Описание прошивки MikroTik RouterOS 7.2

Компания MikroTik обновила версию прошивки на канале stable до версии 7.2

Прошивку можно скачать с сайта https://mikrotik.com/download

Дата выхода прошивки: 31.03.2022

Версия прошивки 7.2 содержит такие доработки и исправления:

What’s new in 7.2 (2022-Mar-31 12:11):

*) api – accept “Content-Type” with specified charset;
*) arm – fixed “auto” CPU frequency setting;
*) arm – fixed “shutdown” command on hAP ac^2;
*) arm64 – improved Watchdog initiated reboot reason reporting;
*) arm64 – improved low disk space handling condition on upgrade;
*) backup – added “force-v6-to-v7-configuration-upgrade” option on backup load to clear RouterOS v7 configuration and trigger reimport of RouterOS v6 route configuration (CLI only);
*) backup – fixed automatic backup generation when resetting configuration;
*) backup – fixed cloud backup’s creation timezone;
*) bgp – added BGP advertisements display (requires output.keep-sent-attributes to be set);
*) bgp – do not export default BGP values;
*) bgp – fixed VPNv4 route sending to remote peer;
*) bgp – fixed link-local iBGP address selection;
*) bgp – fixed network advertisement from address-lists after reboot;
*) bgp – fixed routing table and BGP configuration order in export;
*) bgp – improvements on detecting peers local address when IPv6 link-local addresses are used;
*) bluetooth – allow to export device, advertiser and scanner configuration;
*) bluetooth – disable scanning by default;
*) bridge – added fast-path and inter-VLAN routing FastTrack support when vlan-filtering is enabled;
*) bridge – fixed FastPath when using “frame-types=admit-only-untagged-and-priority-tagged” setting;
*) bridge – fixed PPPoE packet forwarding when using “use-ip-firewall-for-pppoe” setting;
*) bridge – fixed bridge filter and NAT rules on ARM64 and TILE devices;
*) bridge – fixed destination NAT when using “use-ip-firewall” setting;
*) bridge – fixed filter and NAT “set-priority” action;
*) bridge – fixed filter and NAT “set-priority” on ARM64 devices;
*) bridge – fixed filter rules when using interface lists;
*) bridge – fixed firewall “ingress-priority” matcher and “new-priority=from-ingress” action settings from VLAN tagged frames;
*) bridge – fixed priority tagged frame forwarding when using “frame-types=admit-only-untagged-and-priority-tagged” setting;
*) capsman – improved stability when running background scan on CAP;
*) capsman – improved system stability when processing CAP packet by Mangle;
*) ccr2004 – improved PCI timeout handling on CCR2004-1G-2XS-PCIe;
*) ccr2004 – improved system stability on CCR2004-12S+2XS;
*) certificate – allow to choose digest algorithm for CSR signing;
*) certificate – made “fingerprint” parameter read-only;
*) chr – improved system stability when writing into memory;
*) chr – temporarily suspended downgrade to RouterOS v6;
*) clock – properly notify all instances about time changes;
*) conntrack – properly detect helper status;
*) console – fixed “print” command with additional “where” condition;
*) console – improved console responsiveness when processing received characters;
*) console – made “password” parameter mandatory when creating a new user;
*) console – properly erase CLI history after configuration reset;
*) console – updated copyright notice;
*) crs1xx/2xx – fixed static switch host addresses after link down;
*) crs1xx/2xx – ignore static bridge host addresses (switch unicast-fdb should be used instead);
*) crs3xx – fixed CPU load balancing for ARM dual core devices;
*) crs3xx – fixed QSFP+ interface LEDs;
*) crs3xx – fixed watchdog timer functionality;
*) crs3xx – improved SFP+ interface linking after reboot for CRS312 device;
*) crs3xx – improved maximum allowed ACL rule calculation;
*) crs3xx – improved system stability when creating many ACL rules on CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) defconf – made “192.168.188.1/24” the default LAN IP address for LTE CPE devices;
*) dhcp-server – fixed DHCP Option decimal value parsing;
*) dhcp-server – fixed statistics sending in “Accounting Stop” packets;
*) dhcp-server – send “Class” attribute in “Accounting Request” when provided by RADIUS;
*) dhcpv4-server – allow adding comments;
*) dhcpv4-server – remove dynamic leases when server configuration is removed;
*) dhcpv4-server – reset dynamic “bcast” flag when receiving offer from DHCP relay;
*) dhcpv4-server – reset offer counter when receiving offer from DHCP relay;
*) dhcpv6 – added VRF support;
*) dot1x – added “server-fail-vlan-id”, “guest-vlan-id” and “reauth-timeout” settings for dot1x server;
*) dot1x – added “src-address”, “src-mac-address” and “src-port” settings for dynamic switch rules;
*) dot1x – added NAS-Port-ID attribute for RADIUS Access-Request;
*) dude – fixed The Dude client compatibility with RouterOS v7;
*) dude – fixed The Dude compatibility with ARM64;
*) ethernet – improved system stability when receiving large packets on devices with 88F3720 CPU (nRAY, LHGG);
*) firewall – improved available port lookup for source NAT when free port range is exhausted;
*) graphing – properly generate interface graph for traffic higher than 2.1Gbps;
*) hotspot – fixed login page over HTTPS;
*) hotspot – fixed memory leak on every web page loading;
*) hotspot – fixed web page loading using HTTPS;
*) ike2 – ignore “INITIAL-CONTACT” payload on responder when “send-initial-contact” is disabled;
*) interface – fixed minor memory leak when interface or connected route is changed;
*) ipsec – added hardware acceleration support for CCR2116;
*) ipsec – fixed “identities” menu emptying after RouterOS upgrade/reboot;
*) ipv6 – do not add duplicate dynamic prefix when static already exists;
*) ipv6 – fixed “retransmissit-interval” unit value;
*) ipv6 – fixed VLAN tagged PPPoE packet receiving on RB5009;
*) l2tp – fixed CHAP challenge packet processing over IPsec;
*) l2tp – improved service stability when disabling L2TP server with connected clients;
*) l2tp – improved system stability when processing L2TP control messages;
*) l3hw – added HW offloaded FastTrack support for inter-VLAN routing;
*) l3hw – fixed HW offloaded NAT;
*) l3hw – fixed HW offloaded routing when using 7 or more VLAN interfaces;
*) l3hw – fixed ICMP message when routed packet exceeds MTU and DF flag is set;
*) l3hw – fixed bonding source MAC address;
*) l3hw – fixed default route offloading for CRS305, CRS326-24G-2S+, CRS328, netPower, netFiber devices;
*) l3hw – improved routing table offloading for CRS305, CRS326-24G-2S+, CRS328, netPower, netFiber devices;
*) l3hw – improved system stability when using 7 or more VLAN interfaces;
*) led – fixed LED behavior on Audience;
*) led – reduced LTE signal LED range to -70;
*) leds – fixed user LED on RB750Gr3;
*) log – added warning message when connection tracking table is full;
*) log – include message also in e-mail body;
*) lora – fixed “antenna-gain” parameter unit;
*) lte – add IPv6 address on interface as well;
*) lte – added 3 APN profile support and APN name re-using on R11e-LTE6;
*) lte – added MAC address and IPv6 LL address persistence after reboot on EG12 and EG18 modems;
*) lte – added basic information support for Telit LM960 and LM940 in MBIM mode;
*) lte – added class based support for configless RNDIS LTE modems;
*) lte – added support for Uplink CA reporting;
*) lte – changed “CS/PS” registration type from “both” to “any” on R11e-LTE un R11e-LTE6;
*) lte – do not loose “band” configuration after reboot on Chateau 5G;
*) lte – do not show external antenna selector on devices that does not support it;
*) lte – enabled multi-APN and name re-use support for Chateau;
*) lte – expose diagnostics channel for all modems;
*) lte – fixed “monitor” command to not report old info;
*) lte – fixed AT command response handling on R11e-LTE;
*) lte – fixed IPv6 address addition after startup on R11e-LTE6;
*) lte – fixed MBIM modem reset on AT timeout;
*) lte – fixed link flapping when loosing cellular signal on R11e-LTE un R11e-LTE6;
*) lte – fixed packet forwarding on R11e-4G and R11e-LTE-US;
*) lte – fixed possible timeouts when sending SMS in LTE only mode on R11e-LTE;
*) lte – fixed support for Sierra MC7710;
*) lte – fixed support for Telit 960;
*) lte – improved stability on “+EGMR” response in MBIM mode;
*) lte – improved stability when modem disappears during firmware upgrade;
*) lte – improved support for sending/receiving SMS in LTE only mode on R11e-LTE6;
*) lte – made “no” the default value for “use-network-apn” parameter;
*) lte – properly recognize MBIM modem in USB port as LTE on Chateau 5G;
*) ntp – allow adding duplicate server address if dynamic entry exists;
*) ntp – fixed multicast mode support;
*) ntp – improved IPv6 address support;
*) ntp – improved service stability when none of the NTP servers are reachable for a while;
*) ntp – improved source address usage for reply packets;
*) ntp – print log change time with time-zone applied;
*) ospf – added “ptmp-broadcast” interface type (compatible with RouterOSv6 PTMP type);
*) ospf – convert ospf “static” redistribute to “static,dhcp,modem,vpn” after update from RouterOS v6;
*) ospf – fixed MD5 authentication;
*) ospf – fixed NBMA hello’s not being sent if priority is set to 0;
*) ospf – fixed default route origination when “default-originate=if-installed” “redistribute” is enabled;
*) ospf – fixed default type-3 LSA’s not being injected to stub area;
*) ospf – fixed distance if “originate-default” is set to “always”;
*) ospf – fixed external LSA not updating after prefix netmask change;
*) ospf – fixed incorrect LSA types when changing area types;
*) ospf – fixed neighbor election failure;
*) ospf – fixed neighbor stuck in ExStart;
*) ospf – fixed simple authentication;
*) ospf – general stability improvements;
*) ospf – improved DB retransmit logging;
*) ospf – improved logging;
*) ospf – improved overall stability;
*) ospf – improved stability for very large LSDB;
*) ospf – improved stability on OSPFv3 instance disabling;
*) ospf – improved stability when DR goes down;
*) ospf – improves stability when handling looped back OSPF packets;
*) ospf – properly set VRF for gateway;
*) ospf – send notifies for neighbors;
*) ovpn – added SHA2 authentication algorithm support;
*) ovpn – added hardware acceleration support for IPQ4018/IPQ4019 and AL* series chipsets;
*) ovpn – added option to send disconnect message in UDP mode;
*) ovpn – fixed large option message parsing;
*) ovpn – improved UDP session handling;
*) ovpn – improved memory allocation on Tile in “ethernet” mode;
*) ovpn – improved system stability in high load scenarios;
*) pimsm – fixed menu prints;
*) pimsm – general stability improvements;
*) poe – fixed PoE driver loading on CRS354-48P-4S+2Q+;
*) poe – update PoE firmware only on devices that support it;
*) ppp – added “comment” option for PPPoE servers;
*) ppp – fixed AT+CPIN chat when SIM PIN is specified;
*) ppp – improved stability when handling large amount of connections simultaneously;
*) ppp – show local and remote IPv6 addresses (CLI only);
*) pppoe – added option to configure “host-uniq” parameter;
*) pppoe – added option to ignore PADI messages with empty service name;
*) pppoe – use default MTU of 1492;
*) pptp – added insecure connection warning;
*) pptp – show insecure connection warning on dynamic interfaces;
*) qsfp – correctly display auto-negotiation status;
*) queue – fixed queued IPv6 traffic considered as “invalid” by Firewall;
*) queue – improved system stability when processing traffic;
*) queue – improved system stability when using more than 255 unique packet marks;
*) rb4011 – fixed jumbo frame processing on SFP+ port when using 1G module;
*) rip – added logging;
*) rip – fixed route metrics;
*) rip – fixed route redistribution;
*) rip – use nexthop with interface;
*) route – allow OSPF and RIP redistributed routes to be matched by routing filters;
*) route – fixed “min-prefix” configuration when set to 0;
*) route – fixed “suppress-hw-offload” update;
*) route – fixed “table” menu emptying after RouterOS upgrade;
*) route – fixed BGP atomic aggregate value;
*) route – fixed ECMP load balancing in FastPath;
*) route – fixed ECMP route removal;
*) route – fixed route addition to VRF from BGP;
*) route – fixed router’s LSA for PTP networks;
*) route – fixed routing configuration export on SMIPS devices;
*) route – general stability improvements;
*) route – improved routing table print speed;
*) route – show OSPF and RIP specific attributes in “/routing route” table;
*) route-filter – fixed “return” action;
*) route-filter – fixed complex matchers with “|| or and &&”;
*) route-filter – fixed incorrect invert-match configuration upgrade from RouterOS v6;
*) route-filter – fixed range conversion after update from RouterOS v6;
*) route-filters – allow to filter and modify default route if “originate-default” is set to “always”;
*) route-filters – fixed possible address list race condition and memory leak;
*) route-filters – renamed “*-set” to “*-list”;
*) routerboard – fixed “ether2” interface presence on some RBwAPGR devices;
*) routerboard – fixed WPS button functionality on Audience;
*) routing – added PCAP viewer tool for BGP advertisements debugging purposes;
*) routing-filter – fixed “bgp-*-communities-empty” matcher;
*) rpki – made RPKI verify non-strict, introduces new state “unverified”;
*) rpki – show expire timer;
*) sfp – improved SFP module detection on CRS106 and CRS112;
*) smb – fixed SMB2.0 disk size reporting;
*) smips – improved RAM allocation;
*) sms – increased “at-chat” timeout when sending SMS;
*) snmp – added SFP vendor name to optical table;
*) snmp – added support for “ipv6AddrPrefixTable” and “ipv6RouteNumber” OID’s;
*) snmp – allow two level nesting for vlan, bonding speed query;
*) socks – fixed SOCKS5 support;
*) ssh – fixed forwarding with IPv6 link-local addresses;
*) ssl – fixed CA certificate processing when “subjAltName” is marked as critical;
*) supout – added “port-controller” bridge section;
*) switch – added “rx-overflow” counter for 88E6393X (RB5009) and 88E6191X (CCR2004-16G-2S+) switch chips;
*) switch – fixed port-isolation misconfiguration detection when using multiple switches;
*) switch – improved packet forwarding with enabled “cpu-flow-control” setting between different rate interfaces for 88E6393X (RB5009) and 88E6191X (CCR2004-16G-2S+) switch chips;
*) switch – improved switch chip initialization process on bootup for CCR2004-16g-2s+ devices;
*) switch – properly limit maximum number of switch rules to 256 on RB5009;
*) system – fixed license loss on some RB1100Dx4 and RB4011 devices;
*) tr069-client – accept 200-299 codes for HTTP diagnostics;
*) tr069-client – added support for 5G band configuration;
*) tr069-client – added support for wireless “skip-DFS” configuration;
*) tr069-client – added support for wireless client uptime reporting;
*) tr069-client – fixed RPC download of “3 Vendor Configuration File” with branding package;
*) traffic-flow – do not handle NAT events when “nat-events” is disabled;
*) traffic-generator – fixed transmit speed for multiple asymmetric streams;
*) upgrade – improved 404 error handling when checking for new versions;
*) upgrade – improved downgrade prompt message;
*) ups – fixed UPS support;
*) usb – fixed display of incorrect port count for USB serial ports;
*) user – removed obsolete “tikapp” policy;
*) user – send “Class” attribute in “Accounting Request” when provided by RADIUS;
*) vlan – fixed improper VLAN priority addition for routed packets;
*) vxlan – allow unsetting “group” and “interface” properties;
*) vxlan – fixed running state after reboot when using “interface” and “group” settings;
*) webfig – do not show side menu if WebFig is disabled by skin;
*) webfig – fixed default configuration popup presence;
*) webfig – fixed user policy lookup for skin designer;
*) wifiwave2 – added “client-isolation” feature;
*) wifiwave2 – added support for handling disconnect request messages from RADIUS servers;
*) wifiwave2 – fixed calling “scan” and “frequency-scan” commands through the API;
*) winbox – added “Disconnect Notify” checkbox to “Interface/OVPN Client” menu;
*) winbox – added “Freq. Usage” and “Scan” buttons for WifiWave2 interfaces;
*) winbox – added “Ignore Missing” selector to “System/Packages” menu;
*) winbox – added “Mode” parameter under “Wireless” menu with WifiWave2 package;
*) winbox – added “Routing Table” parameter for IPv6 routes;
*) winbox – added “TLS Version” parameter for “Interface/OVPN”;
*) winbox – added “VPN” tab to “Routing/BGP” menu;
*) winbox – added “VRF” parameter for “SSH” and “Telnet” menus;
*) winbox – added “VRF” parameter to “IP/Services” menu;
*) winbox – added “comment” parameter to “User Manager/Users” menu;
*) winbox – added “host-uniq” parameter to PPPoE client interface;
*) winbox – added MLAG support;
*) winbox – added SHA256 and SHA512 “Auth” values for OVPN menu’s;
*) winbox – added ZeroTier support;
*) winbox – added explicit “Upload” and “Download” names for “Bucket Size” parameters under “Queues” menu;
*) winbox – added interface list support for “IP/Traffic Flow” menu;
*) winbox – added local/remote CPU load parameters for “Bandwidth Test”;
*) winbox – added missing “3GGP RAW” parameter under “Interface/Wireless/Interworking Profile” menu;
*) winbox – added missing “accounting”, “interim-update” and “radius-password” parameters under “IP/DHCP Server” menu;
*) winbox – added support for “Tool/Speedtest” menu;
*) winbox – added support for W60G align tool;
*) winbox – allow adding more than 100 tagged/untagged interfaces under “Bridge/VLAN” menu;
*) winbox – allow configuring “VTEP” under “Interface/VXLAN” menu;
*) winbox – allow setting “Interface” parameter for 100G LED types;
*) winbox – changed “Accept Redirects” parameter type under “IPv6/Settings” menu;
*) winbox – do not require “name” and “file name” parameters for certificate import/export;
*) winbox – do not show “Antenna Scan” button on devices that do not support it;
*) winbox – do not show connection tracking table if it has more than 10000 entries;
*) winbox – fixed “00:00:00” time printing;
*) winbox – fixed “Switch” menu on Chateau devices;
*) winbox – fixed “action” field in “IP/Web Proxy/Access” menu;
*) winbox – fixed “expires-after” certificate parameter value;
*) winbox – fixed CHR License renewing process;
*) winbox – fixed address list type parameters in “Routing” menu;
*) winbox – fixed content filtering in “Tools/Packet Sniffer/Packets” menu;
*) winbox – fixed entry order in “Tools/Packet Sniffer/Packets” menu;
*) winbox – fixed error message when adding NTH rule with “0” value;
*) winbox – fixed minor typo under “LTE” interface menu;
*) winbox – fixed switch related settings for MT7621 switch chip (hEX, hEX S, RBM33G, RBM11G, LtAP);
*) winbox – made “9” the default value for “Target” parameter under “IP/Traffic Flow” menu;
*) winbox – made “Routing Filters/Rules” table sortable;
*) winbox – made OSPF interface type names consistent between CLI and GUI;
*) winbox – moved “IP/Route/Nexthops” and “IPv6/Route/Nexthops” menus to “Routing/Nexthops”;
*) winbox – moved IPv4 and IPv6 “Rules” menus under “Routing” menu;
*) winbox – properly limit “Disconnect Timeout” value under “CAPsMAN/Configuration” menu;
*) winbox – properly save “IPv6/Settings” menu in session file;
*) winbox – properly show “v” flag instead of “y” under “IP/Route” menu;
*) winbox – properly update ethernet auto negotiation status on CHR;
*) winbox – properly update server list under “System/NTP Client/Servers” menu;
*) winbox – renamed “Keep user configuration” to “Keep users” under “System/Reset Configuration” menu;
*) winbox – renamed “MBPS” to “Mbps” value unit name in “Tools/Traffic Generator” menu;
*) winbox – renamed “Revoked” parameter to “Revoked Time” under “System/Certificates” menu;
*) winbox – report local terminal session as “local” instead of “telnet”;
*) winbox – require existing pool for “Address Pool” parameter under “IPv6/DHCP Server” menu;
*) winbox – require non empty “Packet Mark” value under “Queues” menu;
*) winbox – show “H” flag for offloaded connections in “IP/Firewall/Connections” menu;
*) winbox – show “Lost Ratio” column by default under “Tools/Traffic Generator” menu;
*) winbox – show “Routes” column by default under “PPP/Secrets” menu;
*) winbox – show “System/Health/Settings” only on boards that have configurable values;
*) winbox – show “System/SwOS” menu only on boards that have dual boot;
*) winbox – show additional columns by default for “Wireless” menu with WifiWave2 package;
*) winbox – sort “Address List” parameter values alphabetically in “IP/DHCP Server/Leases” menu;
*) winbox – updated default “Routing/BGP/Peer Cache” table appearance;
*) winbox – use “total” as default value for “Tools/Profile”;
*) wireguard – allow same peer’s public key for different interfaces;
*) wireguard – fixed IPv6 LL address generation;
*) wireguard – fixed IPv6 traffic processing with multiple peers;
*) wireguard – made “preshared-key” and “private-key” values sensitive;
*) wireless – added “3gpp-info” parameter to interworking configuration;
*) wireless – added EAP-AKA to interworking’s realm configuration;
*) wireless – added information about client signal strength to log messages about disconnections;
*) wireless – correctly preserve WMM priority when receiving packets;
*) wireless – fixed frequency range information for IPQ4019 interfaces;
*) wireless – fixed interface initialization on Metal 2SHPn;
*) wireless – improved nv2 link stability;
*) wireless – improved wireless connection stability during background scans;
*) www – fixed “tls-version” for SSL;
*) x86 – added support for Intel E810 NIC;
*) x86 – allow to select disk for install image;
*) x86 – fixed NVME partition path;
*) x86 – fixed VLAN tagged packet transmit;
*) x86 – made “no” the default value for “disable-running-check” ethernet parameter;
*) x86 – properly distinguish multiple NICs that share the same PCI bus number;
*) zerotier – fixed IPv6 support;
*) zerotier – made MAC and MTU values read-only;
*) zerotier – properly handle IP address change;

Как обновить прошивку MikroTik RouterOS stable 7.2

Самый доступный метод обновление прошивки – через Winbox или web интерфейс(раздел Webfig).

  1. Перейти в раздел System→Packages;
  2. Нажать кнопку Check For Updates;
  3. Установить параметр Channel = long term;
  4. Нажать кнопку Download&Install.

Как обновить прошивку MikroTik Routes OS 7.2Также можно воспользоваться окном Терминала(Terminal) в Winbox.