Community discussions

 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5921
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v6.38rc [release candidate] is released

Mon Dec 19, 2016 2:32 pm

@moep please contact support and attach supout files from rc version and supout file from downgraded router where ipsec is crashing.

Password size was limited, in next RC this limitation will be removed.
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.38rc [release candidate] is released

Tue Dec 20, 2016 1:38 pm

Version 6.38rc51 has been released.
Changes since previous version:

!) switch - added hardware STP functionality for CRS devices and small Atheros switch chips (http://wiki.mikrotik.com/wiki/Manual:CR ... e_Protocol);
*) bridge - fixed VLAN BPDU rx and tx when connected to non-RouterOS device with STP functionality;
*) capsman - fixed CAP upgrade when separate wireless package is used (introduced in 6.37);
*) console - fixed multi argument value unset;
*) dhcp - fixed DNS server assignment to client if dynamic server exists and is from another IP family;
*) dude - (changes discussed here: http://forum.mikrotik.com/viewtopic.php?f=8&t=112599);
*) hotspot - fixed nat rule port setting in hs-unauth-to chain by changing it from dst-port to src-port on Walled Garden ip return rules;
*) ipsec - do not auto-negotiate more SAs than needed;
*) ipsec - make generated policies always as unique;
*) ipsec - show active flag when policy has active SA;
*) ipsec - various additional work on IKEv1/IKEv2 support;
*) ipv6 - moved empty IPv6 pool error message to error topic;
*) radius - added IPSec service to console;
*) snmp - always report bonding speed as speed from first bonding slave;
*) wireless - fixed action frame handling for WDS nodes;
*) wireless - fixed full "spectral-history" header print on AP modes;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after crash.
 
MartijnVdS
Frequent Visitor
Frequent Visitor
Posts: 93
Joined: Wed Aug 13, 2014 9:36 am

Re: v6.38rc [release candidate] is released

Tue Dec 20, 2016 3:07 pm

Version 6.38rc51 has been released.
Those RCs just keep coming and coming :)

This is going to be the biggest release ever.
 
didomir
just joined
Posts: 15
Joined: Tue Dec 22, 2015 9:45 pm

Re: v6.38rc [release candidate] is released

Tue Dec 20, 2016 4:22 pm

Version 6.38rc51 has been released.
Those RCs just keep coming and coming :)

This is going to be the biggest release ever.
I hope to be one of the best releases ... Bug free and stable Christmas gift,for all Mikrotik fans.
Having fun with RB850Gx2,RB750Gr3,RB962UiGS-5HacT2HnT,RBmAP2nD,RB952Ui-5ac2nD,RB951G-2HnD,RB960PGS, RBMetalG-52SHPacn...
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1721
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: v6.38rc [release candidate] is released

Tue Dec 20, 2016 6:28 pm

Version 6.38rc51 has been released.
Changes since previous version:
...
*) ipsec - various additional work on IKEv1/IKEv2 support;
....
Seems that IKE polishing is taking some hard time and effort, to my memory this is first time RC have reached 50+ EVER!!!

Note: hardware RSTP is finally working as expected, thanks!
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1815
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: v6.38rc [release candidate] is released

Tue Dec 20, 2016 8:31 pm

This is going to be one of the biggest RouterOS releases.

Thanks to Mikrotik support and developers for all the hard work they are putting in.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
patrick7
Member Candidate
Member Candidate
Posts: 298
Joined: Sat Jul 20, 2013 2:40 pm

Re: v6.38rc [release candidate] is released

Tue Dec 20, 2016 8:54 pm

Can anyone confirm that STP only works with master/slave port and no additional "/interface ethernet switch vlan" config?
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.38rc [release candidate] is released

Wed Dec 21, 2016 3:41 pm

Version 6.38rc52 has been released.
Changes since previous version:
*) bonding - fixed "tx-drop" on VLAN over bonding on x86;
*) bonding - fixed kernel failure when bonding slave interface receives BPDU (introduced in 6.38rc51);
*) dude - (changes discussed here: http://forum.mikrotik.com/viewtopic.php?f=8&t=112599);
*) ethernet - fixed "tx-fcs-error" on SFP+ interfaces when loop-protect is enabled ;
*) ipsec - fixed kernel failure on tile with sha256 when hardware encryption is not being used;
*) ipsec - fixed ph2 auto-negotiation by checking policies in correct order;
*) ipsec - various additional work on IKEv1/IKEv2 support;
*) ipv6 - fixed "accept-router-advertisements" behaviour;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after crash.
 
User avatar
Bergante
Member Candidate
Member Candidate
Posts: 131
Joined: Tue Feb 28, 2012 12:27 pm
Location: Bilbao, Spain

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 11:03 am

Just sent one report. I tried upgrading from rc48 to rc52 on a point to point link using two SXT-ac units. The wlan interface associated correctly to the AP but it stopped moving packets.

Downgrading the station SXT-AC to rc48 made it work again.
 
zyzelis
Member Candidate
Member Candidate
Posts: 212
Joined: Sun Apr 08, 2012 9:25 pm

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 11:23 am

Just tried RB2011 upgrade from 6.37.2 to 6.38.rc52. Router did not returned after upgrade.
After visual inspection is clear that system is in boot loop (on startup are lighting up 3 port leds and after 3s everything goes down). At the boot the LCD display shows, that system is loading kernel, then it stops and after 1s it try again.....

Support guys what you can advice? netinst? or i can get some info whats happening via serial console?
 
rzirzi
Member
Member
Posts: 378
Joined: Mon Oct 09, 2006 2:33 pm

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 12:07 pm

At the log console MT6.38rc52:
"package channel changed by admin" - wtat's that?!
I have never seen that log before. I hav NO wireless package at this RB493G.
So - what does mean that log info? It's "system,info" category message.
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1721
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 12:24 pm

At the log console MT6.38rc52:
"package channel changed by admin" - wtat's that?!
I have never seen that log before. I hav NO wireless package at this RB493G.
So - what does mean that log info? It's "system,info" category message.
you changed channel in "/system package update set channel=" or in winbox choose different item in dropdown
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1218
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 3:39 pm

I found a strange behavior with 6.38rc52 vs. 6.38rc48.

Here the architecture:
Image
Additional info:
- EdgeSwitch has STP disabled
- hEX POE has its ports in bridge mode acting as a managed POE switch
- hAP is also bridged and runs a NTP Server with GPS, with its wireless interface disabled
- RB922 has 2 wireless interfaces, using VLANs and BGP with the RB1100

Now there is a strange behavior when trying to access the components from a machine connected to the Edgeswitch.
- The moment I upgrade the RB922 to 6.38rc52, the access to the hEX POE and the connected camera will fail.
- If I reset the RB260GSP, the hEX and the camera will come on line for some 30 sec and then be inaccessible again.
- The system behaved correctly when both 922 and hAP used 6.38rc48 (hEX and RB1100 had 6.37.3)
- The RB922 behaves correctly in both instances
- Downgrading the RB622 to 6.37.3 brings normal behavior back
Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5729
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 5:59 pm

Hi Marius,

Do you have STP enabled on any of the bridges inside MikroTik routers?
It appears that there is new functionality in this area. I read that STP is now supported on switch chips with
the trick (?) of providing it from a connected bridge. I often set the STP protocol to "none" on bridges in cases
where there is no danger of loops, did you try that?
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1218
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 8:03 pm

Thank you Rob for the suggestion.

I disabled STP on the hEX POE and on the hAP and it seems to work now.
But I still did not expect this to happen...
Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5729
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 8:20 pm

It is not correct but maybe it can be explained from the new functions in 38rc.
Did you also try to enable STP everywhere?
When there is no bridge in the RB260 it could be required to add one.
(I did not really investigate the "STP for switch provided by bridge" function yet)
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1218
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: v6.38rc [release candidate] is released

Thu Dec 22, 2016 9:58 pm

In non working conditions, all routers had RTSP enabled on the connected bridges, including on VLAN bridges.
Just the Edgeswitch has STP/RTSP disabled, because I did not get it to work on VLANs with it enabled.
Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
 
lotnybartek
Frequent Visitor
Frequent Visitor
Posts: 95
Joined: Wed Apr 16, 2014 3:22 pm

Re: v6.38rc [release candidate] is released

Fri Dec 23, 2016 12:12 pm

Can someone tell how is CPU usage with site 2 site VPN connection using IKEv2?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5921
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v6.38rc [release candidate] is released

Fri Dec 23, 2016 12:38 pm

Ike is phase1 protocol so in terms of forward speed over the tunnel ike2 does not differ from ikev1.
 
User avatar
ziegenberg
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Thu Mar 07, 2013 11:14 am
Location: Vienna
Contact:

Re: v6.38rc [release candidate] is released

Sat Dec 24, 2016 5:12 am

Anybody had a look at the latest v6.38rc changelogs? Seriously guys, what's up? 165 changes since v6.37.3? :shock:

Never ever has a changelog been so huge. That's going to be the biggest release for MikroTik ever. Looking forward to it, can't await v6.38 showing up in channel bugfix only. :D
 
dannym
just joined
Posts: 20
Joined: Sat Oct 19, 2013 2:28 pm

Re: v6.38rc [release candidate] is released

Sat Dec 24, 2016 10:05 am

*) nand - implemented once a week nand refresh to improve stored data integrity *) nand - improved nand refresh feature to enhance stored data integrity

Why dont you add an option to turn on/ off those features introduced in 6.35 rc 43 and 6.36 rc 7?
:)

Merry Christmas!
Last edited by dannym on Sat Dec 24, 2016 11:13 am, edited 1 time in total.
 
jarda
Forum Guru
Forum Guru
Posts: 7602
Joined: Mon Oct 22, 2012 4:46 pm

Re: v6.38rc [release candidate] is released

Sat Dec 24, 2016 11:12 am

Wasn't such feature implemented some time ago already? Reinventing a wheel....
 
dannym
just joined
Posts: 20
Joined: Sat Oct 19, 2013 2:28 pm

Re: v6.38rc [release candidate] is released

Sat Dec 24, 2016 12:08 pm

Exactly! :)
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 545
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: v6.38rc [release candidate] is released

Sat Dec 24, 2016 4:43 pm

..[cut]..
*) bridge - fixed VLAN BPDU rx and tx when connected to non-RouterOS device with STP functionality;
..[cut]..
Can I have more info about that ? Thank you.
 
Mazutti
newbie
Posts: 27
Joined: Sat Jun 21, 2014 4:12 am

Re: v6.38rc [release candidate] is released

Wed Dec 28, 2016 3:55 pm

Anyone experiencing mangle problems on 6.38rc52? I'll elaborate:

Problem started approximately one day after I replaced some configuration on a RB2011 to a hEX v3. Mangle is pretty simple, chain prerouting from a vlan with action mark routing. Today it stopped working and I can't seem to find the problem, double checked NAT/Firewall/routes and nothing, only strange thing is I find lots of "time wait" TCP States on connections. Testing speed, latency and upload is ok, but download shows error.

Interesting thing is that the error occurs in this network where I have a route to the ISP modem, but If I route it to a PPPoE connection, it works fine. Can't put that modem in bridge though, and tested connection directly to the modem, or without the mangle and works fine.

Let me know if I haven't made myself clear, but any help is appreciated.
 
nescafe2002
Long time Member
Long time Member
Posts: 620
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v6.38rc [release candidate] is released

Wed Dec 28, 2016 4:20 pm

Well, I've had a similar issue somewhere in this RC at 2016-12-02.

The following NAT rules were passed.

This was fixed by disabling and enabling the concerend rules a single time.
(As the firewall rules filter on connection state dstnat, the traffic couldn't get through)
/ip firewall nat
add action=dst-nat chain=dstnat comment="Translate Exchange" dst-address=10.0.0.32 \
    protocol=tcp src-address=192.168.89.0/24 to-ports=444
add action=dst-nat chain=dstnat comment="Translate WWW" dst-address=10.0.0.5 \
    protocol=tcp src-address=192.168.89.0/24 to-ports=80
I've downgraded and re-upgraded several times but couldn't reproduce the issue therefore did not report it.

This is not mangle related, but also concerns connection tracking. Could you try disabling / enabling the mangle rules and check the outcome? Perhaps create a backup and/or supout.rif before if it has effect for support ticket purposes.
 
Mazutti
newbie
Posts: 27
Joined: Sat Jun 21, 2014 4:12 am

Re: v6.38rc [release candidate] is released

Wed Dec 28, 2016 4:33 pm

Thanks for the quick response. I've certainly disabled and enabled the rules during the troubleshooting, but not sure if tested without altering anything else. Will do first thing on the afternoon and send the supout to support anyway, since I'm not the first with similar issues, maybe it's not something I'm doing wrong.

Will try disabling the related nat and firewall rules too, just in case.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5729
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.38rc [release candidate] is released

Wed Dec 28, 2016 6:59 pm

Well, I've had a similar issue somewhere in this RC at 2016-12-02.

The following NAT rules were passed.
When you add NAT rules for traffic that is already flowing, the NAT rule will not be triggered anymore
because the established session will pre-empt that. Same reason why the NAT rule onlu counts
the first packet of every session (some people wonder why the counters on NAT rules are so low).

When this leads to confusing situations, it is best to reboot the router.
 
timtasse
just joined
Posts: 9
Joined: Tue Jun 22, 2010 11:52 am

Re: v6.38rc [release candidate] is released

Fri Dec 30, 2016 5:16 pm

are there plans to add NAT for IPv6 ?
at home i have dynamic ipv6 from the provider and a static ipv6 net with no flatrate at tunnelprovider.
the simplest solution is to NAT unknown networks und known networks without NAT for static firewall config.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5729
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.38rc [release candidate] is released

Sat Dec 31, 2016 12:36 pm

Now that I installed the 6.38rc on my home router, I notice a new problem in the WebFig:
The AS number for a BGP peer is displayed as a signed value. AS values that are near to the 32-bit unsigned limit (i.e. the Private AS range 4200000000 - 4294967294) are incorrectly displayed as negative numbers.
This is unfortunate as we widely use these AS numbers in our HAMNET network.

This is the third bug in WebFig in 6.38RC that I encounter and that appears to be related to signed/unsigned handling.
I think an investigation into possible further issues similar to this is in order. It appears some datatype change has been made that is not correct or not well tested for consequences.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5729
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.38rc [release candidate] is released

Sat Dec 31, 2016 12:43 pm

As mentioned in other threads there still is an issue with DHCPv6 PD in certain scenarios.
My provider uses DHCPv6 PD to assign IPv6 addresses, the lease has a 2 hour lifetime but it becomes invalid when the PPPoE session is closed.
While everything works OK in RouterOS with a DHCPv6 client configured on the PPPoE interface, unfortunately the router stores the obtained
lease and does not track the down-status of PPPoE. When the link has been reset or the modem is rebooted, the existing lease is used but
the provider does not route IPv6 until a new lease is obtained. It recovers at the end of the 2 hour lifetime period or when a RELEASE is done,
but it would be preferable when a new lease is requested automatically whenever:
- the router is rebooted
- the underlying PPPoE link goes down

As I understand that in some other cases this behavior may not be optimal or be considered nonstandard, maybe an option could be
added to the DHCPv6 client such that it:
- does not store the lease on disk
- deletes the lease whenever the link goes down

Or alternatively: provide a mechanism to run a script whenever a PPPoE link comes up, so I can put this command into that:
/ipv6 dhcp-client release [find status=bound]
That fixes the problem immediately...
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.38rc [release candidate] is released

Mon Jan 02, 2017 4:52 pm

Who is online

Users browsing this forum: No registered users and 6 guests