Community discussions

 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

v6.40.6 [bugfix] is released!

Wed Feb 21, 2018 2:54 pm

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

What's new in 6.40.6 (2018-Feb-20 11:04):

*) btest - fixed TCP test accuracy when low TX/RX rates are used;
*) certificate - do not use UTF-8 for SCEP challenge password;
*) certificate - fixed PKCS#10 version;
*) chr - generate new system ID on first boot;
*) crs317 - fixed reliability on FAN controller;
*) defconf - fixed DISC Lite5 LED default configuration;
*) dhcpv4-server - fixed framed and classless route received from RADIUS server;
*) disk - fixed disk detach process;
*) dude - fixed e-mail notifications when default port is not used;
*) export - fixed "/system routerboard mode-button" compact export;
*) filesystem - implemented additional system integrity checks on reboots;
*) firewall - limited maximum "address-list-timeout" value to “35w3d13h13m56sâ€;
*) hotspot - fixed "dst-port" to require valid "protocol" in "walled-garden ip";
*) hotspot - fixed Walled Garden IP functionality when address-list is used;
*) ike1 - fixed crash on XAUTH if user does not exist;
*) ike1 - fixed memory corruption when IPv6 is used;
*) ike1 - improved stability on phase1 rekeying;
*) ike2 - added support for multiple split networks;
*) ike2 - delay rekeyed peer outbound SA installation;
*) ike2 - improve half-open connection handling;
*) ike2 - kill connection when peer changes address;
*) ike2 - use peer configuration address when available on empty TSi;
*) ipsec - fixed incorrect esp proposal key size usage;
*) ipsec - properly update IPsec secret for IPIP/EoIP/GRE dynamic peer;
*) l2tp - improved reliability on packet processing in FastPath;
*) netinstall - improved LTE package description;
*) netinstall - properly generate skins folder when branding package is installed;
*) ovpn - fixed resource leak on systems with high CPU usage;
*) ovpn-server - do not periodically change automatically generated server MAC address;
*) ppp - do not disconnect active PPP connection after "idle-timeout";
*) ppp - do not lose "/ppp profile" script configuration after other profile parameters are edited;
*) ppp - fixed "change-mss" functionality when MSS is not set on forwarded packets;
*) ppp - fixed L2TP and PPTP encryption negotiation process on configuration changes;
*) pppoe-client - properly re-establish MLPPP session when one of the lines stopped transmitting packets;
*) quickset - do not automatically change mode to CPE;
*) quickset - renamed router IP static DNS name to "router.lan";
*) route - fixed DHCP/PPP “add-default-route†“distance†minimal value to 1;
*) route - improved reliability on routing table update;
*) routerboard - properly report warnings under "/system routerboard" menu;
*) scheduler - properly display long scheduler configuration;
*) sfp - improved SFP module compatibility;
*) sms - fixed minor problem for SMS delivery;
*) snmp - added IPv6 addresses support on default "public" community;
*) snmp - fixed bulk requests when non-repeaters are used;
*) snmp - fixed consecutive OID bulk get from the same table;
*) traceroute - fixed "/tool traceroute" results print;
*) traffic-flow - do not count single extra packet per each flow;
*) webfig - added support for proper default policies when adding script or scheduler job;
*) webfig - fixed backup loading from Webfig on RouterBOARD running default configuration;
*) webfig - fixed bridge port sorting order by name;
*) webfig - fixed MAC address ordering;
*) webfig - fixed router getting reset to default configuration;
*) webfig - fixed column ordering;
*) winbox - allow to specify "to-ports" for "action=masquerade";
*) wireless - fixed wireless protocol mode restrictions if lockpack is installed and has limits for it;
*) wireless - removed unused monitor command from CLI;
*) wireless - updated "Australia", "Czech Republic", "UK 5.8 Fixed" and "United Kingdom" regulatory domain information;

Please keep this forum topic strictly related to this concrete RouterOS release.
 
Darryl
just joined
Posts: 15
Joined: Fri May 13, 2016 3:44 pm

Re: v6.40.6 [bugfix] is released!

Wed Feb 21, 2018 6:04 pm

Just upgraded RB750 and RB3011 from 6.40.5 - MLPPP still working good.
 
User avatar
ahteran
newbie
Posts: 31
Joined: Sun Nov 09, 2014 5:07 pm

Re: v6.40.6 [bugfix] is released!

Wed Feb 21, 2018 7:00 pm

I have updated RB433, RB450,RB600A, SXT 5ac
No problem Working fine.
 
AndreasHe
just joined
Posts: 3
Joined: Sun Jan 24, 2016 2:28 pm

Re: v6.40.6 [bugfix] is released!

Wed Feb 21, 2018 9:46 pm

I've updated two RB951G-2HnD and an CCR1016-12G.
No issues so far.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1364
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: v6.40.6 [bugfix] is released!

Thu Feb 22, 2018 1:55 pm

Updated SXT LTE and CRS109, no issues so far
MTCNA, MTCTCE, MTCRE & MTCINE
 
complex1
just joined
Posts: 22
Joined: Wed Jan 04, 2017 9:55 pm

Re: v6.40.6 [bugfix] is released!

Thu Feb 22, 2018 2:11 pm

Updated RB2011UAS_2HnD, no issues so far. :D
Kind regards,
Frank.
 
Beone
Member Candidate
Member Candidate
Posts: 243
Joined: Fri Feb 11, 2011 1:11 pm

Re: v6.40.6 [bugfix] is released!

Thu Feb 22, 2018 9:23 pm

any chance having the capsman and tile performane fixes being added to v6.40.7?

The new 6.41.x branch with changed bridging/ethernet setup is way too new for production status
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.40.6 [bugfix] is released!

Thu Feb 22, 2018 10:30 pm

Beone - Which fixes exactly are you referring to? Please provide copy of change included in 6.41.x or 6.42rc which you are looking for.
 
User avatar
pietroscherer
Trainer
Trainer
Posts: 164
Joined: Thu Mar 05, 2015 3:05 pm
Location: RS, Brazil
Contact:

Re: v6.40.6 [bugfix] is released!

Fri Feb 23, 2018 1:58 pm

Hello guys,

Did you got problems with OSPFv3 on this version? After update a RB1100AHx2, some OSPFv3 neighbors doesn't reach the full state. Neighbors that are running is because I disabled / enable OSPFv3 interface. I've done the same with all neighbors, but some doesn't worked.

Image

* I tried to remove / add the OSPFv3 interface too, but the problem remains.

I'll send a supout.rif to support in a while.

Thank you!
Pietro Scherer
http://www.tchesolutions.com.br [ISPs Consulting and Training]
http://www.routermage.com [Backup and Automation System]
:D
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.40.6 [bugfix] is released!

Fri Feb 23, 2018 2:27 pm

pietroscherer - Does problem go away if you downgrade router to 6.40.5 version and appears once more if you upgrade back to 6.40.6?
 
User avatar
pietroscherer
Trainer
Trainer
Posts: 164
Joined: Thu Mar 05, 2015 3:05 pm
Location: RS, Brazil
Contact:

Re: v6.40.6 [bugfix] is released!

Fri Feb 23, 2018 2:41 pm

pietroscherer - Does problem go away if you downgrade router to 6.40.5 version and appears once more if you upgrade back to 6.40.6?
Hello Strods,

I didn't do this test yet. One of the neighbors that wasn't working, becomes to work after update (6.23 -> 6.41.2). The other one still non working (no update).
I'll test a downgrade on RB1100AHx2 to 6.40.5 to see if it'll work.

* I'll do this in a light time, because it's one of my main routers.

Thank you!
Pietro Scherer
http://www.tchesolutions.com.br [ISPs Consulting and Training]
http://www.routermage.com [Backup and Automation System]
:D
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1708
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.40.6 [bugfix] is released!

Fri Feb 23, 2018 3:04 pm

951G, 2011, 962 updated ... so far no problems
Real admins use real keyboards.
 
User avatar
pietroscherer
Trainer
Trainer
Posts: 164
Joined: Thu Mar 05, 2015 3:05 pm
Location: RS, Brazil
Contact:

Re: v6.40.6 [bugfix] is released!

Fri Feb 23, 2018 3:06 pm

pietroscherer - Does problem go away if you downgrade router to 6.40.5 version and appears once more if you upgrade back to 6.40.6?
Hello Strods,

I didn't do this test yet. One of the neighbors that wasn't working, becomes to work after update (6.23 -> 6.41.2). The other one still non working (no update).
I'll test a downgrade on RB1100AHx2 to 6.40.5 to see if it'll work.

* I'll do this in a light time, because it's one of my main routers.

Thank you!
UPDATING..

Maris told me to disable OSPFv3 interface on both sides, and then re-enable after 40 seconds.
The problem was solved with this action.

Sorry for don't tried this before.

Thank you!
Pietro Scherer
http://www.tchesolutions.com.br [ISPs Consulting and Training]
http://www.routermage.com [Backup and Automation System]
:D
 
jgro
newbie
Posts: 46
Joined: Sat Jun 10, 2017 7:33 am

Re: v6.40.6 [bugfix] is released!

Fri Feb 23, 2018 10:14 pm

Does the "What's new in 6.40.6" show what is new compared to the previous bugfix release 6.39.3 or only what is new compared to 6.40.5? Is everything that is in 6.40.5 also in 6.40.6? I want to see the complete list of what has changed between what I'm currently running (6.39.3) before I upgrade.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1708
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.40.6 [bugfix] is released!

Fri Feb 23, 2018 10:45 pm

....What's new in 6.40.6 (2018-Feb-20 11:04):.....
IMHO it means that Mikrotik reports new things.
All changes you can trace here: https://mikrotik.com/download/changelogs/
Real admins use real keyboards.
 
jgro
newbie
Posts: 46
Joined: Sat Jun 10, 2017 7:33 am

Re: v6.40.6 [bugfix] is released!

Sat Feb 24, 2018 1:23 am

....What's new in 6.40.6 (2018-Feb-20 11:04):.....
IMHO it means that Mikrotik reports new things.
All changes you can trace here: https://mikrotik.com/download/changelogs/
I'm pretty sure not everything in 6.40.6 is new compared to 6.42.rc30, so my question remains, "new compared to what?" (For example, the item "dude - fixed e-mail notifications when default port is not used" appears in "What's new in 6.41.1" as well as "What's new in 6.40.6", but 6.41.1 is over 6 months old.)

If you look at the bugfix release tree changelogs you will see that the [bugfix] release immediately prior to 6.40.6 is 6.39.3. This implies that the only changes between 6.40.6 and 6.39.3 are the ones listed in the 6.40.6 "what's new" list, but I have my doubts about whether or not this is true. This is what I would like MikroTik to clarify.

If you look at https://mikrotik.com/download/changelogs/ for the current release changelogs, you will see that 6.40.6 is not listed. So my best guess is that "What's new in 6.40.6" is what is new compared to 6.40.5 and upgrading from the previous [bugfix] release of 6.39.3 to the current [bugfix] release of 6.40.6 will change a lot more than what is listed. But what exactly will change?

"What's new in 6.40" lists what changed between 6.39.2 and 6.40. Some of those changes made it into 6.39.3, so I cannot look at the 6.40 list and say "all those things are also new in 6.40.6 compared to 6.39.3" nor can I say they are all not new.

I would like a list of what changed between 6.39.3 and 6.40.6 that includes everything that changed but does not also include things that did not change, so I can review the changes without worrying about things already in place on my systems. The changelog is supposed to provide this, but I think it does not.
 
Beone
Member Candidate
Member Candidate
Posts: 243
Joined: Fri Feb 11, 2011 1:11 pm

Re: v6.40.6 [bugfix] is released!

Sat Feb 24, 2018 5:45 am

Beone - Which fixes exactly are you referring to? Please provide copy of change included in 6.41.x or 6.42rc which you are looking for.
Other changes since 6.41.2:

*) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
*) capsman - improved CAPsMAN responsiveness on systems with large amount of CAP interfaces;
*) wireless - added support for "band=5ghz-n/ac" (CLI only);
*) wireless - improved compatibility with specific wireless AC standard clients;
*) wireless - improved packet processing on ARM platform devices;
*) wireless - improved wireless scan functionality for devices with multiple wireless interfaces;
 
msatter
Forum Guru
Forum Guru
Posts: 1200
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.40.6 [bugfix] is released!

Sat Feb 24, 2018 11:58 am

Updated my RB750Gr3 and no problems so far. :-)
Two RB760iGS (hEX S) in series. One does PPPoE and both do IKEv2.
Running:
RouterOS 6.46Beta / Winbox 3.19 / MikroTik APP 1.3.2
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.40.6 [bugfix] is released!

Sat Feb 24, 2018 1:19 pm

pietroscherer - Glad to hear that you resolved the problem. As far as I understand, you can not tell if problem was caused by this particular release. Is that correct?
jgro, BartoszP - Changelog always shows difference between this version and previous one. Previous before 6.40.6 is "-1" - 6.40.5. This changelog shows difference between 6.40.5 and 6.40.6. For example, if you upgrade from 6.38, then you have to check - all 6.38.x changelogs, 6.39 and 6.39.x changelogs and 6.40 and 6.40.x changelogs.
Beone - There are no silent fixes. If changes are not in changelog, then they are not in the release.
 
Beone
Member Candidate
Member Candidate
Posts: 243
Joined: Fri Feb 11, 2011 1:11 pm

Re: v6.40.6 [bugfix] is released!

Sat Feb 24, 2018 2:47 pm

pietroscherer - Glad to hear that you resolved the problem. As far as I understand, you can not tell if problem was caused by this particular release. Is that correct?
jgro, BartoszP - Changelog always shows difference between this version and previous one. Previous before 6.40.6 is "-1" - 6.40.5. This changelog shows difference between 6.40.5 and 6.40.6. For example, if you upgrade from 6.38, then you have to check - all 6.38.x changelogs, 6.39 and 6.39.x changelogs and 6.40 and 6.40.x changelogs.
Beone - There are no silent fixes. If changes are not in changelog, then they are not in the release.
I know they are not in the release, but 6.41+ is having the whole new bridge implementation, which needs to stabilize first. Meanwhile we have production devices requiring at least the capsman and tile performance fixes, which are not available in bugfix. So my question is: can you release a bugfix having those fixes but not yet having the new bridge implementation? (a 6.40.7 so to speak)
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.40.6 [bugfix] is released!

Sat Feb 24, 2018 3:25 pm

Beone - At the moment I can not make any promises. Each and every fix which is tested, has not caused any new problems and have actually fixed the problem are included in bugfix version. Yes, fixes which can be included will be included in .7 version.

In order to make bugfix as trustworthy as possible, we do not include just made and untested fixes.
 
User avatar
pietroscherer
Trainer
Trainer
Posts: 164
Joined: Thu Mar 05, 2015 3:05 pm
Location: RS, Brazil
Contact:

Re: v6.40.6 [bugfix] is released!

Sat Feb 24, 2018 5:57 pm

pietroscherer - Glad to hear that you resolved the problem. As far as I understand, you can not tell if problem was caused by this particular release. Is that correct?
Strods,

It's Hard to say if was a problem caused by this particular release. OSPFv3 neighbors are running oldest versions than this.

Thank you.
Pietro Scherer
http://www.tchesolutions.com.br [ISPs Consulting and Training]
http://www.routermage.com [Backup and Automation System]
:D
 
Spirch
newbie
Posts: 44
Joined: Sat May 03, 2014 5:04 am

Re: v6.40.6 [bugfix] is released!

Sun Feb 25, 2018 3:27 am

so between the 2 bugfix releases this is the actual difference if i understand properly


What's new in 6.40.6 (2018-Feb-20 11:04):

*) btest - fixed TCP test accuracy when low TX/RX rates are used;
*) certificate - do not use UTF-8 for SCEP challenge password;
*) certificate - fixed PKCS#10 version;
*) chr - generate new system ID on first boot;
*) crs317 - fixed reliability on FAN controller;
*) defconf - fixed DISC Lite5 LED default configuration;
*) dhcpv4-server - fixed framed and classless route received from RADIUS server;
*) disk - fixed disk detach process;
*) dude - fixed e-mail notifications when default port is not used;
*) export - fixed "/system routerboard mode-button" compact export;
*) filesystem - implemented additional system integrity checks on reboots;
*) firewall - limited maximum "address-list-timeout" value to “35w3d13h13m56s”;
*) hotspot - fixed "dst-port" to require valid "protocol" in "walled-garden ip";
*) hotspot - fixed Walled Garden IP functionality when address-list is used;
*) ike1 - fixed crash on XAUTH if user does not exist;
*) ike1 - fixed memory corruption when IPv6 is used;
*) ike1 - improved stability on phase1 rekeying;
*) ike2 - added support for multiple split networks;
*) ike2 - delay rekeyed peer outbound SA installation;
*) ike2 - improve half-open connection handling;
*) ike2 - kill connection when peer changes address;
*) ike2 - use peer configuration address when available on empty TSi;
*) ipsec - fixed incorrect esp proposal key size usage;
*) ipsec - properly update IPsec secret for IPIP/EoIP/GRE dynamic peer;
*) l2tp - improved reliability on packet processing in FastPath;
*) netinstall - improved LTE package description;
*) netinstall - properly generate skins folder when branding package is installed;
*) ovpn - fixed resource leak on systems with high CPU usage;
*) ovpn-server - do not periodically change automatically generated server MAC address;
*) ppp - do not disconnect active PPP connection after "idle-timeout";
*) ppp - do not lose "/ppp profile" script configuration after other profile parameters are edited;
*) ppp - fixed "change-mss" functionality when MSS is not set on forwarded packets;
*) ppp - fixed L2TP and PPTP encryption negotiation process on configuration changes;
*) pppoe-client - properly re-establish MLPPP session when one of the lines stopped transmitting packets;
*) quickset - do not automatically change mode to CPE;
*) quickset - renamed router IP static DNS name to "router.lan";
*) route - fixed DHCP/PPP “add-default-route” “distance” minimal value to 1;
*) route - improved reliability on routing table update;
*) routerboard - properly report warnings under "/system routerboard" menu;
*) scheduler - properly display long scheduler configuration;
*) sfp - improved SFP module compatibility;
*) sms - fixed minor problem for SMS delivery;
*) snmp - added IPv6 addresses support on default "public" community;
*) snmp - fixed bulk requests when non-repeaters are used;
*) snmp - fixed consecutive OID bulk get from the same table;
*) traceroute - fixed "/tool traceroute" results print;
*) traffic-flow - do not count single extra packet per each flow;
*) webfig - added support for proper default policies when adding script or scheduler job;
*) webfig - fixed backup loading from Webfig on RouterBOARD running default configuration;
*) webfig - fixed bridge port sorting order by name;
*) webfig - fixed MAC address ordering;
*) webfig - fixed router getting reset to default configuration;
*) webfig - fixed column ordering;
*) winbox - allow to specify "to-ports" for "action=masquerade";
*) wireless - fixed wireless protocol mode restrictions if lockpack is installed and has limits for it;
*) wireless - removed unused monitor command from CLI;
*) wireless - updated "Australia", "Czech Republic", "UK 5.8 Fixed" and "United Kingdom" regulatory domain information;

What's new in 6.40.5 (2017-Oct-31 13:05):

*) certificate - fixed import of certificates with empty SKID;
*) crs3xx - fixed 100% CPU usage after interface related changes;
*) firewall - do not NAT address to 0.0.0.0 after reboot if to-address is used but not specified;
*) ike1 - fixed crash after downgrade if DH groups 19,20,21 were used for phase1;
*) ike1 - fixed RSA authentication for Windows clients behind NAT;
*) ipsec - fixed lost value for "remote-certificate" parameter after disable/enable;
*) ipv6 - fixed IPv6 addresses constructed from prefix and static address entry;
*) log - properly recognize MikroTik specific RADIUS attributes;
*) lte - do not reset modem when it is not possible to access SMS storage;
*) lte - fixed modem initialization after reboot;
*) lte - fixed PIN option after setting up the band;
*) sms - include time stamps in SMS delivery reports;
*) sms - properly initialize SMS storage;
*) snmp - fixed "/system license" parameters for CHR;
*) winbox - allow shorten bytes to k,M,G in Hotspot user limits;
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;

What's new in 6.40.4 (2017-Oct-02 08:38):

*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - properly update dynamic ARP entries after interface related changes;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added L2MTU support;
*) crs3xx - improved packet processing in slowpath;
*) defconf - fixed RouterOS default configuration (introduced in v6.40.3);
*) dhcp - fixed downgrade from RouterOS v6.41 or higher;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipv6 - fixed IPv6 address request from pool;
*) lte - fixed modem initialization after reboot;
*) ntp-client - properly start NTP client after reboot if manual server IP is not configured;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed OPTON module DDM information readings;
*) sfp - fixed temperature readings for various SFP modules;
*) snmp - fixed "/caps-man registration-table" uptime values;
*) snmp - fixed "/system license" parameters for CHR;
*) tile - improved reliability on MPLS package processing;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) vlan - do not allow VLAN MTU to be higher than L2MTU;
*) webfig - improved reliability of login process;
*) wireless - added "etsi1" regulatory domain information;
*) wireless - improved WPA2 key exchange reliability;
*) wireless - updated "norway" regulatory domain information;

What's new in 6.40.3 (2017-Sep-01 07:40):

*) dhcpv6-server - do not release address of static binding from pool after server removal;
*) export - fixed "/system routerboard" export (introduced in 6.40.1);
*) export - fixed export for PoE-OUT related settings;
*) ike1 - fixed initiator ID comparison to NAT-OA;
*) led - fixed "on" and "off" triggers when multiple LEDs are selected;
*) led - fixed RB711UA ether1 LED (introduced in v6.38rc16);
*) lte - do not show USB LTE modem under "/port" menu;
*) lte - fixed ethernet flap when LTE establishes connection;
*) lte - fixed SXT LTE graphs in QuickSet;
*) lte - improved reliability of USB LTE modems;
*) poe-out - fixed router reboot after "poe-out-status" changes;
*) rb1100ahx4 - fixed HW acceleration fragmented packet decryption when fragment is smaller than 64 bytes;
*) rb750gr3 - show warning and do not allow to use "protected-bootloader" feature if "factory-firmware" older than 3.34.4 version;
*) routerboard - added "mode-button" support for RB750Gr3 (CLI only);
*) ssh - do not execute command if it starts with "-" symbol;
*) traffic-flow - fixed reboots when IPv6 address has been set as target address without active IPv6 package;
*) userman - fixed "limitation" and "profile-limitation" update;
*) userman - fixed CoA packet processing after changes in "/tool user-manager router" configuration;
*) webfig - allow to open table entry even if table is not sorted by # (introduced in v6.40);
*) webfig - allow to unset "rate-limit" for DHCP leases;
*) winbox - added possibility to define "comment" for "/routing bgp network" entries;
*) winbox - do not show FAN related information under "/system health" menu for devices which does not have it;
*) winbox - do not show LCD menu for devices which does not have it;
*) winbox - fixed ARP table update after entry changes state to incomplete;
*) wireless - added "russia3" country settings;
*) wireless - added New Zealand regulatory domain information for P2P links;
*) wireless - updated China and New Zealand regulatory domain information;
*) www - fixed unresponsive Web services (introduced in v6.40);

What's new in 6.40.2 (2017-Aug-08 13:13):

*) dhcpv6-client - fixed IA evaluation order;
*) led - fixed "modem-signal" LEDs (introduced in 6.40);
*) pppoe-client - fixed wrong MRU detection over VLAN interfaces;
*) rb2011 - fixed possible LCD blinking along with ethernet LED (introduced in 6.40);
*) sfp - fixed invalid temperature readings when ambient temperature is below 0C;
*) winbox - added certificate settings;
*) winbox - added support for certificate CRL list;
*) winbox - do not show LCD menu for devices which does not have it;
*) winbox - hide "level" and "tunnel" parameters for IPSec policy templates;
*) winbox - hide FAN speed if it is 0RPM;

What's new in 6.40.1 (2017-Aug-03 12:37):

*) bonding - improved reliability on bonding interface removal;
*) chr - fixed false warnings on upgrade reboots;
*) dhcpv6-client - do not run DHCPv6 client when IPv6 package is disabled;
*) export - fixed export for different parameters where numerical range or constant string is expected;
*) firewall - properly remove "address-list" entry after timeout ends;
*) interface - improved interface state change handling when multiple interfaces are affected at the same time;
*) lte - fixed LTE not passing any traffic while in running state;
*) ovpn-client - fixed incorrect netmask usage for pushed routes (introduced in 6.40);
*) pppoe-client - fixed incorrectly formed PADT packet;
*) rb2011 - fixed possible LCD blinking along with ethernet LED (introduced in 6.40);
*) rb922 - restored missing wireless interface on some boards;
*) torch - fixed Torch on PPP tunnels (introduced in 6.40);
*) trafficgen - fixed "lost-ratio" showing incorrect statistics after multiple sequences;
*) winbox - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter under NAT, Mangle and RAW rules;

What's new in v6.40 (2017-Jul-21 08:45):

!) lte - added initial fastpath support (except SXT LTE and Sierra modems);
!) lte - added initial support for passthrough mode for lte modems that supports fastpath;
!) wireless - added Nv2 AP synchronization feature "nv2-modes" and "nv2-sync-secret" option;
*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) btest - fixed crash when packet size has been changed during test;
*) capsman - added "current-registered-clients" and "current-authorized-clients" count for CAP interfaces;
*) capsman - fixed EAP identity reporting in "registration-table";
*) capsman - set minimal "caps-man-names" and "caps-man-certificate-common-names" length to 1 char;
*) certificate - added "crl-use" setting to disable CRL use (CLI only);
*) certificate - update and reload old certificate with new one if SKID matches;
*) chr - fixed MAC address assignment when hot plugging NIC on XenServer;
*) chr - maximal system disk size now limited to 16GB;
*) conntrack - fixed IPv6 connection tracking enable/disable;
*) console - fixed different command auto complete on ;
*) crs212 - fixed Optech sfp-10G-tx module compatibility with SFP ports;
*) defconf - added IPv6 default firewall configuration (IPv6 package must be enabled on reset);
*) defconf - improved IPv4 default firewall configuration;
*) defconf - renamed 192.168.88.1 address static DNS entry from "router" to "router.lan";
*) dhcp - added "debug" logs on MAC address change;
*) dhcpv4-client - added "gateway-address" script parameter;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv4-server - fixed server state on interface change in Winbox and Webfig;
*) discovery - fixed timeouts for LLDP neighbours;
*) dns - remove all dynamic cache RRs of same type when adding static entry;
*) dude - fixed server crash;
*) email - added support for multiple attachments;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - added "terse" option;
*) export - added default "init-delay" setting for "/routerboard settings" menu;
*) export - added router model and serial number to configuration export;
*) export - fixed "/interface list" verbose export;
*) export - fixed "/ipv6 route" compact export;
*) export - fixed MPLS "dynamic-label-range" export;
*) export - fixed SNMP "src-address" for compact export;
*) fastpath - improved performance when packets for slowpath are received;
*) fastpath - improved process of removing dynamic interfaces;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) fetch - added "src-address" parameter for HTTP and HTTPS;
*) filesystem - improved error correcting process on tilera and RB1100AHx4 storage;
*) firewall - added "none-dynamic" and "none-static" options for "address-list-timeout" parameter;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed cosmetic "inactive" flag when item was disabled;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - added log error message if netmask was not provided by "mode-config" server;
*) ike1 - added support for "framed-pool" RADIUS attribute;
*) ike1 - create tunnel policy when no split net provided;
*) ike1 - fixed minor memory leak on peer configuration change;
*) ike1 - kill phase1 instead of rekey if "mode-config" is used;
*) ike1 - removed SAs on DPD;
*) ike1 - send phase1 delete;
*) ike1 - wait for cfg set reply before ph2 creation with xAuth;
*) ike2 - added RADIUS attributes "Framed-Pool", "Framed-Ip-Address", "Framed-Ip-Netmask";
*) ike2 - added pfkey kernel return checks;
*) ike2 - added support for "Mikrotik_Address_List" RADIUS attribute;
*) ike2 - added support for "mode-config" static address;
*) ike2 - by default use "/24" netmask for peer IP address in split net;
*) ike2 - fixed duplicate policy checking with "0.0.0.0/0" policies;
*) ike2 - prefer traffic selector with "mode-config" address;
*) ipsec - added "firewall=add-notrack" peer option (CLI only);
*) ipsec - added information in console XML for "mode-config" menu;
*) ipsec - added support for "key-id" peer identification type;
*) ipsec - allow to specify chain in "firewall" peer option;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipsec - enabled modp2048 DH group by default;
*) ipsec - fixed connections cleanup on policy or proposal modification;
*) ipsec - optimized logging under IPSec topic;
*) ipsec - removed policy priority;
*) l2tp - fixed handling of pre-authenticated L2TP sessions with CHAP authentication;
*) l2tp-server - added "one-session-per-host" option;
*) log - added "poe-out" topic;
*) log - improved "l2tp" logs;
*) log - optimized "wireless,info" topic logs;
*) log - work on false CPU/RAM overclocked alarms;
*) lte - added "accounting" logs for LTE connections;
*) lte - added info command support for the Jaton LTE modem;
*) lte - added initial support for "NTT DoCoMo" modem;
*) lte - added support for Huawei E3531-6;
*) lte - added support for ZTE TE W120;
*) lte - fixed info command when it is executed at the same time as modem restarts/disconnects;
*) lte - improved SMS delivery report;
*) lte - improved reliability on SXT LTE;
*) metarouter - fixed display of bogus error message on startup;
*) mmips - added support for NVME disks;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) packages - increased automatic download retry interval to 5 minutes if there is no free disk space;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - added initial support for ZTE K4203-Z and ME3630-E;
*) ppp - added output values for "info" command for finding the GSM base station's location ("LAC" and "IMSI");
*) ppp - fixed "user-command" output;
*) ppp - fixed non-standart PAP or CHAP packet handling;
*) ppp - improved MLPPP packet forwarding performance;
*) ppp - use interface name instead of IP as default route gateway;
*) proxy - fixed potential crash;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - added "Band" setting to "CPE" and "PTP CPE" modes;
*) quickset - added special firewall exception rules for IPSec;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) quickset - simplified LTE status monitoring;
*) quickset - use active user name and permissions when applying changes;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb750gr3 - fixed USB power;
*) routerboard - added "caps-mode" option for "reset-configuration";
*) routerboard - added "caps-mode-script" for default-configuration print;
*) routing - allow to disable "all" interface entry in BFD;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sfp - fixed invalid temperature reporting when ambient temperature is less than 0;
*) sms - decode reports in readable format;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - added "ifindex" on interface traps;
*) snmp - added CAPsMAN interface statistics;
*) snmp - added ability to set "src-address";
*) snmp - fixed "/system resource cpu print oid" menu;
*) snmp - fixed crash on interface table get;
*) snmp - fixed wireless interface walk table id ordering;
*) socks - fixed crash while processing many simultaneous sessions;
*) ssl - added Wildcard support for "left-most" DNS label (will allow to use signed Wildcard certificate on VPN servers);
*) supout - fixed IPv6 firewall section;
*) switch - fixed "loop-protect" on CRS SFP/SFP+ ports;
*) switch - fixed multicast forwarding on CRS326;
*) tile - fixed copying large amount of text over serial console;
*) tr069-client - fixed lost HTTP header on authorization;
*) trafficgen - added "lost-ratio" to statistics;
*) ups - show correct "line-voltage" value for usbhid UPS devices;
*) userman - added "/tool user-manager user clear-profiles" command;
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) winbox - added "eap-identity" to CAPsMAN registration table;
*) winbox - added "no-dad" setting to IPv6 addresses;
*) winbox - added "reselect-channel" to CAPsMAN interfaces;
*) winbox - added "session-uptime" to LTE interface;
*) winbox - added TR069 support;
*) winbox - do not autoscale graphs outside known maximums;
*) winbox - fixed wireless interface "amsdu-threshold" max limit;
*) winbox - hide LCD menu on CRS112-8G-4S;
*) winbox - make IPSec policies table an order list;
*) winbox - moved LTE info fields to status tab;
*) winbox - show "/interface wireless cap print" warnings;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - NAK any methods except MS-CHAPv2 as inner method in PEAP;
*) wireless - added option to change "nv2-downlink-ratio" for nv2 protocol;
*) wireless - added option to set "fixed-downlink" mode for nv2 protocol;
*) wireless - allow VirutalAP on Level0 (24h demo) license;
*) wireless - always use "multicast-helper" when DHCP is being used;
*) wireless - do not skip >2462 channels if interface is WDS slave;
*) wireless - fixed 802.11u wireless request processing;
*) wireless - fixed EAP PEAP success processing;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - fixed rare crash on cap disable;
*) wireless - fixed registration table "signal-strength" reporting for chains when using nv2;
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1708
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.40.6 [bugfix] is released!

Sun Feb 25, 2018 8:29 am

Long, long post ... five seconds of scrolling. Was it necessary?
Real admins use real keyboards.
 
wimpy
just joined
Posts: 15
Joined: Thu Jan 07, 2016 7:23 am

Re: v6.40.6 [bugfix] is released!

Sun Feb 25, 2018 10:35 am

Couple of devices updated and so far so good ... (IPv6, OSPF v2 and v3, wifi 2GHz, 5GHz, VLAN, GRE/IPsec, VPN - SSTP, L2TP/IPsec, ...). Stability and "conservative" approach of the bugfix channel greatly appreciated. Thanks.
 
jgro
newbie
Posts: 46
Joined: Sat Jun 10, 2017 7:33 am

Re: v6.40.6 [bugfix] is released!

Sun Feb 25, 2018 1:36 pm

so between the 2 bugfix releases this is the actual difference if i understand properly
...
As I currently understand it, to get the actual difference, you would take the list you put together and then delete everything in "What's new in 6.39.3"

This means, for example, that you do not need to upgrade to 6.40.6 to get "ipv6 - fixed IPv6 address request from pool" (new in 6.40.4) or worry that by upgrading, "ovpn - added support for "push-continuation"" (new in 6.40) will cause problems, because both changes are already in 6.39.3.
 
JimmyNyholm
Member Candidate
Member Candidate
Posts: 249
Joined: Mon Apr 25, 2016 2:16 am
Location: Sweden

Re: v6.40.6 [bugfix] is released!

Sun Feb 25, 2018 3:25 pm

Long, long post ... five seconds of scrolling. Was it necessary?
No Scrolling Here. Use real browser and the post is rendered in a scrolled list inside that post.
As for the question it seems legit to ask to se if one has understod things right.

To actually answer the question: Yes that seems to be the official release notes so take your version on witch you where and compare to where you are going to. Read up in the threads for each version, in this forum, to see if there are any information that is of any concern for your type of deployment.
 
aussiewan
just joined
Posts: 24
Joined: Wed Sep 07, 2011 5:28 am

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 1:28 am

Can we get some clarification around this change?
*) dhcpv4-server - fixed framed and classless route received from RADIUS server;

We use RADIUS to assign additional subnets as static route to the DHCP client. We've seen that this breaks default routes on Mikrotik CPEs, as it forwards the values through and replaces the default route assignment, but other brand CPEs seem to work ok. Does this change fix that issue, or is it something else?
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8305
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 7:19 am

We use RADIUS to assign additional subnets as static route to the DHCP client. We've seen that this breaks default routes on Mikrotik CPEs, as it forwards the values through and replaces the default route assignment, but other brand CPEs seem to work ok. Does this change fix that issue, or is it something else?
The issue is that 'other brands' does not follow RFC. RFC3442 clearly states: "If the DHCP server returns both a Classless Static Routes option and a Router option, the DHCP client MUST ignore the Router option."

So, the correct way is to add default route (0.0.0.0/0) to your Option 121. The workaround on the RouterOS side is "/ip dhcp-client set [find] add-default-route=special-classless".
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
gwartass
just joined
Posts: 6
Joined: Tue Aug 18, 2015 5:28 pm

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 11:46 am

Hello,
can I get any info about this? Why was this change made?
*) wireless - updated "Czech Republic" regulatory domain information;
Czech republic has implemented the EU plan and band number 61 in this document is: 5725-5875MHz Non-specific Short-range devices 25mW e.i.r.p.
The non-specific short-range device category covers all kinds of radio devices, regardless of the application or the purpose,
which fulfil the technical conditions as specified for a given frequency band. Typical uses include telemetry,
telecommand, alarms, data transmissions in general and other applications.
http://eur-lex.europa.eu/legal-content/ ... 26&from=EN

The same information also state local documents from Czech telecommunication office.
 
eddieb
Member Candidate
Member Candidate
Posts: 135
Joined: Thu Aug 28, 2014 10:53 am
Location: Netherlands

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 1:33 pm

Hmm,

problem.
I upgraded my 3 hAP AC from 6.39.3 to 6.40.6 ..
All seemed OK but the office W10 laptop refused to connect to the wifi ...
To bad there is no useable logging, the MT logging just says station leaving and the W10 logging says "unable to connect" ...
I donwgraded to 6.39.3 and now the W10 connects ...

Eddie
Running 6.45.6 (stable) on :
CCR1009-8G-1S (2x ipsec/l2tp site-to-site, ipsec/l2tp roadwarrior, dhcpd, dns), CRS125-24G-1S, RB1100, RB962UiGS-5HacT2HnT (10pc), RB931-2nD, RB951, RB750GL ,RB2011UAS-RM, CHR running dude (CHR running in VirtualBox on OSX)
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5921
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 3:15 pm

Can we get some clarification around this change?
*) dhcpv4-server - fixed framed and classless route received from RADIUS server;

We use RADIUS to assign additional subnets as static route to the DHCP client. We've seen that this breaks default routes on Mikrotik CPEs, as it forwards the values through and replaces the default route assignment, but other brand CPEs seem to work ok. Does this change fix that issue, or is it something else?
There was a problem on little endian systems where, server sent wrong route received from radius server.
Fix has nothing to do with your mentioned problem. Chupaka already explained why default route is not installed.
 
uldis
MikroTik Support
MikroTik Support
Posts: 3424
Joined: Mon May 31, 2004 2:55 pm

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 3:21 pm

Hmm,

problem.
I upgraded my 3 hAP AC from 6.39.3 to 6.40.6 ..
All seemed OK but the office W10 laptop refused to connect to the wifi ...
To bad there is no useable logging, the MT logging just says station leaving and the W10 logging says "unable to connect" ...
I donwgraded to 6.39.3 and now the W10 connects ...

Eddie
Please provide support output file to suport@mikrotik.com so we could compare that configuration to see why it would not work in v6.40.6
 
uldis
MikroTik Support
MikroTik Support
Posts: 3424
Joined: Mon May 31, 2004 2:55 pm

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 3:23 pm

Hello,
can I get any info about this? Why was this change made?
*) wireless - updated "Czech Republic" regulatory domain information;
Czech republic has implemented the EU plan and band number 61 in this document is: 5725-5875MHz Non-specific Short-range devices 25mW e.i.r.p.
The non-specific short-range device category covers all kinds of radio devices, regardless of the application or the purpose,
which fulfil the technical conditions as specified for a given frequency band. Typical uses include telemetry,
telecommand, alarms, data transmissions in general and other applications.
http://eur-lex.europa.eu/legal-content/ ... 26&from=EN

The same information also state local documents from Czech telecommunication office.
The center frequencies for that was incorrect, now those should be ok.
 
eddieb
Member Candidate
Member Candidate
Posts: 135
Joined: Thu Aug 28, 2014 10:53 am
Location: Netherlands

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 3:32 pm

Hmm,

problem.
Eddie
Please provide support output file to suport@mikrotik.com so we could compare that configuration to see why it would not work in v6.40.6
I will create them in a couple of hours, the hAP AC are manged by CAPSMAN in my 2011, do you need the supout from the hAP AC, the 2011 or both ?
Eddie
Running 6.45.6 (stable) on :
CCR1009-8G-1S (2x ipsec/l2tp site-to-site, ipsec/l2tp roadwarrior, dhcpd, dns), CRS125-24G-1S, RB1100, RB962UiGS-5HacT2HnT (10pc), RB931-2nD, RB951, RB750GL ,RB2011UAS-RM, CHR running dude (CHR running in VirtualBox on OSX)
 
Muator
just joined
Posts: 22
Joined: Tue Jun 14, 2011 6:26 pm

Re: v6.40.6 [bugfix] is released!

Mon Feb 26, 2018 11:38 pm

Всем привет !
Mikrotik mipsbe.
Столкнулся с такой ситуацией, из терминала не выполняется команда добавления правила firewall c параметром limit=0;5.
Из винбокса это правило добавляется, с параметром limit=0;5.

Hello everyone !
Mikrotik mipsbe.
Faced with this situation, the command to add a firewall rule limit=0;5 is not executed from the terminal.
From winbox this rule is added with a parameter of limit=0;5.

[Muator@RBmAPL-2]ip firewall filter ex co
skip...
add action=add-src-to-address-list address-list=spammer_ssh address-list-timeout=1w chain=forward connection-limit=0,32 dst-port=22 limit=0,5:packet protocol=tcp
[Muator@RBmAPL-2] /ip firewall filter> add action=add-src-to-address-list address-list=spammer_ssh address-list-timeout=1w chain=forward connection-limit=0,32 dst-port=22 limit=0,5:packet protocol=tcp
value of count out of range (1..32000000000)
[Muator@RBmAPL-2]/ip firewall filter> add action=add-src-to-address-list address-list=spammer_ssh address-list-timeout=1w chain=forward connection-limit=0,32 dst-port=22 limit=1,5:packet protocol=tcp 
[Muator@RBmAPL-2] /ip firewall filter> exp co
skip...
add action=add-src-to-address-list address-list=spammer_ssh address-list-timeout=1w chain=forward connection-limit=0,32 dst-port=22 limit=0,5:packet protocol=tcp
add action=add-src-to-address-list address-list=spammer_ssh address-list-timeout=1w chain=forward connection-limit=0,32 dst-port=22 limit=1,5:packet protocol=tcp
[Muator@RBmAPL-2] /ip firewall filter> 
[Muator@RBmAPL-2] > sys identity export compact 
# feb/26/2018 12:37:04 by RouterOS 6.40.6
 
aussiewan
just joined
Posts: 24
Joined: Wed Sep 07, 2011 5:28 am

Re: v6.40.6 [bugfix] is released!

Tue Feb 27, 2018 2:26 am

Thanks mrz and Chupaka for your responses, that makes sense.
I may put up a new post about this, as the feature of the Mikrotik router assigning static routes towards the client and using the same RADIUS response value to tell the client to route those same subnets back upstream router seems like something you would never want...
The issue is that 'other brands' does not follow RFC. RFC3442 clearly states: "If the DHCP server returns both a Classless Static Routes option and a Router option, the DHCP client MUST ignore the Router option."

So, the correct way is to add default route (0.0.0.0/0) to your Option 121. The workaround on the RouterOS side is "/ip dhcp-client set [find] add-default-route=special-classless".
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8305
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.40.6 [bugfix] is released!

Tue Feb 27, 2018 8:09 am

I may put up a new post about this, as the feature of the Mikrotik router assigning static routes towards the client and using the same RADIUS response value to tell the client to route those same subnets back upstream router seems like something you would never want...
Huh?.. What feature?..
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
igorvukotic
just joined
Posts: 8
Joined: Mon Aug 03, 2015 2:00 pm

Re: v6.40.6 [bugfix] is released!

Tue Feb 27, 2018 3:50 pm

Upgrade from 6.37.5 on RB2011UiAS-2HnD to 6.40.6 ( very basic setup ) brakes router.
- not solved SCEP url problem
 
aussiewan
just joined
Posts: 24
Joined: Wed Sep 07, 2011 5:28 am

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 7:08 am

I may put up a new post about this, as the feature of the Mikrotik router assigning static routes towards the client and using the same RADIUS response value to tell the client to route those same subnets back upstream router seems like something you would never want...
Huh?.. What feature?..
If you send a Framed-Route value from RADIUS to a Mikrotik router DHCP server, it will add one or more static routes on the DHCP server for those routes, with a gateway of the DHCP client IP. However, it also sends that value to the DHCP client (I can't remember in which option) which, as you mentioned, should remove the default route from the DHCP client and instead use only the routes set in that DHCP option. So all you end up with is a recursive route. And you can't assign a default route via that Radius option, otherwise you end up setting that DHCP client as your default gateway.

As I said, this isn't the place for this discussion - I'll start a new thread on the forum.

EDIT: Posted here: viewtopic.php?f=2&t=131363
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 7:50 am

jgro - Yes. Lets say that we have version 6.39.2. Meanwhile we build 6.40.x. If fix is approved to be good, then it is also included in 6.39.3 (if possible). At that point the same fix is in 6.39.3 and 6.40.x. We do not edit changelogs and do not remove fixes from already released changelogs. If you go through multiple changelogs between your version and one you want to install you might notice same fixes mentioned multiple times.
Spirch - Yes, this is correct order of changelogs which you must read before an upgrade. That actually applies to everyone. We can not do anything if someone decided to upgrade and something is not working as suspected, however, for example, we have mentioned in changelog that feature is removed or changed its behavior. That is documented on changelog.
Muator - I assume that you did upgrade device from version older than 6.38.4 and did not read all the changelogs in the middle. 6.38.4 introduces this fix - "firewall - do not allow to set "time" parameter to 0s for "limit" option". Also this problem is not related to 6.40.6 so please in the future do not report problem in concrete version forum topic if you are not sure that it is caused by it, since you might scare off others who will think that feature is broken. This is whole reason why we make version topics - to find out problems caused by concrete release. Not 6.39.3, not 6.40.5 but exact version - 6.40.6.
igorvukotic - Upgrade happens on old version (on version which was installed on router before) and if it is caused by upgrade process, then it is caused by old version. Also we have re-worked upgrade on 6.42rc so hopefully (if problem cause is related to software itself) you will not experience such problems in future any more. I recommend that if you "brick" router, then you connect to router through serial console (if router has serial port) and see what happens there. Maybe RouterOS is working properly and, for example, ND is not working and that is why you do not see device in neighbors (just an example). What SCEP URL problem exactly is not fixed? Please contact support@mikrotik.com regarding this problem.
 
Muator
just joined
Posts: 22
Joined: Tue Jun 14, 2011 6:26 pm

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 10:37 am

Muator - I assume that you did upgrade device from version older than 6.38.4 and did not read all the changelogs in the middle. 6.38.4 introduces this fix - "firewall - do not allow to set "time" parameter to 0s for "limit" option". Also this problem is not related to 6.40.6 so please in the future do not report problem in concrete version forum topic if you are not sure that it is caused by it, since you might scare off others who will think that feature is broken. This is whole reason why we make version topics - to find out problems caused by concrete release. Not 6.39.3, not 6.40.5 but exact version - 6.40.6.
You don't seem to understand what I'm saying. From the winbox in the firewall creates a rule with the parameter "time" 0C for "limit". From the terminal is not created.
Yeah found it by accident to version 6.40.6.
Thank you for telling me that you've made some changes. If you have changed the rules, creating firewall rules and/or settings, for a terminal, you must apply those changes to the winbox as well.


Вы похоже не поняли, о чем мною написано. Из винбокса в фаерволе создается правило с параметром "время" 0С для "лимита". Из терминала не создается. Да выяснил это случайно на версии 6.40.6.
Спасибо что Вы подсказываете, что внеслись изменения. Если изменились правила, создания правил фаевола и/или параметры для терминала, необходимо применить эти изменения и для винбокса.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8305
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 11:19 am

From the winbox in the firewall creates a rule with the parameter "time" 0C for "limit". From the terminal is not created.
I can't create it from WinBox as well. How do you do that?

WinBox 3.12, RouterOS 6.41.1
limit0.jpg
You do not have the required permissions to view the files attached to this post.
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
Muator
just joined
Posts: 22
Joined: Tue Jun 14, 2011 6:26 pm

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 12:22 pm

From the winbox in the firewall creates a rule with the parameter "time" 0C for "limit". From the terminal is not created.
I can't create it from WinBox as well. How do you do that?

WinBox 3.12, RouterOS 6.41.1
limit0.jpg
On version 6.40.6 is created ! Upgrade to 6.40.6 and check if you don't believe.
Checked just now again, in the mangle and firewall, is created with 0.
The output from the console showed above.
The point is that the rules were added after the upgrade to 6.40.6.

На версии 6.40.6 создается ! Обновись до 6.40.6 и проверь, если не веришь.
Проверил только что еще раз, в мангл и фаерволе, создается с 0.
Вывод из консоли, показывал выше.
Фишка в том что правила добавлял после обновления до 6.40.6.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8305
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 12:38 pm

On version 6.40.6 is created ! Upgrade to 6.40.6 and check if you don't believe.
Checked just now again, in the mangle and firewall, is created with 0.
The output from the console showed above.
The point is that the rules were added after the upgrade to 6.40.6.
Don't get me wrong, but I downgraded to 6.40.6 and...
limit0-2.jpg
(checked both mangle and filter)
You do not have the required permissions to view the files attached to this post.
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
Muator
just joined
Posts: 22
Joined: Tue Jun 14, 2011 6:26 pm

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 12:54 pm

On version 6.40.6 is created ! Upgrade to 6.40.6 and check if you don't believe.
Checked just now again, in the mangle and firewall, is created with 0.
The output from the console showed above.
The point is that the rules were added after the upgrade to 6.40.6.
Don't get me wrong, but I downgraded to 6.40.6 and...

limit0-2.jpg

(checked both mangle and filter)
Похоже, не тот ярлык винбокса запустил, прошу прощения. Вопрос снят.

It seems that the wrong label Winbox(3.11) launched, sorry. The question is removed.
Last edited by Muator on Wed Feb 28, 2018 1:57 pm, edited 1 time in total.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1297
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: v6.40.6 [bugfix] is released!

Wed Feb 28, 2018 1:51 pm

@Muator
Please use English.
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
cinatus
just joined
Posts: 15
Joined: Fri Nov 18, 2005 4:50 am

Re: v6.40.6 [bugfix] is released!

Thu Mar 08, 2018 11:20 pm

*) route - improved reliability on routing table update;


What was done to improve the reliability on the routing table updates? The reason why I ask is that we have been having issues with all routing crashing on ours. So we recently upgraded them to 6.40.6 but I want to know what was done to shed some light on the issue.
 
User avatar
meverest
Frequent Visitor
Frequent Visitor
Posts: 83
Joined: Wed Jun 30, 2004 3:27 pm
Location: Geelong, Australia
Contact:

Re: v6.40.6 [bugfix] is released!

Wed Mar 14, 2018 5:02 am

Is there some more detail on this bit?:
*) wireless - updated "Australia", "Czech Republic", "UK 5.8 Fixed" and "United Kingdom" regulatory domain information;

does it include change to AU regulatory domain to allow radar-detect to be disabled?

Cheers, Mike.
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.40.6 [bugfix] is released!

Wed Mar 14, 2018 6:57 am

cinatus - If at some point your routing started to misbehave and after a while you saw "autosupout" file created on your router, then this fix might help you. However, I would recommend to send such file first to support and see if we will ask for you to make an upgrade to the version which includes this fix.
meverest - Regulatory domain information simply has been updated to current values.
 
irico
newbie
Posts: 47
Joined: Thu Nov 10, 2016 5:35 pm

Re: v6.40.6 [bugfix] is released!

Thu Mar 15, 2018 4:38 pm

Update CCR1009 from 6.39.3. Why it's setting MAC address to eth6? That MAC is the same as eth5
### v6.39.3 Export script:
[...]
/interface Ethernet
set [ find default-name=ether5 ] comment="SW (LACP)" name=e5-SW
set [ find default-name=ether6 ] comment="SW (LACP)" name=e6-SW
[...]
/interface bonding
add comment="SW-LAN_FAB (LACP)" mode=802.3ad name=bonding1-SW-LAN_FAB slaves=\
    e6-SW,e5-SW



### v6.40.6 Export script
[...]
/interface Ethernet
set [ find default-name=ether5 ] comment="SW (LACP)" name=e5-SW
set [ find default-name=ether6 ] comment="SW (LACP)" mac-address=\
    4C:5E:0C:DF:8D:92 name=e6-SW
[...]
/interface bonding
add comment="SW-LAN_FAB (LACP)" mode=802.3ad name=bonding1-SW-LAN_FAB slaves=\
    e6-SW,e5-SW




/interface ethernet> print
Flags: X - disabled, R - running, S - slave 
 #    NAME                                                                 MTU MAC-ADDRESS       ARP             MASTER-PORT                                                             SWITCH                                                            
 0 R  ;;; Telefonica (PPPoE)
      e1-WAN2                                                             1500 4C:5E:0C:DF:8D:8E enabled         none                                                                    switch1                                                           
 1    e2                                                                  1500 4C:5E:0C:DF:8D:8F enabled         none                                                                    switch1                                                           
 2    e3                                                                  1500 4C:5E:0C:DF:8D:90 enabled         none                                                                    switch1                                                           
 3 RS ;;; GSM SIM
      e4-TELGSM                                                           1500 4C:5E:0C:DF:8D:91 enabled         none                                                                    switch1                                                           
 4 RS ;;; SW (LACP)
      e5-SW                                                               1500 4C:5E:0C:DF:8D:92 enabled         none                                                                   
 5 RS ;;; SW (LACP)
      e6-SW                                                               1500 4C:5E:0C:DF:8D:92 enabled         none                                                                   
 6 X  ;;; GRN (PPPoE)
      e7                                                                  1500 4C:5E:0C:DF:8D:94 enabled         none                                                                   
 7 R  ;;; Adamo
      e8-WAN1                                                             1500 4C:5E:0C:DF:8D:95 enabled         none                                                                   
 8    sfp-sfpplus1                                                        1500 4C:5E:0C:DF:8D:8C enabled         none                                                                   
 9    sfp1                                                                1500 4C:5E:0C:DF:8D:8D enabled         none                                                                   
Sorry for my poor english
 
mkx
Forum Guru
Forum Guru
Posts: 2828
Joined: Thu Mar 03, 2016 10:23 pm

Re: v6.40.6 [bugfix] is released!

Thu Mar 15, 2018 9:17 pm

Disclaimer: I haven't seen myself any bonded interface on Mikrotik, I've only seen a few in Linux.

It seems logical to me for bonded devices to have same MAC addresses as it doesn't matter which physical device actually receives certain ethernet frame (keep in mind that MAC addresses are used to deliver frames in ethernet. Behaviour wold be non-deterministic if a device would answer with different MAC address to different ARP requests). I've seen this kind of behaviour at just every linux machine, configured with bonded ethernet devices using 802.3ad mode (there are a few other modes available in linux, but if the other end of such bond actually supports bonds, then its best to use the standard mode).
In linux the MAC address re-definition happens automatically and usually bond takes up MAC address of first physical device listed (I've never paid much attention to this detail). But that doesn't mean it couldn't be done explicitly as it is in your export from 6.40.6.
BR,
Metod
 
User avatar
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1406
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.40.6 [bugfix] is released!

Fri Mar 16, 2018 7:01 am

irico - Are you 100% sure that simply another admin or you by mistake or on purpose did not re-configure MAC address. Also - why in your printout "Ethernet" is with capital letter? It is not an export. These commands are edited by the hand.
 
irico
newbie
Posts: 47
Joined: Thu Nov 10, 2016 5:35 pm

Re: v6.40.6 [bugfix] is released!

Mon Mar 19, 2018 9:14 pm

EDITED!
irico - Are you 100% sure that simply another admin or you by mistake or on purpose did not re-configure MAC address. Also - why in your printout "Ethernet" is with capital letter? It is not an export. These commands are edited by the hand.
Possibly the autocorrector has changed some uppercase letters. I am the only administrator of the router. I make an export every 5 days automatically and in no other export there is change of MAC address.
Before updating, I always make a backup and an export and after updating again, to compare the files and detect possible configuration changes (as has happened now).
This week I will update another CCR1009 with similar configuration, I will verify if the same behavior occurs.
I just updated another CCR1009 with the same behavior. I have the export of before and after updating and I have a supout of before and after updating.
In the code you can see an extract of the router configuration updated today and the router updated last week.

The interfaces are bonding in cases of MAC address change.

These are the exports again, unprocessed with the autocorrector:
###[ROUTER UPDATED TODAY]

# mar/19/2018 20:25:20 by RouterOS 6.39.3
# software id = [EDITED]
#
[...]
/interface ethernet
set [ find default-name=ether1 ] comment="Megatro (LACP)" name=e1-Megatro
set [ find default-name=ether2 ] comment="Megatro (LACP)" name=e2-Megatro
set [ find default-name=ether3 ] comment="Telefonica (PPPoE)" name=e3-WAN3
set [ find default-name=ether4 ] comment="SW (LACP)" name=e4-SW
set [ find default-name=ether5 ] comment="SW (LACP)" name=e5-SW
set [ find default-name=ether6 ] comment="SW (LACP)" name=e6-SW
set [ find default-name=ether7 ] comment="SW (LACP)" name=e7-SW
[...]
/interface bonding
add mode=802.3ad name=bonding1-Megatro-WAN1 slaves=e1-Megatro,e2-Megatro \
    transmit-hash-policy=layer-2-and-3
add mode=802.3ad name=bonding2-SW slaves=e4-SW,e5-SW,e6-SW,e7-SW \
    transmit-hash-policy=layer-2-and-3



# mar/19/2018 20:26:24 by RouterOS 6.40.6
# software id = [EDITED]
#
# model = CCR1009-7G-1C-1S+
# serial number = [EDITED]
[...]
/interface ethernet
set [ find default-name=ether1 ] comment="Megatro (LACP)" name=e1-Megatro
set [ find default-name=ether2 ] comment="Megatro (LACP)" mac-address=\
    6C:3B:6B:E4:90:E5 name=e2-Megatro
set [ find default-name=ether3 ] comment="Telefonica (PPPoE)" name=e3-WAN3
set [ find default-name=ether4 ] comment="SW (LACP)" name=e4-SW
set [ find default-name=ether5 ] comment="SW (LACP)" mac-address=\
    6C:3B:6B:E4:90:E8 name=e5-SW
set [ find default-name=ether6 ] comment="SW (LACP)" mac-address=\
    6C:3B:6B:E4:90:E8 name=e6-SW
set [ find default-name=ether7 ] comment="SW (LACP)" mac-address=\
    6C:3B:6B:E4:90:E8 name=e7-SW
[...]
/interface bonding
add mode=802.3ad name=bonding1-Megatro-WAN1 slaves=e1-Megatro,e2-Megatro \
    transmit-hash-policy=layer-2-and-3
add mode=802.3ad name=bonding2-SW slaves=e4-SW,e5-SW,e6-SW,e7-SW \
    transmit-hash-policy=layer-2-and-3



###[ROUTER UPDATED 03/15/2018]

# mar/15/2018 15:10:38 by RouterOS 6.39.3
# software id = [EDITED]
#
[...]
/interface ethernet
set [ find default-name=ether1 ] comment="Telefonica (PPPoE)" name=e1-WAN2
set [ find default-name=ether2 ] name=e2
set [ find default-name=ether3 ] name=e3
set [ find default-name=ether4 ] comment="GSM SIM" name=e4-TELGSM
set [ find default-name=ether5 ] comment="SW (LACP)" name=e5-SW
set [ find default-name=ether6 ] comment="SW (LACP)" name=e6-SW
set [ find default-name=ether7 ] comment="GRN (PPPoE)" disabled=yes name=e7
set [ find default-name=ether8 ] comment=Adamo name=e8-WAN1
[...]
/interface bonding
add comment="SW-LAN_FAB (LACP)" mode=802.3ad name=bonding1-SW-LAN_FAB slaves=\
    e6-SW,e5-SW



# mar/15/2018 15:16:40 by RouterOS 6.40.6
# software id = [EDITED]
#
# model = CCR1009-8G-1S-1S+
# serial number = [EDITED]
[...]
/interface ethernet
set [ find default-name=ether1 ] comment="Telefonica (PPPoE)" name=e1-WAN2
set [ find default-name=ether2 ] name=e2
set [ find default-name=ether3 ] name=e3
set [ find default-name=ether4 ] comment="GSM SIM" name=e4-TELGSM
set [ find default-name=ether5 ] comment="SW (LACP)" name=e5-SW
set [ find default-name=ether6 ] comment="SW (LACP)" mac-address=\
    4C:5E:0C:DF:8D:92 name=e6-SW
set [ find default-name=ether7 ] comment="GRN (PPPoE)" disabled=yes name=e7
set [ find default-name=ether8 ] comment=Adamo name=e8-WAN1
[...]
/interface bonding
add comment="SW-LAN_FAB (LACP)" mode=802.3ad name=bonding1-SW-LAN_FAB slaves=\
    e6-SW,e5-SW

 
vodokotlic
just joined
Posts: 13
Joined: Thu Mar 29, 2018 11:13 pm

Re: v6.40.6 [bugfix] is released!

Thu Mar 29, 2018 11:21 pm

Updated RB951Ui-2HnD from v.6.39.3 [bugfix]

Internet connection is PPPoE on top of VLAN on top of ether1. Dial out goes trough but no traffic flow.
Downgrading back to v.6.39.3 fixes the issue.
 
rah
just joined
Posts: 7
Joined: Mon Feb 20, 2017 11:34 pm

Re: v6.40.6 [bugfix] is released!

Mon Apr 02, 2018 6:09 am

Posted this in wireless networking but think it makes sense over here as well since I have a feeling it's a software bug:

Have a HAP AC that is a CAP which consistently crashes when using Chrome screen mirror from the laptop (Intel AC8265) to the Chromecast 2.
- local forwarding is enabled
- Both devices connected to 5ghz radio
- RX strength on the registration table for both devices is between -43 and -51
- after a few minutes of screen mirror of video content or pictures the HAP AC will reboot
- log on the HAP AC after reboot logs a system, error, critical message of "router was rebooted without proper shutdown by watchdog timer"
- first noticed it on bugfix 6.39.3, upgraded to latest bugfix 6.40.6 and issue still occurs
 
Jeanluck
Member Candidate
Member Candidate
Posts: 271
Joined: Tue Apr 19, 2011 7:07 pm

Re: v6.40.6 [bugfix] is released!

Tue Apr 03, 2018 11:29 am

I have 6.38.3 version, and I want to upgrade, but I want to avoid DHCP Server fail on bridge. What version is afected? Can I upgrade to 6.40.6 without risk of this bug?
 
venthyl
just joined
Posts: 22
Joined: Thu Nov 03, 2011 3:12 pm

Re: v6.40.6 [bugfix] is released!

Wed Apr 04, 2018 10:30 am

LOOSE LIBRENMS CPU GRAPHS received by snmp after upgreade from 6.36.4 to 6.40.6 x86 platform

graphs stop on router os upgreade
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6615
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: v6.40.6 [bugfix] is released!

Wed Apr 04, 2018 4:53 pm

v6.40.7 is released!
viewtopic.php?f=21&t=132765

Who is online

Users browsing this forum: No registered users and 3 guests