Community discussions

MikroTik App
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

v6.49beta [testing] is released!

Wed Feb 03, 2021 2:48 pm

Version 6.49beta11 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49beta11 (2021-Feb-3 08:42):

Changes in this release:

*) chr - improved stability when changing "flow-control" settings on interfaces with e1000 drivers;
*) crs312 - fixed missing SwOS firmware on revision 2 devices;
*) crs3xx - fixed packet duplication when multiple bonding interfaces are created for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - fixed packet transmit in 5Gbps link rate for CRS312 device;
*) crs3xx - fixed port-isolation on bonding interfaces for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - fixed port-isolation on ether37-ether48 ports for CRS354 device;
*) crs3xx - improved LACP linking between CRS3xx series switches;
*) crs3xx - improved QSFP+ linking and mode changing for CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - improved load balancing on bonding interfaces for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - improved packet transmit on SFP+ interfaces;
*) crs3xx - improved system stability when bonding and IGMP snooping is used (introduced in v6.48);
*) defconf - fixed minor typo in configuration description;
*) dot1x - fixed "reject-vlan-id" for MAC authentication (introduced in v6.48);
*) dot1x - fixed MAC authentication fallback (introduced in v6.48);
*) ethernet - fixed cable-test for some devices (e.g. RB2011, RB951G-2HnD);
*) fastpath - fixed IP packet receive on bridge and bonding interfaces when destination MAC address match with slave port MAC;
*) hotspot - fixed "idle-timeout" usage with RADIUS authentication;
*) hotspot - fixed special character parsing in "target" variable (CVE-2021-3014);
*) ike2 - added support for ASN.1 DN "my-id" value setting for initiators;
*) ike2 - fixed EAP MSK length validation (introduced in v6.48);
*) ike2 - fixed phase 2 rekeying with enabled PFS (introduced in v6.48);
*) ike2 - improved stability when invalid certificate is configured (introduced in v6.48);
*) ike2 - properly register packet time after expensive CPU operations;
*) interface - fixed pwr-line interface linking (introduced in v6.48);
*) ipsec - improved stability when processing IPv6 packets larger than interface MTU;
*) led - fixed default LED configuration for RB911-5HnD;
*) netinstall - improved bootp packet handling on Linux netinstall-cli version when multiple NIC's are present;
*) ntp - use correct IPv6 multicast group for SNTP client;
*) package - always allow to uninstall package even if there is no free disk space left;
*) package - do not include multiple The Dude packages in HDD installer;
*) sfp - added "sfp-rate-select" setting (CLI only);
*) sfp - fixed GPON module linking (introduced in v6.47);
*) sfp - improved cable length monitoring as defined per SFF-8472 and SFF-8636;
*) snmp - fixed "send-trap" functionality (introduced in v6.48);
*) snmp - fixed SNMP trap agent address;
*) switch - fixed interface toggling for devices with multiple QCA8337, Atheros8327 or RTL8367 switch chips (introduced in v6.48);
*) switch - improved packet transmit between CPU and 98PX1012 for CCR2004-1G-12S+2XS device;
*) tr069-client - added "X_MIKROTIK_LinkDowns" parameter for interface "link-downs" value reporting;
*) upgrade - fixed free space checking on flash type memories when installing new packages;
*) webfig - fixed new interface addition;
*) winbox - do not show empty "CPU Frequency" parameter under "System/Resources" menu;
*) winbox - fixed enable/disable button presence for "Bridge/Hosts" menu;
*) winbox - renamed IP protocol 41 to "ipv6-encap";
*) wireless - renamed "macedonia" regulatory domain information to "north macedonia";

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
 
Paternot
Forum Veteran
Forum Veteran
Posts: 839
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 2:55 pm

Wow! That's a big list of fixed bugs! Hope this version goes better than 6.48...
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 2:58 pm

Great news but is there a fix for the interface issues with 3011 in here but 3011 is not just mentioned in the changelog?

Edit: I'm just blind. It is this one!
*) switch - fixed interface toggling for devices with multiple QCA8337, Atheros8327 or RTL8367 switch chips (introduced in v6.48);
 
sjoukes
just joined
Posts: 9
Joined: Wed Nov 01, 2017 5:44 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 3:01 pm

Great news but is there a fix for the interface issues with 3011 in here but 3011 is not just mentioned in the changelog?

Edit: I'm just blind. It is this one!
*) switch - fixed interface toggling for devices with multiple QCA8337, Atheros8327 or RTL8367 switch chips (introduced in v6.48);
The RB3011 has 2 QCA8337 chips.
 
markonen
just joined
Posts: 15
Joined: Tue Aug 11, 2020 4:28 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 3:07 pm

switch - improved packet transmit between CPU and 98PX1012 for CCR2004-1G-12S+2XS device
This sounds like a fix to the CCR2004 packet loss issue. Would someone from Mikrotik like to give a bit more detail about what was done here? Thank you!
 
hatred
just joined
Posts: 21
Joined: Tue Sep 01, 2015 10:23 pm
Location: Belarus, Minsk

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 3:36 pm

No fix for DoH memory leak yet?
 
Aerowinder
newbie
Posts: 25
Joined: Fri Jan 31, 2020 4:09 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 3:37 pm

switch - improved packet transmit between CPU and 98PX1012 for CCR2004-1G-12S+2XS device
This sounds like a fix to the CCR2004 packet loss issue. Would someone from Mikrotik like to give a bit more detail about what was done here? Thank you!
Can you elaborate on the packet loss issue? I have ~15 of these in service, but I didn't know about any packet loss issues. However, 6.48 did seem to resolve the issue that was causing my CCR2004s to reboot at random.
 
markonen
just joined
Posts: 15
Joined: Tue Aug 11, 2020 4:28 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 3:49 pm

Can you elaborate on the packet loss issue?
Here's the thread about it:
viewtopic.php?f=3&p=842145#p842145
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 4:00 pm

Also please MT update the Security blog
https://blog.mikrotik.com/security/
*) hotspot - fixed special character parsing in "target" variable (CVE-2021-3014);
Either keep this blog up to date (which is not what is happening now) or shut it down.
 
shavenne
just joined
Posts: 11
Joined: Wed Dec 11, 2019 4:27 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 4:04 pm

6.48 is the same as rc1 I guess? So this =>
Tried to update my switches at home (CRS112-8P-4S, CRS112-8G-4S, CRS309-1G-8S+, CRS328-24P-4S+) to 6.48beta40 yesterday (6.47.4 before).
For some reason all clients stopped getting IPv6 addresses from my RB4011 (with 7.1beta2) then.
I started downgrading the firmware on the CRS328-24P-4S+ (to which the RB4011 is also connected) and all clients connected to it were getting IPv6 addresses again.
I still had to downgrade the other switches too to obtain IPv6 there also.

I find it quite strange as I'm not using any routing or firewall functions on the switches. Actually just VLANs (all IPv6 clients are in a seperate vlan) and nothing else.
Any idea what's going wrong?
Tried the same with 6.48rc1 today. Still the same problem :(
Downgraded to 6.47.8 and it works again immediately.
will remain, right??

This is my config:
# dec/24/2020 14:59:11 by RouterOS 6.47.8
# software id = 76F0-EZPJ
#
# model = CRS328-24P-4S+
# serial number = A1A10A614FF6
/interface bridge
add admin-mac=74:4D:28:D3:63:6B auto-mac=no comment=defconf igmp-snooping=yes \
    name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] comment=pi.home
set [ find default-name=ether2 ] comment="Kamera Hof"
set [ find default-name=ether5 ] comment="Deep-Thought Intel-Karte"
set [ find default-name=ether6 ] comment=Slow-Thought
set [ find default-name=ether11 ] comment=TV
set [ find default-name=ether13 ] comment=HTPC
set [ find default-name=ether14 ] comment=AV-Receiver
set [ find default-name=ether22 ] comment="Freifunk Hotspot (Hof)"
set [ find default-name=ether23 ] comment=\
    "Unifi AP + plastikschleuder.home (RPi)"
set [ find default-name=ether24 ] comment="WAN LTE"
set [ find default-name=sfp-sfpplus1 ] comment="Zum Keller"
set [ find default-name=sfp-sfpplus2 ] comment="Deep-Thought 10G"
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,passw\
    ord,web,sniff,sensitive,api,romon,dude,tikapp"
add name=prometheus policy="read,winbox,api,!local,!telnet,!ssh,!ftp,!reboot,!wr\
    ite,!policy,!test,!password,!web,!sniff,!sensitive,!romon,!dude,!tikapp"
/interface bridge port
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=ether11
add bridge=bridge comment=defconf interface=ether12
add bridge=bridge comment=defconf interface=ether13
add bridge=bridge comment=defconf interface=ether14
add bridge=bridge comment=defconf interface=ether15
add bridge=bridge comment=defconf interface=ether16
add bridge=bridge comment=defconf interface=ether17
add bridge=bridge comment=defconf interface=ether18
add bridge=bridge comment=defconf interface=ether19
add bridge=bridge comment=defconf interface=ether20
add bridge=bridge comment=defconf interface=ether21
add bridge=bridge comment=defconf interface=ether22 pvid=31
add bridge=bridge comment=defconf interface=ether23
add bridge=bridge comment=defconf interface=ether24
add bridge=bridge comment=defconf interface=sfp-sfpplus1
add bridge=bridge comment=defconf interface=sfp-sfpplus2
add bridge=bridge comment=defconf interface=sfp-sfpplus3
add bridge=bridge comment=defconf interface=sfp-sfpplus4
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface bridge vlan
add bridge=bridge comment="IPv6 only" tagged=sfp-sfpplus1,ether5 vlan-ids=66
add bridge=bridge comment="WAN Freifunk" tagged=\
    sfp-sfpplus1,ether23,ether24,sfp-sfpplus2,ether13,ether10 vlan-ids=12
add bridge=bridge comment="Freifunk Hotspot" tagged=sfp-sfpplus1,ether5 \
    untagged=ether22 vlan-ids=31
add bridge=bridge comment=VoIP tagged=sfp-sfpplus1,ether23,ether24 vlan-ids=21
add bridge=bridge comment="WAN FTTH1" tagged=sfp-sfpplus1,ether17 vlan-ids=4001
add bridge=bridge comment="WAN FTTH2" tagged=sfp-sfpplus1,ether17 vlan-ids=4002
add bridge=bridge comment="WWW \FCber bridge-pi" tagged=sfp-sfpplus1,ether17 \
    vlan-ids=4050
add bridge=bridge comment="Freifunk Hotspot (Balkon)" tagged=\
    sfp-sfpplus1,ether5 vlan-ids=32
add bridge=bridge comment="IPv6 Pool 2" tagged=sfp-sfpplus1,ether5 vlan-ids=67
add bridge=bridge comment="WAN LTE" tagged=sfp-sfpplus1,ether24 vlan-ids=4010
add bridge=bridge comment=IceCC tagged=ether5,sfp-sfpplus1 vlan-ids=530
/ip address
add address=192.168.90.7/24 interface=bridge network=192.168.90.0
/ip dns
set servers=192.168.90.1
/ip firewall filter
add action=accept chain=output
add action=accept chain=input
/ip route
add distance=1 gateway=192.168.90.1
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=SW_WohnungOben
/system ntp client
set enabled=yes primary-ntp=62.108.36.235 secondary-ntp=46.165.221.137
/system package update
set channel=testing
/system routerboard settings
set boot-os=router-os
/system swos
set address-acquisition-mode=static allow-from-ports="p1,p2,p3,p4,p5,p6,p7,p8,p9\
    ,p10,p11,p12,p13,p14,p15,p16,p17,p18,p19,p20,p21,p22,p23,p24,p25,p26,p27,p28\
    " identity=SW_WohnungOben static-ip-address=192.168.90.7
(exported from v6.47.8)
Tested it now with the final 6.48. Problem still persists. Sniffed with wireshark now: The only packets I'm getting are the MNDP from my router.
Can somebody tell me if it's a bug or not? Or is it just working 'by accident' with old versions and I have misconfigured something?! Doesn't seem like that actually.

/edit: It begins to work again if I disable IGMP snooping. So something is wrong with IGMP/MLD snooping I guess??
Still the same problem. Posting this for .. 3 or 4 versions now?!
 
User avatar
zelthian
just joined
Posts: 16
Joined: Mon Nov 19, 2018 11:24 pm
Location: Parker, CO

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 4:04 pm

Can't upgrade on my CRS312. Automatic and manual upgrade process results in the same error:

"installation of routeros-mipsbe-6.49beta11 failed: broken package"
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 4:20 pm

From which version are you trying to upgrade? Can you send a supout.rif file to support@mikrotik.com?
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 4:45 pm

Many thanks. My IKEv2 download speed increased by over 100 Mbps to almost the maximum download speed I have. It was lower in 6.48 than the previous versions of ROS.
 
User avatar
zelthian
just joined
Posts: 16
Joined: Mon Nov 19, 2018 11:24 pm
Location: Parker, CO

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 5:03 pm

From which version are you trying to upgrade? Can you send a supout.rif file to support@mikrotik.com?
I was running a version provided by support to fix the SwOS issue (6.49beta4). After downgrading to 6.47.8, the upgrade to 6.49beta11 succeeded.
 
mjezierski
just joined
Posts: 24
Joined: Mon Jul 01, 2019 3:50 pm
Location: Racing Capital of the World
Contact:

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 6:05 pm

Version 6.49beta11 has been released.

*) dot1x - fixed "reject-vlan-id" for MAC authentication (introduced in v6.48);
I can confirm this particular issue is resolved on a CRS-210 mipsbe switch.
 
icsterm
newbie
Posts: 49
Joined: Sun Mar 11, 2018 11:11 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 6:44 pm

No fix for DoH memory leak yet?
I agree, I was also waiting for a DoH memory leak fix.
 
User avatar
dannym
just joined
Posts: 20
Joined: Sat Oct 19, 2013 2:28 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 7:08 pm

Same behavior on RB4011 like v6.48
Causing no port working, connects only through wifi.
6.46.8 works flawlessly and versions bellow
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 2157
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 9:16 pm

No fix for DoH memory leak yet?
I agree, I was also waiting for a DoH memory leak fix.
I am waiting for a DoH memory fix for 6.48 not a new beta. Also waiting for 7.x release not a new 6.49beta
Fix what is broken before a sending out a new beta release for a new train.

This version does nearly not containing any new function, so why a new train.
List of new stuff???
*) ike2 - added support for ASN.1 DN "my-id" value setting for initiators;
*) sfp - added "sfp-rate-select" setting (CLI only);
*) tr069-client - added "X_MIKROTIK_LinkDowns" parameter for interface "link-downs" value reporting;
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1921
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 9:58 pm

Fixes for 6.48 probably are tested with 6.49 ...
Real admins use real keyboards.
To quote or not to quote, there is the topic: viewtopic.php?f=2&t=168474
 
nevolex
Member Candidate
Member Candidate
Posts: 125
Joined: Mon Apr 20, 2020 1:09 pm

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 10:55 pm

That's great guys, but maybe 6.50 can be the last 6.x ros and the development can be fully switched over to 7.x ?

thanks
Last edited by nevolex on Thu Feb 04, 2021 2:29 am, edited 1 time in total.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8540
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.49beta [testing] is released!

Wed Feb 03, 2021 11:15 pm

Even v2.9.x had at least 2.9.51, so don't let v6.x stop at v6.50 :D
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
redskilldough
just joined
Posts: 14
Joined: Mon Jan 04, 2016 12:40 pm

Re: v6.49beta [testing] is released!

Thu Feb 04, 2021 1:17 am

No fix for DoH memory leak yet?
Yes, I would think that this would have top priority, but it's still not fixed since it was introduced in 6.47
 
nevolex
Member Candidate
Member Candidate
Posts: 125
Joined: Mon Apr 20, 2020 1:09 pm

Re: v6.49beta [testing] is released!

Thu Feb 04, 2021 2:28 am

Even v2.9.x had at least 2.9.51, so don't let v6.x stop at v6.50 :D
LOL, oh well let 6.50.1 happen then!
 
roshkovanv
Posts: 0
Joined: Thu Feb 04, 2021 9:27 am

Re: v6.49beta [testing] is released!

Thu Feb 04, 2021 9:41 am

Tested it now with the final 6.48. Problem still persists. Sniffed with wireshark now: The only packets I'm getting are the MNDP from my router.
Can somebody tell me if it's a bug or not? Or is it just working 'by accident' with old versions and I have misconfigured something?! Doesn't seem like that actually.

/edit: It begins to work again if I disable IGMP snooping. So something is wrong with IGMP/MLD snooping I guess??
Still the same problem. Posting this for .. 3 or 4 versions now?!
Same here, If I am enabling 'IGMP Snooping' my 'IGMP Proxy' behave strangely, randomly works only few of channels, after disabling 'IGMP Proxy' everything stat to work but flood all other ports... I've configured everything from the beginning, thought something is wrong with my configs.
I've tried almost any config combination from 'IGMP snooping' tab but nothing works flawless as few versions before...
 
server8
Long time Member
Long time Member
Posts: 500
Joined: Fri Apr 22, 2011 1:27 pm

Re: v6.49beta [testing] is released!

Thu Feb 04, 2021 10:30 am

Emils can you confirm that this fix helps to avoid packets loss on CCR2004?

thank You
switch - improved packet transmit between CPU and 98PX1012 for CCR2004-1G-12S+2XS device
This sounds like a fix to the CCR2004 packet loss issue. Would someone from Mikrotik like to give a bit more detail about what was done here? Thank you!
 
kidi
Posts: 0
Joined: Wed Oct 21, 2020 12:30 pm
Location: 127.0.0.1
Contact:

Re: v6.49beta [testing] is released!

Thu Feb 04, 2021 7:01 pm

whoopsie, i guess?
jumped back to 6.48 - everything is fine, jumped back to 6.49beta11 and i get this again
hAP lite
Image
 
dadaniel
Member Candidate
Member Candidate
Posts: 187
Joined: Fri May 14, 2010 11:51 pm

Re: v6.49beta [testing] is released!

Thu Feb 04, 2021 9:26 pm

*) sfp - fixed GPON module linking (introduced in v6.47);
What GPON modules are supported as of now? The Mikrotik one is not available anymore?
 
Guscht
Frequent Visitor
Frequent Visitor
Posts: 60
Joined: Thu Jul 01, 2010 5:32 pm

Re: v6.49beta [testing] is released!

Fri Feb 05, 2021 12:51 am

Will be there no further V6.48.XX versions?
From the doomed V6.48 straight to V6.49?
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Fri Feb 05, 2021 9:32 am

Will be there no further V6.48.XX versions?
From the doomed V6.48 straight to V6.49?
I would guess we will get a 6.48.1 today.
 
mkx
Forum Guru
Forum Guru
Posts: 5967
Joined: Thu Mar 03, 2016 10:23 pm

Re: v6.49beta [testing] is released!

Fri Feb 05, 2021 9:35 am

Will be there no further V6.48.XX versions?
From the doomed V6.48 straight to V6.49?
I would guess we will get a 6.48.1 today.
Yup. At around 16 hours EET (which is 14 hours UTC, do the maths for your own time zone yourselves).
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 772
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v6.49beta [testing] is released!

Fri Feb 05, 2021 11:10 am

Will be there no further V6.48.XX versions?
From the doomed V6.48 straight to V6.49?

Check the version numbering schema: https://wiki.mikrotik.com/wiki/Manual:U ... _numbering

Changes (fixes) from 6.49beta/rc can be merged to 6.48.x.
 
Mett
Frequent Visitor
Frequent Visitor
Posts: 55
Joined: Sat Mar 12, 2016 10:15 pm

Re: v6.49beta [testing] is released!

Thu Feb 11, 2021 11:12 am

This version broke pppoe dial in through my GPON-SFP on the RB4011.
 
mhugo
Member Candidate
Member Candidate
Posts: 136
Joined: Mon Sep 19, 2005 11:48 am

Re: v6.49beta [testing] is released!

Sat Feb 13, 2021 12:11 am

After upgrading a 2004 to test for the packetloss issue we got issues with one of the links going up and down rapidly. The SFP with issue was original mikrotik bidi 1G but we had no issues with any of the 6 other ports all using FS.com optics 10 and 1G or a 10G DAC.

The only thing I noted was that this 1G port was the only one connected to another 2004 on 1G. The others are either 10G or to 10xx series. Other side is running 6.47.9.

It was not possible to generate supout from the system.

/Mikael
 
Mett
Frequent Visitor
Frequent Visitor
Posts: 55
Joined: Sat Mar 12, 2016 10:15 pm

Re: v6.49beta [testing] is released!

Sun Feb 14, 2021 10:23 am

This version broke pppoe dial in through my GPON-SFP on the RB4011.
Entering the command on CLI solves the problem:
/interface ethernet set sfp-sfpplus1 sfp-rate-select=low
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 548
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: v6.49beta [testing] is released!

Tue Feb 16, 2021 5:25 am

Entering the command on CLI solves the problem:
/interface ethernet set sfp-sfpplus1 sfp-rate-select=low
Nice to know, but what does that setting really do?
In the mikrotik interface wiki I read:
sfp-rate-select (high | low; Default: high)	Allows to control rate select pin for SFP ports.
..witch is not really enough for me to understand
 
r00t
Member
Member
Posts: 440
Joined: Tue Nov 28, 2017 2:14 am

Re: v6.49beta [testing] is released!

Tue Feb 16, 2021 3:02 pm

RATE SELECT is specific pin of the SFP slot interface that can be used to change operating rate of the SFP module.
Low/High are actual voltage levels Mikrotik sets this pin to.
If it actually does anything and what it does depends on the specific SFP.
So check your SFP module specification...
 
mikeeg02
Member Candidate
Member Candidate
Posts: 108
Joined: Fri Mar 30, 2018 2:28 am
Location: Pennsylvania

Re: v6.49beta [testing] is released!

Tue Feb 16, 2021 3:05 pm

RATE SELECT is specific pin of the SFP slot interface that can be used to change operating rate of the SFP module.
Low/High are actual voltage levels Mikrotik sets this pin to.
If it actually does anything and what it does depends on the specific SFP.
So check your SFP module specification...
What if your sfp module is a mikrotik?

I too am curious. I haven't seen anything in the documentation about this.
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 548
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: v6.49beta [testing] is released!

Tue Feb 16, 2021 11:06 pm

Low/High are actual voltage levels ..[cut].. depends on the specific SFP.
Nice, thanx
 
yo3gjc
just joined
Posts: 13
Joined: Sat Mar 05, 2011 4:30 pm
Location: Mississauga ON

Re: v6.49beta [testing] is released!

Thu Feb 18, 2021 7:34 pm

backup restore for RB450 is partially working. If reset to factory default than restore .bckup file is not preserving LAN IP, users and password. workaround after factory reset is to downgrade to 6.48, restore backup than going up to 6.49.11
 
OndrejHolas
newbie
Posts: 28
Joined: Mon Jul 30, 2018 5:54 pm

Re: v6.49beta [testing] is released!

Sat Feb 20, 2021 9:44 pm

According to this post viewtopic.php?t=172321#p842428 the version 6.49beta11 contains fix for SIP phone communication problems (Gigaset phones were heavily reported) that started after upgrade to 6.48, but I cannot find any relevant line in the changelog above. Could someone from inside explain here, what is the exact cause of the problem and how it was fixed in 6.49? Thanks.

We have several Gigaset IP bases and I tried in lab some of them (A540, A690) with 6.48 on many routers (750GL, 951G, 941, 2011, 3011), using different sets of discovery protocols enabled and everything in lab worked well with 6.48 in all tested situations. I'd like to know what exact combinations are problematic, otherwise we need to stay at 6.47.x. The advice to disable MNDP seems weird to me, since MNDP uses UDP port 5678, that is not used by affected IP phones and should be silently ignored, so I cannot imagine how it can disrupt communication with the phone.

Ondrej
 
EdPa
MikroTik Support
MikroTik Support
Posts: 93
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v6.49beta [testing] is released!

Mon Feb 22, 2021 9:23 am

The reported SIP phone issue is fixed with this change:
*) fastpath - fixed IP packet receive on bridge and bonding interfaces when destination MAC address match with slave port MAC;

The suggestion to disable MNDP is because in the 6.48 version MNDP had some changes and it now uses an individual slave port MAC address instead of bridge/bond MAC. The same thing is done with other neighbor protocols, but MNDP is the only one that uses IP packets. It turns out, this can affect the ARP table on certain devices and they might start to use this other MAC from MNDP as a destination. On the RouterOS side with an active bridge/bond fast-path, these packets were dropped.

You might not notice the issue because MNDP is sent only once in a minute, the bridge did not use a fast-path or your phone simply ignored the MNDP.
 
OndrejHolas
newbie
Posts: 28
Joined: Mon Jul 30, 2018 5:54 pm

Re: v6.49beta [testing] is released!

Mon Feb 22, 2021 10:01 am

Thanks EdPa, I appreciate your detailed answer. Now the conditions of the problem are clear and the mechanism makes sense. I haven't yet observed those communication drops due to the active hardware acceleration (all bridges I've tried so far were running inside switchchips with HW accel left on), which effectively disables fast path on the bridge.

Ondrej
 
gsbiz
just joined
Posts: 12
Joined: Sat Nov 17, 2018 5:18 pm

Re: v6.49beta [testing] is released!

Mon Feb 22, 2021 2:34 pm

No fix for DoH memory leak yet?
I agree, I was also waiting for a DoH memory leak fix.
+1 on the DoH memory leak. The reality is that should be called as a CVE. Mikrotik RouterOS v6.47+ "DNS Request flood causes cache overflow and DNS server failure, if DoH is enabled" Status=Current.
 
jriera
just joined
Posts: 11
Joined: Tue Feb 14, 2012 3:14 am

Re: v6.49beta [testing] is released!

Sat Mar 06, 2021 12:15 am

Version 6.49beta11 has been released.

*) switch - improved packet transmit between CPU and 98PX1012 for CCR2004-1G-12S+2XS device;

What improvements does this change on the CCR2004 devices? We have a strange problem with the CCR2004. We have a bridge (with horizon to isolate the customer ports) with >300 VLANs (QinQ) and randomly the ports inside the bridge stop receiving ARP packets from the Mikrotik router to the devices behind those VLANs. On the other hand, if the communication is from the remote device to the mikrotik and it sends ARP packet the L3 communication works again. After a few minutes, it stops working again when the ARP expires and cannot be discovered from the Mikrotik. It only happens with the CCR2004, we have CCR1036 and RB4011 with the same configuration and they work perfectly. Another strangest thing: in this bridge we have an PPPoE server and the connections do not drop, they always work perfectly. Only non-PPPoE traffic fails for MGMT.

If we deactivate and activate again the bridge port, the port begins to receive ARP messages immediately... until few minutes it fails again.

What could be happening? It looks like a BUG from RouterOS. We currently have 6.49beta11 installed, and the behavior has improved over 6.48.1 but we still have ports that randomly stop working. But something better works, not so many.
 
wispmikrotik
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Tue Apr 25, 2017 10:43 am

Re: v6.49beta [testing] is released!

Sat Mar 06, 2021 10:18 am

Hi,
SUP-43694
Confirmed a new bug in OSPF NSSA convert LSA type 7 to type 5:

viewtopic.php?f=14&t=173212&p=847007#p847007

Regards,
 
gtj0
just joined
Posts: 12
Joined: Wed Sep 23, 2020 8:08 pm

Re: v6.49beta [testing] is released!

Sun Mar 07, 2021 11:09 pm

NetMetal 5 922UAGS-5HPacT with an add-on R11e-2Hnd .. The 2.4 GHz radio isn't detected at all in 6.49beta11. Working fine in 6.48.1
Supout sent: SUP-43760
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Mon Mar 08, 2021 1:12 pm

Version 6.49beta22 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49beta22 (2021-Mar-08 09:07):

Changes in this release:

*) bridge - added IGMP and MLD querier monitoring (CLI only);
*) bridge - added IGMP snooping log when multicast table gets full;
*) bridge - added MAC and IP source addresses information for DHCP snooping log;
*) bridge - improved bridge stability when host changes port (introduced in v6.47);
*) conntrack - increased total connection tracking table size based on installed RAM size;
*) console - require "write+ftp" permissions for executing script to file;
*) console - require "write+ftp" permissions for exporting configuration to file;
*) console - require "write+ftp" permissions for printing to file;
*) console - updated copyright notice;
*) crs3xx - correctly filter packets by L2MTU on 1Gbps Ethernet interfaces for CRS354 devices;
*) crs3xx - fixed interface flow control;
*) crs3xx - fixed interface LEDs for QSFP+ and SFP+ interfaces on CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - fixed SFP and SFP+ link rate reporting (introduced in v6.48beta11);
*) crs3xx - improved 1Gbps Ethernet port group traffic forwarding for CRS354 devices;
*) crs3xx - improved system stability when receiving large frames on CPU for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) defconf - removed overlapping IPv6 firewall rules;
*) dhcp - fixed link state checking for DHCP client;
*) dhcpv6-server - check if pool name has changed from RADIUS on renew;
*) ethernet - improved system stability when receiving large VLAN tagged packets on IPQ4018/IPQ4019 devices;
*) firewall - fixed GRE protocol packets considered invalid when PPTP helper is disabled;
*) health - fixed voltage monitor on BaseBox5 devices;
*) ike2 - fixed DH group negotiation with EAP;
*) ike2 - fixed initial traffic selector's protocol and port in transport mode;
*) ipv6 - improved system stability when parsing IPv6 options;
*) lora - added additional predefined network servers;
*) m33g - removed 12..16 pins from "/system gpio" menu;
*) netinstall - fixed lock file persistence after reinstall;
*) poe - do not perform PoE firmware upgrade procedure on RB960 and OmniTik devices without PoE out;
*) ppp - do not fail "at-chat" command when issued on disabled PPP interface;
*) quickset - prefer 5GHz interface for WiFi scan in CPE mode;
*) rb922 - fixed miniPCI-e card detection (introduced in v6.49beta11);
*) supout - fixed "topic" column presence in "Log" section;
*) supout - print detailed list of active user sessions;
*) switch - improved resource allocation on 98PX1012 switch chip for CCR2004-1G-12S+2XS device;
*) swos - fixed "static-ip-address" parameter;
*) telnet - do not send options if connecting to non standard port;
*) telnet - fixed server when run on non standard port;
*) upgrade - improved "long-term" upgrade procedure on SMIPS devices;
*) user - fixed "skin" configuration for user groups (introduced in v6.48);
*) webfig - allow to specify "prefix" parameter under "IPv6/ND/Prefixes" menu;
*) webfig - do not corrupt settings when starting "Wireless Sniffer";
*) webfig - do not move top right menu in opposite direction when scrolling horizontally;
*) webfig - do not show newly created SMB shares as invalid;
*) webfig - do not show value units twice;
*) webfig - fixed interface sorting by name;
*) webfig - fixed new interface addition;
*) webfig - fixed "Wireless/CAP" menu opening;
*) webfig - show "Interfaces" menu by default after logging in;
*) webfig - show "network-mode" for LTE modems that support it;
*) webfig - show only "Close" button under "Wireless/Wireless Sniffer/Sniffed Packets" menu;
*) winbox - added "Channel" parameter under "System/Console" menu;
*) winbox - added "interface-speed-100G" LED type to "System/LEDs" menu;
*) winbox - fixed duplicate "Trusted" setting under "Interface/Bridge/Ports" menu;
*) winbox - fixed QCA-8511 switch chip type reporting under "Switch/Settings" menu;
*) winbox - fixed "reachable-time" value unit under "IPv6/ND" menu;
*) winbox - fixed support for "Delegated-IPv6-Prefix" for PPP services;
*) winbox - increased "target" field limit to 128 under "Queues" menu;
*) winbox - show "activity" column by default under "IP/Kid Control/Devices" menu;
*) winbox - show "LCD" only on boards that have LCD;
*) winbox - show "System/Health" only on boards that have health monitoring;
*) wireless - fixed minor typo in debug logging messages;
*) wireless - renamed "secondary-channel" to "secondary-frequency";
*) wireless - updated "united kingdom" regulatory domain information;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 2157
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.49beta [testing] is released!

Mon Mar 08, 2021 2:06 pm

Version 6.49beta22 has been released.
I do not see any information about DoH memory leak fix.
So it's still not fixed?
 
User avatar
dibatech
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Tue Apr 04, 2006 10:14 am

Re: v6.49beta [testing] is released!

Mon Mar 08, 2021 3:22 pm

winbox - added "interface-speed-100G" LED type to "System/LEDs" menu;
Please do provide more info on where this might be used.
Existing or new hardware?
If new, will it be a switch or router?
 
mikrotikedoff
newbie
Posts: 29
Joined: Mon Nov 06, 2017 7:27 pm

Re: v6.49beta [testing] is released!

Tue Mar 09, 2021 4:07 pm

@Jotne

I don't think its fair to say it hasn't been fixed. Since this problem has existed the entire time the feature has been available wouldn't it be more correct to ask "DOH still hasn't been properly implemented?" :D I like to think I'm a glass half full kinda guy :P
 
DarkNate
Member
Member
Posts: 322
Joined: Fri Jun 26, 2020 4:37 pm

Re: v6.49beta [testing] is released!

Tue Mar 09, 2021 4:46 pm

*) defconf - removed overlapping IPv6 firewall rules;
Does anybody know what those rules were/are?
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Tue Mar 09, 2021 9:28 pm

Version 6.49beta22 has been released.
I do not see any information about DoH memory leak fix.
So it's still not fixed?
There also is a non-DoH resolver memory leak, I have upgraded my test system to check if it has now been fixed. (takes a while)
 
zazun
just joined
Posts: 3
Joined: Thu Dec 26, 2013 6:39 pm

Re: v6.49beta [testing] is released!

Thu Mar 11, 2021 11:40 am

CRS354-48P-4S+2Q+ (PoE)
6.49beta22
PoE does not work
LOG: poe-out,warning Failed to upgrade poe FW on /dev/poe0, diag code 84/354

How can I go back to the previous version PoE FW?
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Thu Mar 11, 2021 1:24 pm

Also please MT update the Security blog
https://blog.mikrotik.com/security/
*) hotspot - fixed special character parsing in "target" variable (CVE-2021-3014);
Either keep this blog up to date (which is not what is happening now) or shut it down.
If Mikrotik don't feel to update the page they could put a link to a site mentioning CVE for Mikrotik at the top of the security page.

https://www.tenable.com/cve/search?q=mi ... est&page=1
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Thu Mar 11, 2021 2:09 pm

Apparently the person maintaining the blog woke up and posted another blog article... which had not happened for a long time.
 
User avatar
CTassisF
just joined
Posts: 2
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v6.49beta [testing] is released!

Thu Mar 11, 2021 11:42 pm

*) defconf - removed overlapping IPv6 firewall rules;
Does anybody know what those rules were/are?
Here's the difference between beta11 and beta22:
$ diff -u routeros-arm-6.49beta11.npk/nova/lib/defconf/get-custom-defconf routeros-arm-6.49beta22.npk/nova/lib/defconf/get-custom-defconf
--- routeros-arm-6.49beta11.npk/nova/lib/defconf/get-custom-defconf	2020-12-21 08:51:45.000000000 -0300
+++ routeros-arm-6.49beta22.npk/nova/lib/defconf/get-custom-defconf	2021-02-24 06:24:08.000000000 -0300
@@ -637,10 +637,6 @@
     $addCL ("   address-list add list=bad_ipv6 address=2001:db8::/32 comment=\"defconf: documentation\"")
     $addCL ("   address-list add list=bad_ipv6 address=2001:10::/28 comment=\"defconf: ORCHID\"")
     $addCL ("   address-list add list=bad_ipv6 address=3ffe::/16 comment=\"defconf: 6bone\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::224.0.0.0/100 comment=\"defconf: other\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::127.0.0.0/104 comment=\"defconf: other\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::/104 comment=\"defconf: other\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::255.0.0.0/104 comment=\"defconf: other\"")
 
     # fw input
     # can cause problems, different OSes originate packet with different ttls
 
Sit75
just joined
Posts: 2
Joined: Thu Mar 11, 2021 9:43 pm

Re: v6.49beta [testing] is released!

Fri Mar 12, 2021 4:30 pm

*) ethernet - improved system stability when receiving large VLAN tagged packets on IPQ4018/IPQ4019 devices;

This feature in Beta 22 is excellent. Throughput of my hap ac^2 more or less doubled on wifi side. My provider use standard VLAN tagging of xDSL. And I have standard MTU 1500 on PPPoE (small jumbo is used and supported by provider).
 
becs
MikroTik Support
MikroTik Support
Posts: 492
Joined: Thu Jul 07, 2011 8:26 am

Re: v6.49beta [testing] is released!

Fri Mar 12, 2021 4:54 pm

Hello,
Unfortunately, we can confirm that RouterOS v6.49beta22 causes CRS354-48P-4S+2Q+ PoE-out functions to stop.
The problem is fixed and there will be a new v6.49beta available in upcoming week.

Please do not install v6.49beta22 on CRS354-48P-4S+2Q+!
 
zazun
just joined
Posts: 3
Joined: Thu Dec 26, 2013 6:39 pm

Re: v6.49beta [testing] is released!

Fri Mar 12, 2021 6:00 pm

Hello,
Unfortunately, we can confirm that RouterOS v6.49beta22 causes CRS354-48P-4S+2Q+ PoE-out functions to stop.
The problem is fixed and there will be a new v6.49beta available in upcoming week.

Please do not install v6.49beta22 on CRS354-48P-4S+2Q+!
Nice to hear it before the weekend :)
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 772
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v6.49beta [testing] is released!

Fri Mar 12, 2021 6:19 pm

That's what betas are for :) Glad it will be fixed for stable release.
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Sat Mar 13, 2021 12:49 pm

I noticed that SIP ALG was removed from RouterOS (beta22) and I think that it has to do with NAT slipstreaming. Attacking the router fom a browser on a client of the router.

github.com/samyk/slipstream
 
User avatar
mozerd
Long time Member
Long time Member
Posts: 509
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: v6.49beta [testing] is released!

Sat Mar 13, 2021 2:52 pm

I noticed that SIP ALG was removed from RouterOS (beta22) and I think that it has to do with NAT slipstreaming. Attacking the router fom a browser on a client of the router.
On my test CCR1009 running beta22 SIP ALG is enabled ....
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Sat Mar 13, 2021 4:01 pm

I noticed that SIP ALG was removed from RouterOS (beta22) and I think that it has to do with NAT slipstreaming. Attacking the router fom a browser on a client of the router.
On my test CCR1009 running beta22 SIP ALG is enabled ....
Strange that it is then active with you. Do you have by chance MNDP disabled in IP-Neighbors-Dicovery Settings?
 
User avatar
mozerd
Long time Member
Long time Member
Posts: 509
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: v6.49beta [testing] is released!

Sat Mar 13, 2021 5:03 pm

Strange that it is then active with you. Do you have by chance MNDP disabled in IP-Neighbors-Dicovery Settings?
on my test system MNDP is enabled.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 10:14 am

Version 6.49beta27 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49beta27 (2021-Mar-12 14:22):

Changes in this release:

*) bridge - improved system stability when disabling IGMP/MLD querier port (introduced in v6.49beta22);
*) poe - fixed PoE out functionality on CRS354 (introduced in v6.49beta22);
*) ppp - improved stability when receiving bogus response on modem channel;
*) rb3011 - improved system stability when changing RouterBOARD settings (introduced in v6.48);
*) upgrade - fixed upgrade procedure on 16MB devices (introduced in v6.49beta22);
*) winbox - hide "Allow Roaming" parameter on LTE modems that do not support it;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
 
User avatar
zapata
just joined
Posts: 5
Joined: Thu Dec 28, 2017 12:40 pm

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 10:50 am

I've tried to download and install 6.49beta27 twice, but my hAP ac² always comes up with 6.49beta22.

09:41:22 system,info installed routeros-arm-6.49beta27
09:41:22 system,error not enough space for upgrade

system package update check-for-updates
channel: testing
installed-version: 6.49beta22
latest-version: 6.49beta27
status: New version is available
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 2157
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 10:57 am

This problem is not new and has been discussed before.

Try to downgrade to an older, smaller version eks. 6.41.x then upgrade to latest.
 
User avatar
zapata
just joined
Posts: 5
Joined: Thu Dec 28, 2017 12:40 pm

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 11:04 am

Sorry! Thanks, I could resolve this by deleting some files in winbox.
Last edited by zapata on Mon Mar 15, 2021 11:22 am, edited 1 time in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 11:20 am

You should not store files on the router flash memory. It has no space for that. When you need to store files, connect extra storage (like a USB stick).
 
User avatar
zapata
just joined
Posts: 5
Joined: Thu Dec 28, 2017 12:40 pm

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 11:39 am

I did not. I guess some leftovers from a previous update.

# NAME TYPE SIZE CREATION-TIME
0 flash disk jan/01/1970 01:00:20
1 flash/skins directory jan/01/1970 01:00:20

13% free (13.3 of 15,3 MB used). :-( Maybe I should upgrade to the hap ac³.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 12:03 pm

That is not good! I advise you to make a backup and export, and then re-install the router using netinstall.
Maybe make a support file first when you want to bother to send it for investigation.
After the netinstall you can restore the backup, or even better: apply the export file again (but this will usually take some effort).
 
zryny4
just joined
Posts: 9
Joined: Sun Apr 17, 2016 12:29 pm

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 11:00 pm

Trying to update from 6.49beta22 -- not enough space to upgrade. Try to downgrade from 6.49beta22 to 6.48 -- not enough space to upgrade...
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 11:14 pm

Trying to update from 6.49beta22 -- not enough space to upgrade. Try to downgrade from 6.49beta22 to 6.48 -- not enough space to upgrade...
Do you want to share which router you are using?
 
Sit75
just joined
Posts: 2
Joined: Thu Mar 11, 2021 9:43 pm

Re: v6.49beta [testing] is released!

Mon Mar 15, 2021 11:38 pm

Trying to update from 6.49beta22 -- not enough space to upgrade. Try to downgrade from 6.49beta22 to 6.48 -- not enough space to upgrade...
Do you want to share which router you are using?
Exactly same for me. :-( I am stuck with 6.49beta22 on hap ac^2. No possible to upgrade or downgrade. Log: "not enough space for upgrade".
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Tue Mar 16, 2021 12:04 am

Trying to update from 6.49beta22 -- not enough space to upgrade. Try to downgrade from 6.49beta22 to 6.48 -- not enough space to upgrade...
Do you want to share which router you are using?
Exactly same for me. :-( I am stuck with 6.49beta22 on hap ac^2. No possible to upgrade or downgrade. Log: "not enough space for upgrade".
Then you could the advice given here. It is not nice that you can't back or front. I remember that you can't use a 6.48 backup on 6.49beta so making a backup and export is wise:

viewtopic.php?f=21&t=172259#p848365
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 772
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v6.49beta [testing] is released!

Tue Mar 16, 2021 12:16 am

Netinstall lets you keep the configuration as an option.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Tue Mar 16, 2021 8:30 am

Unfortunately, it is an issue with v6.49beta22 on 16MB devices. You will have to reinstall the device to v6.49beta27 using Netinstall to completely resolve the issue.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Tue Mar 16, 2021 11:40 am

Previous time this happened (in a stable release), after a lot of whining there was a small package released that you could install and then reboot and it would fix the problem.
(unfortunately first release of the package destroyed the installation completely so netinstall was required anyway, but second one worked OK)
 
zryny4
just joined
Posts: 9
Joined: Sun Apr 17, 2016 12:29 pm

Re: v6.49beta [testing] is released!

Tue Mar 16, 2021 12:17 pm

Trying to update from 6.49beta22 -- not enough space to upgrade. Try to downgrade from 6.49beta22 to 6.48 -- not enough space to upgrade...
Do you want to share which router you are using?
HAP ac2, 128 and 256MB RAM.
 
DarkNate
Member
Member
Posts: 322
Joined: Fri Jun 26, 2020 4:37 pm

Re: v6.49beta [testing] is released!

Thu Mar 18, 2021 1:42 pm

*) defconf - removed overlapping IPv6 firewall rules;
Does anybody know what those rules were/are?
Here's the difference between beta11 and beta22:
$ diff -u routeros-arm-6.49beta11.npk/nova/lib/defconf/get-custom-defconf routeros-arm-6.49beta22.npk/nova/lib/defconf/get-custom-defconf
--- routeros-arm-6.49beta11.npk/nova/lib/defconf/get-custom-defconf	2020-12-21 08:51:45.000000000 -0300
+++ routeros-arm-6.49beta22.npk/nova/lib/defconf/get-custom-defconf	2021-02-24 06:24:08.000000000 -0300
@@ -637,10 +637,6 @@
     $addCL ("   address-list add list=bad_ipv6 address=2001:db8::/32 comment=\"defconf: documentation\"")
     $addCL ("   address-list add list=bad_ipv6 address=2001:10::/28 comment=\"defconf: ORCHID\"")
     $addCL ("   address-list add list=bad_ipv6 address=3ffe::/16 comment=\"defconf: 6bone\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::224.0.0.0/100 comment=\"defconf: other\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::127.0.0.0/104 comment=\"defconf: other\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::/104 comment=\"defconf: other\"")
-    $addCL ("   address-list add list=bad_ipv6 address=::255.0.0.0/104 comment=\"defconf: other\"")
 
     # fw input
     # can cause problems, different OSes originate packet with different ttls
So does that mean I should remove those particular subnets from the bad_ipv6_address address list?
 
User avatar
CTassisF
just joined
Posts: 2
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v6.49beta [testing] is released!

Thu Mar 18, 2021 2:14 pm

So does that mean I should remove those particular subnets from the bad_ipv6_address address list?
I think you don't have to. But it will make no difference if you remove those rules either.

Those rules were removed because they are redundant, they are overlapped by the "defconf: ipv4 compat" rule:
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
Here's a simple python3 script to compare the removed rules to the "defconf: ipv4 compat" rule:
$ python3
>>> import ipaddress
>>> network96 = ipaddress.IPv6Network("::/96")
>>> ipaddress.IPv6Network("::224.0.0.0/100").overlaps(network96)
True
>>> ipaddress.IPv6Network("::127.0.0.0/104").overlaps(network96)
True
>>> ipaddress.IPv6Network("::/104").overlaps(network96)
True
>>> ipaddress.IPv6Network("::255.0.0.0/104").overlaps(network96)
True
 
OlofL
Frequent Visitor
Frequent Visitor
Posts: 67
Joined: Mon Oct 12, 2015 2:37 pm

Re: v6.49beta [testing] is released!

Thu Mar 18, 2021 4:32 pm

Bug report:

lacp transmitt has policy layer3 and layer4 does not work on CCR2004.

RouterOS only sends out traffic on ONE member on 6.x

I tried:
6.48.1 doesnt work
6.49beta27 doesnt work
7.1beta5 does work - send traffic out of all lacp members.
 
DarkNate
Member
Member
Posts: 322
Joined: Fri Jun 26, 2020 4:37 pm

Re: v6.49beta [testing] is released!

Thu Mar 18, 2021 5:35 pm

So does that mean I should remove those particular subnets from the bad_ipv6_address address list?
I think you don't have to. But it will make no difference if you remove those rules either.

Those rules were removed because they are redundant, they are overlapped by the "defconf: ipv4 compat" rule:
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
Here's a simple python3 script to compare the removed rules to the "defconf: ipv4 compat" rule:
$ python3
>>> import ipaddress
>>> network96 = ipaddress.IPv6Network("::/96")
>>> ipaddress.IPv6Network("::224.0.0.0/100").overlaps(network96)
True
>>> ipaddress.IPv6Network("::127.0.0.0/104").overlaps(network96)
True
>>> ipaddress.IPv6Network("::/104").overlaps(network96)
True
>>> ipaddress.IPv6Network("::255.0.0.0/104").overlaps(network96)
True
Can we reach out on Telegram more about this? I'd like to ask for some more details that are outside the scope of this thread.

My Telegram: https://t.me/dark_nate
 
victorcamposng
Posts: 0
Joined: Sun Mar 21, 2021 5:35 pm

Re: v6.49beta [testing] is released!

Sun Mar 21, 2021 5:42 pm

Hello guys!

I just registered on the forum, if you are doing something wrong, please forgive me, help me.

I wonder if anyone has tested something related to that point.

*) conntrack - increase in the total size of the connection tracking table based on the size of the installed RAM;

I have an RB3011 and I would like to know if it can improve the performance of the conntrack, since it has a RAM size of 1GB.

Thanks!
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Sun Mar 21, 2021 9:16 pm

It will not improve the performance, it will increase the max number of connections that can be tracked at any one time.
With that, you should be able to have more users on the network.

It is good that the RAM is used at all. I am still hoping for an implementation of RAMdisk on all platforms with ample RAM, not only those with 16MB flash.
It should be so easy, they already have all the code.
 
Ivoshiee
Member
Member
Posts: 478
Joined: Sat May 06, 2006 4:11 pm

Re: v6.49beta [testing] is released!

Sat Mar 27, 2021 9:27 pm

Previous time this happened (in a stable release), after a lot of whining there was a small package released that you could install and then reboot and it would fix the problem.
(unfortunately first release of the package destroyed the installation completely so netinstall was required anyway, but second one worked OK)
How good is the v6.49beta22? I have 4 devices in the field and no way netinstallable and may need some intermediate release to fix that issue. Just a patch type of upgrade on top of a v6.49beta22 to make it upgradeable again.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Sat Apr 17, 2021 12:17 pm

Can you please add the "rpfilter" matcher to the firewall matching rule options?
See viewtopic.php?f=2&t=120863 and viewtopic.php?f=14&t=56572
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 9:44 am

Version 6.49beta36 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49beta36 (2021-Apr-23 05:56):

Changes in this release:

*) bridge - improved system stability when using IGMP snooping and changing bridge MAC address;
*) chr - fixed OS provisioning on Azure;
*) crs3xx - fixed LEDs for QSFP+ interface on CRS326-24S+2Q+ device;
*) crs3xx - fixed VLAN priority removal for CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) crs3xx - improved switch resource allocation for CRS317, CRS309, CRS312, CRS326-24S+2Q+ and CRS354 devices;
*) defconf - fixed default configuration loading on RBOmniTikPG-5HacD;
*) defconf - use router as DNS server for DHCP hosts;
*) dhcpv6-server - improved dynamic server entry update;
*) firewall - fixed "ingress-priority" matcher;
*) ike2 - fixed initiator packet retransmit with DDOS cookie;
*) ipsec - fixed SA address parameter exporting;
*) ipsec - improved system stability on CHR;
*) ipsec - improved system stability on MMIPS devices;
*) mipsbe - improved booting speed on non-NAND devices ("/system routerboard upgrade" required);
*) rb4011 - fixed SFP+ port MTU setting after link state change;
*) rb4011 - improved SFP+ port stability after boot-up;
*) route - improved stability when connected route is modified;
*) sfp - improved link stability for 10G, 25G and 40G modules on CRS309, CRS312, CRS326-24S+2Q+ CRS354 and CCR2004 devices;
*) ssh - return proper error code from executed command;
*) w60g - improved stability in low temperature environments;
*) webfig - fixed "PortMapping" button (introduced in v6.48.2);
*) wireless - do not send packet back to station-bridge it was received from;
*) wireless - fixed issue with multicast traffic delivery to client devices using power-save;
*) wireless - improve WMM priority assignment for packets with internal priority greater than 7;
*) wireless - improve regulatory compliance with DFS requirements;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
 
alibloke
just joined
Posts: 9
Joined: Fri Jun 03, 2016 12:13 am

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 10:06 am

Is there a list of non-NAND mipsbe devices?
 
wispmikrotik
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Tue Apr 25, 2017 10:43 am

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 11:42 am

Hi,

This new beta already includes the changes from the v6.48.2?

For example:
*) ike2 - added "MS-CHAP-Domain" attribute to RADIUS requests;
*) ike2 - fixed DH group negotiation with EAP;
*) ospf - fixed type-7 LSA translation to type-5;
Or are they 2 totally independent versions?


Regards,
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 12:42 pm

Thanks for this: *) rb4011 - fixed SFP+ port MTU setting after link state change;

15464 Can be closed now and I don't need a script anymore to restart the SFP.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 1:13 pm

Hi,

This new beta already includes the changes from the v6.48.2?

Or are they 2 totally independent versions?


Regards,
All 6.48.2 version changes are in this beta build as well.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 2:13 pm

Version 6.49beta38 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49beta38 (2021-Apr-23 10:31):

Changes in this release:

*) system - improved resource allocation (improves several service stability e.g. HTTPS, PPPoE, VPN);

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 3:48 pm


What's new in 6.49beta38 (2021-Apr-23 10:31):

Changes in this release:

*) system - improved resource allocation (improves several service stability e.g. HTTPS, PPPoE, VPN);

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
Will this solve the DoH and verify certificate memory leak? As it is HTTPS in that case that is used but from a client perspective.
 
wispmikrotik
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Tue Apr 25, 2017 10:43 am

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 4:11 pm

Hi,

This new beta already includes the changes from the v6.48.2?

Or are they 2 totally independent versions?


Regards,
All 6.48.2 version changes are in this beta build as well.
Thanks!!!
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 3777
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 4:48 pm

Someone please chech this bug if also on 6.49:
viewtopic.php?f=2&t=174719
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 118
Joined: Wed Aug 09, 2017 1:15 pm

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 7:10 pm

*) bridge - improved system stability when using IGMP snooping and changing bridge MAC address;
When can we expect a fix for discarded IPv6 NS/NA/RA messages when IGMP Snooping feature is enabled?
In it's current state, IGMP Snooping is unusable, if the device also acts as an IPv6 Router. It's really annoying and has been reported multiple times on the forum and to support.
Last edited by osc86 on Sat Apr 24, 2021 2:18 pm, edited 1 time in total.
 
User avatar
CTassisF
just joined
Posts: 2
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v6.49beta [testing] is released!

Fri Apr 23, 2021 7:33 pm

Both 6.49beta36 and 6.49beta38 are causing kernel failure on my hAP ac^3 RBD53iG-5HacD2HnD.

Ticket: SUP-47971
 
Wintermute
just joined
Posts: 21
Joined: Fri Jan 15, 2010 1:22 pm

Re: v6.49beta [testing] is released!

Sat Apr 24, 2021 11:38 am

Both 6.49beta36 and 6.49beta38 are causing kernel failure on my hAP ac^3 RBD53iG-5HacD2HnD.

Ticket: SUP-47971
Same on hAP ac^2 RBD52G-5HacD2HnD.

Kernels failures & reboots were so frequent that I had to downgrade to 6.49beta27.
 
User avatar
doneware
Trainer
Trainer
Posts: 635
Joined: Mon Oct 08, 2012 8:39 pm
Location: Hungary

Re: v6.49beta [testing] is released!

Sat Apr 24, 2021 10:37 pm

It will not improve the performance, it will increase the max number of connections that can be tracked at any one time.
With that, you should be able to have more users on the network.
It is good that the RAM is used at all.
this is vital if someone wants to run a box as CGNAT device.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Sun Apr 25, 2021 12:30 am

It will not improve the performance, it will increase the max number of connections that can be tracked at any one time.
With that, you should be able to have more users on the network.
It is good that the RAM is used at all.
this is vital if someone wants to run a box as CGNAT device.
Yes of course. It was a reply to someone asking "I have an RB3011 and I would like to know if it can improve the performance of the conntrack".
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Mon Apr 26, 2021 1:09 pm

Anyone care to send autosupout.rif file from the crashes experienced with these versions?
 
ivicask
Member Candidate
Member Candidate
Posts: 268
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v6.49beta [testing] is released!

Wed Apr 28, 2021 12:02 pm

Anyone care to send autosupout.rif file from the crashes experienced with these versions?
HAP AC 3, crashes 100% when i connect via phone to main SSID, doesnt crash when i connect to vritual one. Same setup works on release software.
You do not have the required permissions to view the files attached to this post.
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Fri Apr 30, 2021 11:18 am

You should remove this file from here and send to support@mikrotik.com.
This file contains passwords etc so you should not post it in the forum here.
 
ivicask
Member Candidate
Member Candidate
Posts: 268
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v6.49beta [testing] is released!

Fri Apr 30, 2021 11:22 am

You should remove this file from here and send to support@mikrotik.com.
This file contains passwords etc so you should not post it in the forum here.
Dont care its fresh router with mostly stock config passwords are unimportant

EDIT:Checked file with rif viewer, there are no passwords inside at all..
 
User avatar
anthonws
newbie
Posts: 38
Joined: Sat Jan 09, 2016 6:46 pm

Re: v6.49beta [testing] is released!

Fri Apr 30, 2021 12:18 pm

Anyone care to send autosupout.rif file from the crashes experienced with these versions?
RB4011iGS+5HacQ2HnD + 6.49 beta 38.

I had 2 locks (no wifi or ethernet). Have to unplug from power. Is there a way that I can collect any data to send to support?

Thanks,
anthonws.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1919
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: v6.49beta [testing] is released!

Fri Apr 30, 2021 4:17 pm

RouterOS 6.49beta38 has been stable on my heavily loaded RB3011's for 6 days now.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet NSE7 | Extreme Networks ENA
 
felixka
just joined
Posts: 2
Joined: Mon Oct 19, 2020 4:12 am

Re: v6.49beta [testing] is released!

Fri Apr 30, 2021 9:15 pm

*) rb4011 - fixed SFP+ port MTU setting after link state change;
*) rb4011 - improved SFP+ port stability after boot-up;
I can confirm that I can now reboot my router and have full MTU 1500 PPPoE internet without having to:
  • Manually unplug and re-plug the GPON ONT SFP
  • Manually fiddle with the MTU on the SFP interface to get it to come up with an MTU of > 1500
Thanks for this!
 
loloski
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Mon Mar 15, 2021 9:10 pm

Re: v6.49beta [testing] is released!

Sat May 01, 2021 4:34 am

Both 6.49beta36 and 6.49beta38 are causing kernel failure on my hAP ac^3 RBD53iG-5HacD2HnD.

Ticket: SUP-47971
Same on hAP ac^2 RBD52G-5HacD2HnD.

Kernels failures & reboots were so frequent that I had to downgrade to 6.49beta27.
Yes confirm random kernel panic on 6.49beta38
 
icsterm
newbie
Posts: 49
Joined: Sun Mar 11, 2018 11:11 pm

Re: v6.49beta [testing] is released!

Sun May 02, 2021 4:07 pm

The latest beta build still has the DoH memory leak bug, this bug is present since first 6.48 stable build, hope for a fix.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 2157
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.49beta [testing] is released!

Sun May 02, 2021 6:25 pm

The latest beta build still has the DoH memory leak bug, this bug is present since first 6.48 stable build, hope for a fix.
In this thread you see how DoH bugs arrive and how to avoid it when using DoH.
viewtopic.php?f=2&t=174836
 
User avatar
anthonws
newbie
Posts: 38
Joined: Sat Jan 09, 2016 6:46 pm

Re: v6.49beta [testing] is released!

Wed May 05, 2021 11:22 pm

Reverted to beta 27 as both 36 and 38 were completely broken (router simply hanged randomly [most definitely kernel panic]). I would classify them more as Alpha than Beta.
 
devonkev
Posts: 0
Joined: Sun May 09, 2021 2:09 pm

Re: v6.49beta [testing] is released!

Sun May 09, 2021 2:17 pm

Reverted to stable after trying 6.49beta38 on an Audience, kernel panics.

System seems stable with iPhones and Apple TV connected, however kernel panic happens as soon as a TP-Link Wireless MU-MIMO device connects.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Wed May 12, 2021 2:56 pm

Version 6.49beta44 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49beta44 (2021-May-12 07:47):

Changes in this release:

*) bridge - fixed "vlan-encap" setting for filter and NAT rules;
*) crs3xx - fixed Ethernet LEDs after reboot for CRS354 devices;
*) health - added "phy-temperature" sensor monitoring for CRS312 device;
*) ike2 - added "MS-CHAP-Domain" attribute to RADIUS requests;
*) lte - fixed "earfcn" to band translation for "cell-monitor";
*) switch - fixed (R/M)STP port blocking right before switching them in HW bridge (fixes possible packet loop when changing bridge settings);
*) tile - fixed bridge performance degradation (introduced in v6.47);
*) winbox - show "System/Health" only on boards that have health monitoring;
*) wireless - improved system stability on several 802.11ac devices (introduced in v6.49beta36);
*) wireless - improve signaling of QCA9984 interface capabilities when using 160/80+80MHz channel width;
*) www - added "X-Frame-Options" header information to disallow website embedding in other pages;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 3777
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v6.49beta [testing] is released!

Wed May 12, 2021 4:10 pm

>>>*) tile - fixed bridge performance degradation (introduced in v6.47);

AH-AH! Now works like before (6.46.8), thanks

Please fix also 6.47.9 long-term or I'm forced to still on 6.46.8!!!
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 3777
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v6.49beta [testing] is released!

Wed May 12, 2021 4:16 pm

>>> *) www - added "X-Frame-Options" header information to disallow website embedding in other pages;

Please add this as option on final release
on /ip service www and www-ssl to turn it ON or OFF (default: ON)

Some system integrate this function and changing it it's a trouble for WebFig...
 
npeca75
newbie
Posts: 33
Joined: Thu Aug 03, 2017 3:12 pm

Re: v6.49beta [testing] is released!

Wed May 12, 2021 6:24 pm

HAP AC2

unstable ethernet

in prev version, 1G was normal
in this version, speed is variating
You do not have the required permissions to view the files attached to this post.
 
npeca75
newbie
Posts: 33
Joined: Thu Aug 03, 2017 3:12 pm

Re: v6.49beta [testing] is released!

Wed May 12, 2021 6:29 pm

Same HAP AC2
same cable
same switch on other side
same PSU

ether1 is rock solid
You do not have the required permissions to view the files attached to this post.
 
KGBoogle
Posts: 0
Joined: Tue Apr 27, 2021 5:36 am

Re: v6.49beta [testing] is released!

Wed May 12, 2021 9:01 pm

Is it now possible to update to this latest 6.49 directly using GUI? Or still too big to fit this way on a hAP ac2 without Netinstall?
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 2157
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.49beta [testing] is released!

Wed May 12, 2021 9:28 pm

Depending on previous image size. If previous+current = to big, you can do one of two.

1. Netinstall
2. Downgrade to older and smaller image before upgrade.
 
npeca75
newbie
Posts: 33
Joined: Thu Aug 03, 2017 3:12 pm

Re: v6.49beta [testing] is released!

Wed May 12, 2021 10:09 pm

Is it now possible to update to this latest 6.49 directly using GUI? Or still too big to fit this way on a hAP ac2 without Netinstall?
yes, without problem

from LT 6.47.9 to beta
You do not have the required permissions to view the files attached to this post.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 3777
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v6.49beta [testing] is released!

Wed May 12, 2021 10:48 pm

Do not use disk/memory shared like "smips" devices,
simply upgrade and forget.
 
Sit75
just joined
Posts: 2
Joined: Thu Mar 11, 2021 9:43 pm

Re: v6.49beta [testing] is released!

Thu May 13, 2021 11:55 am

Beta 44 is still working erroneously - reverted back to version 6.48.2. It seems stable. All versions beyond Beta 27 are bad (36,38,44).
 
Guntis
MikroTik Support
MikroTik Support
Posts: 62
Joined: Fri Jul 20, 2018 1:40 pm

Re: v6.49beta [testing] is released!

Thu May 13, 2021 12:05 pm

Sit75 could you please elaborate on what went wrong while running 6.49beta44? If there are any autosupout.rif files, please share them with support.
The issue causing crashes should be resolved, but in case anyone is still experiencing instability please contact support with details and supout.rif files.
 
Mett
Frequent Visitor
Frequent Visitor
Posts: 55
Joined: Sat Mar 12, 2016 10:15 pm

Re: v6.49beta [testing] is released!

Thu May 13, 2021 9:15 pm

I found another problem regarding 6.49beta.

I had a hap ac2 running on 6.49beta22 which was not able to upgrade to latest beta version. Error was "not enough space for upgrade". So I ran backup, saved this file and did a netinstall to 6.49beta44. Restoring the backup was not possible. Downgrading to 6.49beta22 neither to 6.49beta11 does not help. I did a downgrade to 6.48.2, viola, restoring the backup was succesfull now.

Support request SUP-49587 opened.
Last edited by Mett on Fri May 14, 2021 4:08 pm, edited 1 time in total.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 3777
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v6.49beta [testing] is released!

Thu May 13, 2021 11:57 pm

Backup are for same-routerboard same-version
use
/export file=config
between different routerboard and different versions
 
Mett
Frequent Visitor
Frequent Visitor
Posts: 55
Joined: Sat Mar 12, 2016 10:15 pm

Re: v6.49beta [testing] is released!

Fri May 14, 2021 4:07 pm

I wrote nothing about another routerboard but I wrote something about downgrading to some beta versions, which also doesn't helps.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Fri May 14, 2021 4:28 pm

When you use beta versions you have to read the text in the start post:
Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;


So you have a backup of the (beta or stable) version you were running before you got problems (that is before you installed 6.49beta22).
Netinstall that same version and restore the matching backup.
Then you can try to do an upgrade to the current beta version and hope that this bug has been fixed now. That will become clear the next
time you upgrade.

When you don't want to jump through such hoops, don't use beta versions!
 
msatter
Forum Guru
Forum Guru
Posts: 2100
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.49beta [testing] is released!

Fri May 14, 2021 8:47 pm

I found another problem regarding 6.49beta.

I had a hap ac2 running on 6.49beta22 which was not able to upgrade to latest beta version. Error was "not enough space for upgrade". So I ran backup, saved this file and did a netinstall to 6.49beta44. Restoring the backup was not possible. Downgrading to 6.49beta22 neither to 6.49beta11 does not help. I did a downgrade to 6.48.2, viola, restoring the backup was succesfull now.

Support request SUP-49587 opened.
https://blog.mikrotik.com/security/upgr ... tures.html

I think this has todo with backup files not restoring on this and above versions if the backup is from before that version. And vise versa.

I keep backups for al my previous version so always aeay to track back and then go upwards again.
 
mducharme
Trainer
Trainer
Posts: 1339
Joined: Tue Jul 19, 2016 6:45 pm

Re: v6.49beta [testing] is released!

Sat May 15, 2021 12:58 am

>>>*) tile - fixed bridge performance degradation (introduced in v6.47);

AH-AH! Now works like before (6.46.8), thanks
Under what scenarios does this performance degradation occur, and how badly is the performance degraded? We were supposed to upgrade our TILE devices to the latest long term and I'm trying to figure out if we need to go to an older long term or hold off for now.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Sat May 15, 2021 11:31 am

Under what scenarios does this performance degradation occur, and how badly is the performance degraded? We were supposed to upgrade our TILE devices to the latest long term and I'm trying to figure out if we need to go to an older long term or hold off for now.
I am running two CCRs with 6.47.7 and 6.47.8 and I have not encountered any issue with bridges.
But I am not stressing them to the max, the average traffic is not above 100Mbps (one of them has 1Gbps internet, the other 2 lines of 250 Mbps).
Maybe it affects only those people that try a speedtest on their gigabit line and complain it does not exceed 700 Mbps on a single TCP session?
 
EdPa
MikroTik Support
MikroTik Support
Posts: 93
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v6.49beta [testing] is released!

Mon May 17, 2021 8:58 am

We noticed the bridge performance drop when CCRs had most of the Ethernet interfaces bridged, and it only seems to affect CCR1016 devices. The drop could be as bad as 50% when you bridge all Ethernets. This fix will be included in the next stable/long-term versions.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Mon May 17, 2021 10:18 am

Ok I only have CCR1009 and I do not bridge all ethernets together. However, I routinely use bridges for each interface (like 6 or 8 bridges in total) so I can tie all configuration to a bridge named with the network (purpose)name, and then have a single ethernet port in that bridge for the connection.
That allows me to move ports around depending on the model (old or new), possibly migrate to new models in the future, do protocol-level filtering (e.g. on ARP), have a fixed MAC address, etc.
In that configuration I have not encountered problems.
 
Sit75
just joined
Posts: 2
Joined: Thu Mar 11, 2021 9:43 pm

Re: v6.49beta [testing] is released!

Tue May 18, 2021 1:54 pm

Sit75 could you please elaborate on what went wrong while running 6.49beta44? If there are any autosupout.rif files, please share them with support.
The issue causing crashes should be resolved, but in case anyone is still experiencing instability please contact support with details and supout.rif files.
I am going to recall what I have mentioned about problems with Beta44. After second installation and subsequent restart, system is stable. I don't know why, but after first installation and separate reboot, I have had 4 kernel panic reboots. But as I have mentioned, now it is stable.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 719
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.49beta [testing] is released!

Wed May 19, 2021 11:05 am

Version 6.49beta46 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.49beta46 (2021-May-18 07:56):

MAJOR CHANGES IN v6.49:
----------------------
!) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147);
----------------------


Changes in this release:

*) crs3xx - fixed packet forwarding on 1Gbps Ethernet interfaces for CRS354 devices (introduced in v6.49beta44);
*) dns - fixed CNAME query when target record is not in cache;
*) winbox - fixed health reporting on RB960, hEX, hEX S and hAP ac3 devices;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.
 
guipoletto
Member Candidate
Member Candidate
Posts: 126
Joined: Mon Sep 19, 2011 5:31 am

Re: v6.49beta [testing] is released!

Wed May 19, 2021 6:04 pm

----------------------
!) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147);
----------------------
Does this have an expected performance hit?
 
User avatar
FToms
MikroTik Support
MikroTik Support
Posts: 18
Joined: Fri Jul 24, 2020 3:28 pm

Re: v6.49beta [testing] is released!

Thu May 20, 2021 9:54 am

----------------------
!) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147);
----------------------
Does this have an expected performance hit?
In the tests conducted so far, no meaningful differences in CPU utilization and link throughput have been observed.
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Thu May 20, 2021 10:05 am

I know you can probably not answer this but I'm gonna ask any way :-)

Do you have a release timeline for Stable and Long-Term? Can we expect anything this week or is most targeted further ahead?
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Thu May 20, 2021 12:59 pm

----------------------
!) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147);
----------------------
Does this have an expected performance hit?
In the tests conducted so far, no meaningful differences in CPU utilization and link throughput have been observed.
CVE-2020-26144 - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices
CVE-2020-26146 - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices

Are you sure you have the correct CVE numbers here or does this just means that Samsung Galaxy is there issues was noted that also requires a server side fix?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 3777
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v6.49beta [testing] is released!

Thu May 20, 2021 1:14 pm

----------------------
!) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147);
----------------------
Does this have an expected performance hit?
In the tests conducted so far, no meaningful differences in CPU utilization and link throughput have been observed.
CVE-2020-26144 - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices
CVE-2020-26146 - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices

Are you sure you have the correct CVE numbers here or does this just means that Samsung Galaxy is there issues was noted that also requires a server side fix?

There are standard wi-fi design flaw and are on "all device on the world", also IPhone :)))
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Thu May 20, 2021 1:22 pm

----------------------
!) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147);
----------------------
Does this have an expected performance hit?
In the tests conducted so far, no meaningful differences in CPU utilization and link throughput have been observed.
CVE-2020-26144 - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices
CVE-2020-26146 - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices

Are you sure you have the correct CVE numbers here or does this just means that Samsung Galaxy is there issues was noted that also requires a server side fix?

There are standard wi-fi design flaw and are on "all device on the world", also IPhone :)))
In this case we have two issues. Design flaws and implementation flaws. The Design flaw I would more or less classify as not critical as they are hard to use in an attack, also affects almost everyone. Then we have implementation issues which are worse as they can be easier to use but is more per vendor.
So in this case I assume this is an implementation flaw and perhaps it was first discovered on a Samsung Galaxy device. In this case they accept a unencrypted frame on a encrypted network = implementation issue. This one is the worst in term of security. I assume that it was first discovered on Samsung and in this case the same issue exists on MT hardware and software but we use the same CVE?
 
User avatar
FToms
MikroTik Support
MikroTik Support
Posts: 18
Joined: Fri Jul 24, 2020 3:28 pm

Re: v6.49beta [testing] is released!

Thu May 20, 2021 1:23 pm

Are you sure you have the correct CVE numbers here or does this just means that Samsung Galaxy is there issues was noted that also requires a server side fix?
The reason CVE-2020-26144 and CVE-2020-26146 reference a particular device is that they are classified as flaws in implementations of the 802.11 standard, not as flaws of the standard itself (like CVE-2020-24587 and CVE-2020-24588).
The researcher chose to reference one specific implementation (as with CVE-2020-26147), but it is far from the only affected one.
 
Kindis
Member
Member
Posts: 375
Joined: Tue Nov 01, 2011 6:54 pm
Location: Sweden

Re: v6.49beta [testing] is released!

Thu May 20, 2021 1:29 pm

This means you also have the implementation issues and not only the design flaws.
Many thanks for quick reply
 
OndrejHolas
newbie
Posts: 28
Joined: Mon Jul 30, 2018 5:54 pm

Re: v6.49beta [testing] is released!

Sat May 22, 2021 9:38 am

This means you also have the implementation issues and not only the design flaws.

According to the paper ( https://papers.mathyvanhoef.com/usenix2021.pdf ):

CVE-2020-24587 - section 4, design flaw
CVE-2020-24588 - section 3, design flaw
CVE-2020-26144, CVE-2020-26146, CVE-2020-26147 - section 6, implementation flaws
 
User avatar
CTassisF
just joined
Posts: 2
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v6.49beta [testing] is released!

Mon May 31, 2021 11:08 pm

Is anyone having DNS cache issues with 6.49beta46?
[cesar@MikroTik] > /ip dns cache print 
Flags: S - static 
 #   NAME                   TYPE  DATA                                                      TTL         
 0   www.googleadservice... AAAA  ::                                                        0s          
 1   www.googleadservice... A     0.0.0.0                                                   0s          
 2   cdn.taboola.com        AAAA  ::                                                        0s          
 3   cdn.taboola.com        A     0.0.0.0                                                   0s          

[cesar@MikroTik] > /ip dns static print 
Flags: D - dynamic, X - disabled 
 #    NAME          REGEXP         TYPE     ADDRESS                                         TTL         

[cesar@MikroTik] > /ip dns print        
                      servers: 192.168.0.252,fd00:192:168::252
              dynamic-servers: 
               use-doh-server: 
              verify-doh-cert: no
        allow-remote-requests: yes
          max-udp-packet-size: 4096
         query-server-timeout: 2s
          query-total-timeout: 10s
       max-concurrent-queries: 100
  max-concurrent-tcp-sessions: 20
                   cache-size: 2048KiB
                cache-max-ttl: 1d
                   cache-used: 2048KiB

[cesar@MikroTik] > 
192.168.0.252 is a Pi-hole running locally, that is why it returns 0.0.0.0 for some hosts.

RouterOS shows cache is full but looks like there is nothing in the cache.

If I keep running /ip dns cache print I notice everything that enters the cache is immediately purged due to lack of cache space.

Should I contact support and send them a supout.rif file?
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 2157
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.49beta [testing] is released!

Tue Jun 01, 2021 8:34 am

Should I contact support and send them a supout.rif file?
Yes

I have not seen this on any of my routers.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Tue Jun 01, 2021 11:41 am

*) dns - fixed CNAME query when target record is not in cache;
DNS resolver is further broken than before! When resolving a DNS name with ~425 addresses for an address list, nothing happens anymore. The address list
remains empty and the DNS name does not appear in the cache tab of IP->DNS.
In the previous beta version this still worked. I have complained about the limit on number of addresses before, and now it seems to have decreased rather
than increased. Please consider the use of DNS names to populate address lists, and set the limit for DNS resolution as high as the limits for the DNS protocol.
 
User avatar
skylark
MikroTik Support
MikroTik Support
Posts: 140
Joined: Wed Feb 10, 2016 3:55 pm

Re: v6.49beta [testing] is released!

Tue Jun 01, 2021 12:24 pm

*) dns - fixed CNAME query when target record is not in cache;
DNS resolver is further broken than before! When resolving a DNS name with ~425 addresses for an address list, nothing happens anymore. The address list
remains empty and the DNS name does not appear in the cache tab of IP->DNS.
In the previous beta version this still worked. I have complained about the limit on number of addresses before, and now it seems to have decreased rather
than increased. Please consider the use of DNS names to populate address lists, and set the limit for DNS resolution as high as the limits for the DNS protocol.
Please provide us an example of how to reproduce such an issue with the DNS cache with the supout.rif file to support@mikrotik.com
Thanks in advance.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7472
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.49beta [testing] is released!

Tue Jun 01, 2021 1:03 pm

Please provide us an example of how to reproduce such an issue with the DNS cache with the supout.rif file to support@mikrotik.com
Thanks in advance.
I created SUP-51076 with a 5-line config example. When you need a supout.rif file as well I can add it later tonight when I have access to that environment.

Edit: OK so the issue was not because of 6.49beta49 but because the DNS server broke shortly before, so before I installed the beta the list was still there (I checked) and after it was not, not due to the upgrade however...
Still I added the request to increase the max DNS reply message size, preferably to the full 64K limit imposed by the protocol, not some arbitarary lower value.

Who is online

Users browsing this forum: No registered users and 11 guests