Описание прошивки MikroTik RouterOS 7.8

Компания MikroTik обновила версию прошивки на канале stable до версии 7.8

Прошивку можно скачать с сайта https://mikrotik.com/download

Дата выхода прошивки: 24.02.2023

Версия прошивки 7.8 содержит такие доработки и исправления:

What’s new in 7.8 (2023-Feb-24 11:03):

!) storage — added new «rose-storage» package support for extended disk management and monitoring functionality (ARM, ARM64, Tile and x86) (CLI only);
*) bgp — fixed setting of «default-prepend» parameter;
*) bridge — fixed adding disabled MSTI;
*) bridge — fixed DHCP packet flow when using DHCP snooping, HW offloading and «use-ip-firewall»;
*) bridge — fixed possible DHCP packet corruption when using DHCP snooping;
*) bridge — fixed PVID warning typo;
*) bridge — improved HW offloading logic;
*) certificate — fixed export of a certificate when the last line of the certificate is exactly 64 bytes long;
*) certificate — fixed PBES2 certificate import;
*) certificate — improved certificate management, signing and storing processes;
*) certificate — improved multiple certificate import process;
*) conntrack — improved system stability when changing connection tracking state;
*) conntrack — improved system stability when PPTP helper is used;
*) console — added «as-string» parameter to the «:execute» command;
*) container — added authentication option for registry (CLI only);
*) container — fixed «.type» file ownership;
*) container — fixed file ownership after system upgrade for containers running on internal disk;
*) container — fixed multiple container automatic startup on boot;
*) dhcpv4-client — send DHCPv4 unicast requests to DHCPv4 relay, instead of server when it is being used;
*) disk — limit maximum TMPFS size;
*) dns — added configurable DoH concurrent query limitation parameters;
*) dns — do not cache results from «:resolve» command with specific server;
*) dns — fixed CNAME reading from the cache;
*) dns — limited «DoH max concurrent queries reached» logging messages to once per minute;
*) dns — respond with «NOERROR» to DNS requests for static domain names when appropriate type record is not configured or found on upstream server;
*) firewall — fixed bridge priority target;
*) firewall — fixed DSCP priority target for IPv6 Mangle;
*) firewall — fixed netmap range maximum address calculation for IPv6 NAT;
*) graphing — fixed hiding of target queues when «allow-target» is disabled;
*) graphing — fixed sorting of interface and queue graphs;
*) graphing — properly handle disabled and static-binding interface graphs;
*) graphing — removed «move» command for graphing rules;
*) health — fixed «temperature» and «power-consumption» readings for RB1100AHx4;
*) hotspot — fixed setting of «address» parameter for IP binding;
*) hotspot — restore cookie timeout on reboot;
*) ike2 — added support for «address», «key-id» and «dn» for Remote ID matching (CLI only);
*) ike2 — fixed active SA flush on responder after an unsuccessful peer connection attempt;
*) ipsec — added support for «Framed-Route» RADIUS attribute support;
*) ipsec — do not match incoming IKE requests by unresolved DNS name peers;
*) ipsec — fixed peer matcher for incoming connection with unresolved DNS;
*) ipv6 — added «pref64» option configuration for RA;
*) ipv6 — improved handling of «advertise» IPv6 address status changes;
*) ipv6 — limited «hop-limit» parameter value range to 255;
*) ipv6 — made distributed DNS lifetime RFC8106 compliant;
*) l3hw — added destination MAC address check for offloaded FastTrack connections;
*) led — fixed signal reading for KNOT device;
*) leds — always require to set interface name when setting «modem-signal» indication;
*) lte — added AT support for Telit LE910C4 in MBIM mode;
*) lte — fixed APN setting usage on initial connection attempt for AT based Quectel and Neoway modems;
*) lte — fixed automatic antenna selection on Chateau LTE12/LTE18;
*) lte — fixed dialing for Fibocom L850-GL module;
*) lte — fixed displaying of «subscriber-number»;
*) lte — fixed possible memory leak when using passthrough mode on Chateau 5G;
*) lte — improved AT port matching for SIMCom, Huawei, WeLink, Cinterion, BandLuxe and Sierra modems;
*) lte — improved modem detection speed in lower mini-PCIe slot on LtAP;
*) lte — improved stability for R11e-LTE6, skip connection reset on first EEMGINFO command timeout;
*) lte — LtAP improved modem detection in lower mini-PCie slot («/system routerboard upgrade» required);
*) lte — parse USSD even if encoding is unsupported;
*) mpls — fixed handling of more than 9 VRF’s;
*) mpls — fixed LDP listen socket creation before IPv6 address is ready for use;
*) mpls — improved stability when neighboring router reboots;
*) ospf — fixed «ospf-type» parameter for OSPFv3 routes;
*) ospf — fixed simple auth for OSPFv3;
*) ovpn — added AES-GCM and multicore encryption support;
*) ovpn — improved server stability;
*) ovpn — improved TLS-related error logging;
*) pimsm — improved system stability;
*) poe — added LLDP power management support for 802.3at PSE;
*) poe — properly turn off power when link not detected on hAP ax2 and hAP ax3;
*) port — fixed modem channel number on KNOT;
*) pppoe — fixed PPPoE client scan showing only one server;
*) resource — show filesystem related statistics on CCR2004;
*) route — fixed IPv6 default route presence when received from RA;
*) route — fixed printing of routing table’s «count-only» parameter;
*) route — show hoplimit and MTU properties under the «/routing route» menu for SLAAC routes;
*) routerboot — fixed format storage for RBM33G device («/system routerboard upgrade» required);
*) routerboot — fixed protected routerboot for RBM33G device («/system routerboard upgrade» required);
*) sfp — fixed false link detection with S+RJ10 on RB5009;
*) sfp — fixed reading of SFP EEPROM on single SFP port devices;
*) sfp — improved optical modules SFP compatibility on CCR2004-16G-2S+, CCR2004-1G-12S+2XS, CCR2116-12G-4S+ devices;
*) sms — improved reporting of SMS sending errors;
*) sms — log USSD response when USSD is sent over MBIM;
*) sniffer — added additional filtering parameters;
*) snmp — do not show identity in LLDP when branding is used with hide SNMP data;
*) snmp — fixed handling of disabled routes;
*) snmp — fixed reporting of total number of routes counter;
*) ssh — hard-coded «localhost» address for forwarding requests;
*) ssh — improved system stability when processing none-crypto SSH connection;
*) sstp — fixed TLS session establishment when «connect-to» is DNS name;
*) switch — fixed SFP rate select for CRS354 devices;
*) switch — improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) switch — improved system stability for 98DXxxxx switch chips;
*) swos — removed «/system swos» menu for CRS5xx series switches;
*) torch — allow «without-paging» parameter for Torch;
*) traffic-generator — increased maximum allowed stream count;
*) upgrade — show error message when license prohibits upgrade;
*) usb — changed USB auto detect behavior to default to the external USB, when no internal USB devices detected;
*) vxlan — added «dont-fragment» setting that allows managing fragmentation;
*) vxlan — added «max-fdb-size» parameter;
*) vxlan — added FastPath support;
*) webfig — allow setting numeric values in time interval fields;
*) webfig — fixed accessing of WebFig when «Interface» menu is disabled by skin;
*) webfig — fixed editing of multi-field parameters with «not» checkbox;
*) webfig — fixed handling of empty skin files;
*) webfig — improved navigation responsiveness;
*) webfig — improved skin file parsing;
*) webfig — improved terminal operation;
*) webfig — properly escape all reserved URI characters;
*) webfig — updated WebFig and graph web pages to HTML5;
*) wifiwave2 — added wireless sniffer tool to capture wireless transmissions (CLI only);
*) wifiwave2 — adjust monitoring of station interfaces to report when an interface is authorized, not just connected;
*) wifiwave2 — enabled additional channels in UNII-3 and UNII-4 bands for Europe and USA on hAP ax^2, hAP ax^3 and Chateau ax;
*) wifiwave2 — fixed compatibility with third-party devices when using SAE hash-to-element authentication with DH groups 20 and 21;
*) wifiwave2 — fixed SAE authentication for interfaces in station mode when trying to connect to APs which require an anti-clogging token (introduced in RouterOS 7.4);
*) wifiwave2 — implement 802.11w management protection SA Query procedures;
*) wifiwave2 — improve protections from denial-of-service attacks on WPA3;
*) winbox — added «Connect» button under «WifiWave2/Scan» menu;
*) winbox — added «Disable/Enable» buttons under «WifiWave2» menu;
*) winbox — added «Match Subdomain» parameter under «IP/DNS/Static» menu;
*) winbox — added «Provision» button under «WifiWave2» menu;
*) winbox — added «Start On Boot» checkbox under «Container» menu;
*) winbox — added «Tx Rate» and «Rx Rate» columns under «WifiWave2/Registration» menu;
*) winbox — added missing properties when setting «Use DoH Server»;
*) winbox — added missing WifiWave2 related parameters under «WifiWave2» menu;
*) winbox — added support for manual RAM file system (TMPFS) creation under «System/Disk» menu;
*) winbox — added Type «https-get» parameter under «Tools/Netwatch» menu;
*) winbox — allow selecting bridge for static entries under «Bridge/MDB» menu;
*) winbox — fixed displaying of «Default Prepend» value under «Routing/BGP/Sessions» menu;
*) winbox — fixed displaying of «Tx/Rx CCQ» values under «Wireless/Registration» menu;
*) winbox — fixed displaying of flags under «System/Console» menu;
*) winbox — fixed displaying of multiple character flags;
*) winbox — fixed usage of IPv6 family addresses under «IP/Web Proxy/Access» menu;
*) winbox — hide «TTL» value for static DNS entries with FWD type;
*) winbox — hide unnecessary properties for virtual interfaces under «WifiWave2» menu;
*) winbox — improved mouseover hint for «local» policy under «System/Users/Groups» menu;
*) winbox — rename «Multicast Router» monitoring property to «Is Multicast Router» under «Bridge» menu;
*) winbox — show «Gateway» column by default under «IPv6/Routes» menu;
*) x86 — added support for TP-Link TG-3468;
*) x86 — fixed SR-IOV support for Intel X710 series NIC;
*) x86 — improved Intel 500 series 10G SFP module support;
*) x86 — improved stability for Intel X550 series NIC with SR-IOV;
*) zerotier — fixed routes after VRF change;

Как обновить прошивку MikroTik RouterOS stable 7.8

Самый доступный метод обновление прошивки — через Winbox или web интерфейс(раздел Webfig).

  1. Перейти в раздел System→Packages;
  2. Нажать кнопку Check For Updates;
  3. Установить параметр Channel = stable;
  4. Нажать кнопку Download&Install.

Как обновить прошивку MikroTik Routes OS 7.8Также можно воспользоваться окном Терминала(Terminal) в Winbox.

Обновление прошивки MikroTik через командную строку