We have upgraded from 2.9.51 to 3.19 on our 200 CPE units and now we are in a living hell!.
the CPE is stoping some ports like port 25 and so on the only that are working is port 80 ? and this is happing after 4 days the cpu is on 100% and the only solution is to Reboot , its becoming a Dlink 
So what to do ??
//Rickard
some more info about our settings…
we ar using this Packages:
2 system 3.19
3 security 3.19
5 wireless 3.19
6 routerboard 3.19
7 routeros-mipsle 3.19
10 dhcp 3.19
The Export from the CPE is impossible to do its disconects…and reboots..the memory get to low…
//Rickard
Did you upgrade the firmware on each CPE at the same time?
Yes we used th Dude 3.1 to uppgrade…
i will be posting the Export if i sucess to export it…
we have also updated the Bios on the RB 113c and the RB112
to lates version…
Finaly i get out the Export conf. it took 10 min to get it via SSH…
XXXXXXX = removed IP and email adresses.
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
“” disabled=no full-duplex=yes mac-address=00:0C:42:15:BD:A7 master-port=
none mtu=1500 name=ether1 speed=100Mbps
/interface wireless security-profiles
set default authentication-types=“” eap-methods=passthrough group-ciphers=“”
group-key-update=5m interim-update=0s mode=none name=default
radius-eap-accounting=no radius-mac-accounting=no
radius-mac-authentication=no radius-mac-caching=disabled
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=
none static-key-0=“” static-key-1=“” static-key-2=“” static-key-3=“”
static-sta-private-algo=none static-sta-private-key=“”
static-transmit-key=key-0 supplicant-identity=RBNET378 tls-certificate=
none tls-mode=no-certificates unicast-ciphers=“” wpa-pre-shared-key=“”
wpa2-pre-shared-key=“”
/interface wireless
set 0 ack-timeout=dynamic adaptive-noise-immunity=none allow-sharedkey=no
antenna-gain=0 antenna-mode=ant-a area=“” arp=enabled band=2ghz-10mhz
basic-rates-a/g=6Mbps basic-rates-b=1Mbps burst-time=disabled comment=“”
compression=yes country=sweden default-ap-tx-limit=0
default-authentication=yes default-client-tx-limit=0 default-forwarding=
yes dfs-mode=none disable-running-check=no disabled=no
disconnect-timeout=3s frame-lifetime=0 frequency=2437 frequency-mode=
regulatory-domain hide-ssid=no hw-retries=15 mac-address=
00:0C:42:05:D2:F9 max-station-count=2007 mode=station mtu=1500 name=wlan1
noise-floor-threshold=default on-fail-retry-time=100ms
periodic-calibration=enabled periodic-calibration-interval=60
preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=
RBNET378|2M rate-set=default scan-list=default security-profile=default
ssid=RBVFES station-bridge-clone-mac=00:00:00:00:00:00
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps tx-power-mode=default
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled
wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 comment=“” manual-tx-powers=“1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,
6Mbps:17,9Mbps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps
:17,HT20-1:0,HT20-2:0,HT20-3:0,HT20-4:0,HT20-5:0,HT20-6:0,HT20-7:0,HT20-8:
0,HT40-1:0,HT40-2:0,HT40-3:0,HT40-4:0,HT40-5:0,HT40-6:0,HT40-7:0,HT40-8:0”
/interface wireless nstreme
set wlan1 comment=“” disable-csma=no enable-nstreme=yes enable-polling=yes
framer-limit=3200 framer-policy=exact-size
/ip ipsec proposal
set default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m
name=default pfs-group=modp1024
/ip pool
add name=pool1 ranges=192.168.1.5-192.168.1.200
/ip dhcp-server
add address-pool=pool1 authoritative=yes bootp-support=static disabled=no
interface=ether1 lease-time=3d name=server1
/port
set 0 baud-rate=auto data-bits=8 flow-control=none name=serial0 parity=none
stop-bits=1
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=
5
set default-small kind=pfifo name=default-small pfifo-limit=10
/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=wlan1
limit-at=512000/512000 max-limit=512000/512000 name=voipv2-upstream
packet-marks=voip parent=none priority=1 queue=
ethernet-default/ethernet-default total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=ether1
limit-at=512000/512000 max-limit=512000/512000 name=voipv2-downstream
packet-marks=voip parent=none priority=1 queue=
ethernet-default/ethernet-default total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=wlan1
limit-at=2000000/2000000 max-limit=2000000/2000000 name=httpv2-upstream
packet-marks=http parent=none priority=2 queue=
ethernet-default/ethernet-default total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=ether1
limit-at=2000000/2000000 max-limit=2000000/2000000 name=httpv2-downstream
packet-marks=http parent=none priority=2 queue=
ethernet-default/ethernet-default total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=wlan1
limit-at=2000000/2000000 max-limit=2000000/2000000 name=otherv2-upstream
packet-marks=other parent=none priority=4 queue=
ethernet-default/ethernet-default total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=ether1
limit-at=2000000/2000000 max-limit=2000000/2000000 name=
otherv2-downstream packet-marks=other parent=none priority=4 queue=
ethernet-default/ethernet-default total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=wlan1
limit-at=2000000/2000000 max-limit=2000000/2000000 name=p2pv2-upstream
packet-marks=p2p parent=none priority=8 queue=
ethernet-default/ethernet-default total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=“”
direction=both disabled=no dst-address=0.0.0.0/0 interface=ether1
limit-at=2000000/2000000 max-limit=2000000/2000000 name=p2pv2-downstream
packet-marks=p2p parent=none priority=8 queue=
ethernet-default/ethernet-default total-queue=default-small
/snmp
set contact=www.rbcom.se enabled=yes engine-boots=4 engine-id=“” location=
kund time-window=0 trap-sink=0.0.0.0 trap-version=1
/snmp community
set client address=0.0.0.0/0 authentication-password=“”
authentication-protocol=MD5 encryption-password=“” encryption-protocol=
DES name=client read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-lines=100 disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote name=remote remote=xxxxxxx:514 target=remote
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=175MHz cpu-mode=power-save
enable-jumper-reset=yes enter-setup-on=any-key
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=175MHz cpu-mode=power-save
enable-jumper-reset=yes enter-setup-on=any-key
/user group
add name=read policy=“local,telnet,ssh,reboot,read,test,winbox,password,web,sn
iff,!ftp,!write,!policy”
add name=write policy=“local,telnet,ssh,reboot,read,write,test,winbox,password
,web,sniff,!ftp,!policy”
add name=full policy=“local,telnet,ssh,ftp,reboot,read,write,policy,test,winbo
x,password,web,sniff”
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-vlan=no
/interface ethernet mirror
set mirror-port=none source-port=none
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name=“” memory-limit=10
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.1.1/24 broadcast=192.168.1.255 comment=“” disabled=no
interface=ether1 network=192.168.1.0
/ip dhcp-client
add add-default-route=yes comment=“” default-route-distance=0 disabled=no
interface=wlan1 use-peer-dns=yes use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.1.0/24 comment=“” dns-server=89.18.104.4,89.18.104.5
gateway=192.168.1.1 netmask=24
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB
max-udp-packet-size=512 primary-dns=89.18.104.4 secondary-dns=89.18.104.5
/ip dns static
add address=192.168.1.1 disabled=no name=setup.rbcom.se ttl=1d
/ip firewall address-list
add address=62.80.200.53 comment=“” disabled=no list=SIPSERVERS
add address=83.140.41.62 comment=“” disabled=no list=SIPSERVERS
add address=83.140.41.61 comment=“” disabled=no list=SIPSERVERS
add address=83.140.41.56 comment=“” disabled=no list=SIPSERVERS
add address=192.168.1.0/24 comment=“” disabled=no list=MGMT
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=accept chain=input comment=
“Allow mgmt traffic from chosen networks” disabled=no dst-port=20
protocol=tcp src-address-list=MGMT
add action=accept chain=input comment=“” disabled=no dst-port=21 protocol=tcp
src-address-list=MGMT
add action=accept chain=input comment=“” disabled=no dst-port=22 protocol=tcp
src-address-list=MGMT
add action=accept chain=input comment=“” disabled=no dst-port=23 protocol=tcp
src-address-list=MGMT
add action=accept chain=input comment=“” disabled=no dst-port=80 protocol=tcp
src-address-list=MGMT
add action=accept chain=input comment=“” disabled=no dst-port=8291 protocol=
tcp src-address-list=MGMT
add action=drop chain=input comment=“Drop all unwanted mgmt traffic”
disabled=no dst-port=20 protocol=tcp
add action=drop chain=input comment=“” disabled=no dst-port=21 protocol=tcp
add action=drop chain=input comment=“” disabled=no dst-port=22 protocol=tcp
add action=drop chain=input comment=“” disabled=no dst-port=23 protocol=tcp
add action=drop chain=input comment=“” disabled=no dst-port=80 protocol=tcp
/ip firewall mangle
add action=mark-packet chain=forward comment=“” disabled=no dst-address-list=
SIPSERVERS new-packet-mark=voip passthrough=no src-address=0.0.0.0/0
add action=mark-packet chain=forward comment=“” disabled=no dst-address=
0.0.0.0/0 new-packet-mark=voip passthrough=no src-address-list=SIPSERVERS
add action=mark-packet chain=forward comment=“” disabled=no dst-port=80
new-packet-mark=http passthrough=no protocol=tcp
add action=mark-packet chain=forward comment=“” disabled=no new-packet-mark=
http passthrough=no protocol=tcp src-port=80
add action=mark-packet chain=forward comment=“” disabled=no dst-port=443
new-packet-mark=http passthrough=no protocol=tcp
add action=mark-packet chain=forward comment=“” disabled=no new-packet-mark=
http passthrough=no protocol=tcp src-port=443
add action=mark-packet chain=forward comment=“” disabled=no dst-port=53
new-packet-mark=http passthrough=no protocol=tcp
add action=mark-packet chain=forward comment=“” disabled=no new-packet-mark=
http passthrough=no protocol=tcp src-port=53
add action=mark-packet chain=forward comment=“” disabled=no dst-port=53
new-packet-mark=http passthrough=no protocol=udp
add action=mark-packet chain=forward comment=“” disabled=no new-packet-mark=
http passthrough=no protocol=udp src-port=53
add action=mark-packet chain=forward comment=“” disabled=no new-packet-mark=
p2p p2p=all-p2p passthrough=no
add action=mark-packet chain=forward comment=“” disabled=no new-packet-mark=
other passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
disabled=no src-address=192.168.1.0/24
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip neighbor discovery
set ether1 discover=yes
set wlan1 discover=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0
parent-proxy-port=0 port=8080 serialize-connections=no src-address=
0.0.0.0
“#error exporting //ip proxy access”
“#error exporting //ip proxy cache”
“#error exporting //ip proxy direct”
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=no port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
“#error exporting //ip socks access”
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
“#error exporting //ip upnp interfaces”
/queue interface
set ether1 queue=ethernet-default
set wlan1 queue=wireless-default
“#error exporting //radius”
/radius incoming
set accept=no port=3799
/store
add comment=“” disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock manual
set dst-delta=+00:00 dst-end=“jan/01/1970 00:00:00” dst-start=
“jan/01/1970 00:00:00” time-zone=+00:00
/system console
add disabled=no port=serial0 term=vt102
/system health
set fan-mode=auto use-fan=main
/system identity
set name=RBNET378
/system logging
add action=memory disabled=yes prefix=“” topics=info
add action=memory disabled=yes prefix=“” topics=error
add action=memory disabled=yes prefix=“” topics=warning
add action=echo disabled=yes prefix=“” topics=critical
/system note
set note=“” show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=89.18.104.4 secondary-ntp=
89.18.104.5
/system scheduler
add comment=“” disabled=no interval=0s name=report_schedule_startup on-event=
report start-time=startup
add comment=“” disabled=no interval=1h name=report_schedule on-event=report
start-date=jan/01/1970 start-time=00:00:00
/system script
add name=report policy=ftp,reboot,read,write,policy,test,winbox,password
source=“; :delay 120s;/ip address print; /interface wireless registration-
table print; /tool e-mail send to="XXXXXXXXXX" subject=([/interface
wireless get wlan1 radio-name] . " Report " . [/system clock get date])
from=XXXXXXXX server=89.18.104.10 body=("" . [/interface wi
reless get wlan1 radio-name] . "" . [/ip address get [/ip addr
ess find interface=wlan1] address] . "" . [/interface wireles
s get wlan1 ssid] . "" . [/interface wireless registration-t
able get[/interface wireless registration-table find interface=wlan1] sign
al-strength] . "" . [/system resource get version] . "<
/SOFTWARE>"); :log info ("Reported to main-server at " . [/sys cl get
time] . " " . [/sys cl get date])”
“#error exporting //system upgrade”
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=
0.0.0.0 user=“”
/system watchdog
set auto-send-supout=no automatic-supout=no no-ping-delay=5m watch-address=
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=10
/tool e-mail
set from=<> server=0.0.0.0
/tool graphing
set store-every=5min
“#error exporting //tool graphing interface”
“#error exporting //tool graphing queue”
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sniffer
set file-limit=10 file-name=“” filter-address1=0.0.0.0/0:0-65535
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=
yes interface=all memory-limit=10 only-headers=no streaming-enabled=no
streaming-server=0.0.0.0
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
Some more findings … and now we have 4.1 Mb ram for use 
Now we are using only this packages:
2 system 3.19
5 wireless 3.19
6 routerboard 3.19
7 routeros-mipsle 3.19
10 dhcp 3.19
And we disable folowing services:
SNMP
www under IP services
Logging services
Btest server
I hope this will fix our problems…or ?
//Rickard
We will now use our tool for puting out scripts on our 200 CPE units that are failing now..
with the above changes. and i hope it will fix the problems.
Stay tuned
//Rickard
I was thinking about upgrading some older 100 series boards. How did everything work out for you? Any tips to doing the upgrades that will make it successful?
I stick to 2.9.51 on the older boards. I’ve never had much luck running v3 on them at all.
stick to 2.9.xx for RB100 series. You should try on a few first, not on 200…and ofcourse you shold read on the forum thar RB1xx it’s too weak for v.3xx
Hi all Ok, but Mikrotik was delivering the RB133 cards with 3.x on it …
and yes i know the cards are low on CPU and memmory but hey they have to get it to work,
But i have now have the cards running with 3.19 for 8 -10 days know with no hassel at all, and we can delivery around 8 Mbits to the customers.
//Rickard
Inox>> Yes i know to test on a few CPE units first i always do that, But her is the problem, the ones we tested on was working…not fast , but it was working ,
The scary part is the RB112 cards they go dead if you are unlucky, thats the problem , we will be bringing a few of this broken cards to the MUM so Normis or Tully will get the cards.
So i hope they investigate the botom line of this problem.
I need to use the 3.x software we are using the API to get the user info about SNR signal and other information for aligning the antennas.
//Rickard
I’m successfully running ROS 3.19 on RB133s
Make sure you upgrade the firmware too with
/system routerboard upgrade
And of course disable all the services and packages you don’t need.
Edit: I’m able to upgrade from 2.9.x to 3.1x remotely too without big issues. Avoid Package disabling/enabling while upgrading and don’t use the “Downgrade” button but just reboot the system once the package is uploaded
Yes , Thats true, we are now using only the System, Routerboard, wireless and the DHCP pakages. then it works , we even disable the BT test server and SNMP server.
after that we have 4.2 Mb ram left in system memmory.
//Rickard
More cents…
I have had a RB112 running 2.?? then eventually 2.9.51, then upgraded to the 3.X, right now it is running 3.19 and i have no issues at all.
Its in a WDS bridge to an AP, 532A with XR5. ( 112 has… I forgot what kind of wireless, its been years. either a cm9 or a r52h)
My link is so poor, you guys would laugh, its at -78 and a CCQ of like 60%. occasionally goes to 80. link is 4KM, I think the tall trees MUST be the problem
I did however notice there was a real slowdown of the response of the board in early 3.X versions.
I get 11 - 12 Mbit TCP either way on this link. Umm yeah, with that bad of signal I am impressed.