Access the router over physical console, or netinstall it!this AM I Installed 6.42rc24 on my CCR1009 and now no connectivity --- Winbox cannot discover the Router
How do I recover from this please?
Strods,Version 6.42rc24 has been released.
Changes since previous release:
*) crs3xx - added initial hw-offload support for 802.3ad and balance-xor bonding
*) export - fixed "/system routerboard mode-button" compact export;
*) firewall - fixed "tls-host" firewall feature (introduced v6.41);
If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.t
I upgrade old rb711-5Hnd to 6.42rc24. There is no possibility set nstreme-plusNstreme-plus?
It would be nice to finally get LACP on the CRS125. the fact that we haven't got it by now and the changelog only mentions the CRS3XX series doesn't fill me with much hope though.@Strods
Since this new crs Poe series is out, so this version belongs to the same of crs1xx having the same features or it have new features available on crs3xx series?
Enviado do meu iPad usando Tapatalk
What does "initial" mean here?
*) crs3xx - added initial hw-offload support for 802.3ad and balance-xor bonding
Are you serious about this?At the moment we are not aware about any problems with upgrade starting from 6.42rc23 version.
On the first link, the rc24 hadn't out yet.Upgrade from 6.42rc20 (not from rc23):
viewtopic.php?f=21&t=129034&start=150#p641249
If I did understand post correctly, then this is about fresh installation, not an upgrade:
viewtopic.php?f=21&t=129034&start=150#p641262
Version from which upgrade was made is not mentioned:
viewtopic.php?f=21&t=129034&p=641436#p641289
[kaze@hueragem3 Downloads]$ sha256sum -c chr-6.42rc24.vdi.sha256
chr-6.42rc24.vdi: OK
Jiiiha!.... Will test prompty. Offcourse 4 tuble ip hash srcip srcport dstip dstport will come later right!?*) crs3xx - added initial hw-offload support for 802.3ad and balance-xor bonding
Well, I made some tests with CHR only.Did someone tried to do a downgrade to rc18 or more old and then upgrade to rc24?
I saw that 6.42rc20 is a bomb as origin of upgrade to rc23/rc24.
Ok So I tested on a CRS326-24G-2S+ but neither winbox nor cli shows anything anywhere. Initial maybe initial not ready for test yet or do I need to do something other then define bond and add the bond to the bridge?Jiiiha!.... Will test prompty. Offcourse 4 tuble ip hash srcip srcport dstip dstport will come later right!?*) crs3xx - added initial hw-offload support for 802.3ad and balance-xor bonding
/routing bgp peer
add default-originate=if-installed in-filter=X-in name=Y out-filter=X-out remote-address=1.1.1.2 tcp-md5-key=secret123 ttl=default remote-as=64512
[admin@router] > /routing bgp peer export
/routing bgp peer
add default-originate=if-installed in-filter=X-in name=Y out-filter=X-out remote-address=1.1.1.2 tcp-md5-key=secret123 ttl=default
Are we going to get any kind of response onto what nstreme-plus is? Please?
Are we going to get any kind of response onto what nstreme-plus is? Please?
too secret to tell everyone!
(found using google)nstream is a wireless protocol mikrotik proprietary.
Googling nstreme is not the answer, protocols can vary vastly. nstreme and NV2 (nstreme version 2) are entirely different. I want details on what is actually different in nstreme plus and would like to know if it was developed specifically for any type of hardware (there have been many complaints with nstreme and nv2 on AC). We have abandoned mikrotik for wireless on 2.4 and 5ghz but still rely on them for some remaining 900mhz customers. I want to know if this will be applicable for us.Are we going to get any kind of response onto what nstreme-plus is? Please?
too secret to tell everyone!
If this is correct:(found using google)nstream is a wireless protocol mikrotik proprietary.
Then I guess that nstreme-plus is the same as nstreme with some more funtion.
+1Nstreme plus, any hints?
I'm about to update a couple of test units...
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>C8CAC51C5479E518</RequestId>
<HostId>
3aRnHLgJqfV4AKF81siOXhSgng8kYK1qYiDci7AL7PPOYkAmt0jMpV6AGcyVhvyLNrws/PYiJqQ=
</HostId>
</Error>
That's exactly what we fearedNstreme-plus is almost the same Nstreme protocol but with some additional tweaks to get better compatibility with latest ARM based wireless chipset hardware that we started to release recently.
So no sync options or anything like that?Nstreme-plus is almost the same Nstreme protocol but with some additional tweaks to get better compatibility with latest ARM based wireless chipset hardware that we started to release recently.
That's exactly what we fearedNstreme-plus is almost the same Nstreme protocol but with some additional tweaks to get better compatibility with latest ARM based wireless chipset hardware that we started to release recently.
again only patchwork and no innovation
*) radius - increase allowed RADIUS server timeout to 60s;
nstreme Connection with this RC ist not working on LHG acNstreme-plus is almost the same Nstreme protocol but with some additional tweaks to get better compatibility with latest ARM based wireless chipset hardware that we started to release recently.
Hm, this is probably the reason why the wireless product line contains much more items than the wireless-less one.Mate, Mikrotik is mainly routing. Wireless is a peripheral offering, not core business for them. They do not have the horsepower to pursue both of them equally. If you want wireless, go to one of the guys that do that as their main business and then combine the best of both worlds.
*) radius - increase allowed RADIUS server timeout to 60s;
To add an important reason to the too short limit problem of timeout in radius:
Successful authentications are answered immediately (in order of milliseconds if possible), but to protect the server from brute-force attacks and DOS-type attacks, radius is usually configured in order that in case of failed authentication, the response is delayed for a longer time (usually 4 or 5 seconds). In that way the attack slows down and is not effective.
For that it is important to be able to configure a "large" timeout time.
Nstreme-plus is almost the same Nstreme protocol but with some additional tweaks to get better compatibility with latest ARM based wireless chipset hardware started to release recently.+ 32984920nstreme-plus ? What is it ?
And you all miss upon proxied multifactor stuff where upstream servers is waiting on user action on other device. The timeout need to be high so that user have time to respond and router not destroying auth process by resending same request again and being denied due to replay attack.*) radius - increase allowed RADIUS server timeout to 60s;
To add an important reason to the too short limit problem of timeout in radius:
Successful authentications are answered immediately (in order of milliseconds if possible), but to protect the server from brute-force attacks and DOS-type attacks, radius is usually configured in order that in case of failed authentication, the response is delayed for a longer time (usually 4 or 5 seconds). In that way the attack slows down and is not effective.
For that it is important to be able to configure a "large" timeout time.
This isn't actually true as the radius server will return either an accept or deny (if bad password) immediately. This timeout only affects no response from the radius server before it tries to send the exact same packet again. Its still very helpful when your radius server is at a remote site across a high latency link.
http://networkradius.com/doc/3.0.10/raddb/security.htmlThis isn't actually true as the radius server will return either an accept or deny (if bad password) immediately. This timeout only affects no response from the radius server before it tries to send the exact same packet again. Its still very helpful when your radius server is at a remote site across a high latency link.*) radius - increase allowed RADIUS server timeout to 60s;
To add an important reason to the too short limit problem of timeout in radius:
Successful authentications are answered immediately (in order of milliseconds if possible), but to protect the server from brute-force attacks and DOS-type attacks, radius is usually configured in order that in case of failed authentication, the response is delayed for a longer time (usually 4 or 5 seconds). In that way the attack slows down and is not effective.
For that it is important to be able to configure a "large" timeout time.
Strods?What does "initial" mean here?
*) crs3xx - added initial hw-offload support for 802.3ad and balance-xor bonding
Response to my ticket to support@ is that they plan on addressing it in 6.42 eventually, but it doesn't look like it's been touched yetIs IGMP snooping fixed in rc24 or in 6.41.2?
Got yelled at last time so I've left it off for now
6.42rc24 ....................................... 6.42rc27 how long will this last?
As it was mentioned several times before in this topic. Upgrade happens on old version
6.42rc17 - 6.42rc24 are bad versions, so if you want to upgrade from these versions, use netinstall from the beginning.
As it was mentioned several times before in this topic. Upgrade happens on old version
6.42rc17 - 6.42rc24 are bad versions, so if you want to upgrade from these versions, use netinstall from the beginning.
Then why when upgrading from version 6.42rc20 to version 6.42rc27 the router again ceased to give signs of life?No, only if older version was 6.42rc17 - 6.42rc24
No, only if older version was 6.42rc17 - 6.42rc24
Then why when upgrading from version 6.42rc20 to version 6.42rc27 the router again ceased to give signs of life?No, only if older version was 6.42rc17 - 6.42rc24
Because you are upgrading from bad version. upgrade from any of my previously mentioned rc versions most likely will fail.
You don't have to believe me,but upgrade from rc26 to rc27 works, so there is very big chance that upgrade from rc27 will also work It is still an RC version anyway so anything can happen.And we should just believe you when you say it all works perfectly again starting from the untested ( by users ) 6.42.rc27 version?
Just a heads up, Mikrotik usually has some issue with Intel cards, they generally get them fixed, but Intel's drivers are garbage.
You don't have to believe me,but upgrade from rc26 to rc27 works, so there is very big chance that upgrade from rc27 will also work It is still an RC version anyway so anything can happen.And we should just believe you when you say it all works perfectly again starting from the untested ( by users ) 6.42.rc27 version?
I do not see the reason for complains, RC was always test version for those who are willing to test it on routers in test environment where netinstalling router is not a problem.
If you put test version on production router or only remotely reachable routers then that is on you.
@edinorog Yes, if you upgrade from bad version upgrade may fail even if you upgrade to final 6.42.
Developer doing a debug? Well, they know how to don't the wrong things passively.Why isn't there a test that you can run as developers to see wether you can use a version to upgrade to a version with a higher number? Should be a basic test that prevents us from heaving these issues.
thanks for adding that... but i hope the spelling within winbox is allow-signal-out-of-range*) capsman - added "allow-signal-out-off-range" option for Access List entries (CLI only);
Where is the Dude client? Again?What's new in 6.42rc27 (2018-Feb-14 11:53):
Okay this is indeed perfectly true, but why do support insist on a 6.41.1 and 6.41.2 tickets running RC on production routers or else the fix will have to wait until 6.42 final?Please remember what we have been telling from the first public rc release - rc versions are provided for MikroTik enthusiasts who are ready to Netinstall router if necessary. Versions are tested on few routers and released right away. If you are experiencing issues with an upgrade and do not want to Netinstall devices any more, then you should wait for a final 6.42 release.
As it was mentioned several times before in this topic. Upgrade happens on old version
6.42rc17 - 6.42rc24 are bad versions, so if you want to upgrade from these versions, use netinstall from the beginning.
Answered many times before! The old version is the one that performs upgrade. We can't fix a released and installed version.As it was mentioned several times before in this topic. Upgrade happens on old version
6.42rc17 - 6.42rc24 are bad versions, so if you want to upgrade from these versions, use netinstall from the beginning.
Will there be no fix that is ist possible to upgrade from one of this versions?
Or what a bout a downgrade e.g. from 6.42.rc20 to 6.41.2 ?
Thank you very, very much!!What's new in 6.42rc28 (2018-Feb-16 07:02):
*) chr - added "virtio-scsi" driver on KVM installations;
*) chr - added support for Hyper-V ballooning;
*) chr - added support for Hyper-V guest quiescing;
*) chr - added support for Hyper-V host-guest file transfer;
*) chr - added support for Hyper-V integration services;
*) chr - added support for Hyper-V static IP injection;
*) chr - added support for NIC hot-plug on VMware and Xen installations;
Well, you definitely cannot, but I assume it would be technically possible to provide a dedicated application (as an npk file) which would both perform the configuration upgrade and then install the software upgrade instead of the running version. I understand that this would be way too much effort to spend on every single RC version just to save the adrenaline addicts who use RC for machines they cannot easily reach for netinstall, but I had a case of losing conifguration when upgrading from 6.41 stable to 6.42rc9. Netinstall wasn't necessary in this case, but I would have been very disappointed if that would have happened to me when upgrading the 6.41 to 6.41.2 1500 km crow line away on the same model (which luckily didn't happen).We can't fix a released and installed version.As it was mentioned several times before in this topic. Upgrade happens on old version
Will there be no fix that it is possible to upgrade from one of this versions?
Apologies, this is probably because my imagination was not wild enough to admit that the task of downloading a binary and applying it could go so much wrong So I've assumed that the configuration conversion must be the culprit.I think you are mixing two different things. Upgrade failure had nothing to do with configuration. Software installation process was redesigned, which led to "bricked" (unable to boot) routers in those RC versions.
Oh no... I also had a CHR running same RC in qemu/kvm and bang wouldn't even boot. Quickest fix was I had backup image of the CHR and always download current backups. Copied over current image and then uploaded the backup and restored, since its the same CHR.6.42rc28 wrecked my CHR on libvirtd / Qemu KVM setup. Virtio network interfaces aren't recognized anymore.
Do not install 6.42rc28 on KVM CHR!
Still trying to salvage this thing, will write more later...
1. setting this one within CAPSMAN would be nice to have.What's new in 6.42rc27 (2018-Feb-14 11:53):
*) wireless - added support for "band=5ghz-n/ac" (CLI only);
It's like the 2ghz-g/n, where is disabled the 802.11b.2. What will be the difference between "band=5ghz-a/n/ac" and "5ghz-n/ac"? Some kind of old compatible mode on the first one that will be disabled on the second and therefore results in higher performance?
can mikortik tell us if this is (presumably) implied for capsman as well?*) wireless - fixed incompatibility with macOS clients
yes mikrotik, please tell us if disabling an old band mode results in an improvement. dont make me create a new email ticket for every question1. setting this one within CAPSMAN would be nice to have.What's new in 6.42rc27 (2018-Feb-14 11:53):
*) wireless - added support for "band=5ghz-n/ac" (CLI only);
2. What will be the difference between "band=5ghz-a/n/ac" and "5ghz-n/ac"? Some kind of old compatible mode on the first one that will be disabled on the second and therefore results in higher performance?
The same occurs in VirtualBox since rc23 (I saw this after the upgrade from rc20 to rc23).However, whatever I try, RouterOS sees the LAN interface as ether2 and the internet interface as ether1. So what is called
network interface 1 in ESXi is ether2 in RouterOS.
Even when I deleted the second network interface and reset the configuration, seeing that LAN is ether1 and everything is correct,
as soon as I added the extra interface the names were swapped again.
Well, RC Versions are not meant to be production ready versions. So expect them to break stuff. And because of that, only use them in a lab or test environment, where you are happy to do netinstall if things break.If you bring out a version that *bricks* hardware you must consider that it will not happen. maybe a special intermediate version to repair version rc20-24. It can not be true that one be forced to use rc20 till the end of lifetime of that hardware!
I had a CHR that was originally installed on VMware ESXi some versions ago when only the bare disk image was available.
(using the trick of converting the image to SCSI)
It initially had ether1 connected to a LAN network (which has access to internet via another router), later ether2 was added
directly connected to internet, and configured in RouterOS. It had Dude installed but not enabled at this time.
As it was effectively stuck at 6.42rc20 because of the update bug, I exported the config and the dude database and created a
new VM from the 6.42rc28 OVA file. I connected ether1 to the LAN and added a second network interface to the VM, again
connected to internet as before.
However, whatever I try, RouterOS sees the LAN interface as ether2 and the internet interface as ether1. So what is called
network interface 1 in ESXi is ether2 in RouterOS.
Even when I deleted the second network interface and reset the configuration, seeing that LAN is ether1 and everything is correct,
as soon as I added the extra interface the names were swapped again.
I gave in and edited my exported config to match the swapped ether1 and ether2 and everything now works as before,
but what is going on here? it is confusing and inconvenient.
6.42rc28 wrecked my CHR on libvirtd / Qemu KVM setup. Virtio network interfaces (or any interfaces at all) aren't recognized anymore.
Do not install 6.42rc28 on KVM CHR!
Still trying to salvage this thing, will write more later...
Add: Just managed to get 6.41.2 installed. Had to get the stable package file to the guest first somehow, which if you don't have any way of officially interacting with the guest on the host (interfaces are all down) is quite the ordeal:I can only repeat: Don't install rc28 on QEMU/KVM!!
- mount raw image with manually calculated offset
- put file in right place in Linux file system underlying RouterOS
- run guest, qemu console to it, login, do /system package downgrade
Yes. "Release Candidate" normaly is something that is expected to be near production quality:Hello!
Well, RC Versions are not meant to be production ready versions. So expect them to break stuff. And because of that, only use them in a lab or test environment, where you are happy to do netinstall if things break.If you bring out a version that *bricks* hardware you must consider that it will not happen. maybe a special intermediate version to repair version rc20-24. It can not be true that one be forced to use rc20 till the end of lifetime of that hardware!
PS: I still advocate that MikroTik changes the name of the "release candidate" version to "beta", "development" or "unstable" version. Just to be crystal clear about it's purpose and for the sake of customer happiness.
/port
set 0 baud-rate=115200
/system console
set [ find ] disabled=yes
You are not forced to use rc20. Use netinstall to install version.It can not be true that one be forced to use rc20 till the end of lifetime of that hardware!
What about that experience:You are not forced to use rc20. Use netinstall to install version.It can not be true that one be forced to use rc20 till the end of lifetime of that hardware!
Bricked RB3011UiAS-RM by updating from rc20 To rc27.
LCD shows always "starting services"...
Netinstall wont work anymore... LCD shows ether Boot but Router will not apear in netinstall GUI. Troubleshoot this with other mikrotik products they imedatly apear on the GUI at the same win7 machine with same settings and cable/port...
don't update from any RC!!! it will brick the device.
I have it working on ESXi but see above for an issue I have (the sequence of the ESXi interfaces is not the same as the ether#)rc28 broken for chr+esxi?
using vmxnet3 drivers, two interfaces becomes one and the one interface that's there has a mac of all zeros.
No. There is no usermanager for this router, also not for stable version.hi guys, on my rb750Gr3 with firmware 6.42rc28 I wanted to mount a hotspot for a job. I can not install the user-manager package.
Are there any solutions?
then, after doing a reset and installing version 6.41.2 I tried to reinstall the package user-manager-6.42rc20-mmips.npk but nothing to do. after reboot the package is not installedWhy it doesn't install? What's in Log after reboot? We're not telepathists...
That is normal! You can ONLY install the same version!then, after doing a reset and installing version 6.41.2 I tried to reinstall the package user-manager-6.42rc20-mmips.npk but nothing to do. after reboot the package is not installed
That is a pity indeed. It looks like the forum database has crashed and a backup has been loaded.I see that the previous posts have been deleted.
This is broken again. Sent my info to [Ticket#2018012322003459].*) ipsec - properly detect interface for "mode-config" client IP address assignment;
Try the ether1 on hEX (750Gr3) and connect it directly to PC.I have the rb 750gr3 in continuous loop, after 5 seconds reboots and makes a beep, can you restore the firmware maybe via micro sd or with the usb port?
With netinstall it does not see the cpu.
This is wellknown, no need to report it, read above. The problem is that rc20 won't update to anything. Not a problem with rc30 as you suspect.6.42rc30 makes the RB3011 unbootable! Don't install!
Updated from rc20 to rc30, didn't boot back up. Resetting didn't do anything, so I had to netinstall back the stable. And that even only worked after three tries.
Hi guys, I solved with windows xp, with win10 I could not see the rb750gTry the ether1 on hEX (750Gr3) and connect it directly to PC.I have the rb 750gr3 in continuous loop, after 5 seconds reboots and makes a beep, can you restore the firmware maybe via micro sd or with the usb port?
With netinstall it does not see the cpu.
Tips: viewtopic.php?f=13&t=131072#p643620
Did you update winbox too?There is a bug in last versions, you cant usually add interface to bridge port via winbox..
3.12Did you update winbox too?There is a bug in last versions, you cant usually add interface to bridge port via winbox..
original post hereshort version: With this routerOS version, if there is single client with older card like CM9, then all other clients got no change to communicate without issues.
Simply if such client is connected to AP, then mobile and notebook have horrible connectivity and LG TV and hama radio got disconnected always after few seconds.
long version: Starting with 6.37 (actually already before, if previous FWs like 6.36.4 were switched to use wireless-rep) in combination with old HW like CM9, R52 on client side, wireless channel becomes useless for all (other clients of same AP and also clients of other APs on same channel). Same issue is still there with 6.42rc20.
...
23 I H ether24 bridge1 yes 64 0x80 10 10 none
24 H Core bridge1 yes 64 0x80 10 10 none
[admin@labb-mgmt-1] /interface bridge port>
/interface ethernet
set [ find default-name=sfp-sfpplus2 ] mac-address=6C:3B:6B:ED:F8:46
/interface bridge
add igmp-snooping=yes name=bridge1 protocol-mode=none pvid=64 vlan-filtering=yes
/interface bonding
add lacp-rate=1sec min-links=1 mode=802.3ad name=Core slaves=sfp-sfpplus1,sfp-sfpplus2 transmit-hash-policy=\
layer-3-and-4
Have you set admin-mac on the bridge?Tested This New RC. My Bridge LACP bridge problem still exists. Not reachable through lacp bond if no other local port on bridge is active.
ip dhcp-client connected to bridge1 does eternal searching after reboot disable and enable fixes the problem
Fixed in 6.42rc35. Thanks!This is broken again. Sent my info to [Ticket#2018012322003459].*) ipsec - properly detect interface for "mode-config" client IP address assignment;
/system package update install
channel: release-candidate
current-version: 6.42rc30
latest-version: 6.42rc35
status: ERROR: not enough disk space, 19.4MiB is required and only 18.1MiB is free
/system resource print
uptime: 2m44s
version: 6.42rc30 (testing)
build-time: Feb/20/2018 10:44:28
free-memory: 203.1MiB
total-memory: 221.7MiB
cpu: Intel(R)
cpu-count: 2
cpu-frequency: 2594MHz
cpu-load: 0%
free-hdd-space: 18.2MiB
total-hdd-space: 63.5MiB
write-sect-since-reboot: 416
write-sect-total: 417
architecture-name: x86_64
board-name: CHR
platform: MikroTik
I have only created the bridge1 interface.Have you set admin-mac on the bridge?
/interface bridge export
# mar/12/1970 15:13:17 by RouterOS 6.42rc35
# software id = M8A7-BVIJ
#
# model = CRS326-24G-2S+
/interface bridge
add igmp-snooping=yes name=bridge1 protocol-mode=none pvid=64 vlan-filtering=yes
/interface bridge port
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether1 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether2 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether3 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether4 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether5 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether6 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether7 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether8 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether9 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether10 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether11 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether12 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether13 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether14 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether15 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether16 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether17 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether18 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether19 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether20 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether21 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether22 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether23 pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether24 pvid=64
add bridge=bridge1 frame-types=admit-only-vlan-tagged ingress-filtering=yes interface=Core pvid=64
/interface bridge vlan
add bridge=bridge1 tagged=Core untagged="bridge1,ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10
,ether11,ether12,ether13,ether14,ether15,ether16,ether17,ether18,ether19,ether20,ether21,ether22,ether23,ether24" \
vlan-ids=64
/interface bridge print detail
Flags: X - disabled, R - running
0 R name="bridge1" mtu=auto actual-mtu=1500 l2mtu=1592 arp=enabled arp-timeout=auto mac-address=6C:3B:6B:ED:F8:2E
protocol-mode=none fast-forward=yes igmp-snooping=yes auto-mac=yes ageing-time=5m vlan-filtering=yes pvid=64
/interface bonding export
# mar/12/1970 15:15:33 by RouterOS 6.42rc35
# software id = M8A7-BVIJ
#
# model = CRS326-24G-2S+
/interface bonding
add lacp-rate=1sec min-links=1 mode=802.3ad name=Core slaves=sfp-sfpplus1,sfp-sfpplus2 transmit-hash-policy=\
layer-3-and-4
Sure, i tried multiple channels, also two bands, i tried to change nearly each wireless setting.@jmi2
original post hereshort version: With this routerOS version, if there is single client with older card like CM9, then all other clients got no change to communicate without issues.
Simply if such client is connected to AP, then mobile and notebook have horrible connectivity and LG TV and hama radio got disconnected always after few seconds.
long version: Starting with 6.37 (actually already before, if previous FWs like 6.36.4 were switched to use wireless-rep) in combination with old HW like CM9, R52 on client side, wireless channel becomes useless for all (other clients of same AP and also clients of other APs on same channel). Same issue is still there with 6.42rc20.
...
Did you check different frequencies? I had two 912UAG-5HPnD and one 411U with R52 connected to another 411U with R52 at 5200MHz with one 912 constantly dropping connection. Can't completely rule out, that nothing else was using the spectrum at that frequency but scanning for wlans at 20MHz bandwidth didn't show anything. But changing to 5220MHz stabilized the connection
feb/27 00:18:22 dhcp,warning dhcp1 offering lease x.x.x.x for C0:FF:EE:00:BA:BE w
ithout success
feb/27 00:18:22 dhcp,warning dhcp1 offering lease x.x.x.x for C0:FF:EE:00:BA:BE w
ithout success
I have only created the bridge1 interface.Have you set admin-mac on the bridge?
<...>
what do you make of that?
/interface bridge
set bridge1 auto-mac=no admin-mac=6C:3B:6B:ED:F8:2E
Back to 6.41 - and it's fine again:10:50:58 ipsec Adjusting my encmode UDP-Tunnel->Tunnel
10:50:58 ipsec Adjusting peer's encmode UDP-Transport(4)->Transport(2)
10:50:58 ipsec encmode mismatched: my:Tunnel peer:Transport
Settings are quite straightforward:10:55:18 ipsec Adjusting my encmode UDP-Transport->Transport
10:55:18 ipsec Adjusting peer's encmode UDP-Transport(4)->Transport(2)
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha256,sha1
/interface l2tp-server server
set authentication=mschap2 enabled=yes ipsec-secret=wonttellyou use-ipsec=yes
I suppose, you might have shrinked the disk, as normally (AFAIK) 128MB is the starting disk size of CHR in every type.Upgrade fails on CHR:Upgrade path was 6.41.2 -> 6.42rc30 -> 6.42rc35. The system does not list any files except directories "skins" and "pub".Code: Select all/system package update install channel: release-candidate current-version: 6.42rc30 latest-version: 6.42rc35 status: ERROR: not enough disk space, 19.4MiB is required and only 18.1MiB is free /system resource print uptime: 2m44s version: 6.42rc30 (testing) build-time: Feb/20/2018 10:44:28 free-memory: 203.1MiB total-memory: 221.7MiB cpu: Intel(R) cpu-count: 2 cpu-frequency: 2594MHz cpu-load: 0% free-hdd-space: 18.2MiB total-hdd-space: 63.5MiB write-sect-since-reboot: 416 write-sect-total: 417 architecture-name: x86_64 board-name: CHR platform: MikroTik
Yes, this is an installation from the really early days of CHR.I suppose, you might have shrinked the disk, as normally (AFAIK) 128MB is the starting disk size of CHR in every type.Upgrade fails on CHR:Upgrade path was 6.41.2 -> 6.42rc30 -> 6.42rc35. The system does not list any files except directories "skins" and "pub".Code: Select all/system package update install channel: release-candidate current-version: 6.42rc30 latest-version: 6.42rc35 status: ERROR: not enough disk space, 19.4MiB is required and only 18.1MiB is free /system resource print uptime: 2m44s version: 6.42rc30 (testing) build-time: Feb/20/2018 10:44:28 free-memory: 203.1MiB total-memory: 221.7MiB cpu: Intel(R) cpu-count: 2 cpu-frequency: 2594MHz cpu-load: 0% free-hdd-space: 18.2MiB total-hdd-space: 63.5MiB write-sect-since-reboot: 416 write-sect-total: 417 architecture-name: x86_64 board-name: CHR platform: MikroTik
Or you started using CHR from the beginning, then 64MB was the starting size of the disk (as far as I can remember).
I can see 95+MiB total-hdd-space in every CHR I use, and 60+MiB free-hdd-space, so upgrade is always successful for me.
Probably, you should try resizing the disk of the CHR, then it might use the extra space, but probably, only the installation phase can resize the inner filesystem of CHR.
You should start from scratch, as stated in the System Requirements wiki, there 128MB of RAM and 128MB of disk space is required to operate/install CHR. You only need to copy out the current configuration, probably nothing more is needed.
Thanks for the quick response. Is there any workaround? I'm trying to setup it in Google Cloud so I cannot downgrade to 6.41.Thanks, Chupaka. We will fix this in next versions.
I have same problem and yes I have admin-mac on brigde.Have you set admin-mac on the bridge?Tested This New RC. My Bridge LACP bridge problem still exists. Not reachable through lacp bond if no other local port on bridge is active.
ip dhcp-client connected to bridge1 does eternal searching after reboot disable and enable fixes the problem
Thanks mrz....We are aware of this DHCP client problem, will try to fix in one of the next RC versions.
That is right, it is for CHR. Well, it appears to be a on-off problem, I did not see it in 6.42rc30 and it returned in 6.42rc35 but maybe that is pure coincidence.pe1chl - I assume that you are referring to CHR. This problem is not related to this concrete RouterOS version, however, we will fix it in upcoming RouterOS releases.
You can downgrade to previous release candidate version or configure IPsec with static policies instead of using policy template to generate them.Thanks for the quick response. Is there any workaround? I'm trying to setup it in Google Cloud so I cannot downgrade to 6.41.
Doesn't run in rc35 compared to what? Can't it beLooks like up-script from netwatch is no longer run with 6.42rc35. Are there any changes not mentioned in changelog?
What's new in 6.42rc30 (2018-Feb-20 10:44):
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
Ups, I skipped 6.42rc30 due to issues with ipsec and missed that change. Thanks for the hint!Doesn't run in rc35 compared to what? Can't it beLooks like up-script from netwatch is no longer run with 6.42rc35. Are there any changes not mentioned in changelog?What's new in 6.42rc30 (2018-Feb-20 10:44):
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
There is something specific to your setup that is causing access to the CPU being lost. Please write to support@mikrotik.com, attach the supout.rif file and a small, simplified network diagram (preferably with device's model name on the other end).Are you aware and have reproduced the LACP problem aswell?
My scripts requires "sensitive"... So back to scheduler with a high interval.Ups, I skipped 6.42rc30 due to issues with ipsec and missed that change. Thanks for the hint!Doesn't run in rc35 compared to what? Can't it beLooks like up-script from netwatch is no longer run with 6.42rc35. Are there any changes not mentioned in changelog?What's new in 6.42rc30 (2018-Feb-20 10:44):
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
Looks like I have to figure what exactly breaks my scripts.
Sounds wrongMy scripts requires "sensitive"... So back to scheduler with a high interval.
It works, thanksYou can downgrade to previous release candidate version or configure IPsec with static policies instead of using policy template to generate them.
The script reads and writes private-pre-shared-key from "/ interface wireless access-list" and sends e-mails. Both actions require "sensitive".Sounds wrongMy scripts requires "sensitive"... So back to scheduler with a high interval.
That's what I did. But it does no longer work.Can't you just create script in System -> Scripts and run it from on-up event of Netwatch?
/ip firewall connection remove [find dst-address ~ ":3478"];
/ip firewall connection remove [find dst-address ~ ":3479"];
/ip firewall connection remove [find dst-address ~ ":4569"];
/ip firewall connection remove [find dst-address ~ ":5060"];
Since rc35 CAPs do no longer get an DHCP IP-address if the DHCP client runs on a bridge.What's new in 6.42rc37 (2018-Mar-01 09:29):
Thanks, I added this to make my CAPs work again:We are aware of dhcp client problem on bridge interface, we will fix it in future RC versions. Disable/enable bridge or dhcp client and it will get an address.
/system scheduler
add name=DHCP-restart on-event=DHCP-restart policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
/system script
add name=DHCP-restart owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
":delay 15\r\
\n/interface bridge disable bridgeLocal\
\n:delay 2\
\n/interface bridge enable bridgeLocal\
\n"
This helps just for smaller kids. Larger kids understand what is going on, and set an other DNS server.You can always configure OpenDNS as your DNS server
That's why you should block any traffic in chain=forward and force using web proxyEven then they can use VPN and bypass OpenDNS DNS.
it's okay as you say if I want to screen all the traffic, even the adults.You can always configure OpenDNS as your DNS server, either as the DNS for the router itself and then advertise the router address as DNS server in DHCP
or by advertising the OpenDNS servers in DHCP, and then configure an OpenDNS account on your internet address with the settings you like.
You do not require kid-control for that.
That is what I see too, so then you have lost the battleWhen you close your entire router they can use their 3G/4G connection.
failure: ether2 is already slave
You should add the bonding interface, not the ethernet interface!When I try to add the ether interfaces to the bridge, I get the following error message:Code: Select allfailure: ether2 is already slave
The documentation says add both.You should add the bonding interface, not the ethernet interface!
It's showing ether3 and ether4 also in the bridge as non-bonded ports as an example, but the bonded interface consisting of ether1 and ether2 is added to the bridge just as bond1.The documentation says add both.
With dhcp options and option sets you can define different DNS servers for specific users by mac address.it's okay as you say if I want to screen all the traffic, even the adults.You can always configure OpenDNS as your DNS server, either as the DNS for the router itself and then advertise the router address as DNS server in DHCP
or by advertising the OpenDNS servers in DHCP, and then configure an OpenDNS account on your internet address with the settings you like.
You do not require kid-control for that.
I want to isolate children from filtered dns like norton, but adult traffic is open to everything. If it would be possible to insert custom dns on mac address kid it would be much easier.
You are right, my mistake. But I don't get the "H" flag on the bonding device and it still not work. Also today I get the following messages on serial console, when I tried to reconfigure the bonding device:It's showing ether3 and ether4 also in the bridge as non-bonded ports as an example, but the bonded interface consisting of ether1 and ether2 is added to the bridge just as bond1.The documentation says add both.
MikroTik 6.42rc37 (testing)
MikroTik Login:
Rebooting...
Stopping services...
Internal error: Oops: 17 [#1] SMP
CPU: 0 Not tainted (3.3.5 #11)
PC is at bond_netdev_event+0x5c/0x158 [bonding@0x7f244000]
LR is at notifier_call
[admin@MikroTik] /interface bonding> set bond2 mtu=8148
failure: could not set mtu
[admin@MikroTik] /interface bonding>
Got a similar issue but I have a 128MB partitionI suppose, you might have shrinked the disk, as normally (AFAIK) 128MB is the starting disk size of CHR in every type.Upgrade fails on CHR:Upgrade path was 6.41.2 -> 6.42rc30 -> 6.42rc35. The system does not list any files except directories "skins" and "pub".Code: Select all/system package update install channel: release-candidate current-version: 6.42rc30 latest-version: 6.42rc35 status: ERROR: not enough disk space, 19.4MiB is required and only 18.1MiB is free /system resource print uptime: 2m44s version: 6.42rc30 (testing) build-time: Feb/20/2018 10:44:28 free-memory: 203.1MiB total-memory: 221.7MiB cpu: Intel(R) cpu-count: 2 cpu-frequency: 2594MHz cpu-load: 0% free-hdd-space: 18.2MiB total-hdd-space: 63.5MiB write-sect-since-reboot: 416 write-sect-total: 417 architecture-name: x86_64 board-name: CHR platform: MikroTik
Or you started using CHR from the beginning, then 64MB was the starting size of the disk (as far as I can remember).
I can see 95+MiB total-hdd-space in every CHR I use, and 60+MiB free-hdd-space, so upgrade is always successful for me.
Probably, you should try resizing the disk of the CHR, then it might use the extra space, but probably, only the installation phase can resize the inner filesystem of CHR.
You should start from scratch, as stated in the System Requirements wiki, there 128MB of RAM and 128MB of disk space is required to operate/install CHR. You only need to copy out the current configuration, probably nothing more is needed.
[admin@MikroTik] /log> /system package update install
channel: release-candidate
current-version: 6.42rc28
latest-version: 6.42rc37
status: ERROR: not enough disk space, 10.0MiB is required and only 3.7MiB is free
[admin@MikroTik] /log> /system resource print
uptime: 41m13s
version: 6.42rc28 (testing)
build-time: Feb/16/2018 07:02:32
free-memory: 90.7MiB
total-memory: 128.0MiB
cpu: MIPS 74Kc V4.12
cpu-count: 1
cpu-frequency: 600MHz
cpu-load: 11%
free-hdd-space: 3872.0KiB
total-hdd-space: 128.0MiB
write-sect-since-reboot: 5375
write-sect-total: 31175782
bad-blocks: 0%
architecture-name: mipsbe
board-name: RB951Ui-2HnD
platform: MikroTik
My exact thoughts. Why?There now is support for "band=5ghz-n/ac" in the GUI but none in the capsman GUI.
Please please please do some work on IPv6!
E.g. following priorities from this posting: viewtopic.php?f=2&t=123302
Things I really need, the sooner the better:
- route marking and multi route tables using marks as in IPv4
(via ipv6 firewall mangle and/or ipv6 route rule)
- configurable IPv6 nameservers in DHCPv6 and RA, or at least the option to publish the router's own
address as nameserver instead of the configured external DNS servers
Which products support 160Mhz? Thanks
*) winbox - added 160 MHz "channel-width" to wireless settings
Is this supposed to show under Terminal or via Winbox DHCP-Client Window row dispaly ? If its under window mine does not show the "D: flag as described for the release. If its under Terminal it does show up as in the Flags: rowWhat's new in 6.42rc39 (2018-Mar-07 07:01):
*) winbox - show "D" flag under "/ip dhcp-client" menu;
Yes can't agree more. Have got 6to4 backup as well as other tunnels but no can't route it properly, or heaven's forbid the ability to route specific ipv6 traffic over better suited tunnelsI It is incredible that we have no improvement for IPv6.
Please please please do some work on IPv6!
E.g. following priorities from this posting: viewtopic.php?f=2&t=123302
Things I really need, the sooner the better:
- route marking and multi route tables using marks as in IPv4
(via ipv6 firewall mangle and/or ipv6 route rule)
- configurable IPv6 nameservers in DHCPv6 and RA, or at least the option to publish the router's own
address as nameserver instead of the configured external DNS servers
Could we expect MAC-addresses list implemented?What's new in 6.42rc39 (2018-Mar-07 07:01):
.....
*) wireless - added support for "interface-list" for Access List entries;
.....
To me CAPsMAN along with VLANs works in 6.41+, so can you open a separate topic for that and describe what you want to achieve? Maybe a workaround can be found.Is CAPsMAN's VLAN implementation going to be fixed to work with the new bridge implementation? Now PVID seems to be used over VLAN and therefore makes CAPsMAN a little unusable.
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts;
*) bridge - added per-port learning options;
*) bridge - added support for static hosts;
[admin@MikroTik] > interface bridge port set learn=
auto no yes
For those still wondering, I found this https://wiki.mikrotik.com/wiki/Manual:C ... es#BondingStrods?What does "initial" mean here?
*) crs3xx - added initial hw-offload support for 802.3ad and balance-xor bonding
Such reports are probably meaningless without included export of your configuration, at least the firewall, queueing and routing part.Getting very poor performance with FastTrack, hap ac, 150Mbps download speed slows down to 15Mbps. Fasttrack disabled and I can get full speed. This only started recently, so I imagine it is from one of the RC's.
Well done!*) crs3xx - added initial "hw-offload" support for 802.3ad and "balance-xor" bonding;
[admin@MikroTik] /interface bonding> set bond2 mtu=8148
failure: could not set mtu
[admin@MikroTik] /interface bonding>
Can allso Confirm that my LACP probelm still exists: accessing the ip owned by bridge over hw offloaded tag'ed only vlan lacp is not possible. Arp on upstream client gets mac for bridge/ip but no luck pinging or connecting.Well done!*) crs3xx - added initial "hw-offload" support for 802.3ad and "balance-xor" bonding;
I can confirm it's working on a CRS326 now. Still open is the issue to change MTU size.
Code: Select all[admin@MikroTik] /interface bonding> set bond2 mtu=8148 failure: could not set mtu [admin@MikroTik] /interface bonding>
You must set L2MTU on slave interfaces first.Well done!
I can confirm it's working on a CRS326 now. Still open is the issue to change MTU size.
Code: Select all[admin@MikroTik] /interface bonding> set bond2 mtu=8148 failure: could not set mtu [admin@MikroTik] /interface bonding>
Q: How do you set the "default" option for "Unknown Unicast Flood", "Unknown Multicast Flood" and "Broadcast Flood" overall for an interface. It seems like dynamic interfaces (say an l2tp interface on the bridge) default to all flooding ON can you can't modify the options. I wonder if you can add a "Default Unknown Unicast Flood", "Default Unknown Multicast Flood", and "Default Broadcast Flood" option to the bridge, OR allow the ppp profile to set the bridge options similar to how you can set horizon.What's new in 6.42rc39 (2018-Mar-07 07:01):
*) bridge - added per-port forwarding options for broadcasts, unknown-multicasts and unknown-unicasts;
*) bridge - added per-port learning options;
*) bridge - added support for static hosts;
*) bridge - fixed reliability on software bridges when used on devices without switch chip;
Many thanks for the hint. It's working now.You must set L2MTU on slave interfaces first.Well done!
I can confirm it's working on a CRS326 now. Still open is the issue to change MTU size.
Code: Select all[admin@MikroTik] /interface bonding> set bond2 mtu=8148 failure: could not set mtu [admin@MikroTik] /interface bonding>
+1Please would MikroTik consider allowing us to set granular pps (packets per second) filtering on ports, instead of percentage. 1% of 10 Gbps is still 100 Mbps, this would rapidly exhaust MAC address tables and take the network offline.
I've been using QinQ trunking in software bridges on a hex for sometime now. Nothing really special to report about it. I imagine it's software switched but for me that's not a problem.Are there plans to provide dot1q-tunnel equivalent features and switch port rules to manipulate two VLAN tags? (eg pop outer and inner tags and replace them with others)
# jan/13/1970 03:06:17 by RouterOS 6.42rc39
# software id = JLRA-QA36
#
# model = CRS326-24G-2S+
# serial number = 763C06E78477
/interface ethernet
set [ find default-name=sfp-sfpplus2 ] mac-address=6C:3B:6B:ED:F9:E6
/interface bridge
add admin-mac=6C:3B:6B:ED:F9:E6 auto-mac=no fast-forward=no name=bridge1 protocol-mode=none pvid=64 vlan-filtering=yes
/interface bonding
add lacp-rate=1sec min-links=1 mode=802.3ad name=Core slaves=sfp-sfpplus1,sfp-sfpplus2 transmit-hash-policy=layer-3-and-4
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=Core pvid=64
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether1 pvid=64 unknown-multicast-flood=no unknown-unicast-flood=no
/interface bridge vlan
add bridge=bridge1 tagged=Core untagged=bridge1,ether1 vlan-ids=64
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=bridge1
/system identity
set name=dc-jkb-dsa-4
/system package update
set channel=release-candidate
/system routerboard settings
set boot-os=router-os silent-boot=no
I've been using QinQ trunking in software bridges on a hex for sometime now. Nothing really special to report about it. I imagine it's software switched but for me that's not a problem.
Are there plans to provide dot1q-tunnel equivalent features and switch port rules to manipulate two VLAN tags? (eg pop outer and inner tags and replace them with others)
Well the CPU is weak, but not THAT weak. To have that problem you would have to do IPsec or extremely lot of (and badly ordered) filters.Exactly... The CPUs in CRS class devices are weak, extremely weak. I assisted someone recently that couldn't do 10Mbps routing on a CRS125, as this was software based.
No, everyone is now working on the big IPv6 update!small changelog, final version soon?
No, everyone is now working on the big IPv6 update!
(I am dreaming...)
And nothing in Log?It just reboots and I am stuck on 6.42rc41
can anyone please describe in numeric format, what "large amount" means?*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
Could you please comment on why this change was made?*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
My guess would be that routers are powered off-on during initialization when it takes so long, and configuration gets inconsistent resulting in complaints or returns.Specifically on older boards (with single-core 400MHz CPUs), this generation can take a long time.
Lets say I power-on a new router , or a router that has been reset to empty config.
It's way more comfortable for me for that router to generate its SSH keys while I might be clicking doing other things, rather than make me wait when I want to connect.
One is RouterOS version, the other is boot firmware version.Under System -> Routerboard I can see factory ROS version, while under System -> Resources it is blank field.
+1Could you please comment on why this change was made?*) ssh - generate SSH keys only on the first connect attempt instead of the first boot;
Is it not better to generate these at startup than to make an user wait the first time he connects?
Specifically on older boards (with single-core 400MHz CPUs), this generation can take a long time.
Lets say I power-on a new router , or a router that has been reset to empty config.
It's way more comfortable for me for that router to generate its SSH keys while I might be clicking doing other things, rather than make me wait when I want to connect.
But what is the benefit - what was the original need to change this?Waiting time is not too long. This kind of implementation will satisfy the biggest part of the users so we decided to re-make this generate process.
Good afternoon.
Such a problem - 6.42rc43 +hAP AC^2 = boot loop. If you roll 6.42rc43 and do not update the firmware, everything seems to be fine, but it's worth updating the firmware and the router stupidly goes to the boot loops. At the same time, I tried to download a stable version via nethinstall, but there is still a loop.
If the router reboots from the button (pull out the button, hold down the button, insert the PS and wait for 20 seconds, the router allows you to go through the winbox, but if you just reboot or turn it off / on, it's a loop again.
I was able to roll back to stable firmware in this way - installed 6.41.3, then rebooted from the button to the factory, connected to winbox and rolled firmware by pressing "update firmware" several times and then rebooted the device.
So it goes.
Sincerely.
Can confirm the issue, 6.42rc43 RouterBoot and hAP AC^2 don't mix well.Good afternoon.
Such a problem - 6.42rc43 +hAP AC^2 = boot loop. If you roll 6.42rc43 and do not update the firmware, everything seems to be fine, but it's worth updating the firmware and the router stupidly goes to the boot loops. At the same time, I tried to download a stable version via nethinstall, but there is still a loop.
I faced this kind of problem in WinBox a few times (enabling ipip and eoip interfaces, AFAIR) on ~v6.40-41I'm getting this error "no such item (4)" when enabling or disabling the pppoe client interface. Router is RB750Gr3 6.42RC43.
Note that this problem is not unique to 6.42RC43. I've encountered it before. It's just that I've only started looking into it now.
Hi strods,*) routerboot - fixed RouterBOOT upgrade process (introduced in v6.42rc);
Before such protocols are of any use to us, we need you to implement airMAX, the other guys to implement NV2, or you both agreeWe have made a potentially significant improvement for wireless Nv2 PtMP configurations in the latest 6.42rc version release.
All the changes are on the AP side so you need to upgrade the AP. Client version can stay the same.Regarding nv2.
Do we update clients and ap or just ap?
Hi strods,atlanticd - Yes, that is the fix for the problem. Please test it and report back to us with the results.
free-memory: 79.1MiB
total-memory: 106.3MiB
uptime: 1d7h32m31s
version: 6.40.5 (stable)
build-time: Oct/31/2017 13:05:15
factory-software: 6.40.5
free-memory: 208.7MiB
total-memory: 233.4MiB
cpu: ARMv7
cpu-count: 4
cpu-frequency: 716MHz
cpu-load: 0%
free-hdd-space: 4216.0KiB
total-hdd-space: 15.3MiB
write-sect-since-reboot: 136
write-sect-total: 136
bad-blocks: 0%
architecture-name: arm
board-name: hAP ac^2
platform: MikroTik
Is the version a typo? My systems find 6.42rc49.What's new in 6.42rc48 (2018-Mar-21 11:13):
Isn't a typo, were launched two versions today.Is the version a typo? My systems find 6.42rc49.
confirmed, RouterBOOT upgrade installed ok on hAP ac². Upgraded from ROS 6.41.3 to 6.42rc49, then from RouterBOOT 6.41.3 to 6.42rc49 without any problems.*) routerboot - fixed RouterBOOT upgrade process (introduced in v6.42rc);
Exactly!That is what I see too, so then you have lost the battleWhen you close your entire router they can use their 3G/4G connection.
Better to give good education.
Thank you for your report, the total-memory value will be reported correctly starting from the firmware version 6.42rc50Hi strods,atlanticd - Yes, that is the fix for the problem. Please test it and report back to us with the results.
I can confirm that the RouterBOOT firmware upgrade to 6.42rc46 works, and it is not causing boot loop anymore. However I noticed that after firmware upgrade (and only after Firmware upgrade, not ROS upgrade), the total memory and free memory shows much less than before. Instead of ~256 MB now it is ~128 MB.I reported earlier in another topic that interestingly my hAP ac^2 unit came with 256 MB unexpectedly, and a colleague from MikroTik support stated it that some unit came with more memory. Can you confirm that MikroTik now limit by intention the available memory in this new firmware just to meet the specs, even though the unit has more memory physically, or was it a software bug?Code: Select allfree-memory: 79.1MiB total-memory: 106.3MiB
Thank you.
[admin@sw-under] > interface bonding print
Flags: X - disabled, R - running
0 name="CoreUplink" mtu=1500 mac-address=64:D1:54:EA:BC:83 arp=enabled arp-timeout=auto slaves=sfp-sfpplus1,sfp-sfpplus2 mode=802.3ad primary=none link-monitoring=mii arp-interval=100ms arp-ip-targets="" mii-interval=100ms down-delay=0ms up-delay=0ms lacp-rate=1sec
transmit-hash-policy=layer-3-and-4 min-links=0
[admin@sw-under] > export
# jan/09/1970 16:55:12 by RouterOS 6.42rc43
# software id = E34N-V9KR
#
# model = CRS317-1G-16S+
# serial number = 7A1407CB40B1
/interface ethernet
set [ find default-name=sfp-sfpplus2 ] mac-address=64:D1:54:EA:BC:83
/interface bridge
add fast-forward=no igmp-snooping=yes name=bridge1 protocol-mode=none pvid=64 vlan-filtering=yes
/interface bonding
add lacp-rate=1sec mode=802.3ad name=CoreUplink slaves=sfp-sfpplus1,sfp-sfpplus2 transmit-hash-policy=layer-3-and-4
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=CoreUplink pvid=4094 unknown-multicast-flood=no unknown-unicast-flood=no
/interface bridge vlan
add bridge=bridge1 tagged=CoreUplink untagged=bridge1,ether1 vlan-ids=64
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/system identity
set name=sw-under
/system package update
set channel=release-candidate
/system routerboard settings
set boot-os=router-os silent-boot=no
[admin@sw-under] >
/interface ethernet
set [ find default-name=sfp-sfpplus2 ] mac-address=64:D1:54:EA:BC:83
Not what you ask for, but you can send you log to syslog.hello guys, in the last rc49 release, I wanted to write my hotspot logs on micro sd, only that he can not write on disk1, he always writes on flash
RG 750g3
on the log action type menu, the sd name does not appear
Synology NAS can do it if you install the Log Center package and configure it as the syslog destination for your Mikrotik. QNAP probably does something similar.nice of the info, could I use the nas synology or qnap to save or view the logs?
backup,critical mikrotik: error creating backup file: could not read all configuration files
Does this mean, that RouterOS can now be installed on UEFI devices?*) chr - added support for booting from NVMe disks;
I am also experiencing this phenomenon.Neighbors search sometimes seen, sometimes not in winbox. (CRS326)
I am also experiencing this phenomenon.Neighbors search sometimes seen, sometimes not in winbox. (CRS326)
It seems that it takes a tremendous amount of time to search RB from Winbox (3.12). After about 10 minutes, I saw some things.
- CCR1009-8G1S-S+
- RB850Gx2
- RB2011UAS
The following RBs were not searched.
- RB3011UiAS
- RB962UiGS-5HacT2HnT
I've been waiting for this! Thanks!*) chr - added support for "multi-queue" feature for "virtio-net" driver;
Me too.I've been waiting for this! Thanks!*) chr - added support for "multi-queue" feature for "virtio-net" driver;
/system resource irq print where users~"virtio"
Good tip, thanks.Per CPU, I think. Check withCode: Select all/system resource irq print where users~"virtio"
We cannot see this ticket's contents.My LACP problem is still Present in this RC ([Ticket#2018031222001218] LACP HW problem reaching bridge)
5G With WiFi Password, Firmware 6.42RC52
Connecting to host 192.168.55.203, port 5201
[ 4] local 192.168.88.253 port 50625 connected to 192.168.55.203 port 5201
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-1.00 sec 46.2 MBytes 388 Mbits/sec
[ 4] 1.00-2.00 sec 21.2 MBytes 178 Mbits/sec
[ 4] 2.00-3.00 sec 28.4 MBytes 238 Mbits/sec
[ 4] 3.00-4.00 sec 49.1 MBytes 414 Mbits/sec
[ 4] 4.00-5.00 sec 48.9 MBytes 410 Mbits/sec
[ 4] 5.00-6.00 sec 49.3 MBytes 414 Mbits/sec
[ 4] 6.00-7.00 sec 48.6 MBytes 408 Mbits/sec
[ 4] 7.00-8.00 sec 33.8 MBytes 283 Mbits/sec
[ 4] 8.00-9.00 sec 34.8 MBytes 292 Mbits/sec
[ 4] 9.00-10.00 sec 50.0 MBytes 419 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-10.00 sec 410 MBytes 344 Mbits/sec sender
[ 4] 0.00-10.00 sec 410 MBytes 344 Mbits/sec receiver
iperf Done.
Thank you very much for responding my post. Based on your information, I have already learned more about network bandwidth, throughput, and latency.When you compare tests made with different tools (e.g. iperf VS. CIFS) you have to be aware of behaviour of test "tools". Tests done using iperf are not affected by latency much (apart from usual TCP slow-start) while some more "chatty" protocol (such as CIFS file transfer) can be affected by larger latency quite much.
.......
.../system package> print
Flags: X - disabled
# NAME VERSION SCHEDULED
0 routeros-arm 6.42rc52
1 system 6.42rc52
2 X ipv6 6.42rc52
3 wireless 6.42rc52
4 hotspot 6.42rc52
5 dhcp 6.42rc52
6 mpls 6.42rc52
7 routing 6.42rc52
8 ppp 6.42rc52
9 security 6.42rc52
10 advanced-tools 6.42rc52
.../system routerboard> print
routerboard: yes
board-name: cAP ac
model: RouterBOARD cAP Gi-5acD2nD
serial-number: **************
firmware-type: ipq4000L
factory-firmware: 3.43
current-firmware: 6.42rc52
upgrade-firmware: 6.42rc52
I also have Mimosa and there the DFS even takes the network down longer. Up to some 15-20 minutes. Partially also because when the AP if 'free'd' from the DFS it takes a long time before clients are associated back and in full running mode again. Actually, if your Mimosa P2MP network is hammered by DFS you might as well not use is it at all....... completely unusable. You have to find a band/channel that has no radar or no DFS restrictions. Only then it works. (there is no way of avoiding DFS in Mimosa product line, as we can with MT. )...
Is there any bug? DFS searching time is 10minutes ??
p.s.: found answer... : IEEE 802.18-08/0016r0
Radar Detect and DFS on MikroTik
https://www.youtube.com/watch?v=ZbrbRUAfpac
Is it possible to display the time in the status window?
I understood it.I also have Mimosa and there the DFS even takes the network down longer. Up to some 15-20 minutes. Partially also because when the AP if 'free'd' from the DFS it takes a long time before clients are associated back and in full running mode again. Actually, if your Mimosa P2MP network is hammered by DFS you might as well not use is it at all....... completely unusable. You have to find a band/channel that has no radar or no DFS restrictions. Only then it works. (there is no way of avoiding DFS in Mimosa product line, as we can with MT. )...
Is there any bug? DFS searching time is 10minutes ??
p.s.: found answer... : IEEE 802.18-08/0016r0
Radar Detect and DFS on MikroTik
https://www.youtube.com/watch?v=ZbrbRUAfpac
Is it possible to display the time in the status window?