You should read the release topic messages before adding your own findings. It is mentioned several times already.
Ironic. How will this help me remotely upgrade hundreds of units?
Although the package is being downloaded to ram, it could upgrade in ram and then force rewrite nand. Disable any safety fuses.
Hopefully the bug is fixed some time. Note it will have to be fixed in 6.49.3 and then you can update to that, and then update to 7.1.
Indeed it would be nice to have some “remote clean install” option in some cases, but of course it will have to be done carefully or else it will expose another attack possibility.
(similar to what has been the problem with attackers remotely setting the bootloader options)
What features or fixes do we actually gain from MT spending cycles on a new kernel update? For a vanilla desktop linux install it makes some sense to keep the kernel updated. In that case you’re depending on the kernel maintainers to patch holes and provide new features
But MT spends a fair amount of time customizing the kernel on their hardware. still backporting support for the whole tile architecture for example. We have enjoyed pretty quick responses when a major flaw or exploit appears, the 6.47.10/6.48.3 releases with the fix for ‘FragAttacks’ and again with some protection from Meris botnet with device flagging in 6.49.1/6.48.6. there are several other CVE fixes in patch notes. 6.46 release for example…
Personally I think they’re doing great work to keep the security of their devices in mind. I updated my primary router at home (RB3011) to the 7.1 stable release on 7DEC and have had zero problems because of the update.
I can’t speak for all the BGP, MPLS, or IPv6 complaints though. I don’t use those features and I’m completely ignorant there…
After copying an upgrade package with the attribute to arm64 (device is arm only) version, the device tries to install the package and does not do any checking as in versions 6.xx. It ends with a bootloop and must be installed with the correct package via NetInstall, erasing the entire contents of the flash memory … the backups are gone.
After installing the final version 7.1 ARM version on ac2 and ac3 and ac3lte it appears in the window title as version “7.1 testing”. When selecting “Packages” and selecting in the menu for the Long term, Stable and Developer versions, the versions cannot be distinguished and the same version is displayed after selecting all three, that is 7.1. It is not possible to downgrade or manually upload the 6.xx file of the npk version of the package to the flash card and restart the router. It ends with a bootloop and the router must be reinstalled with the Netinstall utility.
In packagelist missing all packages. I will not enabling IPv6, Capman, etc.
Both issues I tested on routers: ac2, ac3 and ac3LTE6
Tested on ROS version: 7.1 Stable ARM
As it says in the release notes, the “bundle” package has been merged into a single combined package, so you can no longer enable or disable the individual parts. This is by design. You can still disable IPv6 with the “disable IPv6” checkbox in IPv6->Settings.
Is there any way I can enable packages? It is not in the menu after a clean installation of IPv6. As well as Capsman, Hotspot, etc.
I must first install the older version 6.xx, enable the required services in it and upgrade to version 7.1. then the packages are available and I can use them.
Is it planned to turn on packages in version 7.1 without having to install an older version?
Most of things are actually done by stock kernel, e.g. many (probably most in v7) device drivers, routing, … MT addsset of utilities, UI and some drivers - some might be proprietary, but supplied by chip vendors. The reason for sticking to old kernel in v6 was a big change in routing engine in linux kernel version 3.6. Because MT did a very good job at using the old routing engine in most efficient way, and using the new kernel routing engine meant complete rewrite of parts of utilities and UI, MT stayed at older kernels (too long). The complete rewrite is under way for ROS v7 … it seems to be almost done by now.
As long as new stock kernels don’t change ABI too much, MT will be able to upgrade kernel with normal releases of v7 (e.g. I expect to have kernel 5.15 in ROS v7.2) without too much hassle. So I guess we can expect much more streamlined flow of new releases with new and updated functionality (both kernel-based and MT’s own extensions) once basic work of upgrading to v7 (kernel 5.x) is finished.
The main reason for keeping the kernel reasonably up-to-date is to be able to fulfill feature requests from people who have seen interesting features added
to Linux and want to have them in RouterOS as well. E.g. wireguard, VTI, CAKE, CoDel, etc. Things that are not so much work to implement (“only” the management interface has to be done, i.e. the tables for the commands and windows), when you have the correct kernel to support them.
When not, these features can not be implemented easily and we see those topics with 1000 replies with only “+1” in the text, and no progress at all.
When the kernel now again gets a standstill at a fixed version, it is only a matter of time before the next exciting feature appears in Linux and everyone suddenly needs to have it. At that time it would be convenient when the kernel can be updated to the required version.
But how realistic that is depends a lot on the extent of the changes being made, how easy it is to patch a different kernel version with the same changes.
And that, of course, depends on the extent of the extra functionality MikroTik want to provide on top of existing Linux functionality.
In some cases, patches may no longer be required because standard Linux 5.x has included functionality that required patches in Linux 3.x.
you don’t disable or enable packages in v7. what is enabled or disabled in v6 doesn’t matter and you’re wasting time trying to roll back and enable or disable packages.
as normis stated above memory usage is not affected by features not in use. i.e I might have NTP server available on my home router now (was previously in separate package) but its not consuming any resources unless I set
