Community discussions

 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

v6.42.1 [current]

Mon Apr 23, 2018 3:22 pm

RouterOS version 6.42.1 has been released in public "current" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What''s new in 6.42.1 (2018-Apr-23 10:46):

!) winbox - fixed vulnerability that allowed to gain access to an unsecured router;
*) bridge - fixed hardware offloading for MMIPS and PPC devices;
*) bridge - fixed LLDP packet receiving;
*) crs3xx - fixed failing connections through bonding in bridge;
*) ike2 - use "policy-template-group" parameter when picking proposal as initiator;
*) led - added "dark-mode" functionality for hAP ac and hAP ac^2 devices;
*) led - improved w60g alignment trigger;
*) lte - allow to send "at-chat" command over disabled LTE interface;
*) routerboard - fixed "mode-button" support on hAP lite r2 devices;
*) w60g - allow to manually set "tx-sector" value;
*) w60g - fixed incorrect RSSI readings;
*) w60g - show phy rate on "/interface w60g monitor" (CLI only);
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - show "Switch" menu on cAP ac devices;
*) winbox - show correct "Switch" menus on CRS328-24P-4S+;
*) wireless - improved compatibility with BCM chipset devices;

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

Please keep this forum topic strictly related to this concrete RouterOS release.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1232
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: v6.42.1 [current]

Mon Apr 23, 2018 4:18 pm

Upgraded ROS and firmware on RB2011, all seems ok, will continue checking / testing
MTCNA, MTCTCE, MTCRE & MTCINE
 
Kindis
Member Candidate
Member Candidate
Posts: 239
Joined: Tue Nov 01, 2011 6:54 pm

Re: v6.42.1 [current]

Mon Apr 23, 2018 4:24 pm

I have updated one 3011 and two CHR (Hyper-V) and so far so good. Took the ones that have a public IP first.
Don't think this was a problem for me though as I block anyone, for 30 days, coming from internet trying to connect to Winbox port.
 
rzirzi
Member
Member
Posts: 375
Joined: Mon Oct 09, 2006 2:33 pm

Re: v6.42.1 [current]

Mon Apr 23, 2018 4:49 pm

Could You explain: winbox - fixed vulnerability that allowed to gain access to an unsecured router - please?
What do You mean "unsecured router"? All versions under 6.42.1 are affected?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5841
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v6.42.1 [current]

Mon Apr 23, 2018 4:53 pm

 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 1694
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v6.42.1 [current]

Mon Apr 23, 2018 4:57 pm

And implement "security fix" in 6.40.7 PLEASE!!!!!
Real admins use real keyboards.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 23958
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: v6.42.1 [current]

Mon Apr 23, 2018 4:57 pm

And implement "security fix" in 6.40.7 PLEASE!!!!!
coming next
No answer to your question? How to write posts
 
Paternot
Long time Member
Long time Member
Posts: 570
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v6.42.1 [current]

Mon Apr 23, 2018 5:40 pm

Upgrade one RB750Gr3, and three hAP AC Lite (one of them used as CPE). All fine and dandy. The first reboot took a little longer than what I'm used to, but nothing to write home about.
 
eddieb
Member Candidate
Member Candidate
Posts: 123
Joined: Thu Aug 28, 2014 10:53 am
Location: Netherlands

Re: v6.42.1 [current]

Mon Apr 23, 2018 5:44 pm

upgraded RB750, RB962 (8pc), RB1100, RB2011, CRS125, CHR, CHR (dude) without issues, tnx for the fast fix !
Running 6.44.3 (stable) on :
CCR1009-8G-1S (2x ipsec/l2tp site-to-site, ipsec/l2tp roadwarrior, dhcpd, dns), CRS125-24G-1S, RB1100, RB962UiGS-5HacT2HnT (10pc),
RB951, RB750GL ,RB2011UAS-RM, CHR running dude (CHR running in VirtualBox on OSX)
 
R1CH
Forum Veteran
Forum Veteran
Posts: 862
Joined: Sun Oct 01, 2006 11:44 pm

Re: v6.42.1 [current]

Mon Apr 23, 2018 6:20 pm

No issues across my mix of devices (RB750Gr3, wAP AC, hAP AC, RB951).
 
User avatar
miro263
just joined
Posts: 2
Joined: Wed Dec 14, 2011 10:56 am
Location: Slovakia

Re: v6.42.1 [current]

Mon Apr 23, 2018 9:39 pm

CHR - Microsoft AZURE :

After reboot VM works fine, 2 hour later can't get IP address from DHCP server, static IP don't working, enable/disable iface/ dhcp client - without sucess. Reboot can temporarily fix this problem.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1063
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.42.1 [current]

Mon Apr 23, 2018 10:01 pm

RB 750G v3

Here is my experience in upgrading from 6.41.3 to 6.42.1
Package, find new package, download , install and reboot.
This works fine. Software is up on 6.42.1
It takes about 2 min to upgrade

Then I go to routerboard.
Current Firmware 6.41.3
Upgrade Firmware 6.42.1
Click Upgrade
Do you really want to upgrade firmware? OK
Nothing happens. no information, no new version.

Manual reboot (around 40 seconds)
Current Firmware 6.42.1
Upgrade Firmware 6.42.1

For me this i a broken hardware upgrade, or at missing some in the process.
Do I need to upgrade hw in the rouerboard menu, or it need just another reboot?
Why does it not reboot and tell me that hw is doing an upgrade when click the upgrade menu in routerboard menu?

PS, seen this with other upgrade version as well
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
msatter
Forum Guru
Forum Guru
Posts: 1095
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.42.1 [current]

Mon Apr 23, 2018 10:15 pm

The information is in the LOG. The update versions are just cosmetic. You can't if there was anything changed in the firmware anymore.

I never understood why Mikrotk choose to sync the version of the firmware and RouterOS.
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.6
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
Pea
Member Candidate
Member Candidate
Posts: 188
Joined: Fri Jul 17, 2015 11:07 pm
Location: Czech

Re: v6.42.1 [current]

Mon Apr 23, 2018 10:21 pm

The same with missing line in log "Firmware upgraded successfully, please reboot for changes to take effect!" happened to me today on RB951G-2HnD.
Little scary on 50km away device :) Did the upgrade failed? Should I reboot or better not?
Anyway I sent the reboot command - and all seems fine - after reboot is firmware upgraded to 6.42.1.
 
User avatar
ErfanDL
Member Candidate
Member Candidate
Posts: 264
Joined: Thu Sep 29, 2016 9:13 am
Location: IRAN
Contact:

Re: v6.42.1 [current]

Mon Apr 23, 2018 10:34 pm

Upgraded RB2011UiAS-2hND, new hAP Lite, RB951Ui, CCR125 without any issues.

Sent from my C6833 using Tapatalk

 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1648
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: v6.42.1 [current]

Mon Apr 23, 2018 10:50 pm

still waiting for the bugfix only update
 
Kraken2k
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Wed Oct 01, 2014 1:50 pm
Location: Prague

Re: v6.42.1 [current]

Tue Apr 24, 2018 12:48 am

Updated several RB2011UiAS-2HnD, RB1100Dx4 and hAP ac (also lite version) and so far everything looks ok.

In addition to previous messages in this thread, while updating firmware, all RBs wrote "Firmware updated, please reboot to take effect!" message in log.
 
aidan
newbie
Posts: 27
Joined: Thu Jun 25, 2015 12:48 am

Re: v6.42.1 [current]

Tue Apr 24, 2018 2:31 am

still waiting for the bugfix only update

This vulnerability isn't much of a problem. The problem is administrators leaving their firewall services (API, Winbox, SSH, etc.) exposed to untrusted networks. It's better to apply firewall filters to the input chain that will protect against this and other future attacks.
Last edited by aidan on Tue Apr 24, 2018 2:34 am, edited 3 times in total.
 
aidan
newbie
Posts: 27
Joined: Thu Jun 25, 2015 12:48 am

Re: v6.42.1 [current]

Tue Apr 24, 2018 2:32 am

Edit: Duplicate post.
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1648
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 4:09 am

still waiting for the bugfix only update
still waiting ...
 
skullzaflare
just joined
Posts: 18
Joined: Tue Apr 12, 2016 12:01 am

Re: v6.42.1 [current]

Tue Apr 24, 2018 4:18 am

CHR - Microsoft AZURE :

After reboot VM works fine, 2 hour later can't get IP address from DHCP server, static IP don't working, enable/disable iface/ dhcp client - without sucess. Reboot can temporarily fix this problem.
Might be same issue for you.


We started rolling it out for security sake. 1/3 of flashed routers lose internet/IP
We found that DHCP server (which is on bridge) goes to "unknown" and goes red
Also, under bridge ports, random ports will also go to "unknown"

Changing those back to correct settings restores all service
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1648
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 4:44 am

CHR - Microsoft AZURE :

After reboot VM works fine, 2 hour later can't get IP address from DHCP server, static IP don't working, enable/disable iface/ dhcp client - without sucess. Reboot can temporarily fix this problem.
Might be same issue for you.


We started rolling it out for security sake. 1/3 of flashed routers lose internet/IP
We found that DHCP server (which is on bridge) goes to "unknown" and goes red
Also, under bridge ports, random ports will also go to "unknown"

Changing those back to correct settings restores all service
routeros 6.41+ have new implementation of bridges beware of that change

because that we need 6.40.x fixed version to update without the issues on bridge for in production rotuers with many vlans on bridges until shedule a maintenance windows to upgrade una controlled time without service disruption
 
sspratt
just joined
Posts: 4
Joined: Mon Jul 10, 2006 6:43 am

Re: v6.42.1 [current]

Tue Apr 24, 2018 5:39 am

I'm in a rural location and going through 3 different mikrotik radios to hook into our local WISP. All were on 6.41.3 and I've upgraded them to 6.42.1 now. However, the final client radio link that is setup as a bridge seems to be having all kinds of problems. After upgrading, when I try to access via winbox it the logs are all empty and the whole winbox interface is unresponsive. On top of that I'm having huge issues with outbound web and ftp traffic? It's a little hard to tell what is going on because I know the WISP has implemented some aggressive firewall blacklist rules until they can patch-up all their mikrotik gear.

Is it possible my issue is the routeros upgrade from 6.41.3 to 6.42.1? Everything went really pear shaped after I patched, but their could have been changes in the network core happening at the same time.
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42.1 [current]

Tue Apr 24, 2018 7:27 am

BartoszP, chechito - We will release 6.40.8 as soon as possible. As we just yesterday found out about this vulnerability, we were lucky that 6.42.1 was already on the way. In order to release a version, we have to test it first. 6.40.8 is coming, but will take most likely one or two days. I assume that no one here wants to install un-tested bugfix version on their routers :)
miro263, skullzaflare, sspratt - Please generate supout file on your device while problem is present. Send this file to support@mikrotik.com.
Jotne, msatter, Pea, Kraken2k - This is how RouterBOOT upgrade been working since always. You need to reboot device manually after you have performed upgrade feature. Since RouterBOOT mainly is responsible for booting process we do not want to make fully automatical RouterBOOT upgrade process or force it because it rarely has any updates for already released products and automated upgrade/reboot might lead up to more problems than bring anything good into equation. However, if you want to forget about firmware, then you can enable auto-upgrade feature and RouterBOOT will upgrade itself upon the next reboot when RouterOS will be upgraded - RouterOS upgrade, reboot, one more reboot in order to upgrade RouterBOOT.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1063
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v6.42.1 [current]

Tue Apr 24, 2018 8:06 am

Jotne, msatter, Pea, Kraken2k - This is how RouterBOOT upgrade been working since always. You need to reboot device manually after you have performed upgrade feature. Since RouterBOOT mainly is responsible for booting process we do not want to make fully automatical RouterBOOT upgrade process or force it because it rarely has any updates for already released products and automated upgrade/reboot might lead up to more problems than bring anything good into equation. However, if you want to forget about firmware, then you can enable auto-upgrade feature and RouterBOOT will upgrade itself upon the next reboot when RouterOS will be upgraded - RouterOS upgrade, reboot, one more reboot in order to upgrade RouterBOOT.
Then why not give more information about that in the routerboard settings. You know how it works so you do not need such information, I know it now, but for all other that click the upgrade button to sync the firmware it will remain a mystery. Just add som words what to do will help others.
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
strods
MikroTik Support
MikroTik Support
Topic Author
Posts: 1395
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v6.42.1 [current]

Tue Apr 24, 2018 8:26 am

Warnings are already there. Can you provide screen shot where we can see that the warning is missing?
Screen Shot 2018-04-24 at 08.24.59.png
You do not have the required permissions to view the files attached to this post.
 
sindy
Forum Guru
Forum Guru
Posts: 3287
Joined: Mon Dec 04, 2017 9:19 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 8:58 am

Warnings are already there. Can you provide screen shot where we can see that the warning is missing?
Not in WebFig. I have upgraded two hap ac2 yesterday to 6.43rc4 and nothing visible happened on pressing the "upgrade firmware" button in System->Routerboatd (done that with 6.43rc4 already running to be clear, and after reboot, the new firmware is shown as running). Overlay windows do indicate errors like "cannot connect, scan is not running" in wireless configuration, so it should not be a browser incompatibility.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
drbunsen
newbie
Posts: 36
Joined: Fri Apr 29, 2016 7:24 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 9:22 am

I've updated a CCR1036 from 6.42 to 6.42.1 and webfig now only works on one of two configured IP addresses on the same interface.
Edit: Solved and not related to the update.
Last edited by drbunsen on Thu Apr 26, 2018 4:48 pm, edited 1 time in total.
 
Pea
Member Candidate
Member Candidate
Posts: 188
Joined: Fri Jul 17, 2015 11:07 pm
Location: Czech

Re: v6.42.1 [current]

Tue Apr 24, 2018 9:25 am

Hi strods, this happened for the first time that log message about upgrade was missing completely.
Unfortunately all my devices are upgraded already, so I cannot check if the warning was in System/Routerboard/Settings.
But it was definitely missing in log.

Now if I look into terminal I still see 2 lines (I pressed Upgrade button twice :)). But this should not be there while the router was already rebooted, right?
You do not have the required permissions to view the files attached to this post.
 
User avatar
eworm
Member
Member
Posts: 304
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 10:03 am

Now if I look into terminal I still see 2 lines (I pressed Upgrade button twice :)). But this should not be there while the router was already rebooted, right?
I think this is expected. You installed the firmware upgrade and rebooted without opening the terminal. Critical messages are stored to be shown the next time you open the terminal, that was after reboot.

If you open the terminal before reboot you will not see these messages after reboot.
Manage RouterOS scripts and extend your devices' functionality: RouterOS Scripts
 
heydude
newbie
Posts: 26
Joined: Wed Dec 02, 2015 4:53 pm
Location: CH

Re: v6.42.1 [current]

Tue Apr 24, 2018 10:28 am

Just updated one of our Metal G-52SHPacn to new v6.42.1 RouterOS.

tools/netwatch does not work anymore. When the tested server is "up", we run [:global srvstat "up"] to set the variable srvstat. Did work with 6.41.2
Looks like up event is not working.
 
User avatar
eworm
Member
Member
Posts: 304
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 10:33 am

Just updated one of our Metal G-52SHPacn to new v6.42.1 RouterOS.

tools/netwatch does not work anymore. When the tested server is "up", we run [:global srvstat "up"] to set the variable srvstat. Did work with 6.41.2
Looks like up event is not working.
Version 6.42 has this changelog entry:
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
I guess that breaks your use case.
Manage RouterOS scripts and extend your devices' functionality: RouterOS Scripts
 
rinbogogo
just joined
Posts: 1
Joined: Tue Apr 24, 2018 8:29 am

Re: v6.42.1 [current]

Tue Apr 24, 2018 11:10 am

LED problems:
[admin@911-1] > system leds set interface=wlan1 type=wireless-signal-strength
input does not match any value of type
[admin@911-1] > system leds set interface=wlan1 type=wireless-status
input does not match any value of type
[admin@911-1] >
 
heydude
newbie
Posts: 26
Joined: Wed Dec 02, 2015 4:53 pm
Location: CH

Re: v6.42.1 [current]

Tue Apr 24, 2018 11:24 am

Just updated one of our Metal G-52SHPacn to new v6.42.1 RouterOS.

tools/netwatch does not work anymore. When the tested server is "up", we run [:global srvstat "up"] to set the variable srvstat. Did work with 6.41.2
Looks like up event is not working.
Version 6.42 has this changelog entry:
*) netwatch - limit to read, write, test and reboot policies for Netwatch script execution;
I guess that breaks your use case.
Yes, netwatch is no longer usable to start scripts. Even to write to global variables fails. Only write to .txt files works. On up event, I need to write the server status up to a variable or file and start a script.

Still did not find a solution for that use. A high interval schedule is no option.
 
msatter
Forum Guru
Forum Guru
Posts: 1095
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.42.1 [current]

Tue Apr 24, 2018 11:37 am

Warnings are already there. Can you provide screen shot where we can see that the warning is missing?

Screen Shot 2018-04-24 at 08.24.59.png
This boggles my mind...

In Winbox you can see the message the firmware is upgraded but you will have to first open the window Settings to see that. Why not display it in the Routerboard window where you initiate the upgrade???

Now you think did I click that Upgrade button or not because nothing happened..and click again and again...
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.6
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
pe1chl
Forum Guru
Forum Guru
Posts: 5291
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 11:58 am

Now that the firmware has the same version as RouterOS, and assuming that not every update to RouterOS really includes
a changed firmware version, maybe something can be done to change the warning after the firmware update so that it
does not require a reboot when nothing other than the version has changed?
As it is now, every update requires two reboots, and in many cases (e.g. when updating from 6.42 to 6.42.1) that is likely
not very necessary.
 
User avatar
macsrwe
Long time Member
Long time Member
Posts: 644
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 12:42 pm

LED problems:
[admin@911-1] > system leds set interface=wlan1 type=wireless-signal-strength
input does not match any value of type
[admin@911-1] > system leds set interface=wlan1 type=wireless-status
input does not match any value of type
[admin@911-1] >
Maybe your problem is that you haven't specified which LED? Don't know what hardware you are using, so don't know how many LEDs there are.
 
bratislav
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Mon May 05, 2014 10:36 am

Re: v6.42.1 [current]

Tue Apr 24, 2018 1:04 pm

Not related to Winbox security issue, but seems like a bug ...
On 6.41.x and 6.42.x MNDP trafic is not visible anymore in firewall output chain ...
For example I am using this rules
/ip firewall raw> print 
Flags: X - disabled, I - invalid, D - dynamic
 0    chain=output action=passthrough log=yes log-prefix="" protocol=udp
 1    ;;; MT discovery
      chain=prerouting action=notrack dst-port=5678 log=no log-prefix="" protocol=udp dst-address=255.255.255.255 
 2    ;;; MT discovery
      chain=output action=notrack dst-port=5678 log=no log-prefix="" protocol=udp dst-address=255.255.255.255 
And on 6.40.x it works as expected
print stats
Flags: X - disabled, I - invalid, D - dynamic 
 #    CHAIN                                                                                                                                                                                         ACTION                            BYTES         PACKETS
 0  D ;;; special dummy rule to show fasttrack counters
      prerouting                                                                                                                                                                                    passthrough                  55 903 342         279 167
 1    prerouting                                                                                                                                                                                    notrack                         295 008           2 176
 2    output                                                                                                                                                                                        notrack                          25 870             195
 
But on 6.41.x and 6.42.x no packet is ever detected in output chain
 print stats
Flags: X - disabled, I - invalid, D - dynamic 
 #    CHAIN                                                                                                                                                                                         ACTION                            BYTES         PACKETS
 0    output                                                                                                                                                                                        passthrough                     226 965           1 663
 1    ;;; MT discovery
      prerouting                                                                                                                                                                                    notrack                          99 706             724
 2    ;;; MT discovery
      output                                                                                                                                                                                        notrack                               0               0
So is this some undocumented new feature and if so what is the benefit, or is it just a bug?

Regards
 
msatter
Forum Guru
Forum Guru
Posts: 1095
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.42.1 [current]

Tue Apr 24, 2018 2:06 pm

Now that the firmware has the same version as RouterOS, and assuming that not every update to RouterOS really includes a changed firmware version, maybe something can be done to change the warning after the firmware update so that it does not require a reboot when nothing other than the version has changed?
As it is now, every update requires two reboots, and in many cases (e.g. when updating from 6.42 to 6.42.1) that is likely
not very necessary.
Excellent thought and in the release notes it should also state that the firmware is updated and that a upgrade is recommended. If nothing has changed then always as last line in release notes: "- no firmware upgrade needed when you current firmware is x.xx.x or higher."

If Mikrotik don't want to go trough this administration then consider to only increase the firmware revision when it is updated. So lastest firmware can be 6.41.4 and the RouterOS version could be 6.42.1.

Being cosmetic, it could also sync with RouterOS version without the user knowing. On downgrade it will show the sync or downgrade automatically like is the case now if I remember that correctly.
Last edited by msatter on Tue Apr 24, 2018 2:13 pm, edited 1 time in total.
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.6
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
Zito
just joined
Posts: 14
Joined: Tue Feb 19, 2013 11:41 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 2:11 pm

How to disable dynamic dhcp client on LTE links?
 /ip dhcp-client print detail 
Flags: X - disabled, I - invalid, D - dynamic 
 0 D interface=lte1 add-default-route=yes default-route-distance=2 use-peer-dns=yes use-peer-ntp=yes dhcp-options=hostname,clientid 
     status=error dhcp-server=192.168.8.1 
Leaving as above with static address on lte interface (i need static rules for routing with marks) will generate a lot of errors in logs
"dhcp-client on lte1 failed to add IP address 192.168.8.100: already have such address (6)"

Adding a disabled rule does not block the creation of a dynamic entry.
/ip dhcp-client print detail 
Flags: X - disabled, I - invalid, D - dynamic 
 0 XI interface=lte1 add-default-route=yes default-route-distance=2 use-peer-dns=no use-peer-ntp=no dhcp-options=hostname,clientid 

 1 ID interface=lte1 add-default-route=yes default-route-distance=2 use-peer-dns=yes use-peer-ntp=yes dhcp-options=hostname,clientid
The modem is USB Huaweii E3372h hi-link mode
 
pe1chl
Forum Guru
Forum Guru
Posts: 5291
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 2:20 pm

Excellent thought and in the release notes it should also state that the firmware is updated and that a upgrade is recommended. If nothing has changed then always as last line in release notes: "- no firmware upgrade needed when you current firmware is x.xx.x or higher."
Or maybe in the routerboard firmware update screen it could show if the firmware version in the current RouterOS is binary different from the currently installed firmware (excluding version number) and show a message near the upgrade button that upgrade is advised / not necessary.
 
pablometal
just joined
Posts: 1
Joined: Tue Apr 24, 2018 2:22 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 2:26 pm

THIS FILTER ON BRIDGE IS NOT WORKING IN THIS VERSION

add action=drop chain=input no dst-mac-address=01:80:C2:00:00:00/FF:FF:FF:FF:FF:FF
 
msatter
Forum Guru
Forum Guru
Posts: 1095
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.42.1 [current]

Tue Apr 24, 2018 2:55 pm

Excellent thought and in the release notes it should also state that the firmware is updated and that a upgrade is recommended. If nothing has changed then always as last line in release notes: "- no firmware upgrade needed when you current firmware is x.xx.x or higher."
Or maybe in the routerboard firmware update screen it could show if the firmware version in the current RouterOS is binary different from the currently installed firmware (excluding version number) and show a message near the upgrade button that upgrade is advised / not necessary.
Let's make it foolproof. Make the upgrade button inactive when there is no real upgrade or you executed already an upgrade and the router is waiting for a reboot.

A new button can be added to the settings window of the Routerboard window, with the text "Force Upgrade" so that is still possible if recommended by Mikrotik support.
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.6
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
whitbread
Member Candidate
Member Candidate
Posts: 108
Joined: Fri Nov 08, 2013 9:55 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 4:05 pm

Can we move this double reboot discussion to a separate thread plz...
 
User avatar
Xymox
Member
Member
Posts: 381
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 5:27 pm

Weird issue..

I went from 6.42 to 6.42.1

At some point in the 48 hours after doing this my scheduled scripts stopped running. None of them work. I saw this on a CCR1009-8G-1S-1S+

I had another partition running 6.42 on it and switched to that and everything is working again.. I will look more at the issue later in the day...

I can run the scripts manually fine. Its the scheduler that appears to have stopped..
 
User avatar
Xymox
Member
Member
Posts: 381
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 5:34 pm

Yea thats repeatable for me..

I take 6.41.3 in a partition and that works great.. Update it to 6.41.1 and the scheduler stops.. It might also be that Netwatch triggered scripts stopped too..
 
User avatar
Xymox
Member
Member
Posts: 381
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 5:39 pm

Some of my scripts are owned by a created user VS admin..

I will explore this more later. I will also explore this on other devices..
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1648
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: v6.42.1 [current]

Tue Apr 24, 2018 6:10 pm

BartoszP, chechito - We will release 6.40.8 as soon as possible. As we just yesterday found out about this vulnerability, we were lucky that 6.42.1 was already on the way. In order to release a version, we have to test it first. 6.40.8 is coming, but will take most likely one or two days. I assume that no one here wants to install un-tested bugfix version on their routers :)
miro263, skullzaflare, sspratt - Please generate supout file on your device while problem is present. Send this file to support@mikrotik.com.
Jotne, msatter, Pea, Kraken2k - This is how RouterBOOT upgrade been working since always. You need to reboot device manually after you have performed upgrade feature. Since RouterBOOT mainly is responsible for booting process we do not want to make fully automatical RouterBOOT upgrade process or force it because it rarely has any updates for already released products and automated upgrade/reboot might lead up to more problems than bring anything good into equation. However, if you want to forget about firmware, then you can enable auto-upgrade feature and RouterBOOT will upgrade itself upon the next reboot when RouterOS will be upgraded - RouterOS upgrade, reboot, one more reboot in order to upgrade RouterBOOT.
thx for your response

and thx for releasing 6.40.8 so soon
 
msatter
Forum Guru
Forum Guru
Posts: 1095
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v6.42.1 [current]

Tue Apr 24, 2018 6:23 pm

Can we move this double reboot discussion to a separate thread plz...
More than we exchanged was the maximum we could put in from our side to Mikrotik. Unless it was mentioned again. Which you did. ;-)
Two RB760iGS (hEX S) in series. One does PPPoE/IKEv2 and the other does the rest of the tasks.
Running:
RouterOS 6.45Beta / Winbox 3.18 / MikroTik APP 1.2.6
Having an Android device, use https://github.com/M66B/NetGuard/releases (no root required)
 
pe1chl
Forum Guru
Forum Guru
Posts: 5291
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42.1 [current]

Tue Apr 24, 2018 7:52 pm

Jotne, msatter, Pea, Kraken2k - This is how RouterBOOT upgrade been working since always. You need to reboot device manually after you have performed upgrade feature. Since RouterBOOT mainly is responsible for booting process we do not want to make fully automatical RouterBOOT upgrade process or force it because it rarely has any updates for already released products and automated upgrade/reboot might lead up to more problems than bring anything good into equation.
What has changed, is that now every new release of RouterOS the version of the RouterBOOT has incremented as well, even when RouterBOOT has not changed (most of the time!).
SO while before you just went to Routerboard and checked that the "upgrade version" is the same as the "installed version" and if so, just closed the window, NOW the "upgrade version" is always higher than the installed version, and you have to click upgrade and reboot an extra time. Even when actually nothing was updated.
However, if you want to forget about firmware, then you can enable auto-upgrade feature and RouterBOOT will upgrade itself upon the next reboot when RouterOS will be upgraded - RouterOS upgrade, reboot, one more reboot in order to upgrade RouterBOOT.
Ok, but please change it so that it requires the second reboot ONLY when there was actually an upgrade.
Maybe it would be better to change policy back to incrementing RouterBOOT version ONLY when there was a change.
The version numbers are now aligned, less confusing, so you can set the versions equal at any time when there is an actual update.

Who is online

Users browsing this forum: No registered users and 7 guests