Описание прошивки MikroTik RouterOS 7.11
Компания MikroTik обновила версию прошивки на канале stable до версии 7.11
Прошивку можно скачать с сайта https://mikrotik.com/download
Дата выхода прошивки: 15.08.2023
Версия прошивки 7.11 содержит такие доработки и исправления:
What’s new in 7.11 (2023-Aug-15 09:33):
*) api — disallow executing commands without required parameters;
*) bfd — fixed «actual-tx-interval» value and added «remote-min-tx» (CLI only);
*) bfd — improved system stability;
*) bluetooth — added «decode-ad» command for decoding raw Bluetooth payloads (CLI only);
*) bluetooth — added «Peripheral devices» section which displays decoded Eddystone TLM and UID, iBeacon and MikroTik Bluetooth payloads;
*) bluetooth — added new AD structure type «service-data» for Bluetooth advertisement;
*) bridge — added more STP-related logging;
*) bridge — added warning when VLAN interface list contains ports that are not bridged;
*) bridge — fixed MAC learning on «switch-cpu» port with enabled FastPath;
*) bridge — fixed MSTP BPDU aging;
*) bridge — fixed MSTP synchronization after link down;
*) bridge — prevent bridging the VLAN interface created on the same bridge;
*) certificate — allow to import certificate with DNS name constraint;
*) certificate — fixed PEM import;
*) certificate — fixed trust store CRL link if generated on an older version (introduced in v7.7);
*) certificate — improved CRL download retry handling;
*) certificate — removed request for «passphrase» property on import;
*) certificate — require CRL presence when using «crl-use=yes» setting;
*) certificate — restored RSA with SHA512 support;
*) conntrack — fixed «active-ipv4» property;
*) console — added «:convert» command;
*) console — added default value for «rndstr» command (16 characters from 0-9a-zA-Z);
*) console — fixed incorrect date when printing «value-list» with multiple entries;
*) console — fixed minor typos;
*) console — fixed missing «parent» for script jobs (introduced in v7.9);
*) console — fixed missing return value for ping command in certain cases;
*) console — fixed printing interval when resizing terminal;
*) console — improved flag printing in certain menus;
*) console — improved stability and responsiveness;
*) console — improved stability when canceling console actions;
*) console — improved stability when using fullscreen editor;
*) console — improved timeout for certain commands and menus;
*) console — improved VPLS «cisco-id» argument validation;
*) container — added IPv6 support for VETH interface;
*) container — added option to use overlayfs layers;
*) container — adjust the ownership of volume mounts that fall outside the container’s UID range;
*) container — fixed duplicate image name;
*) container — fixed IP address in container host file;
*) defconf — do not change admin password if resetting with «keep-users=yes»;
*) dhcp-server — fixed setting «bootp-lease-time=lease-time»;
*) discovery — fixed «lldp-med-net-policy-vlan» (introduced in v7.8);
*) dns — improved system stability when processing static DNS entries with specified address-list;
*) ethernet — fixed forced half-duplex 10/100 Mbps link speeds on CRS312 device;
*) ethernet — improved interface stability for CRS312 device;
*) fetch — improved timeout detection;
*) firewall — added warning when PCC divider argument is smaller than remainder;
*) firewall — fixed mangle «mark-connection» with «passthrough=yes» rule for TCP RST packets;
*) firewall — improved system stability when using «endpoint-independent-nat»;
*) graphing — added paging support;
*) health — added more gradual control over fans for CRS3xx, CRS5xx, CCR2xxx devices;
*) health — fixed configuration export for «/system/health/settings» menu;
*) hotspot — allow number as a first symbol in the Hotspot server DNS name;
*) ike1 — fixed Phase 1 when using aggressive exchange mode (introduced in v7.10);
*) ike2 — improved SA rekeying reply process;
*) ike2 — improved system stability when closing phase1;
*) ike2 — improved system stability when making configuration changes on active setup;
*) ike2 — log «reply ignored» as non-debug log message;
*) ipsec — fixed public key export (introduced in v7.10);
*) ipsec — fixed signature authentication using secp521r1 certificate (introduced in v7.10);
*) ipsec — improved IKE2 rekey process;
*) ipsec — properly check ph2 approval validity when using IKE1 exchange mode;
*) l3hw — changed minimal supported values for «neigh-discovery-interval» and «neigh-keepalive-interval» properties;
*) l3hw — fixed /32 and /128 route offloading after nexthop change;
*) l3hw — fixed incorrect source MAC usage for offloaded bonding interface;
*) l3hw — improved system responsiveness during partial offloading;
*) l3hw — improved system stability during IPv6 route offloading;
*) l3hw — improved system stability;
*) led — fixed manually configured user LED for RB2011;
*) leds — blink red system-led when LTE is not connected to the network on D53 devices;
*) leds — fixed system-led color for «GSM EGPRS» RAT on D53 devices;
*) lora — added new EUI field;
*) lora — added uplink message filtering option using NetID or JoinEUI;
*) lora — moved LoRa service to IoT package;
*) lora — properly apply configuration changes when multiple LoRa cards are used;
*) lora — updated LoRa firmware for R11e-LR8, R11e-LR9 and R11e-LR2 cards;
*) lte — added «at-chat» support for Dell DW5821e-eSIM modem;
*) lte — added «at-chat» support for Dell DW5829 modem;
*) lte — added «at-chat» support for Fibocom L850-GL modem;
*) lte — added «at-chat» support for SIMCom 8202G modem;
*) lte — added «band» info to the «monitor» command for MBIM modems that support serving cell info reporting over MBIM;
*) lte — added extended support for Neoway N75 modem;
*) lte — fixed Dell DW5221E «at-chat» support;
*) lte — fixed LtAP mini default SIM slot «down» changeover to «up» after an upgrade (introduced in v7.10beta1);
*) lte — fixed NR SINR reporting for Chateau 5G;
*) lte — fixed R11e-LTE, R11e-LTE6 legacy 2G/3G RAT mode selection;
*) lte — fixed Telit LE910C4 «at-chat» support;
*) lte — improved initial interface startup time for SXT LTE 3-7;
*) lte — improved system stability when changing the «radio» state for MBIM modems;
*) lte — only listen to DHCP packets for LTE passtrough interface in auto mode when looking for the host;
*) modem — added initial support for BG77 modem DFOTA firmware update;
*) modem — changed Quectel EC25 portmap to expose DM (diag port), DM channel=0, GPS channel=1;
*) modem — fixed missing sender’s last symbol in SMS inbox if the sender is an alphabetic string;
*) mpls — improved MPLS TCP performance;
*) mqtt — added more MQTT publish configuration options;
*) mqtt — added new MQTT subscribe feature;
*) netwatch — added «src-address» property;
*) netwatch — changed «thr-tcp-conn-time» argument to time interval;
*) ovpn — do not try to use the «bridge» setting from PPP/Profile, if the OVPN server is used in IP mode (introduced in v7.10);
*) ovpn — fixed OVPN server peer-id negotiation;
*) ovpn — fixed session-timeout when using UDP mode;
*) ovpn — improved key renegotiation process;
*) ovpn — include «connect-retry 1» and «reneg-sec» parameters into the OVPN configuration export file;
*) ovpn — properly close OVPN session on the server when client gets disconnected;
*) package — treat disabled packages as enabled during upgrade;
*) poe — fixed missing PoE configuration section under specific conditions;
*) poe-out — advertise LLDP power-mdi-long even if no power allocation was requested (introduced in v7.7);
*) pppoe — fixed PPPoE client trying to establish connection when parent interface is inactive;
*) profile — added «container» process classifier;
*) profile — properly classify «console» related processes;
*) qos-hw — keep VLAN priority in packets that are sent from CPU;
*) quickset — correctly apply configuration when using «DHCP Server Range» property;
*) resource — fixed erroneous CPU usage values;
*) rose-storage — added «scsi-scan» command (CLI only);
*) rose-storage — added disk stats for ramdisks;
*) rose-storage — fixed RAID 0 creation;
*) rose-storage — limit striped RAID element size to smallest disk size;
*) route — added comment for BFD configuration (CLI only);
*) route — convert BFD timers from milliseconds to microseconds after upgrade;
*) routerboard — fixed «gpio-function» setting on RBM33G («/system routerboard upgrade» required);
*) routerboard — improved RouterBOOT stability for Alpine CPUs («/system routerboard upgrade» required);
*) routerboard — removed unnecessary serial port for netPower16P and hAP ax lite devices («/system routerboard upgrade» required);
*) routerboot — increased etherboot bootp timeout to 40s on MIPSBE and MMIPS devices («/system routerboard upgrade» required);
*) sfp — fixed incorrect optical SFP temperature readings (introduced in v7.10);
*) sfp — improved interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 based switches;
*) sfp — improved optical QSFP interface handling for 98DX8332, 98DX3257, 98DX4310, 98DX8525 switches;
*) sfp — improved Q/SFP interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) sfp — reduce CPU load due to SFP interface handling for CCR2116, CCR2216, CCR2004-12S+2XS, CRS312, CRS518 devices (introduced in v7.9)
*) sms — increased wait time for modem startup;
*) ssh — fixed host public key export (introduced in v7.9);
*) ssh — fixed private key import (introduced in v7.9);
*) ssh — fixed SSH key agreement on the client side when ed25519 used under server settings;
*) ssh — fixed user RSA private key import;
*) switch — fixed «reset-counters» for «switch-cpu»;
*) switch — fixed BPDU packet processing on MT7621, MT7531 with HW offloaded vlan-filtering;
*) switch — improved multicast packet forwarding on MT7621;
*) system — disallow setting a non-existing CPU core number for system IRQ;
*) system — increased maximum supported CPU core count to 512 on CHR and x86;
*) system — reduced RAM usage for SMIPS devices;
*) tftp — improved file name matching;
*) user — added «sensitive» policy requirement for SSH key and certificate export;
*) w60g — improved stability for Cube 60Pro ac and CubeSA 60Pro ac devices;
*) webfig — added option to enable wide view in item list;
*) webfig — fixed «Connect To» configuration changes for L2TP client;
*) webfig — fixed gray-out italic font for entries after enable;
*) webfig — use router time zone for date and time;
*) wifiwave2 — added «steering» parameters and menu to set up and monitor AP neighbor groups (CLI only);
*) wifiwave2 — added more information on roaming candidates to BSS transition management requests (802.11v) and neighbor report responses (802.11k);
*) wifiwave2 — added option to filter frames captured by the sniffer command (CLI only);
*) wifiwave2 — automatically add wifi interfaces to appropriate bridge VLAN when wireless clients with new VLAN IDs connect;
*) wifiwave2 — changed default behavior for handling duplicate client MAC addresses, added settings for changing it (CLI only);
*) wifiwave2 — enabled PMK caching with EAP authentication types;
*) wifiwave2 — fixed «reg-info» information for several countries;
*) wifiwave2 — fixed «security.sae-max-failure» rate not limiting authentications correctly in some cases;
*) wifiwave2 — fixed clearing CAPsMAN Common Name when disabling «lock-to-caps-man»;
*) wifiwave2 — fixed interface hangs on IPQ6010-based boards (introduced in v7.9);
*) wifiwave2 — improved stability when changing interface settings;
*) wifiwave2 — improved stability when receiving malformed WPA3-PSK authentication frames;
*) wifiwave2 — make info log less verbose during client roaming (some info moved to wireless,debug log);
*) wifiwave2 — rename «reg-info» country argument from «Macedonia» to «North Macedonia»;
*) wifiwave2 — use correct status code when rejecting WPA3-PSK re-association;
*) winbox — added missing status values for Ethernet and Cable Test;
*) winbox — added warning about non-running probe due to «startup-delay»;
*) winbox — fixed «Storm Rate» property under «Switch/Port» menu;
*) winbox — fixed BGP affinity display;
*) winbox — fixed default «Ingress Filtering» value under «Bridge» menu;
*) winbox — improved supout.rif progress display;
*) winbox — rename «Group Master» property to «Group Authority» under «Interface/VRRP» menu;
*) wireguard — fixed peer connection using DNS name on IP change;
*) wireguard — fixed peer IPv6 «allowed-address» usage;
*) wireless — ignore EAPOL Logoff frames;
*) x86 — updated e1000 driver;
[/vc_column_text]
Как обновить прошивку MikroTik RouterOS stable 7.11
Самый доступный метод обновление прошивки — через Winbox или web интерфейс(раздел Webfig).
Также можно воспользоваться окном Терминала(Terminal) в Winbox.
