v7.14beta [testing] is released!

RouterOS version 7.14beta has been released on the “v7 testing” channel!

Before an upgrade:

  1. Remember to make backup/export files before an upgrade and save them on another storage device;
  2. Make sure the device will not lose power during upgrade process;
  3. Device has enough free storage space for all RouterOS packages to be downloaded.

What’s new in 7.14beta10 (2024-Feb-06 15:47):
!) rose-storage - moved SMB service in the RouterOS bundle;
!) smb - removed legacy SMB service (replaced with newer and faster ROSE SMB service);
*) arp - added ARP status;
*) console - improved stability when using autocomplete with “export”;
*) defconf - fixed configuration script on KNOT devices if “ppp-out” interface is removed;
*) defconf - fixed firewall rule for IPv6 UDP traceroute;
*) dhcpv6-client - updated error logging when multiple prefixes received on renew;
*) disk - added global disk “settings” menu (CLI only);
*) l3hw - fixed IPv6 host offloading in certain cases;
*) package - added “size” property;
*) poe-out - improved 802.3at classification and measurement accuracy;
*) poe-out - improved cable test for hAP ac3 and hAP ax3 devices;
*) ptp - added “aes67” and “smpte” profiles;
*) ptp - added configurable “domain” and “priority2” parameters;
*) ptp - added support for Management message forwarding in BC;
*) route - fixed gateways of locally imported vpnv4 routes;
*) route-filter - fixed AS path matchers when input and output chains are used;
*) sfp - fixed corrupted Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases;
*) smb - added option to specify SMB service mode as “auto”;
*) supout - added PTP section;
*) system - expose “lo” and “vrf” interfaces;

What’s new in 7.14beta9 (2024-Feb-01 11:09):
!) rose-storage - moved SMB service in the RouterOS bundle;
!) smb - removed legacy SMB service (replaced with newer and faster ROSE SMB service);
*) arp - added ARP status;
*) bridge - avoid per-VLAN host flushing on HW offloaded bridge;
*) bridge - fixed host flush on BPDU-guard port disable (introduced in v7.14beta3);
*) bridge - improved protocol-mode MSTP functionality;
*) bridge - removed “mst-config-digest” from MSTI menu;
*) bridge - removed MVRP support, the development will continue in v7.15 “beta”;
*) certificate - improved certificate validation performance;
*) console - added “show-at-cli-login” option to display a note before telnet login;
*) console - fixed delayed output from “:grep” command in certain cases;
*) console - fixed incorrect behavior of “:onerror” command in certain cases;
*) defconf - added log about configuration reset due to pressed reset button;
*) defconf - fixed Audience scanning-for-wps-ap timeout;
*) defconf - increased LTE interface wait time;
*) defconf - updated health settings on configuration revert;
*) disk - added exFAT and NTFS mount/read/write support;
*) fetch - allow to use certificate and check-certificate parameters only in HTTPS mode;
*) fetch - fixed incorrect “src-path” error message when “upload=yes”;
*) fetch - print all “Set-Cookies” headers in response;
*) health - added limited manual control over fans for CCR1016r2, CCR1036r2 devices;
*) health - changed default “fan-min-speed-percent” from 0% to 12%;
*) health - updated health properties for CCR1016r2, CCR1036r2 devices;
*) leds - added “dark-mode” functionality for hAP ax3 and Chateau ax series devices;
*) leds - fixed modem LED indication for SXT LTE 3-7;
*) lte - fixed APN authentication for FG621-EA modem;
*) lte - fixed Simcom modem support in 0x9000; 0x9002, 0x9002; 0x901a and 0x901b USB compositions;
*) lte - optimized “at-chat” response reading;
*) ovpn - improved system stability when using HW encryption on ARM64 devices (introduced in v7.13);
*) package - added “size” property;
*) package - reduced “wireless” package size for ARM, ARM64, MIPSBE, MMIPS devices;
*) poe-out - driver optimization for AF/AT controlled boards;
*) ptp - fixed “default” and “g8275.1” profiles go into “slave” instead of “uncalibrated” state;
*) ptp - fixed default values for “802.1as” profile;
*) ptp - fixed flags in Announce message;
*) ptp - fixed potential error in packet exchange;
*) ptp - make clock go into grandmaster state if slave port goes down;
*) sfp - fixed corrupted Tx traffic at 10Gbps rate on RB4011 in rare cases;
*) snmp - added “bgpLocalAs” and “bgpIdentifier” OID reporting;
*) snmp - fixed “bgpPeerFsmEstablishedTime” OID reporting;
*) sstp - added support for “aes256-gcm-sha384” encryption;
*) switch - fixed Atheros-8327 switch rules (introduced in v7.14beta3);
*) switch - fixed reserved multicast receive on Atheros-8327, QCA8337 switches for R/STP bridge;
*) system - correctly handle HTTP 1xx and 204 response status codes (introduced in v7.14beta6);
*) system - fixed “cpu-frequency” for CRS3xx ARM devices;
*) system - properly assign destination port for HTTP/S connections initiated by the router (introduced in v7.13);
*) webfig - fixed routing table filter under “IP/Routes” menu;
*) webfig - improved stability when adding new entries under “IP/Routes” menu;
*) wifi - added “station-pseudobridge” interface mode;
*) wifi-qcom - enable display of regulatory information on L11,L22 devices;
*) wifi-qcom - improve system stability for L11, L22 devices;
*) winbox - fixed status under “Bridge/Ports” menu (introduced in v7.14beta3);
*) winbox - improved status values under “System/PTP” menu;

What’s new in 7.14beta8 (2024-Jan-22 21:07):
!) rose-storage - moved SMB service in the RouterOS bundle;
!) smb - removed legacy SMB service (replaced with newer and faster ROSE SMB service);
*) bgp - allow to leak routes between local VRFs;
*) bth - added simple “Back To Home Users” manager under IP/Cloud menu;
*) console - added “show-at-cli-login” option to display a note before telnet login (CLI only);
*) defconf - fixed Audience scanning-for-wps-ap timeout;
*) dns - do not add new entries to cache if “cache-size” is reached;
*) dns - fixed DNS service crash when DoH used (introduced in v7.14beta4);
*) fetch - added “head” option for “http-method”;
*) fetch - allow specifying link-local address in FTP mode;
*) fetch - fixed fetch when using “src-path” with SFTP mode (introduced in v7.13);
*) firewall - fixed underlying CAPsMAN tunnel reusing packet marks of encapsulated packets;
*) firewall - fixed underlying VXLAN/EoIP tunnel reusing packet marks of encapsulated packets;
*) health - show voltage when powering KNOT R through Micro-USB;
*) iot - added bluetooth whitelist wildcard asterisk support;
*) iot - improvements to GPIO behavior on boot;
*) iot - improvements to LoRa CUPS;
*) iot - removed bluetooth whitelist maximum entry limit of 8;
*) ipv6 - made “valid” and “lifetime” parameters dynamic for SLAAC IPv6 addresses;
*) leds - fixed modem signal strength for RBSXTR&R11e-LTE (introduced in v7.14beta6);
*) lte - added “at-chat” support for Sierra Wireless EM9293 5G modem;
*) lte - fixed Simcom modem support in 0x9001 USB composition;
*) modem - improved stability when performing modem FOTA upgrade;
*) netinstall-cli - check package and device architecture before formatting;
*) package - reduced “wireless” package size for ARM, ARM64, MIPSBE, MMIPS devices;
*) package - reduced package size for SMIPS;
*) poe-out - fixed “power-cycle” for CRS354-48P-4S+2Q+ device (introduced in v7.13);
*) sms - fixed SMS inbox for FG621-EA modem (introduced in v7.13);
*) sms - fixed SMS sending from WinBox and WebFig (introduced in v7.13);
*) sms - improved system stability when working with SMS;
*) snmp - updated timeout log;
*) switch - fixed “cpu-flow-control” for RB3011 (introduced in v7.14beta3);
*) switch - fixed Atheros switch port configuration export (introduced in v7.14beta3);
*) switch - fixed Ethernet disable/enable for CRS310-8G+2S+ devices;
*) system - properly close HTTP/S connections initiated by the router;
*) system - properly start HTTP/S connections initiated by the router if non-default port is used (introduced in v7.14beta3);
*) traffic-flow - use 64bit counters for v9 and IPFIX flows;
*) traffic-generator - improved system stability when receiving bogus traffic;
*) webfig - fixed setting the user’s password;
*) wifi - improved handling of CAP connections in dual CAPsMAN scenario;
*) wifi-qcom - improved system stability when using FastPath (introduced in v7.13);

What’s new in 7.14beta7 (2024-Jan-15 11:37):
!) rose-storage - moved SMB service in the RouterOS bundle;
!) smb - removed legacy SMB service (replaced with newer and faster ROSE SMB service);
*) bth - added simple “Back To Home Users” manager under IP/Cloud menu;
*) iot - improvements to LoRa CUPS;
*) lte - fixed MBIM interface enabling for Quectel EC25 modem (introduced in v7.13);
*) route - fixed route lockup when loading large amount of routes on ARM64 (introduced in v7.14beta4);
*) sms - moved LTE SMS read settings from “/tool/sms” to “/interface/lte” menu and migrate old configuration (CLI only);
*) vlan - fixed non-running VLAN interface after failed MTU change;
*) winbox - show all columns under “Routing/PIM SM/Static RP” menu by default;

What’s new in 7.14beta6 (2024-Jan-10 16:21):

*) arp - added ARP status (CLI only);
*) calea - improved system stability when adding bridge rule without “calea” package installed;
*) console - updated copyright notice;
*) defconf - do not add loopback interface to the bridge ports (introduced in v7.14beta3);
*) defconf - fixed wifi configuration if interface MAC address is changed;
*) defconf - increased LTE interface wait time;
*) dhcpv6-client - install dynamic IPv6 blackhole routes in corresponding routing-table;
*) dns - fixed domain name lookup resolving for internal services;
*) fetch - fixed DNS resolving when domain has only AAAA entries (introduced in v7.13);
*) fetch - fixed timeout when content-length is 0 (introduced in v7.14beta4);
*) fetch - improved fetch stability in SFTP mode;
*) fetch - less verbose logging;
*) iot - improved LoRa LNS;
*) l3hw - fixed neighbor offloading after link flap;
*) l3hw - preserve offloading for VLANs when bridge ports are down;
*) leds - fixed default LTE LED configuration for wAPR-2nD;
*) lte - added AT channel support for Quectel EM120K-GL modem;
*) lte - don’t duplicate primary band in 5G SA mode for chateau 5G;
*) lte - fixed “use-peer-dns” setting for EC200A modem;
*) lte - fixed an issue for EC200A modem that IPv6 address could be added as IPv4 address;
*) lte - fixed support for config-less modem detection (introduced in v7.13);
*) lte - improved modem recovery after failed IPv4 configuration;
*) mpls - fixed VPN fragmentation when forwarding IP traffic;
*) port - fixed support for USB/serial adapters (introduced in v7.13);
*) port - removed bogus serial port on RB750Gr3, RB760iGS and RBM11G devices;
*) ppp - added support for “WISPr-Session-Terminate-Time” RADIUS attribute;
*) qos-hw - fixed “tx-queue7-packet” counter;
*) routerboard - added “reset-button” support for RBwAPR-2nD device;
*) sfp - added support for modules requiring single byte I2C read transactions;
*) sfp - improved link establishment for RB4011 devices;
*) smips - improved system stability (introduced in v7.14beta4);
*) sms - improved system stability when working with SMS;
*) snmp - hide “MikroTik” in LLDP MIB when branding with hide SNMP option is used;
*) ssh - improved SSH performance on ARM, MIPS, MMIPS, SMIPS and TILE devices;
*) system - improved system stability when processing packets in FastPath (introduced in v7.13);
*) tftp - improved invalid request processing;
*) timezone - updated timezone information from “tzdata2023d” release;
*) tr069 - don’t duplicate cellular info in “X_MIKROTIK_5G” nodes when connected in NR SA mode;
*) vlan - fixed non-running VLAN interface after failed MTU change;
*) vrf - prevent VRF interface name collision with interface lists;
*) vxlan - fixed underlying tunnel reusing routing marks of encapsulated packets;
*) wifi - fixed issue with setting country profile (introduced in v7.13.1);
*) wifi - increased value for SAE retransmit period to 3s to improve WPA3 compatibility with IoT client devices;
*) wifi - use “Latvia” as default value for “country” property;
*) winbox - added “Name” parameter under “Tools/Netwatch” menu;
*) winbox - added “Port Cost Mode” setting under “Bridge” menu;
*) winbox - added “VRF” parameter under “Tools/Ping” menu;
*) winbox - added “x25519” argument for “DH Group” parameter under “IP/IPsec/Profiles” menu;
*) winbox - added missing “Protocol” arguments under “IPv6/Firewall” menu;
*) winbox - added missing monitoring properties under “WireGuard/Peers” menu;
*) winbox - fixed “Bridge Cost” range under “Interfaces/VPLS” menu;
*) winbox - fixed “Password” button under “Quick Set” menu;
*) winbox - improved system stability with large packets;
*) winbox - remove “Root Bridge ID” property under “Bridge/MSTIs” menu;

What’s new in 7.14beta4 (2023-Dec-29 10:05):
*) bridge - fixed auto “path-cost” for bonding interfaces (introduced in v7.13);
*) bth - added simple “Back To Home Users” manager under IP/Cloud menu;
*) console - increased maximum file content length that can be managed through command line to 60 KB;
*) dns - do not add new entries to cache if “cache-size” is reached;
*) fetch - fixed fetch when using “src-path” with HTTP/HTTPS modes (introduced in v7.13);
*) fetch - improved file download stability with HTTP/HTTPS modes;
*) leds - do not show LTE connection state/mode using RGB power LED from configless LTE modems;
*) lte - fixed USB mode switch and initialization race condition for configless USB modems;
*) lte - improved support for “ACER” and “MSFT” branded EM12-G modems;
*) route-filter - added option to set “isis-ext-metric”;
*) sfp - improved combo-sfp handling for CRS328-4C-20S-4S+;
*) switch - fixed “vlan-mode” and “default-vlan-id” property reset after reboot (introduced in v7.14beta3);
*) system - expose “lo” and “vrf” interfaces;
*) system - improved memory allocation for ARM64 devices;
*) tr069 - fixed bandwidth test;
*) usb - show “Supermicro CDC” adapter as Ethernet interface;
*) wifi-qcom - fixed new connections, when maximum supported number of MAC addresses behind connected station-bridges is reached;
*) x86 - fixed VLAN tagged packet transmit for igb (introduced in v7.12);

What’s new in 7.14beta3 (2023-Dec-19 13:31):

*) 6to4 - make “ipsec-secret” sensitive parameter;
*) api - improved REST API stability when processing invalid requests;
*) api - properly return SNMP OIDs when requested;
*) arm - improved system stability when using microSD on RB1100Dx4;
*) bridge - added MLAG support for MSTP bridges;
*) bridge - added MVRP support (CLI only);
*) bridge - improved bridge VLAN configuration validation;
*) bridge - improved configuration speed on large VLAN setups;
*) bridge - improved protocol-mode MSTP functionality;
*) bridge - improved protocol-mode STP and RSTP functionality;
*) bridge - make “point-to-point=yes” default value for non-wireless bridge ports;
*) bridge - try to set wireless bridge ports as edge ports automatically;
*) bth - added simple “Back To Home Users” manager under IP/Cloud menu;
*) console - added missing “where” clause for “/ipv6/firewall/filter” table print command;
*) console - added “:tolf” and “:tocrlf” commands for converting line break to/from LF or CRLF;
*) console - do not accept negative or too large values for “:delay” command;
*) console - do not allow to use out-of-range values for time type fields;
*) console - fix configuration export when user does not have a “sniff” policy;
*) console - hint on reset command help that “.rsc file” is required for “run-after-reset” parameter;
*) console - improved editor functionality in full screen mode;
*) console - increased maximum file content length that can be managed through command line to 60 KB;
*) container - improved VETH interface management responsiveness and reliability;
*) container - restrict “/container/shell” menu for users without “write” permissions;
*) defconf - use “fq_codel” queue as default interface queue for wired ports on LTE devices;
*) disk - added exFAT and NTFS mount/read/write support (CLI only);
*) disk - properly unmount disk when it is disconnected;
*) ethernet - improved cable-test reliability for hAP ax3 PoE out port;
*) ethernet - resolved minor memory leak while processing packets;
*) fetch - do not require “content-length” for HTTP (introduced in v7.13);
*) fetch - fixed IPv4 address logging (introduced in v7.13);
*) fetch - treat any 2xx HTTP return code as success (introduced in v7.13);
*) filesystem - improved filesystem integrity for several RB3011 units with automatic firmware upgrade;
*) firewall - added “creation-time” parameter for IPv6 address list entries;
*) firewall - increased default “udp-timeout” value from 10s to 30s;
*) health - improved fan control on CRS3xx and CCR1016-12S-1S+r2;
*) iot - added LoRa CUPs protocol support;
*) iot - fixed modbus partial frame reception issue;
*) iot - improved modbus Tx/Rx switching behaviour;
*) leds - fixed “type=on” LED behaviour after reboot;
*) leds - fixed wireless type of LED triggers for routers using WiFi package;
*) lte - refactored AT command control for AT modems;
*) modem - fixed SMS removal (introduced in v7.13);
*) ovpn - added support for pushing routes;
*) ovpn - improved OVPN configuration file import process;
*) ovpn - improved key-renegotiation process;
*) poe-out - improved PoE out reliability on routers with a single PoE out interface;
*) ppp - log an error when IPv6 DHCP pool is exhausted;
*) route - improved route print “count-only” process speed;
*) route - improved stability on route table lookup;
*) sfp - improve high-power SFP module initialization;
*) ssh - improved SSH performance on ARM and MIPS devices;
*) ssh - refactored SSH service internal processes;
*) switch - improved 100G interface stability for 98DX4310 and 98DX8525 switches;
*) switch - minimise potential packet overflows on CRS354;
*) system - changed build time format according to ISO standard;
*) system - expose “lo” interface;
*) system - improved RAM allocation for L009UiGS-RM;
*) system - improved system stability when processing packets in FastPath (introduced in v7.13);
*) system - provide more precise “total-memory” value for ARM devices;
*) system - provide more precise “total-memory” value under “System/Resources” menu for L009 and hAP ax lite routers;
*) tr069-client - show 5G signal info in X_MIKROTIK_5G nodes only for 5G NSA bands;
*) wifi - added “station-pseudobridge” interface mode (CLI only);
*) wifi - use correct CAP identity for interface name provisioning after it has been changed by remote-cap/set-identity;
*) winbox - added “accept-protocol-version” parameter to the L2TP server settings;
*) winbox - added “mode-button” and “switch” menus for L41G-2axD&FG621-EA;
*) winbox - added “page-refresh” setting to the Graphing settings;
*) winbox - aded Preboot Etherboot settings to the System/RouterBOARD/Settings menu;
*) winbox - do not show USB settings for CRS devices that does not need it;
*) winbox - improved connection speed and reliability;
*) winbox - improved route table automatic refresh process for static routes;
*) winbox - include “te-tunnel” parameter in VPLS interface monitor;
*) winbox - properly validate “passthrough-subnet-size” in the LTE APN settings;
*) winbox - removed “sfp all” option from combo port settings;
*) winbox - renamed “Wireless Table” menu to “Wifi”;
*) winbox - show “routing-table” column under IP/Route menu by default;
*) wireguard - do not allow to use multiple WireGuard interfaces on the same “listen-port”;
*) wireguard - optimised and improved WireGuard service logging;

To upgrade, click “Check for updates” at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. The file must be generated while a router is not working as suspected or after some problem has appeared on the device

Please keep this forum topic strictly related to this particular RouterOS release.

*) bridge - added MLAG support for MSTP bridges;
*) bridge - added MVRP support (CLI only);
*) bridge - improved bridge VLAN configuration validation;
*) bridge - improved configuration speed on large VLAN setups;
*) bridge - improved protocol-mode MSTP functionality;
*) bridge - improved protocol-mode STP and RSTP functionality;
*) bridge - make "point-to-point=yes" default value for non-wireless bridge ports;
*) ovpn - added support for pushing routes;

nice stuff way to go MT

*) system - expose "lo" interface;

no more fake loopback bridges required for ospf :slight_smile:

Nice, thank you!

Just notice push route is in the ovpn server setting not per secret/user basis? I hope MT would make it more flexible

ethernet - resolved minor memory leak while processing packets;

I’m sure you guys already expected this question to come: under what circunstances does this minor memory leak occur? Who should be concerned? To what degree?

did you test it yet? currious if it really works

I’ll try it in GNS3 later today.
Edit: seems to work fine in initial testing

Nice

Regards,

hmm, since we already have Loopback interfaces, maybe “soon” we will also see VTI interfaces :stuck_out_tongue:

After updating to v7.14beta3, I noticed that my hAP ac3 is reverting vlan-mode settings in /interface/ethernet/switch/port to vlan-mode=disabled instead of the vlan-mode=fallback that was set before. This is happening on every reboot, even after setting to vlan-mode=fallback again.

next to loopback interfaces tab, we have also vrf interfaces tab .. ?! what the heck ? :wink:

This is something I’ve wanted to do before — use fq_codel on an interface queue — but it’s never allowed:

And AFAIK it still cannot be applied “by hand” in 7.14, but trying to fq_codel on an interface returns same as previous versions:
failure: non rate limit queues are useless on this interface

Any reason why the “defconf” can do it, but the CLI cannot?

Maybe I just don’t not understand “wired port on LTE devices” since I’m not sure what a that means (e.g. passthrough port or the LAN/bridge interface)?

I think the “failure: non rate limit queues are useless on this interface” warning is just if you try to assign a queue to the bridge, as opposed to just one of the ethernet ports.

Seams the problem with VPLS have got better. I have a RB962 in the lab on 6.13 it rebooted after 2 min now it have been up for 15min…
Grate work.

Sorry to erly rebooted after 20min so a bitt better but not solved

Hope IS-IS ipv6 come with 7.14 stable.

If only one loopback interface is supported, adding and deleting it should be impossible.

Tested and it works

That’s true, physically ports can use “non rate limit” queues.

But still not sure what the change does…

e.g. what does “wired port” mean in the context of an LTE device’s defconf…as the default configuration of an LTE device uses a bridge…

Any plans for:

  • L3HW offload enabled when using MLAG?
  • Virtual Switch Stacking (VSS) capabilities? or at least Active / Standby switches with replicated configuration for true high availability?

I am looking for these features!