chateau 5G;
*) lte – fixed R11e-LTE, R11e-LTE6 legacy 2G/3G RAT mode selection;
*) lte – fixed Telit LE910C4 “at-chat” support;
*) lte – improved initial interface startup time for SXT LTE 3-7;
*) lte – improved system stability when changing the “radio” state for MBIM modems;
*) lte – only listen to DHCP packets for LTE passtrough interface in auto mode when looking for the host;
*) modem – added initial support for BG77 modem DFOTA firmware update;
*) modem – changed Quectel EC25 portmap to expose DM (diag port), DM channel=0, GPS channel=1;
*) modem – fixed missing sender’s last symbol in SMS inbox if the sender is an alphabetic string;
*) mpls – improved MPLS TCP performance;
*) mqtt – added more MQTT publish configuration options;
*) mqtt – added new MQTT subscribe feature;
*) netwatch – added “src-address” property;
*) netwatch – changed “thr-tcp-conn-time” argument to time interval;
*) ovpn – do not try to use the “bridge” setting from PPP/Profile, if the OVPN server is used in IP mode (introduced in v7.10);
*) ovpn – fixed OVPN server peer-id negotiation;
*) ovpn – fixed session-timeout when using UDP mode;
*) ovpn – improved key renegotiation process;
*) ovpn – include “connect-retry 1” and “reneg-sec” parameters into the OVPN configuration export file;
*) ovpn – properly close OVPN session on the server when client gets disconnected;
*) package – treat disabled packages as enabled during upgrade;
*) poe – fixed missing PoE configuration section under specific conditions;
*) poe-out – advertise LLDP power-mdi-long even if no power allocation was requested (introduced in v7.7);
*) pppoe – fixed PPPoE client trying to establish connection when parent interface is inactive;
*) profile – added “container” process classifier;
*) profile – properly classify “console” related processes;
*) qos-hw – keep VLAN priority in packets that are sent from CPU;
*) quickset – correctly apply configuration when using “DHCP Server Range” property;
*) resource – fixed erroneous CPU usage values;
*) rose-storage – added “scsi-scan” command (CLI only);
*) rose-storage – added disk stats for ramdisks;
*) rose-storage – fixed RAID 0 creation;
*) rose-storage – limit striped RAID element size to smallest disk size;
*) route – added comment for BFD configuration (CLI only);
*) route – convert BFD timers from milliseconds to microseconds after upgrade;
*) routerboard – fixed “gpio-function” setting on RBM33G (“/system routerboard upgrade” required);
*) routerboard – improved RouterBOOT stability for Alpine CPUs (“/system routerboard upgrade” required);
*) routerboard – removed unnecessary serial port for netPower16P and hAP ax lite devices (“/system routerboard upgrade” required);
*) routerboot – increased etherboot bootp timeout to 40s on MIPSBE and MMIPS devices (“/system routerboard upgrade” required);
*) sfp – fixed incorrect optical SFP temperature readings (introduced in v7.10);
*) sfp – improved interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 based switches;
*) sfp – improved optical QSFP interface handling for 98DX8332, 98DX3257, 98DX4310, 98DX8525 switches;
*) sfp – improved Q/SFP interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) sfp – reduce CPU load due to SFP interface handling for CCR2116, CCR2216, CCR2004-12S+2XS, CRS312, CRS518 devices (introduced in v7.9)
*) sms – increased wait time for modem startup;
*) ssh – fixed host public key export (introduced in v7.9);
*) ssh – fixed private key import (introduced in v7.9);
*) ssh – fixed SSH key agreement on the client side when ed25519 used under server settings;
*) ssh – fixed user RSA private key import;
*) switch – fixed “reset-counters” for “switch-cpu”;
*) switch – fixed BPDU packet processing on MT7621, MT7531 with HW offloaded vlan-filtering;
*) switch – improved multicast packet forwarding on MT7621;
*) system – disallow setting a non-existing CPU core number for system IRQ;
*) system – increased maximum supported CPU core count to 512 on CHR and x86;
*) system – reduced RAM usage for SMIPS devices;
*) tftp – improved file name matching;
*) user – added “sensitive” policy requirement for SSH key and certificate export;
*) w60g – improved stability for Cube 60Pro ac and CubeSA 60Pro ac devices;
*) webfig – added option to enable wide view in item list;
*) webfig – fixed “Connect To” configuration changes for L2TP client;
*) webfig – fixed gray-out italic font for entries after enable;
*) webfig – use router time zone for date and time;
*) wifiwave2 – added “steering” parameters and menu to set up and monitor AP neighbor groups (CLI only);
*) wifiwave2 – added more information on roaming candidates to BSS transition management requests (802.11v) and neighbor report responses (802.11k);
*) wifiwave2 – added option to filter frames captured by the sniffer command (CLI only);
*) wifiwave2 – automatically add wifi interfaces to appropriate bridge VLAN when wireless clients with new VLAN IDs connect;
*) wifiwave2 – changed default behavior for handling duplicate client MAC addresses, added settings for changing it (CLI only);
*) wifiwave2 – enabled PMK caching with EAP authentication types;
*) wifiwave2 – fixed “reg-info” information for several countries;
*) wifiwave2 – fixed “security.sae-max-failure” rate not limiting authentications correctly in some cases;
*) wifiwave2 – fixed clearing CAPsMAN Common Name when disabling “lock-to-caps-man”;
*) wifiwave2 – fixed interface hangs on IPQ6010-based boards (introduced in v7.9);
*) wifiwave2 – improved stability when changing interface settings;
*) wifiwave2 – improved stability when receiving malformed WPA3-PSK authentication frames;
*) wifiwave2 – make info log less verbose during client roaming (some info moved to wireless,debug log);
*) wifiwave2 – rename “reg-info” country argument from “Macedonia” to “North Macedonia”;
*) wifiwave2 – use correct status code when rejecting WPA3-PSK re-association;
*) winbox – added missing status values for Ethernet and Cable Test;
*) winbox – added warning about non-running probe due to “startup-delay”;
*) winbox – fixed “Storm Rate” property under “Switch/Port” menu;
*) winbox – fixed BGP affinity display;
*) winbox – fixed default “Ingress Filtering” value under “Bridge” menu;
*) winbox – improved supout.rif progress display;
*) winbox – rename “Group Master” property to “Group Authority” under “Interface/VRRP” menu;
*) wireguard – fixed peer connection using DNS name on IP change;
*) wireguard – fixed peer IPv6 “allowed-address” usage;
*) wireless – ignore EAPOL Logoff frames;
*) x86 – updated e1000 driver;
[/vc_column_text]
Как обновить прошивку MikroTik RouterOS stable 7.11
Самый доступный метод обновление прошивки – через Winbox или web интерфейс(раздел Webfig).
Также можно воспользоваться окном Терминала(Terminal) в Winbox.
Обновление прошивки MikroTik через командную строку →