Community discussions

  • 1
  • 2
  • 3
  • 4
  • 5
  • 12
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

v6.43rc [release candidate] is released!

Fri Apr 20, 2018 2:18 pm

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.43rc3 (2018-Apr-20 08:46):

*) bridge - fixed hardware offloading for MMIPS and PPC devices;
*) bridge - fixed LLDP packet receiving;
*) certificate - add "expires-after" parameter (CLI only);
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations;
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved boot time for Hyper-V installations;
*) crs317 - fixed link flapping when inserted S+RJ10 module without any cable;
*) crs3xx - fixed failing connections through bonding in bridge;
*) ike2 - use "policy-template-group" parameter when picking proposal as initiator;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations (CLI only);
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - separate phase1 proposal configuration from peer menu (CLI only);
*) led - added "dark-mode" functionality for hAP ac and hAP ac^2 devices;
*) led - improved w60g alignment trigger;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - allow to send "at-chat" command over disabled LTE interface;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "mode-button" support on hAP lite r2 devices;
*) w60g - allow to manually set "tx-sector" value;
*) w60g - fixed incorrect RSSI readings;
*) w60g - show phy rate on "/interface w60g monitor" (CLI only);
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - allow to specify "any" as wireless "access-list" interface;
*) winbox - fixed "/ip dhcp-server network set dns-none" parameter;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - show "Switch" menu on cAP ac devices;
*) winbox - show correct "Switch" menus on CRS328-24P-4S+;
*) wireless - enable all chains by default on devices without external antennas after configuration reset;
*) wireless - improved compatibility with BCM chipset devices (this includes phones by Xiaomi, Lenovo, etc);

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.

Note that release candidate versions are published strictly for testing purposes and should not be used on production routers.


Package updated 07/02/2018
To fix storage issue on your router, use package from the link,
https://www.mikrotik.com/download/share/fix_space.npk
- upload package to your router;
- run /system reboot
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1110
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 2:36 pm

Can the phy-rate and RSSI for 60G interfaces also be exposed over SNMP please?

Thanks!
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
AlexT
just joined
Posts: 22
Joined: Thu Mar 29, 2018 9:51 am

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 3:00 pm

*) winbox - show "Switch" menu on cAP ac devices;
*) winbox - show correct "Switch" menus on CRS328-24P-4S+;

How about displaying a "Switch" menu on hAP ac^2?

P. S. I hoped that this version will improve the work of Wi-Fi in the above device... Maybe in the next version...
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1211
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa
Contact:

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 3:07 pm

Wow, 6.43 already I see, not even 6.42.1. Rushing to get to V7 I assume :-)
MTCNA, MTCTCE, MTCRE & MTCINE
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1694
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 3:41 pm

Ready are you? What know you of ready? :lol: :lol: :lol:
Real admins use real keyboards.
 
anuser
Member
Member
Posts: 337
Joined: Sat Nov 29, 2014 7:27 pm

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 3:47 pm

*) wireless - improved compatibility with BCM chipset devices;
[/color]
Is that one for Broadcom IPQ4018 based cAP ac and hAP ac^2 devices?
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 3:47 pm

As usual after current release we release a new rc version.

This is changelog for 6.43rc3 (release candidate) not the 6.43 (current).
 
jarda
Forum Guru
Forum Guru
Posts: 7575
Joined: Mon Oct 22, 2012 4:46 pm

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 3:56 pm

That we know. What we would like to know from mikrotik is if it worths to test the wifi on hap ac2 with this RC or not.
 
AlexT
just joined
Posts: 22
Joined: Thu Mar 29, 2018 9:51 am

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 4:07 pm

*) wireless - improved compatibility with BCM chipset devices;
[/color]
Is that one for Broadcom IPQ4018 based cAP ac and hAP ac^2 devices?

Broadcom is not Qualcomm
Perhaps this item implies better compatibility of client devices with the BCM chip (for example: smartphones, tablets, laptops, etc.).
 
anuser
Member
Member
Posts: 337
Joined: Sat Nov 29, 2014 7:27 pm

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 4:23 pm

*) wireless - improved compatibility with BCM chipset devices;
[/color]
Is that one for Broadcom IPQ4018 based cAP ac and hAP ac^2 devices?

Broadcom is not Qualcomm
Perhaps this item implies better compatibility of client devices with the BCM chip (for example: smartphones, tablets, laptops, etc.).
Sorry, I mixed something...
 
yhfung
Member Candidate
Member Candidate
Posts: 142
Joined: Tue Nov 20, 2012 6:58 pm

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 5:21 pm

Regarding the v6.43rc3, the WiFi performance is the same as v6.42. There is no improvement found in this release candidate. For details for the test, please refer to the following post.

viewtopic.php?f=7&t=132648&start=100#p655666


YH
 
msatter
Forum Guru
Forum Guru
Posts: 1082
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 7:23 pm

I use some high ports defined in Mangle and after flashing this RC they were stripped of the 10.000 so port 15000 became 5000.

Update: repeated the update from 6.42 to 6.43RC3 and this time no high ports where changed. But there must be still a Gremlin in RouterOS that causes this sometimes.
Last edited by msatter on Sun Apr 22, 2018 2:35 pm, edited 1 time in total.
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.5
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
aboiles
newbie
Posts: 36
Joined: Sat Nov 07, 2015 6:52 pm

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 8:02 pm

Tried to upgrade Hyper-V CHR from 6.42 to 6.43rc3 - FAILED
No connection via winbox mac.
Hyper-V terminal froze.

Restored from backup, tied again - same result.

Downloaded fresh CHR VHDX image.
pasted configuration and nothing worked.

started fresh, and the only issue I could find was the interfaces changed.
ether1 > ether3
ether2 > ether1
ether3 > ether2
changed the configuration to reflect the new interfaces and it still failed.
until I removed the interface names (gateway, lan etc) it would crash.
Once it was configured with default interface names, it began working.
After a backup, changed the interface names and it accepted the changes.

Still haven't figured out why the terminal hung after the upgrade though.
 
User avatar
JohnTRIVOLTA
Member Candidate
Member Candidate
Posts: 176
Joined: Sun Dec 25, 2016 2:05 pm
Location: BG/Sofia

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 8:33 pm


*) wireless - improved compatibility with BCM chipset devices (this includes phones by Xiaomi, Lenovo, etc);
SUPER . I try some test and the 20 mb/ps speed problem and 54mb/ps connectivity with mobile phones is resolved ! Test Xiaomi Image
Test Nokia Image
 
User avatar
honzam
Forum Guru
Forum Guru
Posts: 2265
Joined: Wed Feb 27, 2008 10:27 pm
Location: Czech Republic

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 10:14 pm


*) wireless - improved compatibility with BCM chipset devices (this includes phones by Xiaomi, Lenovo, etc)
Very thanks!!! Work great!
viewtopic.php?f=7&t=102908&p=655735#p655735
LAN, FTTx, Wireless. ISP operator
 
MonkeyDan
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Fri Dec 29, 2017 8:41 pm

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 10:40 pm

+1 for having as much info as possible available via SNMP.
In the meantime, you find the PHY rate from MCS using this table: https://en.wikipedia.org/wiki/Wireless_ ... data_rates
Can the phy-rate and RSSI for 60G interfaces also be exposed over SNMP please?

Thanks!
 
bbs2web
Member Candidate
Member Candidate
Posts: 192
Joined: Sun Apr 22, 2012 6:25 pm
Location: Johannesburg, South Africa
Contact:

Re: v6.43rc [release candidate] is released!

Fri Apr 20, 2018 11:39 pm

*) chr - added support for multiqueue feature on "virtio-net";
Please advise if we should disable IRQ RPS when activating multi-queue VirtIO, I assume yes...

Looks better, IRQs increase on additional virtio1-input.1:
Image
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 9:16 am

tomaskir, MonkeyDan - Still work on progress. Will see what we can do about that in 6.43rc.
AlexT - Will be resolved in upcoming rc releases.
jarda, yhfung - This release does not resolve the problem to which you are reffering. We are still working on it.
AlexT, anuser - This fix includes compatibility with phones by Xiaomi, Lenovo, etc.
msatter - Please send supout file to support@mikrotik.com. Point out from which version you did upgrade your device.
aboiles - Please report this to support@mikrotik.com.
 
msatter
Forum Guru
Forum Guru
Posts: 1082
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 11:43 am

An other problem with with RC3. It is an problem I know from 6.41.2 and I could solve it then by not allowing the Neighbour Discovery inspect the L2TP/IPSEC connections by using !Dynamic. When Neighbour Discovery is doing its inspection it will reset the countdown on the Dail-On-Demand and the connection will not go to sleep after the set time. It is not triggered by the inspection to go up.
I see the figure 1056 in the Tx column on all L2TP connections.

It is not transmitted by anything else than the router because I use PCC and after activating the L2TP I disable connection marking for this L2TP path.

When I look at the Neighbor List it is empty and only when I set it to all it was showing my computer.

@Strods: my upgrade path was 6.40.6 and then 6.42 both and then 6.43RC3 all on firmware 3.41. I had only shortly 6.42 active before going to the RC.

Update: I did use Torch and it is: source 255.255.255.255:5678 to 172.10.21.5:5678 so a Discovery.

Update: I updated /interfaces interface Lists <button> Lists to include my grouped VPN interfaces to be excluded from Discovery. I first defined the interfaces into a group in Interface Lists. Now my connections go to sleep when they are not being used.
Last edited by msatter on Sat Apr 21, 2018 7:53 pm, edited 2 times in total.
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.5
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
nickdwhite
just joined
Posts: 11
Joined: Thu Jun 22, 2006 11:41 pm

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 5:15 pm

Tried to upgrade Hyper-V CHR from 6.42 to 6.43rc3 - FAILED
No connection via winbox mac.
Hyper-V terminal froze.

Restored from backup, tied again - same result.

Downloaded fresh CHR VHDX image.
pasted configuration and nothing worked.

started fresh, and the only issue I could find was the interfaces changed.
ether1 > ether3
ether2 > ether1
ether3 > ether2
changed the configuration to reflect the new interfaces and it still failed.
until I removed the interface names (gateway, lan etc) it would crash.
Once it was configured with default interface names, it began working.
After a backup, changed the interface names and it accepted the changes.

Still haven't figured out why the terminal hung after the upgrade though.
Yeah, mine breaks too. Upgraded from 6.42 to 6.43rc3 on two difference hosts running Hyper-V Core 2012 R2

Image
 
nordex
Frequent Visitor
Frequent Visitor
Posts: 91
Joined: Fri Mar 23, 2007 7:46 pm
Location: Croatia

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 5:38 pm

BEWARE !
Updating from 5.xx (5.27 I think) to this version will result in inaccessible device ! It will enter reboot loop.
I've done it on 15 pcs of rb751 and rb951-2n.
Netinstall will fix if you mess up.

Mikrotik please update your upgrade procedures
 
mrtester
just joined
Posts: 9
Joined: Sat Dec 23, 2017 11:09 pm

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 5:54 pm

You just simply decided on a nice Saturday morning to upgrad from 5.xx over more than 43 releases to an rc version and are surprised that it did not work? I am not. You should expect a problem if you upgrad any software between so many releases.
 
nordex
Frequent Visitor
Frequent Visitor
Posts: 91
Joined: Fri Mar 23, 2007 7:46 pm
Location: Croatia

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 6:25 pm

Hi, thanks for your simphaty.
I've tested it on device that had 6.0 prior to this and I saw it fixed wifi problem.
I was so happy.
Then I upgraded others(batch upgrade), and this problem happened.

I understand this is RC, and I wanted to warn others not to do same mistake, as well as mikrotik to fix or disable this type of upgrade.
That is sole purpose of forum community.

Best regards
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1694
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 9:04 pm

Thank you for warning but how many people do batch upgrade from such old version?
You have checked procedure with ROS 6.0 and extrapolated that 5.x should work too. You are brave admin.
Have you read changelogs? https://mikrotik.com/download/changelogs
Important note!!! Backup before upgrade!
RouterOS (v6.40rc36-rc40 and) v6.41rc1+ contains new bridge implementation that supports hardware offloading (hw-offload).
This update will convert all interface "master-port" configuration into new bridge configuration, and eliminate "master-port" option as such.
Bridge will handle all Layer2 forwarding and the use of switch-chip (hw-offload) will be automatically turned on based on appropriate conditions.
The rest of RouterOS Switch specific configuration remains untouched in usual menus for now.
Please, note that downgrading to previous RouterOS versions will not restore "master-port" configuration, so use backups to restore configuration on downgrade.
Real admins use real keyboards.
 
nordex
Frequent Visitor
Frequent Visitor
Posts: 91
Joined: Fri Mar 23, 2007 7:46 pm
Location: Croatia

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 9:54 pm

BartoszP, this site(hotel) has 200 ap-s dislocated on premises.
I have done previous upgrades from 5.x to 6.x without problems.
This particular release has bug in upgrade procedure.
Routerboard stuck in reboot loop.
It does not have any relation with changelog.
Netinstall to version 6.42 works fine.
Hope it will save time to someone else.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1694
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 10:10 pm

So why you have not upgraded first to 6.40.7 (bugfix) with old bridge implementation?
Why are you upgraded working hotel infrastructure to RC version? RC is test version so upgrade could fail.
Real admins use real keyboards.
 
nordex
Frequent Visitor
Frequent Visitor
Posts: 91
Joined: Fri Mar 23, 2007 7:46 pm
Location: Croatia

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 11:04 pm

So why you have not upgraded first to 6.40.7 (bugfix) with old bridge implementation?
Why are you upgraded working hotel infrastructure to RC version? RC is test version so upgrade could fail.
It was a sunny and beautiful day. Murphey was out of the town.
 
msatter
Forum Guru
Forum Guru
Posts: 1082
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.43rc [release candidate] is released!

Sat Apr 21, 2018 11:17 pm

Found an other problem with this RC. When I want to add a filter line using a script run at an On-UP event then "Place Before" or the whole script is not executed. The filter line is not added in the Nat table in my case.

When I enter the line manually in Terminal then the line is added without an hitch.

Ticket#2018042122002234
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.5
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
karwos
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Apr 02, 2015 7:28 pm
Location: Poland

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 12:00 am

Phone: huawei p9 lite
Problem: slow Wlan throughput and packet loss
Reported: year ago :D
Fixed: in v6.43rc3

Speedtest before upgrade: 19mbit / 39mbit
After upgrade: 89mbit/89mbit

Wondering if "auto" channel problems fixed too.
It would be prefferable to merge that fix to current/bugfix branch, so I can rollout updates for my customers.
 
sindy
Forum Guru
Forum Guru
Posts: 3277
Joined: Mon Dec 04, 2017 9:19 pm

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 9:20 am

@msatter,
When I want to add a filter line using a script run at an On-UP event then "Place Before" or the whole script is not executed. The filter line is not added in the Nat table in my case.
When I enter the line manually in Terminal then the line is added without an hitch.
Did this work in the previous versions? If yes, how exactly does that script line look like (I'm not interested in particular IP addresses but in the way how you obtain the index for
place-before
)
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
mrtester
just joined
Posts: 9
Joined: Sat Dec 23, 2017 11:09 pm

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 10:41 am

I did test upgrade from 5.26 to this version. Just for testing. Everything went well. Upgrade failed for you due to configuration or something like thta. In general it works just fine.
 
msatter
Forum Guru
Forum Guru
Posts: 1082
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 11:29 am

@msatter,
When I want to add a filter line using a script run at an On-UP event then "Place Before" or the whole script is not executed. The filter line is not added in the Nat table in my case.
When I enter the line manually in Terminal then the line is added without an hitch.
Did this work in the previous versions? If yes, how exactly does that script line look like (I'm not interested in particular IP addresses but in the way how you obtain the index for
place-before
)
It worked up to 6.42. You can't find that specific index and then you have to just make it yourself easy. The index is always the second line of the Hairpin in NAT, it pushes down earlier lines. When a VPN connection is severed the then the line is removed, and if not then it is removed on the following connect. I also remove on UP, the specific dead connections that might have not timed out in the meantime for that specific VPN connection.

On-up:
/ip firewall nat remove [find where comment="temp-vpn1"] 
/ip firewall connection remove [ find  where connection-mark="VPN1"]
:local ip [/ip address get [find where interface="VPNprovider-1"] value-name=address ];
/ip firewall nat add chain=srcnat action=src-nat to-addresses=$ip protocol=tcp  src-address-list=PrivateVPN connection-mark=VPN1 comment="temp-vpn1" place-before=1

On-down:
/ip firewall nat remove [find where comment="temp-vpn1"]
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.5
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
en1gm4
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Sun Oct 02, 2016 6:27 pm
Location: UK

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 12:12 pm

Deleted. Wrong thread. Kid control bug in webfig is in current release (not checked RC yet)
Last edited by en1gm4 on Sun Apr 22, 2018 3:56 pm, edited 2 times in total.
 
sindy
Forum Guru
Forum Guru
Posts: 3277
Joined: Mon Dec 04, 2017 9:19 pm

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 12:12 pm

@msatter,
When I want to add a filter line using a script run at an On-UP event then "Place Before" or the whole script is not executed. The filter line is not added in the Nat table in my case.
When I enter the line manually in Terminal then the line is added without an hitch.
Did this work in the previous versions? If yes, how exactly does that script line look like (I'm not interested in particular IP addresses but in the way how you obtain the index for
place-before
)
It worked up to 6.42.
...
/ip firewall nat ... place-before=1
That was my suspicion - numeric index can be used to identify a rule only following a
print
when doing manual configuration as the index is dynamically generated. Without the previous
print
, index 0 sometimes works but you cannot rely even on that when using it for
place-before
, as some chains contain dynamic rules which must stay at the beginning of the chain so any attempt to place a rule before them fails.

So to stay version-independent, comment the rule before which you want to place your one and use
place-before=[find comment="your-comment"]
.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
msatter
Forum Guru
Forum Guru
Posts: 1082
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 1:30 pm

It seems that the "comment" possibility is the BEST thing in RouterOS. Maybe Mikrotik should think of making this way of working official and implement a tag or label available so that comment can just be a comment.

Thanks Sindy for making this clear so the next time we don't think, WTF is happening now. ;-)

Update: it works like a charm and I have inserted a dedicated passthrough&comment line for this so that I can be sure it will inserted at the correct spot. I will migrate again to 6.43RC now to see if the port +10000 bug is reoccurring.

Update 2: I have implemented the suggestions by Sindy and the new script is:

On-Up:
:local profile "1"
/ip firewall connection remove [ find connection-mark="VPN$profile"]
:local ip [/ip address get [find where interface="permanent-vpn-$profile"] value-name=address ];
/ip firewall nat set [find comment="permanent-vpn-$profile"] disabled=no to-addresses=$ip

On-Down:
:local profile "1"
/ip firewall nat disable [find comment="permanent-vpn-$profile"] 
/ip firewall connection remove [find connection-mark="VPN$profile"]
I have more than one connection and to adapt it each time was cumbersome so I defined :local profile "X" to only have to change the number/name to create the script for the new connection.
Using SET instead of ADD to manipulate the lines in the NAT is a great tip by Sindy. viewtopic.php?f=21&t=133420&p=656006#p656033
Last edited by msatter on Sun Apr 22, 2018 6:14 pm, edited 3 times in total.
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.5
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
bbs2web
Member Candidate
Member Candidate
Posts: 192
Joined: Sun Apr 22, 2012 6:25 pm
Location: Johannesburg, South Africa
Contact:

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 2:40 pm

VirtIO multi-queue appears to be working:

PS: I have poor connectivity at my present location, the gaps in the graph relate to this,not the release candidate's performance...

Nice to see MikroTik tying the input and output vCPU assignments to the same core. This correlates to information published here:
https://www.linux-kvm.org/page/Multiqueue-optimization.

Do MikroTik use a flow director, to assign outgoing traffic back to the queue it came in on? Does this subsequently require connection tracking?

Image
 
sindy
Forum Guru
Forum Guru
Posts: 3277
Joined: Mon Dec 04, 2017 9:19 pm

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 3:09 pm

It seems that the "comment" possibility is the BEST thing in RouterOS. Maybe Mikrotik should think of making this way of working official and implement a tag or label available so that comment can just be a comment.
...
I have inserted a dedicated passthrough&comment line for this so that I can be sure it will inserted at the correct spot.
Finding a rule by a comment is the last resort, you can find a rule using a unique combination of other parameters as well (if a unique combination exists of course).
And in your case, you don't need to use another rule as a label holder, you could as well keep your rule in place and just modify it:
On up:
/ip firewall nat set [find comment="permanent-vpn1"] disabled=no to-addresses=$ip

On down:
/ip firewall nat set [find comment="permanent-vpn1"] disabled=yes
or
/ip firewall nat disable [find comment="permanent-vpn1"]
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
andriys
Forum Guru
Forum Guru
Posts: 1074
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 7:38 pm

msatter, another solution to your task would be introducing a separate custom chain for your dynamic rules, then jumping to this custom chain at the point where you currently insert your dynamic rules. In the script you then simply add your dynamic rules to the top of your custom chain not worrying about the rule order at all.
 
sindy
Forum Guru
Forum Guru
Posts: 3277
Joined: Mon Dec 04, 2017 9:19 pm

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 8:43 pm

msatter, another solution to your task would be introducing a separate custom chain for your dynamic rules, then jumping to this custom chain at the point where you currently insert your dynamic rules. In the script you then simply add your dynamic rules to the top of your custom chain not worrying about the rule order at all.
He's dealing with a single rule and needs to remove/modify it. If it is harmless to have a jump to a custom chain which currently doesn't exist, then yes, he can add the only rule to that chain and remove it from there. Is that what you had in mind? Because the rule order within the chain does matter if there would be more than one.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
msatter
Forum Guru
Forum Guru
Posts: 1082
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.43rc [release candidate] is released!

Sun Apr 22, 2018 10:00 pm

I did not wanted to post more on this 6.43RC3 thread and put updated information in my previous posting. I have multiple VPN connections active at the same which are on demand activated and disconnect when not being used.

The NAT lines have to be in specific part of the hairpin and the position of each line in the VPN block is not important because connection marking is filtering.

I use now static lines where the address changes depending on which VPN entry point is selected by the randomized DNS list (round robin). I can even use different vpn-providers and only a small percentage of websites do not like that you are coming from everywhere. PCC on the source-port determines which connection is used. Destination port and address-list controls if a site should only be visited from the same VPN.

I have now created a schedule on start-up which switches each static NAT VPN off after a two second delay so it symmetric to the activate script on-up of the VPN connection.

Like it is working now, pleases me. Thanks for all the help on this.
Last edited by msatter on Mon Apr 23, 2018 10:57 am, edited 1 time in total.
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.5
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 7:41 am

msatter - We already recieved such problem report and will fix it as soon as possible.
nickdwhite - We will look into this. In order to resolve this faster - please send this problem report to support@mikrotik.com.
nordex - Please write to support@mikrotik.com and provide your configuraton which was used on 5.26 version. We will try to reproduce the same problem locally.
en1gm4 - Thanks for properly reporting the problem in related release topic.
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 3:01 pm

Version 6.43rc4 has been released.

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

Changes since previous rc release:

!) winbox - fixed vulnerability that allowed to gain access to an unsecured router;
*) bridge - added ingress filtering options to bridge interface (CLI only);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) crs317 - fixed link flapping when inserted S+RJ10 module without any cable;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations (CLI only);
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) winbox - fixed "/ip dhcp-server network set dns-none" parameter;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as expected or after crash.

Note that release candidate versions are published strictly for testing purposes and should not be used on production routers.
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1110
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 3:20 pm

@strods
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations (CLI only);

Can you please elaborate on what this does?
Unimus - configuration management, automation and backup solution
Mass Config Push, network-wide RouterOS upgrades, and more!
 
User avatar
Bergante
Member Candidate
Member Candidate
Posts: 130
Joined: Tue Feb 28, 2012 12:27 pm
Location: Bilbao, Spain

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 3:53 pm

Can the phy-rate and RSSI for 60G interfaces also be exposed over SNMP please?
They do on 6.43rc. IF-MIB::ifSpeed shows the PHY rate. Before 6.43 it showed 10 Mbps.
 
User avatar
emils
MikroTik Support
MikroTik Support
Posts: 431
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 3:56 pm

Can you please elaborate on what this does?
Responder=yes/no configures whether a specific mode-config entry will act as a initiator or a responder. Previously only the default "request-only" entry acted as an initiator. Since the newly added "src-address-list" parameter works for initiator only and may be different between multiple mode-config clients, it may be necessary for a user to add multiple mode-config initiator configurations.
 
User avatar
mozerd
Member Candidate
Member Candidate
Posts: 218
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 6:18 pm

No System Health data for hAP ac2 and firmware 6.43rc4
You do not have the required permissions to view the files attached to this post.
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 8:20 pm

mozerd - This device does not have any hardware monitoring sensors on it.
 
User avatar
juliokato
Member Candidate
Member Candidate
Posts: 227
Joined: Mon Oct 26, 2015 4:27 pm
Location: Brazil

Re: v6.43rc [release candidate] is released!

Mon Apr 23, 2018 8:36 pm

mozerd - This device does not have any hardware monitoring sensors on it.
bad news, I'd rather pay more for a product with better features. My choice today is hAP AC.
I apologize my grammatical errors, my english not so good, I am not a native speaker.
Wiki is maintained in English. I use Google translator. 8)
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.43rc [release candidate] is released!

Tue Apr 24, 2018 7:54 am

You can see available sensors for each product at our products page:

https://mikrotik.com/product/RB962UiGS-5HacT2HnT

Details
PCB temperature monitor Yes
Voltage Monitor Yes

https://mikrotik.com/product/hap_ac2

No such monitors listed.
 
antonsb
MikroTik Support
MikroTik Support
Posts: 187
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: v6.43rc [release candidate] is released!

Wed Apr 25, 2018 4:40 pm

That we know. What we would like to know from mikrotik is if it worths to test the wifi on hap ac2 with this RC or not.
Next RC release will have possible fix for this
  • 1
  • 2
  • 3
  • 4
  • 5
  • 12

Who is online

Users browsing this forum: No registered users and 3 guests