Switch
- bridge: learn-limit per bridge port, counter reset condition (on router reboot, on port down/up, manual etc)
- dot1x: guest vlan for clients unsupporting dot1x - found workaround impemented in 7.2
- dot1x: authentication per host (allow multiple (un)authenticated hosts on one port)
- general: mc-lag or stacking for HW redundancy (mc-lag implemented in 7.1)
- bridge: more support for interface-list in configuration already implemented, don't know in which version
- ppp: push routes for VPNs (through DHCP-Info response) for split tunneling, same like split-include in IKEv2
- dns: filtering request based on source IP
- dns: action redirect requests to external DNS (regex or domain filtering) implemented in 6.47
- general: more support for interface-list in configuration (for ex. Routing rules)
- proxy: ssl proxy - redirect incoming requests to http(s) servers based on sni (=SSL offload, only for powerful RBs) - can by implemented in container
- proxy: mDNS reflector for running mDNS across VLANs - can be implemented in container, but native support would be better
- IPsec: posibility to choose IPsec Proposal / Profile in IPIP, EoIP, L2TP etc. configuration
- ikev2: optionally add dynamic routes for ikev2 connected clients (like with PPP links) for proxy-arp functional
- (Why Mikrotik missed oportunity in WiFi4EU?) - not actual
- ap: add roaming standards 802.11r/k/v - also between APs already implemented
- ap: add band steering or something like this (push multibands (2G/5G) client to specific band on defined conditions) already implemented
- CAPsMAN: compatibility wifiwave2 APs with old (non wifiwave2) APs
- ap/radius: add quest/quarantine vlan options - similar behavior like in dot1x