Community discussions

MikroTik App
 
biomesh
Long time Member
Long time Member
Posts: 561
Joined: Fri Feb 10, 2012 8:25 pm

Re: v7.7 [stable] is released!

Fri Jan 27, 2023 6:11 pm

My l3hw offload for ipv6 on a crs317 works with no issues. Here is my ipv6 specific config:
/interface ethernet switch
set 0 l3-hw-offloading=yes
/interface ethernet switch l3hw-settings
set ipv6-hw=yes
/ipv6 address
add address=fd00:70::1 interface=vlan70
add address=fd00::2 advertise=no interface=vlan10
add address=fd00:5::1 interface=vlan500
add address=fd00:6::1 interface=vlan600
add address=fd00:4::1 interface=vlan400
add from-pool=from_comcast_vlan400 interface=vlan400
add from-pool=from_comcast_vlan500 interface=vlan500
add from-pool=from_comcast_vlan600 interface=vlan600
/ipv6 dhcp-client
add interface=vlan600 pool-name=from_comcast_vlan600 request=prefix use-peer-dns=no
add interface=vlan500 pool-name=from_comcast_vlan500 request=prefix use-peer-dns=no
add interface=vlan400 pool-name=from_comcast_vlan400 request=prefix use-peer-dns=no
/ipv6 nd
set [ find default=yes ] advertise-dns=no ra-delay=5s ra-interval=30s-1m
/ipv6 nd prefix default
set preferred-lifetime=1h valid-lifetime=2h
/ipv6 route
add disabled=no dst-address=::/0 gateway=fd00::1 routing-table=main
 
Skon01
just joined
Posts: 1
Joined: Sun Sep 12, 2021 12:01 pm

Re: v7.7 [stable] is released!

Fri Jan 27, 2023 7:00 pm

RB5009. The DNS server is on. Memory is melting before my eyes. Looks like a leak.
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.7 [stable] is released!

Fri Jan 27, 2023 7:58 pm

RB5009. The DNS server is on. Memory is melting before my eyes. Looks like a leak.
.
Already reported by some on this thread, complete radio silence from Mikrotik on that matter.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.7 [stable] is released!

Sat Jan 28, 2023 11:33 am

The DNS leak requires more research. I do not see it at all. People who experience it should probably try to identify what use case triggers it.
(we saw the report by someone operating WiFi in a restaurant - that is a completely uncontrolled situation. but when someone sees it on their home router or in a company that is closed during weekends, maybe they can identify what kind of lookups causes a leak. could be things like repeated lookup of the same small-TTL item, repeated lookup of nonexisting names, etc etc)
 
User avatar
kosyot
newbie
Posts: 36
Joined: Wed Jan 16, 2019 1:28 pm
Contact:

Re: v7.7 [stable] is released!

Sat Jan 28, 2023 12:18 pm

Long time v.7 bug still not fixed:
BGP peers on WinBox always show 0
Screenshot 2023-01-28 121331.png
On CLI count-only working only without any where clause:
/routing/route/print count-only
56

/routing/route/print count-only  where belongs-to="bgp-IP-......."
0
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.7 [stable] is released!

Sat Jan 28, 2023 12:24 pm

That has been fixed in 7.8beta2.
/routing/route/print count-only  where belongs-to="bgp-IP-44.137.61.1"
86
 
maxspeed
newbie
Posts: 27
Joined: Mon Dec 17, 2012 3:19 am

Re: v7.7 [stable] is released! bug with SFP info not visible

Sun Jan 29, 2023 9:01 pm

Hi,

with fw 7.4.1 no problem to see sfp info but with fw 7.7 not impossible to see information
maybe with new version I can see all info, btw both sfp are Mikrotik,

I do some tests with others sfp models I can see info!

Thank you
You do not have the required permissions to view the files attached to this post.
 
User avatar
kosyot
newbie
Posts: 36
Joined: Wed Jan 16, 2019 1:28 pm
Contact:

Re: v7.7 [stable] is released!

Mon Jan 30, 2023 10:32 am

That has been fixed in 7.8beta2.
/routing/route/print count-only  where belongs-to="bgp-IP-44.137.61.1"
86
@WinBox still count always is 0
but...
in 7.8beta2 belongs-to= clause is gone!
writing in other topic about it...
 
User avatar
spippan
Member
Member
Posts: 333
Joined: Wed Nov 12, 2014 1:00 pm
Location: Austria

Re: v7.7 [stable] is released!

Mon Jan 30, 2023 10:39 am

Sorry MT, but I have still a problem with L3HW-offloading with IPv6 in this release. After activating on a CRS326-24G-2S+ the switch reboots spontanious without any obvious reason.
After the reboot the LOG shows:
hc_401.jpg
I opened a ticket with this problem also with 7.6Beta (SUP-92398), and it seems to be fixed with one of the newer 7.7BetaXX, but it wasn´t.
And even not with 7.7 stable. :-/

There´s nothing special on the switch, only 3 VLANS, IPv4 and IPv6 addresses, that´s all.
The connection to the rest of the network is established via a 10GBit fiber connection.

Has anybody else similar experiences??
does the CRS do any NAT related stuff or inter vlan routing?
bit hard to tell without knowing the config.
cheers
 
Manfred
just joined
Posts: 13
Joined: Wed Feb 06, 2013 3:45 pm

Re: v7.7 [stable] is released!

Thu Feb 02, 2023 8:59 am

It seems, that Mangle Rules are not working properly with wireguard.

I have a Chateau LTE12 here, which is used as a kind of backup - router.
So it uses a different Standardgateway instead of the lte1 - Interface.
But I have some tunnels ( OVPN and Wireguard ) coming in via lte1 - Interface.

So as on ROS 6,
I created 2 Mangle Rules and a new entry in the routing tables.
1st Mangle Rule does a new connection mark on lte1
2nd Mangle Rule does a new routing mark on the new connection mark using the created entry in the routing tables

Routing entries:
0.0.0.0/0 -> Gateway 1 -> Other Router -> Distance 2
0.0.0.0/0 -> Gateway 2 -> lte1 -> Distance 3
0.0.0.0/0 -> Gateway 3 -> lte1 - New Routing Mark -> Distance 1

This works perfect with all my OVPN ( TCP ) - Tunnels !
But Wireguard completely ignors Routing entry "Gateway 3"
always using Gateway 1.

Can anyone confirm this or must there be a different configuration with Wireguard ( UDP ) - Tunnels ?

Manfred
 
holvoetn
Forum Guru
Forum Guru
Posts: 5317
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.7 [stable] is released!

Thu Feb 02, 2023 9:09 am

1) ROS6 didn't have Wireguard
2) What if you point instead of lte1 to the name of your wireguard interface ? Because that's where you need to go through. Once in the tunnel, it doesn't care about the underlying medium. Wireguard will take care of that.
3) could be a config issue. Please start a new thread with full exposure of your config (minus private keys and serial number).
 
t83oleg
just joined
Posts: 8
Joined: Fri Nov 09, 2018 8:51 am

Re: v7.7 [stable] is released!

Thu Feb 02, 2023 9:43 am

Hi all
can someone tell me what this error is and where to look?

mikrotik disconnected, key handshake timeout, signal strength -95

Thanks
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.7 [stable] is released!

Thu Feb 02, 2023 11:04 am

- signal too weak
- wrong password
 
t83oleg
just joined
Posts: 8
Joined: Fri Nov 09, 2018 8:51 am

Re: v7.7 [stable] is released!

Thu Feb 02, 2023 1:22 pm

the router is located in a one-room apartment. are you kidding me? the password is correct since this situation is treated by reconnecting to the wifi network. What now?
 
User avatar
spippan
Member
Member
Posts: 333
Joined: Wed Nov 12, 2014 1:00 pm
Location: Austria

Re: v7.7 [stable] is released!

Thu Feb 02, 2023 2:00 pm

the router is located in a one-room apartment. are you kidding me? the password is correct since this situation is treated by reconnecting to the wifi network. What now?
no kidding ... error message could point to those 2 possible factors
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26287
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: v7.7 [stable] is released!

Thu Feb 02, 2023 2:01 pm

Make new thread, but also in it, include wireless config full output.
 
User avatar
Splash
Member Candidate
Member Candidate
Posts: 206
Joined: Fri Oct 16, 2015 10:09 am
Location: Johannesburg, South Africa

Re: v7.7 [stable] is released! bug with SFP info not visible

Thu Feb 02, 2023 5:31 pm

Hi,

with fw 7.4.1 no problem to see sfp info but with fw 7.7 not impossible to see information
maybe with new version I can see all info, btw both sfp are Mikrotik,

I do some tests with others sfp models I can see info!

Thank you
FLEXOPTIX SFP's (10G) working fine and showing details.
 
kc7aad
just joined
Posts: 5
Joined: Fri Jun 15, 2007 9:33 pm

Re: v7.7 [stable] is released!

Fri Feb 03, 2023 9:16 pm

Does anyone know if regex is working in Logging, from syslog messages by chance?
if my string says "This is a test string with a [WARN] label in it", and I'm trying to hit on WARN, I am thinking I just need to put either WARN or "WARN" in the regex box, to get it to notify me.

I cannot get it to work however.
Thoughts?

Thank you!
Rod
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.7 [stable] is released!

Fri Feb 03, 2023 9:22 pm

Please don't ask HOWTO questions in a release topic!
 
User avatar
sirbryan
Member Candidate
Member Candidate
Posts: 298
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.7 [stable] is released!

Sat Feb 04, 2023 4:53 pm

CRS317 just upgraded to 7.7 with OSPF + BGP + L3HW offload. Routes learned via OSPF don't always get pushed to the switch chip. In this particular setup, the 317 has two equal cost paths to a 310 (also OSPF + BGP + L3HW offload), which has a single path to a 2004. When the adjacency comes up between the 2004 and the 310, the 317 won't send the traffic to the 310 unless I manually disable/enable L3HW offload. When the adjacency drops, the route is properly withdrawn; when it returns, the route populates in the table but not in the switch.

SUP-106771 submitted.

(I'll try to build this up in the lab with identical hardware to see if I can post a replicable config.)
 
MTL7
just joined
Posts: 5
Joined: Fri Nov 26, 2021 9:04 am

Re: v7.7 [stable] is released!

Sat Feb 04, 2023 7:24 pm

Device: RB5009
Firmware : v7.7
Use case/ Problem:
Run Adguard Home as a container with RB5009. Its data is mounted as usb1, an external USB - SanDisk Ultra Fit USB 3.1.
Mounted as usb1.png

Everything is fine until I reboot RB5009 after 10 days.
Originally, SanDisk Ultra Fit's slot is usb1. After a reboot, SanDisk Ultra Fit got a different slot usb2!
Container not work.png
This breaks the Adguard container as files are supposed in usb1. Have to reboot RB5009 a few times before SanDisk Ultra Fit is available as usb1.

Questions:
1) Apparently, RB5009 has a single USB port only. Why on earth disk print shows usb1 and usb2 ?
disk print
Flags: E, M, F - FORMATTING; b - BLOCK-DEVICE
Columns: SLOT, MODEL, SERIAL, INTERFACE, SIZE, FREE
#    SLOT  MODEL              SERIAL                INTERFACE                    SIZE            FREE
0 Mb usb1  SanDisk Ultra Fit  4xxx                  USB 3.00 5000Mbps  15 376 318 464  14 991 310 848
1 E  usb2                                           USB 2.10 480Mbps                                 
2) Now, whenever RB5009 is rebooted, there is a risk of losing network as Adguard Home container uses as a DNS just stopped due to the usb name issue (sometimes it is usb2 instead of usb1). Any solution to this usb slot name does not stay the same after reboot problem?
You do not have the required permissions to view the files attached to this post.
 
User avatar
spippan
Member
Member
Posts: 333
Joined: Wed Nov 12, 2014 1:00 pm
Location: Austria

Re: v7.7 [stable] is released!

Sun Feb 05, 2023 1:46 pm

just stumbled upon this - but does anybody know what's going on on a RB1100AHx4 DE to not recognize its own hardware?

it has 3 UNKNOWN DEVICES on its PCI bus.
sysResPCI_v7.7 _RB1100AHx4DudeE.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
sirbryan
Member Candidate
Member Candidate
Posts: 298
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.7 [stable] is released!

Sun Feb 05, 2023 1:52 pm

CRS317 just upgraded to 7.7 with OSPF + BGP + L3HW offload. Routes learned via OSPF don't always get pushed to the switch chip.
....
I've verified at least one configuration where I can reproduce the problem on 7.4.1, 7.6, and 7.7.

CRS317 -> Redundant VLANs out single SFP+ -> CRS328 -> paired VLANs split across two gigabit links -> combined at RB4011 -> CRS310 -> CCR2004

The 317 and 310 are in L3HW offload mode.

The 317 has four VLANs, two to the 4011 and two to the 310. The VLANs are split by the 328 across two gigabit RF links for load balancing, then combined at the RB4011. The 4011 has a multigig RF link to the 310, which in turn has a multigig RF link to the 2004.

When the link between the 2004 and 310 goes up and down, any routes advertised by the 2004 are properly removed from the 317's L3 switch chip (ASIC). When they return, they show up in the routing table but aren't inserted; traffic bounces between upstream routers unless I manually disable/enable L3HW Offloading.

By changing the path cost on one of the redundant VLANs' OSPF adjacency (or by disabling it altogether), in this case between the 317 and the 310, when the link between the 310 and the 2004 bounces, its routes are properly removed/added to the 317.

(Redundant ticket SUP106771 closed and ticket SUP106809 opened.)
 
rplant
Member Candidate
Member Candidate
Posts: 280
Joined: Fri Sep 29, 2017 11:42 am

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 4:12 am

Device: RB5009
Firmware : v7.7
Use case/ Problem:
Run Adguard Home as a container with RB5009...
Hi,
You can rename the slot (eg to Fit1 or something)
With luck it might stay the same.
 
User avatar
Ocean
just joined
Posts: 9
Joined: Mon Sep 03, 2012 11:10 am

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 8:20 am


I updated to 7.8beta2. The memory leak continues.


After updating to 7.8 beta3, memory leak problem solved.


daily78b3.png
You do not have the required permissions to view the files attached to this post.
 
Manfred
just joined
Posts: 13
Joined: Wed Feb 06, 2013 3:45 pm

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 4:27 pm

Export issues in ROS 7.7:

1.) Exporting PPP - Secrets with ROS 7.7, all passwords are missing:in Exportfile:
ROS7.7:
# feb/06/2023 15:09:53 by RouterOS 7.7
# software id = K16J-7SHP
#
# model = D53G-5HacD2HnD
# serial number = 123456789
/ppp secret
add caller-id=x.x.x.x comment=1 local-address=10.248.254.253 name=\
Test profile=OVPN remote-address=10.248.0.1 routes=\
10.249.0.0/24,10.250.0.0/24,10.251.0.0/24,10.0.0.0/16 service=ovpn

ROS 6.49.6:
# feb/06/2023 15:11:11 by RouterOS 6.49.6
# software id = 2CTJ-4E6S
#
# model = RouterBOARD 3011UiAS
# serial number = 123456789
/ppp secret
add local-address=10.249.254.254 name=PW_Winkl password=somepassword profile=\
"OVPN - Aussenstationen" remote-address=10.249.5.88 routes=10.5.88.0/24 \
service=ovpn

2.) Exporting Wireguard with ROS 7.7, all preshared keys are missing:in Exportfile:

# feb/06/2023 15:19:27 by RouterOS 7.7
# software id = K16J-7SHP
#
# model = D53G-5HacD2HnD
# serial number = D7B00EDB556D
/interface wireguard
add listen-port=12345 mtu=1420 name=wg_Anlagen
/interface wireguard peers
add allowed-address=10.248.0.1/32,10.0.0.0/16,10.249.0.0/24 comment=\
"MSS Coneltestrouter" interface=wg_Anlagen persistent-keepalive=25s \
public-key="thekey"

Is this somehow intended or is there hopefully another way to get this back ?
It's really very hard to reenter the passwords / preshared keys of more than 200 tunnels after import on a maybe new hardware !!!

Manfred
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 4:36 pm

Stop using release forum for your fault, open separate topic.
(/export on v6, /export show-sensitive on v7)
 
Manfred
just joined
Posts: 13
Joined: Wed Feb 06, 2013 3:45 pm

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 4:43 pm

Stop using release forum for your fault, open separate topic.
(/export on v6, /export show-sensitive on v7)
Sorry for my fault,
but,
from where did you get this (show-sensitive) information ?
MKT Documentation says nothing about this (only hide-sensitive is described) !
 
holvoetn
Forum Guru
Forum Guru
Posts: 5317
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 4:59 pm

Stop using release forum for your fault, open separate topic.
(/export on v6, /export show-sensitive on v7)
Unless someone follows the release notes (where it is mentioned from time to time when similar things happen), it's nowhere to be found in the help pages (read as: I could not find it in the obvious sections).
F1 on command line does show it but that's not really the right place to search.
 
User avatar
sirbryan
Member Candidate
Member Candidate
Posts: 298
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 6:40 pm

L3HW offload is still buggy on 7.7. (Saw this in 7.5 and 7.6 too.)
This weekend I upgraded some CCR2116's that have been running 7.4.1 for months with solid L3HW offload (nearly 100 OSPF routes, thousands of BGP routes), and this morning woke up to some of the local routes missing from the ASIC despite being advertised via OSPF. Disabling L3HW offload fixed the problem immediately.
 
User avatar
spippan
Member
Member
Posts: 333
Joined: Wed Nov 12, 2014 1:00 pm
Location: Austria

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 11:13 pm

L3HW offload is still buggy on 7.7. (Saw this in 7.5 and 7.6 too.)
This weekend I upgraded some CCR2116's that have been running 7.4.1 for months with solid L3HW offload (nearly 100 OSPF routes, thousands of BGP routes), and this morning woke up to some of the local routes missing from the ASIC despite being advertised via OSPF. Disabling L3HW offload fixed the problem immediately.
excuse the maybe stupid question, but where do you evaluate the routes being "in the ASIC" or how to verify routes being L3HW offloaded?
 
User avatar
sirbryan
Member Candidate
Member Candidate
Posts: 298
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.7 [stable] is released!

Mon Feb 06, 2023 11:17 pm


excuse the maybe stupid question, but where do you evaluate the routes being "in the ASIC" or how to verify routes being L3HW offloaded?

I can't tell from the GUI or CLI, but I can tell when trying to trace a route from one device/router to another through the L3HW offloaded router. I can see the routes in the routing table, but traces stall at the router or ping-pong between routers. When L3HW offload the route starts working and the trace completes.
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.7 [stable] is released!

Tue Feb 07, 2023 1:13 am


After updating to 7.8 beta3, memory leak problem solved.
.
Updated two boxes that are heavily presenting the issue, will monitor them tomorrow and post the feedback here. Thanks for posting that it seems 7.8b3 solved the problem.
 
User avatar
spippan
Member
Member
Posts: 333
Joined: Wed Nov 12, 2014 1:00 pm
Location: Austria

Re: v7.7 [stable] is released!

Tue Feb 07, 2023 2:41 am


excuse the maybe stupid question, but where do you evaluate the routes being "in the ASIC" or how to verify routes being L3HW offloaded?

I can't tell from the GUI or CLI, but I can tell when trying to trace a route from one device/router to another through the L3HW offloaded router. I can see the routes in the routing table, but traces stall at the router or ping-pong between routers. When L3HW offload the route starts working and the trace completes.
ok thanks for the info. thought i missed some submenu of flag which indicates offloaded routes or a table to read from which routes are currently offloaded to L3HW
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.7 [stable] is released!

Wed Feb 08, 2023 7:26 pm

After updating to 7.8 beta3, memory leak problem solved.
.
While I can't see that huge increase in memory usage anymore, it seems i'm still seeing a minor memory usage increasing over the time. I'll now wait some more days (or weeks) to see where that's going. But seems that that problem, if not fully solved, at least was partially handled. Memory usage is at least not increasing crazy fast anymore on 7.8b3.
.
mem1.jpg
.
mem2.jpg
You do not have the required permissions to view the files attached to this post.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1070
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.7 [stable] is released!

Wed Feb 08, 2023 8:02 pm

It's still possible that what ever caches fill up. But it looks a lot more healthy now.
 
kcarhc
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Thu Feb 01, 2018 9:54 am

Re: v7.7 [stable] is released!

Wed Feb 08, 2023 8:44 pm

please check
SUP-107224 dns-static to-address-list not working
 
leonardogyn
just joined
Posts: 18
Joined: Wed Dec 04, 2019 4:47 pm

Re: v7.7 [stable] is released!

Wed Feb 08, 2023 9:15 pm

It's still possible that what ever caches fill up. But it looks a lot more healthy now.
.
Absolutely! While still seems to be increasing, it's not that crazy fast anymore ... well, at least on the first 2 days of running 7.8b3. Seems the changes are promissing!
 
kowal
newbie
Posts: 30
Joined: Sun Jul 06, 2014 2:23 am

Re: v7.7 [stable] is released!

Thu Feb 09, 2023 8:03 am

Not sure that''s a bug, but a GPON SFP module stays in "sfp-tx-fault=yes" state every time if in ex. I unplug it or disable it for a while, but sometimes after reboot it changes to normal state.
Instead of it it runs fine, maybe the reason is that GPON modules needs some time to boot up.
[kowal@Kowal-RB5009] /interface/ethernet> moni 0
                    name: SFP+
                  status: link-ok
        auto-negotiation: disabled
                    rate: 2.5Gbps
             full-duplex: yes
         tx-flow-control: no
         rx-flow-control: no
      sfp-module-present: yes
             sfp-rx-loss: no
            sfp-tx-fault: yes
                sfp-type: SFP-or-SFP+
      sfp-connector-type: SC
      sfp-link-length-sm: 20km
         sfp-vendor-name: HALNy
  sfp-vendor-part-number: HL-GSFP
     sfp-vendor-revision: V1.0
       sfp-vendor-serial: HALN[cut]
  sfp-manufacturing-date: 20150525
          sfp-wavelength: 1310nm
         sfp-temperature: 65C
      sfp-supply-voltage: 3.299V
     sfp-tx-bias-current: 24mA
            sfp-tx-power: 2.94dBm
            sfp-rx-power: -19.829dBm
         eeprom-checksum: good
                  eeprom: [cut]

 
seriquiti
just joined
Posts: 19
Joined: Wed May 11, 2022 12:55 pm

Re: v7.7 [stable] is released!

Thu Feb 09, 2023 3:44 pm

Glad to see i'm not they only one having DNS cache problems with 7.7. DNS not respecting cache maximum size and memory usage constantly growing proportional to amount of DNS requests being processed by router.

...Hope Mikrotik fixes this soon
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: v7.7 [stable] is released!

Fri Feb 10, 2023 3:04 am

*) dns - query upstream DNS servers for other record types even if static entry exists;
This change, while not necessarily wrong, is not great either. Previously when I set record of any type, it took over the whole name, i.e. it blocked all other types from upstream. Simple example, public server www.something.tld has both IPv4 and IPv6 addresses (A and AAAA records), but from the network where it's hosted it should be accessed directly using internal address, and for some reason IPv4 only. With older RouterOS, this was it:
/ip dns static add type=A name=www.something.tld address=10.0.0.10
If client asked router (as DNS resolver) for AAAA www.something.tld, it got nothing, no data. But now it gets real AAAA record from public DNS. I agree that this can be useful (for something else). But the previous behaviour was useful too, and now I don't see any good way how to achieve it. If it's just about blocking AAAA, I could set it to some invalid value (which is terrible "solution"). But if I want to block all other types, because there isn't just A/AAAA, it's now impossible.

As a bare minimum, there should be proper way for removing upstream records, e.g.:
/ip dns static add type=AAAA name=www.something.tld no-data=yes
And something for overriding the whole name, same way as it worked in previous versions, would be nice too.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.7 [stable] is released!

Fri Feb 10, 2023 12:10 pm

*) dns - query upstream DNS servers for other record types even if static entry exists;
This change, while not necessarily wrong, is not great either.
The big problem I have with the recent DNS changes is that they break all kinds of scenarios. DNS has a strange spec, "the way it should work" is often not what one would suggest as an armchair philosopher, and lately MikroTik is incorporating customer requests into their in-house written DNS resolver that break things for different users, and when they fix things they break for other users.

It is time that this in-house project is terminated, the resolver replaced by an actively maintained open-source alternative (e.g. "unbound"), and the MikroTik developers freed to work on more important RouterOS deficiencies and problems.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: v7.7 [stable] is released!

Fri Feb 10, 2023 12:48 pm

Yes, lately it's breaking a bit too much. As in my example, there was default (and actually the only) behaviour since forever, and everyone relied on it, knowingly or accidentally. It's one thing to change default, it can be annoying, but sometimes it's inevitable. But not even an option to get the previous behaviour? That said, I still have hopes for it, after so much work put into it, the (happy) end shouldn't be that far away.
 
Miguelin
just joined
Posts: 20
Joined: Thu Aug 27, 2020 10:08 am

Re: v7.7 [stable] is released!

Mon Feb 13, 2023 4:38 pm

Hi guys,

What a shame the local DNS changes. My local domain .lan is completely unreachable inside docker containers.Is there any solution for this?

Regards
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: v7.7 [stable] is released!

Mon Feb 13, 2023 6:55 pm

@Miguelin: It's not like they broke everything, it still mostly works. You should probably open new thread and post (much) more info about your problem.
 
prawira
Trainer
Trainer
Posts: 357
Joined: Fri Feb 10, 2006 5:11 am

Re: v7.7 [stable] is released!

Tue Feb 14, 2023 11:32 am

hi there,

found an error on dhcp-server screen under winbox...
ros7.7-dhcpserver.jpg
the address pool6 does not show the correct /ipv6 spool. the pool1 on screen updated from cli, but can not be done under winbox.
using ROS 7.7

P
You do not have the required permissions to view the files attached to this post.
 
illunis
just joined
Posts: 1
Joined: Mon Aug 10, 2020 2:17 pm

Re: v7.7 [stable] is released!

Wed Feb 15, 2023 10:06 am

@MikroTik:
i have a few Cap AC and hap AC² at home and at work. since 7.7 they started randomly to reboot.

the cap's are all controlled by a rb5009 via CAPsMAN. additional configs are only for snmp read-access, radius-authentication and remote syslog logging.
the hap AC² at home is the main router and CAPsMAN Manager.

it always reboots a few devices at about the same time (not all) which is very strange (memory leak?)

the only log entries are something like:
feb/14/2023 05:51:02 system,error,critical router was rebooted without proper shut
down, probably kernel failure
feb/14/2023 05:51:03 system,error,critical kernel failure in previous boot
feb/14/2023 05:51:03 system,error,critical out of memory condition was detected
full cap config:
# feb/15/2023 09:00:07 by RouterOS 7.7
# software id = NXLI-MCWU
#
# model = RBcAPGi-5acD2nD
# serial number = HCN085816A0
/interface bridge
add admin-mac=18:FD:74:1B:9E:5C auto-mac=no comment=defconf name=bridgeLocal
/interface ethernet
set [ find default-name=ether2 ] disabled=yes
/interface wireless
# managed by CAPsMAN
# channel: 2412/20/gn(5dBm), SSID: WUp_mP4_all1, local forwarding
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX country=germany disabled=no distance=indoors frequency=auto mode=ap-bridge ssid=MikroTik station-roaming=enabled \
    wireless-protocol=802.11
# managed by CAPsMAN
# channel: 5180/20-Ce/ac/P(20dBm), SSID: WUp_mP4_all1, local forwarding
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX country=germany disabled=no distance=indoors frequency=auto mode=ap-bridge ssid=MikroTik station-roaming=enabled \
    wireless-protocol=802.11
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/snmp community
set [ find default=yes ] disabled=yes
add addresses=10.0.0.10/32 authentication-protocol=SHA1 encryption-protocol=AES name=librenms security=private
/system logging action
set 3 bsd-syslog=yes remote=10.0.0.10 syslog-severity=info
add bsd-syslog=yes name=SyslogINFO remote=10.0.0.10 syslog-severity=info target=remote
add bsd-syslog=yes name=SyslogERROR remote=10.0.0.10 syslog-severity=error target=remote
add bsd-syslog=yes name=SyslogWARNING remote=10.0.0.10 syslog-severity=warning target=remote
/interface bridge port
add bridge=bridgeLocal comment=defconf ingress-filtering=no interface=ether1
add bridge=bridgeLocal comment=defconf ingress-filtering=no interface=ether2
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ovpn-server server
set auth=sha1,md5
/interface wireless cap
# 
set bridge=bridgeLocal certificate=request discovery-interfaces=bridgeLocal enabled=yes interfaces=wlan1,wlan2 lock-to-caps-man=yes
/ip dhcp-client
add comment=defconf interface=bridgeLocal
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set www-ssl certificate=https disabled=no
set api disabled=yes
/radius
add address=10.0.0.10 service=login,hotspot
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=02-02-FL-01.ap
/system logging
add action=SyslogINFO topics=info,!wireless
add action=SyslogWARNING topics=warning
add action=SyslogERROR topics=error
/tool romon
set enabled=yes
/user aaa
set use-radius=yes

is there anything i can do to provide you better informations?
 
holvoetn
Forum Guru
Forum Guru
Posts: 5317
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.7 [stable] is released!

Wed Feb 15, 2023 10:09 am

If you can get to the device right after reboot, create supout and send it to support.
 
illunis
just joined
Posts: 1
Joined: Mon Aug 10, 2020 2:17 pm

Re: v7.7 [stable] is released!

Wed Feb 15, 2023 10:22 am

Good Idea. I will schedule it for @startup on a few devices. Thank you

edit:
is the autosupout.rif on the device allready the needed file? the timestamp fits the reboot time
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.7 [stable] is released!

Wed Feb 15, 2023 10:52 am

Probably yes.
 
Pl07R3K
just joined
Posts: 14
Joined: Fri Feb 11, 2022 4:15 pm

Re: v7.7 [stable] is released!

Mon Feb 20, 2023 3:32 pm

RSTP issue.
BPDU exchange between two bridges does not work in ROS 7.7.
The two bridges and ether1 ports (with which they are connected to each other) have the same configuration: PVID 1, admin only VLAN tagged and Ingress Filtering checked.
Both ports transmit untagged BPDU packets but hAPax^3 receives them as tagged VLAN ID 1 and Audience does not receive anything.
Is this a bug ?
What should I do?
 
sgobiraj
just joined
Posts: 1
Joined: Sun Apr 24, 2022 11:15 pm

Re: v7.7 [stable] is released!

Mon Feb 20, 2023 7:07 pm

We have also been seeing random reboots on two of our CCR1072 routers at the same time. They are in the same routing path between a Fortigate device which has been stable as a rock. I reached out to support with ticket SUP-108339 but getting useless replies. The title of my ticket mentions we are on v7.7 and support replies saying our connection tracking is being overloaded and that we should upgrade to v7 which improves stability. In fact v6 was super stable. I replied back saying we are already on v7 as mentioned in the ticket and then I get a follow up reply saying are you on the latest v7? The ticket title clearly states as well that we are on v7.7 which is the latest stable release. This kind of support and lack of care is alarming. I provided supout files of the crash from both of the routers and it doesn't even look like they looked at it. If they did they would know that we are on v7.7.

We don't know what is causing both routers to crash at the same time and it happens at random times. Is there anyone on this forum that can help? We have been getting these random crashes for a couple of the past releases (since 7.2) but every time we reach out support says it's fixed in the next version.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10183
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.7 [stable] is released!

Mon Feb 20, 2023 7:17 pm

I would suggest updating one of them to 7.8rc2 and see if that changes anything... or go back to 6.49.7 when that is still an option.
 
Pl07R3K
just joined
Posts: 14
Joined: Fri Feb 11, 2022 4:15 pm

Re: v7.7 [stable] is released!

Tue Feb 21, 2023 11:22 am

RSTP issue.
BPDU exchange between two bridges does not work in ROS 7.7.
The two bridges and ether1 ports (with which they are connected to each other) have the same configuration: PVID 1, admin only VLAN tagged and Ingress Filtering checked.
Both ports transmit untagged BPDU packets but hAPax^3 receives them as tagged VLAN ID 1 and Audience does not receive anything.
Is this a bug ?
What should I do?
A "workaround" is to change vlan-mode from secure to falback on Audience.
/interface ethernet switch port
set ether1 vlan-header=add-if-missing vlan-mode=fallback
 
norepto
newbie
Posts: 26
Joined: Fri Sep 13, 2013 8:02 pm

Re: v7.7 [stable] is released!

Fri Feb 24, 2023 6:18 pm

Dude, remote client stop with error 10053 when we try to enter on a device in the dude client.
 
User avatar
memelchenkov
Member Candidate
Member Candidate
Posts: 202
Joined: Sun Oct 11, 2020 12:00 pm
Contact:

Re: v7.7 [stable] is released!

Fri Feb 24, 2023 7:08 pm

Here is memory usage graph since Aug 2022. Jan 12 2023 is a point where I updated the firmware from 7.6 to 7.7, and then the graph level started increasing. It's a router which is in use by only 2 people. I do not know, what is it — caches, or not, but, if developers did not do changes related to caches, then it's a memory leak.

Image
 
User avatar
kosyot
newbie
Posts: 36
Joined: Wed Jan 16, 2019 1:28 pm
Contact:

Re: v7.7 [stable] is released!

Sun Feb 26, 2023 5:28 pm

We have the opposite behavior - after 7.6 to 7.7 memory usage decrease and still steady on same conditions. More than 8M route prefixes and heavy traffic.
Screenshot 2023-02-26 172202.png
You do not have the required permissions to view the files attached to this post.
 
EdPa
MikroTik Support
MikroTik Support
Posts: 274
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.7 [stable] is released!

Mon Feb 27, 2023 10:58 am

RouterOS v7.8 has been released
viewtopic.php?t=193986

Who is online

Users browsing this forum: mirosmar and 17 guests