v7.8rc is released!

kcarhc · February 17, 2023, 1:28pm

I think I may have found a reason why DNS forward-to can be incorrect.

As seen in the picture, video.twimg.com has two CNAMEs, which is definitely not correct. We can use the example of “video.twimg.com CNAME dualstack.video.twitter.map.fastly.net TTL=00:03:33” to illustrate the problem that can occur with DNS forward-to.

From these two pieces of data, we can see that “dualstack.video.twitter.map.fastly.net A 151.101.76.159” will expire first. So if “dualstack.video.twitter.map.fastly.net A” expires and the client requests a resolution for “video.twimg.com”, the DNS resolver will find the CNAME and attempt to resolve “dualstack.video.twitter.map.fastly.net”.

However, the code rule we set is “forward-to=1.1.1.1 regex=(.|^)(twitter|twimg).com$”, which can only match “video.twimg.com” but not “dualstack.video.twitter.map.fastly.net”. Some may argue that this setting is correct, but if the DNS cache is cleared, then “video.twimg.com” and subsequent CNAME resolutions will use “forward-to 1.1.1.1”, creating a logical conflict.

Therefore, I think we should add a tag to the result of “video.twimg.com CNAME dualstack.video.twitter.map.fastly.net” resolution to mark “dualstack.video.twitter.map.fastly.net” as “forward-to 1.1.1.1”. This will ensure that when we resolve “dualstack.video.twitter.map.fastly.net” in the future, the result will be consistent with clearing the cache.

This is a problem that we often encounter where the DNS resolution works fine at the beginning, but eventually causes streaming problems.

kcarhc · February 17, 2023, 1:32pm

please check
SUP-104088, dns AAAA issue
SUP-107205, dns-static CNAME not working.
SUP-107210, dns dynamic server random lost
I feel that these three issues, although different, are all related to the situation mentioned above,
and perhaps all caused by the same reason leading to DNS crash.

massinia · February 17, 2023, 1:39pm

All 6 iPads Air with iPadOS 16.3.1 we have now keep disconnecting and reconnecting as soon as the screen turns off.
They are with the screen off and above the table, once the display is switched on, they remain connected.

# feb/17/2023 14:27:19 by RouterOS 7.8rc2
# software id = BH9H-NUQS
#
# model = C53UiG+5HPaxD2HPaxD
# serial number = HDG08XXXXXX
/interface bridge
add admin-mac=48:A9:8A:0E:18:EB auto-mac=no comment=defconf name=bridge
/interface wifiwave2
set [ find default-name=wifi1 ] channel.band=5ghz-ax .skip-dfs-channels=\
    10min-cac .width=20/40/80mhz configuration.country=Italy .mode=ap .ssid=\
    MikroTik disabled=no security.authentication-types=wpa2-psk \
    .management-protection=disabled .wps=disable
set [ find default-name=wifi2 ] channel.band=2ghz-ax .skip-dfs-channels=\
    10min-cac .width=20/40mhz configuration.country=Italy .mode=ap .ssid=\
    MikroTik disabled=no security.authentication-types=wpa2-psk \
    .management-protection=disabled .wps=disable

dokacoimbra · February 17, 2023, 2:54pm

The “Interfaces/Detect Internet/Detect Internet State” problem still remains.

In Interfaces, the “Detect internet” status doesn’t work after reboot, it only works when I change and revert any of the lists in the “Detect internet” dialog.
After this manipulation, the “Detect internet” status works fine until the next reboot.

Tested on HAP AC2

This video below describes the problem well.
https://www.youtube.com/watch?v=kk6nRWx … canal=DF

msilcher · February 17, 2023, 3:13pm

Same here, also con hap ac2. Happens since some time.

strods · February 17, 2023, 4:25pm

Yes, the Internet Detect issue is not solved yet. When it will be fixed, then that will be mentioned in the release notes. We are aware of a problem with Detect Internet. Please keep this topic related only to v7.8 and the issues introduced in it compared to 7.7.

pe1chl · February 17, 2023, 4:34pm

Best solution would be to just remove it. It did not work out, it does not solve any issue or provide any useful function, yet it causes confusion and problems.

Amm0 · February 17, 2023, 5:00pm

They should fix it. Its detection logic is fixed and kinda dumb today, that’s what’s broken. But exactly this kinda stuff ANY “user friendly” UI would need in RouterOS to make things “easier”.

e.g. If that actually worked, there be more automatic ways to use the firewall. If …/detect-internet got things to right interface-list, then “interface detect” could get things to the right interface-list (including LAN/VLANs), and the firewall can be written generically to use the interface-lists. It’s tables all the way down, but something has to kick start those tables.

honzam · February 17, 2023, 8:16pm

@strods When will this issue be resolved please? http://forum.mikrotik.com/t/cubesa-60pro-ac-60ghz-clients-flapping/160291/1
Reported by ticket with version 7.8rc. Thank you

cklee234 · February 17, 2023, 9:52pm

V7.8 rc2 fixed an issue in rc1 that CAPSMan not able to bring up 5G wifi in RB4011iGS+5HacQ2HnD

Gnits · February 17, 2023, 10:18pm

Still having issues with SFP+ 10gb ports flapping between my rb5009 and my CRS317-1G-16S+
SUP-106568…

What’s new in 7.8rc2 (2023-Feb-14 11:50):
*) sfp - fixed certain optical module initialization (introduced in 7.8beta2);

mada3k · February 18, 2023, 9:54am

Agree. It’s an utterly stupid function.

massinia · February 18, 2023, 5:46pm

All 6 iPads Air with iPadOS 16.3.1 we have now keep disconnecting and reconnecting as soon as the screen turns off.
They are with the screen off and above the table, once the display is switched on, they remain connected.

# feb/17/2023 14:27:19 by RouterOS 7.8rc2
# software id = BH9H-NUQS
#
# model = C53UiG+5HPaxD2HPaxD
# serial number = HDG08XXXXXX
/interface bridge
add admin-mac=48:A9:8A:0E:18:EB auto-mac=no comment=defconf name=bridge
/interface wifiwave2
set [ find default-name=wifi1 ] channel.band=5ghz-ax .skip-dfs-channels=\
    10min-cac .width=20/40/80mhz configuration.country=Italy .mode=ap .ssid=\
    MikroTik disabled=no security.authentication-types=wpa2-psk \
    .management-protection=disabled .wps=disable
set [ find default-name=wifi2 ] channel.band=2ghz-ax .skip-dfs-channels=\
    10min-cac .width=20/40mhz configuration.country=Italy .mode=ap .ssid=\
    MikroTik disabled=no security.authentication-types=wpa2-psk \
    .management-protection=disabled .wps=disable

I can’t turn on wireless debugging, doesn’t work with wave2?

I can’t understand why with 7.8rc2 iPads have this problem.

Amm0 · February 18, 2023, 5:56pm

What version did these last work in?

massinia · February 18, 2023, 6:03pm

hAP ax3 with 7.6 and 7.7, used for two weeks, never noticed.
Unfortunately I can’t downgrade…

Amm0 · February 18, 2023, 6:21pm

Still waiting for some “ax” things, so dunno. But seems changing country has an outsized effect on things with 'ax, perhaps try “no country”? And/or, specifically select a channel to use?

holvoetn · February 18, 2023, 6:23pm

Why not ?
Is not that difficult.

massinia · February 18, 2023, 8:10pm

@Amm0

try “no country”? And/or, specifically select a channel to use?

Nothing, same thing… after 5/10 minutes that the screen is off, the disconnections begin.
They do it even if I use only one wireless interface (2.4 or 5 GHz).

You are right, I should do it when nobody is there…

kcarhc · February 18, 2023, 10:50pm

I have a RB5009UPr+S+IN with an SFP+ module that sometimes fails to start, and experiences 2.5G port flapping.
After upgrading to 7.8rc2, not only does port flapping still occur, but there are also negotiation issues where the port changes from 2.5G to 1G and then to 100M.
The only solution I have found is to reboot the device, which temporarily restores the 2.5G connection until the flapping starts again.

RB5009UPr+S+IN_Port_flapping.png

kcarhc · February 18, 2023, 10:59pm

here is the image after reboot. the ether1 will back to 2.5Gbps. just reboot.
RB5009UPr+S+IN_reboot_2.5Gbps_works.png
Then I found another problem after the reboot: every time I reboot, my clock is changed to Europe/Istanbul. It’s so strange, no matter how I change it, it always changes back to Europe/Istanbul after reboot. I didn’t pay attention to this issue before.