v7.6beta [testing] is released!

Announcements
1

RouterOS version 7.6beta4 has been released “v7 testing” channel!

Before an upgrade:

  1. Remember to make backup/export files before an upgrade and save them on another storage device;
  2. Make sure the device will not lose power during upgrade process;
  3. Device has enough free storage space for all RouterOS packages to be downloaded.

What’s new in 7.6beta4 (2022-Sep-01 11:35):

*) container - fixed usage of non-authenticated registries;
*) dhcpv4-server - improved service stability when removing dynamic leases;
*) dhcpv6-client - fixed false error status reporting when server offers T1 or T2 value as 0;
*) firewall - added “src/dst-address-type” parameter under “IPv6/Firewall/Mangle” menu;
*) firewall - disable IRC NAT helper on upgrade;
*) firewall - fixed IPv6 filtering with “in/out-interface” matcher that is in VRF;
*) firewall - fixed IRC NAT helper (CVE-2022-2663);
*) health - fixed fan speed and temperature reporting on CCR1072;
*) hotspot - fixed service initialization when HTML directory configured on an external disk;
*) hotspot - improved stability when receiving bogus packets;
*) hotspot - limit maximum allowed connections based on free RAM resources;
*) hotspot - removed “routerboard.com” URL from default HotSpot advertise;
*) l3hw - added support for IPv6 route offloading (disabled by default);
*) l3hw - added “l3hw-settings” sub menu under the switch menu (CLI only);
*) l3hw - fixed “H” flag presence for accelerated connection tracking entries;
*) l3hw - improved system stability;
*) lte - added interface name for MTU debug logging message;
*) lte - added support for Neoway N75-EA;
*) lte - disabled RPLMN on Chateau 5G;
*) netwatch - fixed string variable values in script;
*) ospf - added SHA hashing for authentication;
*) ospf - fixed area “no-summary” setting;
*) ospf - fixed displaying of VRF interface in related logs;
*) ovpn - added IPv6 support for ethernet mode;
*) pppoe - fixed MRU negotiation even when it is set to 1500;
*) radius - require “policy” policy for “login” service configuration;
*) route - fixed memory leak;
*) sfp - improved QSFP/SFP interface stability for 98DXxxxx and 98PX1012 switches;
*) sms - added “status-report-request” parameter for “send” command;
*) tr069-client - do not allow “:” symbols in username;
*) user - removed unused “dude” policy;
*) vrrp - fixed connection tracking synchronization on MMIPS and MIPSBE devices;
*) webfig - fixed displaying of “Last Seen” parameter under “IP/DHCP Server/Leases” menu;
*) winbox - added “File Name” option for “Load Config” parameter under “System/SwOS” menu;
*) winbox - allow “timeout” value to be less than 1 under “Tools/Netwatch” menu;
*) winbox - fixed interface traffic graph drawing on RB5009;
*) winbox - made “backup.swb” the default value for SwOS backup;
*) www - improved stability when receiving bogus packets;
*) x86 - improved ixgbe driver support;

To upgrade, click “Check for updates” at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

Please keep this forum topic strictly related to this particular RouterOS release.

Vendor-class-id replaced with generic option matcher - How to PXE boot?
[Feature request] conditional dhcp options
v6.49.7 [stable] is released!
L3HW Acceleration not working on 2116
what do I expect from the v7.6 beta
7.5 l3 hw nat is broken on CCR2116
7.5 Container start on boot
2

*) radius - require “policy” policy for “login” service configuration;

Nooo… :sad_but_relieved_face::sad_but_relieved_face::sad_but_relieved_face:
Unfortunately you have noticed it…
I have always used it to scale permissions and become an administrator even in RouterBOARD which I did not have administrative access…

Now than the pandora box is open, please add this critical security fix also on 7.5, 6.48.6 and 6.49.6…

3

My CCR2116 is unable to update to this version, there’s nothing in the logs, 42MB free diskspace. It downloads the 7.6beta4 image, reboots and comes up again with version 7.5.
2-Partition setup, user-manager and zerotier extra packages are installed.

4

7.6beta4: RB5009 no longer shows and provides access to mounted USB T5 Samsung SSD drive partition. It works in 7.5 and earlier.

[admin@MikroTik] > :put ([/system/resource/print as-value]->"version")
7.6beta4 (development)
[admin@MikroTik] > :put ([/system/routerboard/print as-value]->"current-firmware")
7.6beta4
[admin@MikroTik] > /system/resource/usb/print
Columns: DEVICE, VENDOR, NAME, SPEED
# DEVICE  VENDOR                NAME                  SPEED
0 2-1     Samsung               Portable SSD T5        5000
1 1-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller    480
2 2-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller   5000
[admin@MikroTik] > /disk/print

[admin@MikroTik] > 

-------------------------------------------------------------------------------------------------------

[admin@MikroTik] > :put ([/system/resource/print as-value]->"version")
7.5 (stable)
[admin@MikroTik] > :put ([/system/routerboard/print as-value]->"current-firmware")
7.5
[admin@MikroTik] > /system/resource/usb/print
Columns: DEVICE, VENDOR, NAME, SPEED
# DEVICE  VENDOR                NAME                  SPEED
0 2-1     Samsung               Portable SSD T5        5000
1 1-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller    480
2 2-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller   5000
[admin@MikroTik] > /disk/print
Flags: M, r - RAID-MEMBER
Columns: SLOT, MODEL, SERIAL, INTERFACE, NAME, FS, FREE, SIZE
#   SLOT  MODEL                    SERIAL        INTERFACE          NAME   FS    FREE      SIZE    
0 M usb1  Samsung Portable SSD T5  000000000000  USB 3.10 5000Mbps  disk1  ext4  914.5GiB  931.5GiB
[admin@MikroTik] >
5

Hi,

please implement last reaoming standard 802.11v…this is the last missing…

6

ros 7.5 create container AdGuard Home, upgrade to 7.6 beta4 don`t run :frowning:
log
2022/09/02 12:23:13.847315 [info] AdGuard Home, version v0.107.11
2022/09/02 12:23:14.012107 [info] Initializing auth module: /opt/adguardhome/work/data/sessions.db
2022/09/02 12:23:14.013476 [error] auth: open DB: /opt/adguardhome/work/data/sessions.db: open /opt/adguardhome/work/data/sessions.db: permission denied
2022/09/02 12:23:14.013491 [fatal] Couldn’t initialize Auth module
fix please

7

This is very exciting…

*) l3hw - added support for IPv6 route offloading (disabled by default);

Can anyone provide more information on this? What switch chips are supported? Does this mean that IPv6 fast-track is being worked on?


Robert

Feature Request : IPv6 Fasttrack
8

L3HW IPv6 is now supported by all CRS3xx, CRS5xx, and CCR2x16 devices.
IPv6 FastTrack HW Offloading is not implemented because the software IPv6 FastTrack needs to be implemented first. Unfortunately, I don’t have information about the latter.

Feature Request : IPv6 Fasttrack
9

wow you should have reported that when you saw it.

simply wow...

10

You didn’t report a bug for a vulnerability like this just for your own ease of use? Wow.

11

It’s working fine.

/container mounts
add dst=/opt/adguardhome/work/data name=adguardhome_data src=/container/adguardhome
add dst=/opt/adguardhome/conf/ name=adguardhome_conf src=/container/adguardhome
add dst=/opt/adguardhome/work/ name=adguardhome_work src=/container/adguardhome
/container
add interface=veth1 mounts=adguardhome_data,adguardhome_conf,adguardhome_work root-dir=container/adguardhome workdir=/opt/adguardhome/work
/container config
set registry-url=https://registry-1.docker.io tmpdir=container/tmp

2022-09-02_18-00-53.jpg

12

Upgraded hap ac3 wifiwave2 coming from 7.5

One remark: somehow I managed to tick WPA3-EAP as security mode before and wifi did not come up after upgrade.
It showed a red message “wpa3-eap can only be combined with wpa2-eap”.
When I unticked wpa3-eap, all impacted wifi interfaces came up.

Is that intentional ? It wasn’t like that before (and nothing was mentioned in changelog about this, unless I missed something ?).

13

Upgraded RB5009 and hAP ac3 from 7.5rc2 to 7.6beta4. No issues so far.

Containers, USB flash drive as external disk, WifiWave2… Everything working as expected.

14

YES! container mounts look like they have the right permissions now, thank you! <3

15

Port flapping issue on RB5009 which was triggered by showing the “bridge port” field (in dchp leases window, arp window, interface details window, etc) appears to be resolved in this build. A huge relief and best news of the day for me.

I also haven’t experienced a bricked router or config corruption since several builds ago (7.2.x) and have been staying up to date on testing channel on my whole fleet (10+ routers, various models) for each testing release so the upgrade process seems to be reliable at the moment, touch wood !

Thanks MikroTik

16

Export hang at those menus seems to be fixed too, (probably also the high cpu usage spikes but I can’t confirm right now).
Weird that there’s nothing about it in the changelog. Thank you!

17

I never thought I’d see the day; but here we are! Status on a CRS317 after enabling l3hw-ipv6 and running iperf3 between two IPv6 subnets:

[SUM]   0.00-10.00  sec  10.7 GBytes  9.20 Gbits/sec                  receiver

Great work, MikroTik!

18

Do you have any active ZeroTier networks configured, i.e. any enabled entries under

/zerotier/interface

?

19

@aliclubb yes there’s an active network. I disabled it, but no luck. I even removed the whole zerotier package and tried to update without success. routeros is the only package installed now on that device and it won’t let me update, I also tried to upload the firmware file manually. Still nothing in the logs except this ntp change time … message.

20

I was able to update from 7.5RC to 7.6Beta4 without issue on my CCR2116. No ZeroTier package or config.