Community discussions

 
mducharme
Trainer
Trainer
Posts: 662
Joined: Tue Jul 19, 2016 6:45 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 02, 2018 6:44 pm

Reading is underrated, as statement to have 2x bridges on the same switch chip on RB2011 seemed too unrealistic, my brain didn't registered that, why the hell would you need setups like this, if you can have it all in one hw bridge/switch and configure port isolation?
I do not know why @vortex has this set up, but that is what he has -- three bridges in total on the device, one bridge on one switch chip and two bridges on the other.
 
SnakeSK
just joined
Posts: 16
Joined: Fri Mar 09, 2018 1:30 am

Re: v6.42.9 [long-term] is released!

Tue Oct 02, 2018 6:47 pm

Does this upgrade include the fix for the CCR-1072's that keep crashing when trying to run them at 1200Mhz ? (viewtopic.php?f=3&t=122525)
Did support@ tell you it should be fixed in this version? I can't see any signs of this in the topic. Also, this topic is for problems introduced in this version, not for some old problems — they should have separate topics.
if something is considered bugfix, it should be stable on all devices. He made a valid point, so please don´t be butthurt by his question. It definetely should´ve been patched in this release, as its a long term release.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8142
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.42.9 [long-term] is released!

Tue Oct 02, 2018 6:58 pm

if something is considered bugfix, it should be stable on all devices. He made a valid point, so please don´t be butthurt by his question. It definetely should´ve been patched in this release, as its a long term release.
The first message of the topic:
Please keep this forum topic strictly related to this concrete RouterOS release.
Also, in the topic mentioned, people can't answer simple questions, so I prefer they speak about nothing in that topic rather than flooding here.
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
vortex
Forum Veteran
Forum Veteran
Posts: 707
Joined: Sat Feb 16, 2013 6:10 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 02, 2018 7:43 pm

I figured out how to enable hardware acceleration, but I have to check at another time.
 
mblfone
just joined
Posts: 14
Joined: Sun Feb 02, 2014 2:22 am

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 4:34 am

Hello,

I am still confused about the layer 2 routing issue with this upgrade. I have a CCR1016-12G with which we use layer 2 routing. No switch button shows within Winbox. This router is also not listed in the Manual:Switch Chip Features article in the wiki. Although I can go to "/interface ethernet switch port" in the terminal, I don't believe setting changes will occur as I don't believe this router has a switch chip. I am assuming that upgrading should still go nicely?

Presently we add a VLAN interface with the VLAN ID to a bonded LACP interface which connects physically to our switch. IP address subnets are then added to the VLAN interfaces. No bridges are used at all in our present configuration.

I have a backup router and will probably try that first before committing fully to the 6.42.9 long term version.

Any thoughts or comments are appreciated!

Thanks.
 
User avatar
vecernik87
Member
Member
Posts: 352
Joined: Fri Nov 10, 2017 8:19 am

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 5:51 am

@mblfone: You should create separate topic about your routing/switching as it is unrelated to this RouterOS release.
Anyway shortly said - CCR1016-12G is router, not switch. It does not have switch chip so you cant see "switch" button and it can't be listed among other switches on "switch chip features" page. You can manage Layer 2 features via Bridge menu.
Due to that Bridge/switch changes will have no effect on your CCR.
Last edited by vecernik87 on Thu Oct 04, 2018 6:19 am, edited 1 time in total.
 
aidan
newbie
Posts: 27
Joined: Thu Jun 25, 2015 12:48 am

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 5:56 am

Hello,

I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured on Interface 1, without a DHCP server, or firewall policies (which leaves the router insecure and vulnerable to hacking when connected to the internet). Why was this changed?

Thank you.
 
User avatar
pcunite
Long time Member
Long time Member
Posts: 634
Joined: Sat May 25, 2013 5:13 am
Location: USA

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 5:59 am

I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured on Interface 1, without a DHCP server, or firewall policies (which leaves the router insecure and vulnerable to hacking when connected to the internet). Why was this changed?
I noticed this as well, threw me off at first, not that I use the default config. But I imagine this will effect others.
 
pe1chl
Forum Guru
Forum Guru
Posts: 4867
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 9:06 am

I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured on Interface 1, without a DHCP server, or firewall policies (which leaves the router insecure and vulnerable to hacking when connected to the internet). Why was this changed?
What type of router is that? The above has always been the default on the more enterprise-oriented CCR routers, the detailed config that you describe was always only on the smaller home-oriented routers.
 
feris
just joined
Posts: 10
Joined: Tue May 16, 2017 3:58 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 12:11 pm

I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured on Interface 1, without a DHCP server, or firewall policies (which leaves the router insecure and vulnerable to hacking when connected to the internet). Why was this changed?
What type of router is that? The above has always been the default on the more enterprise-oriented CCR routers, the detailed config that you describe was always only on the smaller home-oriented routers.
Just tested on RB750Gr3, 6.42.9 default configuration script just sets IP on ether1. Version 6.42.7 have full default configuration, fw, dhcp, bridge etc.
 
whatever
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Thu Jun 21, 2018 9:29 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 12:46 pm

How is it possible that I'm still able to login with my password after downgrading from 6.43.2 to 6.42.9?
I thought 6.43 changed the authentication API in order to be able to save passwords as hashes and not as plaintext. However, the fact that I'm still able to login after downgrade to 6.42 clearly indicates that the plaintext password file was not replaced/deleted and could still be extracted by future "read all files" security holes leading to the same exposure of passwords as just witnessed.
 
andriys
Forum Guru
Forum Guru
Posts: 1051
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 1:00 pm

... that the plaintext password file was not replaced/deleted ...

Sure it was not. Do you read the release notes?
What's new in 6.43 (2018-Sep-06 12:44):
...
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
 
whatever
Frequent Visitor
Frequent Visitor
Posts: 64
Joined: Thu Jun 21, 2018 9:29 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 2:13 pm

Must have missed that, thank you for pointing it out.
 
Nivalis
just joined
Posts: 3
Joined: Thu Oct 04, 2018 3:30 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 4:20 pm

Hello, I have some RB 750UP routers and i try to update packages from 6.40.9 to 6.42.9. This update work fine. After i try to update firmware from 3.41 to 6.42.9 and my router won't work. Eth1 led is very fast blinking. And don't work all interfaces (i don't get wan ip-address from my dhcp-server and all lan users - don't get lan addresses). If I reset my router I can login to router through mac-address with help winbox neighbors and I saw what ip address mikrotik is 0.0.0.0/0 and no start dhcp-server. I try to netinstall 6.42.9 - its work. Then i try to update to 6.43.2 packages - work fine, but firmware broke my router too and very fast blinking eth1 port again.
 
mpadmin
just joined
Posts: 9
Joined: Sun May 22, 2016 3:48 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 7:41 pm

I like this long-term version and it works fine for me. I have a small problem with my auto-update script, that updates all my devices (only to bugfix channel). Until now it works just fine with RouterOS and Routerboard firmware updates, but now this code asks for [y/n]...
/system routerboard
   :if ( [get current-firmware] != [get upgrade-firmware]) do={ 
      ## New version of firmware available, let's upgrade
      :delay 15s;
      upgrade
}
Any chance to upgrade firmware from script without this question?
 
User avatar
eworm
Member Candidate
Member Candidate
Posts: 184
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 7:49 pm

I like this long-term version and it works fine for me. I have a small problem with my auto-update script, that updates all my devices (only to bugfix channel). Until now it works just fine with RouterOS and Routerboard firmware updates, but now this code asks for [y/n]...
/system routerboard
   :if ( [get current-firmware] != [get upgrade-firmware]) do={ 
      ## New version of firmware available, let's upgrade
      :delay 15s;
      upgrade
}
Any chance to upgrade firmware from script without this question?
This should work when running from scheduler. If you want to reboot from terminal without confirmation replace "upgrade" with:
/execute "/system reboot";
Edit: Of course this should read:
/execute "/system routerboard upgrade";
Last edited by eworm on Thu Oct 04, 2018 8:48 pm, edited 1 time in total.
Manage RouterOS scripts and extend your devices' functionality: RouterOS Scripts
 
mpadmin
just joined
Posts: 9
Joined: Sun May 22, 2016 3:48 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 04, 2018 8:30 pm

I like this long-term version and it works fine for me. I have a small problem with my auto-update script, that updates all my devices (only to bugfix channel). Until now it works just fine with RouterOS and Routerboard firmware updates, but now this code asks for [y/n]...
/system routerboard
   :if ( [get current-firmware] != [get upgrade-firmware]) do={ 
      ## New version of firmware available, let's upgrade
      :delay 15s;
      upgrade
}
Any chance to upgrade firmware from script without this question?
This should work when running from scheduler. If you want to reboot from terminal without confirmation replace "upgrade" with:
/execute "/system reboot";
Thank you eworm! My mistake - it works fine from scheduler. It doesn't work only with /system script run ...
 
MonkeyDan
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Fri Dec 29, 2017 8:41 pm

Re: v6.42.9 [long-term] is released!

Fri Oct 05, 2018 1:54 am

For Wireless Wires, v6.42.9 is a vast improvement over v6.42.5 through v6.42.7 and v6.43.x which seems to exhibit the same problems of repeated disconnections.
Good work, Mikrotik!
 
bennyh
Frequent Visitor
Frequent Visitor
Posts: 69
Joined: Fri Mar 03, 2017 12:37 pm

Re: v6.42.9 [long-term] is released!

Fri Oct 05, 2018 9:06 am

For Wireless Wires, v6.42.9 is a vast improvement over v6.42.5 through v6.42.7 and v6.43.x which seems to exhibit the same problems of repeated disconnections.
Good work, Mikrotik!
Older MIPSBE models are stable too in 802.11 mode with 6.42.9, I swiched back from buggy laggy NV2, and less ping loss, low latency for a long range (11km) PtP connection.
Nstreme was the best when we started to use the long range PtP, and 802.11 was unstable. After years and updates Nstreme became unstable (after channel changes too), I had to switch to NV2 what was stable but slow, but after upgrading 6.42.9, I tried 802.11 and after 3 days it seems stable and faster then nv2.
 
sophitus
just joined
Posts: 11
Joined: Sun Jul 23, 2017 10:04 pm

Re: v6.42.9 [long-term] is released!

Fri Oct 05, 2018 10:13 am

I got mem leak reboot again on 6.42.9. 6.42.7 was fine. Also see "ipsec phase1 negotiation failed due to time up" multiple times right before reboot with "out of memory condition". Anybody else having this issue on hap ac?
 
dvm
just joined
Posts: 10
Joined: Thu Feb 01, 2018 9:54 am

Re: v6.42.9 [long-term] is released!

Sat Oct 06, 2018 4:21 pm

Just tested on RB750Gr3, 6.42.9 default configuration script just sets IP on ether1. Version 6.42.7 have full default configuration, fw, dhcp, bridge etc.
I can confirm this on RB951Ui-2HnD, hAP ac^2.
 
pe1chl
Forum Guru
Forum Guru
Posts: 4867
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42.9 [long-term] is released!

Sat Oct 06, 2018 5:49 pm

No features were removed, only one feature was renamed and that is the "master-port" that had various limitations, now it is replaced with a simple bridge configuration. Nothing else is changed regarding to VLAN configuration. You simply have to replace every configuration line that involves the master-port with a bridge, or better - let RouterOS convert your configuration when upgrading, it will automatically replace the master-port with a bridge.
I decided to try it on one router which had 5 ports with a single master-port on the first switch of an RB2011 running 6.40.9.
There were several VLAN interfaces all bound to ether2 which was the master port, and a switch chip config with 8 VLANs some tagged and some untagged on the ports.
No bridge at all on this router, the ports on the second switch are used as independent (link) ports.

I upgraded to 6.42.7 but it did nothing to auto-convert (except removing the master-port setting).
So I tried again (copied old version from 2nd partition) with 6.41.4 but same thing.

Fortunately I could still access it via a link, so I manually created a bridge and made the ports on switch1 member of it, and manually moved all VLANs from ether2 to bridge to get things running again. Then I upgraded to 6.42.9.
It did not become a disaster because the router is in a closed network with many links and no NAT and default-deny incoming on the links.

What is the reason there was no auto conversion? What are the conditions for this auto conversion to happen?
 
mkx
Forum Guru
Forum Guru
Posts: 1021
Joined: Thu Mar 03, 2016 10:23 pm

Re: v6.42.9 [long-term] is released!

Sat Oct 06, 2018 5:58 pm

My guess, based on my reputably bad memory, is as follows: by default there used to be single bridge present even with ROS 6.40 and earlier, if nothing else it would bridge the master port and wireless interface. Or, in case of 2011, it would bridge both master ports. So I guess upgrade procedure actually expects to find that bridge and only adds slave ports to the same bridge. In your case, that bridge was not there and coversion automagic did not create one.

I may well be wrong on the above.
BR,
Metod
 
pe1chl
Forum Guru
Forum Guru
Posts: 4867
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42.9 [long-term] is released!

Sat Oct 06, 2018 7:53 pm

It is true that there is a bridge by default but in the past I have converted RB750 and RB750G routers which by default have no bridge, and it created the bridge.
But those did not have VLANs on the switch, only the default LAN with a couple of ports and a master-port where the IP address is configured.
I expected that the RB2011 would be handled the same. But maybe it is like you said and it only works for routers that are running almost default configuration.
I was lucky that I was not configuring it from the LAN side or I would be locked out. I think I have seen other postings from people that were locked out due to upgrade.
 
mducharme
Trainer
Trainer
Posts: 662
Joined: Tue Jul 19, 2016 6:45 pm

Re: v6.42.9 [long-term] is released!

Sat Oct 06, 2018 9:36 pm

But maybe it is like you said and it only works for routers that are running almost default configuration.
I somewhat doubt that this is what MikroTik intended. I would send them your previous config so they can try to figure out why their conversion routine failed with your setup. Maybe they can improve the auto conversion process.
 
recepkarapinar
just joined
Posts: 5
Joined: Sun Feb 18, 2018 8:09 pm

Re: v6.42.9 [long-term] is released!

Wed Oct 10, 2018 8:58 pm

hiya friend i had 1036 on my office on client i had lite5 i did update both 6,42.9 long term. when i update lite i cant make btest to lite5 . before it was 6.40.4 stable. anyone has idea why i cant do btest
 
kadhim09
newbie
Posts: 36
Joined: Sat Oct 29, 2016 10:11 am
Location: iraq/samawa

Re: v6.42.9 [long-term] is released!

Thu Oct 11, 2018 7:11 pm

RouterOS version 6.42.9 has been released in public "long-term" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 6.42.9 (2018-Sep-27 05:19):

Important note!!! Backup before upgrade!
RouterOS v6.41 and above contains new bridge implementation that supports hardware offloading (hw-offload).
This update will convert all interface "master-port" configuration into new bridge configuration, and eliminate "master-port" option as such.
Bridge will handle all Layer2 forwarding and the use of switch-chip (hw-offload) will be automatically turned on based on appropriate conditions.
The rest of RouterOS Switch specific configuration remains untouched in usual menus.
Please, note that downgrading below RouterOS v6.41 will not restore "master-port" configuration, so use backups to restore configuration on downgrade.

*) bridge - ignore tagged BPDUs when bridge VLAN filtering is used;
*) bridge - improved packet handling when hardware offloading is being disabled;
*) crs317 - fixed packet forwarding on bonded interfaces without hardware offloading;
*) crs326/crs328 - fixed packet forwarding when port changes states with IGMP Snooping enabled;
*) defconf - properly clear global variables when generating default configuration after RouterOS upgrade;
*) dns - fixed DNS cache service becoming unresponsive when active Hotspot server is present on the router (introduced in 6.42);
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) health - added missing parameters from export;
*) health - fixed voltage measurements for RB493G devices;
*) hotspot - properly update dynamic "walled-garden" entries when changing "dst-host";
*) ike2 - fixed rare authentication and encryption key mismatches after rekey with PFS enabled;
*) ike2 - improved subsequent phase 2 initialization when no child exist;
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) ipsec - improved stability when using IPsec with disabled route cache;
*) led - added "dark-mode" functionality for wsAP ac lite, RB951Ui-2nD, hAP, hAP ac lite and LtAP mini devices;
*) lte - fixed LTE interface not working properly after reboot on RBSXTLTE3-7;
*) lte - fixed LTE registration in 2G/3G mode;
*) ospf - improved link-local LSA flooding;
*) ospf - improved stability when originating LSAs with OSPFv3;
*) routerboard - fixed memory tester reporting false errors on IPQ4018 devices ("/system routerboard upgrade" required);
*) routerboard - show "boot-os" option only on devices that have such feature;
*) routerboot - fixed RouterOS booting on devices with particular NAND memory;
*) sniffer - made "connection", "host", "packet" and "protocol" sections read-only;
*) supout - added "files" section to supout file;
*) upgrade - fixed RouterOS upgrade process from RouterOS v5 on PowerPC;
*) upnp - improved UPnP service stability when handling HTTP requests;
*) userman - fixed "shared-secret" parameter requiring "sensitive" policy;
*) w60g - added "frequency-list" setting;
*) w60g - fixed interface LED status update on connection;
*) w60g - fixed random disconnects;
*) w60g - general stability and performance improvements;
*) webfig - fixed time interval settings not applied properly under "IP/Kid Control/Kids" menu;
*) webfig - fixed www service becoming unresponsive;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) wireless - accept only valid path for sniffer output file parameter;
*) wireless - fixed "/interface wireless sniffer packet print follow" output;

What's new in 6.42.8 (2018-Sep-21 13:30):

(factory only release)

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device

Please keep this forum topic strictly related to this concrete RouterOS release.
the bad block disappear from the resourse in system tap
 
nescafe2002
Member
Member
Posts: 486
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v6.42.9 [long-term] is released!

Thu Oct 11, 2018 9:34 pm

the bad block disappear from the resourse in system tap

Wow, do you really have to quote the full change log to mention this?

Either report your findings to support as stated, or add some details to let us check it out (e.g. what RB model).
 
bhickey
just joined
Posts: 18
Joined: Fri Feb 17, 2006 3:21 am

Re: v6.42.9 [long-term] is released!

Sat Oct 13, 2018 10:49 am

Upgrading from 6.40.8 to 6.42.9 on a hEX :

1. Master-slave configs disappeared and there was no new bridge created in their place. This brought down all devices on a switch connected to one of the slave ports and required an onsite visit to investigate. Config details before upgrade were :

/interface ethernet
set [ find default-name=ether4 ] master-port=ether5-LAN name=\
ether4-slave-local

2. I manually created the bridge with ether4 & ether5 ports and I now get log messages "... bridge port received packet with own address as source address ... probably loop"

3. IP/Cloud stopped working. After disabling and re-enabling, it eventually started working again
 
User avatar
pcunite
Long time Member
Long time Member
Posts: 634
Joined: Sat May 25, 2013 5:13 am
Location: USA

Re: v6.42.9 [long-term] is released!

Sat Oct 13, 2018 8:00 pm

Upgrading from 6.40.8 to 6.42.9 on a hEX

I've upgraded mine 'Tiks, but I eventually did a reset, just to be safe.
 
Swordforthelord
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Thu Jul 08, 2010 10:18 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 16, 2018 5:53 pm

Hello,

I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured on Interface 1, without a DHCP server, or firewall policies (which leaves the router insecure and vulnerable to hacking when connected to the internet). Why was this changed?

Thank you.
I can confirm this on a 951G, a 450G, and an old 751U.
 
spsurajit
just joined
Posts: 1
Joined: Tue Oct 16, 2018 9:51 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 16, 2018 10:07 pm

mickrotik rb750r2 hex lite Router User Manager availability?

Setting up User Manager, but logging hotspot RADIUS server is not responding message
Solve This Problem
 
skullzaflare
just joined
Posts: 18
Joined: Tue Apr 12, 2016 12:01 am

Re: v6.42.9 [long-term] is released!

Thu Oct 18, 2018 6:12 pm

Has anyone run into an issue with ports randomly leaving the bridge to go "unknown" interface?
We upgraded 1100 customer after a small test batch, all almost 2 weeks ago. We are having random customers call and finding the wlan or another port leaving the bridge, and usually when it does it also kills dhcp that was on the bridge. SOMETIMES internal address also goes "unknown"

Yes the firmwares are also upgraded with software (2 weeks ago now)
This week alone we have had 73 people call in with this issue

No we were not using master-port
Routers in complaint have been all 951 or 952. I think we had one 941. No RBD52's since they are on 6.43.2 (wont go lower.)
We have not flashed any tower sites or customer RB2011's yet
 
Swordforthelord
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Thu Jul 08, 2010 10:18 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 18, 2018 6:52 pm

I had a similar issue with a RB751U. Ether1 suddenly became a member of the bridge. This was not a result of the upgrade process as I configured it from scratch on 6.42.9. There were other random changes as well.
Has anyone run into an issue with ports randomly leaving the bridge to go "unknown" interface?
We upgraded 1100 customer after a small test batch, all almost 2 weeks ago. We are having random customers call and finding the wlan or another port leaving the bridge, and usually when it does it also kills dhcp that was on the bridge. SOMETIMES internal address also goes "unknown"

Yes the firmwares are also upgraded with software (2 weeks ago now)
This week alone we have had 73 people call in with this issue

No we were not using master-port
Routers in complaint have been all 951 or 952. I think we had one 941. No RBD52's since they are on 6.43.2 (wont go lower.)
We have not flashed any tower sites or customer RB2011's yet
 
jukka
just joined
Posts: 1
Joined: Sun Oct 21, 2018 2:46 am

Re: v6.42.9 [long-term] is released!

Sun Oct 21, 2018 3:10 am

I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured on Interface 1, without a DHCP server, or firewall policies (which leaves the router insecure and vulnerable to hacking when connected to the internet). Why was this changed?
What type of router is that? The above has always been the default on the more enterprise-oriented CCR routers, the detailed config that you describe was always only on the smaller home-oriented routers.
I noticed the same behaviour on a hAP AC (RouterBOARD 962UiGS-5HacT2HnT).

The old factory default configuration was quite useful since it required at most a few adjustments to create a working WiFi AP / router for the typical home scenario. The new factory default configuration on the other hand requires quite some manual work until you reach the same functionality...
 
amorsen
newbie
Posts: 31
Joined: Wed Jun 13, 2007 2:17 pm

Re: v6.42.9 [long-term] is released!

Mon Oct 22, 2018 6:09 pm

So, the old master-port code is gone. Now we are stuck with bridge interfaces being always up, whether there are any ports up in the switch. I have posted repeatedly why this is unacceptable.

Please bring back security fixes for the 6.40.x releases.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8142
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.42.9 [long-term] is released!

Mon Oct 22, 2018 10:26 pm

I have posted repeatedly why this is unacceptable.
To be honest, never saw such posts. Any links?

Anyway, have you reported to support@mikrotik.com?
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1794
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 4:58 am

Any chance of 6.42.10 with the IP Traffic Flow NAT fixes ?
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
andriys
Forum Guru
Forum Guru
Posts: 1051
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 10:31 am

Any chance of 6.42.10 with the IP Traffic Flow NAT fixes ?
Can you provide more details (or a link) of what's broken, please?
 
User avatar
vecernik87
Member
Member
Posts: 352
Joined: Fri Nov 10, 2017 8:19 am

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 12:31 pm

Any chance of 6.42.10 with the IP Traffic Flow NAT fixes ?
Can you provide more details (or a link) of what's broken, please?
I am not him but this is pretty clear:
6.43.4 Stable - https://mikrotik.com/download/changelog ... 33626d2540
*) traffic-flow - fixed post NAT port reporting;
 
ivanfm
newbie
Posts: 37
Joined: Sun May 20, 2012 5:07 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 1:49 pm

I have posted repeatedly why this is unacceptable.
To be honest, never saw such posts. Any links?

Anyway, have you reported to support@mikrotik.com?
I have found a single post about this : viewtopic.php?f=21&t=123936&p=626322#p626322

It's a valid use case. But I agree with you, this should be directed to support@mikrotik.com
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1794
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 2:10 pm

Any chance of 6.42.10 with the IP Traffic Flow NAT fixes ?
Can you provide more details (or a link) of what's broken, please?
I am not him but this is pretty clear:
6.43.4 Stable - https://mikrotik.com/download/changelog ... 33626d2540
*) traffic-flow - fixed post NAT port reporting;
Bingo.

The problem is resolved in 6.44rc and 6.43.4 but we have a rule of only running LTS/Bugfix in production.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
avn
just joined
Posts: 10
Joined: Tue Apr 04, 2017 6:34 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 9:06 pm

I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured on Interface 1, without a DHCP server, or firewall policies (which leaves the router insecure and vulnerable to hacking when connected to the internet). Why was this changed?
What type of router is that? The above has always been the default on the more enterprise-oriented CCR routers, the detailed config that you describe was always only on the smaller home-oriented routers.
All types of routers now behave like this. Hex/hex lite, hap/hap lite, rb7xx, rb9xx, rb2011... You can check yourself (/system default-configuration print).
 
Swordforthelord
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Thu Jul 08, 2010 10:18 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 10:52 pm


[/quote]
All types of routers now behave like this. Hex/hex lite, hap/hap lite, rb7xx, rb9xx, rb2011... You can check yourself (/system default-configuration print).[/quote]


But the question is, was this a deliberate change by Mikrotik or a bug? Unless I've missed it we've yet to hear any kind of an official reply to this.
 
Swordforthelord
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Thu Jul 08, 2010 10:18 pm

Re: v6.42.9 [long-term] is released!

Tue Oct 23, 2018 10:58 pm

I really can't see the new default configuration as anything other than a bug, at least not in the smaller routers. It's been MT's policy for years now to make them end user friendly and no default firewall/bridge/NAT setup is the very opposite of that. I even tried using quick set and that still produces the new limited default config.
 
User avatar
emils
MikroTik Support
MikroTik Support
Topic Author
Posts: 278
Joined: Thu Dec 11, 2014 8:53 am

Re: v6.42.9 [long-term] is released!

Wed Oct 24, 2018 12:31 pm

Unfortunately, it looks like default configuration is not properly generated on 6.42.8 and 6.42.9 versions. A workaround is to upgrade your router to the latest stable or testing builds and reset configuration then. We will definitely resolve the issue in the next long-term version. Sorry for any inconvenience.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8142
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.42.9 [long-term] is released!

Thu Oct 25, 2018 12:02 am

I have found a single post about this : viewtopic.php?f=21&t=123936&p=626322#p626322

It's a valid use case. But I agree with you, this should be directed to support@mikrotik.com
Well, for me it's not very valid. If you're using bridging, why do you add addresses to the ports, not on the bridge? If you need routing — don't use bridging/switching. If you bridge — why do you need different IP addresses on different ports? :)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
pe1chl
Forum Guru
Forum Guru
Posts: 4867
Joined: Mon Jun 08, 2015 12:09 pm

Re: v6.42.9 [long-term] is released!

Thu Oct 25, 2018 11:17 am

I have found a single post about this : viewtopic.php?f=21&t=123936&p=626322#p626322

It's a valid use case. But I agree with you, this should be directed to support@mikrotik.com
Well, for me it's not very valid. If you're using bridging, why do you add addresses to the ports, not on the bridge? If you need routing — don't use bridging/switching. If you bridge — why do you need different IP addresses on different ports? :)
It is not at all related to that! The point is, in the old version you could put an IP address (subnet) on a master port with some slave ports (a switch), and when you route the subnet e.g. using BGP with synchronize=yes the route would only be advertised when something is plugged into one of the ports of the switch. When all devices are unplugged or powered down, the master port would go down and BGP would no longer advertise the subnet. You could then advertise it somewhere else (where the same config is present).

However, with the new approach where you use a bridge with those ports (and hw=yes), put the address on the bridge, i.e. the "new config" for a "switch", it no longer works like this. The bridge is "up" even when none of the ports in the bridge is up, and BGP always advertises the subnet even when synchronize=yes.
That is a change in functionality, and although most people will not bother, he is apparently affected by it.

The new config can only do the above when only a single port is used, so the IP address can be directly configured on the port, and the ports still can be up or down.
But that means you can no longer offer the multiple ports (with switch) feature to the customer and use this failover/move scenario.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8142
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: v6.42.9 [long-term] is released!

Thu Oct 25, 2018 11:53 am

Good point, we definitely need some option to stop bridge if all bridge ports are down (or to run it only if there are active ports). Someone just needs to contact support@mikrotik.com with that request :)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5699
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v6.42.9 [long-term] is released!

Thu Oct 25, 2018 12:02 pm

Bridge always worked that way and if suddenly bridge with inactive (no ports) will not have running flag, it will break all configurations with loopbacks and other configurations where bridge is used as dummy interface.

Who is online

Users browsing this forum: eXS and 5 guests