Rx Drops != Rx ErrorsRx Drops counter is increasing...seems to be unrelated to this release.
Tried the upgrade again and the router booted and recognized the SFP without issues this time. Guess I should have tried turning it off and on again before downgrading. Sorry for the noise. (the SFP GPON is HUAWEI MA5671A)Upgrade 4011 from 7.9 did not go well. The router got stuck at firmware boot prompt, and I had to connect via serial to get it boot. SFP GPON was not recognized after the router booted. Firmware upgrade and multiple reboots did not help. Had to downgrade back to 7.9 and physically powercycle the router to get SFP recognized again. I may have time to try it again later today to see if this is reproducible and to capture supout if it is.
Its a subtle move to entice uers to move to proper ipsec or wireguard............. The sooner the better.@Mikrotik,
What do we need to do? For you to fix the OVPN issues. These OVPN issues have been around for four months now.
Lol, I think you never used OVPN.Most of us dont have a rocket ship to get there so keep dreaming. OVPN, is like a zit that wont go away....... Lance it cauterize it etc............
And yes HOLVOE, once we get rid of the useless OVPN code, there will be tons of room, for Zerotrust Cloudflare tunnel WITHIN ROS, let alone as an options package for all devices.
OVPN is for those who like dabbling with aftermarket firmwares on linksys routers.......... enjoy!
Most of us don't have a rocket ship to get there so keep dreaming. OVPN is like a zit that won't go away
Once we get rid of the useless OVPN code, there will be tons of room, for Zerotrust Cloudflare tunnel WITHIN ROS, let alone as an options package for all devices.
Could be an old signed/unsigned C char issue, which in case of bootloaders may be causing a boot loop.Seems strange to release an update with only two items and both of them not security related. What I am missing here?
The last visible changes regarding OVPN were in 7.10B5. I didn't check the newer releases because no changes to OVPN were mentioned in the changelogs.If you experience problems with OVPN even after 7.10rc installation, then please let us know about that through support@mikrotik.com. Several issues regarding the OVPN service have been addressed in v7.10.
Well, the ticket was opened in 2022. It doesn't mean I did not update it.At least do the effort then to provide supout from recent 7.10-chain where this still happens.
What happens is that the client does get connected to the WiFi network, but sometimes the wireless interface does not go to the "up" state. So the DHCP client does not get an address.There appears to be a "new" issue (at least from 7.9.1 but it could be in any version after ~ 7.7) with WiFi in station mode (connecting to another AP), with a DHCP client on the wireless interface.
When the WiFi gets established, the DHCP client does not always succeed in getting an address.
The same result, to 7.9.1 I upgraded manually with netinstall and now the same situaion with 7.9.2 Mikrotik 4011 with WiFi RB4011iGS+5HacQ2HnD, why it can be? Thx.Upgrade 4011 from 7.9 did not go well. The router got stuck at firmware boot prompt, and I had to connect via serial to get it boot. SFP GPON was not recognized after the router booted. Firmware upgrade and multiple reboots did not help. Had to downgrade back to 7.9 and physically powercycle the router to get SFP recognized again. I may have time to try it again later today to see if this is reproducible and to capture supout if it is.
The RB450G was born with v6.x, why was there a need to put v7?- 1 x RB450Gx4 that after the upgrade never came back online (it's 30 KM away from where I am)
Thanks to @AlexPebody collaboration, is solved on this wayThe same result, to 7.9.1 I upgraded manually with netinstall and now the same situaion with 7.9.2 Mikrotik 4011 with WiFi RB4011iGS+5HacQ2HnD, why it can be? Thx.
Respectfully disagree. i have upgraded RB450Gx4 without issues. used the IOS app to trigger upgrade in my case (home setup).I had issues with:
- 1 x RB450Gx4 that after the upgrade never came back online (it's 30 KM away from where I am)
in my case, reason i got RB450GX4 few years back was because v7 would first be supported for ARM.The RB450G was born with v6.x, why was there a need to put v7?- 1 x RB450Gx4 that after the upgrade never came back online (it's 30 KM away from where I am)
absolutely right, i moved everything to wireguard.Its a subtle move to entice uers to move to proper ipsec or wireguard............. The sooner the better.
@strodsHello.
So the fix is only for 4011 ?
Or also for the 2004 and the hAP ac series and other ARM devices?
I had the same issue with the RB450Gx4 that hung up on the upgrade. It didn't brick, just a forced reboot and came back online after 4+ min.In RB4011iGS+5HacQ2HnD SFP+ (S+AO0005) startup time in 7.9.2 is around 4 minutes.
I just shared my experience. The box did upgrade but never came up until a hard reset was made. Even though I noticed 4+ min to complete boot so I rolled back to 7.9.1 and boot came within seconds.Respectfully disagree. i have upgraded RB450Gx4 without issues. used the IOS app to trigger upgrade in my case (home setup).I had issues with:
- 1 x RB450Gx4 that after the upgrade never came back online (it's 30 KM away from where I am)
Few comments:The RB450G was born with v6.x, why was there a need to put v7?- 1 x RB450Gx4 that after the upgrade never came back online (it's 30 KM away from where I am)
But I wonder how is possible to work like this, without testing the updates locally first...
And then you go to put the updates released the day before in a device at 30Km?
But how do you work?
MikroTik will also make mistakes, but "you" who complain are no less...
I didn't mention I've had a boot problem. Since some OS version the SFP+ startup time is longer than expected what I wanted to show.I had the same issue with the RB450Gx4 that hung up on the upgrade. It didn't brick, just a forced reboot and came back online after 4+ min.
Thanks for sharing! and I had a similar situation as well :)I didn't mention I've had a boot problem. Since some OS version the SFP+ startup time is longer than expected what I wanted to show.I had the same issue with the RB450Gx4 that hung up on the upgrade. It didn't brick, just a forced reboot and came back online after 4+ min.
Its a subtle move to entice uers to move to proper ipsec or wireguard............. The sooner the better.@Mikrotik,
What do we need to do? For you to fix the OVPN issues. These OVPN issues have been around for four months now.
Right now my IPSEC and OpenVPN VPN access had been rendered unusable by v7.9.
For WireGuard you can create a simple script to put the same name of the endpoint address every 5 minutes and that have worked for me like a charm making it super stable and auto recover. This script is run only on the client / stub / spoke sites only.
Its a subtle move to entice uers to move to proper ipsec or wireguard............. The sooner the better.
I have an IPSEC ikev2, a Wireguard and an OpenVPN setting.
The problem with Mikrotik is you need to have multiple VPN options as each firmware update is breaking one or the other.
Right now my IPSEC and OpenVPN VPN access had been rendered unusable by v7.9. as described in other threads. Only Wireguard is still working.
And Wireguard is not always safe either as I had weird situation when the WG servers went down and didn't want to start up again until I manually restarted them.
Sorry for tangent... is a linux box still the only way to get the pub/priv keys needed to set up the WG connections? The guides are great but "go and find a linux box to find the keys" is just useless.absolutely right, i moved everything to wireguard.Its a subtle move to entice uers to move to proper ipsec or wireguard............. The sooner the better.
If you create a wireguard interface and don't specify a private key, it will make one for you.is a linux box still the only way to get the pub/priv keys needed to set up the WG connections? The guides are great but "go and find a linux box to find the keys" is just useless.
Sorry for not stating my use-case.If you create a wireguard interface and don't specify a private key, it will make one for you.is a linux box still the only way to get the pub/priv keys needed to set up the WG connections? The guides are great but "go and find a linux box to find the keys" is just useless.
(And shows you what the public key is)
To make a preshared key, you can create another wg interface, copy and use its private (or public) key for the preshared key, then remove the wg interface. Perhaps non ideal, but good enough.
Well explained, thank you.Yes.
After i upgraded my 2 CRS326-24S+2Q+ pairs of switches in MLAG setup from 7.6 to 7.9.2, i faced with random packet loss between random hosts. After i moved back to 7.6 everything working normally.
Please verify that good settings?
I hope not all together....We *used' to have all our units on the same version and upgrade them all when needed/required.