v7.8 [stable] is released!

RouterOS version 7.8 has been released in the “v7 stable” channel!
Before an upgrade:

1. Remember to make backup/export files before an upgrade and save them on another storage device;
2. Make sure the device will not lose power during upgrade process;
3. Device has enough free storage space for all RouterOS packages to be downloaded.

What’s new in 7.8 (2023-Feb-24 11:03):
!) storage - added new “rose-storage” package support for extended disk management and monitoring functionality (ARM, ARM64, Tile and x86) (CLI only);
*) bgp - fixed setting of “default-prepend” parameter;
*) bridge - fixed adding disabled MSTI;
*) bridge - fixed DHCP packet flow when using DHCP snooping, HW offloading and “use-ip-firewall”;
*) bridge - fixed possible DHCP packet corruption when using DHCP snooping;
*) bridge - fixed PVID warning typo;
*) bridge - improved HW offloading logic;
*) certificate - fixed export of a certificate when the last line of the certificate is exactly 64 bytes long;
*) certificate - fixed PBES2 certificate import;
*) certificate - improved certificate management, signing and storing processes;
*) certificate - improved multiple certificate import process;
*) conntrack - improved system stability when changing connection tracking state;
*) conntrack - improved system stability when PPTP helper is used;
*) console - added “as-string” parameter to the “:execute” command;
*) container - added authentication option for registry (CLI only);
*) container - fixed “.type” file ownership;
*) container - fixed file ownership after system upgrade for containers running on internal disk;
*) container - fixed multiple container automatic startup on boot;
*) dhcpv4-client - send DHCPv4 unicast requests to DHCPv4 relay, instead of server when it is being used;
*) disk - limit maximum TMPFS size;
*) dns - added configurable DoH concurrent query limitation parameters;
*) dns - do not cache results from “:resolve” command with specific server;
*) dns - fixed CNAME reading from the cache;
*) dns - limited “DoH max concurrent queries reached” logging messages to once per minute;
*) dns - respond with “NOERROR” to DNS requests for static domain names when appropriate type record is not configured or found on upstream server;
*) firewall - fixed bridge priority target;
*) firewall - fixed DSCP priority target for IPv6 Mangle;
*) firewall - fixed netmap range maximum address calculation for IPv6 NAT;
*) graphing - fixed hiding of target queues when “allow-target” is disabled;
*) graphing - fixed sorting of interface and queue graphs;
*) graphing - properly handle disabled and static-binding interface graphs;
*) graphing - removed “move” command for graphing rules;
*) health - fixed “temperature” and “power-consumption” readings for RB1100AHx4;
*) hotspot - fixed setting of “address” parameter for IP binding;
*) hotspot - restore cookie timeout on reboot;
*) ike2 - added support for “address”, “key-id” and “dn” for Remote ID matching (CLI only);
*) ike2 - fixed active SA flush on responder after an unsuccessful peer connection attempt;
*) ipsec - added support for “Framed-Route” RADIUS attribute support;
*) ipsec - do not match incoming IKE requests by unresolved DNS name peers;
*) ipsec - fixed peer matcher for incoming connection with unresolved DNS;
*) ipv6 - added “pref64” option configuration for RA;
*) ipv6 - improved handling of “advertise” IPv6 address status changes;
*) ipv6 - limited “hop-limit” parameter value range to 255;
*) ipv6 - made distributed DNS lifetime RFC8106 compliant;
*) l3hw - added destination MAC address check for offloaded FastTrack connections;
*) led - fixed signal reading for KNOT device;
*) leds - always require to set interface name when setting “modem-signal” indication;
*) lte - added AT support for Telit LE910C4 in MBIM mode;
*) lte - fixed APN setting usage on initial connection attempt for AT based Quectel and Neoway modems;
*) lte - fixed automatic antenna selection on Chateau LTE12/LTE18;
*) lte - fixed dialing for Fibocom L850-GL module;
*) lte - fixed displaying of “subscriber-number”;
*) lte - fixed possible memory leak when using passthrough mode on Chateau 5G;
*) lte - improved AT port matching for SIMCom, Huawei, WeLink, Cinterion, BandLuxe and Sierra modems;
*) lte - improved modem detection speed in lower mini-PCIe slot on LtAP;
*) lte - improved stability for R11e-LTE6, skip connection reset on first EEMGINFO command timeout;
*) lte - LtAP improved modem detection in lower mini-PCie slot (“/system routerboard upgrade” required);
*) lte - parse USSD even if encoding is unsupported;
*) mpls - fixed handling of more than 9 VRF’s;
*) mpls - fixed LDP listen socket creation before IPv6 address is ready for use;
*) mpls - improved stability when neighboring router reboots;
*) ospf - fixed “ospf-type” parameter for OSPFv3 routes;
*) ospf - fixed simple auth for OSPFv3;
*) ovpn - added AES-GCM and multicore encryption support;
*) ovpn - improved server stability;
*) ovpn - improved TLS-related error logging;
*) pimsm - improved system stability;
*) poe - added LLDP power management support for 802.3at PSE;
*) poe - properly turn off power when link not detected on hAP ax2 and hAP ax3;
*) port - fixed modem channel number on KNOT;
*) pppoe - fixed PPPoE client scan showing only one server;
*) resource - show filesystem related statistics on CCR2004;
*) route - fixed IPv6 default route presence when received from RA;
*) route - fixed printing of routing table’s “count-only” parameter;
*) route - show hoplimit and MTU properties under the “/routing route” menu for SLAAC routes;
*) routerboot - fixed format storage for RBM33G device (“/system routerboard upgrade” required);
*) routerboot - fixed protected routerboot for RBM33G device (“/system routerboard upgrade” required);
*) sfp - fixed false link detection with S+RJ10 on RB5009;
*) sfp - fixed reading of SFP EEPROM on single SFP port devices;
*) sfp - improved optical modules SFP compatibility on CCR2004-16G-2S+, CCR2004-1G-12S+2XS, CCR2116-12G-4S+ devices;
*) sms - improved reporting of SMS sending errors;
*) sms - log USSD response when USSD is sent over MBIM;
*) sniffer - added additional filtering parameters;
*) snmp - do not show identity in LLDP when branding is used with hide SNMP data;
*) snmp - fixed handling of disabled routes;
*) snmp - fixed reporting of total number of routes counter;
*) ssh - hard-coded “localhost” address for forwarding requests;
*) ssh - improved system stability when processing none-crypto SSH connection;
*) sstp - fixed TLS session establishment when “connect-to” is DNS name;
*) switch - fixed SFP rate select for CRS354 devices;
*) switch - improved 10G, 25G, 40G and 100G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches;
*) switch - improved system stability for 98DXxxxx switch chips;
*) swos - removed “/system swos” menu for CRS5xx series switches;
*) torch - allow “without-paging” parameter for Torch;
*) traffic-generator - increased maximum allowed stream count;
*) upgrade - show error message when license prohibits upgrade;
*) usb - changed USB auto detect behavior to default to the external USB, when no internal USB devices detected;
*) vxlan - added “dont-fragment” setting that allows managing fragmentation;
*) vxlan - added “max-fdb-size” parameter;
*) vxlan - added FastPath support;
*) webfig - allow setting numeric values in time interval fields;
*) webfig - fixed accessing of WebFig when “Interface” menu is disabled by skin;
*) webfig - fixed editing of multi-field parameters with “not” checkbox;
*) webfig - fixed handling of empty skin files;
*) webfig - improved navigation responsiveness;
*) webfig - improved skin file parsing;
*) webfig - improved terminal operation;
*) webfig - properly escape all reserved URI characters;
*) webfig - updated WebFig and graph web pages to HTML5;
*) wifiwave2 - added wireless sniffer tool to capture wireless transmissions (CLI only);
*) wifiwave2 - adjust monitoring of station interfaces to report when an interface is authorized, not just connected;
*) wifiwave2 - enabled additional channels in UNII-3 and UNII-4 bands for Europe and USA on hAP ax^2, hAP ax^3 and Chateau ax;
*) wifiwave2 - fixed compatibility with third-party devices when using SAE hash-to-element authentication with DH groups 20 and 21;
*) wifiwave2 - fixed SAE authentication for interfaces in station mode when trying to connect to APs which require an anti-clogging token (introduced in RouterOS 7.4);
*) wifiwave2 - implement 802.11w management protection SA Query procedures;
*) wifiwave2 - improve protections from denial-of-service attacks on WPA3;
*) winbox - added “Connect” button under “WifiWave2/Scan” menu;
*) winbox - added “Disable/Enable” buttons under “WifiWave2” menu;
*) winbox - added “Match Subdomain” parameter under “IP/DNS/Static” menu;
*) winbox - added “Provision” button under “WifiWave2” menu;
*) winbox - added “Start On Boot” checkbox under “Container” menu;
*) winbox - added “Tx Rate” and “Rx Rate” columns under “WifiWave2/Registration” menu;
*) winbox - added missing properties when setting “Use DoH Server”;
*) winbox - added missing WifiWave2 related parameters under “WifiWave2” menu;
*) winbox - added support for manual RAM file system (TMPFS) creation under “System/Disk” menu;
*) winbox - added Type “https-get” parameter under “Tools/Netwatch” menu;
*) winbox - allow selecting bridge for static entries under “Bridge/MDB” menu;
*) winbox - fixed displaying of “Default Prepend” value under “Routing/BGP/Sessions” menu;
*) winbox - fixed displaying of “Tx/Rx CCQ” values under “Wireless/Registration” menu;
*) winbox - fixed displaying of flags under “System/Console” menu;
*) winbox - fixed displaying of multiple character flags;
*) winbox - fixed usage of IPv6 family addresses under “IP/Web Proxy/Access” menu;
*) winbox - hide “TTL” value for static DNS entries with FWD type;
*) winbox - hide unnecessary properties for virtual interfaces under “WifiWave2” menu;
*) winbox - improved mouseover hint for “local” policy under “System/Users/Groups” menu;
*) winbox - rename “Multicast Router” monitoring property to “Is Multicast Router” under “Bridge” menu;
*) winbox - show “Gateway” column by default under “IPv6/Routes” menu;
*) x86 - added support for TP-Link TG-3468;
*) x86 - fixed SR-IOV support for Intel X710 series NIC;
*) x86 - improved Intel 500 series 10G SFP module support;
*) x86 - improved stability for Intel X550 series NIC with SR-IOV;
*) zerotier - fixed routes after VRF change;

To upgrade, click “Check for updates” at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com or through support system. File must be generated while the router is not working as suspected or after some problem has appeared on the device

Please keep this forum topic strictly related to this particular RouterOS release.

No sector writes statistics on hAP ac^2 (WinBox 64bit v3.37). But is present in terminal.

Thank you for this new release @Mikrotik.
We have been running version 7.8rc3 on some of our routers which has been quite stable.
Are there any differences between 7.8rc3 and 7.8stable?

These changes from 7.8beta3 http://forum.mikrotik.com/t/v7-8beta-testing-is-released/163742/1 are missing even in the 7.8rc releases changelogs:

*) console - improved “:execute” command to output a string when a file is not specified;
*) route - added hoplimit and metric parameters to SLAAC routes;
*) winbox - added missing cipher properties for OVPN server and client;
*) winbox - added missing filtering properties under “Tools/Packet Sniffer” menu;

Are they just missing from the changelog and were silently added or ? ¯_(ツ)_/¯

I do not check the others but this is simply REMOVED so no valid for 7.8:

*) console - improved “:execute” command to output a string when a file is not specified;

because is REPLACED with

*) console - added “as-string” parameter to the “:execute” command;

?

And for “*) route - […]” can be probably REMOVED for increase stability for be added later on 7.9alpha, but I do not chek that.

Hi all,

why there is missing zero tier on Arm?!!!

channel: stable
installed-version: 7.7
latest-version: 7.8
status: zerotier-7.8-arm.npk missing, use ignore-missing or disable package(s)


I know I can use ignore but that is not my question.

Thanks

@rextended: obviously I’ve only compared exact lines, and left out the bugs introduced/fixed in rc/beta, didn’t look for renamed changes..

It’s there, in all_packages-arm-7.8.zip file.

me too

When route-reflector can be fix?

SPOILER:[–]
enum Topic {
_BAD_TOPIC,
INFO,
WARNING,
[–]
NETWATCH,
VPLS,
NETINSTALL,
};
[–]
Someone is try to add directly NETINSTALL on DHCP server?..

THANKS STAFF!!!

ROSE-MANAGER still cannot mount iscsi devices from QNAP/Synology NAS to CHR:

[237610.752320] iSCSI_F:iscsi_target_login.c:803:iscsi_post_login_handler Login - I[MikroTik][MTK_IP:42944], T[iqn.2000-01.com.synology:valhalla.default-target.cf7d36ec4c8][SYNOLOGY_IP:3260], P[iSCSI/TCP]
[237610.788037] iSCSI:target_core_transport.c:1735:target_cmd_size_check TARGET_CORE[iSCSI]: Expected Transfer Length: 2048 does not match SCSI CDB Length: 0 for SAM Opcode: 0x12
[237610.803688] iSCSI:iscsi_target_datain_values.c:116:iscsit_set_datain_values_yes_and_yes ITT: 0x0000002f read_data_left is zero!
[237610.815245] iSCSI:iscsi_target.c:3227:iscsit_send_datain iscsit_get_datain_values failed for ITT: 0x0000002f
[237610.825176] iSCSI_F:iscsi_target.c:4746:iscsit_close_connection Close - I[MikroTik][MTK_IP:42944], T[iqn.2000-01.com.synology:valhalla.default-target.cf7d36ec4c8]

Update RB4011iGS+5HacQ2HnD-IN, hAPAC3, RB450Gx4 to 7.8
Seem no error 30mins passed…

High CPU usage after upgrade to 7.8 Stable. Device is RB2011UiAS-2HnD.

All the CPU is used for MANAGE the device…
It stop when you close winbox, or probably when SNMP stop syncronizing with the device…
Reinstall 7.7 and check.

Available on RB5009 still.

But there was no problem with 7.8 RC3 !

Is the same release, just change the name on the files…

I have two 64MiB partitions on Audience, after downloading the update (ROS 7.8 + wifiwave2) there was only left 1% free, it barely fit in it.
After the actualization 41MiB of 64.3 MiB used (believe me I don’t store files on the router).
@MIKROTIK Can it be slimmed down?

reboot, and if this nott fix, netinstall