Well, if MikroTik uses native kernel module instead of user-space implementation of WireGuard - then probably less than 95%At least, about 95%.
It appears that the default /ip/firewall/connection/tracking udp-timeout has changed from 10s to 30s but I do not see that in the changelog.
What's new in 7.14 (2024-Feb-29 09:10):
*) firewall - increased default "udp-timeout" value from 10s to 30s;
And... Is it only about wifi-qcom, not wifi-qcom-ac?Is it related to device reboots, due to kernel failure?*) wifi-qcom - improved system stability when using FastPath (introduced in v7.13);
cAP ac, about 2 weeks uptime (first one rebooted with ~9 days uptime?..)What device are you using and how is it configured?
And for how long was it up?
You're my hero! It worked! Thanks!Maybe management-protection=disabled ?
Just because they are not used anywhere else.Could you please explain why you use 10.X.X.X (private addresses) as virtual hops?
Router IP address is a GW for clients.and as GW for clients?
Wow, even more!*) system - reduced RAM usage for SMIPS devices;
Any details? What case should it fix?*) wireguard - fixed peer connection using DNS name on IP change;
It's about "dst-limit", scroll down to "limit", they are differentIn RAW - RouterOS - MikroTik Documentation I find
Wow, hAP Lite is back on stage? Good news!*) system - reduced RAM usage for SMIPS devices;
In worst case scenario, your script is run on 4:59 after last handshake (and does nothing), then on 6:59 and updates the endpoint IP addressI use the scheduler to run the script every 2 minutes - so 5 minutes minimum, 7 minutes maximum of downtime before a reset is attempted.
What are your NAT rules?How do you deal with ConnTrack? I am using NAT and every time the GW changes, NAT does not work. It is necessary to clear ConnTrack.
s/:$wgport/:$wgport\$" protocol="udp/
/interface wireless set wlan1 hide-ssid=(![get wlan1 hide-ssid])
Huh... It's sortable for me in 7.2.3... What exactly was changed?*) winbox - made "Interface Templates" table sortable under "Routing/OSPF" menu;
cetipabo, the key words are "routing cache" - it's removed in recent Kernel versionshas been explained several times already.
> queue/interface/set pppoe-out1 queue=cake-512k
failure: non rate limit queues are useless on this interface
Any particular reason? That seems clear for v7 before v7.2, I can't see why it should change.They may have changed.
How to safely use it on remote devices available only over L3 networks?RouterOS already has such a feature, it is called /system reset-configuration.
Huh... "/routing/route/print where unreachable"?Hello,
in 6.x.x ROS there was "unreachable" property for every route in /ip route
It's gone in 7.x.x? Why? And what should I use instead of it in scripts?
Is there a good way of not forgetting to copy your current config to all partitions after any configuration changes?You can just switch to your other partition where you saved the 7.2rc4 before upgrading, to compare it.
/routing/route/print detail
And that is wrongI think when they cannot do so for 3 months they get de-activated.
You cannot upgrade ROS after that, that's the only limitation(at least they post a "deadline date" in the license window similar to that)
Any real-life use case where you cannot have Internet access during initial setup of CHR?..Activation of license with no internet access..
That's what we do. Using Crossover 21 (a free one). Please make WinBox run in it again. I doubt you need Wine 7 for hex fields or something else from v3.33...If it works for you, great, you can use it.
That doesn't mean it became unusableDude has been discontinued (again)
There definitely IS routing-mark option, and it works just fine.there is no routing mark option..... so this could not work.
That doesn't explain anything. I use the same rules in v7 as I used to in v6 - and they do work.Nope the same mangle rules do not work in ROS7...........
?*) winbox - added ZeroTier support;
Declare your functions in a script, then execute that script from another script to "include" necessary functio(s): https://wiki.mikrotik.com/wiki/Manual:S ... #Functionso need to add include function.
Sure, "Routing -> Tables"there is ability to add new routing from GUI somehow?
Yes. Just copy and paste interface name.so you mean here? syntax?
Sorry?..where to specify interface in recursive route lookup?
And in 7.1 still a problem, and... You may continuebut 7.1.1 still problem
You may leave both for failover reasons. The main point is you need to have an active default route in 'main' tableso i have to leave for example if i have 2 isp's 1 route "main" for every one? sorry for my english
They do work. v7 introduced a new limitation: target-scope of your route must be greater than target-scope of the route through which it should be resolved.hi all, with this version recursive routes work? with 7.1rc4 not working but with 6.x yes
What should these buttons do in that case?Please add "Packet Sniffer" and/or "Torch" buttons to the firewall rule box.
Transparent proxy, yep. But here I'll set proxy address manually, so it should work with technically any protocol... At least HTTPSWebproxy only works for HTTP I think.
I tried to proxy Telegram via my cloud server. I don't want to route by IP because I don't know all Telegram server IPsKill it, kill it with fire!
What possible use case would one have for socks in 2021? (except winter time).
Looks like v7 won't get into 'stable' or 'long-term' for v6*) upgrade - added new "upgrade" channel for upgrades between major versions;
Here, for example: viewtopic.php?p=889344#p889344where is the people from Mikrotik in this forum!?!
Tell that to people trying to setup Google Cloud VPN on MikroTik...That is the about same thing as IPIP tunnel with IPsec protection...Feature request: network interfaces for IPsec in Tunnel mode.
*) user - added "expired" user status with suggestion to change password (WinBox v3.29 required);
*) winbox - minimal required version is v3.30;
in-interface=WAN-1 dst-address-type=local
Use Terminalany hints for doing that ? on WinBox i do not see any zt interface to link on the main bridge thanks
/interface bridge port add bridge=your_bridge interface=zerotier1
Make sure you have Neighbor Discovery enabled for your_bridge interface.before doing the 'bridge' stuff, the Mikrotiks saw each other, via zerotier, in:
ip neighbor/ print
but now they don't
/interface/bridge/port/add bridge=your_bridge interface=zt1
Omg, did they choose stateful IPv6 NAT?IPv6 NAT is in winbox now, but action netmap is still missing.
They are.Why aren't these add-on packages?
/interface/veth/add
https://xkcd.com/323/NORMIS: Note to self, dont let the gui guys drink so much vodka before work.
At least, the former includes the latter"dst-address-type=local" and "dst-address=127.0.0.1" are not same things!
Move the user to "read" groupkeep the Quick Set page itself but disallow any modifications.
What's new in 7.1rc1 (2021-Aug-19 13:06):
*) added skin support for WinBox (WinBox v3.29 required);
bgp-as-path
{regexp}
Great idea, btw!Or at the very least, backport the show-sensitive option to v6 so that we can use it on v6 devices without them throwing errors.
I know, I know, but... Mr. Green is 9 bytes of text + 1.6kB (incl. http headers), while is 4 bytesIt's about the unicode works indipendenlty...
Trying to ping something on the Internet from the router returns "no route to host".
/ip route print details
with verify turned on.
Is it a problem with beta4 or beta5?Unfortunately looks like CHR upgrade from beta4 to beta5 may break the image.
You mean, this issue?These fields are present, but issue is also present even with latest version NetFlow Analyzer 12.5.357.
So, MikroTik device sends those fields, but it doesn't send them? Schrodinger Router?Mikrotik device do not send NAT information in the netflow packets
Is it still exporting?..I have started a /export command now to see if it will ever complete.
I.e. the answer is for the first question, while all three are quoted and ignored.8How many fingers do you have?
By the way, if you stand on your head, what do you feel?
Did you try to stop?
Are you sure there's no?.. At least in Android version we have one.Since there's no terminal in the app, what do people do instead?
/system package print
As you're in 6.48 discussion topic, looks like you don't use long-term release channel...Thus I've removed MT from the center of my network and using them only as access devices. Even there are issues, always.
And it's still available in CLI...I can confirm that and add the fact that this has to do with firmware 6.48. RouterOS 6.48 with Firmware 6.47.8 on a hEX PoE has health info as it should.
Only dynamic static?..dns - fixed listening for DNS queries when only dynamic static entries exist (introduced in v6.47);
It does! It mimics the state of the bottom one! :)The Trusted checkbox at the top doesn't do anything?
Maybe some FQDN can help in long-term? :) Not the IP Cloud one (it's hard to remember), but custom one would be nice.Notice; The public access btest server I manage was re-numbered into new/different IP addresses. This public btest server is now at the following IP addresses:
Looks like he quoted the answer from his reseller or something.I just checked all correspondence you had with MikroTik, and it was not said that there is a "low quality component" or anything like that.
And the reason is..?Both times failed to upgrade, and rebooted back into build 48 instead of 58.
The same for 6.47.7, so it's not a problem of 6.47.8.On the version 6.47.8 command "system telnet" does not work with parametr "routing-table". Error "telnet: Unknown argument"
It would be different if it delayed it for weeks.
7.1beta2 (2020-Aug-21 12:29)
Like viewtopic.php?f=3&t=45259 ? :)(btw, is there one?)
Yeah, just double-click it - it will be opened in separate window :Dam i missing something maybe?
Looks like you need to replace "start-tls=yes" with something like "tls=starttls"Code: Select all/tool e-mail send to=$adminemail subject="$date $time $identity Backup" body="$identity, RouterOS $rosver - $backupfiles" file=$backupfiles start-tls=yes
Did you write to support with that problem?Is the company going to correct this error?
You mean, in here? https://wiki.mikrotik.com/wiki/Manual:S ... ime_errorsCatch error messages
Can "freeze-frame-interval=9s" help? (Looks like setting freeze-frame-interval= to the same value as duration= produces empty output)since it is interactive, and it is terminal-formatted output and not pure text output, you get several copies in the file. Something to be worked on.
From what version?Recently we upgraded to 6.47.4