Community discussions

MikroTik App
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 336
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

v7.15beta [testing] is released!

Mon Mar 04, 2024 12:35 pm

RouterOS version 7.15beta has been released on the "v7 testing" channel!

Before an upgrade:
1) Remember to make backup/export files before an upgrade and save them on another storage device;
2) Make sure the device will not lose power during upgrade process;
3) Device has enough free storage space for all RouterOS packages to be downloaded.

What's new in 7.15beta9 (2024-Mar-27 21:55):

*) bgp - added initial vpnv6 support;
*) bridge - added MVRP support;
*) console - added "sanitize-names" property under "/console/settings" menu (option for replacing reserved characters with underscores for files, disabled by default);
*) console - added multi-line print in "/file" menu;
*) console - remove unnecessary serial ports for Alpine CPUs;
*) defconf - fixed 5ghz-ax channel width for L11, L22 devices;
*) dhcpv4-relay - added VRF support (CLI only);
*) eap - improved eap-peap, eap-mschap2 client authentication (dot1x/wireless/ipsec);
*) health - fixed missing "cpu-temperature" on IPQ-60xx devices (introduced in v7.15beta8);
*) ipv6 - properly initialize default ND "interface=all" entry;
*) media - added support for DLNA;
*) ppp - added "enable-ipv6-accounting" option under PPP AAA menu (CLI only);
*) ppp - fixed "Framed-IPv6-Pool" usage when received from RADIUS;
*) ppp - fixed reporting of frame error rate (introduced in v7.15beta8);
*) qos-hw - added "profile" and "map" support for CPU port;
*) qos-hw - added per-queue traffic shapers (CLI only);
*) sfp - added "100M-baseFX" link mode support for compatible devices;
*) sms - removed SMS for SMIPS;
*) system - general work on optimizing the size of RouterOS packages;
*) system - show "cpu-frequency" for Alpine CPUs;
*) vlan - added MVRP (applicant) configuration option;
*) wifi - added "reselect-interval" support;
*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
*) wifi - report current CAPsMAN address and identity on CAP;
*) wifi-qcom - added configuration.distance setting to enable operation over multi-kilometer distances (CLI only);
*) wifi-qcom - updated driver;
*) winbox - added key type and key length column for user SSH keys;
*) winbox - added passphrase option for SSH host key export;
*) winbox - added passphrase option for SSH host key import;
*) winbox - allow specifying size and rtmpfs size with M, G units under "System/Disks" menu;
*) winbox - do not show "Host Key Size" when using ed25519 key under "IP/SSH" menu;
*) winbox - renamed "Channel" column to "Current Channel" under "Wifi" menu;
*) winbox - show inherited properties for wifi interfaces;
*) winbox - updated icons for certain menus;
*) wireguard - added option to mark peer as responder only;
*) wireguard - fixed performance issues showing QR code;

What's new in 7.15beta8 (2024-Mar-21 09:12):

*) bridge - added MVRP support;
*) bridge - improved protocol-mode STP, RSTP and MSTP stability;
*) bridge - reworked dynamic VLAN creation;
*) certificate - added support for different ACME servers for ssl-certificate (CLI only);
*) console - fixed DHCP server "authoritative=no" configuration export;
*) console - improved stability;
*) container - do not allow negative number for "ram-high" setting;
*) defconf - do not override default DHCP server lease time;
*) disk - improved system stability when adding partition with no parent;
*) eap - improved eap-peap, eap-mschap2 client authentication (dot1x/wireless/ipsec);
*) ethernet - fixed interface disable for CRS326-4C+20G+2Q;
*) ethernet - improved port speed downshift functionality for CRS326-4C+20G+2Q;
*) fetch - changed topic "info" to "error" for permission denied logs;
*) fetch - fixed slow throughput due to "raw" logging which occurred even when not listening to the topic (introduced in v7.13);
*) file - fixed moving files to/from external storage (introduced in v7.15beta4);
*) health - added "cpu-temperature" for IPQ50xx devices;
*) health - fixed fan behavior for CRS310-1G-5S-4S+ (introduced in v7.14);
*) health - fixed rogue voltage on CRS510-8XS-2XQ-IN;
*) leds - fixed LEDs for L22 device;
*) lte - fixed firmware upgrade not found issue for Chateau LTE12 (introduced in v7.15beta4);
*) media - added support for DLNA;
*) metarouter - removed support;
*) netinstall - improved stability;
*) ovpn - fixed import ovpn config when remote port is missing;
*) package - reduced "wireless" package size for ARM, ARM64 devices;
*) package - reduced package size for SMIPS;
*) ppp - added "enable-ipv6-accounting" option under PPP AAA menu (CLI only);
*) ppp - added addition support to monitor modem registration state, RSRP, RSRQ, SINR, PCI, CellID for BG77 modem;
*) qos-hw - fixed port "print stats/usage" when using "from" property;
*) quickset - only show LTE mode for devices without other wireless interfaces;
*) route - rework of route attributes;
*) route-filter - allow setting different AFI gateways;
*) sfp - fixed "sfp-tx-fault" state indication for CRS510;
*) sfp - improved auto-negotiation linking for some MikroTik cables and modules;
*) sfp - improved system stability with some GPON modules for CCR2004 and CCR2116 devices;
*) sms - added workaround for modems which do not notify regarding new SMS arrival (missing URC);
*) socks - attempt to parse domain name as IP before resolving;
*) ssh - require "policy" user policy when adding public key;
*) system - fixed upgrade for CCR2004-1G-12S+2XS (introduced in v7.15beta6);
*) system - updated office address in RouterOS license;
*) system - updated online manual links from "wiki" to the help documentation;
*) timezone - updated timezone information from "tzdata2024a" release;
*) traffic-flow - improved system stability;
*) webfig - allow pasting with ctrl+v into terminal;
*) webfig - fixed column preferences for ordered tables;
*) wifi - changed interface default to "disabled=yes";
*) wifi - improve regulatory compliance for L11, L22 devices;
*) wifi - improved stability of DFS check in the 5GHz-A band;
*) wifi - improved system stability when provisioning CAPs in certain cases;
*) wifi - show inherited properties with "print" command (replaces "actual-configuration") and added "print config" for showing only configured values;
*) winbox - fixed the issue where the skin file fails to appear in the user group menu after creation;
*) winbox - updated icons for WireGuard and ZeroTier menus;
*) wireguard - added option to mark peer as responder only (CLI only);
*) wireless - perform shorter channel availability check for 5600-5650MHz if regulatory domain permits it;
*) x86 - improved stability for RTL8125 driver;
*) x86/chr - improved panic saving (increased minimal RAM requirements to 256MB);

What's new in 7.15beta6 (2024-Mar-08 08:23):

*) certificate - added support for importing pbes2 encrypted private keys with aes128;
*) chr - fixed bogus messages printed out while booting up the system (introduced in v7.14);
*) chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);
*) ethernet - fixed default names for CRS310-8G+2S+ device (introduced in v7.14);
*) lte - make interface persistent (unused interface configs can be removed, allow to export and examine current configuration without the device present);
*) package - reduced package size for SMIPS;
*) poe-out - improved firmware upgrade stability for AF/AT controlled boards;
*) qos-hw - added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only);
*) qos-hw - added WRED support for compatible switches;
*) route - rework of route attributes;
*) sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14);
*) ssh - added passphrase option for host key import;
*) vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);
*) wifi-qcom - improved regulatory compliance for L11, L22 devices;
*) wireguard - added peer "name" field and display it in logs;
*) wireguard - do not attempt to connect to peer without specified endpoint-address;

What's new in 7.15beta4 (2024-Mar-04 08:04):

!) system - added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package);
*) bgp - fixed prefix count when BGP sessions run with multiple AFIs;
*) bgp-vpn - use VRF interface as gateway for leaked connected routes;
*) branding - added option to hide default configuration prompt;
*) branding - added option to hide or replace default caps-mode-script;
*) bridge - added MVRP support (CLI only);
*) bridge - rename monitor property "path-cost" to "actual-path-cost";
*) certificate - added trusted parameter for certificate import;
*) chr - allow to "generate-new-id" only while CHR is running on level "free" license;
*) console - added "proplist" parameter to interactive commands;
*) console - added "type" parameter to ":resolve" command;
*) console - added "use-script-permissions" option when running scripts from CLI;
*) console - added hotkey "F8" to print entire multiline input;
*) console - added log for script execution failures;
*) console - added option to get "about" value (dynamically created text field by RouterOS services like CAPsMAN);
*) console - added option to read and change file line endings in full-screen editor;
*) console - added warning log for modified filenames due to reserved characters;
*) console - do not convert string to array in ":deserialize" command;
*) console - fixed ":onerror" behavior when "do" block is missing;
*) console - fixed "export where" functionality in certain menus;
*) console - fixed console prompt when entering hot lock mode with "F7";
*) console - fixed do/while implementation not working with variables (introduced in v7.14);
*) console - fixed filtering by "dhcp" flag in "/ip/arp" menu;
*) console - fixed multiple typos in help;
*) console - optimized configuration export to prevent startup of processes without any configuration;
*) console - replace reserved characters to backup and certificate export file names with underscores;
*) console - show system note before serial login if enabled;
*) console - use user permissions when running scripts from WinBox and WebFig;
*) discovery - added LLDP MAC/PHY Configuration/Status TLV support;
*) discovery - added LLDP Maximum Frame Size TLV support;
*) discovery - added LLDP Port Description TLV support;
*) discovery - advertise only physical interface name for LLDP PortID TLV;
*) discovery - always send LLDP MED Power TLV if MED was received;
*) discovery - fixed high CPU utilization when "tx-only" mode is set;
*) discovery - optimized LLDP information update;
*) disk - added option to auto configure media sharing;
*) disk - added support for formatting exfat file-system;
*) disk - improved support for formatting ext4 file-system;
*) dns - added support for "adlist";
*) dns - added VRF support (CLI only);
*) dns - improved system stability when caching entries;
*) ethernet - fixed management port disable/enable on CCR2004-1G-12S+2XS, CCR2004-1G-2XS-PCIe, CCR2216, CCR2116 devices;
*) file - allow adding and renaming files and directories;
*) health - added log for fan state changes on CRS3xx, CRS5xx, CCR2xxx, CCR1016r2, CCR1036r2 devices;
*) install - cdrom and hdd install images contain additional packages that can be interactively selected;
*) lte - apply the same configuration for Microsoft branded EM12-G modem (Surface Mobile Broadband) as for Quectel EM12-G;
*) lte - fixed R11e-LTE-US modem dial-up;
*) media - added support for DLNA;
*) modem - send APN authentication for BG77 modem also if ppp-client interface created manually;
*) poe-out - added LLDP power management support for devices with single PoE-out port;
*) poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);
*) poe-out - moved "PoE LLDP" property from "/interface/ethernet/poe" to "/ip/neighbor/discovery-settings" and enable it by default;
*) ppp - added "Mikrotik-IPV6-Stats-Prefix" option for RADIUS "Delegated-IPv6-Prefix" account by using statistics from dynamic queues;
*) ppp - added log when disconnecting a client due to "WISPr-Session-Terminate-Time" RADIUS attribute;
*) ppp - fixed "on-down" script running even when tunnel was not up;
*) profiler - added "neighbor-discovery" task;
*) qos-hw - added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only);
*) qos-hw - added ECN marking support for compatible switches;
*) qos-hw - added support for QoS profile assignment via ACL rules;
*) qos-hw - added WRED support for compatible switches;
*) radius - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Accept/Challenge/Reject messages;
*) radius - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;
*) route - do not allow routes with empty "dst-address";
*) route - fixed bgp-vpn prefix import with the same route distinguisher (RD);
*) route - improved system stability;
*) route - show route-distinguisher (RD) in route print;
*) route-filter - fixed ext community list matcher;
*) sfp - added "100M-baseFX" link mode support for compatible devices;
*) sfp - added "sfp-ignore-rx-los" setting;
*) sfp - fixed link establishment with 100Mbps optical modules (requires "/interface ethernet reset" or adding "100M-baseFX" modes for advertise or speed properties);
*) sfp - fixed missing Tx traffic at 10Gbps rate on CCR2004-16G-2S+ in rare cases;
*) sfp - ignore SFP RX LOS signal for modules with bad EEPROM;
*) sfp - improved "sfp-tx-power" value monitoring in certain cases;
*) sms - added option to select SMS storage;
*) sms - added SMS PDU to SMS inbox "print detail";
*) sms - improved SMS handling;
*) sms - use "gsm" logging topic for serial modem SMS logs;
*) ssh - added passphrase option for host key export;
*) ssh - added support for user Ed25519 private keys;
*) ssh - export host Ed25519 public key;
*) ssh - fixed permissions to run ".auto.rsc" scripts;
*) ssh - removed RSA flag for user SSH keys;
*) ssh - show key type and key length for user SSH keys;
*) sstp - disconnect clients when server is disabled;
*) switch - added support for multiple ingress and egress port mirroring on 98DXxxxx switches;
*) switch - added support for RSPAN mirroring on 98DXxxxx switches;
*) switch - fixed L3HW and QoS monitor during switch reset;
*) system - added resource values (Product name, File name and File version) for Windows executable files;
*) traffic-flow - detect IPv4 source address if not set;
*) userman - added "require-message-auth" option that requires "Message-Authenticator" in received Access-Request messages;
*) userman - include "Message-Authenticator" in any RADIUS communication messages besides accounting for all services;
*) vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;
*) vlan - fixed MTU reset on bridge after reboot;
*) wifi - do not report disabled state for CAPsMAN managed interface;
*) wifi - fixed configuration export for "disabled" property;
*) wifi - improve channel selection after radar detection events;
*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
*) wifi - report current CAPsMAN address and identity on CAP;
*) winbox - added "Download" and "Flush" buttons under "System/Certificates/CRL" menu;
*) winbox - added "Flat Snoop" button under "WiFi" menu;
*) winbox - added "Request logout" button under "System/Users/Active Users" menu;
*) winbox - added "Trusted" checkbox under "System/Certificates/Import" menu;
*) winbox - added invalid flag under "IP/DHCP Relay" menu;
*) winbox - added missing SFP monitoring properties under "Interface/SFP" menu;
*) winbox - allow to specify "M" or "G" postfix for download, upload or total limits under "User Manager/Limitations" menu;
*) winbox - show "Valid Servers" and "Unknown Servers" column by default under "IP/DHCP Server/Alerts" menu;
*) winbox - show SIM settings for SXTR device under "Interfaces/LTE/Modem" menu;
*) wireguard - added peer "tag" field and display it in logs;
*) wireguard - fixed "auto" argument usage for "private-key" and "preshared-key" settings;
*) x86 - fixed ixgbe Tx hang by disabling TSO;
*) x86 - ice driver update to v1.13.7;
*) x86 - ixgbe driver update to 5.19.9;

To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download

If you experience version related issues, then please send supout file from your router to support@mikrotik.com. The file must be generated while a router is not working as suspected or after some problem has appeared on the device

Please keep this forum topic strictly related to this particular RouterOS release.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 12:43 pm

*) wifi - improve channel selection after radar detection events;
*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
Thank you! 👍
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 12:45 pm

*) media - added support for DLNA;
What?? 😍

I don't know how you did it without increasing the size of the firmware, I can only say that it works great!
I can finally stop using the DLNA container.

Beautiful logo!
Image
Last edited by massinia on Mon Mar 04, 2024 1:10 pm, edited 1 time in total.
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:10 pm

Link to the new IP/Media feature manual:
https://help.mikrotik.com/docs/pages/vi ... =237699479

Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist

Updated switch QoS manual (see WRED, ECN):
https://help.mikrotik.com/docs/pages/vi ... =189497483
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3334
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:22 pm

Thanks for the new release.

But still no work on the logging mess:
viewtopic.php?t=124291
 
User avatar
strods
MikroTik Support
MikroTik Support
Posts: 1658
Joined: Wed Jul 16, 2014 7:22 am
Location: Riga, Latvia

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:28 pm

As mentioned on every version topic - please keep the topic related to the issues that are introduced just in this release and new features.

Logging rules have always worked as "and" filters. You have unlimited options there.

For example, "info" will log info messages, but "info,!l2tp" will log all info topic messages except ones with topic "l2tp" and "info,l2tp" will log only messages that contain both topics.

Consider each logging topic as "AND" filter.
Thanks for the new release.

But still no work on the logging mess:
viewtopic.php?t=124291
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1090
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:31 pm

Oh... This one is kind of a nightmare! 😳

RouterOS scripting is missing some control structures, one of these being :exit (or what ever it may be named...) to exit a scripts early, successfully. As this is missing I have a lot of script misusing :error for that purpose, which worked to date. Now RouterOS starts logging this, and my logs and me are flooded with:
script,error executing script from scheduler failed, please check it manually
Any chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3334
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:43 pm

Logging rules have always worked as "and" filters. You have unlimited options there.
Example:
dhcp,critical,error xxxxxxxxxxxxxxxx
Is this a message with severity critical or severity error. (just one of many bad naming in the loging system)
I will post about this until its fixed. It will make RouterOS much more friendly for large environment where logging are a must.
BSD format does not include what module that are sending the message. Logging is broken.

Start using RFC 5424
 
onnoossendrijver
Member
Member
Posts: 488
Joined: Mon Jul 14, 2008 11:10 am
Location: The Netherlands

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:52 pm

*) vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;
*) vlan - fixed MTU reset on bridge after reboot;
Thank you! this fixed my problem with 7.13 / 7.14 where I had to disable/enable my internet vlan interface after booting :)
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:54 pm

Any chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.
Or repurpose :quit for early termination when used in /system/script
 
spookymulder84
newbie
Posts: 30
Joined: Sat Nov 11, 2017 1:37 pm
Location: Croatia

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 1:56 pm

*) poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);
I've had this issue on hEX PoE Lite... is it also fixed? I don't know if it's version related
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1090
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 2:00 pm

Any chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.
Or repurpose :quit for early termination when used in /system/script
That causes a ssh session to terminate when running the script... So not an option.
 
User avatar
marsbeetle
newbie
Posts: 48
Joined: Sun Feb 19, 2023 9:57 am

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 2:28 pm

Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
Can you add multiple lists to the new Adlist feature or only one list ?
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 2:39 pm

And will the Adlists be automatically updated?
 
hasmidzul
just joined
Posts: 2
Joined: Tue Jun 06, 2023 8:45 am

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 2:44 pm

well, something that i wish mikrotik did on the dns adlist is coming true.Been using openwrt for my adblocks package of adblock-lean (lynxthecat) which support multiple lists and automatic update the lists daily. Thanks mikrotik
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 203
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 3:00 pm

Please add documentation for mvrp.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3334
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 3:49 pm

Here is the log message from an RB951Ui, using ADlist from example in the linked manual above:
.
ADList.png
What is wrong?

Also how to get the log from the use of the ADlist? (to send to external server)?
You do not have the required permissions to view the files attached to this post.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 3:54 pm

About this adlist feature: how is DNS response of 0.0.0.0 better than NXDOMAIN (RouterOS static DNS entries can be configured as this)?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 4:40 pm

As mentioned on every version topic - please keep the topic related to the issues that are introduced just in this release and new features.

Logging rules have always worked as "and" filters. You have unlimited options there.

For example, "info" will log info messages, but "info,!l2tp" will log all info topic messages except ones with topic "l2tp" and "info,l2tp" will log only messages that contain both topics.
Unfortunately there often are different messages with the same topics. So writing "info,!l2tp" will exclude all info,l2tp topics but that will exclude more than the message you have seen and want excluded.
Suggestion: add a unique identifier to each type of message, that can be seen as an extra topic. so you could then filter on "info,!id12345678" or similar, and reject only that particular message.
Or, add another filter method: regexp on the message content. So you can exclude certain messages that you do not want to see, while still seeing all other messages of the same topic.

Also, you often state that we should not put issues not related to the version here.
Well, where should they be put instead? The feature request topic has been abandoned by MikroTik (people still add replies to it but the are not being read anymore).
It is suggested to use the issue tracker. I put improvement suggestion "SUP-124741" there which has the exact topic of logging, it was first replied with "Our developers have reviewed your requests, and they are generally approved for implementation." on Aug 21, 2023 and subsequently was set to "Closed with resolution Done" on Oct 20, 2023 but none of the suggested features have been implemented.
Last edited by pe1chl on Mon Mar 04, 2024 4:59 pm, edited 1 time in total.
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 4:43 pm

@Jotne,
Perhaps the cache size is small?
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 4:50 pm

Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
Why is it called "Adlist" when in fact it is a method to add a hosts(.txt) file?
Sure that is a trick that some people use to block access to certain domain names, but that is not the primary purpose of a hosts file.
When you want a specific feature for blocking ads, I suggest it could be made a bit more powerful, e.g. by specification of a regexp that you want to run on each line, to extract the wanted data (the domainname) and how to insert it into the DNS cache (as 0.0.0.0 or as NXDOMAIN).
Also a similar function would be desirable to load address-lists with data from a file/URL (both single addresses and subnets).
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 4:51 pm

Can you add multiple lists to the new Adlist feature?
Yes

@Jotne
How did you add the list?
I'm trying with the example in the MikroTik guide but it doesn't load... "Reload" doesn't seem to work
Image
 
User avatar
ErfanDL
Member
Member
Posts: 366
Joined: Thu Sep 29, 2016 9:13 am

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 4:59 pm

Can this version be booted on Raspberry Pi 4 or 5?
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 5:06 pm

Can this version be booted on Raspberry Pi 4 or 5?
Nope.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 5:54 pm

No PPSK again...
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 6:37 pm

Good joke, this release add 200kb+ to main package. It is absolutely not possible to use with devices with 15,3 MiB HDD. hAP ac^2 in my case. I am really curious why it is so important to put NAS features to main package for the routers? I have SYNOLOGY for those features. It is insane! Thumb down!
You do not have the required permissions to view the files attached to this post.
 
fragtion
Member Candidate
Member Candidate
Posts: 269
Joined: Fri Nov 13, 2009 10:08 pm
Location: Cape Town, South Africa

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 7:01 pm

Does this fix the issue with drivers for some CHR NIC's that stopped working from 7.14rc2 ? the changelog, while mentioning some driver changes for x86, seems a bit unclear in this regard
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 7:18 pm

Good joke, this release add 200kb+ to main package. It is absolutely not possible to use with devices with 15,3 MiB HDD. hAP ac^2 in my case.
I don't think so...
Image

I wonder what packages you have installed...
 
rpingar
Long time Member
Long time Member
Posts: 593
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 7:28 pm

something cosmetic on X86:
[admin@FTTxAS1] > system/resource/print
uptime: 1h24m10s
version: 7.15beta4 (development)
build-time: 2024-03-04 06:04:00
factory-software: 7.1
free-memory: 118.3GiB
total-memory: 127.6GiB
cpu: Intel(R)
cpu-count: 72
cpu-frequency: 2400MHz
cpu-load: 0%
free-hdd-space: 473.1GiB
total-hdd-space: 473.1GiB
write-sect-since-reboot: 2976
write-sect-total: 2976
architecture-name: x86_64
board-name: x86 To be filled by O.E.M. To be filled by O.E.M.
platform: MikroTik

regards
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 7:30 pm

Is it just for hosts format ?
seems to be working
/ip/dns/adlist/print                                                                     
Flags: X - disabled 
 0   url="https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" ssl-verify=no match-count=60 
     name-count=17010

Cach used=2050 KiB
Added another 2048 ?? meh!
 
User avatar
mantouboji
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Aug 01, 2022 2:21 pm
Location: Shanghai

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 7:56 pm

Ed25519 private key import error.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 7:59 pm

something cosmetic on X86:

board-name: x86 To be filled by O.E.M. To be filled by O.E.M.
It is the fault of your board manufacturer or seller.
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 8:02 pm

Good joke, this release add 200kb+ to main package. It is absolutely not possible to use with devices with 15,3 MiB HDD. hAP ac^2 in my case.
I don't think so...

I wonder what packages you have installed...
It is not a joke. I am using standard setup with routeros.npk + wifi-qcom-ac.npk. You are using "old" not Wave2 AC WiFi drivers, which is 800kB+ less. That is the reason.
You do not have the required permissions to view the files attached to this post.
 
templeos
just joined
Posts: 19
Joined: Mon Aug 26, 2019 3:58 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 8:06 pm

Good joke, this release add 200kb+ to main package. It is absolutely not possible to use with devices with 15,3 MiB HDD. hAP ac^2 in my case. I am really curious why it is so important to put NAS features to main package for the routers? I have SYNOLOGY for those features. It is insane! Thumb down!
I agree. Main package is 212KB larger, while wireless package lost 144KB. And here's the kicker, wifi-qcom-ac is the same size. If main package gets even more bloated then you can't even use wifi-qcom-ac anymore, which might be what Mikrotik actually wants. They dangle the carrot in front of you, but you can't actually use it because of features like this DLNA that MUST be in main package for some odd reason.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 8:08 pm

I can't imagine going back to wireless package. wifi-qcom-ac is so much ahead. Like lightyears.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 8:21 pm

*) route - improved system stability;
Would be interesting to see if that has anything to do with "orphaned" routing table entries after any of routing protocol processes has crashed? We'll see I guess...
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 8:25 pm

Is it just for hosts format ?
seems to be working
/ip/dns/adlist/print                                                                     
Flags: X - disabled 
 0   url="https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" ssl-verify=no match-count=60 
     name-count=17010

Cach used=2050 KiB
Added another 2048 ?? meh!

18693 KiB lol
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 8:52 pm

They dangle the carrot in front of you, but you can't actually use it
it is time for MT to release stripped down "DumbAP" (Openwrt terminology) image for HaP AC2
only switch/firewall/dhcp v4 & v6 client/ AC wifi
and finally put HaP AC2 to place where it belong
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 8:56 pm

Same for cAP AC. This should be a dumb AP.
 
templeos
just joined
Posts: 19
Joined: Mon Aug 26, 2019 3:58 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:07 pm

and finally put HaP AC2 to place where it belong
Hopefully not in the attic, in a box, unplugged. I feel like Mikrotik tries to be like a FRITZ!Box and do everything in one box. They also have this same exact Media Server feature and they had it about 4 years ago.
 
CGGXANNX
Member Candidate
Member Candidate
Posts: 232
Joined: Thu Dec 21, 2023 6:45 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:08 pm

Another 210KB can be saved by creating a separate Main package for ARM with the prestera_dx_mac.ko kernel module removed. For 32-bit ARM that module is only needed for the CRS3xx/5xx switches and useless on the hAP ac². Maybe let the switches get their own ARM / PRESTERA main package or something like that.
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:10 pm

Same for cAP AC. This should be a dumb AP.
looking at my HaP AC2 dumb APs ...
kernel 5.15.x, Owrt 23.05
snmpd
lldpd
dual band wifi k/v/r
firewall for MGMN vlan
one SSID with dynamic vlan support based on passphrase
ntp client
remote syslog
etc

still 8 M free space on flash

:)
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:22 pm

There is a lot of potential for savings. It is up to MT.
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:43 pm

I feel like Mikrotik tries to be like a FRITZ!Box and do everything in one box. They also have this same exact Media Server feature and they had it about 4 years ago.
i could only smile on this
operating dozen of DynaDish5 G-5HacD r3 for distant links

[sarcasm]
i am soooo excited to have Media server on them :) long wanted feature :)
[/sarcasm]

... still on v6.49.x
 
t0mm13b
just joined
Posts: 18
Joined: Sat Mar 04, 2023 5:11 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:46 pm

Split up RouterOS,
  • basic for wired devices
  • For wireless devices - wifi-qcom-ac drivers
Any other package such as dlna package then upload and reboot.

OR

Release a proper LTS edition and leave it alone for 16Mb devices

Why throw everything and the kitchen sink at ROS? at the expense of the size / storage

The components should be all just modular, plug into the system via package upload and reboot.
 
msatter
Forum Guru
Forum Guru
Posts: 2940
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:53 pm

Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
Why is it called "Adlist" when in fact it is a method to add a hosts(.txt) file?
Sure that is a trick that some people use to block access to certain domain names, but that is not the primary purpose of a hosts file.
When you want a specific feature for blocking ads, I suggest it could be made a bit more powerful, e.g. by specification of a regexp that you want to run on each line, to extract the wanted data (the domainname) and how to insert it into the DNS cache (as 0.0.0.0 or as NXDOMAIN).
Also a similar function would be desirable to load address-lists with data from a file/URL (both single addresses and subnets).
I was not convinced at first but after installing the beta I could see the workings and my compliments for a complete implementation from the start.

NXD is already present in RouterOS and when looking in cache you see a N in front the entry and 0.0.0.0 in the value field. NXD domains are only shown in cache when using Winbox, I don't see them in terminal. So I assume any NXD are sharing already the space with adlist.

Address-lists, could replace the user script implementation that is for a longtime in use. I would advise to be able to state, on import if it are static or dynamic entries and if the dynamic also the live time (TTL) of the imported data.

TTL would also be a feature to consider for DNS adlist but then it will control how long adlist would be active.

edit: *) winbox - added "Request logout" button under "System/Users/Active Users" menu - Thanks!
Last edited by msatter on Mon Mar 04, 2024 10:33 pm, edited 1 time in total.
 
User avatar
Paternot
Forum Guru
Forum Guru
Posts: 1046
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 9:59 pm


it is time for MT to release stripped down "DumbAP" (Openwrt terminology) image for HaP AC2 only switch/firewall/dhcp v4 & v6 client/ AC wifi and finally put HaP AC2 to place where it belong
At the very least make one HaP AC2b, with more storage!
 
User avatar
Paternot
Forum Guru
Forum Guru
Posts: 1046
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 10:00 pm

!) system - added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package);

Now, those are quite the heavy lifters. Is this a nod to AWS? Or do we have something new on the horizon?
 
mada3k
Forum Veteran
Forum Veteran
Posts: 740
Joined: Mon Jul 13, 2015 10:53 am
Location: Sweden

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 10:12 pm

*) media - added support for DLNA;

I was happy to see SMB leave the default system package, but DLNA is even worse.
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 10:35 pm

Can anyone with hAP ac2 confirm that
/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=no
download the list?
Name count always remains 0
Image
 
marekm
Member
Member
Posts: 416
Joined: Tue Feb 01, 2011 11:27 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 10:37 pm

Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
Please add option to specify custom IP address to redirect to instead of 0.0.0.0 for any specific adlist.
For example here in PL the law requires all ISPs to redirect gambing listes that don't pay taxes listed as https://hazard.mf.gov.pl/ to 145.237.235.240 which shows a warning that the Big Brother (Ministry of Finances) is watching.
It is easy to bypass for anyone interested (and it's a race between the government adding more entries and the gambling sites adding more new DNS names with different numbers at the end, so the list is now over 41k entries), but it's still the law for now.
 
User avatar
sirbryan
Member
Member
Posts: 391
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 10:59 pm

*) media - added support for DLNA;

I was happy to see SMB leave the default system package, but DLNA is even worse.
SMB didn't leave. It was replaced with ROSE's version of SMB.
 
FIPTech
Long time Member
Long time Member
Posts: 560
Joined: Tue Dec 22, 2009 1:53 am

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 11:11 pm

Good work on this one.

- LLDP-MED is now fully working thanks to the MAC/PHY TLS addition.

- MTU do not reset to 1500 on bridge VLAN interfaces after reboot.


But the DHCPv6 client seems to have a problem. In my case it is set on a VLAN interface, located on a VLAN aware bridge.

After rebooting, the DHCPv6 client successfully get an IP address, but IPv6 connectivity is dead on the VLAN interface. Asking for a renew does not solve the problem (but the address is correctly renewed).

I need to stop and restart the DHCPv6 client to get back IPv6 connectivity. Then in the meantime i have this start script :
delay 2
/ipv6/dhcp-client/disable numbers=0
delay 3
/ipv6/dhcp-client/enable numbers=0
I did not report it before because i thought that it was linked to the MTU reset problem, but Ros 7.15 did solve this problem and the DHCPv6 client still have this connectivity problem.

At least one other user has actually a very similar setup, but he does not have this problem. The only difference i can see is that he has the VLAN interface directly on the physical interface. In my case the DHCPv6 client is on a VLAN interface located on a VLAN aware bridge.

See my new post for this problem.

As a side note i did test DoH with Cloudfare on Ros 7.14. I had many connections problems. Then i did revert to normal DNS. I suppose that it is caused by some DNS servers overloading at Cloudfare. Did someone test that ?
Last edited by FIPTech on Tue Mar 05, 2024 11:04 am, edited 3 times in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Mon Mar 04, 2024 11:34 pm

For example here in PL the law requires all ISPs to redirect gambing listes that don't pay taxes listed as https://hazard.mf.gov.pl/ to 145.237.235.240 which shows a warning that the Big Brother (Ministry of Finances) is watching.
How is that even possible? Has https:// not reached PL yet? or are PL citizens trained to ignore certificate errors when browsing?
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 12:00 am


At the very least make one HaP AC2b, with more storage!
It exists: hap ax2
 
sinisa
newbie
Posts: 34
Joined: Sun Apr 17, 2011 12:46 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 12:55 am

Upgraded a CHR, hAP ax2, hAP ac2, cAP ac, RB750G (with 64MB flash!) - no problems.

But... I could not agree more with everyone asking for split packages... I don't need any of additional "features", like SMB, Hotspot, DLNA, RADIUS, BGP, OSPF (whole Routing menu?), MPLS, Kid control???, most of the Tools menu (everything basically once the network is up) on my CAPs. I just want them to accept wifi clients and forward them to appropriate VLAN. And I know how to add packages, actually I have UPS package on many of them, much more useful than DLNA.
 
User avatar
gabacho4
Member
Member
Posts: 399
Joined: Mon Dec 28, 2020 12:30 pm
Location: Earth

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 1:04 am

BGP, OSPF (whole Routing menu?)
Yes, let's remove the routing protocols from a router. Great idea! If your needs are so minimal, why don't you roll your own router with Debian or something. Eliminate the other junk that is not routing/router related, but please don't gimp my router from doing the most basic of routing processes.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 1:40 am

Poll won't happen. Only unhappy people visit the forum. The majority is happy. No need to trim down package size. The happy people are going to install/upgrade ROS on a HAP AC2 successfully and only the pessimist ones are going to face "0 free bytes" problems. It's a state of mind - not a technical issue.
 
Reinis
MikroTik Support
MikroTik Support
Posts: 92
Joined: Wed Jan 02, 2019 12:14 pm
Location: Latvia
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 6:32 am

*) poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);
I've had this issue on hEX PoE Lite... is it also fixed? I don't know if it's version related
No, hEX PoE Lite has different HW design with different PSE controller. But your device should be able to give PoE-Out down to ~11V@DC.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 6:34 am

When do you plan to implement feature that just about any other vendor have ? PPSK...
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1387
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 6:49 am

@massinia

how did u get access there ?
is that similar way as SMB?
 
User avatar
pekr
Member Candidate
Member Candidate
Posts: 170
Joined: Tue Feb 22, 2005 9:05 pm
Location: Czech Republic
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 8:15 am



Yes, let's remove the routing protocols from a router. Great idea! If your needs are so minimal, why don't you roll your own router with Debian or something. Eliminate the other junk that is not routing/router related, but please don't gimp my router from doing the most basic of routing processes.
Maybe have a poll on what feature we want in a basic install and features and services that can be installed as a separate package.
I don't see any possibility to trim down the linux kernel but why couldn't MT trim down the packages. If your point is why don't you roll out your own. I bought MT router so I wouldn't have too.
You don't need the poll. MT needs to just skim over this forum. So they separate a wireless stuff, which is an essential networking feature, and bake in stuff like SMB, DLNA media support? Who's running this circus, a marketing department? Recent state of packaging stops to make a sense ....
 
User avatar
pekr
Member Candidate
Member Candidate
Posts: 170
Joined: Tue Feb 22, 2005 9:05 pm
Location: Czech Republic
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 8:19 am

Poll won't happen. Only unhappy people visit the forum. The majority is happy. No need to trim down package size. The happy people are going to install/upgrade ROS on a HAP AC2 successfully and only the pessimist ones are going to face "0 free bytes" problems. It's a state of mind - not a technical issue.
We are glad to have Mr Yoda here, who by waving the hand pushes and compresses the packages, so that those fit the installation space on our intergalactic fleet of router ships :-)
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26881
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 8:46 am

Just commenting on that remark about the forum - with all the respect to you all, but forum is for mikrotik enthusiasts and professionals. Home users don't even know this forum exists
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 8:52 am

Home users don't even know this forum exists

So this is MT's excuse not to listen to opinions on this forum?

Yeah, "home users" won't ever run into problems with tiny space on certain device models (hAP ac2, cAP ac, etc.) ... because they tend to never update software on their devices. So the problem with bloated base package doesn't have to be solved because it doesn't exist for 99% of owners of problematic devices? Great line of thinking ...
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 8:59 am

Like I said.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:13 am

I've seen a lot of home users asking for help here so...It's not quite true that home users don't know about this forum
 
User avatar
patrikg
Member
Member
Posts: 358
Joined: Thu Feb 07, 2013 6:38 pm
Location: Stockholm, Sweden

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:18 am

Maybe it's time for Mikrotik to develop two versions of RouterOS, one for "business" and one for "home" use. And even split packages when we have like OpenWRT.
When we have our own choice what we have this great hardware to.
Last edited by patrikg on Tue Mar 05, 2024 9:25 am, edited 1 time in total.
 
t0mm13b
just joined
Posts: 18
Joined: Sat Mar 04, 2023 5:11 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:24 am

Just commenting on that remark about the forum - with all the respect to you all, but forum is for mikrotik enthusiasts and professionals. Home users don't even know this forum exists
Very poor optics coming from Mikrotik as a whole.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:27 am

Thanks for the Addlists function, it all seems to block and work well for me on my Hap AX2. Although I did have to up the Cache Size to 32768KiB to give myself a bit of leg room which at the moment seems to be slowly rising and currently 19211 KiB I might bring the cache TTL down a little lets see.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26881
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:36 am

Yes, you have to be careful with the new features, like all features in RouterOS, just that they are available, doesn't mean they will work on all devices at their full capacity. For serious ad blocking, you need big lists and lots of cache
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26881
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:36 am

So this is MT's excuse not to listen to opinions on this forum?
I said quite the opposite. I said we listen to all users, not just the forum
 
txfz
Frequent Visitor
Frequent Visitor
Posts: 66
Joined: Tue Mar 10, 2020 9:02 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:59 am

You did not say anything at all about to whom you listen, or where.
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 10:12 am

Poll won't happen. Only unhappy people visit the forum. The majority is happy. No need to trim down package size. The happy people are going to install/upgrade ROS on a HAP AC2 successfully and only the pessimist ones are going to face "0 free bytes" problems. It's a state of mind - not a technical issue.
It's definitely not a "happy" or "unhappy" feelings. It's about functionality. If you reach 0KB free HDD size, the router cannot be restarted - it simply won't start after restarting. This is a serious problem. You can only do the netinstall procedure. That's the point.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26881
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 10:18 am

We will fix non working things, of course. Including size issues. That is what this topic is for - please resport issues you have seen in this Beta
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 10:30 am

I don know the SW architecture RouterOS, If RouterOS can strictly run in memory space (what is not a case now) - it could be fine even with 0kB HDD space. But any write I/O operation simply damage the source.
 
radio303
just joined
Posts: 6
Joined: Thu Jul 25, 2019 10:17 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 10:48 am

We will fix non working things, of course. Including size issues. That is what this topic is for - please resport issues you have seen in this Beta
Many people here have a disk size issue on 16 / 15.3 MB devices that cannot even update since 7.13 without backup & netinstall. We were hoping so much for 7.14 when beta changelog promised reduced size but no, the released version is still too big. All we ask for is a long term release we can stick to. Yes, we should have left RouterOS 6 in place years ago but who knew. I am a home user and I have 3 devices in different places, with auto update scripts in place for many years.
 
nmt1900
Frequent Visitor
Frequent Visitor
Posts: 85
Joined: Wed Feb 01, 2017 12:36 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 10:58 am

Poll won't happen. Only unhappy people visit the forum. The majority is happy. No need to trim down package size. The happy people are going to install/upgrade ROS on a HAP AC2 successfully and only the pessimist ones are going to face "0 free bytes" problems. It's a state of mind - not a technical issue.
There is an obvious solution to the problem but it is not likely to fit into Mikrotik's strategy - make firmware packages model-specific.
 
sinisa
newbie
Posts: 34
Joined: Sun Apr 17, 2011 12:46 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 11:00 am

Problem: at least since 7.14, probably earlier: in Winbox, Wifi menu, Wifi tab, there are two columns named "Channel", also two "TX Power". One is for configured value, other for current. Now, when I exit the session and log in again, only configured values are there, I have to go to "Show Columns" and enable current values, again and again, which is not practical during deployment (later, whwn everything is working it does not matter).
Can you please rename the columns? At least one of each group? Like "Configured Channel"?

Thanks!
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 11:01 am

I was kind of surprised too that 7.14 reduced the free space further. Ongoing "bundle growing process" in 7.15 as it seems. I assumed that the raised concerns in 7.13 thread about disk-space on hap AC2 would cause some optimization or "re-thinking" of MT's ROS product owner(s). Instead: "Dear developers! Prio1 Integrate DLNA service and adlist import". It makes me think, development and feature priorization is maybe driven by some huge MT customer (telecomunication provider or something). This provider requests features and MT delivers.
 
FIPTech
Long time Member
Long time Member
Posts: 560
Joined: Tue Dec 22, 2009 1:53 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 11:09 am

DHCPv6 client default route corrupted addition after reboot :

The DHCPv6 client is not adding correctly the default route after reboot. (RB5009).

In my case the DHCPv6 client is set on a VLAN interface, located on a VLAN aware bridge.

Edit : this bug exhibit only if the DHCPv6 client is in address mode. In prefix mode there is no problem.

After rebooting, the DHCPv6 client successfully get an IP address, but IPv6 connectivity is dead on the VLAN interface. Asking for a renew does not solve the problem (but the address is correctly renewed).

After checking what is going on, i did discover that the default IPv6 route was not complete anymore after reboot, the default gateway address is missing :
missing gateway address.png
I need to stop and restart the DHCPv6 client to get back IPv6 connectivity. After doing that, the route is complete again, with the gateway address :
gateway address ok.png
Then in the meantime i have this startup script :
delay 2
/ipv6/dhcp-client/disable numbers=0
delay 3
/ipv6/dhcp-client/enable numbers=0
Another possibility (if the default gateway is always the same) is to uncheck "Add default route" in the DHCPv6 client, and use a default static route.

At least one other user has actually a very similar setup, but he does not have this problem. The only difference i can see is that he has the VLAN interface directly on the physical interface. In my case the DHCPv6 client is on a VLAN interface located on a VLAN aware bridge.

I did test the DNS Adlist, it seems to consume a lot of memory. Actually my cache is around 20 000 KiB. Is that normal ? A whitelist would be nice because some sites are detecting this and refuse to load.
You do not have the required permissions to view the files attached to this post.
Last edited by FIPTech on Thu Mar 07, 2024 1:23 am, edited 4 times in total.
 
sinisa
newbie
Posts: 34
Joined: Sun Apr 17, 2011 12:46 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 12:07 pm

We will fix non working things, of course. Including size issues. That is what this topic is for - please resport issues you have seen in this Beta
Many people here have a disk size issue on 16 / 15.3 MB devices that cannot even update since 7.13 without backup & netinstall. We were hoping so much for 7.14 when beta changelog promised reduced size but no, the released version is still too big. All we ask for is a long term release we can stick to. Yes, we should have left RouterOS 6 in place years ago but who knew. I am a home user and I have 3 devices in different places, with auto update scripts in place for many years.
I have been able to overcome lack of space by disabling all graphing (which can take megabytes of space!) and deleting backups/support.rif/everything from Files.
Maybe not nice to lose all traffic history, but it would be lost anyway after netinstal... now, it there was some way to download it before...
 
giannici
newbie
Posts: 29
Joined: Thu May 11, 2017 4:17 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 12:31 pm

*) vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;
*) vlan - fixed MTU reset on bridge after reboot;
Thank you! this fixed my problem with 7.13 / 7.14 where I had to disable/enable my internet vlan interface after booting :)
Please, back-port it to 7.14!
This is a serious bug and should be fixed in "stable" release, we cannot wait a couple months for 7.15 to became e "stable" and tested release...
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21778
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 2:16 pm

So this is MT's excuse not to listen to opinions on this forum?
I said quite the opposite. I said we listen to all users, not just the forum
In what language? What you said was very clear, and you made no mention of listening to all users.
In fact, it seemed to be, if anything, stating that home users, ME included, dont come to the forums, nor all the people I have helped that are home users, which is all quite laughable.
You lose credibility when you put your foot in your mouth, you lost yours for me and I am reminded every day with each new post I read that is a wasted initial effort and a painful dentistry extraction process to support. Luckily, our dedication is greater than your folly.

In any case, folks have to realize that this is a beta, not an RC, and that MT does not have the resources to test all the devices in all the firmware versions in all possible scenarios.
They either have no automated or limited automated test capability, so the work that you do here gratis, is extremely valuable.
So keep posting the issues!! As Normis stated, they will attempt to fix what they can.
( Note: Logging is the number one issue being reported by new users ( home owners and professionals) on the forum. )
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 2:41 pm

Yes, you have to be careful with the new features, like all features in RouterOS, just that they are available, doesn't mean they will work on all devices at their full capacity. For serious ad blocking, you need big lists and lots of cache
My main blocker I use is about 1 million entries "HaGeZi's Pro DNS Blocklist" well, my lists consist of various lists depending on what I allow where.
But until this point I've never had to worry about space as I was using a pi4 with a 64GB memory card. That list turns out to be around 35mb alone so I get your point. As an enthusiast etc.. I like options and I have the space it seems for it to work. Normally I use Unbound as a backend to pihole pointing at root which uses dnssec enabled queries. What I want is for a query to be sent securely from my router over https with add blocking working. how all that works out I'm unsure.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 3:02 pm

Problem: at least since 7.14, probably earlier: in Winbox, Wifi menu, Wifi tab, there are two columns named "Channel", also two "TX Power". One is for configured value, other for current. Now, when I exit the session and log in again, only configured values are there, I have to go to "Show Columns" and enable current values, again and again, which is not practical during deployment (later, whwn everything is working it does not matter).
Can you please rename the columns? At least one of each group? Like "Configured Channel"?
That problem has been present "forever" in RouterOS (at least as long as I use it).
There always have been panels with multiple columns with the same name. It seems that the developers do not care.
(I would think it is easy to programmatically scan for such mistakes and hand them to each responsible developer)
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 4:07 pm

I have no insights but I have the feel that it is quite an effort for MT to keep track of ROS changes in Winbox. There are always a ton of Winbox related changelog entries on each ROS release. And still Winbox is lacking behind CLI in some areas.
 
User avatar
sirbryan
Member
Member
Posts: 391
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 4:16 pm


I said quite the opposite. I said we listen to all users, not just the forum
In what language? What you said was very clear, and you made no mention of listening to all users.
In fact, it seemed to be, if anything, stating that home users, ME included, dont come to the forums, nor all the people I have helped that are home users, which is all quite laughable.
Case in point: I have well over 200-300 hAP AC/AX 2/3 routers deployed in my customers' homes. I can guarantee that maybe 1 or two have visited this forum, ever, besides me. There are easily 199-299 that have not and will not ever need to.

I, on the other hand, visit it frequently, on their behalf.

My home customers aren't going to care about 16MB of disk space; they just care that the WiFi works.
 
blacksnow
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Wed Feb 15, 2023 4:46 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 4:36 pm

Just my two cents.

1) MT team is doing a great job adding features and developing on the RouterOS software. There is great potential here and I really hope they keep pushing the envelope. It works on multiple platforms and is extremely versatile, despite the growing pains MT is putting in some quality work into the software. This alone deserves massive respect and applause. That being said, a clearer roadmap + timeline (or tentative dates or even major version number) for fundamental routing features would be appreciated as well.

2) For products with limited space, there should be a slimmed down/lite LTS branch cut for those products and at some point they need to be EOL'd with regards to new feature development but they should continue to get security and bug fixes appropriate with the LTS branch. Going forward, sorry guys, its the truth, unfortunately putting a small amount of storage creates a constraint and it has been reached. MT doesn't and shouldn't spend their time making and maintaining a bunch of code just to keep adding features to those devices that have limited storage as a result of their mistake/oversight or lack of foresight during hardware development.

3) Add replacement products for the ones that are causing your devoted customers pain. A device refresh of a model that has 16MB storage, with more storage and maybe a slightly newer CPU replacement that is still within 10-15% price compared to the original would alleviate a lot of these complaints and make MT some cheddar.

The storage limit is an artificial problem introduced by a mistake or cost cutting reason during the hardware development. It's 2024, TB is the new MB. Going forward for net new products (where it makes sense), add at least 1GB or more of storage to the devices and realistically 32GB+ to future proof them, sure it costs more but it isn't going to be 50% more. For IoT/PtP/AP devices perhaps 256MB is enough, for any router device at least 1GB, and for flagship devices there is isn't a reason it shouldn't have 128GB storage at least (people are willing to pay for the appropriate hardware).
 
m4rk3J
newbie
Posts: 35
Joined: Thu Jan 27, 2022 2:41 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 4:58 pm

Yes, that tiny storage is becoming a problem. In the old RB411 I had 64 MB and now in hAP ac2/cAP ac only 16?
I like how the wAP LTE kit (2024) is also only 16MB :D
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 5:06 pm

Also: Chateau 5G R16 which retails at > 400EUR has only 16MB. 🤣
I don't want to discuss the retail price. But the fact: There are devices released in 2024 with 16MB flash. I don't care if 16MB, 128MB or 1GB flash. As long as it fits and devices run stable. So this is fully on topic: keep an eye on the package sizes. They seem to be growing.
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 5:14 pm



I don't think so...

I wonder what packages you have installed...
It is not a joke. I am using standard setup with routeros.npk + wifi-qcom-ac.npk. You are using "old" not Wave2 AC WiFi drivers, which is 800kB+ less. That is the reason.
I repeat, even with wifi-qcom-ac I don't get to 0 of free space as you say.
Image
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 5:17 pm

Can anyone with hAP ac2 confirm that
/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=no
download the list?
Name count always remains 0
Image
It's not feching the hosts file. Do it manually.

/tools/fetch url=https://raw.githubusercontent.com/Steve ... ster/hosts

Seems it's half baked...

then in the pull down box select hosts

Also, download the certificate chain and you can use ssl. But I haven't verified it that works or not.

Cache Used 19094 KiB
/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=yes file=hosts
github-io-chain.pem.txt
Thanks for your reply wfburton, I don't know why "URL" doesn't work for me, I have to download the file as you recommended.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 5:27 pm

*) branding - added option to hide default configuration prompt;
How? It's not an option to Branding Kit Maker on mt.lv... Nothing about how to build a "defconf" works is documented.

Sorta get $action=="revert" is based on prompt in winbox (thus RN to "hide")... & now, perhaps setting something in the defconf can cause the prompt not to show?

*) branding - added option to hide or replace default caps-mode-script;
Exactly how the default configuration uses caps-mode-script has been a mystery to me, before this change – e.g. from branding kit there is one default configuration loaded, but in CLI the caps-man and "main" default script appears separately under /system/default-configuration.

Export in docs show what appear to be invalid RSC... e.g the outer script:, caps-mode-script:, custom-script: in a indented YAML-like style in show in docs – is that actually valid for a defconf file from branding (cuz it ain't valid at CLI)? I've assumed branding's default configuration just replaced the "script" part... maybe not, dunno...

Some paragraph in docs (default configs or branding) for the defconf more generally be VERY helpful on both these "branding" RNs...
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1090
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 6:15 pm

Oh... This one is kind of a nightmare! 😳
I have decided to solve the scripting issues on my side. So did a massive rework, and I think I am mostly fine for now. 👍
 
ko00000000001
just joined
Posts: 9
Joined: Thu Feb 29, 2024 9:12 am

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 6:43 pm

CHR 7.14/7.15b4 can't find network interface in Vultr
viewtopic.php?t=205073
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 7:05 pm

I don't know that answer either but the list I have loaded which 32mb in size uses
 max-udp-packet-size: 4096
         query-server-timeout: 2s
          query-total-timeout: 10s
       max-concurrent-queries: 100
  max-concurrent-tcp-sessions: 20
                   cache-size: 131064KiB
                cache-max-ttl: 1w
      address-list-extra-time: 0s
                          vrf: main
                   cache-used: 117207KiB
I know some blockers can use compressed list etc.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 7:12 pm

To be clear I am just trying this out. it loads into memory thats all I can tell you so far. as to how it all performs is another question. I have the free memory so why not ? but as stated I would urge people to be carefull. as far as I can see if you don't have enough memory your logs will be flooded.
 
CGGXANNX
Member Candidate
Member Candidate
Posts: 232
Joined: Thu Dec 21, 2023 6:45 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 7:26 pm

As far as cache size, the host file is about 4.8mb. Why is it using 19mb then? And I don't believe changing the cache TTL would help. This is a host file and not different than any host file you would you on your pc. Maybe, MT can change the logic and only cache the local network address and cache only hosts that gets a hit in the host file.
Ever heard of data structures, indices, hashtables, trees, memory alignment, etc...? If MikroTik just put your 4.8MiB file in 4.8MiB RAM performance will be horrible because for every DNS query RouterOS have to do a linear scan through hundreds of thousands of unaligned lines of text. For efficient lookup, and also insertion, deletion (because the cache table is dynamic) including lookup & deletion by TTL, your text file will need to be parsed and transformed/stored in appropriate data structures in memory, with multiple associated indices (hostname, TTL, RR type). There also will be holes in between because the data need to be aligned and not all buckets are filled, especially after random insertion/deletion. Of course it can be multiple times bigger than the original raw text file.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 7:31 pm

Right. I don't see any hits. But, I'm not currently using it and probably won't. Just to heavy to run on CRS309-1G-8S+
I'm getting 97% coverage according to the top addblock testing site from google. I guess they may add features if it picks up steam?
You do not have the required permissions to view the files attached to this post.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 8:22 pm

It must be using the same DNS resolver (e.g. effected by cache size). I'd just prefer it was a generic way to dynamically load a "normal" /etc/host with real hosts – that be useful as "poor man's zone file" to load same hosts on multiple routers. e.g. I don't want 0.0.0.0 as hosts, but a URL that's periodically download with a list of DNS host is useful

On the performance issue, time will till. I'm pretty sure a Pi-Hole container is more heavy than adlist (now perhaps more capable). e.g. Pi-Hole more likely to have impact on router performance than resolving a host in the native DNS resolver, which I presume is populated by the "adlist".
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:52 pm

Ahh the old days, I used to use this script for stevenblack lists years ago on my DD-WRT routers.
This one https://wiki.dd-wrt.com/wiki/index.php/Ad_blocking
When chocolate was cheap!
 
tom3f
just joined
Posts: 12
Joined: Sat Jan 30, 2021 2:33 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 9:57 pm

I think main package should not contain any VPN. It should be separated package. All nas functionality (smb, dlna, … ) should be in separated packages. It is really only mikrotik fault that even hapac2 which is only few years old has not enough memory. And separate some functionality into packages so people can choose what features they need is realy must have feature. Please Mikrotik, don’t make e-waste from only few year old devices. Your router are really expensive but when someone buys it, it expecta that it will have software support and not that it will be abandoned in few years just becase not enough space on device.
 
User avatar
osc86
Member Candidate
Member Candidate
Posts: 203
Joined: Wed Aug 09, 2017 1:15 pm

Re: v7.15beta [testing] is released!

Tue Mar 05, 2024 11:46 pm

When do you plan to implement feature that just about any other vendor have ? PPSK...
what are you talking about? PPSK feature exists since forever, long before other vendors supported it.
WiFi -> Access List (capsmanv2)
Wireless -> CAPsMAN -> Access List (legacy capsman)
Wireless -> Wireless -> Access List (standalone ap)
PPSK feature only works with WPA2 and below, regardless of the vendor.
 
andrek
just joined
Posts: 2
Joined: Tue Aug 08, 2023 4:08 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 12:41 am

Package size for devices with 16 MB flash is definitely an bigger issue. I have a hap ac2 at home with routeros (system) and wifi-qcom-ac packages here and hit the 0kb free mark earlier just with config, 0 additional files on disk

Two problems arise here:

- Config added after the 0kb mark is not saved consistently - meaning that you could risk an inconsistent state after rebooting, not knowing which parts are actually saved without rebooting and running /export. Regular reboot (via Cli/Winbox) shows "router was rebooted without proper shutdown, probably kernel failure" after booting - probably due to flash corruption(???)
- For example while trying out the new DLNA feature (and for that setting up an smb share on an external usb disk) i encountered random reboots (watchdog timer). Problem is that I am unable to even report the issue correctly at this point because there is no chance to create an Supout.rif file - due to lack of disk space. So hitting a dead end here

Don't get me wrong here - I appreciate the new features and everything, but the limit of 16MB devices will be hit sooner or later (in this case real soon, unfortunately)

As for a solution, I would propose an additional (i.e. routeros-minimal) system package with just the bare minimum and split the rest (Advanced Routing, VPN, ...) into separate packages. Advantage would be even that you even could install extra packages (i.e. zerotier or whatever) without running out of space - just as needed for the use case per device.

Maybe it would be even possible to create a "RouterOS Package Builder" where the user could decide which of the main features he wants to install - or make installation of extra packages available via cli/winbox with checkboxes. Probably not feasible, but just an idea in my head :)

Not a fan of the idea to create an LTS release for these devices - would kill innovation considering that some recent devices ship with 16 MB flash.
 
Guscht
Member Candidate
Member Candidate
Posts: 254
Joined: Thu Jul 01, 2010 5:32 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 12:56 am

Maybe it would be even possible to create a "RouterOS Package Builder"
I liked the ROSv6 way, when you were able to deselect different modules.
In my opinion it's also a security risk to have "everything" enabled by default.

If you don't do dynamic routing, why BGP, OSPF, RIP... stuff installed. If you do not need NAS-stuff, why DLNA? If you do not use IPv6, why the whole IPv6-stuff? Why the WiFi-stuff on devices without WiFi? Now they will say, yeah for CAPsMAN... But honestly, if you are going to implement a such brainfu**ed thing like CAPsMAN, you *WILL* be able to install this as an aditional package. Was in my opinion no good decision for ROSv7, told them (MT), got ignored...
 
blacksnow
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Wed Feb 15, 2023 4:46 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 2:41 am

Package size for devices with 16 MB flash is definitely an bigger issue. I have a hap ac2 at home with routeros (system) and wifi-qcom-ac packages here and hit the 0kb free mark earlier just with config, 0 additional files on disk

Two problems arise here:

- Config added after the 0kb mark is not saved consistently - meaning that you could risk an inconsistent state after rebooting, not knowing which parts are actually saved without rebooting and running /export. Regular reboot (via Cli/Winbox) shows "router was rebooted without proper shutdown, probably kernel failure" after booting - probably due to flash corruption(???)
- For example while trying out the new DLNA feature (and for that setting up an smb share on an external usb disk) i encountered random reboots (watchdog timer). Problem is that I am unable to even report the issue correctly at this point because there is no chance to create an Supout.rif file - due to lack of disk space. So hitting a dead end here

Don't get me wrong here - I appreciate the new features and everything, but the limit of 16MB devices will be hit sooner or later (in this case real soon, unfortunately)

As for a solution, I would propose an additional (i.e. routeros-minimal) system package with just the bare minimum and split the rest (Advanced Routing, VPN, ...) into separate packages. Advantage would be even that you even could install extra packages (i.e. zerotier or whatever) without running out of space - just as needed for the use case per device.

Maybe it would be even possible to create a "RouterOS Package Builder" where the user could decide which of the main features he wants to install - or make installation of extra packages available via cli/winbox with checkboxes. Probably not feasible, but just an idea in my head :)

Not a fan of the idea to create an LTS release for these devices - would kill innovation considering that some recent devices ship with 16 MB flash.
Some parts I agree with, some I don't.

Making RouterOS modular for all components is likely to cause not only a large development undertaking but also a headache for developers in maintaining the code. It also can negatively impact latency, interoperability and would make testing even more cumbersome. Not to mention I'm sure the goal at MT is to have an AIO package that works on any platform and offers all the features out of the box (especially with the Cloud/AI frenzy).

Outside of the AIO package, containerization is their offer of support towards advanced customization for user-specific needs that are not covered in what they plan to fundamentally build/support in the RouterOS package. This development approach isn't unusual, as it stands right now if you look at the linux kernel there is a reason why it is called a monolithic kernel and also why it is leagues more performant than many other operating systems. The same thing applies here, especially since they aren't just using the default linux implemented features and instead developing their own derivatives.

I urge people to look towards the future and push MT to make better component choices on the hardware side than to continue to say lets waste development cycles around an artificially imposed constraint. (Yes I know, it will cost us consumers money in the end, but if we really want the best for the future we have to share some of the burden.)

Regarding lack of innovation with a LTS-Lite release, I don't see that happening, all it means is that feature-wise the 16MB constraint on some devices is already preventing anything other than bug fixes from coming down the pipe for those devices (which is realistic, things don't last forever, even Torvalds eventually deprecated old drivers in the linux kernel to clean it up). Newer devices will continue to push the development/innovation further, not to mention CHR already opens up the hardware perspective on many fronts.

TLDR: MT release a new range of comparables for all the devices that have just 16MB-128MB storage. Unfortunately, even the CCR2216 only has 128MB (fine for now, but not really future proof) for internal storage, and while you can slot some M.2 drives in there you can't use them for booting purposes.... so at some point if the package size grows enough that could even become an issue.
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 6:05 am

When do you plan to implement feature that just about any other vendor have ? PPSK...
what are you talking about? PPSK feature exists since forever, long before other vendors supported it.
WiFi -> Access List (capsmanv2)
Wireless -> CAPsMAN -> Access List (legacy capsman)
Wireless -> Wireless -> Access List (standalone ap)
PPSK feature only works with WPA2 and below, regardless of the vendor.
Sorry but should I say to my guest please can you give me your MAC addresses so you can connect to right VLAN ??? No, in my opinion that is not proper PPSK, that is workaround.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 11:59 am

Well, of course actually PPSK is not proper and is a workaround. But it is a convenient workaround offered by some other vendors.
At work we are using WPA2-EAP with MSCHAPv2 username/password and a certificate for authentication of the AP.
That is "the proper way to do it". Each user gets a username/password stored in a RADIUS server, when authenticated the RADIUS server sends a VLAN number and the user is put in that VLAN. This also has the advantage that each user has a different encryption key on the WiFi, so it is not possible to eavesdrop on other users and do man-in-the-middle attacks when you know the PSK.
Works fine in a corporate environment where you can distribute config using some management system or other local methods, but for the home it is not very convenient of course. Not to mention that low-end devices (IoT etc) usually do not support WPA2-EAP.

At home I use "usermanager" with MAC authentication via RADIUS, so all users connect to the same SSID/password but depending on the "group" of the entry in the user manager list I can assign the different devices a different VLAN.
That works fine with all devices, but unfortunately:
- there is no way to enter a "default user" in usermanager so a new device cannot connect at all until you figure out its MAC address and enter it in the users list. that requires watching the log to see what MAC is rejected (with access list that can be avoided, but unfortunately when usermanager rejects the request there is no way to "fall back to" an access list rule).
- the new WiFi driver does not support this, at least not the setting of VLAN number (did not check if it allows MAC authentication via RADIUS).
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2959
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 4:05 pm

Ahh the old days, ...When chocolate was cheap!
And healthy :)
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 4:24 pm

Also quite often IoT devices have problem with WPA2-EAP, i tried that and most of IoT devices refused to connect. I tried user manager, you helped me and it was working nice but as you said, good for corporate not home user.

This shouldn't be a problem for mikrotik to implement and I believe that there are many users that would like to see this feature. It's not a problem that I can't use wpa3 then. Long strong password and WPA2 is enough for me.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 7:47 pm

!) system - added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package);
Is there some cloud provider that has AMPERE that is known to work and/or "supported"?

I tried on large AMPERE box on Equinix Metal cloud, since they support AMPERE. But Equinix requires an iPXE boot for non-standard Linux...but could NOT figure out the right iPXE script to boot it.

Overall, a CHR .IMG of "AMPERE" be more WAY more handy for testing the beta than bare metal IMO... Not sure many folks have AMPERE sitting around ;).
 
felixka
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Oct 19, 2020 4:12 am
Location: Canada

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 9:46 pm

Updated my RB5009 today and it's lost it's ability to route certain VLANs out via VPNs from within VRFs. Not sure what's going on exactly yet. But it works fine on 7.13 (didn't try 7.14 as it would break my WAN link due to the VLAN MTU issues).
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 9:47 pm

What is AMPERE??
Due to the stupid name it is impossible to Google...
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 9:50 pm

 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 10:04 pm

What is AMPERE??
Due to the stupid name it is impossible to Google...
Maybe some Kleenex™ would help to clear it up.

AArch64 be way clear. Get Ampere adds GPUs etc... but for RouterOS it's ARM64 on enterprise servers.
 
lubomirs
just joined
Posts: 5
Joined: Tue Feb 05, 2019 4:07 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 10:07 pm

I don't know why it's good anyway . . . in ROS
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 10:17 pm

I don't know why it's good anyway . . . in ROS
That why I asked about ARM64 CHRs. On AWS I believe ARM64 is cheaper but AMPERE is not going work. And, there a lot of smaller ARM64 boards that can run KVM, but need RouterOS as ARM64 disk image. Some hyped "AI" (GPU-enabled) enterprise server does NOT seem like a good fit for RouterOS to be the native OS. Now running as container under AMPERE would make sense.

Anyway it's curious at the name/rational of "AMPERE".
 
ayufanpl
just joined
Posts: 10
Joined: Mon Mar 04, 2024 2:18 pm

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 10:39 pm

I don't know why it's good anyway . . . in ROS
That why I asked about ARM64 CHRs. On AWS I believe ARM64 is cheaper but AMPERE is not going work. And, there a lot of smaller ARM64 boards that can run KVM, but need RouterOS as ARM64 disk image. Some hyped "AI" (GPU-enabled) enterprise server does NOT seem like a good fit for RouterOS to be the native OS. Now running as container under AMPERE would make sense.

Anyway it's curious at the name/rational of "AMPERE".
There's nothing in particular about AMPERE in AMPERE image. It is UEFI based, and supporting various VIRTIO drivers, and is easily runnable on arm64 QEMU KVM. If you want you can just install locally, and `dd` image into cloud provider and it will just boot fine, as long as cloud provider does attach disk with some sort of serial number.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Wed Mar 06, 2024 11:25 pm

The little I know about it, Ampere should be arm64 on steroids...
 
DeviceLocksmith
just joined
Posts: 24
Joined: Sat Jan 15, 2022 8:21 am

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 5:28 am

Interesting choice considering CCR2XXX routers are running on AWS CPUs, so support for Graviton2 or Graviton3 seemed more logical.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26881
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 10:37 am

Hetzner has both Dedicated and Virtual AMPERE ARM64 servers available. CHR images are coming in next betas, currently we only release ISO for bare metal Ampere servers, such as these: https://www.newegg.com/p/pl?d=ampere+altra
You do not have the required permissions to view the files attached to this post.
 
darukza
just joined
Posts: 1
Joined: Fri Nov 10, 2023 2:34 pm

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 11:00 am

CRS310-1G-5S-4S+ with latest beta firmware 7.15beta4
# NAME VALUE TYPE
0 voltage 23.4 V
1 cpu-temperature 24 C
2 sfp-temperature 43 C
3 fan-state ok
4 fan1-speed 12990 RPM
5 board-temperature1 23 C
6 board-temperature2 16 C
7 psu1-voltage 23.7 V

Fan speed is in max rpm even temperature is low. Target temp is now 45'c and tested with 55'c target.
same with previous firmware release.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 11:35 am

Ok, thanks for the info about AMPERE. I thought it would be about white-label router hardware. Google of that name combined with "router", "switch" etc only resulted in articles about power usage of such devices.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 11:42 am

First hit when searching for "Ampere CPU platform"

https://en.wikipedia.org/wiki/Ampere_Co ... to%20scale.
 
User avatar
sch
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Tue Feb 26, 2013 1:05 pm

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 11:43 am

CRS310-1G-5S-4S+ with latest beta firmware 7.15beta4
# NAME VALUE TYPE
0 voltage 23.4 V
1 cpu-temperature 24 C
2 sfp-temperature 43 C
3 fan-state ok
4 fan1-speed 12990 RPM
5 board-temperature1 23 C
6 board-temperature2 16 C
7 psu1-voltage 23.7 V

Fan speed is in max rpm even temperature is low. Target temp is now 45'c and tested with 55'c target.
same with previous firmware release.
Unfortunately for this model, there are only 2 fan speeds available - Fans on ( 13k RPM ) and off.
There was a software change in system health - *) health - changed default "fan-min-speed-percent" from 0% to 12%; We will fix this setting for CRS310 in the next RouterOS versions.

To get the system working as before you need to set the minimal fan speed to 0% :
sys health/settings/set fan-min-speed-percent=0
 
User avatar
patrikg
Member
Member
Posts: 358
Joined: Thu Feb 07, 2013 6:38 pm
Location: Stockholm, Sweden

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 11:55 am

YouTube Jeff, the Raspberry/Ansible guy has also now some new videos with AMPERE CPU now with building with ASRock board.

https://youtu.be/Hz5k5WgTkcc
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 4:28 pm

First hit when searching for "Ampere CPU platform"
As I said, I did not know that AMPERE was a "CPU platform".
I vaguely remembered about a "white label switch platform" but apparently it has a different name.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 4:33 pm

I vaguely remembered about a "white label switch platform" but apparently it has a different name.
That would be ONIE
https://opencomputeproject.github.io/onie/overview/
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 6:33 pm

Correct. Maybe MikroTik should, now that they are working on this, provide an ONIE install file as well.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 7:16 pm

Correct. Maybe MikroTik should, now that they are working on this, provide an ONIE install file as well.
An iPXE script would work for both ONIE and KVM. An iPXE script could fetch RouterOS via HTTP & be invoked via ONIE or PXE support in KVM/etc. If documented... iPXE install be the fewest steps on most CHR[X86/AArch64] platform since it widely support in bootloaders.

e.g. less disk images/ISOs, more iPXE scripts
Last edited by Amm0 on Thu Mar 07, 2024 7:20 pm, edited 2 times in total.
 
ivicask
Member
Member
Posts: 438
Joined: Tue Jul 07, 2015 2:40 pm
Location: Croatia, Zagreb

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 7:16 pm

Getting POE FW upgrade fail on 7.15, had same even on 7.14 stable.
You do not have the required permissions to view the files attached to this post.
 
TomSF
Member Candidate
Member Candidate
Posts: 104
Joined: Tue Jun 27, 2017 2:12 am

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 8:29 pm

Oh... This one is kind of a nightmare! 😳

RouterOS scripting is missing some control structures, one of these being :exit (or what ever it may be named...) to exit a scripts early, successfully. As this is missing I have a lot of script misusing :error for that purpose, which worked to date. Now RouterOS starts logging this, and my logs and me are flooded with:
script,error executing script from scheduler failed, please check it manually
Any chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.
Starting with this Beta release, scripts fail that used to run OK. In particular, scripts run from Scheduler, Netwatch, DHCP-Client-Advanced, DHCP-Server-Advanced cause similar log entries, e.g. "executing script from scheduler failed, please check it manually", "executing script from dhcp failed, please check it manually", "executing script from dhcpclient failed, please check it manually", "executing script from netwatch failed, please check it manually". I do not see anything in the changelog that would explain this.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 10:07 pm

*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
Mikrotik, please elaborate on this. I can't find available-channels nor channel-priorities anywhere Thank you.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 10:31 pm

Starting with this Beta release, scripts fail that used to run OK. In particular, scripts run from Scheduler, Netwatch, DHCP-Client-Advanced, DHCP-Server-Advanced

Mikrotik changed the permissions available to these scripts recently, maybe the policy further restricted here? But these kinda scripts do not have full admin right now – netwatch's docs helps explain what allowed (and AFAIK applies to the other locations with "on" scripts attached to config):
Netwatch executes scripts as *sys user, so any defined global variable in the Netwatch script will not be readable by for an example a scheduler or other users
Netwatch is limited to read,write,test,reboot script policies. If the owner of the script does not have enough permissions to execute a certain command in the script, then the script will not be executed. If the script has greater policies than read,write,test,reboot - then the script will not be executed as well, make sure your scripts do not exceed the mentioned policies.
It is possible to disable permission checking for RouterOS scripts under /system/scripts menu.
This is useful when Netwatch does not have enough permissions to execute a script, though this decreases overall security. It is recommended to assign proper permissions to a script instead.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 10:46 pm

I see
script,error executing script from console failed, please check it manually
in log too. I can't remember seeing such an error on 7.14.

But maybe because of:
*) console - added log for script execution failures;
 
TomSF
Member Candidate
Member Candidate
Posts: 104
Joined: Tue Jun 27, 2017 2:12 am

Re: v7.15beta [testing] is released!

Thu Mar 07, 2024 11:00 pm

Starting with this Beta release, scripts fail that used to run OK. In particular, scripts run from Scheduler, Netwatch, DHCP-Client-Advanced, DHCP-Server-Advanced

Mikrotik changed the permissions available to these scripts recently, maybe the policy further restricted here? But these kinda scripts do not have full admin right now – netwatch's docs helps explain what allowed (and AFAIK applies to the other locations with "on" scripts attached to config):
Netwatch executes scripts as *sys user, so any defined global variable in the Netwatch script will not be readable by for an example a scheduler or other users

It is possible to disable permission checking for RouterOS scripts under /system/scripts menu.
This is useful when Netwatch does not have enough permissions to execute a script, though this decreases overall security. It is recommended to assign proper permissions to a script instead.
I recall dealing with this some time ago by changing "scripts attached to config" to execute scripts that have permission checking disabled. That seemed to work until this Beta release. That was even true for Netwatch. I will let things go as is until another Beta comes out and then see what happens.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 12:39 am

*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
Mikrotik, please elaborate on this. I can't find available-channels nor channel-priorities anywhere Thank you.
answering my own question:

it is about the output of /interface/wifi/monitor. confused me because IMHO output is not a parameter. Maybe call it property, label, term or key (as in key/value pair). Whatever you choose: parameter is a synonym for argument in a data input operation.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 1:43 am

*) wifi - improve channel selection after radar detection events;
Does this fix the issue where the interface remained in "selecting channel" state after a radar event? e.g. viewtopic.php?p=1057657
 
User avatar
Archous
just joined
Posts: 10
Joined: Thu May 12, 2022 7:13 am
Location: USA
Contact:

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 2:43 am

Updated my RB5009 today and it's lost it's ability to route certain VLANs out via VPNs from within VRFs. Not sure what's going on exactly yet. But it works fine on 7.13 (didn't try 7.14 as it would break my WAN link due to the VLAN MTU issues).
This was a problem introduced in 7.14 and needs to be addressed ASAP. VRFs are broken for us.

See:
viewtopic.php?t=205097#p1060657
posting.php?mode=quote&p=1060662
posting.php?mode=quote&p=1059546
posting.php?mode=quote&p=1059579
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1387
Joined: Tue Jun 23, 2015 2:35 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 6:41 am

Can BGP-VPLS has staic name? (even if disconection happen)
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 12:37 pm

@Mikrotik are you going to add an auto-update feature to addlist function. My lists have updated twice in as many days.
Would be great to be able to schedule it to fetch/look early in the morning etc.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1352
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 12:40 pm

yes, this is the last feature that MikroTik devices needed, a broken half baked adlist.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 12:45 pm

Thats my choice like I don't have a choice to use half the crap people ask for ??
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 12:46 pm

Guys ...
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1352
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 12:47 pm

Oh, the reply wasn't directed at you, sorry @ToTheFull.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26881
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 1:23 pm

@Mikrotik are you going to add an auto-update feature to addlist function. My lists have updated twice in as many days.
Would be great to be able to schedule it to fetch/look early in the morning etc.
adlist updates every 1 hour, but in upcoming versions you will be able to change it
 
FIPTech
Long time Member
Long time Member
Posts: 560
Joined: Tue Dec 22, 2009 1:53 am

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 1:49 pm

@Mikrotik are you going to add an auto-update feature to addlist function. My lists have updated twice in as many days.
Would be great to be able to schedule it to fetch/look early in the morning etc.
adlist updates every 1 hour, but in upcoming versions you will be able to change it
Please add a Whitelist if possible.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 2:00 pm

@Mikrotik are you going to add an auto-update feature to addlist function. My lists have updated twice in as many days.
Would be great to be able to schedule it to fetch/look early in the morning etc.
adlist updates every 1 hour, but in upcoming versions you will be able to change it
@normis I was using the fetch function and storing the file local hence no change. Yes 1 hour is very aggressive, good plan.
Thanks.
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 336
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 2:45 pm

What's new in 7.15beta6 (2024-Mar-08 08:23):

*) certificate - added support for importing pbes2 encrypted private keys with aes128;
*) chr - fixed bogus messages printed out while booting up the system (introduced in v7.14);
*) chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);
*) ethernet - fixed default names for CRS310-8G+2S+ device (introduced in v7.14);
*) lte - make interface persistent (unused interface configs can be removed, allow to export and examine current configuration without the device present);
*) package - reduced package size for SMIPS;
*) poe-out - improved firmware upgrade stability for AF/AT controlled boards;
*) qos-hw - added congestion avoidance support for 98DX8xxx, 98DX4xxx, 98DX325x switch chips (CLI only);
*) qos-hw - added WRED support for compatible switches;
*) route - rework of route attributes;
*) sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14);
*) ssh - added passphrase option for host key import;
*) vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);
*) wifi-qcom - improved regulatory compliance for L11, L22 devices;
*) wireguard - added peer "name" field and display it in logs;
*) wireguard - do not attempt to connect to peer without specified endpoint-address;
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 3:02 pm

Upgraded rb5009 / AX2 / AX3 to 7.15b6

I see this in AX3 upon inspection of logs (same on AX2 but not for RB5009)

What script ?
You do not have the required permissions to view the files attached to this post.
 
matiss
MikroTik Support
MikroTik Support
Posts: 32
Joined: Fri Dec 30, 2016 10:13 am

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 3:12 pm

holvoetn please create and send to support@mikrotik.com supout.rif file.
Upgraded rb5009 / AX2 / AX3 to 7.15b6

I see this in AX3 upon inspection of logs (same on AX2 but not for RB5009)

What script ?
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 3:16 pm

holvoetn please create and send to support@mikrotik.com supout.rif file.
Done - SUP-146311
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 3:40 pm

holvoetn please create and send to support@mikrotik.com supout.rif file.
Done - SUP-146311
Did this happen on your ax2 as well ?
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 3:41 pm

Sorry I didn't read it properly
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 4:02 pm

hAP ac2 doesn't download the Adlist from URL...
SUP-146323
 
cowgirl
just joined
Posts: 5
Joined: Tue Dec 18, 2018 12:10 am
Location: South-West-Germany
Contact:

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 4:45 pm

What's new in 7.15beta6 (2024-Mar-08 08:23):

*) sfp - improved system stability for CR2004-1G-2XS-PCIe (introduced in v7.14);

I can confirm CR2004-1G-2XS-PCIe is coming up again with 7.15beta6. Updated from 7.13.5.

Please back port this patch to 7.14.x
 
marekm
Member
Member
Posts: 416
Joined: Tue Feb 01, 2011 11:27 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 4:57 pm

For example here in PL the law requires all ISPs to redirect gambing listes that don't pay taxes listed as https://hazard.mf.gov.pl/ to 145.237.235.240 which shows a warning that the Big Brother (Ministry of Finances) is watching.
How is that even possible? Has https:// not reached PL yet? or are PL citizens trained to ignore certificate errors when browsing?
It only works for plain HTTP of course, the browser gets a 302 redirect to the message. For HTTPS it's just a timeout, the redirector only responds to requests on port 80. But that's enough to be compliant.

It's really a security theater made by politicians (of the formerly, no longer after 8 years, ruling party), but the authorities are serious and threaten non-compliant ISPs with fines. Their favourite name to check is apparently one with some German "umlaut" letters so we have to handle IDN properly too.
 
TomSF
Member Candidate
Member Candidate
Posts: 104
Joined: Tue Jun 27, 2017 2:12 am

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 5:02 pm




Mikrotik changed the permissions available to these scripts recently, maybe the policy further restricted here? But these kinda scripts do not have full admin right now – netwatch's docs helps explain what allowed (and AFAIK applies to the other locations with "on" scripts attached to config):
I recall dealing with this some time ago by changing "scripts attached to config" to execute scripts that have permission checking disabled. That seemed to work until this Beta release. That was even true for Netwatch. I will let things go as is until another Beta comes out and then see what happens.
I just installed beta6 and the issue is still there. I am guessing that the permissions assigned to scripts attached to the config are being applied to the scripts they execute, even if those scripts are set to not require permissions. This is in conflict to the MT documentation which says to do exactly what I am doing to get around the permissions assigned to scripts attached to the config.
 
AndiiiHD
Posts: 0
Joined: Tue Jan 16, 2024 3:06 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 5:36 pm


Unfortunately for this model, there are only 2 fan speeds available - Fans on ( 13k RPM ) and off.
There was a software change in system health - *) health - changed default "fan-min-speed-percent" from 0% to 12%; We will fix this setting for CRS310 in the next RouterOS versions.

To get the system working as before you need to set the minimal fan speed to 0% :
sys health/settings/set fan-min-speed-percent=0
Would it be possible to get such a fan speed setting for SwitchOS too? Its always max speed with SwitchOS on CRS310-1G-5S-4S+ and you cannot change it.
Last edited by AndiiiHD on Fri Mar 08, 2024 5:42 pm, edited 4 times in total.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 5:36 pm

beta6
 16:32:04 script,error executing script from console failed, please check it manually
 16:32:06 system,error,critical error while running customized default configuration script:
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 6:17 pm

I see this in AX3 upon inspection of logs (same on AX2 but not for RB5009)

What script ?
While no line numbers, the message does vary depending on where a failure happens. Some bad code in /system/script get you:
"executing script script14 from winbox failed, please check it manually"

Your image shows "script from console". Were you using the CLI to do anything around the time of your log? e.g. Maybe if something gets by the syntax checker, and get a runtime error from CLI, it also logs? I could NOT repo an error with bad code at CLI ... but the "from console" is telling I think.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 6:19 pm

Nothing was open. SImply upgrade and reboot.
You can see from the log entries I wasn't logged in ... only about 5 minutes later when I went in to check the logs.
 
fichte
just joined
Posts: 4
Joined: Thu Jun 22, 2023 10:40 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 6:34 pm

screen-2024-03-08 17-30-42.png
is it only for me or is the adlist feature not working correctly? There are no match counts?
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 6:43 pm

Maybe it is only you that did not increase the cache size?
 
User avatar
herbrico
newbie
Posts: 25
Joined: Mon Dec 31, 2012 4:19 pm
Location: Croatia, Sisak

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 8:06 pm

screen-2024-03-08 17-30-42.png
is it only for me or is the adlist feature not working correctly? There are no match counts?
First, do you use doh. If you use doh, it won't work. How big is your cache? I have about 400000 domains and for that it takes about 48 MB, so calculate how much you need.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 9:22 pm

free-hdd-space: 0
total-hdd-space: 15.2MiB
0 free space on beta6. Well played!

MT I beg you, I want to continue using my Chateau LTE12.
 
fichte
just joined
Posts: 4
Joined: Thu Jun 22, 2023 10:40 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 9:47 pm

@herbrico good to know ;-) i had doh, it works now. chatch size is set to 1.000.000 KiB.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 10:18 pm

Excellence. Didn't survive a reboot. now netinstall ahead. this space issues. second netinstall in a week because of this.
 
lubomirs
just joined
Posts: 5
Joined: Tue Feb 05, 2019 4:07 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 11:06 pm

**************, do you test your soft before update?, beta6 Briked arm devices

can't recover from netboot neither
If I want to test, I update to beta, but if not, I just "*************" update to beta.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Fri Mar 08, 2024 11:23 pm

Tried to netinstall 7.15beta6 with no luck on Chateau LTE12. Did not boot afterwards either. So I netinstalled 7.13.5 and device now running again.
Yes, I switched to "testing" branch first time in years. 7.13 was already tough to swallow and then 7.14. Now I go YOLO as testing branch has the fixes first. LOL
As always with YOLO-actions: they don't last long. Fun while it lasts.

Bye testing channel. You'll not see me anytime soon. Horrible experience.
 
spookymulder84
newbie
Posts: 30
Joined: Sat Nov 11, 2017 1:37 pm
Location: Croatia

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 12:35 am

*) wireguard - added peer "name" field and display it in logs;
*) wireguard - do not attempt to connect to peer without specified endpoint-address;
Definitely two welcome features! Thank you!
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 12:45 am

Bye testing channel. You'll not see me anytime soon. Horrible experience.
"testing" channel is only for people prepared to live with problems, interruptions, and netinstall.
It is more worrying that the same thing is happening in "stable". There are 2 main problems here:
- the denial of problems caused in 15.3MB/16MB devices by growth of the monolithic "routeros" package + one of the wifi packages
- the fact that "rc" versions are promoted to "stable" without sufficient time for bugs to be reported and weeding out of known bugs.

Probably code should only be labeled "stable" to the outside world when it has sufficiently been fieldtested.
People continue to see "stable" as a label of code quality, rather than a label of release cycle.
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1090
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 8:46 am

The scripting part crashes in 7.15beta6 several times a day:
script;error script error: error - contact MikroTik support and send a supout file (10)
Did not yet open an issue, will have to do that later today.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 11:42 am

Are you sure that isn't just reporting of script errors that were always there but you never noticed?
It looks like from this version on, when a script is running in the background (i.e. not started from console) you now see those errors in the log, while in the past it just silently failed.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 12:47 pm

Rename "stable" channel to "main". "testing" to "nightly". problem solved.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 12:50 pm

"testing" is more like "weekly", but indeed it could be solved with a rename to a less suggestive name.
too often, people interpret "stable" as "stable operation, recommended install".
 
User avatar
npeca75
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Thu Aug 03, 2017 3:12 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 2:25 pm

*) media - added support for DLNA;

the most pathetic thing is that DLNA is intended for home users, and most of home users running smaller MT devices which simply does not fit with 16M flash
OK, you could at least run DLNA on your backbone router with 40 or 100G links .... :)
how sad is this decision
Clearly, marketing department is to be blamed
 
gze100
just joined
Posts: 6
Joined: Wed Jan 20, 2010 2:30 am
Location: Germany

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 3:55 pm

What's new in 7.15beta6 (2024-Mar-08 08:23):

*) chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);
It has been fixed so far, but you get no local console anymore.
System starts and you can login remotely without any problem. The system seems to work except the local console.
You can open a console in winbox. That's still possible. Please see attached screenshot. Support ticket is already open for that.
Thank you so far for all of your effort dealing with that problem. I appreciate that.
You do not have the required permissions to view the files attached to this post.
 
hagoyi
newbie
Posts: 33
Joined: Wed May 17, 2023 8:36 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 6:38 pm

*) dns - added support for "adlist";
Is it just dynamic writes to RAM or are all domains stored in NAND (and wears it out)?
 
rpingar
Long time Member
Long time Member
Posts: 593
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 6:59 pm

Hetzner has both Dedicated and Virtual AMPERE ARM64 servers available. CHR images are coming in next betas, currently we only release ISO for bare metal Ampere servers, such as these: https://www.newegg.com/p/pl?d=ampere+altra
Hi Normis,
any performance test on this platform?

regards
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 10:01 pm

Tried to netinstall 7.15beta6 with no luck on Chateau LTE12. Did not boot afterwards either. So I netinstalled 7.13.5 and device now running again.
Yes, I switched to "testing" branch first time in years. 7.13 was already tough to swallow and then 7.14. Now I go YOLO as testing branch has the fixes first. LOL
As always with YOLO-actions: they don't last long. Fun while it lasts.

Bye testing channel. You'll not see me anytime soon. Horrible experience.
Me fool did not change back to stable channel in settings and did not disable the auto-update scheduler script.

So after netinstall yesterday of 7.13.5 I had exactly 680kb free space and after auto-update I am today on 7.15beta6 and free space ZERO bytes. So we can say: straight loosing quite 700kb of disk space just of what? Modern SMB? DLNA? ADLIST? 🤔
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1352
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 10:02 pm

All of them, because we need them. Who cares if there's not enough space for the router to function as a router.
Make your devices Open Source friendly! So we can run our bought MikroTik routers as routers without extra crap that we don't need.
 
chojrak11
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Apr 05, 2009 10:37 am

Re: v7.15beta [testing] is released!

Sat Mar 09, 2024 10:36 pm


Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
WOW!!! That is going to be a gamechanger! But you need to improve it. It doesn't seem to be able to parse entries like this:
||a.ib.gazeta.pl^
||achcdn.com^
||ad.bitbay.net^
||ad.docer.pl^
||ad.facetpo40.pl^
For example: https://adguardteam.github.io/Hostlists ... ter_14.txt

It also doesn't parse bare domain names:
0-01x-merchandise.554217.xyz
0-0llx.12313123.xyz
0-0lx.1231312.xyz
0-0lxmarket.5767435.xyz
0-0lxmarket.8796556.xyz
0-finanzierung.com
0-lix.6900845.xyz
For example: https://adguardteam.github.io/Hostlists ... ter_18.txt
Without those two formats the Adlist feature is basically unusable.

Also, comments in Winbox aren't displayed and there's no "Comment button"; please add, that helps with knowing which url is what.

Please add an easy way of adding exceptions (i.e. I have a blocklist that breaks some sites, so there should be another tab "Exceptions" where I can add a domain name so that it is ignored if present in any of the blocking list).

Please add buttons to enable/disable individual list.

And finally, please add status for each list - such as "Loaded", "Disabled", "Error", the last one showing in red when DNS cache size setting is too low to load the list. The out of memory is unexpected - I firstly not realized why number of rules was so small, should have been over 600 thousand, but it loaded only 23 thousand.

The memory consumption of this feature is indeed very large. My source text files with rules are 25.5 MiB in total, and they took 130 MiB in RouterOs' DNS cache. Maybe you should implement it differently, for example as a suffix tree, or another kind of trie for compact storage and fast lookups.

Thanks!
 
User avatar
miku
just joined
Posts: 15
Joined: Fri Feb 23, 2024 3:57 pm
Location: Poland

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 2:25 pm

Hi,
I have hAP ac lite and of course too little memory to load the entire Adlist. But based on it, I created my own file, containing about 16,000 items. After loading, the DNS cache is 2300 KiB. I tested the effectiveness on d3ward: 56%, 79/140 blocked.
I selected the rules for browsing mainly Polish websites, so I estimate the effectiveness at more than 80%.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 2:48 pm

I'm getting about 97% coverage on my hap ax2 I think it's near 1 million hosts. But apple is being bypassed, on pi-hole it doesn't, not 100% sure why yet.
 /ip/dns/print

         max-udp-packet-size: 4096
         query-server-timeout: 2s
          query-total-timeout: 10s
       max-concurrent-queries: 100
  max-concurrent-tcp-sessions: 20
                   cache-size: 131064KiB
                cache-max-ttl: 1w
      address-list-extra-time: 0s
                          vrf: main
                   cache-used: 114725KiB

/ip/dns/adlist/print
Flags: X - disabled 
 0   url="https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/pro.txt" ssl-verify=no 
     match-count=36331 name-count=979734 

 1   file=apple.txt ssl-verify=no match-count=32 name-count=2
 
t0mm13b
just joined
Posts: 18
Joined: Sat Mar 04, 2023 5:11 pm

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 3:16 pm

Tried to netinstall 7.15beta6 with no luck on Chateau LTE12. Did not boot afterwards either. So I netinstalled 7.13.5 and device now running again.



As always with YOLO-actions: they don't last long. Fun while it lasts.

Bye testing channel. You'll not see me anytime soon. Horrible experience.
Me fool did not change back to stable channel in settings and did not disable the auto-update scheduler script.

So after netinstall yesterday of 7.13.5 I had exactly 680kb free space and after auto-update I am today on 7.15beta6 and free space ZERO bytes. So we can say: straight loosing quite 700kb of disk space just of what? Modern SMB? DLNA? ADLIST? 🤔
Interesting the size of the modules increased in size, that would explain somewhat storage getting zero bytes free - magic!
2024-03-10_13-13.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
Kanzler
Member Candidate
Member Candidate
Posts: 135
Joined: Wed Oct 05, 2022 6:55 pm
Location: Ukraine

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 3:34 pm

But apple is being bypassed, on pi-hole it doesn't, not 100% sure why yet.
Maybe you have iCloud Private Relay enabled?
 
User avatar
miku
just joined
Posts: 15
Joined: Fri Feb 23, 2024 3:57 pm
Location: Poland

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 4:04 pm

@fichte
The lists you are using are in the wrong format, not suitable for MikroTik

For example:
https://raw.githubusercontent.com/RPiLi ... /Hypotirol
||1hypotirol.com^
||bbpotirol.com^
||bypotirol.com^
...
 
Spidermila
just joined
Posts: 9
Joined: Wed May 19, 2021 12:37 pm

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 4:18 pm

re "*) package - reduced package size for SMIPS;" in beta6, it doesn't seem enough. There are no files to delete on the AP and yet I can't do the upgrade. The only way still is to upload the main package manually, reboot, then upload wireless package and reboot again.
[xxx@MikroTik] > system/resource/print
                   uptime: 3m51s
                  version: 7.13.5 (stable)
               build-time: Feb/16/2024 17:35:17
         factory-software: 6.44.5
              free-memory: 6.4MiB
             total-memory: 32.0MiB
                      cpu: MIPS 24Kc V7.4
                cpu-count: 1
            cpu-frequency: 650MHz
                 cpu-load: 4%
           free-hdd-space: 7.4MiB
          total-hdd-space: 16.0MiB
  write-sect-since-reboot: 938
         write-sect-total: 28093680
        architecture-name: smips
               board-name: hAP lite
                 platform: MikroTik
[xxx@MikroTik] > /file/print

[xxx@MikroTik] > /system/package/update/download
            channel: testing
  installed-version: 7.13.5
     latest-version: 7.15beta6
             status: ERROR: not enough disk space, 7.4MiB is required and only 7.4MiB is free
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 4:43 pm

But apple is being bypassed, on pi-hole it doesn't, not 100% sure why yet.
Maybe you have iCloud Private Relay enabled?
We don't use the function ie not subscribed. it just says (Private Relay (Beta) Upgrade) I've noticed that when you goto select manual dns, the ipad has my router ip as well as the dns I am using like....
192.168.88.1
1.1.1.1
Why is it filling in 1.1.1.1 as well ?
tried turning off the private address settings etc, still the same.
Previous setup was telling the router to handout the dns via dhcp. When I just powered up pi-hole on 192.168.88.8 then pointed my pc at the it i'm not getting any resovlv. But using dig I get a reply... will test more later!

pool range 192.168.88.100/200
 
chojrak11
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Apr 05, 2009 10:37 am

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 5:08 pm

@fichte
The lists you are using are in the wrong format, not suitable for MikroTik

For example:
https://raw.githubusercontent.com/RPiLi ... /Hypotirol
||1hypotirol.com^
||bbpotirol.com^
||bypotirol.com^
...
They need to implement this format, without it the feature is basically unusable. A lot of users would need to write converters from world's de facto standard into Mikrotik standard. It's better when they to implement the correct parser once and all of us can just use it. Same for bare domain names.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 7:57 pm

They need to implement this format, without it the feature is basically unusable. A lot of users would need to write converters from world's de facto standard into Mikrotik standard. It's better when they to implement the correct parser once and all of us can just use it. Same for bare domain names.
As I wrote above, they need to have an (optional) regexp that extracts the interesting part from the supplied line of text.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 8:38 pm


Maybe you have iCloud Private Relay enabled?
We don't use the function ie not subscribed. it just says (Private Relay (Beta) Upgrade) I've noticed that when you goto select manual dns, the ipad has my router ip as well as the dns I am using like....
192.168.88.1
1.1.1.1
Why is it filling in 1.1.1.1 as well ?
tried turning off the private address settings etc, still the same.
Previous setup was telling the router to handout the dns via dhcp. When I just powered up pi-hole on 192.168.88.8 then pointed my pc at the it i'm not getting any resovlv. But using dig I get a reply... will test more later!

pool range 192.168.88.100/200
I forgot to add the router ip to the DHCP/Networks/DNS Servers. Now it only dishes out 192.168.88.1 Doh!!
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Sun Mar 10, 2024 11:15 pm

They need to implement this format, without it the feature is basically unusable. A lot of users would need to write converters from world's de facto standard into Mikrotik standard. It's better when they to implement the correct parser once and all of us can just use it. Same for bare domain names.
As I wrote above, they need to have an (optional) regexp that extracts the interesting part from the supplied line of text.

If you're going to run some a regex over on all the entries... then what's the difference from a scheduled script that adds them to /ip/dns/static (which supports regex already on entries)?

Now when my 16MB routers don't upgrade because of more half-baked new features... I could see how a "||mikrotik.com^" in adlist block file might be useful vs. listing everything separately. ;)
 
msatter
Forum Guru
Forum Guru
Posts: 2940
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 1:02 am

@Amm0, default support for big files read from storage. RegEX is indeed all being used to recognize different types of entries and extract only what is needed. That it should be 0.0.0.0 "or NXD" is a parameter that could be separated from what is set in the file.

Example of a domainPosix: "^.+\\.[a-z.]{2,7}"
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 1:48 am

@Amm0, default support for big files read from storage. RegEX is indeed all being used to recognize different types of entries and extract only what is needed. That it should be 0.0.0.0 "or NXD" is a parameter that could be separated from what is set in the file.

Example of a domainPosix: "^.+\\.[a-z.]{2,7}"
Ah. It's resolving thousands of regex's per query I was worried about... Y'all talking about some "on-load" action that runs a regex over the downloaded adlist to pull out the hostname. Not the "runtime" resolver side parsing the hostname-as-regex for each query. Allowing AdGuard or Pi-Hole formats would seem to be a good call.

I just wish they'd add the missing PTR record to /ip/dns/static BEFORE adding new features like adlist — without PTR records Mikrotik DNS is largely unusable for me, as PTR records are needed for DNS-SD/mDNS.
 
noradtux
newbie
Posts: 39
Joined: Mon May 24, 2021 6:33 pm

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 8:01 am

I just wish they'd add the missing PTR record to /ip/dns/static BEFORE adding new features like adlist — without PTR records Mikrotik DNS is largely unusable for me, as PTR records are needed for DNS-SD/mDNS.
Though one cannot explicitely define PTR records, it will generate suiting PTRs from A- and AAAA-records. Good enough?
 
msatter
Forum Guru
Forum Guru
Posts: 2940
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 11:23 am

@Amm0 Read the file in chunks, put each chunk into an array. Then filter the array to obtain higer processing speed. Mikrotik can make that work in the background so that the load is not too high.

You have to wait then before the complete list is read in. Now it cuts each line into two parts and domain name hast be clean on bot ends.

PTR is seen as a record that can be retrieved on the fly. Then for static entries it would no harm to be able to define that also instead of the automatic version used currently.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 11:50 am



As I wrote above, they need to have an (optional) regexp that extracts the interesting part from the supplied line of text.

If you're going to run some a regex over on all the entries... then what's the difference from a scheduled script that adds them to /ip/dns/static (which supports regex already on entries)?
Differences:
- the regex to be used in adlist would only be called when receiving the file from the web. after evaluation, static DNS names result and a lookup would not cause more regexp evaluation effort
- the adlist puts the domain names only in the (RAM) cache, while running a script that adds static records will put them in flash storage, expanding the size of the in-flash configuration database (which will not reduce when you decide to stop using this method and delete all the records)

With a proper, more generic, implementation (that is why I think it should be called "hosts" rather than "adlist") it can even be used to add static records to DNS from a hosts file, resolving them not to 0.0.0.0 but to actual addresses, allowing to sync to large local hosts lists without affecting the flash.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 1:14 pm

Though one cannot explicitely define PTR records, it will generate suiting PTRs from A- and AAAA-records. Good enough?
Not really. While true DNS does return a PTR to a "in-addr.arpa" query automatically. You cannot add a PTR explicitly. These are needed to resolve mDNS/DNS-SD per RFC-6753. e.g. you need PTR to convert service like "_http._tcp" into "mycomputer._http._tcp" to be able to statically configure mDNS lookups.

Didn't mean to go off-topic... just annoying when a standard RR type for DNS like PTR cannot be configured. Yet seeing entire new feature like adlist added to DNS instead of fixing little bugs like PTR.
 
noradtux
newbie
Posts: 39
Joined: Mon May 24, 2021 6:33 pm

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 5:50 pm

Though one cannot explicitely define PTR records, it will generate suiting PTRs from A- and AAAA-records. Good enough?
Not really. While true DNS does return a PTR to a "in-addr.arpa" query automatically. You cannot add a PTR explicitly. These are needed to resolve mDNS/DNS-SD per RFC-6753. e.g. you need PTR to convert service like "_http._tcp" into "mycomputer._http._tcp" to be able to statically configure mDNS lookups.

Didn't mean to go off-topic... just annoying when a standard RR type for DNS like PTR cannot be configured. Yet seeing entire new feature like adlist added to DNS instead of fixing little bugs like PTR.
Ah, I wasn't aware of that detail regarding mDNS. I suggest you open a feature request ticket then :)
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 6:04 pm

Ah, I wasn't aware of that detail regarding mDNS. I suggest you open a feature request ticket then :)
SUP-100671, opened Dec 2022.
 
t0mm13b
just joined
Posts: 18
Joined: Sat Mar 04, 2023 5:11 pm

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 9:17 pm

Apologies if I keep bringing this up about those who have 16MB flash storage and issues with free space

Have opened ticket about a week ago and this is what they have to say
Hello,

Thank you for contacting MikroTik Support.

We are working on decreasing the package size in future versions.
Let's wait and see... be magic if it happens!

Not holding out much hope if they are adding extra stuff to the kernel modules for what, DLNA, adlists... only god knows what else.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 9:39 pm

Nostradamus: CUPS print server including most popular ink jet drivers is next
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 10:09 pm

Nostradamus: CUPS print server including most popular ink jet drivers is next
You'd likely not need a CUPS printer server with DNS PTR records. Any modern printer uses mDNS for discovery, so if DNS-SD records were added to Mikrotik DNS, most printers work across VLANs/etc. (*where Mikrotik is the resolver, and if it supported PTR records)
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1352
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.15beta [testing] is released!

Mon Mar 11, 2024 11:15 pm

Soon: RouterOS Media Center Edition.
/s.
 
Rox169
Member
Member
Posts: 467
Joined: Sat Sep 04, 2021 1:47 am

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 7:57 am

Soon: RouterOS for Mikrotik NAS :)
 
hagoyi
newbie
Posts: 33
Joined: Wed May 17, 2023 8:36 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 8:20 am

Is adlist works with DoH?
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 9:44 am

Nostradamus: CUPS print server including most popular ink jet drivers is next
You'd likely not need a CUPS printer server with DNS PTR records. Any modern printer uses mDNS for discovery, so if DNS-SD records were added to Mikrotik DNS, most printers work across VLANs/etc. (*where Mikrotik is the resolver, and if it supported PTR records)
I don't even need Samba service nor DLNA.
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 9:48 am

I don't even need Samba service nor DLNA.
And after writing it many times we all understood it... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 12:39 pm

I don't even need Samba service nor DLNA.

You're weird ... but so am I.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 12:44 pm

.... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
I don't think that anybody said that this functionality should never ever be implemented.

However it is pretty distracting if such a non-core functionality actually makes certain device types almost unusable (we have suggested numerous times to move this kind of functionality into optional package ... it can be done as wireless packages prove it). And disturbing fact is that MT seems to be in denial about the installation size problem, not publishing any concrete plans on how and when the problem is going to be solved. I'm thus pretty upset to see my hAP ac2 becoming obsolete and the cause for it seems to be inclusion of non-core functionality that I definitely don't need. I mean: any RaspberryPI is better suited to act as SMB/DLNA/whatever server than hAP ac2 and I can hardly understand people requesting this functionality (and then many of them complain about issues/bugs it comes with ... instead of running RPI with standard modern samba on it where they would have zero problems ... and I'd have zero problems using my hAP ac2 as a router/AP (which it's supposed to be). And don't get me started on container stuff ... MT's implementation is non-standard enough and HW platform is exotic enough to pose numerous challenges to anybody that wants to run containers (not to mention insufficient resources). Again it'd be easier to use a simple x86-based nettop, running some standard container platform (e.g. proper docker) ... and not much more expensive either (buying a beefy MT device doesn't come exactly cheap either).

And it's a pretty good question about priorities (is new non-core functionality supposed to be developed before all core functionality from v6 is (re)implemented in v7) ... albeit I can understand that this might not be easily solvable (I would expect to see different development teams working on different aspects of ROS and progress pace of different groups may be very different).
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 1:36 pm

I don't even need Samba service nor DLNA.
And after writing it many times we all understood it... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
I also don't deny that Samba or DLNA are useful. Both are great. I use a standalone Samba server and DLNA as well, but not on my router. I also don't question that someone other than me might use it. What I criticize is that it comes at the expense of limited storage space. Why can't it be an additional package? We've known for almost 10 years that SMB 1 is insecure—still, ROS 7 was launched with legacy protocol samba service, and in 2024, MT realized: "it would be cool if ROS didn't just support legacy SMB protocol versions" (quote from old SMB docs: "RouterOS only supports SMB v1.0 and v2.002"; quote from new ROSE SMB docs: "SMB1 is not supported due to security vulnerabilities."). And just like that, the main package was inflated by almost 400kb.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 1:46 pm

Thanks mkx, you hit the nail on the head.

Most disturbing of all:
And disturbing fact is that MT seems to be in denial about the installation size problem, not publishing any concrete plans on how and when the problem is going to be solved.
pe1chl obviously gave up on pointing out the storage space issue. That's why someone else has to keep repeating it. People with their bricked AC2 also contribute involuntarily.
 
User avatar
sirbryan
Member
Member
Posts: 391
Joined: Fri May 29, 2020 6:40 pm
Location: Utah
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 3:58 pm

Back to 7.15b6:

My home/office CCR2116 stalled overnight. Log says kernel panic. I had to power-cycle it to get it to come back. It had been running for two or three days (since b6 came out) just fine. Aside from OSPF & BGP to external network, it's got a few containers (piHole, homeassistant, open speed test, a custom SMB server based on alpine, and uptime kuma). The only thing that has changed from before the betas is that I actually got home assistant configured and it's talking to everything on the network.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2959
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 4:56 pm

.... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
I don't think that anybody said that this functionality should never ever be implemented.

However it is pretty distracting if such a non-core functionality actually makes certain device types almost unusable (we have suggested numerous times to move this kind of functionality into optional package ...
Preliminary visualisations of ROS version 10.x ... flowers are must-have for pro drivers ... :) :)
.
Image
 
t0mm13b
just joined
Posts: 18
Joined: Sat Mar 04, 2023 5:11 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 9:11 pm

.... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
<snip> any RaspberryPI is better suited to act as SMB/DLNA/whatever server than hAP ac2 </snip>

<snip>
And it's a pretty good question about priorities (is new non-core functionality supposed to be developed before all core functionality from v6 is (re)implemented in v7) ... albeit I can understand that this might not be easily solvable (I would expect to see different development teams working on different aspects of ROS and progress pace of different groups may be very different).
</snip>

Bingo, that right there, is the problem there with marketing department, making MT devices the all-singing-all-dancing devices that can do everything, a very expensive device to run Samba / DLNA and whatever else, when a cheap $35 raspberry pi will suffice, quite honestly, I wonder what are they smoking!

Thanks mkx.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 9:51 pm

Well, it would not have been a problem and it would have worked well when they had not made the stupid mistake of fitting only 16MB of flash in so many of their devices...
My first MikroTik router was a RB2011UiAS-2HnD-IN. It had 128MB Flash, and RS232, USB, LCD, a beeper. The list price was $129.
That was the perfect device. From there it went downhill.
Even though e.g. the RB750Gr3 also offers a lot, that is among the first devices with 16MB Flash. No more partitioning, not enough space for expansion of the OS.
And with the hAP ac2 it is even worse: the exposed Flash size is only 15.3MB (although the specsheet says 16MB) and the codesize for ARM is larger than for (M)MIPS.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 9:59 pm

My Chateau LTE12 and even CAP AC report only 15.2MB disk space.
Last edited by infabo on Tue Mar 12, 2024 10:20 pm, edited 1 time in total.
 
t0mm13b
just joined
Posts: 18
Joined: Sat Mar 04, 2023 5:11 pm

Re: v7.15beta [testing] is released!

Tue Mar 12, 2024 10:08 pm

Well, it would not have been a problem and it would have worked well when they had not made the stupid mistake of fitting only 16MB of flash in so many of their devices...
My first MikroTik router was a RB2011UiAS-2HnD-IN. It had 128MB Flash, and RS232, USB, LCD, a beeper. The list price was $129.
That was the perfect device. From there it went downhill.
Even though e.g. the RB750Gr3 also offers a lot, that is among the first devices with 16MB Flash. No more partitioning, not enough space for expansion of the OS.
And with the hAP ac2 it is even worse: the exposed Flash size is only 15.3MB (although the specsheet says 16MB) and the codesize for ARM is larger than for (M)MIPS.
Spot on!
Bought the Chateau LTE 12 over a year ago for around 290Euro, thinking it was the bee's knees
Now, there's a hAP ax lite LTE6 for 90Euro that has 8 times the storage of the Chateau LTE 12 and same size of RAM, ok does not have 5Ghz Wifi but hey-ho.
Fitting 16MB (well, 15.3 reported by winbox, on the cli, 15.2MB) on such devices is a massive shot to the foot.
 
buset1974
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Wed Sep 13, 2006 12:12 pm
Location: Jakarta

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 6:17 am

something happen in beta6, in our MPLS L3 networks,

routing advertised by PE with 7.15beta6 suddenly cannot do recursive routing to other PE

i think this changed can caused it, not sure

*) route - rework of route attributes;
*) vrf - fixed VRF interfaces being moved to main table after reboot (introduced in v7.14);

all back to normal when downgraded to beta4 or 7.14.1

thx
 
chojrak11
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Apr 05, 2009 10:37 am

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 1:36 pm


Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
WOW!!! That is going to be a gamechanger! But you need to improve it. It doesn't seem to be able to parse entries like this:

...

The memory consumption of this feature is indeed very large. My source text files with rules are 25.5 MiB in total, and they took 130 MiB in RouterOs' DNS cache. Maybe you should implement it differently, for example as a suffix tree, or another kind of trie for compact storage and fast lookups.

Thanks!
I'm quoting myself, because it just occurred to me that out of those 25.5 MiB source ad blocking lists only a small part was loaded (others were in the 2 formats not handled yet by RouterOS) and this small part required 130 MiB of DNS cache. So a lot more memory will have been required if all the files will have loaded in full. Half a gigabyte maybe, or more :-)
It seems you'll definitely need a more compact storage for these lists. But not knowing internal details I won't speculate and will leave you with this thought. Thanks!
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 1:54 pm

I'm quoting myself, because it just occurred to me that out of those 25.5 MiB source ad blocking lists only a small part was loaded (others were in the 2 formats not handled yet by RouterOS) and this small part required 130 MiB of DNS cache. So a lot more memory will have been required if all the files will have loaded in full. Half a gigabyte maybe, or more :-)
What is the problem with that? Several MikroTik routers have 1-2 GB of memory and little they can do with it.
I would be more concerned about the implementation of lookup (does it search sequentially or is there some more efficient indexing).
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 3:11 pm

*) console - replace reserved characters to backup and certificate export file names with underscores;

is there any reason this needs to be done?
this breaks my automated backups throughout my network.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 3:19 pm

*) console - replace reserved characters to backup and certificate export file names with underscores;

is there any reason this needs to be done?
Yes, having spaces in file names breaks parameter parsing in all CLI implementations I've seen and one has to use workarounds (such as enclosing such file name in a pair of double quotes).

Basically: space is a special character ... with function of separating command line parts.

And similarly for any other special characters.

this breaks my automated backups throughout my network.
So why don't you adapt your automated backups?
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 3:34 pm

*) console - replace reserved characters to backup and certificate export file names with underscores;

is there any reason this needs to be done?
Yes, having spaces in file names breaks parameter parsing in all CLI implementations I've seen and one has to use workarounds (such as enclosing such file name in a pair of double quotes).

Basically: space is a special character ... with function of separating command line parts.

And similarly for any other special characters.

this breaks my automated backups throughout my network.
So why don't you adapt your automated backups?
do you work for mikrotik?
what's the issue with using quotes? why is this a problem now when it wasn't a problem from inception to 7.14? why break this functionality for no good reason?
this change makes no sense in a fundamental sense. it's not like it applies anywhere else. you can still use space in quotes when setting comments from the terminal. you can still using space in quotes when changing interface names. the list goes on.
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 3:41 pm

why is this a problem now when it wasn't a problem from inception to 7.14? why break this functionality for no good reason?
Basis is already in place since 7.13, released Dec 2023.
*) console - replace reserved characters in file and script names with underscores
And there will be a good reason why they made this change or they would not have done it.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:08 pm

Yes, having spaces in file names breaks parameter parsing in all CLI implementations I've seen and one has to use workarounds (such as enclosing such file name in a pair of double quotes).
Other way around. It break existing script that were working with space. Perhaps good reason for the change, but it is a breaking one.

V6 even allowed spaces in file names, e.g.
/file print file="name with spaces"
/file set "name with spaces" contents="it works"
:put [/file get "name with spaces" contents]
# it works

But @mkx isn't right that it "breaks parameter parsing", there are quote for that. Now RouterOS recently allowed arbitrary extension, rather than assuming ".txt", and "added" a /file/add operations, and other good improvements too. But "no spaces" is an odd restriction. e.g. if restriction was "path-like" or "shell-like" chars like backslash etc that make more sense, than space which is handled by simple quoting.
 
felixka
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Oct 19, 2020 4:12 am
Location: Canada

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:21 pm

beta6 fixes the bug in VRF routing for me. Nice.
 
ToTheFull
Member
Member
Posts: 402
Joined: Fri Mar 24, 2023 3:24 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:23 pm

I have a script error...

08:36:22 script,error executing script from console failed, please check it manually

Cap ax
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:30 pm

I have a script error...

08:36:22 script,error executing script from console failed, please check it manually

Cap ax
Also saw it on AX2 and AX3.
Support is already working on it, I gave them all needed supouts and default scripts.
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:30 pm

you can still upload filenames with spaces, even if you can't manually create on directly on the device.
again, if there is a good reason for this breaking change, i'd like to see what this reason is.
massive headache to go back and fix all scripting with spaces inside quotes. it's especially annoying because you can still have spaces in a bunch of places, such as device name, interface name, comments, or pretty much any item with a naming field, which require said quotes anyway to use spaces.
Last edited by Railander on Wed Mar 13, 2024 4:36 pm, edited 1 time in total.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21778
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:33 pm

Did people actually use name with spaces without quotes???
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:35 pm

for the quotation explanation, it is even less convincing when you remember you still need to use it for unrelated scripting, such as.
[admin@COB] > :put [ip/ad/find address=10.172.70.18/30]

[admin@COB] > :put [ip/ad/find address="10.172.70.18/30"]
*1
 
chojrak11
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Apr 05, 2009 10:37 am

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:39 pm

I'm quoting myself, because it just occurred to me that out of those 25.5 MiB source ad blocking lists only a small part was loaded (others were in the 2 formats not handled yet by RouterOS) and this small part required 130 MiB of DNS cache. So a lot more memory will have been required if all the files will have loaded in full. Half a gigabyte maybe, or more :-)
What is the problem with that? Several MikroTik routers have 1-2 GB of memory and little they can do with it.
I would be more concerned about the implementation of lookup (does it search sequentially or is there some more efficient indexing).
Yeah, like home devices such as hAP series had 2 GB RAM.
Of course it's not sequential search, Mikrotik's DNS cache is very efficient, but storage-hungry. And there's a dedicated data structure called suffix tree, a variant of a general tree-like structure called "trie", which is both very compact in terms of memory usage and very efficient in terms of creation and lookups. I've implemented it once in Golang for this precise use case and it worked marvelously. And that's what I already written in my previous post. So don't worry about computational efficiency, but I think they do need make it more compact in memory. Unfortunately I don't have time now to make a test implementation in C, that'd be helpful.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 4:48 pm

Yeah, like home devices such as hAP series had 2 GB RAM.
Some features are not usable on some models.
While it is great that in MikroTik devices all models run the same software, you cannot reasonably expect that a $30 toy router has the same capabilities as a $2795 flagship device.
For each capability, there will be models that can do it fine, some that struggle, and some for which it is not reasonable to use it.

Other manufacturers solve that by releasing different firmware for each box, and provide a list of checkmarks for every model listing what exciting features it has.
The "allows loading of adblock lists" would not be available in the $30 model but only in the $150 model and up.
That way they sell more of the higher priced devices.

Now, MikroTik does not really do that. They sell all models with the same RouterOS (well, almost) and do not explicitly tell you that you cannot load a 25MB hosts file into your "lite" router.
Maybe it would be better if they did. Or, release "lite" versions of RouterOS to run on the bottom-end devices that do not include some of the more advanced features (but do run OK with limited flash and RAM)...
 
User avatar
own3r1138
Forum Veteran
Forum Veteran
Posts: 727
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 5:54 pm

1- The format drive of a USB is broken for some reason.
My hAP AC3 shows that the file system is unknown after an update from 7.13 to 7.14.
OS downgrade with formatting (EXT4) was omitted. It started to work fine, then I saw the 7.15b4 change log: disk - improved support for formatting ext4 file-system, so I decided to update to the latest beta release 5.15b6, which broke my config again. This time, the format drive could not even format a device as FAT32 or ext4 (it was stuck formatting the device). Next, I decided to downgrade to 7.14.1 at the end, and the same behavior was observed. I gave up and formatted the device on Windows as FAT32, which seems to work fine on 7.14.1.
format.png

2- My ethernet interface is flapping every few minutes. Tested on 7.14, 7.14.1 and 7.15b6.
ether.png
link-speed.png
You do not have the required permissions to view the files attached to this post.
Last edited by own3r1138 on Wed Mar 13, 2024 7:23 pm, edited 4 times in total.
 
ips
Member Candidate
Member Candidate
Posts: 154
Joined: Mon Oct 09, 2023 6:48 pm
Location: Italy

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 6:04 pm

Of course it's not sequential search, Mikrotik's DNS cache is very efficient, but storage-hungry. And there's a dedicated data structure called suffix tree, a variant of a general tree-like structure called "trie", which is both very compact in terms of memory usage and very efficient in terms of creation and lookups. I've implemented it once in Golang for this precise use case and it worked marvelously. And that's what I already written in my previous post. So don't worry about computational efficiency, but I think they do need make it more compact in memory. Unfortunately I don't have time now to make a test implementation in C, that'd be helpful.
IMHO suffix trees are not the proper choice as they solve the pattern matching problem (finding a pattern inside a long string) instead of string matching. And they are not very efficient in practice because they are pointer-based (i.e. memory accesses are rather expensive) and their storage requirements (albeit linear) have a pretty large hidden constant.
Probably Bloom filters and dichotomic search is way more efficient.

But I assume that the developers know that better than us.
 
DeviceLocksmith
just joined
Posts: 24
Joined: Sat Jan 15, 2022 8:21 am

Re: v7.15beta [testing] is released!

Wed Mar 13, 2024 11:45 pm



What is the problem with that? Several MikroTik routers have 1-2 GB of memory and little they can do with it.
I would be more concerned about the implementation of lookup (does it search sequentially or is there some more efficient indexing).
Yeah, like home devices such as hAP series had 2 GB RAM.
Of course it's not sequential search, Mikrotik's DNS cache is very efficient, but storage-hungry. And there's a dedicated data structure called suffix tree, a variant of a general tree-like structure called "trie", which is both very compact in terms of memory usage and very efficient in terms of creation and lookups. I've implemented it once in Golang for this precise use case and it worked marvelously. And that's what I already written in my previous post. So don't worry about computational efficiency, but I think they do need make it more compact in memory. Unfortunately I don't have time now to make a test implementation in C, that'd be helpful.
It took ChatGPT one second to come up with suffix trie solution, which consumes two pointers per unique domain name letter. With small caches it will take more space than text list. With larger ones containing longer domain names with same suffixes, the trie will improve storage efficiency.
suffixtrie.c

Not a lot of developers know what bloom filters are, and those who do know usually work with DDoS mitigation projects.
You do not have the required permissions to view the files attached to this post.
 
chojrak11
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Apr 05, 2009 10:37 am

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 2:12 pm


It took ChatGPT one second to come up with suffix trie solution, which consumes two pointers per unique domain name letter. With small caches it will take more space than text list. With larger ones containing longer domain names with same suffixes, the trie will improve storage efficiency.

suffixtrie.c


Not a lot of developers know what bloom filters are, and those who do know usually work with DDoS mitigation projects.
This implementation is a crap. I've seen it before. Not only it doesn't split domain name by the full stop character, it's also very memory hungry.
Do not rely on AI for things you don't understand.
 
chojrak11
Member Candidate
Member Candidate
Posts: 134
Joined: Sun Apr 05, 2009 10:37 am

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 2:14 pm

IMHO suffix trees are not the proper choice as they solve the pattern matching problem (finding a pattern inside a long string) instead of string matching. And they are not very efficient in practice because they are pointer-based (i.e. memory accesses are rather expensive) and their storage requirements (albeit linear) have a pretty large hidden constant.
Probably Bloom filters and dichotomic search is way more efficient.

But I assume that the developers know that better than us.
How many of those did you actually implement and test?
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1605
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 2:31 pm

MikroTik has once AGAIN managed to break script compatibility by prohibiting something as common as spaces(!) in file names. I have zero understanding of this as it affects our current solutions for version control and backup which now must be modified and tested on all nodes before we can even consider upgrading to v7.15. Why ever repeat the exact same mistake as with the date format fiasco!?

This is yet another piece of evidence that one should try (even if it's remotely possible) to avoid RoS scripting in production at all costs as Mikrotik might break compatibility without notice at any time.

Since this isn't the first time (and probably not the last) that Mikrotik breaks script compatibility, I think it's more than fair that Mikrotik includes a clear warning about this on the help page regarding scripting. Besides, spaces in file names have no significant effect that would justify this change otherwise we'd have seen a lot of complaints about this already.

Bottom line - one might wonder if R&D practices any QA sign-off at all. Sorry for my French, but this is completely bonkers!

Ref: viewtopic.php?t=205691
Last edited by Larsa on Thu Mar 14, 2024 2:37 pm, edited 2 times in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 2:33 pm

In general you can say that without the specialist expertise of DNS, you cannot implement a caching resolver that works without issues.
MikroTik has clear shown is that earlier in the v7 development. Every time they added or "improved" something in the DNS resolver, it was broken again.
It is much better to use code from the experts, that already has been tested and fixed.
That will also have a working (and hopefully efficient) cache mechanism.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 2:36 pm

MikroTik has once AGAIN managed to break script compatibility by prohibiting something as common as spaces in file names.
The common issue seems to be that people uses spaces in their System->Identity and then later use that as a filename.
Just don't do that! Something as basic as an Identity better should have no spaces in it, so you can also have it as a hostname etc.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1605
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 2:48 pm

That's beside the point.

You should NEVER EVER break script compatibility unless absolutely necessary. And the potential identity issue you're describing is merely a side effect of the change that breaks script compatibility, not the root cause!

I do have a certain understanding they want to avoid control characters and similar, but not when it comes to common characters like spaces.
 
ips
Member Candidate
Member Candidate
Posts: 154
Joined: Mon Oct 09, 2023 6:48 pm
Location: Italy

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 3:18 pm

How many of those did you actually implement and test?
Since you asked, my job is about (large) text indexing and searching/processing, especially in compressed space. My (old) implementation of suffix trees was a toy one because, for my job, ST are largely surpassed by suffix arrays and FM-index. Thus nobody use suffix trees as far as I know. At least in Bioinformatics, where the smallest collections of strings are in the order of tens of GB.

About Bloom filters, I wrote an application for filtering strings using (a variation of) Bloom filters that speeds up real-world analysis by a factor between 2 to 3.

But, disclaimer, I'm not in the networking world and I am completely aware that things that seem simple from outside (even to me) might hide important subtleties. That's why I wrote: "But I assume that the (Mikrotik) developers know that better than us."

As a side note: I completely agree with you that the implementation given above is not usable in any form (for example, it requires 129 pointers per unique character at each position). And it suppose that the alphabet is restricted to 128 symbols.
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 4:30 pm

MikroTik has once AGAIN managed to break script compatibility by prohibiting something as common as spaces in file names.
The common issue seems to be that people uses spaces in their System->Identity and then later use that as a filename.
Just don't do that! Something as basic as an Identity better should have no spaces in it, so you can also have it as a hostname etc.
irrelevant since a hostname is typed out differently anyway (with dots and subdomains).
your example is only applicable to someone that is already using device identity in fqdn-esque format but with spaces in the middle, which my guess is 0 people.
 
User avatar
miku
just joined
Posts: 15
Joined: Fri Feb 23, 2024 3:57 pm
Location: Poland

v7.15beta6 & WinBox, can't moving files by drag&drop

Thu Mar 14, 2024 5:16 pm

Hi,

hAP ac lite v7.15beta6: I tried to move the file between folders using the drag&drop method in WinBox. Each time I try, an error appears as in the attached image. In version 7.14, file moving by drag&drop works normally - I have 7.14 on another router (LHG R)
file_move_error.png
Looks like a bug...
You do not have the required permissions to view the files attached to this post.
 
User avatar
miku
just joined
Posts: 15
Joined: Fri Feb 23, 2024 3:57 pm
Location: Poland

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 5:38 pm

In WinBox it is not possible to upload a file directly to an external drive, e.g. to a USB drive connected to the router. Each uploaded file goes to the main folder (memory). This is a problem if I want to transfer large files (videos) to a folder shared via DLNA (in my case it's one of usb subfolders).
This is not specific to version 7.15beta. It also didn't work in older versions from line 7.*
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 5:51 pm

I do have a certain understanding they want to avoid control characters and similar, but not when it comes to common characters like spaces.
Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10519
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 5:58 pm

Yes, it seems like drag/drop moves now only work on the same device, not across devices. So it does not work when it has to copy the data.
Uploading files in Winbox was always limited to the main folder... but when you use FTP you can upload to another folder (device).
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 6:52 pm

I do have a certain understanding they want to avoid control characters and similar, but not when it comes to common characters like spaces.
Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.
please don't muddy the water.
nobody is asking for / : \
we're asking for space, and maybe comma.
perfectly supported in every OS for the last i don't know how many decades.
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 7:04 pm

 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1605
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 8:33 pm

Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.

To maintain script compatibility as much as possible, I believe it would be easier to focus on allowed characters rather than the other way around. In addition to spaces, I can think of characters like underscores, hyphens and commas. There are probably a few others I've missed.
 
ormandj
just joined
Posts: 18
Joined: Tue Jun 15, 2021 12:25 am

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 11:36 pm



Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.
please don't muddy the water.
nobody is asking for / : \
we're asking for space, and maybe comma.
perfectly supported in every OS for the last i don't know how many decades.
And considered bad practice, universally, where programmatic access is used, for good reason dating back before unicode's more wide acceptance and implementation. I don't think the problem is Mikrotik deciding to stop supporting something that was always a bad idea is the problem, it's discontinuing support in a minor release without a number of warnings around it, so people who've made unfortunate prior decisions have time to prepare. I'd strongly argue on the public release this needs to be very clearly communicated to avoid disasters for those who've unfortunately used spaces.

I can't comment on commas, I truly am beside myself even thinking about that, or why anybody would ever want to do that, unless they just enjoy pain.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1605
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: v7.15beta [testing] is released!

Thu Mar 14, 2024 11:59 pm

The major issue at stake here is script compatibility when using spaces (and similar common characters) in filenames, not control characters or UTF-8/16.
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Fri Mar 15, 2024 12:16 am

where programmatic access is used
i will ask one more time.
please stop muddying the waters.
FILE NAMES.
are you going to argue that every system in the world should also stop supporting spaces in file names? everyone that works with windows AD should now use _ instead of spaces in file names as well?
because if so, you are being extremely unreasonable and talking to you is pointless.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Fri Mar 15, 2024 9:13 am

@larsa and @Railander really should align their pains. One has a pain with scripting (where using any names containing special charcters, including but not limited to space, comma, colon, quote, double quote, question mark, exclamation mark, etc. is a really bad idea in any context except "plain strings" and even there one has to escape certain characters, such as double quote) and the other one is tripping on file name (and this is completely unjustified, as far as I understand MT did not discontinue support for file names which include special characters ... only the way one has to work with such file names, was made different).
 
DeviceLocksmith
just joined
Posts: 24
Joined: Sat Jan 15, 2022 8:21 am

Re: v7.15beta [testing] is released!

Fri Mar 15, 2024 10:08 am


It took ChatGPT one second to come up with suffix trie solution, which consumes two pointers per unique domain name letter. With small caches it will take more space than text list. With larger ones containing longer domain names with same suffixes, the trie will improve storage efficiency.

suffixtrie.c


Not a lot of developers know what bloom filters are, and those who do know usually work with DDoS mitigation projects.
This implementation is a crap. I've seen it before. Not only it doesn't split domain name by the full stop character, it's also very memory hungry.
Do not rely on AI for things you don't understand.
It took one whole second to produce - it took me more time to check there was main with driver code. You are being very insecure about LLMs. Relax, it wouldn't replace you anytime soon. As for professionals working on DNS code - sure.. producing implementation which stops caching records once cache size is reached.. no matter how old or infrequently used are the records in the cache.
 
FIPTech
Long time Member
Long time Member
Posts: 560
Joined: Tue Dec 22, 2009 1:53 am

Re: v7.15beta [testing] is released!

Fri Mar 15, 2024 5:36 pm

Seems like Adlist is not supporting modern adlist file formats with domain wildcards. For example abp style domains.

Seems like recent adlists are using a form of wildcards for domains to reduce the list size. For example OISD.NL is supporting those formats :

oisd small

https://small.oisd.nl (abp-style domains)
https://small.oisd.nl/domainswild (domains wildcards)
https://small.oisd.nl/domainswild2 (domains wildcards, alternate syntax)
https://small.oisd.nl/dnsmasq (DNSMasq below ver 2.86)
https://small.oisd.nl/dnsmasq2 (DNSMasq ver 2.86 and up, newer syntax)
https://small.oisd.nl/rpz (response policy zones)
https://small.oisd.nl/unbound (unbound)
https://small.oisd.nl/simplednsplusdblpi (Simple DNS Plus, with Domain Blacklist plug-in)


I tried the first abp-style file format with Mikrotik Adlist function without success.

Does Router OS support only the historic host file format ?

Even more importantly lists like OISD.NL do not generate anymore an old style hosfile file format, and because of that do not seem to be compatible with Router OS.

Seems like most Ad blocking utilities like Pi-hole are understanding those new file formats.
The advantage to support this inside RouterOS would be to reduce file size using domain wildcards and add whiltelist support directly inside the file format. Giving the possibility to use an HTTP source for blacklisting, and use at the same time a local file for whitelisting.

Without a Whitelisting capability in the filter engine, those lists are useless because most of the time they forbid a few sites that you need and that are not harmful.
Last edited by FIPTech on Sat Mar 16, 2024 1:35 pm, edited 1 time in total.
 
ips
Member Candidate
Member Candidate
Posts: 154
Joined: Mon Oct 09, 2023 6:48 pm
Location: Italy

Re: v7.15beta [testing] is released!

Fri Mar 15, 2024 5:55 pm

It took one whole second to produce - it took me more time to check there was main with driver code. You are being very insecure about LLMs. Relax, it wouldn't replace you anytime soon. As for professionals working on DNS code - sure.. producing implementation which stops caching records once cache size is reached.. no matter how old or infrequently used are the records in the cache.
Did you realize that the implementation uses 129 pointers per unique character at each position? >1KB per character. Lol.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Fri Mar 15, 2024 7:13 pm

One tip to avoid speculation on the internal algo of adlist, is the [:time command={}] which can time things on RouterOS.

Only did some quick tests using list from GH in docs, seems being found in adlist is quicker than the network time to resolve someone not on the list (over fiber to 1.1.1.1):
:put [:time command={:do {:resolve "www.ibm.com"} on-error={}}]
# 00:00:00.014935
# last item in GH adlist
:put [:time command={:do {:resolve "zqtk.net"} on-error={}}]   
# 00:00:00.006335
YMMV, but thought I'd mention the :time (and :resolve) commands to test /ip/dns/adlist.

Anyway, there is a way to check how things are performing IRL.
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Fri Mar 15, 2024 10:19 pm

as far as I understand MT did not discontinue support for file names which include special characters ... only the way one has to work with such file names, was made different).
the actual issue is when running /system/backup/save from the CLI, as opposed to from winbox (or, i'd assume, from API) is that the file name generated gets "corrected" to use _ instead of spaces or commas or anything else it deems reserved.
as you and others have pointed out, i don't understand why this change was made. you can still create backups with spaces in the name if made not from the CLI, and you can still have files with spaces in the device, and you can still use names with spaces anywhere else on the CLI that's not /system/backup/save, for example, /system/identity/set
it's certainly not any limitation since it has not only worked in v7 previously but also has always worked in v6, and to my knowledge there were never any issues from this.
again i ask, if there was any reason to make this very specific and particular limitation, i'd like to hear it.
 
DeviceLocksmith
just joined
Posts: 24
Joined: Sat Jan 15, 2022 8:21 am

Re: v7.15beta [testing] is released!

Sat Mar 16, 2024 7:55 am

It took one whole second to produce - it took me more time to check there was main with driver code. You are being very insecure about LLMs. Relax, it wouldn't replace you anytime soon. As for professionals working on DNS code - sure.. producing implementation which stops caching records once cache size is reached.. no matter how old or infrequently used are the records in the cache.
Did you realize that the implementation uses 129 pointers per unique character at each position? >1KB per character. Lol.
It's actually up to 128 (and you are not going to exhaust every combination - many character positions are not even registered and DNS is not case-sensitive) and it's two pointers per unique charecter at specific position, you are clearly not as good as you claim since you can't even read trivial code. Please go back to LC.
 
maxspeed
newbie
Posts: 29
Joined: Mon Dec 17, 2012 3:19 am

Re: v7.15beta [testing] is released!

Sat Mar 16, 2024 10:34 pm

*) winbox - added "Request logout" button under "System/Users/Active Users" menu;

Hi

not working for API session, and dont find a solution how to kill API session after disconnected, so the new button is used for what?

why we cant kill any session including winbox active session? so you cant kill your self!

Thank you
 
ips
Member Candidate
Member Candidate
Posts: 154
Joined: Mon Oct 09, 2023 6:48 pm
Location: Italy

Re: v7.15beta [testing] is released!

Sat Mar 16, 2024 10:48 pm


Did you realize that the implementation uses 129 pointers per unique character at each position? >1KB per character. Lol.
It's actually up to 128 (and you are not going to exhaust every combination - many character positions are not even registered and DNS is not case-sensitive) and it's two pointers per unique charecter at specific position, you are clearly not as good as you claim since you can't even read trivial code. Please go back to LC.
Tip: try sizeof(TrieNode)

Spoiler: 1032
Unless a pointer takes 516 bytes, you have 129 pointers per node.
 
hagoyi
newbie
Posts: 33
Joined: Wed May 17, 2023 8:36 pm

Re: v7.15beta [testing] is released!

Sat Mar 16, 2024 11:02 pm

If you use doh, it won't work.
Really? But why? I want to be protected both.
 
PackElend
Member Candidate
Member Candidate
Posts: 272
Joined: Tue Sep 29, 2020 6:05 pm

Re: v7.15beta [testing] is released!

Sun Mar 17, 2024 12:07 am

as there is work done on the wifi-qcom and main packages still increasing in size, any chance it will be possible to do VLAN tagging based on ACL via CAPsMAN on ARMs anytime soon?
 
ko00000000001
just joined
Posts: 9
Joined: Thu Feb 29, 2024 9:12 am

Re: v7.15beta [testing] is released!

Sun Mar 17, 2024 6:40 am

7.15beta6
In Proxmox VE VNC shows Starting services...
Unable to access the system.

Image
 
ffries
Member Candidate
Member Candidate
Posts: 178
Joined: Wed Aug 25, 2021 6:07 pm

Re: v7.15beta [testing] is released!

Mon Mar 18, 2024 8:16 pm

Hello. Upgrading My CCR2004-1G-12S upgrade to latest beta failed with message:
ccr2004-1g-12s: upgrade failed, free 209 kB disk space for a (null)upgrade
I see no special data on disk ... I removed the wifi package without any modification.
Uptime		00:10:24
Free Memory		3866.9 MiB
Total Memory		4096.0 MiB
CPU		ARM64
CPU Count		4
CPU Load		0 %
Free HDD Space		91.2 MiB
Total HDD Size		128.0 MiB
Sector Writes Since Reboot		39
Total Sector Writes		663 093
Bad Blocks		0.0 %
Architecture Name		arm64
Board Name		CCR2004-1G-12S+2XS
Version		7.14.1 (stable)
Build Time		2024-03-08 12:50:23
Factory Software		6.48.2
 
User avatar
stmx38
Long time Member
Long time Member
Posts: 650
Joined: Thu Feb 14, 2008 4:03 pm
Location: Moldova, Chisinau

Re: v7.15beta [testing] is released!

Tue Mar 19, 2024 8:30 am

Similar screen is on UTM, but WinBox discovered the IP and I was able to login.

7.15beta6
In Proxmox VE VNC shows Starting services...
Unable to access the system.

Image
 
ko00000000001
just joined
Posts: 9
Joined: Thu Feb 29, 2024 9:12 am

Re: v7.15beta [testing] is released!

Tue Mar 19, 2024 3:35 pm

Similar screen is on UTM, but WinBox discovered the IP and I was able to login.

7.15beta6
In Proxmox VE VNC shows Starting services...
Unable to access the system.

Image

Yes, I can access it through winbox too.
But not through the screen.
It always says the service is starting.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Tue Mar 19, 2024 4:30 pm

Similar screen is on UTM, but WinBox discovered the IP and I was able to login.
Yes, I can access it through winbox too.
But not through the screen.
It always says the service is starting.
True, but it will say "Service stopping" if STOP is request by QEMU host as an added detail here.
But I see same issue with UTM+QEMU, it doesn't clear screen and switch to the login prompt as it should. I tried a few different emulated video cards, none worked.

For UTM, it's easy to remove Display and add a Serial port which, for all intents and purposes, does same. Now some display should work, so seems like a bug... But serial at some level is more efficient than emulating a video card just to show 80x24 plain text. UTM will even use the screen grab of serial console to show state in the UTM mgmt window, just like a display would.
 
User avatar
Railander
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Thu Jun 16, 2016 11:30 pm

Re: v7.15beta [testing] is released!

Tue Mar 19, 2024 9:06 pm

likely predating to 7.14 when loopback interface was exposed, but i just noticed loopback address ::1 shows up in /ipv6/address and /ipv6/route
this creates unexpected behavior of OSPF redistribute connected advertising ::1
IPv4 does not have this issue, likely as it does not show up in /ip/address or /ip/route
> ipv6/route/print where dst-address in ::/16
Flags: D - DYNAMIC; A - ACTIVE; c - CONNECT, o - OSPF; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, DISTANCE
     DST-ADDRESS  GATEWAY                                    DISTANCE
D oH ::1/128      fe80::de2c:6eff:fe38:c7e6%vlan13-sfpplus3       110
DAc  ::1/128      lo

> ip/route/print where dst-address in 127.0.0.0/8
 
holvoetn
Forum Guru
Forum Guru
Posts: 6618
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.15beta [testing] is released!

Wed Mar 20, 2024 1:21 pm


Please keep this forum topic strictly related to this particular RouterOS release.

Friendly reminder ...
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1352
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.15beta [testing] is released!

Wed Mar 20, 2024 1:35 pm

new release when
 
infabo
Forum Guru
Forum Guru
Posts: 1447
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.15beta [testing] is released!

Wed Mar 20, 2024 2:43 pm


Please keep this forum topic strictly related to this particular RouterOS release.

Friendly reminder ...
And still my comment about upcoming beta7 custom ACME server got deleted as well?

see docs: https://help.mikrotik.com/docs/display/ ... cmeservers
 
User avatar
sch
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Tue Feb 26, 2013 1:05 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 4:25 pm

7.15beta6
In Proxmox VE VNC shows Starting services...
Unable to access the system.

Image
This has already been fixed and the fix will be included in the next version of RouterOS.
 
EdPa
MikroTik Support
MikroTik Support
Topic Author
Posts: 336
Joined: Fri Sep 15, 2017 10:05 am
Location: Riga
Contact:

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 4:41 pm

What's new in 7.15beta8 (2024-Mar-21 09:12):

*) bridge - added MVRP support;
*) bridge - improved protocol-mode STP, RSTP and MSTP stability;
*) bridge - reworked dynamic VLAN creation;
*) certificate - added support for different ACME servers for ssl-certificate (CLI only);
*) console - fixed DHCP server "authoritative=no" configuration export;
*) console - improved stability;
*) container - do not allow negative number for "ram-high" setting;
*) defconf - do not override default DHCP server lease time;
*) disk - improved system stability when adding partition with no parent;
*) eap - improved eap-peap, eap-mschap2 client authentication (dot1x/wireless/ipsec);
*) ethernet - fixed interface disable for CRS326-4C+20G+2Q;
*) ethernet - improved port speed downshift functionality for CRS326-4C+20G+2Q;
*) fetch - changed topic "info" to "error" for permission denied logs;
*) fetch - fixed slow throughput due to "raw" logging which occurred even when not listening to the topic (introduced in v7.13);
*) file - fixed moving files to/from external storage (introduced in v7.15beta4);
*) health - added "cpu-temperature" for IPQ50xx devices;
*) health - fixed fan behavior for CRS310-1G-5S-4S+ (introduced in v7.14);
*) health - fixed rogue voltage on CRS510-8XS-2XQ-IN;
*) leds - fixed LEDs for L22 device;
*) lte - fixed firmware upgrade not found issue for Chateau LTE12 (introduced in v7.15beta4);
*) media - added support for DLNA;
*) metarouter - removed support;
*) netinstall - improved stability;
*) ovpn - fixed import ovpn config when remote port is missing;
*) package - reduced "wireless" package size for ARM, ARM64 devices;
*) package - reduced package size for SMIPS;
*) ppp - added "enable-ipv6-accounting" option under PPP AAA menu (CLI only);
*) ppp - added addition support to monitor modem registration state, RSRP, RSRQ, SINR, PCI, CellID for BG77 modem;
*) qos-hw - fixed port "print stats/usage" when using "from" property;
*) quickset - only show LTE mode for devices without other wireless interfaces;
*) route - rework of route attributes;
*) route-filter - allow setting different AFI gateways;
*) sfp - fixed "sfp-tx-fault" state indication for CRS510;
*) sfp - improved auto-negotiation linking for some MikroTik cables and modules;
*) sfp - improved system stability with some GPON modules for CCR2004 and CCR2116 devices;
*) sms - added workaround for modems which do not notify regarding new SMS arrival (missing URC);
*) socks - attempt to parse domain name as IP before resolving;
*) ssh - require "policy" user policy when adding public key;
*) system - fixed upgrade for CCR2004-1G-12S+2XS (introduced in v7.15beta6);
*) system - updated office address in RouterOS license;
*) system - updated online manual links from "wiki" to the help documentation;
*) timezone - updated timezone information from "tzdata2024a" release;
*) traffic-flow - improved system stability;
*) webfig - allow pasting with ctrl+v into terminal;
*) webfig - fixed column preferences for ordered tables;
*) wifi - changed interface default to "disabled=yes";
*) wifi - improve regulatory compliance for L11, L22 devices;
*) wifi - improved stability of DFS check in the 5GHz-A band;
*) wifi - improved system stability when provisioning CAPs in certain cases;
*) wifi - show inherited properties with "print" command (replaces "actual-configuration") and added "print config" for showing only configured values;
*) winbox - fixed the issue where the skin file fails to appear in the user group menu after creation;
*) winbox - updated icons for WireGuard and ZeroTier menus;
*) wireguard - added option to mark peer as responder only (CLI only);
*) wireless - perform shorter channel availability check for 5600-5650MHz if regulatory domain permits it;
*) x86 - improved stability for RTL8125 driver;
*) x86/chr - improved panic saving (increased minimal RAM requirements to 256MB);
 
User avatar
loloski
Member
Member
Posts: 415
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 5:02 pm

Do you have at least initial draft document for MVRP?
 
WeWiNet
Long time Member
Long time Member
Posts: 610
Joined: Thu Sep 27, 2018 4:11 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 6:06 pm

Regression to 7.14:
- virtual AP Wifi interface that is a port on a bridge
- Wifi clients connected to that AP will show up as connected to "unknwon bridge port" in DHCP/lease as well as ARP etc.
This leads to firewall rules filter for instance in/out interface bridge ports, do not work anymore.
This problem is on beta 7.15.6 and beta 7.15.8
 
User avatar
Ullinator
just joined
Posts: 17
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 6:18 pm

Update to 7.15beta8 fails on wAP AC with error: upgrade failed, free 133kB disk space for a(null)upgrade
hc_241.jpg
There´s nothing else there, only routeros- and wifi-qcom-ac-package and no other files.
Update was tried from 7.14.1
That´s not good..... :-/
You do not have the required permissions to view the files attached to this post.
 
User avatar
CTassisF
newbie
Posts: 36
Joined: Thu Jun 11, 2020 10:26 pm
Location: São Paulo, Brazil
Contact:

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 6:41 pm

*) quicksest - only show LTE mode for devices without other wireless interfaces;

Small typo.
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 6:41 pm

I don't know what is happening with MikroTik. We are screaming here that for 15.3 MiB Flash memory devices is not possible to use existing RouterOS images or simply you can not make reboot if flash memory goes to 0. And the result of next release - just bigger Flash ROM image :-) Well, RIP MikroTik.
You do not have the required permissions to view the files attached to this post.
 
blacksnow
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Wed Feb 15, 2023 4:46 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 6:50 pm

I know everyone is looking at the technical pieces but some of the understated fixes in this beta are:

*) webfig - allow pasting with ctrl+v into terminal;
*) webfig - fixed column preferences for ordered tables;

Yes winbox and terminal are the most flexible for advanced configurations. But when you simply want to check a few things, not having to expand columns and other things makes a big difference. Kudos to getting this stuff fixed, I'm hoping the 32-bit counters on wireguard peers will be fixed next!
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3334
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 7:09 pm

Update to 7.15beta8 fails on wAP AC with error: upgrade failed, free 133kB disk space for a(null)upgrade
Even if MT has reduced size on latest version, your older version are to big to upgrade.
Netinstall may be the only way out.
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 7:22 pm

Update to 7.15beta8 fails on wAP AC with error: upgrade failed, free 133kB disk space for a(null)upgrade
Even if MT has reduced size on latest version, your older version are to big to upgrade.
Netinstall may be the only way out.
MikroTik definitely not reduced size of RouterOS + Qualcomm WiFi Drivers. They are bigger. They only reduced size of old and obsolete own not Wave 2
AC drivers
. That is useless.
 
User avatar
BrateloSlava
Member Candidate
Member Candidate
Posts: 201
Joined: Mon Aug 09, 2021 10:33 am
Location: Ukraine, Kharkiv

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 7:33 pm

Why not remove, for example, Mesh from the ROS for ARM?
Surely it will be possible to gain a little in the size of the image.
Last edited by BrateloSlava on Thu Mar 21, 2024 7:35 pm, edited 1 time in total.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 4252
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 7:34 pm

Update to 7.15beta8 fails on wAP AC with error: upgrade failed, free 133kB disk space for a(null)upgrade
Even if MT has reduced size on latest version, your older version are to big to upgrade.
Netinstall may be the only way out.
Or, just use ethernet (or a VPN) to connect to router from desktop, and uninstall whatever wireless driver, reboot... then do upgrade/downgrade & add back the desired Wi-Fi driver.
Likely easier if you didn't already have netinstall running.
 
massinia
Member Candidate
Member Candidate
Posts: 184
Joined: Thu Jun 09, 2022 7:20 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 8:02 pm

If you use wifi-qcom-ac with 15.3MiB devices be careful with the update because now the space left is very little.

Netinstall 7.15beta4
7.15beta4.PNG
Netinstall 7.15beta8
7.15beta8.PNG
While waiting for mikrotik to reduce the size, it is better not to use wifi-qcom-ac with these devices.
You do not have the required permissions to view the files attached to this post.
 
rpingar
Long time Member
Long time Member
Posts: 593
Joined: Fri May 28, 2004 2:46 pm
Location: Italy

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 8:08 pm

Delegated-IPv6-Prefix still not recognized by 7.15beta8 (and also by alpha218):
18:51:21 radius,debug,packet Unknown-Attribute(type=54) = 0x326130313a396138303a313031303a3a

in my dictionary:
ATTRIBUTE Delegated-IPv6-Prefix 54 string

early today your support comunicated that attribute was added in response to ticket SUP-134793
regards
 
User avatar
Ullinator
just joined
Posts: 17
Joined: Tue Jun 08, 2021 12:53 pm
Location: North-West Germany

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 8:44 pm


Even if MT has reduced size on latest version, your older version are to big to upgrade.
Netinstall may be the only way out.
Or, just use ethernet (or a VPN) to connect to router from desktop, and uninstall whatever wireless driver, reboot... then do upgrade/downgrade & add back the desired Wi-Fi driver.
Likely easier if you didn't already have netinstall running.
Exactly what I´ve already tried, de-install of wifi-qcom-ac of 7.14.1, reboot, upgrade to 7.15beta8, reboot, add wifi-qcom-ac from 7.15beta8, reboot -> failed because of not enough space.
Netinstall is also not working with 7.14.1 or 7.15beta8, every time when the wAP AC entered netinstall during reboot the netinstall(64).exe was terminated with an error similar to: "...was closed by remote"

Now I´m back to 7.14.1 and it´s working again.
As long as the packages increase in size older devices with 16MB (or even less like in the wAP AC) won´t get 7.15.X :-(
I personally don´t need Wireguard, MPLS, OSPF or BGP on a wireless device, so there should be more than enough possibilities to shrink the main package for older devices.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 21778
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 9:06 pm

I would like to know what you are doing here --> *) route - rework of route attributes;
Can you post sample text or something, sounds ominous!!!

Also, what is meant by: *) wireguard - added option to mark peer as responder only (CLI only);

Is this followup work to this improvement that maybe was not sufficiently doing the job?
*) wireguard - do not attempt to connect to peer without specified endpoint-address;

I am trying to understand what problem you were addressing as it didnt occur before BTH.
Is this the device (normally acting as server for handshake) trying to cconnect to a client type device??
Or is this what happens when two devices both without public IP access join and then only one designated device keeps checking in (persistent keep alive) but the other device was also trying the same????
 
patrick7
Member
Member
Posts: 351
Joined: Sat Jul 20, 2013 2:40 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 9:39 pm

Framed-Route still installed in main routing table instead of the VRF which the interface belongs to.
 
wispmikrotik
Member Candidate
Member Candidate
Posts: 144
Joined: Tue Apr 25, 2017 10:43 am

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 9:48 pm

Hi,

Mikrotik L009 port 1 of the switch disappears, adding the port on a bridge makes it have no HW.
[tuPrima@core01_plzva01] > /interface/ethernet/switch/port/print 
Flags: R - RUNNING
Columns: NAME, SWITCH
#   NAME         SWITCH 
0   ether2       switch1
1   ether3       switch1
2   ether4       switch1
3 R ether5       switch1
4 R ether6       switch1
5   ether7       switch1
6 R ether8       switch1
7 R sfp1         switch1
8   switch1-cpu  switch1
[tuPrima@core01_plzva01] > 

[TuPrima@core01_plzva01] > /interface/bridge/port/print detail 
Flags: X - disabled, I - inactive; D - dynamic; H - hw-offload 
 0     ;;; PC01
       interface=ether1 bridge=BDI100 priority=0x80 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no 
       restricted-tcn=no pvid=2 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes unknown-unicast-flood=yes unknown-multicast-flood=yes 
       broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no mvrp-registrar-state=normal mvrp-applicant-state=normal-participant 
       multicast-router=temporary-query fast-leave=no 

 1 H ;;; PC02
       interface=ether2 bridge=BDI100 priority=0x80 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no 
       restricted-tcn=no pvid=2 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes unknown-unicast-flood=yes unknown-multicast-flood=yes 
       broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no mvrp-registrar-state=normal mvrp-applicant-state=normal-participant 
       multicast-router=temporary-query fast-leave=no 




Regards,
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1605
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 10:17 pm

The arbitrary acceptance and rejection of certain characters in filenames cause unnecessary support system disruptions.

There is still a bug in 7.15beta8 (2024-Mar-21 09:12) that prevents our backup and version control systems from working properly when filenames contains spaces due to script incompatibility.

Strangely enough, backups from WinBox work with spaces and other writable ASCII characters, for examle a filename like "! + .^- @ # % &", but not via the console. First file (#0) in the file list down below is created using WinBox.
[admin@CHR] > /system/backup/save name="! + .^- @ # % &"
  Saving system configuration
  Configuration backup saved
Warning: name was corrected to __+_.^-_@_#_%_&

[admin@CHR] > /file/print proplist=name,type,size
Columns: NAME, TYPE, SIZE
#  NAME                    TYPE       SIZE
0  ! + .^- @ # % &.backup  backup     47.0KiB
2  __+_.^-_@_#_%_&.backup  backup     47.0KiB

  • Currently allowed characters in filenames: !+.^-@#%&
  • Currently disallowed characters in filenames: =*$()<>; + SPACE

It makes no sense at all to allow "!+.^-@#%&" but not spaces in filenames!

Ps...
In addition to the above oddities, I've encountered a bunch of "kernel failures" when testing different filename variations.
 
Sit75
just joined
Posts: 12
Joined: Thu Mar 11, 2021 9:43 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 10:26 pm

I don't know what is happening with MikroTik. We are screaming here that for 15.3 MiB Flash memory devices is not possible to use existing RouterOS images or simply you can not make reboot if flash memory goes to 0. And the result of next release - just bigger Flash ROM image :-) Well, RIP MikroTik.
Well MikroTik guys, I went through your .npk files and I really, really don't understand why on ARM devices with 15.3 MiB flash ROM it is necessary to have QCA9984 which is only for RB4011iGS+5HacQ2HnD-IN with 512 MiB flash ROM? Does it mean that all hAP, wAP are tossed just for the sake of having a common package for ARM with RB4011iGS+5HacQ2HnD-IN? Is this the right incredible reason?
You do not have the required permissions to view the files attached to this post.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 10:36 pm

Mikrotik L009 port 1 of the switch disappears, adding the port on a bridge makes it have no HW.

Block diagram for L009 shows that ether1 is not controlled by switch chip, it is instead controlled directly by CPU. Which means that L2 HW offload is physically impossible for this port.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 12895
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.15beta [testing] is released!

Thu Mar 21, 2024 10:39 pm

... is necessary to have QCA9984 which is only for RB4011iGS+5HacQ2HnD-IN ...
... and for RBD25G-5HPacQD2HPnD (Audience). Admittedly Audience has flash larger than 16MB as well.

Who is online

Users browsing this forum: eworm, gogle, okomor13, rb9999, sas2k, TNorthover and 12 guests