When trying to work around the MTU hole with IPSEC IKEv2 I found out that the new version does NOT process MTU settings at all. The local router IP facing the machine is on a bridge interface. I tried setting MTUs on both the bridge and the actual ethernet port. Even if the MTU is set to a lower value - e.g. 1404, 1372, 576, etc the router will accept and respond to ping with a 1500 packet with an echo reply instead of datagram too big. The same is observed for forwarded traffic as well. This is wrong behavior.
I’m seeing the same behaviour. I got a failure in a ISP router and had to replace it with an idle hAP ac^2 that was running 7.0beta 5. The configuration is basically (I left the firewall/nat/dhcp-server… outside):
/interface vlan add interface=ether1 mtu=1492 name=orange vlan-id=20
/ip dhcp-client add disabled=no interface=orange
/interface list member add interface=orange list=WAN
After I configured it was working in the iCMP and UDP layers, but the TCP connection setup was completely broken. Adding a mangle route to handle TCP/MSS was also not helping.
After I set the channel to testing, “upgraded” to 6.47beta49 and rebooted, the connection started to work like a charm, no configuration changes, not even needed to “upgrade” firmware, it seems to run well with “current-firmware: 7.0beta5 / upgrade-firmware: 6.47beta49”