Community discussions

MikroTik App
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

v7.6beta [testing] is released!

Fri Sep 02, 2022 2:31 pm

RouterOS version 7.6beta4 has been released "v7 testing" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 7.6beta4 (2022-Sep-01 11:35):

*) container - fixed usage of non-authenticated registries;
*) dhcpv4-server - improved service stability when removing dynamic leases;
*) dhcpv6-client - fixed false error status reporting when server offers T1 or T2 value as 0;
*) firewall - added "src/dst-address-type" parameter under "IPv6/Firewall/Mangle" menu;
*) firewall - disable IRC NAT helper on upgrade;
*) firewall - fixed IPv6 filtering with "in/out-interface" matcher that is in VRF;
*) firewall - fixed IRC NAT helper (CVE-2022-2663);
*) health - fixed fan speed and temperature reporting on CCR1072;
*) hotspot - fixed service initialization when HTML directory configured on an external disk;
*) hotspot - improved stability when receiving bogus packets;
*) hotspot - limit maximum allowed connections based on free RAM resources;
*) hotspot - removed "routerboard.com" URL from default HotSpot advertise;
*) l3hw - added support for IPv6 route offloading (disabled by default);
*) l3hw - added "l3hw-settings" sub menu under the switch menu (CLI only);
*) l3hw - fixed "H" flag presence for accelerated connection tracking entries;
*) l3hw - improved system stability;
*) lte - added interface name for MTU debug logging message;
*) lte - added support for Neoway N75-EA;
*) lte - disabled RPLMN on Chateau 5G;
*) netwatch - fixed string variable values in script;
*) ospf - added SHA hashing for authentication;
*) ospf - fixed area "no-summary" setting;
*) ospf - fixed displaying of VRF interface in related logs;
*) ovpn - added IPv6 support for ethernet mode;
*) pppoe - fixed MRU negotiation even when it is set to 1500;
*) radius - require "policy" policy for "login" service configuration;
*) route - fixed memory leak;
*) sfp - improved QSFP/SFP interface stability for 98DXxxxx and 98PX1012 switches;
*) sms - added "status-report-request" parameter for "send" command;
*) tr069-client - do not allow ":" symbols in username;
*) user - removed unused "dude" policy;
*) vrrp - fixed connection tracking synchronization on MMIPS and MIPSBE devices;
*) webfig - fixed displaying of "Last Seen" parameter under "IP/DHCP Server/Leases" menu;
*) winbox - added "File Name" option for "Load Config" parameter under "System/SwOS" menu;
*) winbox - allow "timeout" value to be less than 1 under "Tools/Netwatch" menu;
*) winbox - fixed interface traffic graph drawing on RB5009;
*) winbox - made "backup.swb" the default value for SwOS backup;
*) www - improved stability when receiving bogus packets;
*) x86 - improved ixgbe driver support;

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

Please keep this forum topic strictly related to this particular RouterOS release.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 8942
Joined: Tue Feb 25, 2014 12:49 pm
Location: 🇮🇹, my 💔 is in 🇺🇦

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 2:37 pm

*) radius - require "policy" policy for "login" service configuration;
Nooo.... 😥😥😥
Unfortunately you have noticed it...
I have always used it to scale permissions and become an administrator even in RouterBOARD which I did not have administrative access...

Now than the pandora box is open, please add this critical security fix also on 7.5, 6.48.6 and 6.49.6...
✂ Rextended Fragments of Snippets

Vld4UmVHUkdhelJUTTJzOQ==
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 3:15 pm

My CCR2116 is unable to update to this version, there's nothing in the logs, 42MB free diskspace. It downloads the 7.6beta4 image, reboots and comes up again with version 7.5.
2-Partition setup, user-manager and zerotier extra packages are installed.
 
bma
just joined
Posts: 20
Joined: Sat Feb 19, 2022 11:40 pm

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 3:18 pm

7.6beta4: RB5009 no longer shows and provides access to mounted USB T5 Samsung SSD drive partition. It works in 7.5 and earlier.
[admin@MikroTik] > :put ([/system/resource/print as-value]->"version")
7.6beta4 (development)
[admin@MikroTik] > :put ([/system/routerboard/print as-value]->"current-firmware")
7.6beta4
[admin@MikroTik] > /system/resource/usb/print
Columns: DEVICE, VENDOR, NAME, SPEED
# DEVICE  VENDOR                NAME                  SPEED
0 2-1     Samsung               Portable SSD T5        5000
1 1-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller    480
2 2-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller   5000
[admin@MikroTik] > /disk/print

[admin@MikroTik] > 

-------------------------------------------------------------------------------------------------------

[admin@MikroTik] > :put ([/system/resource/print as-value]->"version")
7.5 (stable)
[admin@MikroTik] > :put ([/system/routerboard/print as-value]->"current-firmware")
7.5
[admin@MikroTik] > /system/resource/usb/print
Columns: DEVICE, VENDOR, NAME, SPEED
# DEVICE  VENDOR                NAME                  SPEED
0 2-1     Samsung               Portable SSD T5        5000
1 1-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller    480
2 2-0     Linux 5.6.3 xhci-hcd  xHCI Host Controller   5000
[admin@MikroTik] > /disk/print
Flags: M, r - RAID-MEMBER
Columns: SLOT, MODEL, SERIAL, INTERFACE, NAME, FS, FREE, SIZE
#   SLOT  MODEL                    SERIAL        INTERFACE          NAME   FS    FREE      SIZE    
0 M usb1  Samsung Portable SSD T5  000000000000  USB 3.10 5000Mbps  disk1  ext4  914.5GiB  931.5GiB
[admin@MikroTik] > 
Last edited by bma on Fri Sep 02, 2022 9:08 pm, edited 3 times in total.
 
Rox169
Member Candidate
Member Candidate
Posts: 163
Joined: Sat Sep 04, 2021 1:47 am

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 3:27 pm

Hi,

please implement last reaoming standard 802.11v...this is the last missing....
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 3:29 pm

ros 7.5 create container AdGuard Home, upgrade to 7.6 beta4 don`t run :(
log
2022/09/02 12:23:13.847315 [info] AdGuard Home, version v0.107.11
2022/09/02 12:23:14.012107 [info] Initializing auth module: /opt/adguardhome/work/data/sessions.db
2022/09/02 12:23:14.013476 [error] auth: open DB: /opt/adguardhome/work/data/sessions.db: open /opt/adguardhome/work/data/sessions.db: permission denied
2022/09/02 12:23:14.013491 [fatal] Couldn't initialize Auth module
fix please
 
User avatar
slackR
newbie
Posts: 47
Joined: Sat May 23, 2009 1:46 pm
Location: Buffalo, New York, USA

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 3:30 pm

This is very exciting...
*) l3hw - added support for IPv6 route offloading (disabled by default);
Can anyone provide more information on this? What switch chips are supported? Does this mean that IPv6 fast-track is being worked on?


Robert
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 214
Joined: Mon Apr 27, 2020 10:14 am

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 4:04 pm

This is very exciting...
*) l3hw - added support for IPv6 route offloading (disabled by default);
Can anyone provide more information on this? What switch chips are supported? Does this mean that IPv6 fast-track is being worked on?


Robert

L3HW IPv6 is now supported by all CRS3xx, CRS5xx, and CCR2x16 devices.
IPv6 FastTrack HW Offloading is not implemented because the software IPv6 FastTrack needs to be implemented first. Unfortunately, I don't have information about the latter.
 
Spirch
Frequent Visitor
Frequent Visitor
Posts: 99
Joined: Sat May 03, 2014 5:04 am

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 4:09 pm

*) radius - require "policy" policy for "login" service configuration;
Nooo.... 😥😥😥
Unfortunately you have noticed it...
I have always used it to scale permissions and become an administrator even in RouterBOARD which I did not have administrative access...

Now than the pandora box is open, please add this critical security fix also on 7.5, 6.48.6 and 6.49.6...
wow you should have reported that when you saw it.

simply wow...
 
ormandj
just joined
Posts: 9
Joined: Tue Jun 15, 2021 12:25 am

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 4:15 pm

*) radius - require "policy" policy for "login" service configuration;
Nooo.... 😥😥😥
Unfortunately you have noticed it...
I have always used it to scale permissions and become an administrator even in RouterBOARD which I did not have administrative access...

Now than the pandora box is open, please add this critical security fix also on 7.5, 6.48.6 and 6.49.6...
You didn’t report a bug for a vulnerability like this just for your own ease of use? Wow.
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 555
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 4:29 pm

ros 7.5 create container AdGuard Home, upgrade to 7.6 beta4 don`t run
It's working fine.
/container mounts
add dst=/opt/adguardhome/work/data name=adguardhome_data src=/container/adguardhome
add dst=/opt/adguardhome/conf/ name=adguardhome_conf src=/container/adguardhome
add dst=/opt/adguardhome/work/ name=adguardhome_work src=/container/adguardhome
/container
add interface=veth1 mounts=adguardhome_data,adguardhome_conf,adguardhome_work root-dir=container/adguardhome workdir=/opt/adguardhome/work
/container config
set registry-url=https://registry-1.docker.io tmpdir=container/tmp
2022-09-02_18-00-53.jpg
You do not have the required permissions to view the files attached to this post.
Last edited by own3r1138 on Fri Sep 02, 2022 5:20 pm, edited 1 time in total.
 
holvoetn
Forum Guru
Forum Guru
Posts: 1627
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 4:32 pm

Upgraded hap ac3 wifiwave2 coming from 7.5

One remark: somehow I managed to tick WPA3-EAP as security mode before and wifi did not come up after upgrade.
It showed a red message "wpa3-eap can only be combined with wpa2-eap".
When I unticked wpa3-eap, all impacted wifi interfaces came up.

Is that intentional ? It wasn't like that before (and nothing was mentioned in changelog about this, unless I missed something ?).
 
User avatar
CTassisF
newbie
Posts: 26
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 5:21 pm

Upgraded RB5009 and hAP ac3 from 7.5rc2 to 7.6beta4. No issues so far.

Containers, USB flash drive as external disk, WifiWave2... Everything working as expected.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 5:22 pm

YES! container mounts look like they have the right permissions now, thank you! <3
 
fragtion
Member Candidate
Member Candidate
Posts: 203
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 5:22 pm

Port flapping issue on RB5009 which was triggered by showing the "bridge port" field (in dchp leases window, arp window, interface details window, etc) appears to be resolved in this build. A huge relief and best news of the day for me.

I also haven't experienced a bricked router or config corruption since several builds ago (7.2.x) and have been staying up to date on testing channel on my whole fleet (10+ routers, various models) for each testing release so the upgrade process seems to be reliable at the moment, touch wood !

Thanks MikroTik
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 5:28 pm

Export hang at those menus seems to be fixed too, (probably also the high cpu usage spikes but I can't confirm right now).
Weird that there's nothing about it in the changelog. Thank you!
 
sfrode
just joined
Posts: 15
Joined: Thu Apr 16, 2020 12:12 am
Location: Oslo, Norway
Contact:

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 7:18 pm

*) l3hw - added support for IPv6 route offloading (disabled by default);
I never thought I'd see the day; but here we are! Status on a CRS317 after enabling l3hw-ipv6 and running iperf3 between two IPv6 subnets:
[SUM]   0.00-10.00  sec  10.7 GBytes  9.20 Gbits/sec                  receiver
Great work, MikroTik!
 
aliclubb
newbie
Posts: 26
Joined: Tue Mar 07, 2017 12:29 pm
Location: Cambridge, UK

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 7:56 pm

My CCR2116 is unable to update to this version, there's nothing in the logs, 42MB free diskspace. It downloads the 7.6beta4 image, reboots and comes up again with version 7.5.
2-Partition setup, user-manager and zerotier extra packages are installed.
Do you have any active ZeroTier networks configured, i.e. any enabled entries under
/zerotier/interface
?
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Fri Sep 02, 2022 9:08 pm

@aliclubb yes there's an active network. I disabled it, but no luck. I even removed the whole zerotier package and tried to update without success. routeros is the only package installed now on that device and it won't let me update, I also tried to upload the firmware file manually. Still nothing in the logs except this ntp change time ... message.
 
bruins0437
newbie
Posts: 27
Joined: Thu Jul 13, 2017 4:30 am
Location: New Hampshire

Re: v7.6beta [testing] is released!

Sat Sep 03, 2022 5:08 am

My CCR2116 is unable to update to this version, there's nothing in the logs, 42MB free diskspace. It downloads the 7.6beta4 image, reboots and comes up again with version 7.5.
2-Partition setup, user-manager and zerotier extra packages are installed.
I was able to update from 7.5RC to 7.6Beta4 without issue on my CCR2116. No ZeroTier package or config.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Sat Sep 03, 2022 1:05 pm

Why is the router connecting to the upgrade server (and retrieve the most recent version number and changelist) all the time?
On my own router it does this exactly once per hour, but I have seen another that does it once every 30 seconds...
Is there a need for this?
 
Sit75
just joined
Posts: 11
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.6beta [testing] is released!

Sat Sep 03, 2022 11:34 pm

*) pppoe - fixed MRU negotiation even when it is set to 1500;

Perfect !!! It seems this was a nasty bug. My home router with VDSL2 connection 120/25 is working now as a charm. I have hAP ac^2 (hAP ax^2 soon).
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1092
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.6beta [testing] is released!

Sun Sep 04, 2022 6:45 am

on v7.5 loop has happening on vrrp, has that been fixed?
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 555
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: v7.6beta [testing] is released!

Mon Sep 05, 2022 7:03 am

Please add the M in Winbox too.
1.jpg
2.jpg
You do not have the required permissions to view the files attached to this post.
 
dg1kwa
just joined
Posts: 13
Joined: Tue Aug 17, 2010 12:32 pm
Location: Monheim

Re: v7.6beta [testing] is released!

Mon Sep 05, 2022 11:52 am

DOM/DDM still not work on my RB760iGS
 
aliclubb
newbie
Posts: 26
Joined: Tue Mar 07, 2017 12:29 pm
Location: Cambridge, UK

Re: v7.6beta [testing] is released!

Mon Sep 05, 2022 7:03 pm

@aliclubb yes there's an active network. I disabled it, but no luck. I even removed the whole zerotier package and tried to update without success. routeros is the only package installed now on that device and it won't let me update, I also tried to upload the firmware file manually. Still nothing in the logs except this ntp change time ... message.
Hmm strange. Not exactly the issue I had then. Can you connect to the device via console and post the whole output whilst you do an upgrade?
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1643
Joined: Fri Aug 10, 2012 6:46 am
Location: Denver, CO USA
Contact:

Re: v7.6beta [testing] is released!

Mon Sep 05, 2022 8:01 pm

Got IPv6 hw-offload working in my home network. It's great!

https://www.reddit.com/r/mikrotik/comme ... nd_crs328/

Image

Image
 
LynxChaus
newbie
Posts: 29
Joined: Tue Jul 08, 2014 2:24 pm

Re: v7.6beta [testing] is released!

Mon Sep 05, 2022 10:09 pm

*) route - fixed memory leak;
Upgraded rb2011 with MPLS (OSPF+LDP) - dead within hour. Multicast packet loss - kill box with OOM. 7.4.1/7.5rc2 shows same results.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Mon Sep 05, 2022 10:26 pm

Upgraded rb2011 with MPLS (OSPF+LDP) - dead within hour. Multicast packet loss - kill box with OOM.
What is the scenario and config that triggers the memory leak?
 
foureight84
just joined
Posts: 10
Joined: Tue Dec 15, 2020 2:50 am

Re: v7.6beta [testing] is released!

Tue Sep 06, 2022 9:57 am

Container image names are lost when restoring from a configuration backup.
Last edited by foureight84 on Tue Sep 06, 2022 5:28 pm, edited 1 time in total.
 
User avatar
Ullinator
just joined
Posts: 3
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.6beta [testing] is released!

Tue Sep 06, 2022 2:26 pm

Got IPv6 hw-offload working in my home network. It's great!

https://www.reddit.com/r/mikrotik/comme ... nd_crs328/

Image

Image
Hmmm....stange behavior on my two CRS326-24G-2S+ Switches. Winbox told me L3HW-Offloading is activated in the switch menu, CLI said it wasn´t.
After activating it via CLI both switches died after a few seconds and didn´t came back, even after a cold boot.
I had to netinstall both....
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Tue Sep 06, 2022 8:50 pm

Can you connect to the device via console and post the whole output whilst you do an upgrade?

MikroTik 7.5 (stable)
CORE Login:
Rebooting...
ERROR: upgrade failed, free 33 kB disk space for a (null)upgrade
[277810.368297] reboot: Restarting system
stage2_loader v3.63.2
Memory repair completed within 226 uSecs
DDR ECC static poisoning address: (0x1e0000)
DDR ECC static poisoning address: (0x1e1100)
SPD I2C Address: 52, offset 0000(0)
DRAM ch 0: 8GB
SPD I2C Address: 53, offset 0000(0)
DRAM ch 1: 8GB
DRAM total size: 16GB
Executing next at 0x01000000!
agent_wakeup v3.53


The error message is obviously BS, as there were at least 40MB of free space available. I tried again after removing the second partition, so there was even more free space available, same outcome.
In the end I just used netinstall to flash 7.6beta4, reset the configuration, upgraded routerboot and restored the binary backup. Router is up and running again.
First thing I noticed after reboot, my wireguard tunnels didn't receive any traffic, RX counters stayed at 0, while TX counters went up. I could fix it by toggling l3hw-offloading in switch settings. I'm currently using only fasttrack hw-offloading, l3hw-offloading is disabled on all interfaces. I hope this will be the only "surprise" with this beta..
Last edited by osc86 on Wed Sep 07, 2022 1:04 am, edited 1 time in total.
 
MTL7
just joined
Posts: 4
Joined: Fri Nov 26, 2021 9:04 am

Re: v7.6beta [testing] is released!

Tue Sep 06, 2022 9:07 pm

ros 7.5 create container AdGuard Home, upgrade to 7.6 beta4 don`t run
It's working fine.
/container mounts
add dst=/opt/adguardhome/work/data name=adguardhome_data src=/container/adguardhome
add dst=/opt/adguardhome/conf/ name=adguardhome_conf src=/container/adguardhome
add dst=/opt/adguardhome/work/ name=adguardhome_work src=/container/adguardhome
/container
add interface=veth1 mounts=adguardhome_data,adguardhome_conf,adguardhome_work root-dir=container/adguardhome workdir=/opt/adguardhome/work
/container config
set registry-url=https://registry-1.docker.io tmpdir=container/tmp
2022-09-02_18-00-53.jpg
Thank you for your information about setting up the source of the mount points as /container/adguardhome instead of /container/adguardhome/work etc.
No more "mkdir /opt/adguardhome/work/data: permission denied". It works on v7.5 as well now!
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 555
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: v7.6beta [testing] is released!

Tue Sep 06, 2022 9:32 pm

Thank you for your information. It works on v7.5 as well now!
You're welcome. Currently, I have an ad guard container. Now I'm worried about the RAM usage. I would appreciate it if you or anyone else could share your ram usage for the container.
2022-09-06_22-43-53.jpg
You do not have the required permissions to view the files attached to this post.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Tue Sep 06, 2022 10:36 pm


Thank you for your information about setting up the source of the mount points as /container/adguardhome instead of /container/adguardhome/work etc.
No more "mkdir /opt/adguardhome/work/data: permission denied". It works on v7.5 as well now!
That's just bad practice, don't do it, son.
 
wombat
newbie
Posts: 27
Joined: Thu May 14, 2015 10:12 pm

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 12:27 pm

The Xiaomi device cannot connect via Wifiwave2, it only cycles connected and after 2s disconnected.

i have hAP ac3

If I connect via the old hAP lite, everything works immediately.
/interface/wifiwave2/actual-configuration> print
0 name="wifi1" mac-address=08:55:31 arp-timeout=auto
radio-mac=08:55:31
configuration.mode=ap .ssid="x" .country=Czech
security.authentication-types=wpa2-psk,wpa3-psk
.passphrase="xx" .sae-pwe=hunting-and-pecking

1 name="wifi2" mac-address=08:55:31 arp-timeout=auto
radio-mac=08:55:31
configuration.mode=ap .ssid="G" .country=Czech
security.authentication-types=wpa2-psk,wpa3-psk
.passphrase="xx" .sae-pwe=hunting-and-pecking

2 name="wifi3" mac-address=0A:55:31 arp-timeout=auto
master-interface=wifi2
configuration.mode=ap .ssid="xx" .country=Czech
security.authentication-types=wpa2-psk,wpa3-psk
.passphrase="xx" .sae-pwe=hunting-and-pecking

3 name="wifi4" mac-address=0A:55:31 arp-timeout=auto
master-interface=wifi1
configuration.mode=ap .ssid="xx" .country=Czech
security.authentication-types=wpa2-psk,wpa3-psk
.passphrase="xx" .sae-pwe=hunting-and-pecking

Image
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 12:33 pm

That kind of behavior often is not caused by the wifi itself, but by some "is the network OK" check made by the device.
E.g. it cannot get a DHCP lease or it cannot ping the gateway. When it fails, it just disconnects, and when it is stupid, it just tries again immediately.
 
wombat
newbie
Posts: 27
Joined: Thu May 14, 2015 10:12 pm

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 1:15 pm

Ok, but how is it possible that with hap lite, old wireless package, identical SSID settings, the device connects immediately? BTW on hAP ac3 with wifiwave2 on which Xiaomi does not work (disconnects) many other devices run without problems.
 
MTL7
just joined
Posts: 4
Joined: Fri Nov 26, 2021 9:04 am

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 1:51 pm

Thank you for your information. It works on v7.5 as well now!
You're welcome. Currently, I have an ad guard container. Now I'm worried about the RAM usage. I would appreciate it if you or anyone else could share your ram usage for the container.
2022-09-06_22-43-53.jpg
It just consumes ~1xxMB of memory.
scrn.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 555
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 1:55 pm

It just consumes ~1xxMB of memory.
Let it run for few days :d
 
AllexRo
Frequent Visitor
Frequent Visitor
Posts: 63
Joined: Fri Nov 22, 2019 4:24 pm
Location: Bucharest, RO

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 2:48 pm

The Xiaomi device cannot connect via Wifiwave2, it only cycles connected and after 2s disconnected.

i have hAP ac3

If I connect via the old hAP lite, everything works immediately.
Check this out - I had similar issues with a OnePlus phone, issues solved after applying that fix.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 3:51 pm

What's new in 7.6beta6 (2022-Sep-07 12:06):

*) container - added "start-on-boot" parameter for automatic container startup;
*) dot1x - fixed incorrect error when using "mac-auth";
*) l3hw - fixed possible packet loss when using HW offloaded NAT;
*) lte - fixed at-chat on Telit FN980m;
*) ntp - improved initial synchronization speed after bootup;
*) ospf - added SHA hashing for authentication;
*) ospf - refresh OSPFv3 interface configuration when IPv6 network becomes available;
*) ovpn - added IPv6 support for ethernet mode;
*) ppp - fixed memory leak;
*) ssh - increased key generation timeout;
*) system - renamed error messages when trying to edit or remove dynamic entries;
*) user-manager - allow specifying router's address as subnet;
*) user-manager - fixed "migrate-legacy-db" command;
*) user-manager - fixed session expiry when it is stopped by Disconnect-Request;
*) w60g - improved system stability (introduced in v7.5);
*) wifiwave2 - fixed "WPA Key Data Length" value in EAPOL frame when FT-EAP-SHA384 AKM is used;
*) winbox - added "Rapid Commit" parameter support under "IPv6/DHCP-Server" menu;
*) winbox - allow to rename mounted disks;
*) winbox - fixed "Session Uptime" value for not established sessions under "Routing/BGP" menu;
*) winbox - fixed "System/SwOS" window refreshing after changes are detected;
*) winbox - fixed "User Manager/User Profiles" window refreshing after changes are detected;
*) winbox - made sessions removable in "User Manager" menu;
*) winbox - show "Switch" menu on Chateau LTE18 ax;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that have such feature;
*) wireguard - strip whitespaces from keys;
 
MTL7
just joined
Posts: 4
Joined: Fri Nov 26, 2021 9:04 am

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 4:21 pm


Thank you for your information about setting up the source of the mount points as /container/adguardhome instead of /container/adguardhome/work etc.
No more "mkdir /opt/adguardhome/work/data: permission denied". It works on v7.5 as well now!
That's just bad practice, don't do it, son.
If i used mount point like /diskN/adguardhome/work or /diskN/adguardhome/data, I got permission denied as the fatal error and AdGuard Home just can not be brought up.
I learnt that this issue can be fixed by inserting the USB disk to a Linux machine and create folders with 777 permission manually.

Do you have any advice, pls? Is this a bug that mikrotik should solve? Thx.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 8942
Joined: Tue Feb 25, 2014 12:49 pm
Location: 🇮🇹, my 💔 is in 🇺🇦

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 4:28 pm

MT Staff, please fix this bug, on this post is also present the ready soluction...
viewtopic.php?t=188851#p955204
✂ Rextended Fragments of Snippets

Vld4UmVHUkdhelJUTTJzOQ==
 
cklee234
newbie
Posts: 35
Joined: Tue Sep 29, 2020 6:49 am

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 4:46 pm

What's new in 7.6beta6 (2022-Sep-07 12:06):

*) container - added "start-on-boot" parameter for automatic container startup;
how to enable this option - container - added "start-on-boot"

command line?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 8942
Joined: Tue Feb 25, 2014 12:49 pm
Location: 🇮🇹, my 💔 is in 🇺🇦

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 4:49 pm

Read guide?
✂ Rextended Fragments of Snippets

Vld4UmVHUkdhelJUTTJzOQ==
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 5:07 pm

model RB5009UG+S+
ros 7.6beta4 create container AdGuard Home, upgrade to 7.6 beta6, don`t run
log

17:00:55 container,info,debug 2022/09/07 14:00:55.135264 [info] AdGuard Home, version v0.107.11
17:00:55 container,info,debug 2022/09/07 14:00:55.265404 [info] Initializing auth module: /opt/adguardhome/work/data/sessions.db
17:00:55 container,info,debug 2022/09/07 14:00:55.265558 [error] auth: open DB: /opt/adguardhome/work/data/sessions.db: open /opt/adguardhome/work/data/sessions.db: permission denied
17:00:55 container,info,debug 2022/09/07 14:00:55.265614 [fatal] Couldn't initialize Auth module
 
/container mounts
add dst=/opt/adguardhome/work/data name=adguardhome_data src=/container/adguardhome
add dst=/opt/adguardhome/conf/ name=adguardhome_conf src=/container/adguardhome
add dst=/opt/adguardhome/work/ name=adguardhome_work src=/container/adguardhome
/container
add interface=veth1 logging=yes mounts=adguardhome_data,adguardhome_conf,adguardhome_work root-dir=container/adguardhome workdir=/opt/adguardhome/work
/container config
set registry-url=https://registry-1.docker.io tmpdir=container/tmp
please fix it
 
User avatar
CTassisF
newbie
Posts: 26
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 5:28 pm

Why are you creating duplicated, nested mounts for /opt/adguardhome/work and for /opt/adguardhome/work/data? This might be your problem.

Create just one mount for /opt/adguardhome/conf and another one for /opt/adguardhome/work and it should work. It is working here for me using this configuration:

/interface veth
add address=172.31.0.1/24 gateway=172.31.0.254 name=adguard

/container config
set ram-high=768.0MiB registry-url=https://registry-1.docker.io tmpdir=disk1/container-tmp

/container mounts
add dst=/opt/adguardhome/conf name=adguard-opt-adguardhome-conf src=/disk1/adguard-opt-adguardhome-conf
add dst=/opt/adguardhome/work name=adguard-opt-adguardhome-work src=/disk1/adguard-opt-adguardhome-work

/container
add dns=172.31.0.254 hostname=adguard interface=adguard mounts=adguard-opt-adguardhome-conf,adguard-opt-adguardhome-work root-dir=disk1/adguard remote-image=adguard/adguardhome:latest
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 5:51 pm

Why are you creating duplicated, nested mounts for /opt/adguardhome/work and for /opt/adguardhome/work/data? This might be your problem.
this post viewtopic.php?p=955911#p955095

previously done as you suggested, result does not change.
 
User avatar
CTassisF
newbie
Posts: 26
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 5:59 pm

this post viewtopic.php?p=955911#p955095

previously done as you suggested, result does not change.

I guess this was a workaround for when it was not possible to create folders/directories inside container mounts. It was a restriction on RouterOS containers that was fixed in 7.5rc2, I think.

To my understanding you should never create nested mounts like you did.

And, as I said before, it is working great on my RB5009UG+S+ using the configuration I shown.
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 825
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 6:53 pm

What's new in 7.6beta6 (2022-Sep-07 12:06):

*) container - added "start-on-boot" parameter for automatic container startup;
Installed on RB3011. This function does not work consistent.
I've 2 containers (Pihole & Adguard) and only Adguard "auto-boots"
Both have the correct flags. Pihole can be started manually, it starts without a problem.
Did not re-create container from scratch since enabling the option worked fine for Adguard.

Anyone else this experience with 2 containers + auto-start ?
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 152
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 7:20 pm

in this release, in BGP sessions
- missing RemoteID, Remote Capabilities, Prefix count & Uptime....
- Not refreshing sessions list, I have to change tab and come back to view new sessions up...
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 7:42 pm



That's just bad practice, don't do it, son.
If i used mount point like /diskN/adguardhome/work or /diskN/adguardhome/data, I got permission denied as the fatal error and AdGuard Home just can not be brought up.
I learnt that this issue can be fixed by inserting the USB disk to a Linux machine and create folders with 777 permission manually.

Do you have any advice, pls? Is this a bug that mikrotik should solve? Thx.
There was a bug that prevented mounts from working properly, that bug was silently fixed in 7.6beta4.
Every "solution" posted up until v7.6beta4 were ugly hacks.
Containers should have root-dir set to a directory dedicated for containers, in a unique directory for each container.
Same goes for mounts.
I use something like this:
/container mounts
add dst=/opt/adguardhome/conf name=agh_conf src=\
    /disk1/docker/mounts/agh/conf
add dst=/opt/adguardhome/work name=agh_work src=\
    /disk1/docker/mounts/agh/work
/container
add interface=veth2 logging=yes mounts=\
    agh_conf,agh_work root-dir=\
    disk1/containers/adguardhome workdir=\
    /opt/adguardhome/work
/container config
set ram-high=96.0MiB registry-url=\
    https://registry-1.docker.io/ tmpdir=\
    disk1/docker/tmp
    
 
rpingar
Long time Member
Long time Member
Posts: 591
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 7:49 pm

*) winbox - fixed "Session Uptime" value for not established sessions under "Routing/BGP" menu;
this for me is untrue, because uptime is empty any way, for estabilished and not estabilished sessions.

the difference from previous version is the before it was a coundown, now it is just empty.
regards
Ros
 
mducharme
Trainer
Trainer
Posts: 1747
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 7:57 pm

the difference from previous version is the before it was a coundown, now it is just empty.
Being empty is their fix for now. They had completely removed the uptime field for some reason, I believe on purpose. You cannot see it in the CLI at all either (and you could in earlier versions when it displayed properly in Winbox), but when they removed it from the CLI, Winbox started displaying some strange value as a glitch instead of displaying nothing, like the command line does.

I assume it will be put back in the CLI and winbox at some point, but it is not a bug, it is just a feature that seems to have been temporarily removed.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 8:23 pm

the difference from previous version is the before it was a coundown, now it is just empty.
The previous version showed the current uptime in commandline but when you opened the sessions tab in winbox it showed a fake ticking uptime...
Even when the session is down or has been down/up, still it showed the incorrect ticking time until using F5 to refresh it.
In v6 the screen is automatically refreshed to show the real values (not only uptime but also remote ID, prefix count, state etc).
I hope in v7 a screen like that will come back, instead of more and more info being removed.
 
mducharme
Trainer
Trainer
Posts: 1747
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 9:38 pm

The previous version showed the current uptime in commandline but when you opened the sessions tab in winbox it showed a fake ticking uptime...
I'm still running 7.5 with BGP and can confirm that it does not show the uptime in the command line, and it displays in winbox with a fake uptime.

I have another router running BGP on 7.4 and that does show the uptime in the command line, but it also shows the correct uptime in winbox.

Which version is it that you speak of that shows the correct uptime in the CLI but the wrong uptime in Winbox?
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Wed Sep 07, 2022 9:45 pm

What I mean with previous version is the 7.4 behavior. The winbox uptime is copied from the router when you open the window, but then it continues ticking upward even when the connection actually is down.
 
cklee234
newbie
Posts: 35
Joined: Tue Sep 29, 2020 6:49 am

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 5:33 am

What's new in 7.6beta6 (2022-Sep-07 12:06):

*) container - added "start-on-boot" parameter for automatic container startup;
how to enable this option - container - added "start-on-boot"

command line?
Got it from the help wiki.
Can add to the existing running docker
 
mducharme
Trainer
Trainer
Posts: 1747
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 6:04 am

What I mean with previous version is the 7.4 behavior. The winbox uptime is copied from the router when you open the window, but then it continues ticking upward even when the connection actually is down.
I understand now. I suspect, to fix this issue, they might have had to re-engineer the peer uptime display a bit, and that would explain why it has been temporarily removed.
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 9:05 am

And, as I said before, it is working great on my RB5009UG+S+ using the configuration I shown.
it's a usb flash drive??
src=/disk1/
 
fragtion
Member Candidate
Member Candidate
Posts: 203
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 1:02 pm

Seems like it's impossible to set certain permissions on mounted files from inside container. For example chmod +x some script, but it's still not executable. So no scripts in a mounted directory can work. Is this intended design, or more of a bug? I understand mounts are usually used for non-executable storage but there are cases where it could be necessary or desirable to host an entire application including the main executable binaries on the mountpoint

Edit: And I'm still getting permission problems after upgrading RouterOS and trying to start a container that I made in 7.6beta4 ....
permsproblem.png
this has been a problem for me ever since containers were re-introduced, that the entire container needs to be recreated each upgrade and data is lost. I thought this was fixed by now as per changelogs?? :/

This is with `jc21/nginx-proxy-manager:latest` & `jc21/mariadb-aria:latest` images. I don't think it's an issue with the images, because everything works on deployment and continues to work fine (including stopping/starting/rebooting the chr instance and/or containers) until routeros upgrades to a new version
You do not have the required permissions to view the files attached to this post.
Last edited by fragtion on Thu Sep 08, 2022 3:52 pm, edited 10 times in total.
 
LynxChaus
newbie
Posts: 29
Joined: Tue Jul 08, 2014 2:24 pm

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 1:35 pm

What is the scenario and config that triggers the memory leak?
In our case - cheap Dlink DES-3200-A1 in the middle between rb1100ahx2 and rb2011 randomly drops multicast packets in both directions. So, LDP session periodically restarted (and OSPFv2 too) - rb2011 die due OOM. It's still alive, but with CPU under 100% loads, networking process consume 85%, SNMP not working, VPLS tunnel dead, telnet/mac-telnet still alive.

What's new in 7.6beta6 (2022-Sep-07 12:06):

....
*) ospf - refresh OSPFv3 interface configuration when IPv6 network becomes available;
....
OSPFv3 broken - now it complains about wrong checksum every 10 seconds...
 
ech1965
just joined
Posts: 17
Joined: Wed Mar 20, 2019 3:53 pm

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 2:54 pm

Seems like it's impossible to set permissions on mounted files from inside container. For example chmod +x some script, but it's still not executable. So no scripts in a mounted directory can work. Is this intended design, or more of a bug? I understand mounts are usually used for non-executable storage but there are cases where it could be necessary or desirable to host an entire application including the main executable binaries on the mountpoint
Are you by chance using a USB stick formatted with exfat/fat filesystem as storage on router for your container mount points ?
If underlying filesystem does not support permissions, chmod from inside a container to a mounted directory won't do anything.
 
fragtion
Member Candidate
Member Candidate
Posts: 203
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 3:13 pm

Are you by chance using a USB stick formatted with exfat/fat filesystem as storage on router for your container mount points ?
If underlying filesystem does not support permissions, chmod from inside a container to a mounted directory won't do anything.
Nope, described issue is on a chr with no other external disk, just mounting to a path on the native storage

Aand I think I just found another issue. The new "start-on-boot" feature only seems to work on a single container even if it was enabled for multiple containers.

My chr also didn't reboot properly after I enabled that on my containers (not accessible several minutes after rebooting to test the feature). Fortunately it did boot up fine again after manually resetting the instance through the cloud console. I'm not sure if that was some bad luck on my side or a reproducible bug, but I'm leaving it here for the record anyway...
 
User avatar
Ullinator
just joined
Posts: 3
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 5:14 pm

Got IPv6 hw-offload working in my home network. It's great!

https://www.reddit.com/r/mikrotik/comme ... nd_crs328/

Image

Image
Hmmm....stange behavior on my two CRS326-24G-2S+ Switches. Winbox told me L3HW-Offloading is activated in the switch menu, CLI said it wasn´t.
After activating it via CLI both switches died after a few seconds and didn´t came back, even after a cold boot.
I had to netinstall both....
I´ve taken a new CRS326-24G-2S+, blow away the config, build up from scratch a simple bridge config, have updated ROS and FW to 7.6Beta6 and activated in the Switch-menu L3HW-offloading. After that I´ve activated the IPv6-HW offloading, too via CLI and like the first time the Switch died after a few seconds.
So in my conclusion this feature is not production ready!!
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 5:23 pm

*) l3hw - fixed "H" flag presence for accelerated connection tracking entries;
does this work for anyone? I have l3hw offloading enabled on my CCR2116 and fasttrack enabled for all established,related connections but I've never seen a H flag in the connection list (ipv4/ipv6). Even when I filter hw-offloaded connections, there are 0 entries. I know it's working, else I wouldn't get 2% cpu utilization at 2.5Gb/s throughput.
 
User avatar
CTassisF
newbie
Posts: 26
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.6beta [testing] is released!

Thu Sep 08, 2022 6:13 pm

And, as I said before, it is working great on my RB5009UG+S+ using the configuration I shown.
it's a usb flash drive??
src=/disk1/

Yes. USB flash drive formatted as ext4.
 
mfedotov
just joined
Posts: 14
Joined: Mon Oct 25, 2021 3:32 am

Re: v7.6beta [testing] is released!

Fri Sep 09, 2022 1:03 am


Hmmm....stange behavior on my two CRS326-24G-2S+ Switches. Winbox told me L3HW-Offloading is activated in the switch menu, CLI said it wasn´t.
After activating it via CLI both switches died after a few seconds and didn´t came back, even after a cold boot.
I had to netinstall both....
I´ve taken a new CRS326-24G-2S+, blow away the config, build up from scratch a simple bridge config, have updated ROS and FW to 7.6Beta6 and activated in the Switch-menu L3HW-offloading. After that I´ve activated the IPv6-HW offloading, too via CLI and like the first time the Switch died after a few seconds.
So in my conclusion this feature is not production ready!!

Just did a test on my CRS309, it worked one way for me (traffic from one port to another offloaded, the other direction not). Then I tried to disable and re-enable ip6 l3hw, and it caused temporarily loss of connectivity to the router, once recovered the ipv6 was no longer working, even after disabling the l3hw. Afterwards the connectivity to the router lost a few more times (for a few seconds). After that I rebooted the router and re-enabled l3hw again, and for now it works OK both directions... I only have a couple of test servers with ipv6, don't use ipv6 for anything else for now...

So, yes, looks like definitely not production ready yet, but so was the ipv4 l3hw in the first versions, so I am hopeful that all the issues will get resolved soon...
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 214
Joined: Mon Apr 27, 2020 10:14 am

Re: v7.6beta [testing] is released!

Fri Sep 09, 2022 8:01 pm

Just did a test on my CRS309, it worked one way for me (traffic from one port to another offloaded, the other direction not). Then I tried to disable and re-enable ip6 l3hw, and it caused temporarily loss of connectivity to the router, once recovered the ipv6 was no longer working, even after disabling the l3hw. Afterwards the connectivity to the router lost a few more times (for a few seconds). After that I rebooted the router and re-enabled l3hw again, and for now it works OK both directions... I only have a couple of test servers with ipv6, don't use ipv6 for anything else for now...

So, yes, looks like definitely not production ready yet, but so was the ipv4 l3hw in the first versions, so I am hopeful that all the issues will get resolved soon...

Thanks for the feedback! We reproduced the issue and already fixed it! The fix will be in the next beta. Meanwhile, it is recommended to restart the router after enabling l3hw ipv6.
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 214
Joined: Mon Apr 27, 2020 10:14 am

Re: v7.6beta [testing] is released!

Fri Sep 09, 2022 8:03 pm

*) l3hw - fixed "H" flag presence for accelerated connection tracking entries;
does this work for anyone? I have l3hw offloading enabled on my CCR2116 and fasttrack enabled for all established,related connections but I've never seen a H flag in the connection list (ipv4/ipv6). Even when I filter hw-offloaded connections, there are 0 entries. I know it's working, else I wouldn't get 2% cpu utilization at 2.5Gb/s throughput.
Maybe the packets are routed by the hardware (switch chip) and do not enter the CPU at all? Do you non-wh-offloaded FastTrack connections (without H flag) in the connection list? Or is the list empty? The latter means the routing is fully performed by the hardware (which is good, unless you want to Firewall it first).
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 214
Joined: Mon Apr 27, 2020 10:14 am

Re: v7.6beta [testing] is released!

Fri Sep 09, 2022 8:07 pm


Hmmm....stange behavior on my two CRS326-24G-2S+ Switches. Winbox told me L3HW-Offloading is activated in the switch menu, CLI said it wasn´t.
After activating it via CLI both switches died after a few seconds and didn´t came back, even after a cold boot.
I had to netinstall both....
I´ve taken a new CRS326-24G-2S+, blow away the config, build up from scratch a simple bridge config, have updated ROS and FW to 7.6Beta6 and activated in the Switch-menu L3HW-offloading. After that I´ve activated the IPv6-HW offloading, too via CLI and like the first time the Switch died after a few seconds.
So in my conclusion this feature is not production ready!!

While we found some issues with l3hw ipv6 in DX3000 switch chips, we couldn't reproduce your issue. Does your CRS326 become completely unresponsive, or does only IPv6 traffic gets dropped? Can you access the switch via Winbox L2 (by MAC address)?
 
User avatar
Ullinator
just joined
Posts: 3
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.6beta [testing] is released!

Fri Sep 09, 2022 8:57 pm

@raimondsp: all 3 Switches became completly unresponsive, no L2 and no L3.
I only got access back after resetting the config via reset-button.
 
hecatae
Member Candidate
Member Candidate
Posts: 209
Joined: Thu May 21, 2020 2:34 pm

Re: v7.6beta [testing] is released!

Sun Sep 11, 2022 8:29 pm

I seem to have lost 5G on this beta and the latest RG502QEAAAR13A02M4G modem firmware on my Chateau 5G.
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 214
Joined: Mon Apr 27, 2020 10:14 am

Re: v7.6beta [testing] is released!

Mon Sep 12, 2022 1:39 pm

@raimondsp: all 3 Switches became completly unresponsive, no L2 and no L3.
I only got access back after resetting the config via reset-button.

That's strange. Please create a support ticket, so we can try to reproduce your issue.
 
hecatae
Member Candidate
Member Candidate
Posts: 209
Joined: Thu May 21, 2020 2:34 pm

Re: v7.6beta [testing] is released!

Mon Sep 12, 2022 5:09 pm

Support ticket raised, 7.6beta runs fine on my Chateau LTE12 while I await a response.
 
User avatar
CTassisF
newbie
Posts: 26
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.6beta [testing] is released!

Mon Sep 12, 2022 11:07 pm

Anyone seeing issues with WPA3 and iOS 16 (released today)?

After upgrading iPhone 12 to iOS 16.0 it was unable to connect to wpa2-psk,wpa3-psk networks I have on my hAP ac3 running RouterOS 7.6beta6 with WifiWave2 package. Before the upgrade (iOS 15.6) it was connecting fine.

After changing the interface to be only wpa2-psk the iPhone is connecting fine again.
 
cdemers
Member Candidate
Member Candidate
Posts: 214
Joined: Sun Feb 26, 2006 3:32 pm
Location: Canada
Contact:

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 1:41 am

@CTassisF
In a previous release this type of issue with WPA3 was mentioned. Maybe this will help:
viewtopic.php?p=953191&hilit=wpa3#p953191
Mentioned setting this helped:
/interface/wifiwave2/security/set (yourWiFiprofile) sae-pwe=hunting-and-pecking
 
User avatar
CTassisF
newbie
Posts: 26
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 4:37 am

What this quote was for? Removed

Thanks! Changing this config fixed the issue with iPhone + iOS 16 + WPA3.
 
daaf
just joined
Posts: 11
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 8:00 am

The problem of global variables that disappear still persists, someone from mikrotik who can say if they are taking action on the matter?

viewtopic.php?p=944654#p944663
 
holvoetn
Forum Guru
Forum Guru
Posts: 1627
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 9:32 am

If you have not created a support ticket, they might not even be aware since they do not read each and every post on this forum. It's a user forum. Not a technical forum.
Did you create a support ticket ?
Did they respond to it ?
Last edited by holvoetn on Tue Sep 13, 2022 3:36 pm, edited 1 time in total.
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 555
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 9:50 am

Hi,
Dose MT container supports the systemd, privileged docker image ?
Examples
docker run -ti --privileged=true -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/centos7-systemd
docker run --tmpfs /tmp --tmpfs /run -it -v /sys/fs/cgroup:/sys/fs/cgroup:ro  -p 80:80 local/r8-systemd-httpd
MT

 MikroTik RouterOS 7.6beta6 (c) 1999-2022       

[admin@MikroTik] > container/shell number=0
0;root@MikroTik:/[root@MikroTik /]# systemctl
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down

0;root@MikroTik:/[root@MikroTik /]# cat etc/os-release
NAME="Rocky Linux"
VERSION="8.6 (Green Obsidian)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="8.6"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Rocky Linux 8.6 (Green Obsidian)"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:rocky:rocky:8:GA"
 
User avatar
Ullinator
just joined
Posts: 3
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 2:17 pm

@raimondsp: all 3 Switches became completly unresponsive, no L2 and no L3.
I only got access back after resetting the config via reset-button.

That's strange. Please create a support ticket, so we can try to reproduce your issue.
@raimondsp
Okay, support ticket opened: SUP-92398
 
ALEJANDROgordon
just joined
Posts: 16
Joined: Mon Apr 25, 2011 12:53 am

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 2:44 pm

in a ccr2216 device the l3hw option on some ports is disabled, however when it is restarted the l3hw option is enabled again and the NAT fails.
 
User avatar
Ullinator
just joined
Posts: 3
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 2:57 pm

@ IPv6-HW offloading:
@ raimondsp:
It seems to be, that the issue has something to do with the SPP+ connection. When I connect the switch via 1GBit copper everything seems to work.
But when I use the SFP+ slot, the switch stops responding via L2 and L3.
(used SFP+ module: MikroTik S+RJ10)
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 3:39 pm

For me l3hw offloading doesn't seem to work at all. I read the help page multiple times, but couldn't find anything I may have misconfigured. I got it working once for a few seconds, after making changes to the bridge configuration, then there was a H entry in the connection list. But a few seconds later the connection disappeared and the list remained empty. I can't use port-based hw-offloading, because I use many tunnels that can't be offloaded, so I'd need a lot of acl rules to redirect the traffic to the cpu. But when I tried it, not even simple inter-vlan routing worked between some networks. Some hosts were only reachable by ping, while others couldn't be reached at all. This was between a 802.3ad bond (2xSFP+) and a SFP+ port, didn't try 1G ports.
 
kev445
just joined
Posts: 9
Joined: Tue Mar 01, 2011 12:57 pm

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 4:02 pm

Anyone seeing issues with WPA3 and iOS 16 (released today)?

After upgrading iPhone 12 to iOS 16.0 it was unable to connect to wpa2-psk,wpa3-psk networks I have on my hAP ac3 running RouterOS 7.6beta6 with WifiWave2 package. Before the upgrade (iOS 15.6) it was connecting fine.

After changing the interface to be only wpa2-psk the iPhone is connecting fine again.
I'm having the same issue, but I'm on 7.5, having wpa2-psk only has resolved the issue (wpa3-psk was previously enabled).

Interestingly though, iOS 16 had no issue connecting to our guest network (slave interface), which had the exact same security config.
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 214
Joined: Mon Apr 27, 2020 10:14 am

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 4:23 pm

@raimondsp
Okay, support ticket opened: SUP-92398

We received the support ticket and investigating the issue. Thank you!
 
User avatar
raimondsp
MikroTik Support
MikroTik Support
Posts: 214
Joined: Mon Apr 27, 2020 10:14 am

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 4:25 pm

For me l3hw offloading doesn't seem to work at all. I read the help page multiple times, but couldn't find anything I may have misconfigured. I got it working once for a few seconds, after making changes to the bridge configuration, then there was a H entry in the connection list. But a few seconds later the connection disappeared and the list remained empty. I can't use port-based hw-offloading, because I use many tunnels that can't be offloaded, so I'd need a lot of acl rules to redirect the traffic to the cpu. But when I tried it, not even simple inter-vlan routing worked between some networks. Some hosts were only reachable by ping, while others couldn't be reached at all. This was between a 802.3ad bond (2xSFP+) and a SFP+ port, didn't try 1G ports.

Are we talking about IPv4 or IPv6 HW Offloading? Please post your "/interface/export", "/ip/export", and (in the case of ipv6) "/ipv6/export" output.
 
hecatae
Member Candidate
Member Candidate
Posts: 209
Joined: Thu May 21, 2020 2:34 pm

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 4:56 pm

*) lte - disabled RPLMN on Chateau 5G;

RG502QEAAAR11A07M4G_01.001.01.001
Solved the problem that AT+QNWCFG="clr_rplmn" could not clear RPLMN
when you used certain SIM cards

Hi MikroTik, is the above fix, solving a problem that has already been resolved by Quectel on the latest R11A07 firmware?
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 7:53 pm

@raimondsp
IPv6 hw offload didn't work either in my test, but currently I'm focusing only on IPv4.
I removed like 90% of the configuration and ended up with probably the most simple setup. However it still isn't working.
Here is the export of /int and /ip. There are some routes with invalid gateways, which are only visible in the export, not in the cli or winbox, so I couldn't remove them. (another issue that needs to be fixed)
For the test I ran iperf3 between 172.20.164.8 - 192.168.66.2.
/int/ex
# sep/13/2022 18:14:45 by RouterOS 7.6beta6
# software id = 
#
# model = CCR2116-12G-4S+
# serial number = 
/interface bridge
add add-dhcp-option82=yes dhcp-snooping=yes frame-types=admit-only-vlan-tagged name=BRIDGE protocol-mode=none vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] advertise=10M-full,100M-full,1000M-full disabled=yes l2mtu=1580 name=E01.WAN
set [ find default-name=ether2 ] advertise=10M-full,100M-full,1000M-full disabled=yes l2mtu=1580 name=E02
set [ find default-name=ether3 ] advertise=10M-full,100M-full,1000M-full disabled=yes l2mtu=1580 loop-protect=on name=E03
set [ find default-name=ether4 ] advertise=10M-full,100M-full,1000M-full l2mtu=1580 name=E04.PVE-MGMT
set [ find default-name=ether5 ] advertise=10M-full,100M-full,1000M-full disabled=yes l2mtu=1580 name=E05
set [ find default-name=ether6 ] advertise=10M-full,100M-full,1000M-full disabled=yes l2mtu=1580 name=E06
set [ find default-name=ether7 ] advertise=10M-full,100M-full,1000M-full disabled=yes l2mtu=1580 name=E07
set [ find default-name=ether8 ] disabled=yes l2mtu=1580 name=E08
set [ find default-name=ether9 ] disabled=yes l2mtu=1580 name=E09
set [ find default-name=ether10 ] disabled=yes l2mtu=1580 name=E10
set [ find default-name=ether11 ] disabled=yes l2mtu=1580 name=E11
set [ find default-name=ether12 ] disabled=yes l2mtu=1580 name=E12
set [ find default-name=ether13 ] disabled=yes name=OOBM
set [ find default-name=sfp-sfpplus1 ] advertise=1000M-half,1000M-full,2500M-full,5000M-full l2mtu=9570 mtu=9000 name=S1.UPLINK speed=10Gbps
set [ find default-name=sfp-sfpplus2 ] advertise=10000M-full l2mtu=9570 mtu=9000 name=S2.UPLINK speed=10Gbps
set [ find default-name=sfp-sfpplus3 ] l2mtu=9570 mtu=9000 name=S3.PVE speed=2.5Gbps
set [ find default-name=sfp-sfpplus4 ] disabled=yes name=S4
/interface vlan
add interface=BRIDGE name=0066.SERVER vlan-id=66
add interface=BRIDGE name=0099.MGMT vlan-id=99
add interface=BRIDGE name=0164.LAN vlan-id=164
/interface bonding
add lacp-rate=1sec mode=802.3ad mtu=9000 name=BOND.SWITCH slaves=S1.UPLINK,S2.UPLINK transmit-hash-policy=layer-3-and-4
/interface ethernet switch
set 0 l3-hw-offloading=yes
/interface ethernet switch port
set 0 l3-hw-offloading=no
set 1 l3-hw-offloading=no
set 2 l3-hw-offloading=no
set 3 l3-hw-offloading=no
set 4 l3-hw-offloading=no
set 5 l3-hw-offloading=no
set 6 l3-hw-offloading=no
set 7 l3-hw-offloading=no
set 8 l3-hw-offloading=no
set 9 l3-hw-offloading=no
set 10 l3-hw-offloading=no
set 11 l3-hw-offloading=no
set 12 l3-hw-offloading=no
set 13 l3-hw-offloading=no
set 14 l3-hw-offloading=no
set 15 l3-hw-offloading=no
/interface lte apn
set [ find default=yes ] ip-type=ipv4
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=BRIDGE frame-types=admit-only-untagged-and-priority-tagged interface=E04.PVE-MGMT pvid=99
add bridge=BRIDGE frame-types=admit-only-vlan-tagged interface=S3.PVE
add bridge=BRIDGE frame-types=admit-only-vlan-tagged interface=BOND.SWITCH multicast-router=disabled trusted=yes
/interface ethernet switch l3hw-settings
set ipv6-hw=yes
/interface bridge vlan
add bridge=BRIDGE comment=LAN tagged=BRIDGE,BOND.SWITCH,S3.PVE vlan-ids=164
add bridge=BRIDGE comment=MGMT tagged=BRIDGE,BOND.SWITCH vlan-ids=99
add bridge=BRIDGE comment=SERVER tagged=BRIDGE,S3.PVE vlan-ids=66
/interface ovpn-server server
set auth=sha1 cipher=aes128,aes192,aes256 mac-address=00:24:D3:F2:66:C7 max-mtu=1492 netmask=30 port=5222

/ip/ex
# sep/13/2022 18:13:34 by RouterOS 7.6beta6
# software id = 
#
# model = CCR2116-12G-4S+
# serial number = 
/ip ipsec profile
set [ find default=yes ] dh-group=ecp256 enc-algorithm=aes-256 hash-algorithm=sha512 prf-algorithm=sha512 proposal-check=strict
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha256 enc-algorithms=aes-256-cbc lifetime=12h pfs-group=ecp256
/ip pool
add name=LAN ranges=172.20.164.1-172.20.164.59
/ip dhcp-server
add add-arp=yes address-pool=LAN allow-dual-stack-queue=no authoritative=after-2sec-delay bootp-support=none interface=0164.LAN lease-time=1w name=LAN
/ip address
add address=192.168.99.1/28 interface=0099.MGMT network=192.168.99.0
add address=172.20.164.60/24 interface=0164.LAN network=172.20.164.0
add address=192.168.66.1/24 interface=0066.SERVER network=192.168.66.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1m
/ip dhcp-server lease
add address=172.20.164.1 allow-dual-stack-queue=no client-id=1:4c:20:b8:e5:2:3c mac-address=4C:20:B8:E5:02:3C server=LAN
add address=172.20.164.6 allow-dual-stack-queue=no client-id=1:42:4b:fc:6d:b:7f mac-address=42:4B:FC:6D:0B:7F server=LAN
/ip dhcp-server network
add address=172.20.164.0/24 dns-server=192.168.66.21 domain=lan gateway=172.20.164.60 ntp-server=172.20.164.60
/ip firewall address-list
add address=172.20.164.0/24 list=ADMIN
add address=10.0.0.0/8 list=PRIVATE
add address=172.16.0.0/12 list=PRIVATE
add address=192.168.0.0/16 list=PRIVATE
/ip firewall connection tracking
set icmp-timeout=4s loose-tcp-tracking=no udp-timeout=30s
/ip neighbor discovery-settings
set discover-interface-list=all protocol=lldp,mndp
/ip settings
set max-neighbor-entries=8192
/ip firewall filter
add action=fasttrack-connection chain=forward comment="FASTTRACK HW-OFFLOAD" connection-state=established,related dst-address-list=PRIVATE hw-offload=yes \
    src-address-list=PRIVATE
add action=fasttrack-connection chain=forward comment=FASTTRACK connection-state=established,related hw-offload=no
add action=accept chain=forward comment="ESTABLISHED, RELATED" connection-state=established,related
/ip firewall service-port
set irc disabled=no ports=6667,6697
set sip disabled=yes ports=5060,5061,5070
/ip proxy
set max-cache-object-size=512000KiB
/ip route
add check-gateway=none disabled=no distance=1 dst-address=172.16.0.0/14 gateway=*1A routing-table=main scope=30 suppress-hw-offload=no target-scope=10
add disabled=no dst-address=10.13.37.2/32 gateway=*1A routing-table=main suppress-hw-offload=no
add dst-address=10.242.6.1/32 gateway=*1A
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.33.2 pref-src=0.0.0.0 routing-table=*404 scope=30 suppress-hw-offload=no target-scope=10
add disabled=no dst-address=10.242.99.0/24 gateway=*1A routing-table=main suppress-hw-offload=no
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes port=4480
set www-ssl tls-version=only-1.2
set api disabled=yes
set api-ssl disabled=yes
/ip socks
set max-connections=250 version=5
/ip ssh
set always-allow-password-login=yes forwarding-enabled=both host-key-size=4096 strong-crypto=yes
/ip traffic-flow
set cache-entries=256k
2022-09-13 at 18.43.44.png
S1+S2 use XS+DA0001; S3 uses S+RJ10 module, will try 1G ports tomorrow, to see if there's a difference / problem with SFP+ ports.
You do not have the required permissions to view the files attached to this post.
Last edited by osc86 on Wed Sep 14, 2022 1:07 am, edited 1 time in total.
 
elbob2002
Member Candidate
Member Candidate
Posts: 182
Joined: Tue May 15, 2018 8:15 pm
Location: Ireland

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 10:42 pm

I found on 7.5 that for L3 hardware off loading on my CRS328, not all VLANs would be offloaded.Each new VLAN I added required a reboot for it to work. But I can see on yours that you've rebooted.
 
marrold
Member
Member
Posts: 422
Joined: Wed Sep 04, 2013 10:45 am

Re: v7.6beta [testing] is released!

Tue Sep 13, 2022 11:34 pm

dumped-saved-advertisements is broken in 7.5 and 7.6beta6 as per this thread viewtopic.php?p=956793#p956793
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Wed Sep 14, 2022 8:54 am

Soooo.......
Question.
/system/device-mode/print 
            mode: enterprise
[...]
            l2tp: no
[...]

/interface/l2tp-server/export verbose
/interface l2tp-server server
# inactivated, not allowed by device-mode
[...] enabled=no [...]

/log/print
05:46:01 l2tp,info first L2TP UDP packet received from x.y.x.z
05:46:02 l2tp,info first L2TP UDP packet received from x.y.z.x
l2tp is disabled via setting and via device-mode, how is it listening?
 
User avatar
Ullinator
just joined
Posts: 3
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.6beta [testing] is released!

Wed Sep 14, 2022 1:35 pm

@ IPv6-HW offloading:
@ raimondsp: even the 7.7Alpha72 preview doesn´t help... :-/
Short update, with an SFP+ connection the switch doesn´t boot but with only some copper connections it does.
BUT: even only with copper connections the switch reboots sponaniously every several minutes with a kernel failure. MT is investigating the issue :-)
 
xPucTu4
just joined
Posts: 3
Joined: Sun Dec 06, 2009 3:10 pm

Re: v7.6beta [testing] is released!

Wed Sep 14, 2022 3:03 pm

+1 for OSPFv3 wrong checksum (7.6beta6 on rb2011)
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6776
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.6beta [testing] is released!

Wed Sep 14, 2022 8:23 pm

"Wrong checksum" problem will be fixed in the next beta
 
bma
just joined
Posts: 20
Joined: Sat Feb 19, 2022 11:40 pm

Re: v7.6beta [testing] is released!

Thu Sep 15, 2022 5:21 am

7.6beta4: RB5009 no longer shows and provides access to mounted USB T5 Samsung SSD drive partition. It works in 7.5 and earlier.
Was able to get 32b windows netinstall working today and after installing 7.6beta6 the drive now works correctly. I wasn't expecting netinstall to fix this but since no one else reported a similar problem it seemed worth trying.
 
elelec
just joined
Posts: 4
Joined: Mon Jul 15, 2019 5:22 pm

Re: v7.6beta [testing] is released!

Thu Sep 15, 2022 10:32 am

Hello. When will BFD appear?
 
User avatar
Ullinator
just joined
Posts: 3
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.6beta [testing] is released!

Thu Sep 15, 2022 10:56 am

@ IPv6-HW offloading:
@ raimondsp: good news, the deactivation of IGMP Snooping was the deal
Switch didn´t reboot spontaniously anymore and even the problem with the SFP+ connection which prevents the boot is gone. (in 7.7 Alpha72)
So you “only” have to fix the IGMP Snooping problem ;-)
Good Job!! :-)

P.S: if you need additional files or infos from me, ask!
 
mobyfab
just joined
Posts: 5
Joined: Tue Jul 03, 2018 4:45 pm
Location: France

Re: v7.6beta [testing] is released!

Thu Sep 15, 2022 11:39 am

CCR2116: L3HW NAT is fixed with 7.6beta6 (broke with 7.5)
CPU switch rules are still broken though.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Thu Sep 15, 2022 11:43 am

Hello. When will BFD appear?
BFD is a work in progress. It has been since Sep 4, 2021. For over a year now.
 
User avatar
spippan
Member Candidate
Member Candidate
Posts: 134
Joined: Wed Nov 12, 2014 1:00 pm

Re: v7.6beta [testing] is released!

Thu Sep 15, 2022 9:36 pm

Hello. When will BFD appear?
waiting on this one too in v7...
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 1:51 pm

What's new in 7.6beta7 (2022-Sep-16 09:27):

*) bgp - fixed reporting of session uptime;
*) branding - execute "autorun.scr" file when installing branding package;
*) certificate - restricted maximum retry attempt window for Let's Encrypt certificate to 60 minutes;
*) container - allow changing container related parameters while it is running;
*) health - improved voltage reading on RBmAP-2nD;
*) hotspot - fixed SSL usage on all HotSpot pages;
*) l3hw - improved connected host offloading on startup;
*) l3hw - improved connected IPv6 host offloading when routing table is nearly full for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) l3hw - made route offloading selection work only on unicast;
*) lte - added interface name in MTU debug logging message;
*) ospf - fixed checksum calculation;
*) ospf - improved logging when invalid configuration is detected;
*) route - fixed disappearance of inactive static routes after upgrade;
*) routerboard - set "Delete" as default key to enter booter menu ("/system routerboard upgrade" required);
*) sms - fixed handling of SMS send attempts on unsupported modems;
*) user-manager - accept any username for outer authentication;
*) user-manager - added "comment" parameter for batch user creation;
*) user-manager - added support for multiple accounting sessions;
*) user-manager - added variables to print profile name and end time in voucher templates;
*) user-manager - forced username verification against client's certificate for EAP-TLS;
*) webfig - fixed creation of new IPv6 routes;
*) winbox - changed order of tabs under "User Manager" menu;
*) wireless - fixed incorrectly applied ingress priority to non-wireless packets;
 
depth0cert
just joined
Posts: 8
Joined: Thu Sep 08, 2022 11:03 pm

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 2:08 pm

What's new in 7.6beta7 (2022-Sep-16 09:27):
Problem SUP-92054 is not solved with 7.6beta7. Please, fix it.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 2:14 pm

The changelog does not even indicate that the issue is resolved in this release. Wait for the release that fixes the issue.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2282
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 2:49 pm

What about recognition of LTE modules? Is it going to be resolved? No mention in the changelog :)
Real admins use real keyboards so Make Forum Great Again. Post, Reply & Quote Smart.
 
fragtion
Member Candidate
Member Candidate
Posts: 203
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 3:24 pm

badperms.png
I know nothing is explicitly mentioned in the changelogs for this, but Once again the container was working fine until the version upgrade and occurs every time after upgrading to new beta (already reported for 7.6beta6: viewtopic.php?p=957696#p956039)...

It's a real tedious and time-consuming headache to recreate and reconfigure each time. When will this be fixed?? Pls guys
You do not have the required permissions to view the files attached to this post.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 5:25 pm

badperms.png
I know nothing is explicitly mentioned in the changelogs for this, but Once again the container was working fine until the version upgrade and occurs every time after upgrading to new beta (already reported for 7.6beta6: viewtopic.php?p=957696#p956039)...

It's a real tedious and time-consuming headache to recreate and reconfigure each time. When will this be fixed?? Pls guys
I don't know what problem you're still having, I've just upgraded from 7.6beta6 to 7.6beta7 and my AdGuadHome container auto started just fine:
 17:19:18 container[...] [info] AdGuard Home, version v0.107.13
 17:19:18 container[...] [error] creating dhcpv4 srv: dhcpv4: <nil> is not an IP address
 17:19:18 container[...] [info] Initializing auth module: /opt/adguardhome/work/data/sessions.db
 [...]
 17:19:19 container[...] [info] saving filter 1 contents to: /opt/adguardhome/work/data/filters/1.txt
 17:19:19 container[...] [info] updated filter 1: 949769 bytes, 49146 rules
 17:19:19 container[...] [info] Updated filter #1.  Rules: 48908 -> 49146
Show a /container config export , so we can see what you did there.
Last edited by Znevna on Mon Sep 19, 2022 7:06 pm, edited 1 time in total.
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 152
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 6:32 pm

7.6b7 bgp sessions information ok now...
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 7:45 pm

7.6b7 bgp sessions information ok now...
No! The uptime is ticking but it still displays fake information when a winbox "sessions" screen is open!
The uptime continues to tick up even when the session has been closed or failed.
 
L3n1n
just joined
Posts: 1
Joined: Sun Nov 28, 2021 2:14 am

Re: v7.6beta [testing] is released!

Mon Sep 19, 2022 7:47 pm

7.6beta7 (2022-Sep-16 09:27):

Started with the previous beta LTE interface reboots when trying to connect . LtAP-2HnD
 
mducharme
Trainer
Trainer
Posts: 1747
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 5:03 am

No! The uptime is ticking but it still displays fake information when a winbox "sessions" screen is open!
The uptime continues to tick up even when the session has been closed or failed.
It seems to be fixed at the CLI. They might need to do additional things to fix this in Winbox, as it is quite common for them to add a new feature in the CLI and it only works in Winbox in a future version. What I see now in the CLI is that the session timer is back when the session is active, but it disappears entirely when the session has stopped. I think Winbox doesn't know how to handle this and instead just keeps counting the seconds from where it was before rather than clearing it. Probably, in a future version, we will see Winbox fixed.

The nice enhancement we have now, compared to 7.4, is that there are now fields for BGP session last-started and last-stopped date and time at the CLI.
 
buset1974
Frequent Visitor
Frequent Visitor
Posts: 79
Joined: Wed Sep 13, 2006 12:12 pm
Location: Jakarta

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 8:28 am

BGP VRF MPLS L3 (PE-CE) in v7.6 beta7
still having problem with routing propagation.
route sent from PE did not propagate correctly to Other PE's, missing AS-PATH
capture-7.6beta7.jpg
thx
You do not have the required permissions to view the files attached to this post.
 
chubbs596
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Fri Dec 06, 2013 6:07 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 9:58 am

Hello. When will BFD appear?
waiting on this one too in v7...
So am I, I cannot go into production with ROS v7 until this is added, I have several BGP sessions with BFD requirement,

Also still have an issue with BGP-MED values not advertised on IBGP sessions
 
chubbs596
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Fri Dec 06, 2013 6:07 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 10:05 am

7.6b7 bgp sessions information ok now...
No! The uptime is ticking but it still displays fake information when a winbox "sessions" screen is open!
The uptime continues to tick up even when the session has been closed or failed.
Seeing the same, Session dropped after a few minutes, and nothing helps restoring the session, have to reboot the router
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 11:00 am

I don't know what problem you're still having, I've just upgraded from 7.6beta6 to 7.6beta7 and my AdGuadHome container auto started just fine:
 17:19:18 container[...] [info] AdGuard Home, version v0.107.13
 17:19:18 container[...] [error] creating dhcpv4 srv: dhcpv4: <nil> is not an IP address
 17:19:18 container[...] [info] Initializing auth module: /opt/adguardhome/work/data/sessions.db
 [...]
 17:19:19 container[...] [info] saving filter 1 contents to: /opt/adguardhome/work/data/filters/1.txt
 17:19:19 container[...] [info] updated filter 1: 949769 bytes, 49146 rules
 17:19:19 container[...] [info] Updated filter #1.  Rules: 48908 -> 49146
Show a /container config export , so we can see what you did there.
where is your data stored? on an external flash drive?
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 11:05 am

No! The uptime is ticking but it still displays fake information when a winbox "sessions" screen is open!
The uptime continues to tick up even when the session has been closed or failed.
It seems to be fixed at the CLI. They might need to do additional things to fix this in Winbox, as it is quite common for them to add a new feature in the CLI and it only works in Winbox in a future version. What I see now in the CLI is that the session timer is back when the session is active, but it disappears entirely when the session has stopped. I think Winbox doesn't know how to handle this and instead just keeps counting the seconds from where it was before rather than clearing it. Probably, in a future version, we will see Winbox fixed.
What we need in winbox is an auto-refresh of the BGP sessions window, as it was with v6 with the BGP peers window!
It should poll the router for actual information (including the actual uptime) rather than make a single query and display that info forever, including a fake ticking uptime.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 11:09 am

Seeing the same, Session dropped after a few minutes, and nothing helps restoring the session, have to reboot the router
That is not what I am claiming! The session gets disconnected and gets restored when the link comes back, but that does not show in the sessions display.
No idea why it does not work for you. I never seen that happening. Did you check the log? Maybe it says something like "EBGP peer is not on a shared network and multihop is not configured"? There is a bug in the new BGP that sometimes makes it mis-detect this situation and you have to enable multihop even though the peer isn't multihop!
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 11:11 am

where is your data stored? on an external flash drive?
Of course, yes.
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 11:28 am

where is your data stored? on an external flash drive?
Of course, yes.
so try on the internal flash drive. you will also get an error.
for example, there is no usb port on 4011. And there is this problem.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 11:32 am

I don't run containers on internal memory that's not that easy to replace (if even possible at all), sorry.
 
fragtion
Member Candidate
Member Candidate
Posts: 203
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 12:11 pm

I don't know what problem you're still having, I've just upgraded from 7.6beta6 to 7.6beta7 and my AdGuadHome container auto started just fine:

Show a /container config export , so we can see what you did there.
Yeah it's definitely still a problem for me hey.. happening after each update, I'm not just making things up here.

Here's exactly what I use (except passwords changed obviously):
/container mounts add dst=/data name=nginxpm-app-data src=/container/nginxpm-app/data
/container mounts add dst=/etc/letsencrypt name=nginxpm-app-letsencrypt src=/container/nginxpm-app/letsencrypt
/container mounts add dst=/var/lib/mysql name=nginxpm-db-mysql src=/container/nginxpm-db/mysql
/container envs add key=DB_MYSQL_HOST name=nginxpm-app value=172.18.0.3
/container envs add key=DB_MYSQL_PORT name=nginxpm-app value=3306
/container envs add key=DB_MYSQL_USER name=nginxpm-app value=myuser
/container envs add key=DB_MYSQL_PASSWORD name=nginxpm-app value=somepass
/container envs add key=DB_MYSQL_NAME name=nginxpm-app value=nginxpm
/container envs add key=MYSQL_ROOT_PASSWORD name=nginxpm-db value=somepass
/container envs add key=MYSQL_DATABASE name=nginxpm-db value=nginxpm
/container envs add key=MYSQL_USER name=nginxpm-db value=myuser
/container envs add key=MYSQL_PASSWORD name=nginxpm-db value="somepass"
/container add envlist=nginxpm-app interface=veth1-nginxpm-app logging=yes mounts=nginxpm-app-data,nginxpm-app-letsencrypt remote-image=jc21/nginx-proxy-manager:latest
/container add envlist=nginxpm-db interface=veth2-nginxpm-db logging=yes mounts=nginxpm-db-mysql remote-image=jc21/mariadb-aria
"/container/" is not on on an external storage - it's a directory which gets created by routeros when creating the containers on the built-in storage.
since the last 2 updates (from 7.6beta4->7.6beta6, and beta7.6beta6->7.6beta7), I made sure to completely rebuild the containers when I noticed the permissions problem. That means I deleted all the container instances, envlists and mountpoints config, and the whole /containers directory, and started over. But that didn't help.
So I'm not too sure why I seem to be the only person still experiencing this issue. Maybe something's wrong with my CHR's filesystem ? Why does it only break on update though?
I have a ticket open, SUP-92866. Hoping for the best.. & Sorry for flooding the thread a bit with my complaint xD
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 12:27 pm

Any reason why you're not setting a root-dir for your containers? where do they get created?
Post an output of /file/print
 
fragtion
Member Candidate
Member Candidate
Posts: 203
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 12:54 pm

Any reason why you're not setting a root-dir for your containers? where do they get created?
Post an output of /file/print
Yeah I'm wondering if that might not be the cause. RouterOS generates a random ID & root-dir automatically, which I assumed was by design. This is retained after the upgrade, but perhaps there's an issue with permissions if root-dir isn't manually specified like you say?
[admin@chr] > /file/print
Columns: NAME, TYPE, SIZE, CREATION-TIME
# NAME TYPE SIZE CREATION-TIME
0 supout.rif .rif file 614.5KiB sep/20/2022 03:54:34
1 us2.rsc script 43.8KiB aug/30/2022 08:08:55
2 8771505e-94ad-41a8-b2e6-9ba67a2dcd05 container store sep/19/2022 08:16:06
3 8a21452c-17d5-4b41-b688-ae88797ceb13 container store sep/19/2022 08:14:46

4 container directory sep/19/2022 08:16:15
5 container/nginxpm-app directory sep/19/2022 08:16:06
6 container/nginxpm-app/data container store sep/19/2022 08:16:06
7 container/nginxpm-app/letsencrypt container store sep/20/2022 04:16:28
8 container/nginxpm-db directory sep/19/2022 08:16:15
9 container/nginxpm-db/mysql container store sep/19/2022 08:16:18
[admin@chr] >
The bold lines represent the automatically generated root dirs
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 1:01 pm

Nah, doubt it, I thought they might interfere with your mounts but it doesn't seem to be the case. I'll try testing AdGuardHome in a CHR and see what I come up with.
But since it's a CHR can't you add to it another disk for containers?
 
fragtion
Member Candidate
Member Candidate
Posts: 203
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 1:17 pm

Nah, doubt it, I thought they might interfere with your mounts but it doesn't seem to be the case. I'll try testing AdGuardHome in a CHR and see what I come up with.
But since it's a CHR can't you add to it another disk for containers?
It's an actual cloud-hosted CHR which comes with 50GB disk included the package (plenty enough for some small containers without needing to add another disk which I'd have to pay more for)...

*But* support have just gotten back to me with good news! -- "Thank you for the report! We have managed to reproduce the issue locally in our labs and look forward to fixing it on upcoming RouterOS versions, unfortunately, I cannot provide a release date now. Best regards," -- So hopefully we can put this one to rest now ;) Thanks for all the suggestions & feedback
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 1:53 pm

So I'm not too sure why I seem to be the only person still experiencing this issue.
You are not the only one having this problem. I already write about every release about it.
AdGuardHome has the same problem.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 2:04 pm

[...]
*But* support have just gotten back to me with good news! -- "Thank you for the report! We have managed to reproduce the issue locally in our labs and look forward to fixing it on upcoming RouterOS versions, unfortunately, I cannot provide a release date now. Best regards," -- So hopefully we can put this one to rest now ;) Thanks for all the suggestions & feedback
Nice, I've managed to reproduce it too in the meantime.
I've installed CHR 7.6beta6, resized the main disk, installed AdGuardHome, upgraded to 7.6beta7 -> problem.
I've installed CHR 7.6beta6, added an extra disk, installed AdGuardHome on the 2nd disk, upgraded to 7.6beta7 -> ok.
So yes there still is a bug when you run containers on internal storage, probably same thing @tpedko is experiencing on his RB4011.
I don't have any MikroTik router with enough internal storage to sacrifice for a test.
Yes it's a problem with CHR instances, but with actual routers you SHOULD NOT run containers on their internal memory, as if the warning on the documentation page isn't enough.
 
tpedko
just joined
Posts: 21
Joined: Wed May 22, 2019 9:58 am

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 2:18 pm

Yes it's a problem with CHR instances, but with actual routers you SHOULD NOT run containers on their internal memory, as if the warning on the documentation page isn't enough.
On 5009 the same problem.
I think they can't fix the problem and that's why the documentation has a warning.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 2:24 pm

No, the documentation has a warning so that you don't wear out the internal memory with container garbage and then cry that your router died too soon.
This bug regarding mount permissions was recently fixed in 7.6beta4 but it only applies to containers sitting outside of the internal memory, it seems. It'll get fixed, like the reply that @fragtion posted above says.
The warning that you shouldn't put garbage on your internal precious memory will always be there.
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 152
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.6beta [testing] is released!

Tue Sep 20, 2022 8:23 pm


No! The uptime is ticking but it still displays fake information when a winbox "sessions" screen is open!
The uptime continues to tick up even when the session has been closed or failed.
Seeing the same, Session dropped after a few minutes, and nothing helps restoring the session, have to reboot the router
I don't have this issue, using CCR2216 with 58 bgp peers...sessions are stable...
 
dg1kwa
just joined
Posts: 13
Joined: Tue Aug 17, 2010 12:32 pm
Location: Monheim

Re: v7.6beta [testing] is released!

Thu Sep 22, 2022 5:57 pm

DOM/DDM on my RB760iGS still not work.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 1:05 pm

What's new in 7.6beta8 (2022-Sep-21 09:20):

Important note!!!

Version not recommended on TILE and RB5009 devices if MACsec is used;

Changes in this release:

*) bgp - added support for BGP advertisement displaying (CLI only);
*) certificate - fixed SHA1 certificate name lookup;
*) dhcpv4-server - fixed matcher functionality;
*) ethernet - added "5Gbps" option for speed setting;
*) firewall - fixed usage of "netmap" action for IPv6 source NAT (CLI only);
*) lte - added periodic IPv6 RS to trigger IPv6 adress acquisition for non-MBIM modems;
*) macsec - fixed interface after Ethernet link down;
*) macsec - fixed interface statistics and missing properties;
*) macsec - fixed interface status;
*) macsec - fixed multiple interface creation on different Ethernet ports
*) macsec - removed interface from SMIPS devices;
*) ospf - added SHA hashing for authentication;
*) queue - improved stability for CAKE type queues;
*) snmp - improved retrieval of routing related OID's;
*) sstp - added IPv6 support (CLI only);
*) switch - improved traffic forwarding at 5Gbps rate for 98DX8525, 98DX4310 switches;
*) tile - improved system stability when processing packets;
*) webfig - fixed hex input for "Host Uniq" field;
*) winbox - added "Active" prefix for current remote and local session ID fields for L2TP-Ether interfaces;
*) winbox - added "address-list" parameter under "IP/DNS/Static" menu;
*) winbox - added MACsec support;
*) winbox - added "type" and "status-report-request" parameters under "Tools/SMS" menu;
*) winbox - changed "uptime" parameter format when using the wifiwave2 package;
*) wireless - disallowed using "default" as scan list or channel names;
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6776
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 1:07 pm

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
 
holvoetn
Forum Guru
Forum Guru
Posts: 1627
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 1:19 pm

Q:
*) wireless - disallowed using "default" as scan list or channel names

What is this specifically about ?
How does this relate to Connect List ?
 
holvoetn
Forum Guru
Forum Guru
Posts: 1627
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 2:07 pm

Q:
*) wireless - disallowed using "default" as scan list or channel names

What is this specifically about ?
How does this relate to Connect List ?
OK, you can drop this question.
Completely unrelated.
 
rafaeltdk
just joined
Posts: 17
Joined: Fri Feb 15, 2013 3:52 pm

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 2:12 pm

/stats/adverts menu, feedback, and suggestions are welcome.
Need adverts prefix send peer bgp
 
dg1kwa
just joined
Posts: 13
Joined: Tue Aug 17, 2010 12:32 pm
Location: Monheim

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 2:21 pm

DOM/DDM on my RB760iGS still not work.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1122
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 2:27 pm

DOM/DDM on my RB760iGS still not work.
Is there any fix mentioned in the changelog and it doesn't work?
 
buset1974
Frequent Visitor
Frequent Visitor
Posts: 79
Joined: Wed Sep 13, 2006 12:12 pm
Location: Jakarta

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 3:02 pm

BGP VRF MPLS L3 (PE-CE) in v7.6 beta7
still having problem with routing propagation.
route sent from PE did not propagate correctly to Other PE's, missing AS-PATH

capture-7.6beta7.jpg

thx
This problem still exist in 7.6beta8

thx
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6776
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 3:34 pm

Need adverts prefix send peer bgp
what do you mean exactly?
 
rpingar
Long time Member
Long time Member
Posts: 591
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 4:02 pm

Need adverts prefix send peer bgp
what do you mean exactly?
I think it says that the advertisment to peer of the prefix is very slow when there is an huge rotuing table.
In my cases it need 3/4h to send all the advertised prefix.

several supouts (about several 7.6bx) sent for ticket 81652 e 86404


regards
Ros
 
User avatar
loloski
Member Candidate
Member Candidate
Posts: 167
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 4:08 pm

[admin@R2] > /interface/macsec/print detail 
Flags: I - inactive, X - disabled, R - running 
 0 R name="macsec1" interface=ether2 status="open-encrypted" 
     cak=5509eb30c8515ad7e383f52a7d612e6c 
     ckn=6cbda7b285ddf825a8db1659995d87c43cc11b36a3727f10f4388cd4d7344b85 
     profile=default 
[admin@R2] > ping 10.10.10.1
  SEQ HOST                                     SIZE TTL TIME       STATUS        
    0 10.10.10.1                                 56  64 2ms294us  
    1 10.10.10.1                                 56  64 2ms421us  
    2 10.10.10.1                                 56  64 2ms846us  
    sent=3 received=3 packet-loss=0% min-rtt=2ms294us avg-rtt=2ms520us 
   max-rtt=2ms846us 

[admin@R2] > 
macsec basic test working
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 4:13 pm

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
We need both the advertised and the received number of routes.
 
dg1kwa
just joined
Posts: 13
Joined: Tue Aug 17, 2010 12:32 pm
Location: Monheim

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 4:50 pm

no, but still not work since upgrade from ROS 6 .. long time allready :(
DOM/DDM on my RB760iGS still not work.
Is there any fix mentioned in the changelog and it doesn't work?
 
Azma
newbie
Posts: 40
Joined: Sat Sep 27, 2014 8:10 am

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 5:28 pm

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
What is adverts? advertisement? i would prefer the name similar with v6, "advertisements".
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 8942
Joined: Tue Feb 25, 2014 12:49 pm
Location: 🇮🇹, my 💔 is in 🇺🇦

Re: v7.6beta [testing] is released!

Fri Sep 23, 2022 7:30 pm

CR2116-12G-4S+ originally netinstaleld with 7.6beta7, update via drag&drop file from 7.6beta7 to 7.6beta8 without problem.
No config lost.

Unreported FIXs:
*) On CCR2116-12G-4S+ with S-31DLC20D now do not need everytime manual disable/enable the sfp interface when reboot the router.
*) On CCR2116-12G-4S+ the S-31DLC20D now correctly support Auto Negotiation.

BUG:
Upgrade RouterBOOT require everytime dual boot.
(temporary fix: extract right firmware with 7-zip from .npk, and upgrade the BIOS before reboot for upgrade the OS)
✂ Rextended Fragments of Snippets

Vld4UmVHUkdhelJUTTJzOQ==
 
User avatar
Andrew162
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Thu Mar 25, 2021 9:40 am

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 12:27 am

My CCR2116 is unable to update to this version, there's nothing in the logs, 42MB free diskspace. It downloads the 7.6beta4 image, reboots and comes up again with version 7.5.
2-Partition setup, user-manager and zerotier extra packages are installed.
I got RB3011UiAS-RM
it also got 128MB memory only but i update almost always to latest "testing" version without any problem
I can suggest bu your mikrotik and zero IT tottaly

You can also update it from other mikrotik
They release couple of days ago on youtube movie how to do that.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 8942
Joined: Tue Feb 25, 2014 12:49 pm
Location: 🇮🇹, my 💔 is in 🇺🇦

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 12:47 am

I can suggest bu your mikrotik and zero IT tottaly

You can also update it from other mikrotik
They release couple of days ago on youtube movie how to do that.
Okay, but on the issue of release don't write like this, it's incomprehensible,
and if he needs help he has to open his own topic, not to mix everything up here.
✂ Rextended Fragments of Snippets

Vld4UmVHUkdhelJUTTJzOQ==
 
rafaeltdk
just joined
Posts: 17
Joined: Fri Feb 15, 2013 3:52 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 4:11 am

Need adverts prefix send peer bgp
what do you mean exactly?
similar command /routing bgp> advertisements
 
rafaeltdk
just joined
Posts: 17
Joined: Fri Feb 15, 2013 3:52 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 4:13 am

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
We need both the advertised and the received number of routes.
YES
 
mducharme
Trainer
Trainer
Posts: 1747
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 5:20 am

I think they plan to put the received number of routes in /routing/bgp/sessions in the prefix-count field, which currently always reads 0.
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 152
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 8:12 am

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
Finally, this release help me a lot, bgp issue is resolved with this release...
 
rpingar
Long time Member
Long time Member
Posts: 591
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 10:35 am

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
Finally, this release help me a lot, bgp issue is resolved with this release...
we still have issue:
- 352 sessions
- 3 fullroute providders
- 10 routeservers

It starts after some minutes:
- drpping sessiong about holdtimer expire
- stop loading the routes from bigger provider
- very late adverstisment of our prefixes

I think there is a bottleneck in updating the main routing table by bgp.
regards
 
User avatar
spippan
Member Candidate
Member Candidate
Posts: 134
Joined: Wed Nov 12, 2014 1:00 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 12:23 pm

[admin@R2] > /interface/macsec/print detail 
Flags: I - inactive, X - disabled, R - running 
 0 R name="macsec1" interface=ether2 status="open-encrypted" 
     cak=5509eb30c8515ad7e383f52a7d612e6c 
     ckn=6cbda7b285ddf825a8db1659995d87c43cc11b36a3727f10f4388cd4d7344b85 
     profile=default 
[admin@R2] > ping 10.10.10.1
  SEQ HOST                                     SIZE TTL TIME       STATUS        
    0 10.10.10.1                                 56  64 2ms294us  
    1 10.10.10.1                                 56  64 2ms421us  
    2 10.10.10.1                                 56  64 2ms846us  
    sent=3 received=3 packet-loss=0% min-rtt=2ms294us avg-rtt=2ms520us 
   max-rtt=2ms846us 

[admin@R2] > 
macsec basic test working
finally. on which hardware did you test that?
 
User avatar
loloski
Member Candidate
Member Candidate
Posts: 167
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 12:35 pm

hapac2 -> hapac2 just for the sake of the test
 
arainbow
newbie
Posts: 30
Joined: Sat Sep 15, 2012 12:05 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 12:39 pm

Once one party reconnects, the network stops working.
You have to disable both ends and then enable both.

test between hap ac lite & hap ac2.
[admin@R2] > /interface/macsec/print detail 
Flags: I - inactive, X - disabled, R - running 
 0 R name="macsec1" interface=ether2 status="open-encrypted" 
     cak=5509eb30c8515ad7e383f52a7d612e6c 
     ckn=6cbda7b285ddf825a8db1659995d87c43cc11b36a3727f10f4388cd4d7344b85 
     profile=default 
[admin@R2] > ping 10.10.10.1
  SEQ HOST                                     SIZE TTL TIME       STATUS        
    0 10.10.10.1                                 56  64 2ms294us  
    1 10.10.10.1                                 56  64 2ms421us  
    2 10.10.10.1                                 56  64 2ms846us  
    sent=3 received=3 packet-loss=0% min-rtt=2ms294us avg-rtt=2ms520us 
   max-rtt=2ms846us 

[admin@R2] > 
macsec basic test working
finally. on which hardware did you test that?
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 12:53 pm

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
The stats should be made available as part of /routing/bgp/session instead of as a separate menu. So it can be displayed as a column in the sessions window and on the stats tab of the detail window of a session.
 
elpeh
just joined
Posts: 3
Joined: Sun Oct 17, 2021 11:41 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 12:57 pm

[admin@R2] > /interface/macsec/print detail 
Flags: I - inactive, X - disabled, R - running 
 0 R name="macsec1" interface=ether2 status="open-encrypted" 
     cak=5509eb30c8515ad7e383f52a7d612e6c 
     ckn=6cbda7b285ddf825a8db1659995d87c43cc11b36a3727f10f4388cd4d7344b85 
     profile=default 
[admin@R2] > ping 10.10.10.1
  SEQ HOST                                     SIZE TTL TIME       STATUS        
    0 10.10.10.1                                 56  64 2ms294us  
    1 10.10.10.1                                 56  64 2ms421us  
    2 10.10.10.1                                 56  64 2ms846us  
    sent=3 received=3 packet-loss=0% min-rtt=2ms294us avg-rtt=2ms520us 
   max-rtt=2ms846us 

[admin@R2] > 
macsec basic test working
I tried on CRS328-24P-4S+ (7.6beta8) on an ethernet interface which is not part of a bridge, but get "Invalid slave interface". Any idea?
[user@host] /interface/macsec> print
Flags: I - inactive, X - disabled, R - running
 0 I ;;; Invalid slave interface
     name="macsec1" interface=e20__TEST status="invalid" cak=4d84367e465e28c63333eb9589f6ec70
     ckn=6cbda7b285ddf825a8db1659995d87c43cc11b36a3727f10f4388cd4d7344b85 profile=default
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 1:55 pm

@elpeh the slave interfaces have to be enabled and connected on both sides
 
User avatar
loloski
Member Candidate
Member Candidate
Posts: 167
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 2:05 pm

@arainbow

Yeah i notice that too, sometimes disabling both side and re-enable them doesn't work either the workaround is to change cak and ckn values on both side and reconnect :) but it's a progress maybe next beta would fix this, another thing i notice the macsec interface is not available if you want to make it as a trunk port at least in winbox
 
User avatar
loloski
Member Candidate
Member Candidate
Posts: 167
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 2:09 pm

@elpeh i don't have that kind of hardware you have so, i try CHR to CHR and hapac2 to hapac2 i can't reproduce your issue, i can only reproduce it when the interface is a member of an existing bridge hence the error or the macsec slave interface is offline
Last edited by loloski on Sat Sep 24, 2022 3:24 pm, edited 1 time in total.
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 2:29 pm

what I don't understand is why the MTU is reduced by 32 bytes when using macsec. The 802.1AE header + ICV are injected into the ethernet frame. Sure your L2MTU needs to be large enough to fit the additional 32 bytes, but the MTU should stay the same.. Maybe I'm wrong but it doesn't make sense to me.
45  R  macsec1         macsec             1468                    DC:2C:6E:D6:AB:52
 
elpeh
just joined
Posts: 3
Joined: Sun Oct 17, 2021 11:41 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 5:52 pm

@elpeh the slave interfaces have to be enabled and connected on both sides
Thanks, yes: made some mistake while testing remotely (and also can confirm the reenabling is necessary on both sides)
 
elpeh
just joined
Posts: 3
Joined: Sun Oct 17, 2021 11:41 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 5:55 pm

what I don't understand is why the MTU is reduced by 32 bytes when using macsec. The 802.1AE header + ICV are injected into the ethernet frame. Sure your L2MTU needs to be large enough to fit the additional 32 bytes, but the MTU should stay the same.. Maybe I'm wrong but it doesn't make sense to me.
45  R  macsec1         macsec             1468                    DC:2C:6E:D6:AB:52
It's possible to set physical (ethernet) interface mtu to 1532. Haven't made any systematic bigger packets (or throughput) tests, yet (because of bridge problems), but at least effect on bridge/vlan actual-mtu is as expected.
 
elpeh
just joined
Posts: 3
Joined: Sun Oct 17, 2021 11:41 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 6:07 pm

7.6beta8 (between CRS328-24P-4S+ and hEX S): macsec and bridges... seems not ready yet:
It's possible to add macsec interface as port of bridge. But adding it as tagged (probably also untagged) interface in /interface/bridge/vlan[/code] is not working (interface name not accepted).
If I set pvid to my management VLAN ID (not 1), I can reach the "remote" (hEX S) system on ipv4 address configured for mgmt vlan interface.
BUT: test client on another port configured as mgmt vlan untagged cannot communicate successfully with macsec interface beeing the "uplink" in contrast to (other) ethernet link in a trunk configuration. --EDIT: have to recheck this after disabling vlan-filtering on both bridges.
As the setup is (a bit remote) no time yet for packet sniffing.
 
User avatar
spippan
Member Candidate
Member Candidate
Posts: 134
Joined: Wed Nov 12, 2014 1:00 pm

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 9:04 pm

test between hAP ac² and a CRS326-24G-2S+
macsec connection works

adding to the bridge also works (not hardware offloaded, as i thought it would be anyway)
but at the moment one is not able to select it in the bridge -> vlan menu as a tagged or untagged port (only via PVID settings as untagged)
You do not have the required permissions to view the files attached to this post.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6776
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 9:48 pm

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
The stats should be made available as part of /routing/bgp/session instead of as a separate menu. So it can be displayed as a column in the sessions window and on the stats tab of the detail window of a session.
not really sure how do you imagine showing, for example, a list of 100 advertised prefixes in the session menu.
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1643
Joined: Fri Aug 10, 2012 6:46 am
Location: Denver, CO USA
Contact:

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 10:01 pm

not really sure how do you imagine showing, for example, a list of 100 advertised prefixes in the session menu.

I'm really excited this is finally done so thanks for getting it in the code. I do, however agree with pe1chl that it should probably be moved to something like:

/routing/bgp/session/advertisements/print where session=bgp_peer_name

or

/routing/route/advertisements/print where belongs-to=system_name_for_bgp_peer

With an output format more like /routing/route

If you use MikroTik routers to sell transit, run an IX or otherwise send full tables and need to verify a large number of advertisements, the current output format will make that operationally much harder.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6776
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.6beta [testing] is released!

Sat Sep 24, 2022 10:08 pm

the main reason why it is not in the BGP submenu, is because the adverts will be able to show advertisements also from other publishers, not just a BGP peers.
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1643
Joined: Fri Aug 10, 2012 6:46 am
Location: Denver, CO USA
Contact:

Re: v7.6beta [testing] is released!

Sun Sep 25, 2022 2:00 am

Then it seems like it would make sense to put all advertised routes in /routing/route/advertisements and use existing flags to identify what protocol is advertising the route.

That would match the behavior of /routing/route since it already knows about all learned routes
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Sun Sep 25, 2022 11:56 am

the main reason why it is not in the BGP submenu, is because the adverts will be able to show advertisements also from other publishers, not just a BGP peers.
Then at least there should be a linked version of that same field in the BGP sessions stats.
(implemented internally not as a copy but as a link between the session and the advertisements from that session)
It is one special case of the general deficiency in the monitoring of the BGP sessions in RouterOS v7. This should be improved so there is again an overview of the session status of all BGP peers in a single table, which is auto-refreshed in winbox.
And of course this time effort should be made as well to make it available via SNMP.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Sun Sep 25, 2022 11:58 am



The stats should be made available as part of /routing/bgp/session instead of as a separate menu. So it can be displayed as a column in the sessions window and on the stats tab of the detail window of a session.
not really sure how do you imagine showing, for example, a list of 100 advertised prefixes in the session menu.
It could at least have the "count" field (number of advertised routes). And then a subcommand (button) to show the list.
 
noradtux
just joined
Posts: 24
Joined: Mon May 24, 2021 6:33 pm

Re: v7.6beta [testing] is released!

Sun Sep 25, 2022 1:09 pm

Then it seems like it would make sense to put all advertised routes in /routing/route/advertisements and use existing flags to identify what protocol is advertising the route.

That would match the behavior of /routing/route since it already knows about all learned routes
I like that idea, that is one place where I would intuitively look for this. Also (please correct me if I am wrong) the verb "show" isn't used anywhere else. It took me a moment to notice that "print" would not show me the advertisements.
 
rafaeltdk
just joined
Posts: 17
Joined: Fri Feb 15, 2013 3:52 pm

Re: v7.6beta [testing] is released!

Sun Sep 25, 2022 10:38 pm



not really sure how do you imagine showing, for example, a list of 100 advertised prefixes in the session menu.
It could at least have the "count" field (number of advertised routes). And then a subcommand (button) to show the list.
yes yes
 
User avatar
soulflyhigh
Member Candidate
Member Candidate
Posts: 179
Joined: Wed Sep 08, 2010 11:20 am

Re: v7.6beta [testing] is released!

Mon Sep 26, 2022 9:36 am

*) radius - require "policy" policy for "login" service configuration;
Nooo.... 😥😥😥
Unfortunately you have noticed it...
I have always used it to scale permissions and become an administrator even in RouterBOARD which I did not have administrative access...

Now than the pandora box is open, please add this critical security fix also on 7.5, 6.48.6 and 6.49.6...
What does this exactly mean?
Could someone with just "reboot, read, winbox, web" policies, authenticated through radius, escalate its policies to full admin status?

Regards,
M.
 
Kaldek
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Sat Jul 11, 2015 2:40 pm

Re: v7.6beta [testing] is released!

Mon Sep 26, 2022 3:55 pm

*) wireless - fixed incorrectly applied ingress priority to non-wireless packets;
Can someone please explain what symptoms this fixed? I've had some seriously messed up WiFi performance lately (down to 12Kbs even though the MCS rate is 400Mbs) for one of my SSIDs on one of my cAP ac units. 7.6beta8 seems to have fixed it but I note this particular item was in beta6.
Last edited by Kaldek on Tue Sep 27, 2022 2:11 am, edited 1 time in total.
 
hecatae
Member Candidate
Member Candidate
Posts: 209
Joined: Thu May 21, 2020 2:34 pm

Re: v7.6beta [testing] is released!

Mon Sep 26, 2022 5:31 pm

Not sure what has changed but had to reset my Chateau LTE12 after upgrading to beta8, the LTE interface would not initialize.
*) lte - added periodic IPv6 RS to trigger IPv6 adress acquisition for non-MBIM modems;

EE UK Connection, both ipv6 and ipv4 available.
 
User avatar
nithinkumar2000
Member Candidate
Member Candidate
Posts: 148
Joined: Wed Sep 11, 2019 7:42 am
Location: Coimbatore
Contact:

Re: v7.6beta [testing] is released!

Mon Sep 26, 2022 6:22 pm


*) bgp - added support for BGP advertisement displaying (CLI only);
Excellent Feature... Most Required and awaited Feature
 
ChrisCCC
just joined
Posts: 20
Joined: Thu Apr 07, 2016 7:28 pm

Re: v7.6beta [testing] is released!

Mon Sep 26, 2022 8:41 pm

Are you able to clarify what issue the below is resolving?

*) tile - improved system stability when processing packets;

Many thanks.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2023
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: v7.6beta [testing] is released!

Thu Sep 29, 2022 5:05 am

New /routing/stats/adverts menu, feedback, and suggestions are welcome.
The syntax in general is not very fluid, you cant just "follow your nose" and get the information you need, you have to actually know what you are looking for and where to find it. I agree with Kevin's feedback about an improved syntax.

The adverts "show" format is quite verbose. It would be nice if the default output was a simple list of the prefixes that are advertised, and the "detailed" output gave the verbose result (Like how it was in RouterOS v6)
Mikrotik MTCNA, MTCRE, MTCINE
http://thebrotherswisp.com/
 
Guntis
MikroTik Support
MikroTik Support
Posts: 96
Joined: Fri Jul 20, 2018 1:40 pm

Re: v7.6beta [testing] is released!

Thu Sep 29, 2022 8:39 am

*) tile - improved system stability when processing packets; - fixes a kernel crash that can happen in some fringe scenarios.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Thu Sep 29, 2022 10:31 am


*) bgp - added support for BGP advertisement displaying (CLI only);
Excellent Feature... Most Required and awaited Feature
For me, the most required and awaited feature definately is BFD. But it is a work in progress. For over a year, now.
 
ChrisCCC
just joined
Posts: 20
Joined: Thu Apr 07, 2016 7:28 pm

Re: v7.6beta [testing] is released!

Thu Sep 29, 2022 3:22 pm

*) tile - improved system stability when processing packets; - fixes a kernel crash that can happen in some fringe scenarios.

Thanks Guntis. Do you have any details on what these fringe scenarios are? We've had some kernel panics running 7.5 on TILE, so would be good to know if these could be related.
 
mmee
just joined
Posts: 6
Joined: Sat Aug 28, 2021 8:30 am
Location: Estonia

Re: v7.6beta [testing] is released!

Thu Sep 29, 2022 3:45 pm

Soooo.......
Question.
/system/device-mode/print 
            mode: enterprise
[...]
            l2tp: no
[...]

/interface/l2tp-server/export verbose
/interface l2tp-server server
# inactivated, not allowed by device-mode
[...] enabled=no [...]

/log/print
05:46:01 l2tp,info first L2TP UDP packet received from x.y.x.z
05:46:02 l2tp,info first L2TP UDP packet received from x.y.z.x
l2tp is disabled via setting and via device-mode, how is it listening?

The same thing happens to me on 7.5 stable (HW: RB4011iGS+5HacQ2HnD). Have you found what is causing this?
[admin@MikroTik] /interface/l2tp-server/server> print
                 enabled: no
Log:
 sep/24 04:53:34 l2tp,info first L2TP UDP packet received from 146.88.240.4
 sep/24 05:50:50 l2tp,info first L2TP UDP packet received from 154.89.5.92
 sep/24 05:50:51 l2tp,info first L2TP UDP packet received from 154.89.5.75
 sep/25 04:49:04 l2tp,info first L2TP UDP packet received from 146.88.240.248
 sep/25 04:59:09 l2tp,info first L2TP UDP packet received from 146.88.240.4
 sep/26 04:54:05 l2tp,info first L2TP UDP packet received from 146.88.240.4
 sep/27 04:47:15 l2tp,info first L2TP UDP packet received from 146.88.240.4
 sep/28 04:57:33 l2tp,info first L2TP UDP packet received from 146.88.240.4
 sep/28 15:06:49 l2tp,info first L2TP UDP packet received from 154.89.5.92
 04:54:51 l2tp,info first L2TP UDP packet received from 146.88.240.248
 04:57:07 l2tp,info first L2TP UDP packet received from 146.88.240.4
 
User avatar
ZeeBOB
just joined
Posts: 8
Joined: Tue Mar 27, 2012 2:08 pm

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 3:53 am

WinBox/WebFig 'prefix count' for BGP sessions is still 0, but looks OK in CLI - 7.6beta8
 
prawira
Trainer
Trainer
Posts: 348
Joined: Fri Feb 10, 2006 5:11 am

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 5:49 am

dear emils,
is there any plan to put recursive via or similar on /ip route or perhaps on /routing route for recursive condition ?
 
rpingar
Long time Member
Long time Member
Posts: 591
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 7:15 am

WinBox/WebFig 'prefix count' for BGP sessions is still 0, but looks OK in CLI - 7.6beta8
where did you see them in CLI?

regards
 
User avatar
ZeeBOB
just joined
Posts: 8
Joined: Tue Mar 27, 2012 2:08 pm

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 7:19 am

moderator note: do not quote preceding post, use "Post Reply"
/routing/stats/adverts print
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 4:27 pm

What's new in 7.6beta10 (2022-Sep-29 20:02):

Important note!!!

Version is not recommended for devices where VXLAN interfaces are already configured.

Changes in this release:

*) bgp - improved session establishment speed after bootup;
*) bonding - fixed ARP monitor packets with bond's MAC address;
*) bonding - improved interface stability on slave configuration changes;
*) bonding - reduce "actual-mtu" according to interface "l2mtu";
*) capsman - fixed RADIUS accounting when EAP is used;
*) certificate - improved certificate management, signing and storing processes;
*) dhcpv4-server - fixed RADIUS accounting for local leases;
*) dns - added "match-subdomain" option for static entries (CLI only);
*) interface - added warning when interface has configured "mtu" higher than "l2mtu";
*) ipsec - added "invalid-packets" counter for Installed SA's menu;
*) ipsec - fixed packet processing by hardware encryption engine on MMIPS devices;
*) lte - added periodic IPv6 RS to trigger IPv6 adress acquisition for non-MBIM modems;
*) lte - added support to perform FOTA upgrade from local file for EG12-EA, EG18-EA, RG502Q-AE, EG06-A, EP06-A modems;
*) lte - fixed re-attaching on PS detach for MBIM modems;
*) macsec - added configuration support with VLAN, ARP, DHCP and bridge tagging/untagging;
*) macsec - added logging support with "debug" and "dot1x" topics;
*) macsec - added support for MTU and L2MTU;
*) macsec - improved interface stability;
*) macsec - improved system stability for TILE and RB5009 devices;
*) mac-telnet - respect interface MTU setting when sending packets for MAC-Telnet and MAC-WinBox;
*) ospf - fixed transmit of LSA/ACK's on p2p interfaces;
*) ovpn - added IPv6 support;
*) ovpn - added VRF support for client;
*) ppp - improved service stability when multiple users disconnect simultaneously;
*) qsfp - added interface temperature warnings and shutdown;
*) rip - fixed passwordless MD5 authentication;
*) route-filter - fixed filtering for multiple community routes;
*) route-filter - fixed memory allocation when moving entries;
*) routerboard - return router's short name in "model" parameter;
*) serial - added support for newer PL2303 serial controllers;
*) sstp - added VRF support for client;
*) supout - added tr069-client section;
*) supout - removed duplicate "bridge-controller" section;
*) user-manager - use "Class" attribute to associate user's accounting session;
*) vxlan - added IPv6 support for remote VTEPs (only IPv4 or IPv6 will be used at the same time, use "vteps-ip-version" property on VXLAN interface to change the version);
*) webfig - fixed unsetting of "endpoint-address" parameter under "WireGuard/Peers" menu;
*) winbox - added icon for TR069-client menu;
*) winbox - added "L3 HW Settings" under "Switch" menu;
*) winbox - added quick filtering option for route list;
*) winbox - added "Reset Traffic Counters" button for all interfaces;
*) winbox - added "to-ports" and "to-addresses" parameters for "netmap" action under "IPv6/Firewall/NAT" menu;
*) winbox - changed "uptime" parameter format when using the wifiwave2 package;
*) winbox - do not show unavailable features on SMIPS devices;
*) winbox - fixed maximum allowed value for VRRP's "priority" parameter;
*) winbox - fixed "Session Uptime" value under "Routing/BGP" menu;
*) winbox - show "F" flag for failed entries under "Interfaces/VRRP" menu;
*) winbox - show "System/Health" only on boards that have health monitoring;
*) wireless - fixed missing wireless interface on some RB921GS-5HPacD devices;
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 4:49 pm

/routing/stats/adverts print
That shows the number of advertised prefixes, not the "prefix count" (= the number of RECEIVED prefixes)!
 
buset1974
Frequent Visitor
Frequent Visitor
Posts: 79
Joined: Wed Sep 13, 2006 12:12 pm
Location: Jakarta

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 7:29 pm

BGP VRF MPLS L3 (PE-CE) in v7.6 beta7
still having problem with routing propagation.
route sent from PE did not propagate correctly to Other PE's, missing AS-PATH

capture-7.6beta7.jpg

thx
When will you fix this BGP issue?
How many longer we should wait?
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 8:12 pm

Please add source-ip parameter to vtep config, currently it's a big mess when using loopback addresses as remote endpoints.
 
User avatar
Seán
just joined
Posts: 16
Joined: Mon Jun 22, 2020 12:24 pm
Location: Ireland
Contact:

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 8:42 pm

This beta10 version is giving me DNS issues with certain domains such as Amazon and YouTube with MikroTik Chateau 5G. In the Winbox Terminal, the DNS look-up gives strange errors about invalid MAC and IPv6 addresses (my ISP Three Ireland is IPv4 only). This issue also occurs when I use the Google DNS 8.8.8.8 in RouterOS:

These DNS lookups resolve again after a reboot or DNS flush, however, the issue returns a few minutes later such as shown in the following screenshot.
RouterOS 7.6beta10 DNS problem.png
I did not have this issue with Router v7.6beta6 (the last version before updating). I downgraded RouterOS to v7.5 and this issue no longer occurs.
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 10:23 pm

This beta10 version is giving me DNS issues with certain domains such as Amazon and YouTube
Indeed! The DNS resolver is broken. Please fix ASAP!
 
LynxChaus
newbie
Posts: 29
Joined: Tue Jul 08, 2014 2:24 pm

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 11:09 pm

What's new in 7.6beta7 (2022-Sep-16 09:27):

...
*) ospf - fixed checksum calculation;
...
Great. No more messages about wrong checksum, but 7.6beta10 can't establish sessions with multiple neighbors in one broadcast domain.
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.6beta [testing] is released!

Fri Sep 30, 2022 11:36 pm

@Seán in case you want to upgrade to beta10 again, please post the output of :put [:resolve smile.amazon.co.uk] when this error occurs
 
elpeh
just joined
Posts: 3
Joined: Sun Oct 17, 2021 11:41 pm

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 12:02 am

moderator note: do not quote preceding post, use "Post Reply"
Able to reproduce this with 7.6beta10 on RB4011iGS+
[user@host] > :put [:resolve smile.amazon.co.uk]
failure: dns name exists, but no appropriate record
Not able to test for longer systematically, but I see that smile.amazon.co.uk is a CNAME to CNAME configuration.
 
killersoft
Member Candidate
Member Candidate
Posts: 221
Joined: Mon Apr 11, 2011 2:34 pm
Location: Victoria, Australia

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 2:13 am

Happy to report MACSEC on v7.6 beta 10 on CHR is now working and passing IP....
Excellent work...

Now for VLAN's over MACSEC ...
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3081
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 9:07 am

Installed a CHR router 7.6 beta10 with out any config other than default, there DNS works.
  MMM      MMM  III  KKK  KKK  RRR  RRR   OOOOOO      TTT     III  KKK  KKK

  MikroTik RouterOS 7.6beta10 (c) 1999-2022       https://www.mikrotik.com/

Press F1 for help



[jadmin@MikroTik] > :put [:resolve smile.amazon.co.uk]
13.227.220.211
[admin@M-7.6b10] > 
[admin@M-7.6b10] > /export
# oct/01/2022 06:08:55 by RouterOS 7.6beta10
# software id = 
#
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
/ip dhcp-client
add interface=ether1
/system identity
set name=M-7.6b10
[admin@M-7.6b10] > 
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 11:40 am

Able to reproduce this with 7.6beta10 on RB4011iGS+
[user@host] > :put [:resolve smile.amazon.co.uk]
failure: dns name exists, but no appropriate record
Not able to test for longer systematically, but I see that smile.amazon.co.uk is a CNAME to CNAME configuration.
That could be the trigger for the problem, it is difficult to debug. I have used the MikroTik resolver for my guest and IoT networks all the time, and from the update to beta10 it suddenly causes obscure errors on my TV, like some apps no longer working. It can well be that especially those content delivery services use CNAME to CNAME to A chains!
It is a nasty problem as it seems that Android TV implicitly queries the gateway address for DNS, or maybe it remembers a previous DNS server address.
I have changed the DHCP service to return my ISP DNS addresses instead of the MikroTik address as it did before, but the TV keeps querying my MikroTik although in the network information screen it properly lists the DNS servers on internet... I had to disable remote requests in the MikroTik DNS to make it work again.
 
depth0cert
just joined
Posts: 8
Joined: Thu Sep 08, 2022 11:03 pm

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 1:17 pm

What's new in 7.6beta10 (2022-Sep-29 20:02):
*) certificate - improved certificate management, signing and storing processes;
The problem was solved in ticket SUP-92054 with release 7.6beta8.
But in version 7.6beta10 it is reproduced again, ticket SUP-93928. Please, fix it again.
unable to get local issuer certificate(20) at depth:0 cert
 
elpeh
just joined
Posts: 3
Joined: Sun Oct 17, 2021 11:41 pm

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 1:24 pm

Happy to report MACSEC on v7.6 beta 10 on CHR is now working and passing IP....
Excellent work...

Now for VLAN's over MACSEC ...
VLANs over MACSEC does work for me now (physical untagged port on A, tagged on MACSEC trunk between A and B - and further), throughput between hEX S (A) and CRS328-24P-4S+ (B) "is only" in the 30..35 Mbit/s regions both ways, though.

Seem to have problem with STP over MACSEC. Storm after enabling MACSEC to B and different physical link to D on A with RSTP on all bridged. No systematic further possible at the moment.

Lutz
 
gittubaba
newbie
Posts: 30
Joined: Thu May 31, 2018 5:55 pm

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 4:48 pm

after upgrading to beta10 dns is indeed broken. Interestingly DOH is not broken, so for now I'm using DOH. Problem is with cname dns entries.

Resolving www.youtube.com gives answer: CNAME youtube-ui.l.google.com.
Resolving youtube-ui.l.google.com you get IP addresses.

Now the TTL of www.youtube.com is higher, but TTL of youtube-ui.l.google.com is low. When you first resolv www.youtube.com you get both cname and ip addresses of youtube-ui.l.google.com in dns cache. Everything is working. But after a few minutes, youtube-ui.l.google.com expires, and all ip addresses of it are removed from dns cache. Now if you resolv www.youtube.com against mikrotik, it gives answer of only CNAME youtube-ui.l.google.com, without any ip addresses of youtube-ui.l.google.com itself. So browsers and clients don't get ip address for www.youtube.com and the dns lookup fails.

What should happen is when www.youtube.com is requested, and there is no ip addresses cached for youtube-ui.l.google.com, it should be queried again to upstream. But this doesn't happen in beta10.

Surprising it works as it should be when you are using DOH.
ip dns set use-doh-server=............
 
User avatar
disappointed
just joined
Posts: 10
Joined: Sun Jan 16, 2011 4:24 pm

Re: v7.6beta [testing] is released!

Sat Oct 01, 2022 11:59 pm

after upgrading to beta10 dns is indeed broken. Interestingly DOH is not broken, so for now I'm using DOH. Problem is with cname dns entries.
Confirm this behavior after updating to beta10.
 
User avatar
spippan
Member Candidate
Member Candidate
Posts: 134
Joined: Wed Nov 12, 2014 1:00 pm

Re: v7.6beta [testing] is released!

Sun Oct 02, 2022 1:27 pm

Happy to report MACSEC on v7.6 beta 10 on CHR is now working and passing IP....
Excellent work...

Now for VLAN's over MACSEC ...
VLANs over MACSEC does work for me now (physical untagged port on A, tagged on MACSEC trunk between A and B - and further), throughput between hEX S (A) and CRS328-24P-4S+ (B) "is only" in the 30..35 Mbit/s regions both ways, though.

Seem to have problem with STP over MACSEC. Storm after enabling MACSEC to B and different physical link to D on A with RSTP on all bridged. No systematic further possible at the moment.

Lutz
the poor performance i guess, is due to the limitations of the switch chips ("ASICs" - which there AFAIK are no real ASICs in most MTs)
i guess some marvell chips (98er...) are able to run near wirespeed with macsec

saw the same performance on 7.6beta8 (in and out of a bridge)
now in beta10 tagging is possible ... but still same "performance"
i think mikrotik is working on that issue
 
User avatar
spippan
Member Candidate
Member Candidate
Posts: 134
Joined: Wed Nov 12, 2014 1:00 pm

Re: v7.6beta [testing] is released!

Sun Oct 02, 2022 1:34 pm

winbox mac access (as well as /tools/mac-telnet ) is broken when bridge-port is in hybrid mode (PVID is also tagged)

for example:
/interface bridge port
add bridge=br0-LAN edge=yes fast-leave=yes interface=ether22-office point-to-point=no pvid=10 trusted=yes

/interface bridge vlan
add bridge=br0-LAN tagged=ether22-office  vlan-ids=10
as soon as i remove the tagging for VLAN 10 on ether22 mac-telnet/winbox mac access works for a client in VLAN10
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

Re: v7.6beta [testing] is released!

Mon Oct 03, 2022 9:18 am

Anyone experiencing DNS related issues with the latest release, please send us the supout.rif files to support@mikrotik.com from your devices. Try generating the file as soon as possible after a DNS resolution failed. Also let us know which exact domain name were you trying to resolve.
 
edvinsma
just joined
Posts: 10
Joined: Fri Mar 03, 2006 3:15 pm
Location: Riga, Latvia

Re: v7.6beta [testing] is released!

Mon Oct 03, 2022 10:31 am

Anyone experiencing DNS related issues with the latest release, please send us the supout.rif files to support@mikrotik.com from your devices. Try generating the file as soon as possible after a DNS resolution failed. Also let us know which exact domain name were you trying to resolve.
DNS problems occur when the CNAME TTL is greater than the A record TTL. When the A record expires, an error about resolving problem is received
mt-resolviong-erro.png
mt-resolviong.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3081
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.6beta [testing] is released!

Mon Oct 03, 2022 11:38 am

I do see the same.

1.
:put [:resolve youtube.com]
2.
:put [:resolve www.youtube.com]
3.
Wait until A record times out. (5 minutes, see in DNS Cache)
:put [:resolve www.youtube.com]
failure: dns name exists, but no appropriate record
PS Clean installed CHR with 7.6 Beta10. Just default config.
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Mon Oct 03, 2022 11:51 am

Anyone experiencing DNS related issues with the latest release, please send us the supout.rif files to support@mikrotik.com from your devices. Try generating the file as soon as possible after a DNS resolution failed. Also let us know which exact domain name were you trying to resolve.
That is usually not practical, because 1. these DNS entries have very low TTL values, like 10 or 30 seconds and 2. I usually do not know what domain name is being resolved.
I encounter this problem when I use the Viaplay app (a subscription-based streaming service) on a smart TV which uses the MikroTik resolver.
Fortunately I see that others have posted ways to reproduce it using only the router.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2282
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v7.6beta [testing] is released!

Mon Oct 03, 2022 12:02 pm

+ Netflix
Real admins use real keyboards so Make Forum Great Again. Post, Reply & Quote Smart.
 
nkourtzis
Member Candidate
Member Candidate
Posts: 213
Joined: Tue Dec 11, 2012 12:56 am
Location: Greece

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 12:28 am

Temporary workaround: set a max cache TTL less than that of the offending records (say, 10 seconds). They still DO NOT expire exactly at 10 seconds for some reason, but rather around 20 seconds, but they are refetched correctly when requested again.
 
User avatar
sirbryan
Frequent Visitor
Frequent Visitor
Posts: 59
Joined: Fri May 29, 2020 6:40 pm

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 8:59 am

moderator note: do not quote preceding mail, use "Post Reply"
How do you have the routers talking to each other? Is the BGP session using the IP's assigned to the link between the routers, or are the routers connected using OSPF between them with BGP sessions talking via loopback interfaces?

I have a 310 peered with RB5009's, but connected via OSPF over two VLAN interfaces directly to the 5009's and a third backup path and haven't seen this issue (yet).
 
User avatar
colinardo
just joined
Posts: 13
Joined: Sun Jan 08, 2017 9:02 pm

DOT1X Port Auth via Usermanager does not work anymore in CHR x86 image

Tue Oct 04, 2022 12:46 pm

In the current 7.6beta10 and also some versions before, DOT1X Server Auth via EAP Methods does not work anymore, testet in a CHR x86 image with clean config between to Mikrotik with current beta firmware, one acting as DOT1X server and one as client. MAC Auth works by the way, but sometimes with great delays. The counters of the Radius-Client are not increasing, when client tries to authenticate. Made a wireshark trace and can confirm that client traffic is received on server side, but the Mikrotik does not contact radius server, and also does not respond to EAP packets from client.The client stays in the "connecting" phase.

Can someone confirm?

Regards @colinardo
Last edited by colinardo on Tue Oct 04, 2022 1:33 pm, edited 3 times in total.
 
rpingar
Long time Member
Long time Member
Posts: 591
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 1:04 pm

about bgp issue about a lot of sessions and route.........
"Currently shared memory address space limit is 4GB, if all the routing processes reach this limit it will crash with out of address space.
We will raise the limit in the future, but it will take some time, because it is not so easy as just raising a counter."
:(((((((((((((((((((((((((((((((((((((((((((((
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1643
Joined: Fri Aug 10, 2012 6:46 am
Location: Denver, CO USA
Contact:

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 1:09 pm

4 Months Production with L3HW Offload on some 309, 317, 326 with ipv4 and (trying offload on beta) ipv6.
Running eBGP Private AS with 200-300 prefixes and some redundant links.
From 7.3.1 until 7.6beta10, still got issue if got some Fiber Cut or some bgp session down.
Prefixes still there, but traffic or ping are time out.

Solution is, manually disable l3hw on switch menu and enable again :(
Or put some netwatch on point-to-point link then execute script disable-enable l3hw when point-to-point links up or down.

Have you created a ticket with support for this? I ran into a similar type of situation with hw offload for NAT and MikroTik fixed it pretty quickly.
 
trcosta
just joined
Posts: 10
Joined: Wed Aug 15, 2018 7:57 pm

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 4:41 pm

possibly, I am facing a bug in CHR version 7.6beta10.
When I open "Sessions" tab of Routing/BGP menu and select a session and click "Refresh" and then refresh, session is stopped. The only way I found to bring session online again is rebooting the router.
 
rpingar
Long time Member
Long time Member
Posts: 591
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 4:51 pm

moderator note: do not quote preceding mail, use "Post Reply"
you may also "unstop" the session. It is a very old bug about v7
regards
 
pe1chl
Forum Guru
Forum Guru
Posts: 8858
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 4:55 pm

When I open "Sessions" tab of Routing/BGP menu and select a session and click "Refresh" and then refresh, session is stopped. The only way I found to bring session online again is rebooting the router.
Indeed it seems like a bug. You can get it running again by hitting the Clear button and then select "Stopped" from the list and the Clear button.
I think that this is a too convoluted way of clearing a stopped state. There should be an extra button like "Run" similar to the "Stop" that there is now.
 
User avatar
Amm0
Long time Member
Long time Member
Posts: 642
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 6:02 pm

Just found this bug:

/terminal/inkey with a timeout=Xs value hangs forever, instead of actually timing out.
e.g. `/terminal/inkey timeout=5s` should return after $timeout seconds (or sooner if a key is pressed)

Based on this forum posting below from @Seán in v7.4beta topic tracks with my experience since I know /terminal/inkey has worked in some V7 versions.:
The terminal inkey timeout parameter bug remains since reporting in the 7.4 beta release. This parameter worked fine up until v7.2.
For example, /terminal inkey timeout=5 does not timeout after 5 seconds and just waits endlessly for a key press.

While esoteric, this makes interactive input and "refreshing" output in RSC pretty difficult. Anyone else noticed this?
 
PackElend
Member Candidate
Member Candidate
Posts: 233
Joined: Tue Sep 29, 2020 6:05 pm

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 6:27 pm

Can anyone tell what is meant by
Certificate - improved....
Does it improve Let's encryptypted integration as well?
 
User avatar
spippan
Member Candidate
Member Candidate
Posts: 134
Joined: Wed Nov 12, 2014 1:00 pm

Re: v7.6beta [testing] is released!

Tue Oct 04, 2022 7:12 pm

When I open "Sessions" tab of Routing/BGP menu and select a session and click "Refresh" and then refresh, session is stopped. The only way I found to bring session online again is rebooting the router.
Indeed it seems like a bug. You can get it running again by hitting the Clear button and then select "Stopped" from the list and the Clear button.
I think that this is a too convoluted way of clearing a stopped state. There should be an extra button like "Run" similar to the "Stop" that there is now.
can confirm on 4 eBGP sessions (but since v7.5 anyways)
 
buset1974
Frequent Visitor
Frequent Visitor
Posts: 79
Joined: Wed Sep 13, 2006 12:12 pm
Location: Jakarta

Re: v7.6beta [testing] is released!

Wed Oct 05, 2022 8:51 am

possibly, I am facing a bug in CHR version 7.6beta10.
When I open "Sessions" tab of Routing/BGP menu and select a session and click "Refresh" and then refresh, session is stopped. The only way I found to bring session online again is rebooting the router.
i have the same experience, is it okay v7 call as stable version?

thx
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1078
Joined: Tue Oct 11, 2005 4:53 pm

Re: v7.6beta [testing] is released!

Wed Oct 05, 2022 10:27 am

I think that this is a too convoluted way of clearing a stopped state. There should be an extra button like "Run" similar to the "Stop" that there is now.
Yeap. It took me a while to figure it out.
Frankly, everything about the v7 BGP is needlessly convoluted.
Complete disappointment.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 898
Joined: Thu Dec 11, 2014 8:53 am

Re: v7.6beta [testing] is released!

Wed Oct 05, 2022 11:58 am

RouterOS v7.6rc1 has been released
viewtopic.php?t=189730

Who is online

Users browsing this forum: eworm and 8 guests