Software-update: RouterOS 7.9

MikroTik heeft kort geleden versie 7.9 van RouterOS uitgebracht. RouterOS is een besturingssysteem dat zich richt op het uitvoeren van routertaken. Denk daarbij natuurlijk aan het routeren van netwerkverkeer, maar ook aan bandbreedtemanagement, een firewall, het aansturen van draadloze accesspoints, een hotspotgateway en een vpn-server. Het kan zowel op de hardware van MikroTik als op x86- of virtuele machines zijn werk doen. Voor het gebruik is een licentie nodig, die bij de aankoop van MikroTik-hardware is inbegrepen. De changelog voor deze uitgave kan hieronder worden gevonden.

bgp - improved BGP VPN selectionbridge - added warning log when "ageing-time" exceeds supported hardware limit for 98DX224S, 98DX226S, and 98DX3236 switch chipsbridge - fixed FastPath when setting "use-ip-firewall-for-vlan" or "use-ip-firewall-for-pppoe" without enabled "use-ip-firewall"certificate - fixed bogus log messageschr - fixed public SSH key pulling when running on AWSconsole - added "/task" submenu (CLI only)console - added option to create new files using "/file add" command (CLI only)console - improved stability when doing "/console inspect" in certain menusconsole - improved stability when editing long stringsconsole - improved system stabilityconsole - removed bogus "reset" command from "/system resource usb" menuconsole - rename flag "seen reply" to "seen-reply" under "/ipv6 firewall connection" menuconsole - replaced "fingerprint" with "skid" in "/certificate print"console - show Ethernet advertise, speed and duplex settings depending on configured auto-negotiationcontainer - fixed invoking "container shell" more than oncecontainer - improved "container pull" to support OCI manifest formatdefconf - added CAPs mode script for wifiwave2 devicesdetnet - fixed interface state detection after rebootdhcp - changed the default lease time for newly created DHCP servers to 30 minutesdhcpv4-server - release lease if "check-status" reveals no conflictdisk - improved system stability when removing USB while formattingethernet - fixed half-duplex forced mode at 10Mbps and 100Mbps on ether1 for RB5009, Chateau 5G ax and hAP ax3 devicesfilesystem - fixed partition "copy-to" functionfirewall - added "connection-nat-state" to IPv6 mangle and filter ruleshealth - added limited manual control over fans for CRS3xx, CRS5xx, CCR2xxx deviceshealth - fixed bogus value reporting for CRS510 deviceike2 - fixed minor logging typoipsec - added error log message when peer ID does not match certificateipsec - fixed packet processing by hardware encryption engine on RB850Gx2 deviceipsec - refactor X.509 implementationipv6 - added "valid" and "lifetime" parameters for SLAAC IPv6 addressesipv6 - send out RA packet with "preferred-lifetime" set to "0" when IPv6 address is deactivatedl3hw - improved route offloading for 98DX224S, 98DX226S, and 98DX3236 switch chipsleds - disable LEDs after "/system shutdown"lte - capped maximum lifetime of SLAAC address to 1 hourlte - fixed CA band clearing on RAT mode changelte - fixed duplicate IPv6 route for lte interface when "ipv6-interface" setting is usedlte - fixed LTE interface not showing up when resetting RouterOS configurationlte - fixed passthrough mode when used together with another APN for Chateau 5Glte - fixed R11-LTE-US in LTE passthrough modelte - fixed R11e-LTE-US reporting of RSSI in LTE modelte - fixed re-attach in some cases where module would stay in not-running state after network detachlte - fixed second modem halt on dual R11e-LTE6 setuplte - improved system stability when changing LTE interface configuration during network scan with MBIM modems (introduced in v7.8 )mpls- fixed LDP "preferred-afi" parameternetinstall-cli - improved device reinstall on failed attemptnetwatch - added "startup-delay" setting (CLI only)netwatch - improved ICMP status evaluation when no reply was presentnetwatch - limit "start-delay" rangeospf - fixed processing of fragmented LSAsovpn - added support for OVPN server configuration export and client configuration import from .ovpn fileovpn - improved system stability for Tile devicesquickset - fixed displaying of "SINR" when value is 0rose-storage - added option to nvme-discover with hostname (CLI only)rose-storage - fixed crash on nvme-tcp disablerose-storage - fixed rsync transfer permissionsrose-storage - various stability fixesroute - fixed "dynamic-id" for VRF tablesroute - improved system stability when making routing decisionroute - show SLAAC routes under the "/routing route" menuroute-filter - improved stability when matching blackhole routesrouterboot - added "preboot-etherboot" and "preboot-etherboot-server" settings ("/system routerboard upgrade" required) (CLI only)sfp - added log warning about failed auto-initialization on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devicessfp - allow modules that hold "TX_FAULT" high signal all the time on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devicessfp - allow modules with bad or no EEPROM in forced mode on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devicessfp - fixed "rate-select" functionality on CCR2004-16G-2S+ and CCR2004-1G-12S+2XS devices (introduced in v7.8 )sfp - fixed combo-ether link monitor for CRS328-4C-20S-4S+ switchsfp - improved module initialization and display more detailed initialization status on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devicessfp - improved SFP28 interface stability with some optical modules for CRS518 switchsfp - improved system stability with some SFP GPON modules on RB4011, RB5009, CCR2004-1G-12S+2XS, CCR2004-16G-2S+, CCR2116-12G-4S+, CCR2216-1G-12XS-2XQ devicessnmp - fixed SNMPv3 "Reportable" flag behaviorsnmp - improved outputting of routessocks - added VRF supportssh - added Ed25519 host key supportssh - added support for Ed25519 key export and import in PKCS8 formatssh - do not allow SHA1 usage with strong crypto enabledssh - improved service responsiveness when changing SSH service settingsssh - improved SSH key import processstorage - mount RAM drive for devices with 32MB flashsupout - added DHCP server network sectionswitch - fixed ACL rules matching IPv6 packets when using only IPv4 matchersswitch - improved system stability during rapid MAC flapping for 98DXxxxx switchesswitch - improved system stability for 98DX8208, 98DX8216, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switchestimezone - updated timezone information from "tzdata2023c" releasevrrp - added "self" value for "group-master" settingvxlan - added forwarding tablevxlan - fixed packet drops when host moves between remote VTEPswebfig - added inline commentswebfig - fixed "Destination" value under "MPLS/Forwarding-Table" menuwebfig - fixed issue where "Certificate" value disappears under "IP/Services" menuwebfig - fixed issue where entries might be missing under "IP/DHCP-Server" menuwebfig - various stability fixeswifiwave2 - added "radio/reg-info" command to show regulatory requirements (currently implemented for 802.11ac interfaces) (CLI only)wifiwave2 - added ability to configure antenna gainwifiwave2 - added ability to configure beacon interval and DTIM periodwifiwave2 - added information on additional interface capabilities to radio parameterswifiwave2 - automatically add a VLAN-tagged interface to the appropriate bridge VLANwifiwave2 - exit sniffer command and return error when trying to sniff on an unsupported channelwifiwave2 - fixed 802.11r roaming for clients that performed initial authentication with an AP which has been restarted sincewifiwave2 - fixed issue of some supported channels not being listed in the radio parameterswifiwave2 - fixed issue which lead to VLAN-tagged wireless clients receiving tagged traffic from other VLANswifiwave2 - fixed key handshake timeout for re-associating client devices on 802.11ac interfaceswifiwave2 - fixed VLAN tagging for unencrypted (open) APswifiwave2 - improved general interface stabilitywifiwave2 - improved regulatory compliance for hAP ax^2, hAP ax^3 and Chateau axwifiwave2 - improved WPS connection speedwifiwave2 - increased maximum value for "channel.frequency" to 7300wifiwave2 - show information on captured packets and added ability to save them locally in a pcap filewinbox - added "MTU" and "Hoplimit" properties under "IPv6/Routes" menuwinbox - added "Preferred AFI" property under "MPLS/LDP-Instance" menuwinbox - added "S" flag under "IPv6/Firewall/Connections" menuwinbox - added "Tx Power" property under "Wifiwave2/Status" menuwinbox - added "Tx Queue Drops" property under interface settings "Traffic" tabwinbox - added "Username" and "Password" properties under "Container/Config" menuwinbox - added "Valid" and "Preferred" properties under "IPv6/Address" menuwinbox - added missing properties for "Remote ID Type" under "IP/IPsec/Identities" menuwinbox - changed route flag name from "invalid" to "inactive"winbox - fixed "TLS" property under "Tools/Email" menuwinbox - fixed "Type" property under "System/Disk" menu when "rose-storage" package is installedwinbox - fixed changing slot name under "System/Disk" menuwinbox - fixed default value for "Allow managed" property under "Zerotier" menuwinbox - fixed duplicate "My ID" column under "IP/IPsec/Identities" menuwinbox - fixed minor typo in "WifiWave2/Radios" menuwinbox - fixed missing "Sector Writes" for certain devices under "System/Resources" menu (introduced in v7.8 )winbox - improved Ethernet advertise, speed and duplex settingswinbox - only show permitted countries for wifiwave2 interfaceswinbox - show missing "Designated Bridge" and "Designated Port Number" monitoring data under "Bridge/Port menuwww - allow unsecure HTTP access to REST APIx86 - fixed changing software-id Source: Tweakers.net