This was bug with hEX bridge! Now all works ok!Please provide more information about this issue to support@mikrotik.comAfter update to 6.43rc11 My Kodi player on Raspberry could't connect to Synology NAS via NFS or SMB!
This was bug with hEX bridge! Now all works ok!Please provide more information about this issue to support@mikrotik.comAfter update to 6.43rc11 My Kodi player on Raspberry could't connect to Synology NAS via NFS or SMB!
I'd like to know what kind of NV2 performance improvement we can expect from version 6.43? I did notice improvements in version 6.42 but heard of people saying the new 6.43rc is worse then 6.42...is it further improvement from 6.42.1?*) wireless - improved Nv2 PtMP performance;
Agreed, I've upgraded my production routers to 6.43rc7 and they are working very well.DHCP Client seems to be sorted out and working now!
Then it must be related to something you do on all the devices you manage. What are you doing that could consume diskspace and that could be nonstandard?Im seeing a disc space leak over time. Im seeing it on TILE, MIPSBE and PPC. Im seeing it on all the devices I manage.
what about selective qinq?Version 6.43rc14 has been released.
*) bridge - added initial Q-in-Q support (CLI only);
/interface bridge
add name=bridge vlan-filtering=yes vlan-protocol=802.1ad
/interface bridge port
add bridge=bridge interface=ether1
add bridge=bridge interface=ether2
/interface bridge vlan
add bridge=bridge untagged=ether1,ether2 vlan-ids=1
add bridge=bridge tagged=ether1,ether2 vlan-ids=200
/interface ethernet switch rule
add mac-protocol=ipx new-vlan-id=200 ports=ether1 switch=switch1
what exactly is fixed in protected routerboard?Version 6.43rc14 has been released.
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
That's just a warning that you are running overclocked CPU. If it's stable and not overheating, you can just ignore it (That is if you need this higher speed. If not, just lower it to default value). Same message is also output in the log every time router starts.Frenquensy probleem!!!
after upgrading, do not accept passwords, two different routers!Version 6.43rc17 has been released.
from where? did you read above post, that you need other Winbox version?after upgrading, do not accept passwords, two different routers!Version 6.43rc17 has been released.
same answer. please read the post until bottomWhere is the new topic about 3.14?
it is simple way - in whats new you can allways write some notes, about changesfrom where? did you read above post, that you need other Winbox version?after upgrading, do not accept passwords, two different routers!Version 6.43rc17 has been released.
I'm sorry, but have you read them? It is in the notes
it is simple way - in whats new you can allways write some notes, about changes
Love it! Wireless Wire keeps getting better.*) w60g - added 4th 802.11ad channel (CLI only);
*) w60g - general stability and performance improvements;
*) w60g - improved maximal achievable distance;
*) w60g - removed distance lock for wAP 60G devices;
I have the same problem. I was trying to install a new wAP, and the upgrade pushed it to 6.43rc17 so I triggered the upgrade on my router as well and now I'm locked out of winbox with a username/password incorrect failure. CLI is unaffected.However I cannot login, even after a configuration reset, neither with "old" winbox, nor with the proposed one, nor with telnet or MAC telnet or ssh. admin with blank password still doesn't work...
Any suggestion will be greatly appreciated!
14:12:14 system,error,critical login failure for user matthew from D4:BE:D9:9E:B4:E3 via winbox
14:12:19 system,error,critical login failure for user matthew from D4:BE:D9:9E:B4:E3 via winbox
14:13:23 system,error,critical login failure for user admin from 10.1.20.253 via winbox
14:13:28 system,error,critical login failure for user admin from 10.1.20.253 via winbox
14:13:32 system,error,critical login failure for user admin from 10.1.20.253 via winbox
14:13:37 system,error,critical login failure for user admin from 10.1.20.253 via winbox
14:13:44 system,error,critical login failure for user matthew from 10.1.20.253 via winbox
14:13:54 system,error,critical login failure for user matthew from 10.1.20.253 to romon network
Hello MikroTik team,
*) w60g - general stability and performance improvements;
*) w60g - improved maximal achievable distance;
*) w60g - removed distance lock for wAP 60G devices;
The point is that system passwords are hashed and no longer available in plain text. This is not possible.*) backup - do not encrypt backup file unless password is provided;
I like the current way it works the backup is encrypted with admin password.
Please make an option to encrypt using current admin password like before, I don't want to have my backup unencrypted neither want to put a password in a script to make the backup.
Where I can download winbox 3.14 rc ? thanks
In order to access router running this version by Winbox, please download v3.14rc Winbox loader from here:
https://www.mikrotik.com/download/share/winbox.exe
Thanks. This solved my issue. Would it be helpful for the router / winbox to do a version match check before authentication to avoid the erroneous User/Password errors?Where I can download winbox 3.14 rc ? thanksIn order to access router running this version by Winbox, please download v3.14rc Winbox loader from here:
https://www.mikrotik.com/download/share/winbox.exe
You should not install RC versions when you don't or cannot read the release notes and the announcements here on the forum!Thanks. This solved my issue. Would it be helpful for the router / winbox to do a version match check before authentication to avoid the erroneous User/Password errors?
You can install a previous version of RouterOS using the Netinstall.I made a hard reset after login error, right now with version 3.14rc1 I still receive user or password error. What should I do?
Can you tell me where I find the procedure?You can install a previous version of RouterOS using the Netinstall.I made a hard reset after login error, right now with version 3.14rc1 I still receive user or password error. What should I do?
http://www.mikrotik.com.my/reinstalling ... rial-port/Can you tell me where I find the procedure?
Normally I would have been more careful, but only an rc version higher than what I already had - I was careless. Glad it was easily rectified. That said, I'm just giving a user experience improvement suggestion. Don't bite, we're all professionals here.You should not install RC versions when you don't or cannot read the release notes and the announcements here on the forum!Thanks. This solved my issue. Would it be helpful for the router / winbox to do a version match check before authentication to avoid the erroneous User/Password errors?
This quote says it all ...Note that release candidate versions are published strictly for testing purposes and should not be used on production routers.
Hello MikroTik team,
could you please provide more details - what performance improvements have been done, what is the new maximal achievable distance and what exactly is distance lock?
Thank you in advance.
Distance was limited with frame lifetime, this limitation now is removed. We reworked RX pattern part to utilize it more efficiently. In some channels link can be established over 2km distance.Love it! Wireless Wire keeps getting better.
What's "distance lock" though?
Its not a issue for me. I can Netinstall in my sleep and I always keep a stable in a partition.. Thats not my point.. A Release Candidate should at least be checked that it does not lock out users. Ive been doing Mikrotik RCs for 8 years and the severity of the errors recently is way off the charts VS the last 8 years.This quote says it all ...Note that release candidate versions are published strictly for testing purposes and should not be used on production routers.
rc releases are BETA releases, don't use it if you can't lose it !
It would be better to move that link (and the text) to the changelog so people who update from their router without reading this thread will also see it.Link to Winbox rc is in the above post, where RC is announced. Please all read the posts. It is not that hard.
Usually when people claim "router is bricked, netinstall does not work" it simply means they do not do the netinstall correctly as they have never done it before and thus do not know what to expect.Unfortunately I did not succeed, mikrotik is bricked, it was not possible to use netinstall
Indeed it was there, it does work... Thank youLink to Winbox rc is in the above post, where RC is announced. Please all read the posts. It is not that hard.
At least read the RC announcement post by MikroTik staff. RC versions CAN and often DO break things. RC is for testing, so reading notes is important.Indeed it was there, it does work... Thank youLink to Winbox rc is in the above post, where RC is announced. Please all read the posts. It is not that hard.
It is indeed not that hard but some times we are not given the "gift of time" to read all pages of all posts. I would try to edit and stick it to the first post or some place "sticky" since 20 people asked the same think to help us (not having too much time always)
Thank you again
Hi Normis.At least read the RC announcement post by MikroTik staff. RC versions CAN and often DO break things. RC is for testing, so reading notes is important.Indeed it was there, it does work... Thank youLink to Winbox rc is in the above post, where RC is announced. Please all read the posts. It is not that hard.
It is indeed not that hard but some times we are not given the "gift of time" to read all pages of all posts. I would try to edit and stick it to the first post or some place "sticky" since 20 people asked the same think to help us (not having too much time always)
Thank you again
These are two different forumsYou are wasting time and energy, on this forum discussing bugs with your end users when you must use this forum to talk about improvements and new features.
Is now mentioned at the top of the posting. The original communication was sub par..
.
Also for those too lazy to read where to get the new winbox.exe here you go: https://www.mikrotik.com/download/share/winbox.exe that link was not in the update text of the package manager, but was in the post about the latest release.
Honestly, I dont understand what has happened. Something really changed at Mikrotik. Ive been doing RCs for 8+ years. For 7+ years the RCs were as stable as the stable version. ALMOST NO BUGS OR ISSUES. Suddenly in the last like 3-4 months things have really taken a turn in a bad direction. So much so im now buying Ubiquity. The 42.1 "stable" release was abhorrent and bug ridden in ways that were inexplicable. DHCP client did not work in a "stable" release for example. The change log from 42.1 to 42.2 is stunning. They took away a feature that was critical to me and had been in RouterOS for more then 8 years, Netwatch. For me Mikrotik seems to have become untrustworthy as almost anything could break, even in "stable" releases. Features might be taken away with no notice or explanation. Mikrotik is not addressing any of this in the forums. They need to post a apology for causing so much money loss for on site visits to Netinstall "Stable" 42.2 updates. Ive got a reproducable issue now im dealing with support on where disc space is lost during a update. If you upgrade or downgrade this can occur and if you do it twice you can no longer upgrade or downgrade and your only way is to then go on site and netinstall. This occurs on Tile, MIPSBE and PPC so far that I know of and occurs in the "stable" 42.x and when upgrading from RC14 to 17. 10MB is lost in disc space with each upgrade/downgrade. It appears some file or files is not being deleted in a update. OR. Some file is being generated. Ive given Mikrotik remote access to the router to look at it. It should be simple, log in, and with thier special access go look at files and see whats taking up too much space.
Hi Normis.
Mikrotik must implement automated tests ASAP. You must stop breaking things even in rc versions. The only way to make high quality software is doing a lot of test...since unit test, integration test, UI test, E2E test, etc. Launch a new version (even a RC) whitout automated testing is an irresponsability, at least in 2018.
BR,
Diego.
You are exaggerating "a bit". Mikrotik started releasing public RCs since mid-2015 (since v6.32 or 6.31, but definitely not earlier), which means you could not have been using RCs for more then 3 years. And final versions before that time were just horrible. Introduction of the release channels was a huge improvement in their release management, bugfix channel brought stability that had never been seen before. And RCs... well, their main purpose (as with any beta software) is to break early.Ive been doing RCs for 8+ years. For 7+ years the RCs were as stable as the stable version.
The current stable version is 6.40.8 (the latest one in the BugFix release channel). The version 6.42.2 (and 6.42.1 before that) has been release in the Current release channel, which means it is not yet considered stable enough.The 42.1 "stable" release was abhorrent and bug ridden in ways that were inexplicable.
Honestly, I dont understand what has happened. Something really changed at Mikrotik. Ive been doing RCs for 8+ years. For 7+ years the RCs were as stable as the stable version. ALMOST NO BUGS OR ISSUES. Suddenly in the last like 3-4 months things have really taken a turn in a bad direction. So much so im now buying Ubiquity. The 42.1 "stable" release was abhorrent and bug ridden in ways that were inexplicable. DHCP client did not work in a "stable" release for example. The change log from 42.1 to 42.2 is stunning. They took away a feature that was critical to me and had been in RouterOS for more then 8 years, Netwatch. For me Mikrotik seems to have become untrustworthy as almost anything could break, even in "stable" releases. Features might be taken away with no notice or explanation. Mikrotik is not addressing any of this in the forums. They need to post a apology for causing so much money loss for on site visits to Netinstall "Stable" 42.2 updates. Ive got a reproducable issue now im dealing with support on where disc space is lost during a update. If you upgrade or downgrade this can occur and if you do it twice you can no longer upgrade or downgrade and your only way is to then go on site and netinstall. This occurs on Tile, MIPSBE and PPC so far that I know of and occurs in the "stable" 42.x and when upgrading from RC14 to 17. 10MB is lost in disc space with each upgrade/downgrade. It appears some file or files is not being deleted in a update. OR. Some file is being generated. Ive given Mikrotik remote access to the router to look at it. It should be simple, log in, and with thier special access go look at files and see whats taking up too much space.
Hi Normis.
Mikrotik must implement automated tests ASAP. You must stop breaking things even in rc versions. The only way to make high quality software is doing a lot of test...since unit test, integration test, UI test, E2E test, etc. Launch a new version (even a RC) whitout automated testing is an irresponsability, at least in 2018.
BR,
Diego.
Things are a huge mess.
Ive ALWAYS used and LOVED Mikrotik products. So I keep hoping it will get worked out and we will get back to super stable. Locking out all users updating to RC17 does not look good. It really appears zero testing was done. Did no one at Mikrotik upgrade and login ?
Sorry for my rant. I love Mikrotik, but, we gotta get things back to super stable again. Till then I have all my production routers on 6.41.4 as that was really the last truly STABLE STABLE.
I agree with you. I've been playing with rc versions since they introduced the release channels. I have shot myself in the balls several times with them requiring a netinstall and some voodoo.You are exaggerating "a bit". Mikrotik started releasing public RCs since mid-2015 (since v6.32 or 6.31, but definitely not earlier), which means you could not have been using RCs for more then 3 years. And final versions before that time were just horrible. Introduction of the release channels was a huge improvement in their release management, bugfix channel brought stability that had never been seen before. And RCs... well, their main purpose (as with any beta software) is to break early.Ive been doing RCs for 8+ years. For 7+ years the RCs were as stable as the stable version.
API authentication method have changed, see API manual:I have a feeling that the API calls cannot authenticate now!
Is it to be expected that using this new winbox on older releases (6.42.2) causes problems?In order to access router running this version by Winbox, please download v3.14rc Winbox loader from here:
https://www.mikrotik.com/download/share/winbox.exe
I modified it and it seams to work but....API authentication method have changed, see API manual:I have a feeling that the API calls cannot authenticate now!
https://wiki.mikrotik.com/wiki/Manual:API#Initial_login
Is that why I can't modify the username via API?Basically the last two RouterOS versions have been released for testing purposes for everything besides Winbox. We are working on a new Winbox version and have provided rc version earlier within this topic. When 6.43 and Winbox 3.14 will be released, then both of them will work together just fine. Read-only fields issue will be resolved in next Winbox release.
And will the new Winbox then still support older RouterOS versions?When 6.43 and Winbox 3.14 will be released, then both of them will work together just fine.
How secure is plaintext password over insecure connection?.. Will there be any change in it back to challenge-response auth?API authentication method have changed, see API manual:I have a feeling that the API calls cannot authenticate now!
https://wiki.mikrotik.com/wiki/Manual:API#Initial_login
In general, challenge-response auth protocols require the availability of the unhashed password on the router and that is what is being removed for security reasons.Will there be any change in it back to challenge-response auth?
https://www.mikrotik.com/download/share/winbox.exePlease Help! I upgraded to 6.43rc17, could not enter and reset the settings. Now I can not go in with a new winbox, not with an old winbox. Version of the nethinstall that is needed to update, I could not find on the download page.
download/file.php?id=32109New winbox does not work! Wrong password!
There is an error with this version of winbox::"could not get index missing file".download/file.php?id=32109New winbox does not work! Wrong password!
+ generate your own certificate to exclude MitMFor secure connection use api-ssl
Why can't router send, for example, salt of the password hash + some challenge, and then client uses that salt to generate hashed password and HMAC with challenge to generate response?In general, challenge-response auth protocols require the availability of the unhashed password on the router and that is what is being removed for security reasons.
There are tricks around that but those protocols are often regarded as not very secure either.
implementing SSL in our utilities is a problem (time etc). Since the API is proprietary protocol the login phase could be easily changed to not send plain text password and still allow you in the RouterOS to store only hashed passwords. Just make the 'challenge' hash from the hashed password not from plaintext one. If the password hash is easily usable one (i.e. if we can use it in our scripts to create the hash from password the same way the ROS does) it should work fine.For secure connection use api-ssl
Netinstall 6.43rc19 does not work. I think for routeros 6.43rc17 need netinstall 6.43rc17.That version has been withdrawn. You would not want to install that! Get the 6.43rc19
Wait, the first step in the post-v6.43 login method is to send the password in plain text? Who the hell thought that was a good idea?API authentication method have changed, see API manual:
https://wiki.mikrotik.com/wiki/Manual:API#Initial_login
Winbox 3.14RC work fine.... What's wrong with me?Login by Winbox does not work but SSH and Telnet works
download last winbox 3.14RC and "login great again".I reset my cfg with no default settings how do I get back in? It's over 300ft on a tower. I can mac telnet, but it tells me password is wrong.
I was experiencing very low download speeds. Been tying several rc versions. But now i have one AP and i cant get on it. Is there anything i can do???? Netinstall recognizes my AP but does not install.Why those who cannot login even installed the rc version?
What a mess.
First I connected via serial. Then I reformatted my NAND. So I Netinstalled 6.41.4 as to me that seems like the only stable version. I then updated firmware to the 6.41.4.. I formatted NAND again to be sure once I was sure of my firmware. I netinstalled 6.41.4 again and used a backup from months ago. This resulted in a clean install using a truly stable version of RouterOS. I dont consider 6.42.x or 6.43.x stable.
Once I had that up and going. I repartitioned to 2. I copied my known good clean install into the second partition. Copied the config. i then made it active and rebooted to change to it and verified it was good.
I then switched back and upgraded 6.41.4 to 6.43.19. Of course I lost Winbox access, however, Winbox 2.x works great as it does not use authentication.
So ive been running 6.43.19 for 3 days on a SOHO setup and its working fine. No issues in my simple test setup other then no 3.x Winbox and NO NETWATCH.
I do have a production older PPC based router which is stuck on 6.42.1 and only has 6MB of disc space left and so I cant update it. This sudden irreversible loss of discspace making it impossible to upgrade/downgrade is a unpatched issue that so far is kinda random. But it also occurs with 43RC so watch your system/resources/diskspace. The only way to fix this is NAND format and Netinstall.
Yea at this point these should not be considered Release Candidates, they should be considered engineering daily builds that could brick your device and require physical access with a serial cable to recover. I now consider ANYTHING that comes from Mikrotik in this category. Look at how bad the "stable" release of 42.1 was.
So for me 6.41.4, all services disabled except Winbox and that set to LAN side only with a custom port.
MIKROTIK - PLEASE REVIEW AND CORRECT ALL KNOWN ISSUES BEFORE ADDING ANY NEW FEATURES. FOCUS YOUR STAFF ON GETTING THINGS STABLE AND RESTORING LOST FEATURES LIKE NETWATCH. 43RC19 is close. Fix authentication and add Netwatch.
The forum users here are awesome. So is Mikrotik. Ive been using ONLY mikrotik products for 8 years. Im confident things will get resolved. BUT. Im concerned by all these missteps in a row over the last 2 months.@Xymox,
what have we (forum users) done to you?
Please stop flooding forum with useless texts. if you have to say something ugly to mikrotik staff, please write directly to support, not here.
If you have been following these topics on the forum for some time, you shold know, they are exactly that.Yea at this point these should not be considered Release Candidates, they should be considered engineering daily builds that could brick your device and require physical access with a serial cable to recover. I now consider ANYTHING that comes from Mikrotik in this category. Look at how bad the "stable" release of 42.1 was.
Note that release candidate versions are published strictly for testing purposes and should not be used on production routers.
Unfortunately some people can't read it if they don't visit the forum There's no such warning in WinBox, for example.That warning is perfectly clear. Unfortunately some people don't read.
So rc!=rc that makes no sense!If you have been following these topics on the forum for some time, you shold know, they are exactly that.Yea at this point these should not be considered Release Candidates, they should be considered engineering daily builds that could brick your device and require physical access with a serial cable to recover. I now consider ANYTHING that comes from Mikrotik in this category. Look at how bad the "stable" release of 42.1 was.
Unofficially "rc" = "beta" or "nightly build". "current" = "rc". "bugfix" ="stable"
And why should people have to read these things, just make RC a real RC and not a nightly.Unfortunately some people can't read it if they don't visit the forum There's no such warning in WinBox, for example.That warning is perfectly clear. Unfortunately some people don't read.
... or call it "Recently Compiled" instead of "Release Candidate"...And why should people have to read these things, just make RC a real RC and not a nightly.
Naming of releases should be self explanatory
Or call it "Ridiculous Count"... Once Linus Torvalds stated:... or call it "Recently Compiled" instead of "Release Candidate"...And why should people have to read these things, just make RC a real RC and not a nightly.
Naming of releases should be self explanatory
However, for some reason four numbers just looks visually too obnoxious to me, so as I don't care that much, I'll just use "-rc", and we can all agree that it stands for "Ridiculous Count" rather than "Release Candidate".
As I have said. I love Mikrotik. I literally use nothing else. For 8+ years. I have great respect for Normis here on the forum. I NEVER intended any disrespect to anyone or to Mikrotik. In fact, I have great respect that they have allowed me to post these posts.If you have been following these topics on the forum for some time, you shold know, they are exactly that.Yea at this point these should not be considered Release Candidates, they should be considered engineering daily builds that could brick your device and require physical access with a serial cable to recover. I now consider ANYTHING that comes from Mikrotik in this category. Look at how bad the "stable" release of 42.1 was.
Unofficially "rc" = "beta" or "nightly build". "current" = "rc". "bugfix" ="stable"
Regarding the travel cost to many sites from the same reason... It looks like you are not testing the new versions before productive implementation. Otherwise I cannot explain to myself how you could break many remote sites at once. I always deploy newer versions in vawes starting on the closest sites and continue with the further if nothing bad happens during a week or so. But never at once.
Technically, 6.42 topic is locked, so they continue hereAnd again - this is not 6.43rc version related discussion.
Things, just got interesting!!Version 6.43rc21 has been released.
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
!) radius - use MS-CHAPv2 for "login" service authentication;
Could you please explain how to enable this function?*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - fixed DHCP server stuck in invalid state;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
So... Where's my health?*) winbox - show "System/Health" only on boards that have health monitoring;
I wish Mikrotik would just move to a compressed root image thats decompressed to a Read-Only RAM disk on boot, with a seperate R/W partition for persistent data (configuration files), accross all platforms. RAM is cheap, and a lot of existing platforms already have enough RAM to do this.I lost 10MB of disc space when I upgraded from RC19 to RC21 on a CCR. Ive seen this same thing on PPC and MIPSBE.. MT Support replicated it and is working on it. After a few upgrades or downgrades you can run out of space and then the only thing you can do is Netinstall as your stuck on whatever version your at. This effects 6.42.x thru 6.43RC21. So careful upgrading as you might be loosing space with each time you do it, this is kinda critical on devices with low disc space.. MT support has seen it, so, its getting worked on.
IMHO always use partitions when you upgrade so its easy to go back.
Netwatch problem persistXymox - for example, your Netwatch includes this command "/system script run IPSMTP". So are policies write,read,reboot,test or only some of them, only ones that are enabled on this script? For example, no romon policy, no dude policy, etc. And again - this is not 6.43rc version related discussion.
MT has said this thread is not the place for Netwatch discussion. So I started a separate thread. viewtopic.php?f=2&t=134538Netwatch problem persistXymox - for example, your Netwatch includes this command "/system script run IPSMTP". So are policies write,read,reboot,test or only some of them, only ones that are enabled on this script? For example, no romon policy, no dude policy, etc. And again - this is not 6.43rc version related discussion.
tested on rb750UP with routeros 6.43RC21
No log error, only log the netwatch up or down, script dont run, no error messages
User owner of the script permissions full
Captura.JPG
The wiki has been updated with examples:Could you please explain how to enable this function?*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - fixed DHCP server stuck in invalid state;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
I've looked at wiki, but there are details only about leases and bindings.
Cheers
Thanks for that, artz!The wiki has been updated with examples:
https://wiki.mikrotik.com/wiki/Manual:I ... e_limiting
https://wiki.mikrotik.com/wiki/Manual:I ... e_limiting
I only have suggestions for improvement:Everyone who complained about the Netwatch issue - Please see this topic viewtopic.php?f=2&t=134538
https://wiki.mikrotik.com/wiki/Manual:API#Initial_loginCould anyone give an example of how to connect in the api PHP in the new version of mikrotik v3.43rc21
I modified the php file for now this way and it works... it is not detecting prior version... I hope 6.43 comes out soon to keep it like thathttps://wiki.mikrotik.com/wiki/Manual:API#Initial_loginCould anyone give an example of how to connect in the api PHP in the new version of mikrotik v3.43rc21
check version one would need if he has to manage multiple devices prior the change and after like me.You don't have to check version.
* Send /login with username and password in plain text
* if response is with challenge then fall back to old login method
* otherwise check status if login is successful
As an example see how it is done on python example in the wiki
if ($this->socket) {
socket_set_timeout($this->socket, $this->timeout);
// RouterOS >= 6.43
$this->write('/login', false);
$this->write('=name=' . $login, false);
$this->write('=password=' . $password);
$RESPONSE = $this->read(false);
if (isset($RESPONSE[0]) && $RESPONSE[0] == '!done') {
//RouterOs < 6.43
if (isset($RESPONSE[1])) {
$MATCHES = array();
if (preg_match_all('/[^=]+/i', $RESPONSE[1], $MATCHES)) {
if ($MATCHES[0][0] == 'ret' && strlen($MATCHES[0][1]) == 32) {
$this->write('/login', false);
$this->write('=name=' . $login, false);
$this->write('=response=00' . md5(chr(0) . $password . pack('H*', $MATCHES[0][1])));
$RESPONSE = $this->read(false);
if (isset($RESPONSE[0]) && $RESPONSE[0] == '!done') {
$this->connected = true;
break;
}
}
}
}
else
{
$this->connected = true;
break;
}
}
fclose($this->socket);
}
Nothing worked for me either when I upgraded from v5.26 straight to 6.42.3 and I tested it in different platforms with the same exact boot problem. Everything stopped working after the upgrade and you had to use netinstall to recover. However everything worked good when upgrading to bugfix first and then to current. I had no boot problems whatsoever. However I could not get a clean backup when upgrading from bugfix to current. I get always an error so after both upgrades are done you have to do a final step and reset to factory defaults and then copy paste the original rsc file.I did test upgrade from 5.26 to this version. Just for testing. Everything went well. Upgrade failed for you due to configuration or something like thta. In general it works just fine.
Security risk is really not as important as functionality and speed to me in some installations as those old versions are not accessible. I was actually forced to downgrade from current as there is lack of MT support and broken code in later versions of ROS for the dual nstream, besides a few other problems, like the backup error current ROS almost always has. Those old versions have been working rock solid for many years. Sometimes upgrading is not a very wise choice.And, keep "current" a bit more regularly. Running such old versions is a security risk, that is widely known in all of the software world.
So where is new Windows Bandwidth Test app?!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
Version 6.43rc21 has been released.
MAJOR CHANGES IN v6.43:
----------------------
!) winbox - improved authentication process excluding man-in-the-middle possibility (Winbox v3.14 required);
----------------------
Thanks. It's working for Winbox, but Dude is still complainingVersion 6.43rc21 has been released.
MAJOR CHANGES IN v6.43:
----------------------
!) winbox - improved authentication process excluding man-in-the-middle possibility (Winbox v3.14 required);
----------------------
You can find Winbox here: https://mikrotik.com/download
As I wrote in the 6.42.3 thread, the check-installation function does not seem to have the claimed new functionality/System check-installation reports everything ok and the old system check-disk is no longer there.
What are those bindstr and bindstr2?*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
is it for SXT LTE?*) lte - improved modem event processing;
Hello @mrz ,You don't have to check version.
* Send /login with username and password in plain text
* if response is with challenge then fall back to old login method
* otherwise check status if login is successful
As an example see how it is done on python example in the wiki
def login(self, username, pwd):
for repl, attrs in self.talk(["/login"]):
chal = binascii.unhexlify((attrs['=ret']).encode('UTF-8'))
md = hashlib.md5()
md.update(b'\x00')
md.update(pwd.encode('UTF-8'))
md.update(chal)
self.talk(["/login", "=name=" + username,
"=response=00" + binascii.hexlify(md.digest()).decode('UTF-8') ])
seems, not. rc23 even worse for LHG. alot disconnects (~50/hour). after roll back to 6.42.3 - rockstable.Does rc23 fix the w60g issues seen in rc19 and rc21?
It was last edited a year ago. It's not compatible with 6.43 changes.Reading https://wiki.mikrotik.com/wiki/Manual:API_Python3
Can you please tell me if the function login is compatible with v 6.42 and v 6.43 ?
Hello strods!*) dhcpv6-server - added initial dynamic simple queue support;
Do you have reported this to Mikrotik and if, what is your support ticket id?Bug in 6.43rc23:Is this bug fixed in 6.43rc27?
- Upgrade from previous version to 6.43rc23 when you have /ip ipsec peer proposal with hash-algorithm=sha512
- Open this proposal in Winbox. You will see that in Winbox it have checked md5 and sha1, but in the export it have sha512
- Set hash algorithm to sha512 through Winbox, now autosup file starts generating
Reported just now. Ticket id is 2018061322004299Do you have reported this to Mikrotik and if, what is your support ticket id?
Try to recover with MAC telnet if possible. I had the same issue and I was lucky.I have upgrade my SXT LTE (band 3,7), from ROS 6.42.3 to 6.43RC27.
But after upgrading... I can't get access to my SXT LTE.
Wrong username or password message.
Device is on tower so, difficult to reset device.
What is the problem?
But that does not yet work with RouterOS 6.43rc. I opened an issue already.
Can anyone already quantify this in some way?*) w60g - improved link stability;
*) w60g - improved maximum link distance;
I think no.How could you think that 60g will work without clear line of sight?
Which RADIUS server did you use? Can you post a configuration example?tested winbox auth. with radius (mschapv2) interworking. works like a charm!
I running lastest version Winbox 3.14.He simply needs new WinBox
I have read many many time changelog and nothing explicit about solution or notice about this problemPlease read the changelog.
1) distance mesurement in CLI is here since rc19. Has it been improved somehow? Or what is the difference?
*) w60g - added distance measurement (CLI only);
*) w60g - improved link stability;
*) w60g - improved maximum link distance;
You need Winbox 3.14Big problem...
Updated Mys CCR (to 6,43rc27) an now stucked outside! All is running but cant connect - wrong username or password??? A bit of PANIC!!!
------------------
Sorry! Had two winbox on my pc!! Just need new winbox! Sorry!
1) Yes, there are some improvements - mostly stability
1) distance mesurement in CLI is here since rc19. Has it been improved somehow? Or what is the difference?
3) what is the new maximum link distance for WAP60 and LHG60?
2) I have a 10 meters long test link between 2 LHG60s (YES, I know it too little for LHG60 and can be clearly solved by wireless wire, but unfortunately I do not have possibility for longer distance for testing at the moment and it will be used for 500m "production" link in the near future) and I have to say that link flaps approximately 5 times per day (no rain, no wind, nothing breaking the clear line of sight, no birds flying, no obvious reason for link flap). Can be caused just by the fact it too close to each other? Or is it something what should be checked by MikroTik (maybe a kind of bug)? The link is under continuous iperf3 bi-directional test, where two servers with 1Gbit/s NICs at the end. Result is somewhere between 800-870 Mbit/s for bi-directional TCP connection and PING is somewhere between 5 to 15 ms.
MIKROTIK please how can we solve this problem?Big problem...
Updated Mys CCR (to 6,43rc27) an now stucked outside! All is running but cant connect - wrong username or password??? A bit of PANIC!!!
------------------
Sorry! Had two winbox on my pc!! Just need new winbox! Sorry!
Please provide more details to support@mikrotik.comCan somebody please recommend stable SW for wireless wire wAP60G ? I have tried many but all are unstable ? (jam after couple of days = hard reset is necessary). It is probably linked with hot weather ... Thank you.
Do You have level4 license on Bridge device?I am still experiencing a problem with the WAP60 on this firmware.
Both client & AP running latest release.
Client connects when ap set to bridge. However when AP set to ap-bridge same client will not connect. No matter which frequency is selected (even the new 64800)
what is the new maximum distance for wAP60g and LHG60G?*) w60g - improved maximal achievable distance;
That's just wireless PHY basics. The smaller the wavelength gets, the penetrative wave properties decrease rapidly but the reflective ones increase. Think low/medium frequency ≈ broadcast radio (goes literally straight through the ground), very high frequency ≈ visible light (is reflected almost 100% on mirrors or white objects). This is basically the point for having beamforming, too.How could you think that 60g will work without clear line of sight?
look for problem on your network, for me works fine.I upgraded to 6.43rc32 and even using winbox 3.15 login fails!
look problem on your network, for me works fine.I upgraded to 6.43rc32 and even using winbox 3.15 login fails!
i have observed this weird issue with password in earlier rc. i just changed password before upgrade and not logged in after upgrade with new one, just with old.I reset it and now it works...
weird because the password is saved as a favorite in winbox so I wasn't typing anything wrong earlier... and right before the update I used the same favorite to login to it and update it!
still need to upgrade dude client manually. Client crashes after each upgrade via client uiVersion 6.43rc32 has been released.
*) dude - fixed client auto upgrade (broken since 6.43rc17);
Thank you for a report, but can you please confirm that your Dude client (executed with the administrator rights) auto upgrade was working before 6.43rc17, and does not work in 6.43rc32 ?still need to upgrade dude client manually. Client crashes after each upgrade via client uiVersion 6.43rc32 has been released.
*) dude - fixed client auto upgrade (broken since 6.43rc17);
So thats the trick Yes, with "launch as administrator" dude client updates as expected. But is this "feature" documented somewhere? Because if i load exe "as administrator" i need to enter credentials like first time.Thank you for a report, but can you please confirm that your Dude client (executed with the administrator rights) auto upgrade was working before 6.43rc17, and does not work in 6.43rc32 ?still need to upgrade dude client manually. Client crashes after each upgrade via client uiVersion 6.43rc32 has been released.
*) dude - fixed client auto upgrade (broken since 6.43rc17);
It is a CHR. Apparently it does not have IP Cloud, but I noticed that only because I wanted to have a look at it after reading change notes.pe1chl - Can you provide supout file from RouterBOARD that does not show IP/Cloud menu on GUI?
There is other topic with problems ARM and NV2 - viewtopic.php?f=7&t=128916&p=670546#p669811What kind of issue are you referring to? Have you contacted support directly to see if problem is not caused by configuration or something that can be adjusted in order to resolve the issue?
*) tile - fixed Ethernet interfaces becoming unresponsive;
I have a very strange problem with a CCR1072. Suddenly there are IP addresses that stop responding, some work and others do not... within the same broadcast (L2) -no routing apply-. There is no problem of firewall or similar, by ARP the MAC is seen, but communication is simply lost... until a reboot is made and everything works again. It has happened to me twice in the last week. With the 6.42.1. Does this changelog correct this problem or similar?
The problem happens in an 802.3ad bonding interface with vlans on it. At the other end there is a CRS317-1G-16S switch. Even if I restart the switch, it does not recover the communication... I must restart the CCR1072.
We have about 30 x CCR's installed in exactly this fashion, Bonding interface with LACP to a switch (Extreme x620/x670 and Juniper EX4550) and have not experienced this problem, we have been running this configuration successfully for over 5 years now from 6.0rc5 to 6.40.8So my big question is: Is it the problem in CRS317 or in CCR1072, or maybe the mix of both? I think it has some relationship with bonding...
This fix has a problem, it ruins the installation. When you have only one partition, it means netinstall.Thank you very much for the reports about issues with space, next RouterOS version will fix the issue.
Meanwhile this package can be used to clear space on your router,
The current Beta version does match the 6.43rc changes for my device.Do you guys have an ETA for an updated Android TikApp (or beta version), to match the 6.43rc series authentication / login changes?
I'm successfully upgraded a hAp ac2.WARNING!!! This version 6.43rc40 just bricked two RBSXTsq5HPnD units I was testing it with. Software upgrade went fine from the factory installed 6.40.4 but then the firmware upgrade bricked the units. Netinstall currently underway.
hAp ac2 is not a RBSXTsq5HPnD - also this may depend on what ROS version is being upgraded from. I am happy that you have not had a problem. However I can recreate this bricking process by taking another unit off the shelfI'm successfully upgraded a hAp ac2.WARNING!!! This version 6.43rc40 just bricked two RBSXTsq5HPnD units I was testing it with. Software upgrade went fine from the factory installed 6.40.4 but then the firmware upgrade bricked the units. Netinstall currently underway.
This also may depend on the configuration of the device.hAp ac2 is not a RBSXTsq5HPnD - also this may depend on what ROS version is being upgraded from. I am happy that you have not had a problem. However I can recreate this bricking process by taking another unit off the shelfI'm successfully upgraded a hAp ac2.WARNING!!! This version 6.43rc40 just bricked two RBSXTsq5HPnD units I was testing it with. Software upgrade went fine from the factory installed 6.40.4 but then the firmware upgrade bricked the units. Netinstall currently underway.
Netinstall does recover the unit and even allowed v6.43rc40 to be loaded - so this is a fault of the upgrade process.
That was a valid point - however I just tested another fresh unit from the same batch which was fully reset with no defaults and I can confirm it is also bricked.This also may depend on the configuration of the device.
Yeah well that doesn't change the value of the warning that I am giving - especially as the units in question came factory shipped with 6.40.4. Also saying that you cannot upgrade from an older version because of problems in the older version is kinda crazyIt has been stated multiple times here that most of the upgrade process is performed by the old version from which you upgrade. So if you in all cases upgraded from 6.40.4., the issue may also be that one, not the 6.43rc40.
Well, saying it is not crazy, the fact that it happens for some versions is a different question But this warning has been published by Mikrotik staff in earlier topics here, the only thing I'm far from sure is whether 6.40.4 is affected by that issue or not.saying that you cannot upgrade from an older version because of problems in the older version is kinda crazy
I did - and that does workTry to upgrade the 6.40.4 first to the current version (6.42.5) and then upgrade to 6.43rc from there.
That comment made me smileWell, saying it is not crazy, the fact that it happens for some versions is a different question
Same for me, but on a CRS328, upgrade is fine, but when i upgraded the routerboot and rebooted the system not load anymore, i do it a netinstall and recovered the board.WARNING!!! This version 6.43rc40 just bricked two RBSXTsq5HPnD units I was testing it with. Software upgrade went fine from the factory installed 6.40.4 but then the firmware upgrade bricked the units. Netinstall currently underway.
How to see it in action?...
!) cloud - added IPv6 support;
...
Fixes for connecting issues will be included in next RC versionwAP60G 240m link updated from rc32 to rc42, client not connecting any more in scan see signal but not connecting, back to 6.42.5 it is working again, but seem to me it is not stable as has been in 6.42.1.
Also please check scan for frequency 64800 seems to me it is not scanning that frequency when click scan button.
Had the same with my HAP AC2. Had no time to look for a fix, did you need netinstall?WARNING!!! This version 6.43rc40 just bricked two RBSXTsq5HPnD units I was testing it with. Software upgrade went fine from the factory installed 6.40.4 but then the firmware upgrade bricked the units. Netinstall currently underway.
In RC34; *) winbox - show "System/Health" only on boards that have health monitoring. I don't know if the cAP AC does support health.A little bug, When running 6.43rc42 on a cAP AC running "/system health print" outputs nothing, and the health menu is gone from WinBox.
17:26:49 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:27:17 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:27:17 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:27:41 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:27:41 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:28:08 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:28:08 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:28:35 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:28:35 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:29:03 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:29:03 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:29:30 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:29:30 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:29:57 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:29:57 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:30:24 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:30:24 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:30:49 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:30:49 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:31:16 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:31:16 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:31:46 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
17:31:46 dhcp,info dhcp-server assigned 192.168.1.4 to 74:5E:1C:32:14:C3
17:32:12 dhcp,info dhcp-server deassigned 192.168.1.4 from 74:5E:1C:32:14:C3
[admin@MikroTik] /ip cloud> print
ddns-enabled: yes
update-time: no
status: connecting...