Описание прошивки MikroTik RouterOS 7.6

Компания MikroTik обновила версию прошивки на канале stable до версии 7.6

Прошивку можно скачать с сайта https://mikrotik.com/download

Дата выхода прошивки: 17.10.2022

Версия прошивки 7.6 содержит такие доработки и исправления:

What’s new in 7.6 (2022-Oct-17 13:55):

*) bgp – added support for BGP advertisement displaying (CLI only);
*) bgp – fixed reporting of session uptime;
*) bgp – improved session establishment speed after bootup;
*) bonding – fixed ARP monitor packets with bond’s MAC address;
*) bonding – improved interface stability on slave configuration changes;
*) bonding – reduce “actual-mtu” according to interface “l2mtu”;
*) branding – execute “autorun.scr” file when installing branding package;
*) capsman – fixed RADIUS accounting when EAP is used;
*) certificate – fixed SHA1 certificate name lookup;
*) certificate – improved certificate management, signing and storing processes;
*) certificate – restricted maximum retry attempt window for Let’s Encrypt certificate to 60 minutes;
*) container – added “start-on-boot” parameter for automatic container startup;
*) container – allow changing container related parameters while it is running;
*) container – fixed usage of non-authenticated registries;
*) dhcpv4-server – fixed matcher functionality;
*) dhcpv4-server – fixed RADIUS accounting for local leases;
*) dhcpv4-server – improved service stability when removing dynamic leases;
*) dhcpv6-client – fixed false error status reporting when server offers T1 or T2 value as 0;
*) dns – added “match-subdomain” option for static entries (CLI only);
*) dot1x – fixed incorrect error when using “mac-auth”;
*) ethernet – added “5Gbps” option for speed setting;
*) firewall – added “src/dst-address-type” parameter under “IPv6/Firewall/Mangle” menu;
*) firewall – disable IRC NAT helper on upgrade;
*) firewall – fixed IPv6 filtering with “in/out-interface” matcher that is in VRF;
*) firewall – fixed IRC NAT helper (CVE-2022-2663);
*) firewall – fixed usage of “netmap” action for IPv6 source NAT;
*) health – fixed fan speed and temperature reporting on CCR1072;
*) health – improved voltage reading on RBmAP-2nD;
*) hotspot – fixed service initialization when HTML directory configured on an external disk;
*) hotspot – fixed SSL usage on all HotSpot pages;
*) hotspot – improved stability when receiving bogus packets;
*) hotspot – limit maximum allowed connections based on free RAM resources;
*) hotspot – removed “routerboard.com” URL from default HotSpot advertise;
*) interface – added warning when interface has configured “mtu” higher than “l2mtu”;
*) ipsec – added “invalid-packets” counter for Installed SA’s menu;
*) ipsec – fixed packet processing by hardware encryption engine on MMIPS devices;
*) l3hw – added “l3hw-settings” sub menu under the switch menu;
*) l3hw – added support for IPv6 route offloading (disabled by default);
*) l3hw – fixed “H” flag presence for accelerated connection tracking entries;
*) l3hw – fixed possible packet loss when using HW offloaded NAT;
*) l3hw – improved connected host offloading on startup;
*) l3hw – improved connected IPv6 host offloading when routing table is nearly full for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) l3hw – improved system stability;
*) l3hw – made route offloading selection work only on unicast;
*) lte – added interface name in MTU debug logging message;
*) lte – added periodic IPv6 RS to trigger IPv6 adress acquisition for non-MBIM modems;
*) lte – added support for Neoway N75-EA;
*) lte – added support to perform FOTA upgrade from local file for EG12-EA, EG18-EA, RG502Q-AE, EG06-A, EP06-A modems;
*) lte – disabled RPLMN on Chateau 5G;
*) lte – fixed at-chat on Telit FN980m;
*) lte – fixed handover from UMTS to LTE when PS activation had failed for MBIM modems;
*) lte – fixed MBIM modem initialization;
*) lte – fixed re-attaching on PS detach for MBIM modems;
*) lte – removed reconnect delay after receiving DETACH notification for MBIM modems;
*) macsec – added configuration support with VLAN, ARP, DHCP and bridge tagging/untagging;
*) macsec – added logging support with “debug” and “dot1x” topics;
*) macsec – added support for MTU and L2MTU;
*) macsec – fixed interface after Ethernet link down;
*) macsec – fixed interface statistics and missing properties;
*) macsec – fixed interface status;
*) macsec – fixed multiple interface creation on different Ethernet ports
*) macsec – improved interface stability;
*) macsec – improved system stability for TILE and RB5009 devices;
*) macsec – removed interface from SMIPS devices;
*) mac-telnet – respect interface MTU setting when sending packets for MAC-Telnet and MAC-WinBox;
*) netwatch – fixed string variable values in script;
*) ntp – improved initial synchronization speed after bootup;
*) ospf – added SHA hashing for authentication;
*) ospf – fixed area “no-summary” setting;
*) ospf – fixed checksum calculation;
*) ospf – fixed displaying of VRF interface in related logs;
*) ospf – fixed transmit of LSA/ACK’s on p2p interfaces;
*) ospf – improved logging when invalid configuration is detected;
*) ospf – refresh OSPFv3 interface configuration when IPv6 network becomes available;
*) ovpn – added IPv6 support;
*) ovpn – added VRF support for client;
*) ppp – fixed memory leak;
*) ppp – improved service stability when multiple users disconnect simultaneously;
*) pppoe – fixed MRU negotiation even when it is set to 1500;
*) qsfp – added interface temperature warnings and shutdown;
*) queue – improved stability for CAKE type queues;
*) radius – require “policy” policy for “login” service configuration;
*) rip – fixed passwordless MD5 authentication;
*) route-filter – fixed filtering for multiple community routes;
*) route-filter – fixed memory allocation when moving entries;
*) route – fixed disappearance of inactive static routes after upgrade;
*) route – fixed memory leak;
*) routerboard – return router’s short name in “model” parameter;
*) routerboard – set “Delete” as default key to enter booter menu (“/system routerboard upgrade” required);
*) serial – added support for newer PL2303 serial controllers;
*) sfp – improved QSFP/SFP interface stability for 98DXxxxx and 98PX1012 switches;
*) sms – added “status-report-request” parameter for “send” command;
*) sms – fixed handling of SMS send attempts on unsupported modems;
*) snmp – improved retrieval of routing related OID’s;
*) snmp – improved stability when receiving bogus packets;
*) ssh – increased key generation timeout;
*) sstp – added VRF support for client;
*) supout – added tr069-client section;
*) supout – removed duplicate “bridge-controller” section;
*) switch – improved traffic forwarding at 5Gbps rate for 98DX8525, 98DX4310 switches;
*) system – renamed error messages when trying to edit or remove dynamic entries;
*) tile – improved system stability when processing packets;
*) tr069-client – do not allow “:” symbols in username;
*) tr069-client – fixed reporting of “X_MIKROTIK_MimoRSRP” parameter;
*) user-manager – accept any username for outer authentication;
*) user-manager – added “comment” parameter for batch user creation;
*) user-manager – added support for multiple accounting sessions;
*) user-manager – added variables to print profile name and end time in voucher templates;
*) user-manager – allow specifying router’s address as subnet;
*) user-manager – fixed “migrate-legacy-db” command;
*) user-manager – fixed session expiry when it is stopped by Disconnect-Request;
*) user-manager – forced username verification against client’s certificate for EAP-TLS;
*) user-manager – use “Class” attribute to associate user’s accounting session;
*) user – removed unused “dude” policy;
*) vrrp – fixed connection tracking synchronization on MMIPS and MIPSBE devices;
*) vxlan – added IPv6 support for remote VTEPs (only IPv4 or IPv6 will be used at the same time, use “vteps-ip-version” property on VXLAN interface to change the version);
*) w60g – improved system stability (introduced in v7.5);
*) webfig – fixed creation of new IPv6 routes;
*) webfig – fixed displaying of “Last Seen” parameter under “IP/DHCP Server/Leases” menu;
*) webfig – fixed hex input for “Host Uniq” field;
*) webfig – fixed unsetting of “endpoint-address” parameter under “WireGuard/Peers” menu;
*) wifiwave2 – fixed enabling of unconfigured interfaces;
*) wifiwave2 – fixed malfunction of WPA3 hash-to-element technique when enabled on multiple interfaces;
*) wifiwave2 – fixed RADIUS accounting after fast-transition;
*) wifiwave2 – fixed “WPA Key Data Length” value in EAPOL frame when FT-EAP-SHA384 AKM is used;
*) winbox – added “Active” prefix for current remote and local session ID fields for L2TP-Ether interfaces;
*) winbox – added “address-list” parameter under “IP/DNS/Static” menu;
*) winbox – added “File Name” option for “Load Config” parameter under “System/SwOS” menu;
*) winbox – added icon for TR069-client menu;
*) winbox – added MACsec support;
*) winbox – added quick filtering option for route list;
*) winbox – added “Rapid Commit” parameter support under “IPv6/DHCP-Server” menu;
*) winbox – added “Reset Traffic Counters” button for all interfaces;
*) winbox – added “type” and “status-report-request” parameters under “Tools/SMS” menu;
*) winbox – allow “timeout” value to be less than 1 under “Tools/Netwatch” menu;
*) winbox – allow to rename mounted disks;
*) winbox – changed order of tabs under “User Manager” menu;
*) winbox – changed “uptime” parameter format when using the wifiwave2 package;
*) winbox – do not show unavailable features on SMIPS devices;
*) winbox – fixed interface traffic graph drawing on RB5009;
*) winbox – fixed maximum allowed value for VRRP’s “priority” parameter;
*) winbox – fixed “Session Uptime” value for not established sessions under “Routing/BGP” menu;
*) winbox – fixed “Session Uptime” value under “Routing/BGP” menu;
*) winbox – fixed “System/SwOS” window refreshing after changes are detected;
*) winbox – fixed “User Manager/User Profiles” window refreshing after changes are detected;
*) winbox – made “backup.swb” the default value for SwOS backup;
*) winbox – made sessions removable in “User Manager” menu;
*) winbox – show “F” flag for failed entries under “Interfaces/VRRP” menu;
*) winbox – show “Switch” menu on Chateau LTE18 ax;
*) winbox – show “System/Health” only on boards that have health monitoring;
*) winbox – show “System/RouterBOARD/Mode Button” on devices that have such feature;
*) wireguard – strip whitespaces from keys;
*) wireless – disallowed using “default” as scan list or channel names;
*) wireless – fixed incorrectly applied ingress priority to non-wireless packets;
*) wireless – fixed missing wireless interface on some RB921GS-5HPacD devices;
*) www – improved stability when receiving bogus packets;
*) x86 – improved ixgbe driver support;

Как обновить прошивку MikroTik RouterOS stable 7.6

Самый доступный метод обновление прошивки – через Winbox или web интерфейс(раздел Webfig).

  1. Перейти в раздел System→Packages;
  2. Нажать кнопку Check For Updates;
  3. Установить параметр Channel = long term;
  4. Нажать кнопку Download&Install.

Как обновить прошивку MikroTik Routes OS 7.6Также можно воспользоваться окном Терминала(Terminal) в Winbox.