Please test the latest 6.30 rc and let us know if there are any unsolved issues remaining. We have solved all the problems that were reported, and only minor polishing remains.
Here is the newest changelog:
What’s new in 6.30rc22 (2015-Jun-19 10:41):
*) ipsec - fail ph2 negitioation when initiator proposed key length does not match proposal configuration;
*) ssh - added option ‘/ip ssh stong-crypto’
*) wireless - improve ac radio coexistence with other wireless clients;
*) console - values of S~.id~, S~.nextid~ and S~.dead~ are avaliable for
use in ‘print where’ expressions;
*) console - ‘:execute’ command now accepts ‘file=’ parameter and
writes script output to scpecified file;
*) console - ‘:execute’ command now accepts script source in ~{}~ braces,
like ‘/system scripts add source=’ does;
*) console - ‘:execute’ command now returns internal number of running job,
that can be used to check and stop execution. For example:
:local j [:execute {/interface print follow where [:log info ~Sname~]}]
:delay 10s
:do { /system script job remove Sj } on-error={}
*) console - firewall ‘print’ commands now show all entries including
dynamic, ‘all’ argument now has no effect;
*) ipsec - increase replay window to 128;
*) fixed file transfer on devices with large RAM memory;
*) pptp - fixed ~encryption got out of sync~ problem;
*) ppp - disable vj tcp header compression;
*) api - reduce api tcp connection keepalive delay to 30 seconds,
will timeout idle connections in about 5 minutes;
*) pptp & l2tp & sstp client: support the case were server issues its tunnel ip address the
same as its public one;
*) removed wireless package from routeros bundle package, new wireless-fp is left in place;
*) pptp & l2tp client: when adding default route, add special exception route for
a tunnel itself (no need to add it manually anymore);
*) improved connection list: added connection packet/byte counters, added separate counters
for fasttrack, added current rate display, added flag wheather
connection is fasttracked/srcnated/dstnated, removed 2048 connection entry limit;
*) tunnels - eoip,eoipv6,gre,gre6,ipip,ipipv6,6to4 tunnels have new property - ipsec-secret - for easy setup of ipsec encryption and authentication;
*) firewall - added ipsec-policy matcher to check wheather packet was/will be ipsec processed or not;
*) possibility to disable route cache - improves DDOS attack handling performance up to 2x (note that ipv4 fastpath depends on route cache);
*) fasttrack - added dummy firewall rule in filter and mangle tables to show packets/bytes that get processed in fasttrack and bypass firewall;
*) fastpath - vlan interfaces support fastpath;
*) fastpath - partial support for bonding interfaces (rx only);
*) fastpath - vrrp interfaces support fastpath;
