Community discussions

  • 1
  • 2
  • 3
  • 4
  • 5
  • 11
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

v6.42rc [release candidate] is released!

Wed Dec 27, 2017 10:50 am

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.42rc2 (2017-Dec-27 07:37):
*) dude - fixed e-mail notifications when default port is not used;
*) firewall - fixed "tls-host" firewall matcher;
*) firewall - limited maximum "address-list-timeout" value to 35w3d13h13m56s;
*) routerboot - fixed missing upgrade firmware for "ar7240" devices;
*) tile - fixed USB device speed detection after reboot;
*) traffic-flow - do not count single extra packet per each flow;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after crash.
 
kamillo
Member Candidate
Member Candidate
Posts: 153
Joined: Tue Jul 15, 2014 5:44 pm

Re: v6.42rc [release candidate] is released!

Wed Dec 27, 2017 11:45 am

Admire the spirit, Christmas period and you are releasing new (RC) version. But looking at changes 4 out of 6 are fixes so this sounds more like 6.41.1 not 6.42.
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Wed Dec 27, 2017 12:00 pm

kamillo - Fixes must be tested on rc tree before they are included in full version. Otherwise each and every version would be beta.
 
th0massin0
Member Candidate
Member Candidate
Posts: 144
Joined: Sun May 11, 2014 4:16 am
Location: Poland

Re: v6.42rc [release candidate] is released!

Wed Dec 27, 2017 12:39 pm

Is there a chance to support boot from VirtIO-SCSI in this release of CHR?
 
User avatar
null31
Member Candidate
Member Candidate
Posts: 177
Joined: Fri Dec 23, 2016 6:07 pm
Location: Brazil

Re: v6.42rc [release candidate] is released!

Wed Dec 27, 2017 4:16 pm

No problem with upgrade from 6.41rc47 to 6.42rc2 on hAP ac lite and from 6.41rc66 to 6.42rc2 on CHR under VBox.
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 875
Joined: Tue Oct 11, 2005 4:53 pm

Re: v6.42rc [release candidate] is released!

Wed Dec 27, 2017 5:31 pm

*) traffic-flow - do not count single extra packet per each flow;
Can you give more details about this?
 
irghost
Member Candidate
Member Candidate
Posts: 274
Joined: Sun Feb 21, 2016 1:49 pm

Re: v6.42rc [release candidate] is released!

Wed Dec 27, 2017 5:33 pm


*) firewall - fixed "tls-host" firewall matcher;

TLS-host does not work for me!
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 7:33 am

Cha0s - Before the fix Traffic Flow, for example, instead of reporting 5 packets per flow reported 6 packets. Simply reported one packet more than flow has actually processed;
irghost - Can you provide an example of rule which you have tried out and seen that it is not working?
 
fenomen51
just joined
Posts: 1
Joined: Thu Dec 28, 2017 7:49 am

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 7:52 am

Дома hAP ac стоит, 2 часа с бубном танцев не привели к получению интернета из одноимённого отверстия с данной прошивкой, как заколдованный, не найден тебе узел и всё тут. Ну, руки у меня кривые конечно, но остальные устройства автоматом завелись, а это - нет
 
irghost
Member Candidate
Member Candidate
Posts: 274
Joined: Sun Feb 21, 2016 1:49 pm

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 10:21 am

Cha0s - Before the fix Traffic Flow, for example, instead of reporting 5 packets per flow reported 6 packets. Simply reported one packet more than flow has actually processed;
irghost - Can you provide an example of rule which you have tried out and seen that it is not working?
/ip firewall filter add action=drop chain=forward protocol=tcp tls-host=*.youtube.com
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
raffav
Member Candidate
Member Candidate
Posts: 278
Joined: Wed Oct 24, 2012 4:40 am

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 2:14 pm

Cha0s - Before the fix Traffic Flow, for example, instead of reporting 5 packets per flow reported 6 packets. Simply reported one packet more than flow has actually processed;
irghost - Can you provide an example of rule which you have tried out and seen that it is not working?
/ip firewall filter add action=drop chain=forward protocol=tcp tls-host=*.youtube.com
i never figure out how to setup that, so i will be cool to have some exemple form MT support
 
alexspils
Member Candidate
Member Candidate
Posts: 174
Joined: Thu Jun 05, 2008 8:57 pm

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 2:22 pm

*) dude - fixed e-mail notifications when default port is not used;
does it means that dude development is unfreezed?
what abount dude api?
We have strange issue:
we have device with one service but dude shows 2 services
 
User avatar
Cha0s
Forum Veteran
Forum Veteran
Posts: 875
Joined: Tue Oct 11, 2005 4:53 pm

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 2:37 pm

Cha0s - Before the fix Traffic Flow, for example, instead of reporting 5 packets per flow reported 6 packets. Simply reported one packet more than flow has actually processed;
irghost - Can you provide an example of rule which you have tried out and seen that it is not working?
/ip firewall filter add action=drop chain=forward protocol=tcp tls-host=*.youtube.com
i never figure out how to setup that, so i will be cool to have some exemple form MT support
I don't think you can use wildcards. Or to put it more correctly, I think you should use the domains defined in the certificate.
Youtube's certificate does not contain *.youtube.com
 
anuser
Member
Member
Posts: 350
Joined: Sat Nov 29, 2014 7:27 pm

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 7:24 pm

Hi, would it be possible to activate / enable / support "airtime fairness" for Atheros wireless chipsets within 6.42rc?
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 9:39 pm

fenomen51 - Please note that most of the users in the forum do not know Russian language. I recommend to send this report to support@mikrotik.com and provide confguration of your router which you had before an upgrade. We will test if we can reproduce this problem;
irghost, raffav, Cha0s - Seems that we have found an issue with new TLS matcher. We will try to fix it as soon as possible;
alexspils - Please note that this was just a single fix. More fixes will be available in future RouterOS releases, but we can not promise any ETA for them;
alexspils, anuser and everyone else - If you have suggestions or bugs reports related to RouterOS, then either create a new support topic or contact support. We will be happy to hear you out. Version topics are made to find out issues with concrete version - see the feedback about concrete version. Main idea is to help to users who want to upgrade.
 
User avatar
AlainCasault
Trainer
Trainer
Posts: 587
Joined: Fri Apr 30, 2010 3:25 pm
Location: Laval, QC, Canada
Contact:

Re: v6.42rc [release candidate] is released!

Thu Dec 28, 2017 11:41 pm

Cha0s - Before the fix Traffic Flow, for example, instead of reporting 5 packets per flow reported 6 packets. Simply reported one packet more than flow has actually processed;
irghost - Can you provide an example of rule which you have tried out and seen that it is not working?
/ip firewall filter add action=drop chain=forward protocol=tcp tls-host=*.youtube.com
i never figure out how to setup that, so i will be cool to have some exemple form MT support


I think every new function SHOULD have some examples on proper usage.

Best regards and happy holidays!
___________________________
Alain Casault, Eng.
If I helped you, let me know!
 
irghost
Member Candidate
Member Candidate
Posts: 274
Joined: Sun Feb 21, 2016 1:49 pm

Re: v6.42rc [release candidate] is released!

Fri Dec 29, 2017 2:24 pm


irghost, raffav, Cha0s - Seems that we have found an issue with new TLS matcher. We will try to fix it as soon as possible;
add some documents
MTCNA MTCRE MTCTCE MTCUME MTCWE MTCIPv6E MTCINE
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 543
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: v6.42rc [release candidate] is released!

Mon Jan 01, 2018 4:11 am

add some documents
+1 .. We know documentation takes time, but the rc features cannot be really well tested w/o at least basic suggestions
 
User avatar
SimonK
newbie
Posts: 47
Joined: Wed Jul 24, 2013 10:44 am
Location: Denmark
Contact:

Re: v6.42rc [release candidate] is released!

Tue Jan 02, 2018 1:22 pm

@strods why isnt wiki thedude changelog not updated?
 
msatter
Forum Guru
Forum Guru
Posts: 1113
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.42rc [release candidate] is released!

Tue Jan 02, 2018 3:13 pm

There is a backlog of items in the changelogs to be documented in the WiKi and when you look at the Hairpin Nat page it is 7 years old and there has been a change in RouterOS (local port incl. WanIP) that comes in handy for many users of RouterOS.

However there was today change in the IPSEC page which now has an clear table of which equipment is supporting which encryption and makes it all very clear and easy to understand. :-)
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.46Beta / Winbox 3.19 / MikroTik APP 1.2.6
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Wed Jan 03, 2018 2:35 pm

Version 6.42rc5 has been released.

Changes since previous release:
*) bridge - fixed bridge related settings conversation during upgrade from pre-v6.41 bridge implementation (introduced v6.41);
*) bridge - properly update "actual-mtu" after MTU value changes (introduced v6.41);
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) detnet - additional work on "detect-internet" implementation;
*) detnet - fixed "detect-internet" feature unavailability if router had too long identity (introduced v6.41);
*) discovery - fixed discovery related settings conversation during upgrade from pre-v6.41 discovery implementation (introduced v6.41);
*) firewall - fixed "tls-host" firewall matcher (introduced v6.41);
*) ike1 - display error message when peer requests "mode-config" when it is not configured;
*) ike1 - fixed "aes-ctr" and "aes-gcm" encryption algorithms (introduced v6.41);
*) ike2 - improve half-open connection handling;
*) interface - improved interface configuration responsiveness;
*) log - properly report bridge interface MAC address changes;
*) poe-out - do not show "poe-out-current" on devices which can not determine it;
*) rb1100ahx4 - fixed reset button responsiveness when regular firmware is used;
*) ssh - improved key import error messages;
*) tile - added "aes-ctr" hardware acceleration support;
*) tr069-client - fixed HTTPS authentication process;
*) wireless - fixed nv2 protocol on ARM platform SXTsq devices;
*) wireless - improved wireless scan functionality for devices with multiple wireless interfaces;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after crash.
 
zryny4
just joined
Posts: 9
Joined: Sun Apr 17, 2016 12:29 pm

Re: v6.42rc [release candidate] is released!

Wed Jan 03, 2018 5:34 pm

I have a bootloop after upgrading my hap ac lite from rc2 to rc5... :-(
 
uldis
MikroTik Support
MikroTik Support
Posts: 3423
Joined: Mon May 31, 2004 2:55 pm

Re: v6.42rc [release candidate] is released!

Wed Jan 03, 2018 5:40 pm

I have a bootloop after upgrading my hap ac lite from rc2 to rc5... :-(
What configuration you had on the hap ac lite?
 
zryny4
just joined
Posts: 9
Joined: Sun Apr 17, 2016 12:29 pm

Re: v6.42rc [release candidate] is released!

Wed Jan 03, 2018 5:48 pm

What configuration you had on the hap ac lite?
capsman with local wifi and map lite on ether5 (poe), bridge (ether3,5 + caps interfaces), ripe atlas in ether4, uplink in ether1.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5351
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42rc [release candidate] is released!

Wed Jan 03, 2018 5:55 pm

add some documents
+1 .. We know documentation takes time, but the rc features cannot be really well tested w/o at least basic suggestions
Yes, all changes affecting commands and parameters should be documented on the Wiki.
It is not acceptable to have to manually check all change lists when trying to figure out how to use commands.
(especially the details of parameters)

Maybe the Wiki should be split in current and release candidate branches so new features can be added in the release candidate
branch and moved over to the current branch once it has been released.
When each new feature in the release candidates is not immediately documented in the Wiki, a backlog will develop and "making the
documentation uptodate" will become an every higher mountain.
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Wed Jan 03, 2018 8:40 pm

Description is included in each and every related wiki page:
tls-host (string; Default: ) - Allows to match traffic based on TLS hostname. Accepts GLOB syntax for wildcard matching. Note that matcher will not be able to match hostname if TLS handshake frame is fragmented into multiple TCP segments (packets).
 
pe1chl
Forum Guru
Forum Guru
Posts: 5351
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42rc [release candidate] is released!

Wed Jan 03, 2018 9:44 pm

The Wiki comment is more generic. New features are not always added to the wiki.
E.g. the option PEAP for eap-methods in the wireless security profiles has never been added to the documentation, although several threads of people waiting for this are on the forum.
 
raffav
Member Candidate
Member Candidate
Posts: 278
Joined: Wed Oct 24, 2012 4:40 am

Re: v6.42rc [release candidate] is released!

Thu Jan 04, 2018 12:48 pm

Get boot loop on CRS125-24G-1S-2HnD
after upgrade to rc5

It is something related to capsman , i think
if disable cap function it stop looping
 
User avatar
AlainCasault
Trainer
Trainer
Posts: 587
Joined: Fri Apr 30, 2010 3:25 pm
Location: Laval, QC, Canada
Contact:

Re: v6.42rc [release candidate] is released!

Thu Jan 04, 2018 3:45 pm

add some documents
+1 .. We know documentation takes time, but the rc features cannot be really well tested w/o at least basic suggestions
Yes, all changes affecting commands and parameters should be documented on the Wiki.
It is not acceptable to have to manually check all change lists when trying to figure out how to use commands.
(especially the details of parameters)

Maybe the Wiki should be split in current and release candidate branches so new features can be added in the release candidate
branch and moved over to the current branch once it has been released.
When each new feature in the release candidates is not immediately documented in the Wiki, a backlog will develop and "making the
documentation uptodate" will become an every higher mountain.
+1!!!!

Sent from Tapatalk

___________________________
Alain Casault, Eng.
If I helped you, let me know!
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Thu Jan 04, 2018 4:14 pm

Version 6.42rc6 has been released.

Changes since previous release:
*) btest - fixed TCP test accuracy when low TX/RX rates are used;
*) crs317 - improved transmit performance between 10G and 1G ports;
*) dhcpv6-client - added possibility to specify options (CLI only);
*) snmp - added w60g support;
*) wireless - fixed device becoming unresponsive (introduced in v6.42rc5);

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after crash.
 
marcin21
Member Candidate
Member Candidate
Posts: 185
Joined: Tue May 04, 2010 4:50 pm

Re: v6.42rc [release candidate] is released!

Thu Jan 04, 2018 7:30 pm

!) wireless - new driver with initial support for 160 and 80+80 MHz channel width;
where to find this feature ?
what hardware is supported to test 160mhz channel width?
 
mszru
just joined
Posts: 13
Joined: Wed Aug 10, 2016 10:42 am

Re: v6.42rc [release candidate] is released!

Thu Jan 04, 2018 10:03 pm

!) wireless - new driver with initial support for 160 and 80+80 MHz channel width;
where to find this feature ?
what hardware is supported to test 160mhz channel width?
This new driver is needed to take advantage of 802.11ac Wave 2 wireless devices which MikroTik does not have currently (if I am not mistaken). Please follow the link viewtopic.php?f=21&t=123936&p=626003&hilit=160#p626003 with a brief discussion.

You may also want to read the FAQ for more details on Wave 2:
Wave 2, a superset of Wave 1, requires new hardware in both access points and client devices to support the additional 802.11ac capabilities such as MU-MIMO, channel widths up to 160 MHz, and the potential for a fourth spatial stream.
 
marcin21
Member Candidate
Member Candidate
Posts: 185
Joined: Tue May 04, 2010 4:50 pm

Re: v6.42rc [release candidate] is released!

Thu Jan 04, 2018 10:21 pm

I've found that QCA9888 is 80+80mhz capable
https://www.qualcomm.com/products/qca9888

seems that Omnitik AC has one, or am I mistaken?
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1405
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Thu Jan 04, 2018 10:55 pm

Please note that this topic is made in order to resolve software issues introduced in 6.42rc versions before version becomes 6.42.

If you have questions about version which is not 6.42rc, then write to support@mikrotik.com, create a new topic in forum or write into already existing topic made for concrete version.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1807
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: v6.42rc [release candidate] is released!

Fri Jan 05, 2018 4:32 am

This new driver is needed to take advantage of 802.11ac Wave 2 wireless devices which MikroTik does not have currently (if I am not mistaken).
The SXTsq AC is 802.11ac Wave2. As is the un-announced cAP AC which has passed FCC testing.

I expect to see a bunch more Mikrotik products be given the ARM+802.11ac Wave2 makeover in the coming months.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
anuser
Member
Member
Posts: 350
Joined: Sat Nov 29, 2014 7:27 pm

Re: v6.42rc [release candidate] is released!

Fri Jan 05, 2018 3:05 pm

The SXTsq AC is 802.11ac Wave2.
Thanks for the info. I haven´t noticed the IPQ4018 on the product page
 
User avatar
typicalwisp
just joined
Posts: 10
Joined: Fri Jan 05, 2018 8:45 pm

Re: v6.42rc [release candidate] is released!

Fri Jan 05, 2018 8:56 pm

The new "/interface wireless access-list allow-signal-out-of-range" feature in 6.41 dramatically improved roaming wireless clients' connectivity. Thanks! Is it possible to add this functionality to "/caps-man access-list" as well? I am getting quite a few too-strong and too-weak disconnects on CAP managed APs:
12:32:29 caps,info XX:XX:XX:XX:XX:XX@cap6 connected 
12:32:32 caps,info XX:XX:XX:XX:XX:XX@cap6 disconnected, too strong signal 
12:32:37 caps,info XX:XX:XX:XX:XX:XX@cap6 connected 
12:32:41 caps,info XX:XX:XX:XX:XX:XX@cap6 reassociating 
12:32:41 caps,info XX:XX:XX:XX:XX:XX@cap6 connected 
12:32:53 caps,info XX:XX:XX:XX:XX:XX@cap6 disconnected, too strong signal 
12:32:56 caps,info XX:XX:XX:XX:XX:XX@cap6 connected 
12:32:59 caps,info XX:XX:XX:XX:XX:XX@cap6 disconnected, too weak signal
 
mistry7
Forum Guru
Forum Guru
Posts: 1223
Joined: Tue Oct 13, 2009 11:57 am
Location: Germany

Re: v6.42rc [release candidate] is released!

Fri Jan 05, 2018 11:23 pm

I've found that QCA9888 is 80+80mhz capable
https://www.qualcomm.com/products/qca9888

seems that Omnitik AC has one, or am I mistaken?
No Omnitik is QCA9557
And 9888 is not supportet yet!
 
nkourtzis
Member Candidate
Member Candidate
Posts: 202
Joined: Tue Dec 11, 2012 12:56 am
Location: Greece

Re: v6.42rc [release candidate] is released!

Sat Jan 06, 2018 11:57 pm

IGMP Snooping problems experienced with 6.41 and still present in 6.42rc:

- Very high traffic volume (~90Mbps) without apparent reason (VMs were not moving much data) on interfaces connecting Proxmox cluster nodes (hypervisors). During this time of high traffic, some node heartbeats were missed and nodes sporadically appeared as down, even though they were up. Just a straight bridge, no vlans. Fast forward and IGMP snooping enabled. Turning off IGMP snooping on the bridge fixed this.

- Inability of clients of vlan-tagging access points to get IP address from DHCP running on the Mikrotik, even though the VLAN and DHCP were set up correctly. The VLAN is set up in pre-6.41 style, on the bridge interface, with no vlan filtering on the bridge. Access Points are connected to the bridge ethernet ports and are tagging the traffic from clients. The DHCP server runs on the VLAN inteface. Fast forward enabled on bridge. Everything was working fine until IGMP Snooping was also enabled on the bridge. Then and after a while (not immediately), the new DHCP leases would stick in an "offered" state and logs were filled with "lease unsuccessful" messsages. Again, disabling IGMP Snooping on the bridge fixed the problem immediately.
Passionate about networks
Enthusiastic about Mikrotik
MTCNA | MTCRE | MTCINE

No trees were killed to send this message,
but a large number of electrons were terribly inconvenienced.
 
Grickos
newbie
Posts: 32
Joined: Thu Aug 06, 2015 2:57 am

Re: v6.42rc [release candidate] is released!

Tue Jan 09, 2018 1:13 am

Cap problem, easy to reproduce.
New setup, Reset Default configuration. all leave default configuration.
Set CAPsMan and CAP. The other CAPs connected to Lan are working, only the local does not work.

Firewall Filter rules block local CAP "defconf: drop all not coming from LAN."
Log:
05:42:14 firewall,info ======= input: in:(unknown 1) out:(unknown 0), proto UDP, 192.168.88.1:36345->192.168.88.1:5246, len 48
05:42:21 firewall,info ======= input: in:(unknown 1) out:(unknown 0), proto UDP, 192.168.88.1:54227->192.168.88.1:5246, len 48

If you set Filter instead of the !LAN block WAN, everything works
 
105547111
Member Candidate
Member Candidate
Posts: 131
Joined: Fri Jun 22, 2012 9:46 pm

Re: v6.42rc [release candidate] is released!

Thu Jan 11, 2018 6:47 pm

IGMP Snooping problems experienced with 6.41 and still present in 6.42rc:

- Very high traffic volume (~90Mbps) without apparent reason (VMs were not moving much data) on interfaces connecting Proxmox cluster nodes (hypervisors). During this time of high traffic, some node heartbeats were missed and nodes sporadically appeared as down, even though they were up. Just a straight bridge, no vlans. Fast forward and IGMP snooping enabled. Turning off IGMP snooping on the bridge fixed this.

- Inability of clients of vlan-tagging access points to get IP address from DHCP running on the Mikrotik, even though the VLAN and DHCP were set up correctly. The VLAN is set up in pre-6.41 style, on the bridge interface, with no vlan filtering on the bridge. Access Points are connected to the bridge ethernet ports and are tagging the traffic from clients. The DHCP server runs on the VLAN inteface. Fast forward enabled on bridge. Everything was working fine until IGMP Snooping was also enabled on the bridge. Then and after a while (not immediately), the new DHCP leases would stick in an "offered" state and logs were filled with "lease unsuccessful" messsages. Again, disabling IGMP Snooping on the bridge fixed the problem immediately.
Yes - I agree totally your experience with IGMP snooping on bridges at least downstream. Main router is ccr1016, feeding 3 x downstream crs125 switches, 1 x 8 port switch, a dell centos7 server using two more CCR ethernets with VMs, DNS, FTP, etc on it as well. All off different ethers on the CCR for our LAN. A simple single bridge on the CCR with ether 1 (WAN) routed not a part of the bridge. Rest of ethers 2 to 7 are on a single bridge.

On the CCR as well as CRS, no VLANs at all simply everything is on a simple layer 2 bridge on each device. Yet after a day of enabling IGMP snooping on the CCR and the CRS-125's all my DLNA started (both wired and wireless devices) began to drop randomly stop and drop streams during playing (never ever had this) and then the DLNA devices start disappearing from the list of available DLNA servers.

I disabled IGMP snooping only on all the downstream devices, 3 x crs125, and the 3 x 951g using as wireless access points (come off the crs125 anyway), but left IGMP snooping enabled on the CCR.

As soon as I did this all the issues wen't away.

I tried then adding PIM on the CCR and CRS but as soon as IGMP snooping is on DLNA breaks. Once a device disappears from the DLNA list, disable and re-enable the ether, reboot the actual client and DLNA server, remove the ethers physically, no difference the device never shows up as a DLNA server, or the client can't see any. But its working you can https, or ftp, just the DLNA. Only a reboot of the actual crs switch resumes DLNA again until it stops.

There's definitely an issue with IGMP snooping. Over a week solid now without IGMP snooping no DLNA issues.
 
anuser
Member
Member
Posts: 350
Joined: Sat Nov 29, 2014 7:27 pm

Re: v6.42rc [release candidate] is released!

Thu Jan 11, 2018 9:50 pm

The new "/interface wireless access-list allow-signal-out-of-range" feature in 6.41 dramatically improved roaming wireless clients' connectivity. Thanks!
Interesting, how does this feature work at all?
 
User avatar
typicalwisp
just joined
Posts: 10
Joined: Fri Jan 05, 2018 8:45 pm

Re: v6.42rc [release candidate] is released!

Thu Jan 11, 2018 10:42 pm

The new "/interface wireless access-list allow-signal-out-of-range" feature in 6.41 dramatically improved roaming wireless clients' connectivity. Thanks!
Interesting, how does this feature work at all?
Here is a lengthy discussion:
viewtopic.php?t=124884
Basically, in a wireless access-list you can specify a signal range required to establish/maintain a connection. Bugs in the client radio, bugs in the AP radio, or actual signal changes will cause a client to be disconnected from the AP when the calculated signal strength goes out of that range. This sounds good in theory, but in practice this happens for certain clients regardless of their distance to the AP (likely a bug in radio firmware.) Because the offending clients only exceed this signal range for a small number of frames at a time, the new access-list default in 6.41 is to allow a client to be out of signal range for 10 seconds before the rule is triggered.

In my experience, using a signal range of -120..120 (or not specifying a signal range at all) in the access list still results in both "too strong" and "too weak" events that disconnect clients. The "allow-signal-out-of-range" keeps these clients connected to the AP while still preventing low-signal clients from initially connecting. Unfortunately, this change didn't get implemented in caps-man when it was put into /interface wireless access-list.
 
biatche
Member Candidate
Member Candidate
Posts: 128
Joined: Tue Oct 13, 2015 6:50 am

Re: v6.42rc [release candidate] is released!

Fri Jan 12, 2018 6:36 am

The new "/interface wireless access-list allow-signal-out-of-range" feature in 6.41 dramatically improved roaming wireless clients' connectivity. Thanks!
Interesting, how does this feature work at all?
Here is a lengthy discussion:
viewtopic.php?t=124884
Basically, in a wireless access-list you can specify a signal range required to establish/maintain a connection. Bugs in the client radio, bugs in the AP radio, or actual signal changes will cause a client to be disconnected from the AP when the calculated signal strength goes out of that range. This sounds good in theory, but in practice this happens for certain clients regardless of their distance to the AP (likely a bug in radio firmware.) Because the offending clients only exceed this signal range for a small number of frames at a time, the new access-list default in 6.41 is to allow a client to be out of signal range for 10 seconds before the rule is triggered.

In my experience, using a signal range of -120..120 (or not specifying a signal range at all) in the access list still results in both "too strong" and "too weak" events that disconnect clients. The "allow-signal-out-of-range" keeps these clients connected to the AP while still preventing low-signal clients from initially connecting. Unfortunately, this change didn't get implemented in caps-man when it was put into /interface wireless access-list.
If my present rule allows -80..120 and rejects -120..-81 ; what are the precise rules i want for the new option? mind pasting the lines? I suppose the involved lines should go above my present rules right?

and Dear MT, please make this possible for capsman, I've been having these connect/disconnect issues for a very very long time.. and never ever knew what the problem was.
 
JimmyNyholm
Member Candidate
Member Candidate
Posts: 249
Joined: Mon Apr 25, 2016 2:16 am
Location: Sweden

Re: v6.42rc [release candidate] is released!

Fri Jan 12, 2018 5:17 pm

Version 6.42rc5 has been released.
*) bridge - properly update "actual-mtu" after MTU value changes (introduced v6.41);
Please explain.
 
User avatar
typicalwisp
just joined
Posts: 10
Joined: Fri Jan 05, 2018 8:45 pm

Re: v6.42rc [release candidate] is released!

Fri Jan 12, 2018 5:56 pm

If my present rule allows -80..120 and rejects -120..-81 ; what are the precise rules i want for the new option? mind pasting the lines? I suppose the involved lines should go above my present rules right?

I think this is what the documentation should say (just guessing for min-max time):
allow-signal-out-of-range (always | time [0s..1d]; Default: 10s)
Ignore signal-range in this rule for the specified time period.  

This seems to be working for me:
/interface wireless access-list
print
# For the "allow connections" rule allow 10 seconds of out-of-range signal:
set 1 allow-signal-out-of-range=10s

This may result in clients being able to connect for 10 seconds even though they are too far away. Is there a way to prevent this? These clients will take up a large portion of the AP's time/bandwidth through re-transmissions and a low symbol rate. A different solution to this problem is to throw out the "outlier" (less than -120dBm, greater than +120dBm) signal strength readings and average the signal level over a given number of "valid" frames. It adds complication when accepting a new client and creates additional memory requirements, but may result in a more desirable AP behavior. It would be really nice to be able to see the averaged signal strength for this type of rule in the debug logs... but now I'm running off the rails into "feature-request" territory. Strods, is there a better place for this discussion? I assume that the "missing from caps-man in 6.42rc" belongs here, but talking about how to use the feature should be discussed somewhere else.
 
WireDick
just joined
Posts: 5
Joined: Sun Dec 10, 2017 3:26 pm

Re: v6.42rc [release candidate] is released!

Sun Jan 14, 2018 6:12 pm

*) tile - added "aes-ctr" hardware acceleration support;

Can someone explain to me?
 
andriys
Forum Guru
Forum Guru
Posts: 1079
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: v6.42rc [release candidate] is released!

Sun Jan 14, 2018 6:51 pm

*) tile - added "aes-ctr" hardware acceleration support;

Can someone explain to me?
https://wiki.mikrotik.com/wiki/Manual:I ... encryption
 
raffav
Member Candidate
Member Candidate
Posts: 278
Joined: Wed Oct 24, 2012 4:40 am

Re: v6.42rc [release candidate] is released!

Sun Jan 14, 2018 10:07 pm

MT Support
freq.usage and wifi snooper on RC6 is not working
it get freq monitor is not running / and ERROR not Running
interface wireless frequency-monitor wlan1 
         FREQ          USE         NF

frequency-monitor not running

 /interface wireless snooper> snoop wlan1 
CHANNEL                                                                                                                        USE        BW NET-COUNT NOISE-FLOOR STA-COUNT

not running


 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 23996
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: v6.42rc [release candidate] is released!

Mon Jan 15, 2018 3:39 pm

rc9 is released

What's new in 6.42rc9 (2018-Jan-15 09:07):

Changes since previous release:
*) bridge - fixed interface list moving in "/interface bridge port" menu;
*) bridge - fixed hw-offload disabling for Mediatek and Realtek switches when STP/RSTP configured;
*) bridge - fixed hw-offload disabling when adding a port with "horizon" set;
*) bridge - fixed repetitive port "priority" set;
*) bridge - fixed situation when packet could be sent with local MAC as dst-mac;
*) crs1xx/2xx - added BPDU value for "ingress-vlan-translation" menu "protocol" option;
*) crs3xx - hide deprecated VLAN related settings in "/interface ethernet switch port" menu;
*) dhcpv4-server - fixed framed and classless route received from RADIUS server;
*) dhcpv6-client - added info exchange support;
*) dhcpv6-client - added support for options 15 and 16;
*) dhcpv6-server - added DHCPv4 style user options;
*) ike1 - do not accept "mode-config" reply more than once;
*) ike2 - delay rekeyed peer outbound SA installation;
*) ipsec - properly update IPsec secret for IPIP/EoIP/GRE dynamic peer;
*) kidcontrol - added initial support for "/ip kid-control" feature (CLI only);
*) lte - do not add DHCP client on LTE modems that doesn't use DHCP;
*) lte - fixed DHCP client adding for MF823 modem;
*) mac-ping - fixed duplicate responses;
*) modem - added initial support for AC340U;
*) ppp - allow to override remote user PPP profile via "Mikrotik-Group";
*) ppp - changed default value of "route-distance" to 1;
*) quickset - show "G" flag for guest users;
*) radius - added warning if PPP authentication over RADIUS is enabled;
*) radius - increase allowed RADIUS server timeout to 60s;
*) snmp - allow also IPv6 on default public community;
*) snmp - fixed SNMP for W60G interfaces;
*) tile - improved stability in high throughput HW accelerated IPsec setups ("/system routerboard upgrade" required);
*) tr069-client - added "DownloadDiagnostics" and "UploadDiagnostics";
*) webfig - added support for proper default policies when adding script or scheduler job;
*) webfig - fixed bridge port sorting order by name;
*) winbox - added possibility to delete SMS from Inbox;
*) winbox - allow to open bridge host entry;
*) winbox - allow to specify "to-ports" for "action=masquerade";
*) winbox - do not show "hw" option on non-ethernet interfaces;
*) winbox - do not show VLAN related settings in switch port menu on CRS3xx boards;
*) winbox - fixed "/tool e-mail send" attachment behaviour;
*) winbox - improved stability when using trackpad scrolling in large lists;
*) wireless - fixed frequency-monitor/sniffer/snooper; (introduced in v6.42rc);
*) wireless - fixed nv2 (introduced in v6.42rc);
*) wireless - updated "Czech Republic" country 5.8 GHz frequency range;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after crash.
No answer to your question? How to write posts
  • 1
  • 2
  • 3
  • 4
  • 5
  • 11

Who is online

Users browsing this forum: No registered users and 4 guests