*) ipv6 - fixed IPv6 RA delay time from 5s to 500ms according to RFC;
Upgraded hAP AX^3 from ROS 7.11.2 to 7.12, and upgraded the firmware, but IPv6 RA Delay Time still shows as 3 seconds and cannot be changed to 500ms. The parameter in ND only accepts seconds. Have I missed something?
On my rb850gx2 I have no service, I updated it remotely and now it no longer responds.
I am observing the same here, running 7.12. Perhaps this is a cosmetic issue, where it displays 3s but internally it is 500ms? And yes, you can’t set ra-delay to any millisecond value, it rounds it down to 0s when attempting:
/ipv6 nd set 0 ra-delay=500ms
Warning: value of ra-delay was rounded down to 0s
Upgraded my RB5009+three AX2 to 7.12 but still I have very slow speeds on my local network (around 23 MB/s) between my iPad and my NAS whereas I had around 50 MB/s before 7.11 or so. Don’t understand what to do.
CCR2116-12G-4S+
Edge router on producion (with HA) 2 BGP IPv4, 1 BGP IPv6.
Uptime 1d 00:36:16, no problem.
Most likley wireless conditions change in some way. Wireless is wireless.
I have also confirmed this situation.
I gave up and reverted to 7.11.2 with netinstall.
Why not switch to HMAC-SHA-X Algorithm instead of MD5?
I have OSPFv3 running with HMAC-SHA-512 Auth between Bird 2.0.14 and ROS 7.12 with success. After the inclusion of bugfix “ospf - fixed OSPFv3 authentication header length calculation”
ROS 7.12
/routing ospf interface-template
add area=ospf3-backbone auth=sha512 auth-id=0 auth-key=\
gsCHixQReM8cITbm8-8iedXG63ao8i9s dead-interval=20s disabled=no \
hello-interval=5s interfaces=bridge1.3999 retransmit-interval=2s
Bird 2.0.14 (on Debian Linux 12)
protocol ospf v3 ospf3_main {
area 0 {
interface "br0.3999" {
type broadcast;
hello 5; retransmit 2; wait 10; dead 20;
authentication cryptographic;
password "gsCHixQReM8cITbm8-8iedXG63ao8i9s" { id 0; algorithm hmac sha512; };
check link on;
};
};
}
Unless you capture the OSPFv3 packets on the wire and analyze the Authentication contents in e.g. Wireshark. It is hard to know what is going wrong for your setup with FRR 9.0.1 and ROS 7.12.
My problem was the the authentication header length before 7.12 was set to an incorrect value. Where ROS missed the addition of 16 bytes in the len field in the OSPFv3 authentication header. ( HMAC-SHA-512 / 8 = 64 bytes, instead of HMAC-SHA-512 / 8 + 16 = 80 bytes)
Upgrade from 7.11.2 seems to have gone okay on 2x hEX (RB750Gr3) and 1x hAP AX^2. Noticed that on all of them I needed to reboot a second time to upgrade the routerboard firmware despite having “/system routerboard settings set auto-upgrade=yes” configured.
Like the extra logging for scripts that now tells you what it did.
“Noticed that on all of them I needed to reboot a second time to upgrade the routerboard firmware despite having “/system routerboard settings set auto-upgrade=yes” configured.”
This has always been required. All the auto-upgrade does is save you the effort of having to go in and manually upgrade the router board firmware before rebooting.
That’s expected and has been so ever since auto-upgrade is available. The reason is that .fwf files with new routerboot are part of ROS package and are only available after new ROS version gets installed. What the auto-upgrade=yes does is that it installs the new routerboot firmware right after new ROS boots for the first time (so one doesn’t have to go via System->RouterBOARD->Upgrade manually) … but an extra reboot is still necessary.
This has been discussed on this forum before … and MT staffers’ response was that it is not possible to flash new routerboot image before new ROS is booted. Personaly I have hard time believing this (I guess it would be non-trivial and might pose a threat to stability of upgrade process, but I’m pretty sure it would be possible to do it in same leg as ROS upgrade).
Given VPN tunnel:
[OpenVPN Client on MikroTik Router] to [OpenVPN Server on MikroTik router]
in UDP mode
IS STILL BROKEN.
When key renegotiation time arrives, the connection is aborted with the following messages on the server:
<CLIENT IP ADDRESS>: disconnected <TLS error: ssl: unexpected message (6)>
ovpn_server1: terminating... - TLS error: ssl: unexpected message (6)
<CLIENT IP ADDRESS>: disconnected <explicit peer disconnect>
[sarcasm]
Well, 7.12 branch isn’t abandoned/surpassed yet.
[/sarcasm]
Corrected/clarified 
I have 3 hap x2 as access points. 5GHz spectrum is clear. The AP (in fact ANY of them) is in the line of sight but still…
Start a new thread and post network diagram and config of relevant devices.
Ah, okay. Thanks for clarifying the behaviour.
SFP Mikrotik S-RJ01 problem on CCR2216.
no link or 100M
No problem on RB5009.
Advertises 1Gb just nicely.
FoxGate ONU 1001XP-SFP is not initializing on RB5009 either Auto negotiation or force . Was working on 7.8 (with eeprom-checksum: bad to be precise).