Page 1 of 1

Re: v6.11 released

Posted: Mon Mar 31, 2014 7:23 am
by BeepDog
Posting here, so that others can know about it.

I just read through the entire thread, and I'm not certain if others are having the same problem I am. I have an RB800, and it's started crashing and rebooting for me at random times. Once while I was in the webUI, wondering why the CPU graph was spiking. The WebUI crawled to a halt, and I heard the watchdog beep as it rebooted the thing.
Caught a log output screenshot when it bombed. And yes, I sent the autosupout.rif as well as a supout.rif to mikrotik. I haven't heard anything back, yet, and I'm not sure I will.
MikroTikFailureLog-cropped.png

Re: v6.11 released

Posted: Mon Mar 31, 2014 9:14 am
by sdv
ROS: 6.11
Board: RB1100AHx2
Role: IPSec AES-256 / L2TP-Server / OSPF
Tested bugs:
Performance degradation & spontaneously reboots.
Without any network load (ipsec only) /system resource print shows ~ 14-18% CPU usage.
While bandwidth-test with remote L2TP-peer (~6-7Mbit/s / RB750GL 6.11) CPU usage increases up to ~76%.
With heavy network load (~20-50 Mbit/s) router reboots sometimes.

Hardware encryption support is broken on RB1100AHx2? Or problems with AES-256 still present? :(

Re: v6.11 released

Posted: Mon Mar 31, 2014 9:36 am
by Majklik
Does anyone able to use the routing mark + the "Content" field working correctly ?

As soon as I add anything inside the field "Content", the connection will timeout . For example, if I type in "facebook" in the Content field, it supposed to mark the route if I go to http://www.facebook.com . And then eventually route to a VPN connection. However, the connection would time out as soon as I go to http://www.facebook.com.

However, if I take out the "Content" field and make it to mark the route unconditionally, when I go to http://www.facebook.com, it will route to the VPN correctly.

Therefore, it seems adding a condition will break the routing mark.
Going to HTTP facebook will automatically redirect you to HTTPS facebook.

Since its HTTPS, the router cant read the packet content (its encrypted), and therefore will NOT find "facebook" in the content, and not route the connection over the VPN.
The HTTPS connection begins with server certificate transfer to the client. This phase is not encrypted so the router can see what is in the certificate body and there are server names:
        0x0340:  3058 820e 2a2e 7879 2e66 6263 646e 2e6e  0X..*.xy.fbcdn.n
        0x0350:  6574 820e 2a2e 7878 2e66 6263 646e 2e6e  et..*.xx.fbcdn.n
        0x0360:  6574 820b 2a2e 6662 7362 782e 636f 6d82  et..*.fbsbx.com.
        0x0370:  0c66 6163 6562 6f6f 6b2e 636f 6d82 0b2a  .facebook.com..*
        0x0380:  2e66 6263 646e 2e6e 6574 820e 2a2e 6661  .fbcdn.net..*.fa
        0x0390:  6365 626f 6f6b 2e63 6f6d 3009 0603 551d  cebook.com0...U.
So this content firewall rule "facebook" can catch connection to the Facebook.
But if is firewall and routing constructed in the way that new connection to the Facebook is opened directly to the Internet and after few packed is rerouted to the VPN then connection may fail if access to the Internet from VPN uplink use different source IP address.

Re: v6.11 released

Posted: Mon Mar 31, 2014 10:47 am
by skibi82
Temporary overload stack restarts I submit to Support mikrotik from version 6.9 - for now.

Unfortunately, if someone needs a relatively stable versions 6.x, it remains only to downgrade to 6.7 and wait until support finally solve the problem.

In 1 may 2 years: P

And, as a side or known if at all you will be added to the vpn src addresses.
The ipsec phase 1 is already possible. leaving only ovpn pptp l2tp SSTP

Regards

Re: v6.11 released

Posted: Mon Mar 31, 2014 11:50 am
by Majklik
I agree, configurable source address for SSTP and other VPNs will be nice. But I more miss configurable source IP address of the DNS forwarder (especially in conjuction with IPv6).
For some cases (IPv4) this can be substituted by the SRC-NAT or specific route (/ip route add dst-address=<VPN server> gateway=<My gateway> pref-src=<requested source address>).

Re: v6.11 released

Posted: Mon Mar 31, 2014 12:34 pm
by makstex
PPTP Server radius authorization not working.
radius monitor numbers=0
           pending: 0
          requests: 0
           accepts: 0
           rejects: 0
           resends: 0
          timeouts: 0
       bad-replies: 0
  last-request-rtt: 0ms
v6.10 working fine

Re: v6.11 released

Posted: Tue Apr 01, 2014 12:01 am
by Clauu
Suddenly my cpu was up to 100%, latest actions used was 'ip-arp make static' and 'torch'. Also my logging usb flash was reseted do not know if this was before or after that high cpu usage.Profile was showing 'management' as eating the hole cpu, i was not able to generate any supout file due to this high cpu usage.. latest ros 6.11 mipsbe

Re: v6.11 released

Posted: Tue Apr 01, 2014 9:26 am
by infused
What's the latest stable version for CCR? I need to move from 6.3 (pretty stable). It looks like 6.7 is the next stop?

Re: v6.11 released

Posted: Tue Apr 01, 2014 10:54 am
by zervan
Suddenly my cpu was up to 100%, latest actions used was 'ip-arp make static' and 'torch'. Also my logging usb flash was reseted do not know if this was before or after that high cpu usage.Profile was showing 'management' as eating the hole cpu, i was not able to generate any supout file due to this high cpu usage.. latest ros 6.11 mipsbe
I have a problem with high CPU usage too - but only when I am connected by WinBox. Profiler says non-senses - sometimes flash, sometimes spi process. It is happening on various routers (mipsbe and powerpc) like RB750G, RB493G, RB1200.

Re: v6.11 released

Posted: Tue Apr 01, 2014 2:28 pm
by argeorge
There is a bug on traceroute

Std Dev is not correct
After 1+ minute the Std Dev gets very high,probably instead of averaging worst or another time,std dev uses that value.so while it was 0.2ms it went up to 100-90ms

check screenshots
a)Start
b)after 1minute

it seems to be happening on 6.10 also i just checked

Re: v6.11 released

Posted: Tue Apr 01, 2014 6:54 pm
by Clauu
Also to high cpu usage.. my isp is giving me 100Mbs(~10MBs) and at 10MBs the rb2011 cpu is on 100%.. then what's the sense of that gigabit ports, if i will want to upgrade my internet connection to 1000Mbs then what i will have to to, change the router too?
LE. Same problem on the smb share,same problem on all situations with moderate traffic(10MBs isn't such a high speed).. at this point this router is kind a useless since my 5years old e2000 with dd-wrt on a broadcom 400mhz is 80% at 10MBs, in this situation i ended up with a downgrade instead of a upgrade

Re: v6.11 released

Posted: Wed Apr 02, 2014 5:52 am
by Erastus
We had a crazy fault in our one 386 system. It was working well on ver .11 for the lat 2 weeks. Yesterday it started to rain very hard and quite consistent. All of a sudden all the radios on this system started to "disconnect".
Signal levels are all +/- -57 and did not change.
After I checked what I could I rebooted the system and the all channels are working 100%.
Don't know if this is weather related or something else.
Weill monitor a do another post if it happens again.
Did any one else experienced something similar?
disconnects.png

Re: v6.11 released

Posted: Wed Apr 02, 2014 9:43 am
by Jetrider
What's the latest stable version for CCR? I need to move from 6.3 (pretty stable). It looks like 6.7 is the next stop?
Depends on what you use it for. For me I have 6.5, because 6.7 still has DHCP server on VLAN issue.

Re: v6.11 released

Posted: Wed Apr 02, 2014 9:52 am
by fievel
I have a problem with openvpn server. I tried a bit yesterday and It's the option "Require Client Certificate" which cause the trouble. I see in changelog a lot of improvements in certificate managing. Do I have to regenerate the certificates ? I use self-signed certificate created with openssl on a Linux box.

Edit: Ok see topic : http://forum.mikrotik.com/viewtopic.php ... 03&start=0

Re: v6.11 released

Posted: Wed Apr 02, 2014 11:02 am
by uldis
/interface wireless set 0 frequency=auto channel-width=20/40mhz-ht-below

interface wireless monitor 0                 
                 status: running-ap
                   band: 2ghz-n
              frequency: 2412MHz
      wireless-protocol: 802.11

This puts the ht below and computers have issues connecting.

Can we get channel-width=20/40mhz-ht-auto?
With the new wireless-fp package the the driver will have that feature.

Re: v6.11 released

Posted: Wed Apr 02, 2014 4:13 pm
by rextended
Ticket#2014031766000331
6.10 BUG: user-manager profile limitation can not add profile limitation on command line when default admin customer are renamed, because missing "owner=" parameter.

This bug is still present on last official 6.11.
http://forum.mikrotik.com/viewtopic.php ... 88#p416454

Still exist on 6.12rc1 2014-04-02
I try the other 2 bug I have discovered later

Re: v6.11 released

Posted: Thu Apr 03, 2014 2:41 pm
by nuru
Has anyone tried the CAPsMan over wireless link. The CAP is connecting to the CAPsManager via NV2 radio using layer 3. The CAP get registered to the CAPsManager and 802.11b/g client are registered on the CAPsManager. The forwarding mode is enabled and datapath is a bridge with no physical interface on the bridge port and has a DHCP server. The 802.11b/g client is able to obtain an IP address after associating but cannot ping the IP on the bridge interface (Datapath).
However if the CAP is connected via wire to the CAPsManager it works flawlessly.

Re: v6.11 released

Posted: Thu Apr 03, 2014 4:01 pm
by nuru
Has anyone tried the CAPsMan over wireless link. The CAP is connecting to the CAPsManager via NV2 radio using layer 3. The CAP get registered to the CAPsManager and 802.11b/g client are registered on the CAPsManager. The forwarding mode is enabled and datapath is a bridge with no physical interface on the bridge port and has a DHCP server. The 802.11b/g client is able to obtain an IP address after associating but cannot ping the IP on the bridge interface (Datapath).
However if the CAP is connected via wire to the CAPsManager it works flawlessly.
Am not sure if the problem was NV2. After changing the wireless protocol to 802.11, it started working

Re: v6.11 released

Posted: Fri Apr 04, 2014 9:42 am
by Clauu
I have mailed a ticket to suport but no answer.. after upgrade to latest ros 6.11 my vpn pptp connection keep reseting after couple of hours ~10-20 with the log error 'terminating peer not responding'. The internet connection its a business one from my work so it has nothing to do with it since the whole business is related to its uptime. Also in this time i have left a ping cmd opened between my network - work network and there is no interrupts 0 loss

Re: v6.11 released

Posted: Fri Apr 04, 2014 5:48 pm
by lelo
Hi all..

This is my first post on this forum.

Few days ago I have upgraded all our RB's in company from ROS 5.26 to 6.11.
The configuration we have is quite complex, vpn's (ipsec), ospf...

Today morning I received call from friend from office - nothing is working...

After quick investigation:

DHCP servers bounded to VLAN interfaces on our core RB1100AHx2 router had stopped functioning properly.
The log says:
server4 offering lease x.x.x.x for AA:BB:CC:DD:EE:FF without success
Thank's god.. I have unused RB450G with old ROS 5.26, on which I have set up DHCP for all VLAN's over single cable.

I very, very disappointed.
Why are guys releasing "stable" versions of ROS with such a BUGS ??

Re: v6.11 released

Posted: Fri Apr 04, 2014 5:49 pm
by lelo
Hi all..

This is my first post on this forum.

Few days ago I have upgraded all our RB's in company from ROS 5.26 to 6.11.
The configuration we have is quite complex, vpn's (ipsec), ospf...

Today morning I received call from friend from office - nothing is working...

After quick investigation:

DHCP servers bounded to VLAN interfaces on our core RB1100AHx2 router had stopped functioning properly.
The log says:
server4 offering lease x.x.x.x for AA:BB:CC:DD:EE:FF without success
Thank's god.. I have unused RB450G with old ROS 5.26, on which I have set up DHCP for all VLAN's over single cable.

I am very, very disappointed.
Why are guys releasing "stable" versions of ROS with such a BUGS ??

Re: v6.11 released

Posted: Sat Apr 05, 2014 2:25 am
by grzes
I have another problem. IP->ARP. On list when trying to 'make static' all defined bridges are removed :?
I tried twice and twice removed bridges.

Re: v6.11 released

Posted: Sat Apr 05, 2014 9:54 am
by docmarius
Just upgraded a brand new RB1100AHx2 to 6.11.
Under Resources, it shows Sector writes since reboot 0, Total sector writes 0, although I did save the configuration at least 3 times and have a dyndns script which writes a file on IP change.
Can anyone else confirm this?

Re: v6.11 released

Posted: Sat Apr 05, 2014 9:59 am
by abeggled
Yes, but not for RB1100AHx2, for RB1100AH.

Re: v6.11 released

Posted: Mon Apr 07, 2014 5:24 am
by chimaster
Over the weekend we upgraded our CCR1016-12G to 6.11, including Firmware to 3.12.

It runs approximately 80 L2TP DSL connections and some BGP/OSPF. After upgrade we've had our primary router fail twice, requiring power resets on both occasions. As it's off site in a Co-Lo it's hard to physically view it going down. Our secondary is also running 6.11 3.12 and operates as backup, it's been up for 2Days 18 Hours (since upgrade) even with load from DSL failing over to it for approx 10 Hours. We don't see any strange CPU spikes or anything, just stops.!

We're trying to run everything on secondary router to see if it stops after 10 hours of 80+ connections. Anyone else had stability issues with CCR on 6.11? Keen to hear.

Cheers

Re: v6.11 released

Posted: Mon Apr 07, 2014 8:41 pm
by lelo
docmarius, I confirm.
On my RB1100AHx2 after upgrade to 6.11:

Both Sector Writes Since Reboot and Total Sector Writes: 0

Re: v6.11 released

Posted: Mon Apr 07, 2014 10:07 pm
by chimaster
Came in this morning, both primary and backup routers down. As secondary is in my office I Mac Winboxed in to receive these lovely messages.

apr/08 06:46:01 route,bgp,info RemoteAddress=10.1.1.1
apr/08 06:46:07 route,bgp,info Failed to open TCP connection: No buffer space available
apr/08 06:46:07 route,bgp,info RemoteAddress=112.68.40.192
apr/08 06:46:21 route,bgp,info Failed to open TCP connection: No buffer space available
apr/08 06:46:21 route,bgp,info RemoteAddress=112.68.40.192
apr/08 06:46:59 route,bgp,info Failed to open TCP connection: No buffer space available
apr/08 06:46:59 route,bgp,info RemoteAddress=112.68.40.192
apr/08 06:47:02 route,bgp,info Failed to open TCP connection: No buffer space available
apr/08 06:47:02 route,bgp,info RemoteAddress=10.1.1.1
apr/08 06:47:13 route,bgp,info Failed to open TCP connection: No buffer space available
apr/08 06:47:13 route,bgp,info RemoteAddress=112.68.40.192
apr/08 06:47:55 route,bgp,info Failed to open TCP connection: No buffer space available
apr/08 06:47:55 route,bgp,info RemoteAddress=112.68.40.192
apr/08 06:48:00 route,bgp,info Failed to open TCP connection: No buffer space available
apr/08 06:48:00 route,bgp,info RemoteAddress=10.1.1.1

We've made no changes since 6.6 which we were on aside from ROS and Firmware update. Otherwise exact same routers. I'm either going to roll back to 6.6 or take on board any other suggestions??? Generating support file and ticket also. Just thought I'd update everyone in case similar issues are being experienced.

Re: v6.11 released

Posted: Mon Apr 07, 2014 11:22 pm
by docmarius
I have seen another problem with 6.11, on the CRS-125:
After upgrading from 6.10, after about 2 days of functioning well, the device hangs completely, as if the switch would go amok.
No access to it, just a reset bringing it out of it (it can be reset from the LCD panel). There is no spout.
This happened to me twice, at almost perfect 45 hours interval.
Downgrade to 6.10 keeps it stable.
I will try to upgrade again to confirm the behavior.

Re: v6.11 released

Posted: Tue Apr 08, 2014 1:33 am
by chimaster
Reporting Same issue, not 4 hours since moving back to primary router. Will be downgrading to 6.10 until resolved. Lots of flapping, 30 attempts to winbox in, slow, logs are not relevant to issue. Issuing reboot command can't afford to muck around as no physical access to router. However as router hasn't died but is in deaththrows failover is not active for our Layer 2.

Re: v6.11 released

Posted: Tue Apr 08, 2014 1:35 am
by WirelessRudy
After reading this lengthily tread several times I'll guess we can consider 6.10 to be the last stable version for now.... :?

Glad I didn't use the auto upgrade function. My whole network (with almost every type of rb's, vlan's, dhcp servers (over vlan), bridged and static routes) runs .10 now, some since it came out. No issues so far.
I have one cpe running 6.11. I'll guess that's as far as I'll have it penetrate my network...

See what .12 might bring us....


For the impatience among us, don't bother if MT is not answering your support request or any answers on this tread. The amount of reported bugs/problems is at such a scale they are obviously working hard to find out what went where and why and how wrong to correct them asap in a new release... be patient and keep the good spirit! :D

Re: v6.11 released

Posted: Tue Apr 08, 2014 2:05 am
by nuru
Has anyone tried the CAPsMan over wireless link. The CAP is connecting to the CAPsManager via NV2 radio using layer 3. The CAP get registered to the CAPsManager and 802.11b/g client are registered on the CAPsManager. The forwarding mode is enabled and datapath is a bridge with no physical interface on the bridge port and has a DHCP server. The 802.11b/g client is able to obtain an IP address after associating but cannot ping the IP on the bridge interface (Datapath).
However if the CAP is connected via wire to the CAPsManager it works flawlessly.
Am not sure if the problem was NV2. After changing the wireless protocol to 802.11, it started working
Its not NV2 because it stopped pinging after rebooting. I think the CAPsMan does not work over wireless link.

Re: v6.11 released

Posted: Tue Apr 08, 2014 2:24 am
by samsung172
Failed to open TCP connection: No buffer space available <- A bug. also to be seen in pppoe. Is there a somehow memory leak or something "buffer leak" in 6.11?

Re: v6.11 released

Posted: Tue Apr 08, 2014 8:56 am
by AlexS
What's the latest stable version for CCR? I need to move from 6.3 (pretty stable). It looks like 6.7 is the next stop?

I am running 6.10 on CCR1036-8G-2S+

I had to move to 6.10 to lacp working.
Apart from not being able to push > 1Gb/s tcp sessions through the box, everything else seems to be working fine.

But it sounds like 6.11 might not be ready for me

Re: v6.11 released

Posted: Tue Apr 08, 2014 11:37 am
by chimaster
Confirm. Downgraded to 6.10. Stable again. Just downgrading secondary router tonight when everyone else is sleeping...

Re: v6.11 released

Posted: Tue Apr 08, 2014 12:48 pm
by farshidar
Hi!
I have a problems after upgrade on v6.11 on my RB751U-2HnD (firmware: v3.13):

Device just freeze every 3-4 hours - it`s very bad for my work. I do power of and on. Later i set IP adress in "watchdog" tab, and device reboot automaticaly and works fine 3-4 hours and history repeat.
I aways updgrade new version in this device when new release at soon, and i never not have problem. Whats wrong?

...But another my device RB751U-2HnD, and more different models works fine, but hes is works with a most simple configuration

Of cause? I don`t imagine my work without MikroTik! Perfectly product line!

Sorry for my Eng.. :o

Thanks!

I have a same problem-Downgrade to 6.10

Re: v6.11 released

Posted: Tue Apr 08, 2014 2:13 pm
by rextended
Ticket#2014031766000331
6.10 BUG: user-manager profile limitation can not add profile limitation on command line when default admin customer are renamed, because missing "owner=" parameter.

This bug is still present on last official 6.11.
http://forum.mikrotik.com/viewtopic.php ... 88#p416454

Still exist on 6.12rc1 2014-04-02
I try the other 2 bug I have discovered later
Still exist on 6.12rc1 (2014-Apr-07 09:04):

Re: v6.11 released

Posted: Tue Apr 08, 2014 2:17 pm
by rextended
Image

6.12rc1 (2014-Apr-07 09:04):

Winbox field alignment on Firewall section FIXED.

Re: v6.11 released

Posted: Wed Apr 09, 2014 1:19 am
by chimaster
6.10 crashed again this morning, rolling right back to 6.6. Can't afford more of these outages.

Re: v6.11 released

Posted: Thu Apr 10, 2014 10:01 am
by SiB
CCR1016-12G v6.11 and after 11h (max 70h) I have DENY/BLOCK any communication via IPv4 to/from MT.
Connection to MT are work only via RS232.

One core have 100%:
6 cpu6 100% 1% 0%

Output by L3:
/ping 217.67.x.y    
HOST                                     SIZE TTL TIME  STATUS                 
                                                        105 (No buffer space...
                                                        105 (No buffer space...
                                                        105 (No buffer space...
                                                        105 (No buffer space...
    sent=4 received=0 packet-loss=100%
/ping arp-ping=yes address=217.67.x.y interface=ether1
HOST                                     SIZE TTL TIME  STATUS                 
00:0C:CF:FC:58:1A                                 0ms  
00:0C:CF:FC:58:1A                                 0ms  
    sent=7 received=7 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
But MicroTik Discovery Protocol not work from outsite, test on 3 interfaces.

Case is report to Microtik support, I plan downgrade to 6.4 (last working version with hung/watchdog reboot about 2-3mts).

BTW. LCD is freeze when I go to 'Interfaces > ether1 > Stats > Bandwidth', screen: prntscr.com/38m4n5
Log in reboot process: 'failed to stop lcdstat: std failure: timeout (13)'

Re: v6.11 released

Posted: Thu Apr 10, 2014 11:15 am
by chimaster
Sounds like same issue as me. Did you have any BGP running?

Re: v6.11 released

Posted: Thu Apr 10, 2014 2:02 pm
by mrz
no buffer space is related to L2TP. If you have L2TP configured then this problem will be fixed in v6.12.

Re: v6.11 released

Posted: Thu Apr 10, 2014 5:01 pm
by Elissen
no buffer space is related to L2TP. If you have L2TP configured then this problem will be fixed in v6.12.
I've been sending supout files in relation to no buffer space errors. Unfortunatly I did not get a response to my e-mails. Could you please look at 2013050666000323 if my issues is the same issue?
And yes, we use l2tp a lot.

Re: v6.11 released

Posted: Fri Apr 11, 2014 12:28 am
by nosovk
vlans is down.
All is ok on RoS 6,9.
6,10-6,11 doesnt work. You cant get adress from dhcp server via vlan.

Re: v6.11 released

Posted: Fri Apr 11, 2014 11:29 am
by Alfabi
im have troubles with bridges - bridge become unknown, reboot fix problem....

where download link 6.12 is already fixed????

Re: v6.11 released

Posted: Fri Apr 11, 2014 11:58 am
by normis
docmarius, I confirm.
On my RB1100AHx2 after upgrade to 6.11:

Both Sector Writes Since Reboot and Total Sector Writes: 0
This was never supported on RB1100 due to specific file system on RB1100. It was not showing on previous versions too

Re: v6.11 released

Posted: Fri Apr 11, 2014 3:46 pm
by SiB
no buffer space is related to L2TP. If you have L2TP configured then this problem will be fixed in v6.12.
Thanks, I have sure now about that release have got fix on this problem. I plan upgrade to this v6.12rc1 asap.
I'm not use BGP.

Re: v6.11 released

Posted: Fri Apr 11, 2014 4:52 pm
by willbur
im have troubles with bridges - bridge become unknown, reboot fix problem....

where download link 6.12 is already fixed????
Same. So disgusted with MK right now! It's not like we can easily drive to our customer sites.

Re: v6.11 released

Posted: Fri Apr 11, 2014 5:03 pm
by normis
im have troubles with bridges - bridge become unknown, reboot fix problem....

where download link 6.12 is already fixed????
Same. So disgusted with MK right now! It's not like we can easily drive to our customer sites.
try this pre-release issue (not final, some issues with tunnels not completely fixed):

CCR http://www.mikrotik.com/download/share/ ... e-6.12.npk
PPC: http://www.mikrotik.com/download/share/ ... c-6.12.npk
MIPS BE: http://www.mikrotik.com/download/share/ ... e-6.12.npk

Re: v6.11 released

Posted: Fri Apr 11, 2014 6:18 pm
by willbur
im have troubles with bridges - bridge become unknown, reboot fix problem....

where download link 6.12 is already fixed????
Same. So disgusted with MK right now! It's not like we can easily drive to our customer sites.
try this pre-release issue (not final, some issues with tunnels not completely fixed):

CCR http://www.mikrotik.com/download/share/ ... e-6.12.npk
PPC: http://www.mikrotik.com/download/share/ ... c-6.12.npk
MIPS BE: http://www.mikrotik.com/download/share/ ... e-6.12.npk
What are the risks of downgrading while not having someone out onsite? I hate to say it Normunds, but were at the point of not knowing which versions are truly the stable ones... We've got about 20% of routers coming back because of this exact issue with 6.11. I think Mikrotik is taking on too much between CAPSman, wireless, new products, etc. I think its time to slow down and start focusing on what needs to be fixed rather than launching a continual of products with bugs.

Re: v6.11 released

Posted: Fri Apr 11, 2014 8:13 pm
by willbur
After reading this lengthily tread several times I'll guess we can consider 6.10 to be the last stable version for now.... :?

Glad I didn't use the auto upgrade function. My whole network (with almost every type of rb's, vlan's, dhcp servers (over vlan), bridged and static routes) runs .10 now, some since it came out. No issues so far.
I have one cpe running 6.11. I'll guess that's as far as I'll have it penetrate my network...

See what .12 might bring us....


For the impatience among us, don't bother if MT is not answering your support request or any answers on this tread. The amount of reported bugs/problems is at such a scale they are obviously working hard to find out what went where and why and how wrong to correct them asap in a new release... be patient and keep the good spirit! :D
The entirety of V6 seems to be botched with no end in sight.

Re: v6.11 released

Posted: Fri Apr 11, 2014 8:42 pm
by payday
The entirety of V6 seems to be botched with no end in sight.
In V5 everything was fixed in 5.26, so in V6 we are not even in half way.... ;) ;)

Re: v6.11 released

Posted: Fri Apr 11, 2014 8:51 pm
by wrobli
+ 1

Re: v6.11 released

Posted: Sat Apr 12, 2014 12:47 pm
by madpixel
http://forum.mikrotik.com/viewtopic.php ... =1#p416465
is still not fixed in latest 6.12 pre-release :(
This bug is present only on CCR(i see it on CCR1016 router), on RB2011 all netflow data is OK

Re: v6.11 released

Posted: Sat Apr 12, 2014 3:04 pm
by zero13th
@Normis,
Does RouterOS affected by Heartbleed bug?

6.11? 5.26? 4.17?

Re: v6.11 released

Posted: Sat Apr 12, 2014 7:02 pm
by docmarius
A search reveals:

Heartbleed vulnerability OpenSSL [RouterOS IS NOT affected]
http://forum.mikrotik.com/viewtopic.php?f=2&t=83815

Re: v6.11 released

Posted: Tue Apr 15, 2014 10:47 am
by rextended
Ticket#2014031766000331
6.10 BUG: user-manager profile limitation can not add profile limitation on command line when default admin customer are renamed, because missing "owner=" parameter.

This bug is still present on last official 6.11.
Still exist on 6.12rc1 2014-04-02
I try the other 2 bug I have discovered later
Still exist on 6.12rc1 (2014-Apr-07 09:04):
STILL EXIST ON 6.12 (2014-Apr-14)
http://forum.mikrotik.com/viewtopic.php ... 88#p416454

BUG SIGNALED FROM 6.10 AND STILL NOT FIXED??? :evil:

Opened another ticket for that: [Ticket#2014041566000226] 6.12 UNFIXED BUG: user-manager profile limitation


:( OK, I UNDERSTAND,
is more important to fix CRS than this "limited" option....

I wait the fix on 6.13.... :?

Re: v6.11 released

Posted: Tue Apr 15, 2014 2:33 pm
by doneware
no buffer space is related to L2TP. If you have L2TP configured then this problem will be fixed in v6.12.
sure?
i have more boxes with GRE tunnels + IPSec ESP transport mode to encrypt tunnels. There is no L2TP whatsoever in them.
they still consume more and more "route cache entries" and end up throwing the "No buffer space available" errmsg.

Apr/03/2014 11:30:19 route,bgp,info Failed to open TCP connection: No buffer space available
Apr/03/2014 11:30:19 route,bgp,info RemoteAddress=10.x.x.x

there are like 80 or so individual GRE tunnels in the box (act as hub device) and each tunnel has IPSec ESP transport.
i also use tunnel keepalives (10 sec interval). there is BGP running in the tunnels to steer traffic into the encrypted path.
the traffic is fairly low, so the RB2011 handles it pretty well...

i upgraded to 6.12 (pre-release, the one from 11.07) and the issue still persists.

Re: v6.11 released

Posted: Tue Apr 15, 2014 10:55 pm
by huntah
[Ticket#2014032566001217]
BUG 6.12: Replicable kernel crash when try to discover why winbox not working well from 6.8 over IP obtained from pppoe-client

Hi,

when I try to replicate this problem:
"Winbox connection freeze after some kb received over mppe encrypted connection"
RouterOS version affected: all from 6.8, 6.9, 6.10, 6.11, 6.12 (2014/03/24)
From 6.10 the problem go worst.
I get continuosly kernel failure and routerboard reboot with this configuration:

For this example I use one RB1100AHx2 and one RB951G-2HnD,
netinstalled with ***NO*** Keep old configuration and routeros-powerpc-6.12.npk / routeros-mipsbe-6.12.npk
both have last 3.10 / 3.12 bios.

The connection maded with ethernet cable are:

PC -> PoE - > ether13 RB1100AHx2
RB1100AHx2 ether2 -> RB951G-2HnD ether2
power jack -> RB951G-2HnD

The PoE and the ethernet cable do not matter, also tried to change.

RB1100AHx2 and RB951G-2HnD:
after netinstall
disable all packages except for:
routeros-powerpc / routeros-mipsbe
ppp
system
and reboot

paste this on RB1100AHx2 terminal

ros code

/interface eoip
add keepalive=10 local-address=192.168.3.1 mac-address=02:AE:6D:55:61:E2 name=eoip-tunnel1 remote-address=192.168.3.2 tunnel-id=666
/interface bridge settings
set use-ip-firewall=yes
/interface pppoe-server server
add authentication=mschap2 default-profile=default-encryption disabled=no interface=eoip-tunnel1 mrru=1614 service-name=service1
/ip address
add address=192.168.2.1/24 interface=ether13 network=192.168.2.0
add address=192.168.3.1/24 interface=ether2 network=192.168.3.0
/ip firewall connection tracking
set enabled=yes
/ppp secret
add local-address=10.0.0.1 name=test password=test profile=default-encryption remote-address=10.0.0.2
/system identity
set name="Test Gateway"
paste this on RB951G-2HnD terminal

ros code

/interface eoip
add keepalive=10 local-address=192.168.3.2 mac-address=02:08:2C:28:55:D6 name=eoip-tunnel1 remote-address=192.168.3.1 tunnel-id=666
/interface pppoe-client
add ac-name="" add-default-route=yes allow=mschap2 default-route-distance=1 dial-on-demand=no disabled=no interface=eoip-tunnel1 keepalive-timeout=60 max-mru=1480 max-mtu=1480 mrru=1614 name=pppoe-out1 password=test profile=default-encryption \
    service-name="" use-peer-dns=yes user=test
/interface bridge settings
set use-ip-firewall=yes
/ip address
add address=192.168.3.2/24 interface=ether2 network=192.168.3.0
/ip firewall connection tracking
set enabled=yes
/system identity
set name="Test CPE"
When you open with winbox 10.0.0.2 [after 1 hour, or 1 minutes are equal]
the RB1100AHx2 continuosly reboot / freeze without creating any autosupout.rif,
but with kernel failure on log and on terminal on serial port:
[admin@Test Gateway] /file> Oops: Exception in kernel mode, sig: 5 [#1]
SMP NR_CPUS=2 RB1120
NIP: 8021a730 LR: 8021a46c CTR: 00000000
REGS: dffefd30 TRAP: 0700   Not tainted  (3.3.5-smp)
MSR: 00029000 <CE,EE,ME>  CR: 42000028  XER: 20000000
TASK = 8036d3c0[0] 'swapper/0' THREAD: 80380000 CPU: 0
GPR00: 8021a46c dffefde0 8036d3c0 fffffff2 de6f58aa 00000001 de6f4e50 dc870cd2
GPR08: 120ff29a 0000001d 00000000 8021a400 42000022 00000001 dd9fc300 00000012
GPR16: 00000003 00000000 e1811a40 000005e2 de6dd414 e1811a2c e18119c8 e18119ec
GPR24: 00000012 e1811828 de6dd484 0000003b 000000fd dd9fc300 dd9fc300 de6dd3c0
NIP [8021a730] __pskb_pull_tail+0x330/0x340
LR [8021a46c] __pskb_pull_tail+0x6c/0x340
Call Trace:
[dffefde0] [8021a46c] __pskb_pull_tail+0x6c/0x340 (unreliable)
[dffefe00] [e180df30] ppp_register_channel+0xb20/0x1b4c [ppp_generic@0xe180c000]
[dffefe30] [e180f8d4] ppp_output_wakeup+0x978/0xa20 [ppp_generic@0xe180c000]
[dffefe90] [e180fb30] ppp_input+0xf0/0x12a4 [ppp_generic@0xe180c000]
[dffefeb0] [e18494d0] 0xe18494d0 [pppoe@0xe1849000]
[dffefed0] [80221f9c] __netif_receive_skb+0x220/0x400
[dffeff30] [802224a0] process_backlog+0xac/0x178
[dffeff60] [80223870] net_rx_action+0xc0/0x170
[dffeffa0] [80031a14] __do_softirq+0xf4/0x178
[dffefff0] [8000c054] call_do_softirq+0x14/0x24
[80381e80] [80003f5c] do_softirq+0x98/0xc4
[80381ea0] [80031d84] irq_exit+0xa0/0xd4
[80381eb0] [80003c44] do_IRQ+0x94/0x190
[80381ee0] [8000d71c] ret_from_except+0x0/0x18
--- Exception: 501 at cpu_idle+0x8c/0xe0
    LR = cpu_idle+0x8c/0xe0
[80381fc0] [8034076c] start_kernel+0x2d4/0x2e8
[80381ff0] [800003f8] skpinv+0x2e4/0x320
Instruction dump:
7fdcf378 3b400000 4bffffa0 7fc3f378 7c84f850 4bfffced 2f830000 409eff9c
7f43d378 4bffe9c9 38600000 4bffff00 <0fe00000> 38c00001 7cc903a6 4bfffd90
---[ end trace 72421d3cf3d534d4 ]---

Kernel panic - not syncing: Fatal exception in interrupt

panicSaver: dumping panic to flash
flash: erase 10
flash: prg 10
flash: prg err 0
Rebooting in 1 seconds..
------------[ cut here ]------------
Kernel BUG at 800a3a70 [verbose debug info unavailable]
Oops: Exception in kernel mode, sig: 5 [#2]
SMP NR_CPUS=2 RB1120
NIP: 800a3a70 LR: 800113ec CTR: 00000000
REGS: dffefa60 TRAP: 0700   Tainted: G      D       (3.3.5-smp)
MSR: 00021000 <CE,ME>  CR: 22000024  XER: 20000000
TASK = 8036d3c0[0] 'swapper/0' THREAD: 80380000 CPU: 0
GPR00: 800113ec dffefb10 8036d3c0 00001000 00000001 00000001 e1000000 edffc000
GPR08: 000000d0 80017554 00000300 fffffffd 22000024 00000001 dd9fc300 00000012
GPR16: 00000003 00000000 e1811a40 000005e2 de6dd414 e1811a2c e18119c8 e18119ec
GPR24: 80017554 80380000 e1000000 edffc000 000000d0 00000001 00000001 80017554
NIP [800a3a70] __get_vm_area_node.isra.31+0x34/0x180
LR [800113ec] __ioremap_caller+0x170/0x1a4
Call Trace:
[dffefb10] [e137c43c] flash_fixed_cmd+0x140/0x204 [flash@0xe137b000] (unreliable
)
[dffefb40] [800113ec] __ioremap_caller+0x170/0x1a4
[dffefb70] [80017554] rb1120_restart+0x68/0xa4
[dffefb90] [8000b35c] machine_restart+0x48/0x60
[dffefbb0] [802ad3b0] panic+0x198/0x1e8
[dffefc00] [800096b4] die+0x244/0x284
[dffefc30] [8000984c] _exception+0x100/0x114
[dffefd20] [8000d6d0] ret_from_except_full+0x0/0x4c
--- Exception: 700 at __pskb_pull_tail+0x330/0x340
    LR = __pskb_pull_tail+0x6c/0x340
[dffefe00] [e180df30] ppp_register_channel+0xb20/0x1b4c [ppp_generic@0xe180c000]
[dffefe30] [e180f8d4] ppp_output_wakeup+0x978/0xa20 [ppp_generic@0xe180c000]
[dffefe90] [e180fb30] ppp_input+0xf0/0x12a4 [ppp_generic@0xe180c000]
[dffefeb0] [e18494d0] 0xe18494d0 [pppoe@0xe1849000]
[dffefed0] [80221f9c] __netif_receive_skb+0x220/0x400
[dffeff30] [802224a0] process_backlog+0xac/0x178
[dffeff60] [80223870] net_rx_action+0xc0/0x170
[dffeffa0] [80031a14] __do_softirq+0xf4/0x178
[dffefff0] [8000c054] call_do_softirq+0x14/0x24
[80381e80] [80003f5c] do_softirq+0x98/0xc4
[80381ea0] [80031d84] irq_exit+0xa0/0xd4
[80381eb0] [80003c44] do_IRQ+0x94/0x190
[80381ee0] [8000d71c] ret_from_except+0x0/0x18
--- Exception: 501 at cpu_idle+0x8c/0xe0
    LR = cpu_idle+0x8c/0xe0
[80381fc0] [8034076c] start_kernel+0x2d4/0x2e8
[80381ff0] [800003f8] skpinv+0x2e4/0x320
Instruction dump:
9421ffd0 bf010010 542a0024 90010034 7c9d2378 7cbe2b78 7cda3378 814a000c
7cfb3b78 7d1c4378 7d384b78 554a016e <0f0a0000> 70a90001 41820018 7c690034
---[ end trace 72421d3cf3d534d5 ]---
I hope that I've explained everything well and sufficently detailed all.

Thanks to all.

Do you power RB1100 over POE ?

I had a similiar problem when my main RB2011 (powered over classing DC adapter) got POE on ether2. One of my collegues attached test SXT wrong (POE went to RB2011 and LAN to SXT :). In this setup my RB2011 rebooted sporadicly (15 min, then 1h, then 3 min then again 4h etc..). I tried to change ROS from 6.5 to 6.11.
Everytime it was kernel panic, and reboot. However router made autosupp.out which I sent to support@mikrotik. By the time they answered me I found the POE culprit (he called me saying my SXT is not working.. :)) After correctly attached SXT no more reboots..

I answered the support team of my solution but you can try if it is the same problem..

Re: v6.11 released

Posted: Tue Apr 15, 2014 11:25 pm
by remojames
I have CCR1036-12G-4S after upgrade to 6.12 when I do /export file=backup kernel panic and reboot :)
other thing's Look's fine at the moment
I have question should I make upgrade firmware to 3.13? now i have 3.10.

thanks
remo

Re: v6.11 released

Posted: Tue Apr 15, 2014 11:40 pm
by rextended
Do you power RB1100 over POE ?

I had a similiar problem when my main RB2011 (powered over classing DC adapter) got POE on ether2. One of my collegues attached test SXT wrong (POE went to RB2011 and LAN to SXT :). In this setup my RB2011 rebooted sporadicly (15 min, then 1h, then 3 min then again 4h etc..). I tried to change ROS from 6.5 to 6.11.
Everytime it was kernel panic, and reboot. However router made autosupp.out which I sent to support@mikrotik. By the time they answered me I found the POE culprit (he called me saying my SXT is not working.. :)) After correctly attached SXT no more reboots..

I answered the support team of my solution but you can try if it is the same problem..
I have all my machine on CED powered @ 24V* by PoE on ether13, 2 RB1100AH and 4 RB1100AHx2, no one single reboot, kernel panic / or kernel failure before 6.8.
(Really are scheduled each 28 days @ 04:00AM all the system reboots, and for all I intend all the devices/cpe on my network...)

Really when I made test procedure, hardware no matter, if powered by poe or by jack / 230V power plug.

*Exactly 24V from voltage regulator attached on 13,8V + 13,8V 110AH batteries

For the support I write the procedure with specific hardware, but I can use one RB600A for server and one RB133C3 for client, both powered by jack, and the bug is the same....

Re: v6.11 released

Posted: Wed Apr 16, 2014 10:36 am
by normis