v6.40.4 [current]

Announcements
81

Thanks for the advise on the Quick Setup. I learned it myself in the hard way by troubleshooting.

What is still a mystery for me is the issue with Google Play downloads over IPv4. Weird…

82

Hi!


Number 1) has already been answered.

Using Quick Set erased your firewall config and replaced it with the default configuration. And as you disabled the firewall rule called “drop all not coming from LAN” what did you expect? You just did what it’s says it will do. This rule shuts down the access from the outside world and you disabled it. Using an special rule before this one, allowing specific traffic is the way to go. So I do not see a bug or problem here.

For Number 3) I can’t help you, because I do not use IPv6 (yet).

greetings, Daniel

83

Thanks for the “advise”. This rule was never before on my base ruleset until I reset the whole configuration and I never had this issue to open these flows.

So pls don’t tell me what to expect when a new rule shows up on my configuration after a reset.

I did try to share my experience for others to avoid the same issue.

I did modified the rule and now works as I needed to work (blocking everything except my connections over VPN).

Thanks for the advise.

84

I lost connection to mikrotik by API after updating at version 6.40.4.
Mikrotiks with previous versions (6.40.1) I have no problem. How can I solve it?

85

You can try to login to console and see what went wrong…

86

Connection attempt #1 to 10.11.12.100:8728… <<< [6] /login Connection attempt #2 to 10.11.12.100:8728… <<< [6] /login Connection attempt #3 to 10.11.12.100:8728… <<< [6] /login Connection attempt #4 to 10.11.12.100:8728… <<< [6] /login Connection attempt #5 to 10.11.12.100:8728… <<< [6] /login Error… Disconnected.
Attempted API connection to mikrotik. Not allowed /login

87

NetWatch Interval bug?
Hello i notice that on my CRS109-8G-1S-2HnD (6.40.4 (stable)) have a problem with the interval time.

[admin@Fa1c0n] > /tool netwatch print
Flags: X - disabled 
 #   HOST                 TIMEOUT              INTERVAL             STATUS  SINCE               
 0   85.130.109.35        1s                   1m                   up      oct/29/2017 02:38:00
 1   93.123.65.33         10s                  1m                   up      oct/29/2017 11:42:22
 2   137.74.173.42        10s                  2m                   up      oct/29/2017 11:42:24
[admin@Fa1c0n] >




11:42:22 system,info netwatch host modified by admin 
11:42:23 system,info netwatch host modified by admin 
11:42:39 script,info IRC UP SMS 
11:42:43 script,info OVH UP SMS

How you can see it from the log that netwatch make check after 20 sec.
Any idea why and it`s that a bug

88

Hello.

Did you fix this issue?

89

Interesting … What versions of WinBox/Windows are you using?

90

Unused routing marks remains in table in ip route rule. Let it be, that they will remove too, after removing the last route with this mark. I don’t to reboot my router to clear this cache. Thank you.

91

Hi everyone! I upgraded my hEX to 6.40.4 last night and found that about 75% of my saved static DHCP leases with comments (took hours) are gone! Also, my backup that I made just prior to the upgrade will not restore.

Also, a few weeks ago ether2 lost its assigned IP address on a reboot. I know for a fact all of the settings had been saved. Why would things be disappearing on me like this?

This is starting to get really frustrating…

Any ideas would be greatly appreciated. The hEX box is only a couple of months old.

92

RB912UAG-2HnD (with Sierra MC7304 cellular modem)

My cellular (PPP) interface works perfectly OK with ROSv6.37.1.

Upgraded to ROSv6.40.4 and the cellular (PPP) interface stops working, and I notice the usb1 port (/ports) is now showing up red and invalid status.

Roll back to ROSv6.37.1 – and the PPP cellular interface starts working again.

When I try to load my usual configuration script (with ROSv6.40.4) I see these errors (inserted)

######################################################

4G (PPP) Setup

/system routerboard usb
set type=mini-PCIe
/port firmware
set directory=firmware ignore-directip-modem=yes
:delay 15s
/interface ppp-client remove ppp-out1
no such item
:delay 1s
/interface ppp-client
add name=Cellular4G port=usb1 add-default-route=yes allow=pap,chap,mschap1,mschap2
apn=$APN4G data-channel=2 info-channel=2 dial-on-demand=no disabled=no
input does not match any value of port
/ip firewall nat
add chain=srcnat out-interface=Cellular4G action=masquerade


When I do a clean Netinstall (no configuration) with ROSv6.37.1:
• PPP interface has a disabled ppp-out1 (PPP Client)
• Port List, shows usb1 port to be available


When I do a clean Netinstall (no configuration) with ROSv6.40.4:
• PPP interface has nothing (blank)
• Port List, has nothing (blank)

Seems like MikroTik broke something here in relation to the RB912UAG-2HnD

93

Hi team,
As I see - quality of new ROS is not so good… It looks that problem with OVPN is already solved in current version and client is able to connect to server, however it seems that now problem appeared with OSPF… When I had all routers with 6.38.7 - all was working correctly. When I upgraded one router to 6.40.4 then all worked correctly too, but when I upgraded second one then OVPN was working correctly while OSPF all time is throwing error:
Discarding Hello packet: mismatch in network mask
mine=255.255.255.255
remote=255.255.255.0
source=10.28.0.254
Of course rouers’ configuration weren’t changed. Could you check it and fix?

Regards,
Radek

94

Check your open vpn server settings. In netmask put 32. I had the same issue and that fixed it with ospf

95

@darkprocess,
But till version 6.40.0 everythink was working correctly in OSPF. It doesn’t work now. I din’t check it in earlier versions because OpenVPN was affected (seems that aleady fixed), but all should works with current configuration. The strange thing is that all is working between ROS in version 6.38.7 and 6.40.4 while with the same configuration but two routers with ROS in version 6.40.4 it doesn’t work :frowning:

96

I had the same issue than you.

97

Now i have all my routers in 6.40.4 with ospf and ovpn working fine.

98

But Mikrotik changed something in ROS, because till version I could setup OSPF with:

  • network type: broadcast
  • network x.x.x.x/24 backbone
    But now I had to modify my configuration due to version over 6.40.0 as below:
  • network type: point-to-point
  • network x.x.x.x/32 backbone
    And the question is - why it changed already? Wasn’t previous way correct? In this way of working everyone have to test that in newer version of ROS all is working in the same way as for old version or something has been changed and reconfiguration whole environment is needed… Am I correct?..
99

How can we possibly answer that question if we don’t have the information on your network setup?
Both statements is accurate in different situations. I have both in my network working as expected. If you need to hammer this out then setup a new threat in “Forwarding Protocol” section describing your problem with picture of net and we can discuss the specifics about that setup.

100

I think I found a TR069 bug.

If a DHCP hostname has a space (or possibly a special character) on the end (doesn’t show up in winbox in the name, but shows up if I print the names via scripting), the MikroTik makes a malformed request to the TR069 ACS, if the Device.Host table is requested by the ACS, which contains those host names.

This crashes the ACS (GenieACS in this case).

If I delete the two DHCP leases on the MikroTik that are associated with devices with the space or special character at the end of the hostname, TR069 works perfectly.