Описание прошивки MikroTik RouterOS 7.9

Компания MikroTik обновила версию прошивки на канале stable до версии 7.9

Прошивку можно скачать с сайта https://mikrotik.com/download

Дата выхода прошивки: 02.05.2023

Версия прошивки 7.9 содержит такие доработки и исправления:

What’s new in 7.9 (2023-May-02 08:35):

*) bgp — improved BGP VPN selection;
*) bridge — added warning log when «ageing-time» exceeds supported hardware limit for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) bridge — fixed FastPath when setting «use-ip-firewall-for-vlan» or «use-ip-firewall-for-pppoe» without enabled «use-ip-firewall»;
*) certificate — fixed bogus log messages;
*) chr — fixed public SSH key pulling when running on AWS;
*) console — added «/task» submenu (CLI only);
*) console — added option to create new files using «/file add» command (CLI only);
*) console — improved stability when doing «/console inspect» in certain menus;
*) console — improved stability when editing long strings;
*) console — improved system stability;
*) console — removed bogus «reset» command from «/system resource usb» menu;
*) console — rename flag «seen reply» to «seen-reply» under «/ipv6 firewall connection» menu;
*) console — replaced «fingerprint» with «skid» in «/certificate print»;
*) console — show Ethernet advertise, speed and duplex settings depending on configured auto-negotiation;
*) container — fixed invoking «container shell» more than once;
*) container — improved «container pull» to support OCI manifest format;
*) defconf — added CAPs mode script for wifiwave2 devices;
*) detnet — fixed interface state detection after reboot;
*) dhcp — changed the default lease time for newly created DHCP servers to 30 minutes;
*) dhcpv4-server — release lease if «check-status» reveals no conflict;
*) disk — improved system stability when removing USB while formatting;
*) ethernet — fixed half-duplex forced mode at 10Mbps and 100Mbps on ether1 for RB5009, Chateau 5G ax and hAP ax3 devices;
*) filesystem — fixed partition «copy-to» function;
*) firewall — added «connection-nat-state» to IPv6 mangle and filter rules;
*) health — added limited manual control over fans for CRS3xx, CRS5xx, CCR2xxx devices;
*) health — fixed bogus value reporting for CRS510 device;
*) ike2 — fixed minor logging typo;
*) ipsec — added error log message when peer ID does not match certificate;
*) ipsec — fixed packet processing by hardware encryption engine on RB850Gx2 device;
*) ipsec — refactor X.509 implementation;
*) ipv6 — added «valid» and «lifetime» parameters for SLAAC IPv6 addresses;
*) ipv6 — send out RA packet with «preferred-lifetime» set to «0» when IPv6 address is deactivated;
*) l3hw — improved route offloading for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) leds — disable LEDs after «/system shutdown»;
*) lte — capped maximum lifetime of SLAAC address to 1 hour;
*) lte — fixed CA band clearing on RAT mode change;
*) lte — fixed duplicate IPv6 route for lte interface when «ipv6-interface» setting is used;
*) lte — fixed LTE interface not showing up when resetting RouterOS configuration;
*) lte — fixed passthrough mode when used together with another APN for Chateau 5G;
*) lte — fixed R11-LTE-US in LTE passthrough mode;
*) lte — fixed R11e-LTE-US reporting of RSSI in LTE mode;
*) lte — fixed re-attach in some cases where module would stay in not-running state after network detach;
*) lte — fixed second modem halt on dual R11e-LTE6 setup;
*) lte — improved system stability when changing LTE interface configuration during network scan with MBIM modems (introduced in v7.8);
*) mpls- fixed LDP «preferred-afi» parameter;
*) netinstall-cli — improved device reinstall on failed attempt;
*) netwatch — added «startup-delay» setting (CLI only);
*) netwatch — improved ICMP status evaluation when no reply was present;
*) netwatch — limit «start-delay» range;
*) ospf — fixed processing of fragmented LSAs;
*) ovpn — added support for OVPN server configuration export and client configuration import from .ovpn file;
*) ovpn — improved system stability for Tile devices;
*) quickset — fixed displaying of «SINR» when value is 0;
*) rose-storage — added option to nvme-discover with hostname (CLI only);
*) rose-storage — fixed crash on nvme-tcp disable;
*) rose-storage — fixed rsync transfer permissions;
*) rose-storage — various stability fixes;
*) route — fixed «dynamic-id» for VRF tables;
*) route — improved system stability when making routing decision;
*) route — show SLAAC routes under the «/routing route» menu;
*) route-filter — improved stability when matching blackhole routes;
*) routerboot — added «preboot-etherboot» and «preboot-etherboot-server» settings («/system routerboard upgrade» required) (CLI only);
*) sfp — added log warning about failed auto-initialization on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp — allow modules that hold «TX_FAULT» high signal all the time on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp — allow modules with bad or no EEPROM in forced mode on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp — fixed «rate-select» functionality on CCR2004-16G-2S+ and CCR2004-1G-12S+2XS devices (introduced in v7.8);
*) sfp — fixed combo-ether link monitor for CRS328-4C-20S-4S+ switch;
*) sfp — improved module initialization and display more detailed initialization status on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) sfp — improved SFP28 interface stability with some optical modules for CRS518 switch;
*) sfp — improved system stability with some SFP GPON modules on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devices;
*) snmp — fixed SNMPv3 «Reportable» flag behavior;
*) snmp — improved outputting of routes;
*) socks — added VRF support;
*) ssh — added Ed25519 host key support;
*) ssh — added support for Ed25519 key export and import in PKCS8 format;
*) ssh — do not allow SHA1 usage with strong crypto enabled;
*) ssh — improved service responsiveness when changing SSH service settings;
*) ssh — improved SSH key import process;
*) storage — mount RAM drive for devices with 32MB flash;
*) supout — added DHCP server network section;
*) switch — fixed ACL rules matching IPv6 packets when using only IPv4 matchers;
*) switch — improved system stability during rapid MAC flapping for 98DXxxxx switches;
*) switch — improved system stability for 98DX8208, 98DX8216, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) timezone — updated timezone information from «tzdata2023c» release;
*) vrrp — added «self» value for «group-master» setting;
*) vxlan — added forwarding table;
*) vxlan — fixed packet drops when host moves between remote VTEPs;
*) webfig — added inline comments;
*) webfig — fixed «Destination» value under «MPLS/Forwarding-Table» menu;
*) webfig — fixed issue where «Certificate» value disappears under «IP/Services» menu;
*) webfig — fixed issue where entries might be missing under «IP/DHCP-Server» menu;
*) webfig — various stability fixes;
*) wifiwave2 — added «radio/reg-info» command to show regulatory requirements (currently implemented for 802.11ac interfaces) (CLI only);
*) wifiwave2 — added ability to configure antenna gain;
*) wifiwave2 — added ability to configure beacon interval and DTIM period;
*) wifiwave2 — added information on additional interface capabilities to radio parameters;
*) wifiwave2 — automatically add a VLAN-tagged interface to the appropriate bridge VLAN;
*) wifiwave2 — exit sniffer command and return error when trying to sniff on an unsupported channel;
*) wifiwave2 — fixed 802.11r roaming for clients that performed initial authentication with an AP which has been restarted since;
*) wifiwave2 — fixed issue of some supported channels not being listed in the radio parameters;
*) wifiwave2 — fixed issue which lead to VLAN-tagged wireless clients receiving tagged traffic from other VLANs;
*) wifiwave2 — fixed key handshake timeout for re-associating client devices on 802.11ac interfaces;
*) wifiwave2 — fixed VLAN tagging for unencrypted (open) APs;
*) wifiwave2 — improved general interface stability;
*) wifiwave2 — improved regulatory compliance for hAP ax^2, hAP ax^3 and Chateau ax;
*) wifiwave2 — improved WPS connection speed;
*) wifiwave2 — increased maximum value for «channel.frequency» to 7300;
*) wifiwave2 — show information on captured packets and added ability to save them locally in a pcap file;
*) winbox — added «MTU» and «Hoplimit» properties under «IPv6/Routes» menu;
*) winbox — added «Preferred AFI» property under «MPLS/LDP-Instance» menu;
*) winbox — added «S» flag under «IPv6/Firewall/Connections» menu;
*) winbox — added «Tx Power» property under «Wifiwave2/Status» menu;
*) winbox — added «Tx Queue Drops» property under interface settings «Traffic» tab;
*) winbox — added «Username» and «Password» properties under «Container/Config» menu;
*) winbox — added «Valid» and «Preferred» properties under «IPv6/Address» menu;
*) winbox — added missing properties for «Remote ID Type» under «IP/IPsec/Identities» menu;
*) winbox — changed route flag name from «invalid» to «inactive»;
*) winbox — fixed «TLS» property under «Tools/Email» menu;
*) winbox — fixed «Type» property under «System/Disk» menu when «rose-storage» package is installed;
*) winbox — fixed changing slot name under «System/Disk» menu;
*) winbox — fixed default value for «Allow managed» property under «Zerotier» menu;
*) winbox — fixed duplicate «My ID» column under «IP/IPsec/Identities» menu;
*) winbox — fixed minor typo in «WifiWave2/Radios» menu;
*) winbox — fixed missing «Sector Writes» for certain devices under «System/Resources» menu (introduced in v7.8);
*) winbox — improved Ethernet advertise, speed and duplex settings;
*) winbox — only show permitted countries for wifiwave2 interfaces;
*) winbox — show missing «Designated Bridge» and «Designated Port Number» monitoring data under «Bridge/Port menu;
*) www — allow unsecure HTTP access to REST API;
*) x86 — fixed changing software-id (introduced in v7.7);
*) zerotier — upgraded to version 1.10.3;

Как обновить прошивку MikroTik RouterOS stable 7.9

Самый доступный метод обновление прошивки — через Winbox или web интерфейс(раздел Webfig).

  1. Перейти в раздел System→Packages;
  2. Нажать кнопку Check For Updates;
  3. Установить параметр Channel = stable;
  4. Нажать кнопку Download&Install.

Как обновить прошивку MikroTik Routes OS 7.9Также можно воспользоваться окном Терминала(Terminal) в Winbox.

Обновление прошивки MikroTik через командную строку