Thank you! 👍*) wifi - improve channel selection after radar detection events;
*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
What?? 😍*) media - added support for DLNA;
Any chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.script,error executing script from scheduler failed, please check it manually
Example:Logging rules have always worked as "and" filters. You have unlimited options there.
dhcp,critical,error xxxxxxxxxxxxxxxx
Thank you! this fixed my problem with 7.13 / 7.14 where I had to disable/enable my internet vlan interface after booting :)*) vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;
*) vlan - fixed MTU reset on bridge after reboot;
Or repurpose :quit for early termination when used in /system/scriptAny chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.
I've had this issue on hEX PoE Lite... is it also fixed? I don't know if it's version related*) poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);
That causes a ssh session to terminate when running the script... So not an option.Or repurpose :quit for early termination when used in /system/scriptAny chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.
Can you add multiple lists to the new Adlist feature or only one list ?Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
Unfortunately there often are different messages with the same topics. So writing "info,!l2tp" will exclude all info,l2tp topics but that will exclude more than the message you have seen and want excluded.As mentioned on every version topic - please keep the topic related to the issues that are introduced just in this release and new features.
Logging rules have always worked as "and" filters. You have unlimited options there.
For example, "info" will log info messages, but "info,!l2tp" will log all info topic messages except ones with topic "l2tp" and "info,l2tp" will log only messages that contain both topics.
Why is it called "Adlist" when in fact it is a method to add a hosts(.txt) file?Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
YesCan you add multiple lists to the new Adlist feature?
Nope.Can this version be booted on Raspberry Pi 4 or 5?
I don't think so...Good joke, this release add 200kb+ to main package. It is absolutely not possible to use with devices with 15,3 MiB HDD. hAP ac^2 in my case.
/ip/dns/adlist/print
Flags: X - disabled
0 url="https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" ssl-verify=no match-count=60
name-count=17010
It is the fault of your board manufacturer or seller.something cosmetic on X86:
board-name: x86 To be filled by O.E.M. To be filled by O.E.M.
It is not a joke. I am using standard setup with routeros.npk + wifi-qcom-ac.npk. You are using "old" not Wave2 AC WiFi drivers, which is 800kB+ less. That is the reason.I don't think so...Good joke, this release add 200kb+ to main package. It is absolutely not possible to use with devices with 15,3 MiB HDD. hAP ac^2 in my case.
I wonder what packages you have installed...
I agree. Main package is 212KB larger, while wireless package lost 144KB. And here's the kicker, wifi-qcom-ac is the same size. If main package gets even more bloated then you can't even use wifi-qcom-ac anymore, which might be what Mikrotik actually wants. They dangle the carrot in front of you, but you can't actually use it because of features like this DLNA that MUST be in main package for some odd reason.Good joke, this release add 200kb+ to main package. It is absolutely not possible to use with devices with 15,3 MiB HDD. hAP ac^2 in my case. I am really curious why it is so important to put NAS features to main package for the routers? I have SYNOLOGY for those features. It is insane! Thumb down!
Would be interesting to see if that has anything to do with "orphaned" routing table entries after any of routing protocol processes has crashed? We'll see I guess...*) route - improved system stability;
Is it just for hosts format ?
seems to be working
Code: Select all/ip/dns/adlist/print Flags: X - disabled 0 url="https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" ssl-verify=no match-count=60 name-count=17010
Cach used=2050 KiB
Added another 2048 ?? meh!
it is time for MT to release stripped down "DumbAP" (Openwrt terminology) image for HaP AC2They dangle the carrot in front of you, but you can't actually use it
Hopefully not in the attic, in a box, unplugged. I feel like Mikrotik tries to be like a FRITZ!Box and do everything in one box. They also have this same exact Media Server feature and they had it about 4 years ago.and finally put HaP AC2 to place where it belong
looking at my HaP AC2 dumb APs ...Same for cAP AC. This should be a dumb AP.
i could only smile on thisI feel like Mikrotik tries to be like a FRITZ!Box and do everything in one box. They also have this same exact Media Server feature and they had it about 4 years ago.
I was not convinced at first but after installing the beta I could see the workings and my compliments for a complete implementation from the start.Why is it called "Adlist" when in fact it is a method to add a hosts(.txt) file?Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
Sure that is a trick that some people use to block access to certain domain names, but that is not the primary purpose of a hosts file.
When you want a specific feature for blocking ads, I suggest it could be made a bit more powerful, e.g. by specification of a regexp that you want to run on each line, to extract the wanted data (the domainname) and how to insert it into the DNS cache (as 0.0.0.0 or as NXDOMAIN).
Also a similar function would be desirable to load address-lists with data from a file/URL (both single addresses and subnets).
At the very least make one HaP AC2b, with more storage!
it is time for MT to release stripped down "DumbAP" (Openwrt terminology) image for HaP AC2 only switch/firewall/dhcp v4 & v6 client/ AC wifi and finally put HaP AC2 to place where it belong
/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=no
Please add option to specify custom IP address to redirect to instead of 0.0.0.0 for any specific adlist.Also new feature - IP/DNS/Adlist:
https://help.mikrotik.com/docs/display/ ... DNS-Adlist
SMB didn't leave. It was replaced with ROSE's version of SMB.*) media - added support for DLNA;
I was happy to see SMB leave the default system package, but DLNA is even worse.
delay 2
/ipv6/dhcp-client/disable numbers=0
delay 3
/ipv6/dhcp-client/enable numbers=0
How is that even possible? Has https:// not reached PL yet? or are PL citizens trained to ignore certificate errors when browsing?For example here in PL the law requires all ISPs to redirect gambing listes that don't pay taxes listed as https://hazard.mf.gov.pl/ to 145.237.235.240 which shows a warning that the Big Brother (Ministry of Finances) is watching.
It exists: hap ax2
At the very least make one HaP AC2b, with more storage!
Why? When I ask support to add a feature. I get routers don't do that or some other excuse. Now, this DLNA. This adds about another 1mb to the bundle release. Please make this an extra feature to download. Hey, here's an idea MT. How about making a poll?*) media - added support for DLNA;
I was happy to see SMB leave the default system package, but DLNA is even worse.
I couldn't agree more. Also on the topic. It would help not to install wifi on a router that doesn't support wifi. Then have a separate topic for debugging and issues with wifi routers.Upgraded a CHR, hAP ax2, hAP ac2, cAP ac, RB750G (with 64MB flash!) - no problems.
But... I could not agree more with everyone asking for split packages... I don't need any of additional "features", like SMB, Hotspot, DLNA, RADIUS, BGP, OSPF (whole Routing menu?), MPLS, Kid control???, most of the Tools menu (everything basically once the network is up) on my CAPs. I just want them to accept wifi clients and forward them to appropriate VLAN. And I know how to add packages, actually I have UPS package on many of them, much more useful than DLNA.
Yes, let's remove the routing protocols from a router. Great idea! If your needs are so minimal, why don't you roll your own router with Debian or something. Eliminate the other junk that is not routing/router related, but please don't gimp my router from doing the most basic of routing processes.BGP, OSPF (whole Routing menu?)
Maybe have a poll on what feature we want in a basic install and features and services that can be installed as a separate package.Yes, let's remove the routing protocols from a router. Great idea! If your needs are so minimal, why don't you roll your own router with Debian or something. Eliminate the other junk that is not routing/router related, but please don't gimp my router from doing the most basic of routing processes.BGP, OSPF (whole Routing menu?)
It's not feching the hosts file. Do it manually.Can anyone with hAP ac2 confirm thatdownload the list?Code: Select all/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=no
Name count always remains 0
/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=yes file=hosts
No, hEX PoE Lite has different HW design with different PSE controller. But your device should be able to give PoE-Out down to ~11V@DC.I've had this issue on hEX PoE Lite... is it also fixed? I don't know if it's version related*) poe-out - fixed powering devices if input voltage is lower than 12V for hEX PoE (introduced in v7.9);
You don't need the poll. MT needs to just skim over this forum. So they separate a wireless stuff, which is an essential networking feature, and bake in stuff like SMB, DLNA media support? Who's running this circus, a marketing department? Recent state of packaging stops to make a sense ....Maybe have a poll on what feature we want in a basic install and features and services that can be installed as a separate package.
Yes, let's remove the routing protocols from a router. Great idea! If your needs are so minimal, why don't you roll your own router with Debian or something. Eliminate the other junk that is not routing/router related, but please don't gimp my router from doing the most basic of routing processes.
I don't see any possibility to trim down the linux kernel but why couldn't MT trim down the packages. If your point is why don't you roll out your own. I bought MT router so I wouldn't have too.
We are glad to have Mr Yoda here, who by waving the hand pushes and compresses the packages, so that those fit the installation space on our intergalactic fleet of router ships :-)Poll won't happen. Only unhappy people visit the forum. The majority is happy. No need to trim down package size. The happy people are going to install/upgrade ROS on a HAP AC2 successfully and only the pessimist ones are going to face "0 free bytes" problems. It's a state of mind - not a technical issue.
Home users don't even know this forum exists
Very poor optics coming from Mikrotik as a whole.Just commenting on that remark about the forum - with all the respect to you all, but forum is for mikrotik enthusiasts and professionals. Home users don't even know this forum exists
I said quite the opposite. I said we listen to all users, not just the forumSo this is MT's excuse not to listen to opinions on this forum?
It's definitely not a "happy" or "unhappy" feelings. It's about functionality. If you reach 0KB free HDD size, the router cannot be restarted - it simply won't start after restarting. This is a serious problem. You can only do the netinstall procedure. That's the point.Poll won't happen. Only unhappy people visit the forum. The majority is happy. No need to trim down package size. The happy people are going to install/upgrade ROS on a HAP AC2 successfully and only the pessimist ones are going to face "0 free bytes" problems. It's a state of mind - not a technical issue.
Many people here have a disk size issue on 16 / 15.3 MB devices that cannot even update since 7.13 without backup & netinstall. We were hoping so much for 7.14 when beta changelog promised reduced size but no, the released version is still too big. All we ask for is a long term release we can stick to. Yes, we should have left RouterOS 6 in place years ago but who knew. I am a home user and I have 3 devices in different places, with auto update scripts in place for many years.We will fix non working things, of course. Including size issues. That is what this topic is for - please resport issues you have seen in this Beta
There is an obvious solution to the problem but it is not likely to fit into Mikrotik's strategy - make firmware packages model-specific.Poll won't happen. Only unhappy people visit the forum. The majority is happy. No need to trim down package size. The happy people are going to install/upgrade ROS on a HAP AC2 successfully and only the pessimist ones are going to face "0 free bytes" problems. It's a state of mind - not a technical issue.
delay 2
/ipv6/dhcp-client/disable numbers=0
delay 3
/ipv6/dhcp-client/enable numbers=0
I have been able to overcome lack of space by disabling all graphing (which can take megabytes of space!) and deleting backups/support.rif/everything from Files.Many people here have a disk size issue on 16 / 15.3 MB devices that cannot even update since 7.13 without backup & netinstall. We were hoping so much for 7.14 when beta changelog promised reduced size but no, the released version is still too big. All we ask for is a long term release we can stick to. Yes, we should have left RouterOS 6 in place years ago but who knew. I am a home user and I have 3 devices in different places, with auto update scripts in place for many years.We will fix non working things, of course. Including size issues. That is what this topic is for - please resport issues you have seen in this Beta
Please, back-port it to 7.14!Thank you! this fixed my problem with 7.13 / 7.14 where I had to disable/enable my internet vlan interface after booting :)*) vlan - ensure that VLAN MTU remains unchanged when adjustments are made to the parent interface MTU, only modifications to the L2MTU might impact VLAN MTU;
*) vlan - fixed MTU reset on bridge after reboot;
In what language? What you said was very clear, and you made no mention of listening to all users.I said quite the opposite. I said we listen to all users, not just the forumSo this is MT's excuse not to listen to opinions on this forum?
My main blocker I use is about 1 million entries "HaGeZi's Pro DNS Blocklist" well, my lists consist of various lists depending on what I allow where.Yes, you have to be careful with the new features, like all features in RouterOS, just that they are available, doesn't mean they will work on all devices at their full capacity. For serious ad blocking, you need big lists and lots of cache
That problem has been present "forever" in RouterOS (at least as long as I use it).Problem: at least since 7.14, probably earlier: in Winbox, Wifi menu, Wifi tab, there are two columns named "Channel", also two "TX Power". One is for configured value, other for current. Now, when I exit the session and log in again, only configured values are there, I have to go to "Show Columns" and enable current values, again and again, which is not practical during deployment (later, whwn everything is working it does not matter).
Can you please rename the columns? At least one of each group? Like "Configured Channel"?
Case in point: I have well over 200-300 hAP AC/AX 2/3 routers deployed in my customers' homes. I can guarantee that maybe 1 or two have visited this forum, ever, besides me. There are easily 199-299 that have not and will not ever need to.In what language? What you said was very clear, and you made no mention of listening to all users.
I said quite the opposite. I said we listen to all users, not just the forum
In fact, it seemed to be, if anything, stating that home users, ME included, dont come to the forums, nor all the people I have helped that are home users, which is all quite laughable.
I repeat, even with wifi-qcom-ac I don't get to 0 of free space as you say.It is not a joke. I am using standard setup with routeros.npk + wifi-qcom-ac.npk. You are using "old" not Wave2 AC WiFi drivers, which is 800kB+ less. That is the reason.
I don't think so...
I wonder what packages you have installed...
Thanks for your reply wfburton, I don't know why "URL" doesn't work for me, I have to download the file as you recommended.It's not feching the hosts file. Do it manually.Can anyone with hAP ac2 confirm thatdownload the list?Code: Select all/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=no
Name count always remains 0
/tools/fetch url=https://raw.githubusercontent.com/Steve ... ster/hosts
Seems it's half baked...
then in the pull down box select hosts
Also, download the certificate chain and you can use ssl. But I haven't verified it that works or not.
Cache Used 19094 KiB
github-io-chain.pem.txtCode: Select all/ip/dns/adlist add url=https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts ssl-verify=yes file=hosts
How? It's not an option to Branding Kit Maker on mt.lv... Nothing about how to build a "defconf" works is documented.*) branding - added option to hide default configuration prompt;
Exactly how the default configuration uses caps-mode-script has been a mystery to me, before this change – e.g. from branding kit there is one default configuration loaded, but in CLI the caps-man and "main" default script appears separately under /system/default-configuration.*) branding - added option to hide or replace default caps-mode-script;
I have decided to solve the scripting issues on my side. So did a massive rework, and I think I am mostly fine for now. 👍Oh... This one is kind of a nightmare! 😳
I don't know how this feature helps? As far as cache size, the host file is about 4.8mb. Why is it using 19mb then? And I don't believe changing the cache TTL would help. This is a host file and not different than any host file you would you on your pc. Maybe, MT can change the logic and only cache the local network address and cache only hosts that gets a hit in the host file.Thanks for the Addlists function, it all seems to block and work well for me on my Hap AX2. Although I did have to up the Cache Size to 32768KiB to give myself a bit of leg room which at the moment seems to be slowly rising and currently 19211 KiB I might bring the cache TTL down a little lets see.
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 100
max-concurrent-tcp-sessions: 20
cache-size: 131064KiB
cache-max-ttl: 1w
address-list-extra-time: 0s
vrf: main
cache-used: 117207KiB
Right. I don't see any hits. But, I'm not currently using it and probably won't. Just to heavy to run on CRS309-1G-8S+To be clear I am just trying this out. it loads into memory thats all I can tell you so far. as to how it all performs is another question. I have the free memory so why not ? but as stated I would urge people to be carefull. as far as I can see if you don't have enough memory your logs will be flooded.
Ever heard of data structures, indices, hashtables, trees, memory alignment, etc...? If MikroTik just put your 4.8MiB file in 4.8MiB RAM performance will be horrible because for every DNS query RouterOS have to do a linear scan through hundreds of thousands of unaligned lines of text. For efficient lookup, and also insertion, deletion (because the cache table is dynamic) including lookup & deletion by TTL, your text file will need to be parsed and transformed/stored in appropriate data structures in memory, with multiple associated indices (hostname, TTL, RR type). There also will be holes in between because the data need to be aligned and not all buckets are filled, especially after random insertion/deletion. Of course it can be multiple times bigger than the original raw text file.As far as cache size, the host file is about 4.8mb. Why is it using 19mb then? And I don't believe changing the cache TTL would help. This is a host file and not different than any host file you would you on your pc. Maybe, MT can change the logic and only cache the local network address and cache only hosts that gets a hit in the host file.
I'm getting 97% coverage according to the top addblock testing site from google. I guess they may add features if it picks up steam?Right. I don't see any hits. But, I'm not currently using it and probably won't. Just to heavy to run on CRS309-1G-8S+
Like I said. I don't know how this is implemented. But even still, I won't be using this feature even if it makes it to RC. Just to heavy! Maybe a service for those who want it.. Should work fine with MT new line-up of routersEver heard of data structures, indices, hashtables, trees, memory alignment, etc...? If MikroTik just put your 4.8MiB file in 4.8MiB RAM performance will be horrible because for every DNS query RouterOS have to do a linear scan through hundreds of thousands of unaligned lines of text. For efficient lookup, and also insertion, deletion (because the cache table is dynamic) including lookup & deletion by TTL, your text file will need to be parsed and transformed/stored in appropriate data structures in memory, with multiple associated indices (hostname, TTL, RR type). There also will be holes in between because the data need to be aligned and not all buckets are filled, especially after random insertion/deletion. Of course it can be multiple times bigger than the original raw text file.As far as cache size, the host file is about 4.8mb. Why is it using 19mb then? And I don't believe changing the cache TTL would help. This is a host file and not different than any host file you would you on your pc. Maybe, MT can change the logic and only cache the local network address and cache only hosts that gets a hit in the host file.
Thanks for the post!I'm getting 97% coverage according to the top addblock testing site from google. I guess they may add features if it picks up steam?Right. I don't see any hits. But, I'm not currently using it and probably won't. Just to heavy to run on CRS309-1G-8S+
Yes of course. I compiled and run my own dns and understand the code when it comes to those things. Like I said, I don't know how MT implement this feature.Ever heard of data structures, indices, hashtables, trees, memory alignment, etc...? If MikroTik just put your 4.8MiB file in 4.8MiB RAM performance will be horrible because for every DNS query RouterOS have to do a linear scan through hundreds of thousands of unaligned lines of text. For efficient lookup, and also insertion, deletion (because the cache table is dynamic) including lookup & deletion by TTL, your text file will need to be parsed and transformed/stored in appropriate data structures in memory, with multiple associated indices (hostname, TTL, RR type). There also will be holes in between because the data need to be aligned and not all buckets are filled, especially after random insertion/deletion. Of course it can be multiple times bigger than the original raw text file.As far as cache size, the host file is about 4.8mb. Why is it using 19mb then? And I don't believe changing the cache TTL would help. This is a host file and not different than any host file you would you on your pc. Maybe, MT can change the logic and only cache the local network address and cache only hosts that gets a hit in the host file.
Yah, that what I was thinking before. A normal host text file. But I was reminder by CGGXANNX that it's not the case.It must be using the same DNS resolver (e.g. effected by cache size). I'd just prefer it was a generic way to dynamically load a "normal" /etc/host with real hosts – that be useful as "poor man's zone file" to load same hosts on multiple routers. e.g. I don't want 0.0.0.0 as hosts, but a URL that's periodically download with a list of DNS host is useful
On the performance issue, time will till. I'm pretty sure a Pi-Hole container is more heavy than adlist (now perhaps more capable). e.g. Pi-Hole more likely to have impact on router performance than resolving a host in the native DNS resolver, which I presume is populated by the "adlist".
what are you talking about? PPSK feature exists since forever, long before other vendors supported it.When do you plan to implement feature that just about any other vendor have ? PPSK...
I liked the ROSv6 way, when you were able to deselect different modules.Maybe it would be even possible to create a "RouterOS Package Builder"
Some parts I agree with, some I don't.Package size for devices with 16 MB flash is definitely an bigger issue. I have a hap ac2 at home with routeros (system) and wifi-qcom-ac packages here and hit the 0kb free mark earlier just with config, 0 additional files on disk
Two problems arise here:
- Config added after the 0kb mark is not saved consistently - meaning that you could risk an inconsistent state after rebooting, not knowing which parts are actually saved without rebooting and running /export. Regular reboot (via Cli/Winbox) shows "router was rebooted without proper shutdown, probably kernel failure" after booting - probably due to flash corruption(???)
- For example while trying out the new DLNA feature (and for that setting up an smb share on an external usb disk) i encountered random reboots (watchdog timer). Problem is that I am unable to even report the issue correctly at this point because there is no chance to create an Supout.rif file - due to lack of disk space. So hitting a dead end here
Don't get me wrong here - I appreciate the new features and everything, but the limit of 16MB devices will be hit sooner or later (in this case real soon, unfortunately)
As for a solution, I would propose an additional (i.e. routeros-minimal) system package with just the bare minimum and split the rest (Advanced Routing, VPN, ...) into separate packages. Advantage would be even that you even could install extra packages (i.e. zerotier or whatever) without running out of space - just as needed for the use case per device.
Maybe it would be even possible to create a "RouterOS Package Builder" where the user could decide which of the main features he wants to install - or make installation of extra packages available via cli/winbox with checkboxes. Probably not feasible, but just an idea in my head :)
Not a fan of the idea to create an LTS release for these devices - would kill innovation considering that some recent devices ship with 16 MB flash.
Sorry but should I say to my guest please can you give me your MAC addresses so you can connect to right VLAN ??? No, in my opinion that is not proper PPSK, that is workaround.what are you talking about? PPSK feature exists since forever, long before other vendors supported it.When do you plan to implement feature that just about any other vendor have ? PPSK...
WiFi -> Access List (capsmanv2)
Wireless -> CAPsMAN -> Access List (legacy capsman)
Wireless -> Wireless -> Access List (standalone ap)
PPSK feature only works with WPA2 and below, regardless of the vendor.
And healthyAhh the old days, ...When chocolate was cheap!
Is there some cloud provider that has AMPERE that is known to work and/or "supported"?!) system - added support for AMPERE (R) hardware (new ARM64 ISO file, new ARM64 extra-nics.npk package);
Maybe some Kleenex™ would help to clear it up.What is AMPERE??
Due to the stupid name it is impossible to Google...
That why I asked about ARM64 CHRs. On AWS I believe ARM64 is cheaper but AMPERE is not going work. And, there a lot of smaller ARM64 boards that can run KVM, but need RouterOS as ARM64 disk image. Some hyped "AI" (GPU-enabled) enterprise server does NOT seem like a good fit for RouterOS to be the native OS. Now running as container under AMPERE would make sense.I don't know why it's good anyway . . . in ROS
There's nothing in particular about AMPERE in AMPERE image. It is UEFI based, and supporting various VIRTIO drivers, and is easily runnable on arm64 QEMU KVM. If you want you can just install locally, and `dd` image into cloud provider and it will just boot fine, as long as cloud provider does attach disk with some sort of serial number.That why I asked about ARM64 CHRs. On AWS I believe ARM64 is cheaper but AMPERE is not going work. And, there a lot of smaller ARM64 boards that can run KVM, but need RouterOS as ARM64 disk image. Some hyped "AI" (GPU-enabled) enterprise server does NOT seem like a good fit for RouterOS to be the native OS. Now running as container under AMPERE would make sense.I don't know why it's good anyway . . . in ROS
Anyway it's curious at the name/rational of "AMPERE".
Unfortunately for this model, there are only 2 fan speeds available - Fans on ( 13k RPM ) and off.CRS310-1G-5S-4S+ with latest beta firmware 7.15beta4
# NAME VALUE TYPE
0 voltage 23.4 V
1 cpu-temperature 24 C
2 sfp-temperature 43 C
3 fan-state ok
4 fan1-speed 12990 RPM
5 board-temperature1 23 C
6 board-temperature2 16 C
7 psu1-voltage 23.7 V
Fan speed is in max rpm even temperature is low. Target temp is now 45'c and tested with 55'c target.
same with previous firmware release.
sys health/settings/set fan-min-speed-percent=0
As I said, I did not know that AMPERE was a "CPU platform".First hit when searching for "Ampere CPU platform"
That would be ONIEI vaguely remembered about a "white label switch platform" but apparently it has a different name.
An iPXE script would work for both ONIE and KVM. An iPXE script could fetch RouterOS via HTTP & be invoked via ONIE or PXE support in KVM/etc. If documented... iPXE install be the fewest steps on most CHR[X86/AArch64] platform since it widely support in bootloaders.Correct. Maybe MikroTik should, now that they are working on this, provide an ONIE install file as well.
Starting with this Beta release, scripts fail that used to run OK. In particular, scripts run from Scheduler, Netwatch, DHCP-Client-Advanced, DHCP-Server-Advanced cause similar log entries, e.g. "executing script from scheduler failed, please check it manually", "executing script from dhcp failed, please check it manually", "executing script from dhcpclient failed, please check it manually", "executing script from netwatch failed, please check it manually". I do not see anything in the changelog that would explain this.Oh... This one is kind of a nightmare! 😳
RouterOS scripting is missing some control structures, one of these being :exit (or what ever it may be named...) to exit a scripts early, successfully. As this is missing I have a lot of script misusing :error for that purpose, which worked to date. Now RouterOS starts logging this, and my logs and me are flooded with:
Any chance we will have :exit really, really soon to fix this? Otherwise I will have a lot of work to do, implementing other (and probably a lot more complicated) workarounds to my scripts.script,error executing script from scheduler failed, please check it manually
Mikrotik, please elaborate on this. I can't find available-channels nor channel-priorities anywhere Thank you.*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
Starting with this Beta release, scripts fail that used to run OK. In particular, scripts run from Scheduler, Netwatch, DHCP-Client-Advanced, DHCP-Server-Advanced
Netwatch executes scripts as *sys user, so any defined global variable in the Netwatch script will not be readable by for an example a scheduler or other usersIt is possible to disable permission checking for RouterOS scripts under /system/scripts menu.Netwatch is limited to read,write,test,reboot script policies. If the owner of the script does not have enough permissions to execute a certain command in the script, then the script will not be executed. If the script has greater policies than read,write,test,reboot - then the script will not be executed as well, make sure your scripts do not exceed the mentioned policies.
This is useful when Netwatch does not have enough permissions to execute a script, though this decreases overall security. It is recommended to assign proper permissions to a script instead.
script,error executing script from console failed, please check it manually
*) console - added log for script execution failures;
I recall dealing with this some time ago by changing "scripts attached to config" to execute scripts that have permission checking disabled. That seemed to work until this Beta release. That was even true for Netwatch. I will let things go as is until another Beta comes out and then see what happens.Starting with this Beta release, scripts fail that used to run OK. In particular, scripts run from Scheduler, Netwatch, DHCP-Client-Advanced, DHCP-Server-Advanced
Mikrotik changed the permissions available to these scripts recently, maybe the policy further restricted here? But these kinda scripts do not have full admin right now – netwatch's docs helps explain what allowed (and AFAIK applies to the other locations with "on" scripts attached to config):Netwatch executes scripts as *sys user, so any defined global variable in the Netwatch script will not be readable by for an example a scheduler or other users
It is possible to disable permission checking for RouterOS scripts under /system/scripts menu.
This is useful when Netwatch does not have enough permissions to execute a script, though this decreases overall security. It is recommended to assign proper permissions to a script instead.
answering my own question:Mikrotik, please elaborate on this. I can't find available-channels nor channel-priorities anywhere Thank you.*) wifi - rename "available-channels" parameter to "channel-priorities" and include desirability rating for each channel;
Does this fix the issue where the interface remained in "selecting channel" state after a radar event? e.g. viewtopic.php?p=1057657*) wifi - improve channel selection after radar detection events;
This was a problem introduced in 7.14 and needs to be addressed ASAP. VRFs are broken for us.Updated my RB5009 today and it's lost it's ability to route certain VLANs out via VPNs from within VRFs. Not sure what's going on exactly yet. But it works fine on 7.13 (didn't try 7.14 as it would break my WAN link due to the VLAN MTU issues).
adlist updates every 1 hour, but in upcoming versions you will be able to change it@Mikrotik are you going to add an auto-update feature to addlist function. My lists have updated twice in as many days.
Would be great to be able to schedule it to fetch/look early in the morning etc.
Please add a Whitelist if possible.adlist updates every 1 hour, but in upcoming versions you will be able to change it@Mikrotik are you going to add an auto-update feature to addlist function. My lists have updated twice in as many days.
Would be great to be able to schedule it to fetch/look early in the morning etc.
@normis I was using the fetch function and storing the file local hence no change. Yes 1 hour is very aggressive, good plan.adlist updates every 1 hour, but in upcoming versions you will be able to change it@Mikrotik are you going to add an auto-update feature to addlist function. My lists have updated twice in as many days.
Would be great to be able to schedule it to fetch/look early in the morning etc.
Upgraded rb5009 / AX2 / AX3 to 7.15b6
I see this in AX3 upon inspection of logs (same on AX2 but not for RB5009)
What script ?
Done - SUP-146311holvoetn please create and send to support@mikrotik.com supout.rif file.
Did this happen on your ax2 as well ?Done - SUP-146311holvoetn please create and send to support@mikrotik.com supout.rif file.
It only works for plain HTTP of course, the browser gets a 302 redirect to the message. For HTTPS it's just a timeout, the redirector only responds to requests on port 80. But that's enough to be compliant.How is that even possible? Has https:// not reached PL yet? or are PL citizens trained to ignore certificate errors when browsing?For example here in PL the law requires all ISPs to redirect gambing listes that don't pay taxes listed as https://hazard.mf.gov.pl/ to 145.237.235.240 which shows a warning that the Big Brother (Ministry of Finances) is watching.
I just installed beta6 and the issue is still there. I am guessing that the permissions assigned to scripts attached to the config are being applied to the scripts they execute, even if those scripts are set to not require permissions. This is in conflict to the MT documentation which says to do exactly what I am doing to get around the permissions assigned to scripts attached to the config.I recall dealing with this some time ago by changing "scripts attached to config" to execute scripts that have permission checking disabled. That seemed to work until this Beta release. That was even true for Netwatch. I will let things go as is until another Beta comes out and then see what happens.
Mikrotik changed the permissions available to these scripts recently, maybe the policy further restricted here? But these kinda scripts do not have full admin right now – netwatch's docs helps explain what allowed (and AFAIK applies to the other locations with "on" scripts attached to config):
Would it be possible to get such a fan speed setting for SwitchOS too? Its always max speed with SwitchOS on CRS310-1G-5S-4S+ and you cannot change it.
Unfortunately for this model, there are only 2 fan speeds available - Fans on ( 13k RPM ) and off.
There was a software change in system health - *) health - changed default "fan-min-speed-percent" from 0% to 12%; We will fix this setting for CRS310 in the next RouterOS versions.
To get the system working as before you need to set the minimal fan speed to 0% :Code: Select allsys health/settings/set fan-min-speed-percent=0
16:32:04 script,error executing script from console failed, please check it manually
16:32:06 system,error,critical error while running customized default configuration script:
While no line numbers, the message does vary depending on where a failure happens. Some bad code in /system/script get you:I see this in AX3 upon inspection of logs (same on AX2 but not for RB5009)
What script ?
First, do you use doh. If you use doh, it won't work. How big is your cache? I have about 400000 domains and for that it takes about 48 MB, so calculate how much you need.screen-2024-03-08 17-30-42.png
is it only for me or is the adlist feature not working correctly? There are no match counts?
free-hdd-space: 0
total-hdd-space: 15.2MiB
If I want to test, I update to beta, but if not, I just "*************" update to beta.**************, do you test your soft before update?, beta6 Briked arm devices
can't recover from netboot neither
As always with YOLO-actions: they don't last long. Fun while it lasts.Yes, I switched to "testing" branch first time in years. 7.13 was already tough to swallow and then 7.14. Now I go YOLO as testing branch has the fixes first. LOL
Definitely two welcome features! Thank you!*) wireguard - added peer "name" field and display it in logs;
*) wireguard - do not attempt to connect to peer without specified endpoint-address;
"testing" channel is only for people prepared to live with problems, interruptions, and netinstall.Bye testing channel. You'll not see me anytime soon. Horrible experience.
script;error script error: error - contact MikroTik support and send a supout file (10)
It has been fixed so far, but you get no local console anymore.What's new in 7.15beta6 (2024-Mar-08 08:23):
*) chr - fixed Xen and Vultr missing ethernet (introduced in v7.14);
Is it just dynamic writes to RAM or are all domains stored in NAND (and wears it out)?*) dns - added support for "adlist";
Hi Normis,Hetzner has both Dedicated and Virtual AMPERE ARM64 servers available. CHR images are coming in next betas, currently we only release ISO for bare metal Ampere servers, such as these: https://www.newegg.com/p/pl?d=ampere+altra
Me fool did not change back to stable channel in settings and did not disable the auto-update scheduler script.Tried to netinstall 7.15beta6 with no luck on Chateau LTE12. Did not boot afterwards either. So I netinstalled 7.13.5 and device now running again.
As always with YOLO-actions: they don't last long. Fun while it lasts.Yes, I switched to "testing" branch first time in years. 7.13 was already tough to swallow and then 7.14. Now I go YOLO as testing branch has the fixes first. LOL
Bye testing channel. You'll not see me anytime soon. Horrible experience.
WOW!!! That is going to be a gamechanger! But you need to improve it. It doesn't seem to be able to parse entries like this:
||a.ib.gazeta.pl^
||achcdn.com^
||ad.bitbay.net^
||ad.docer.pl^
||ad.facetpo40.pl^
0-01x-merchandise.554217.xyz
0-0llx.12313123.xyz
0-0lx.1231312.xyz
0-0lxmarket.5767435.xyz
0-0lxmarket.8796556.xyz
0-finanzierung.com
0-lix.6900845.xyz
/ip/dns/print
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 100
max-concurrent-tcp-sessions: 20
cache-size: 131064KiB
cache-max-ttl: 1w
address-list-extra-time: 0s
vrf: main
cache-used: 114725KiB
/ip/dns/adlist/print
Flags: X - disabled
0 url="https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/pro.txt" ssl-verify=no
match-count=36331 name-count=979734
1 file=apple.txt ssl-verify=no match-count=32 name-count=2
Interesting the size of the modules increased in size, that would explain somewhat storage getting zero bytes free - magic!Me fool did not change back to stable channel in settings and did not disable the auto-update scheduler script.Tried to netinstall 7.15beta6 with no luck on Chateau LTE12. Did not boot afterwards either. So I netinstalled 7.13.5 and device now running again.
As always with YOLO-actions: they don't last long. Fun while it lasts.
Bye testing channel. You'll not see me anytime soon. Horrible experience.
So after netinstall yesterday of 7.13.5 I had exactly 680kb free space and after auto-update I am today on 7.15beta6 and free space ZERO bytes. So we can say: straight loosing quite 700kb of disk space just of what? Modern SMB? DLNA? ADLIST? 🤔
Maybe you have iCloud Private Relay enabled?But apple is being bypassed, on pi-hole it doesn't, not 100% sure why yet.
[xxx@MikroTik] > system/resource/print
uptime: 3m51s
version: 7.13.5 (stable)
build-time: Feb/16/2024 17:35:17
factory-software: 6.44.5
free-memory: 6.4MiB
total-memory: 32.0MiB
cpu: MIPS 24Kc V7.4
cpu-count: 1
cpu-frequency: 650MHz
cpu-load: 4%
free-hdd-space: 7.4MiB
total-hdd-space: 16.0MiB
write-sect-since-reboot: 938
write-sect-total: 28093680
architecture-name: smips
board-name: hAP lite
platform: MikroTik
[xxx@MikroTik] > /file/print
[xxx@MikroTik] > /system/package/update/download
channel: testing
installed-version: 7.13.5
latest-version: 7.15beta6
status: ERROR: not enough disk space, 7.4MiB is required and only 7.4MiB is free
We don't use the function ie not subscribed. it just says (Private Relay (Beta) Upgrade) I've noticed that when you goto select manual dns, the ipad has my router ip as well as the dns I am using like....Maybe you have iCloud Private Relay enabled?But apple is being bypassed, on pi-hole it doesn't, not 100% sure why yet.
They need to implement this format, without it the feature is basically unusable. A lot of users would need to write converters from world's de facto standard into Mikrotik standard. It's better when they to implement the correct parser once and all of us can just use it. Same for bare domain names.@fichte
The lists you are using are in the wrong format, not suitable for MikroTik
For example:
https://raw.githubusercontent.com/RPiLi ... /Hypotirol
||1hypotirol.com^
||bbpotirol.com^
||bypotirol.com^
...
As I wrote above, they need to have an (optional) regexp that extracts the interesting part from the supplied line of text.They need to implement this format, without it the feature is basically unusable. A lot of users would need to write converters from world's de facto standard into Mikrotik standard. It's better when they to implement the correct parser once and all of us can just use it. Same for bare domain names.
I forgot to add the router ip to the DHCP/Networks/DNS Servers. Now it only dishes out 192.168.88.1 Doh!!We don't use the function ie not subscribed. it just says (Private Relay (Beta) Upgrade) I've noticed that when you goto select manual dns, the ipad has my router ip as well as the dns I am using like....
Maybe you have iCloud Private Relay enabled?
192.168.88.1
1.1.1.1
Why is it filling in 1.1.1.1 as well ?
tried turning off the private address settings etc, still the same.
Previous setup was telling the router to handout the dns via dhcp. When I just powered up pi-hole on 192.168.88.8 then pointed my pc at the it i'm not getting any resovlv. But using dig I get a reply... will test more later!
pool range 192.168.88.100/200
As I wrote above, they need to have an (optional) regexp that extracts the interesting part from the supplied line of text.They need to implement this format, without it the feature is basically unusable. A lot of users would need to write converters from world's de facto standard into Mikrotik standard. It's better when they to implement the correct parser once and all of us can just use it. Same for bare domain names.
Ah. It's resolving thousands of regex's per query I was worried about... Y'all talking about some "on-load" action that runs a regex over the downloaded adlist to pull out the hostname. Not the "runtime" resolver side parsing the hostname-as-regex for each query. Allowing AdGuard or Pi-Hole formats would seem to be a good call.@Amm0, default support for big files read from storage. RegEX is indeed all being used to recognize different types of entries and extract only what is needed. That it should be 0.0.0.0 "or NXD" is a parameter that could be separated from what is set in the file.
Example of a domainPosix: "^.+\\.[a-z.]{2,7}"
Though one cannot explicitely define PTR records, it will generate suiting PTRs from A- and AAAA-records. Good enough?I just wish they'd add the missing PTR record to /ip/dns/static BEFORE adding new features like adlist — without PTR records Mikrotik DNS is largely unusable for me, as PTR records are needed for DNS-SD/mDNS.
Differences:
As I wrote above, they need to have an (optional) regexp that extracts the interesting part from the supplied line of text.
If you're going to run some a regex over on all the entries... then what's the difference from a scheduled script that adds them to /ip/dns/static (which supports regex already on entries)?
Not really. While true DNS does return a PTR to a "in-addr.arpa" query automatically. You cannot add a PTR explicitly. These are needed to resolve mDNS/DNS-SD per RFC-6753. e.g. you need PTR to convert service like "_http._tcp" into "mycomputer._http._tcp" to be able to statically configure mDNS lookups.Though one cannot explicitely define PTR records, it will generate suiting PTRs from A- and AAAA-records. Good enough?
Ah, I wasn't aware of that detail regarding mDNS. I suggest you open a feature request ticket then :)Not really. While true DNS does return a PTR to a "in-addr.arpa" query automatically. You cannot add a PTR explicitly. These are needed to resolve mDNS/DNS-SD per RFC-6753. e.g. you need PTR to convert service like "_http._tcp" into "mycomputer._http._tcp" to be able to statically configure mDNS lookups.Though one cannot explicitely define PTR records, it will generate suiting PTRs from A- and AAAA-records. Good enough?
Didn't mean to go off-topic... just annoying when a standard RR type for DNS like PTR cannot be configured. Yet seeing entire new feature like adlist added to DNS instead of fixing little bugs like PTR.
SUP-100671, opened Dec 2022.Ah, I wasn't aware of that detail regarding mDNS. I suggest you open a feature request ticket then :)
Let's wait and see... be magic if it happens!Hello,
Thank you for contacting MikroTik Support.
We are working on decreasing the package size in future versions.
You'd likely not need a CUPS printer server with DNS PTR records. Any modern printer uses mDNS for discovery, so if DNS-SD records were added to Mikrotik DNS, most printers work across VLANs/etc. (*where Mikrotik is the resolver, and if it supported PTR records)Nostradamus: CUPS print server including most popular ink jet drivers is next
I don't even need Samba service nor DLNA.You'd likely not need a CUPS printer server with DNS PTR records. Any modern printer uses mDNS for discovery, so if DNS-SD records were added to Mikrotik DNS, most printers work across VLANs/etc. (*where Mikrotik is the resolver, and if it supported PTR records)Nostradamus: CUPS print server including most popular ink jet drivers is next
And after writing it many times we all understood it... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.I don't even need Samba service nor DLNA.
I don't even need Samba service nor DLNA.
I don't think that anybody said that this functionality should never ever be implemented..... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
I also don't deny that Samba or DLNA are useful. Both are great. I use a standalone Samba server and DLNA as well, but not on my router. I also don't question that someone other than me might use it. What I criticize is that it comes at the expense of limited storage space. Why can't it be an additional package? We've known for almost 10 years that SMB 1 is insecure—still, ROS 7 was launched with legacy protocol samba service, and in 2024, MT realized: "it would be cool if ROS didn't just support legacy SMB protocol versions" (quote from old SMB docs: "RouterOS only supports SMB v1.0 and v2.002"; quote from new ROSE SMB docs: "SMB1 is not supported due to security vulnerabilities."). And just like that, the main package was inflated by almost 400kb.And after writing it many times we all understood it... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.I don't even need Samba service nor DLNA.
pe1chl obviously gave up on pointing out the storage space issue. That's why someone else has to keep repeating it. People with their bricked AC2 also contribute involuntarily.And disturbing fact is that MT seems to be in denial about the installation size problem, not publishing any concrete plans on how and when the problem is going to be solved.
Preliminary visualisations of ROS version 10.x ... flowers are must-have for pro drivers ...I don't think that anybody said that this functionality should never ever be implemented..... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
However it is pretty distracting if such a non-core functionality actually makes certain device types almost unusable (we have suggested numerous times to move this kind of functionality into optional package ...
<snip> any RaspberryPI is better suited to act as SMB/DLNA/whatever server than hAP ac2 </snip>.... but you are not the only one using RouterOS so a moment of patience and let's see what will happen.
<snip>
And it's a pretty good question about priorities (is new non-core functionality supposed to be developed before all core functionality from v6 is (re)implemented in v7) ... albeit I can understand that this might not be easily solvable (I would expect to see different development teams working on different aspects of ROS and progress pace of different groups may be very different).
</snip>
Spot on!Well, it would not have been a problem and it would have worked well when they had not made the stupid mistake of fitting only 16MB of flash in so many of their devices...
My first MikroTik router was a RB2011UiAS-2HnD-IN. It had 128MB Flash, and RS232, USB, LCD, a beeper. The list price was $129.
That was the perfect device. From there it went downhill.
Even though e.g. the RB750Gr3 also offers a lot, that is among the first devices with 16MB Flash. No more partitioning, not enough space for expansion of the OS.
And with the hAP ac2 it is even worse: the exposed Flash size is only 15.3MB (although the specsheet says 16MB) and the codesize for ARM is larger than for (M)MIPS.
I'm quoting myself, because it just occurred to me that out of those 25.5 MiB source ad blocking lists only a small part was loaded (others were in the 2 formats not handled yet by RouterOS) and this small part required 130 MiB of DNS cache. So a lot more memory will have been required if all the files will have loaded in full. Half a gigabyte maybe, or more :-)WOW!!! That is going to be a gamechanger! But you need to improve it. It doesn't seem to be able to parse entries like this:
...
The memory consumption of this feature is indeed very large. My source text files with rules are 25.5 MiB in total, and they took 130 MiB in RouterOs' DNS cache. Maybe you should implement it differently, for example as a suffix tree, or another kind of trie for compact storage and fast lookups.
Thanks!
What is the problem with that? Several MikroTik routers have 1-2 GB of memory and little they can do with it.I'm quoting myself, because it just occurred to me that out of those 25.5 MiB source ad blocking lists only a small part was loaded (others were in the 2 formats not handled yet by RouterOS) and this small part required 130 MiB of DNS cache. So a lot more memory will have been required if all the files will have loaded in full. Half a gigabyte maybe, or more :-)
Yes, having spaces in file names breaks parameter parsing in all CLI implementations I've seen and one has to use workarounds (such as enclosing such file name in a pair of double quotes).*) console - replace reserved characters to backup and certificate export file names with underscores;
is there any reason this needs to be done?
So why don't you adapt your automated backups?this breaks my automated backups throughout my network.
do you work for mikrotik?Yes, having spaces in file names breaks parameter parsing in all CLI implementations I've seen and one has to use workarounds (such as enclosing such file name in a pair of double quotes).*) console - replace reserved characters to backup and certificate export file names with underscores;
is there any reason this needs to be done?
Basically: space is a special character ... with function of separating command line parts.
And similarly for any other special characters.
So why don't you adapt your automated backups?this breaks my automated backups throughout my network.
Basis is already in place since 7.13, released Dec 2023.why is this a problem now when it wasn't a problem from inception to 7.14? why break this functionality for no good reason?
And there will be a good reason why they made this change or they would not have done it.*) console - replace reserved characters in file and script names with underscores
Other way around. It break existing script that were working with space. Perhaps good reason for the change, but it is a breaking one.Yes, having spaces in file names breaks parameter parsing in all CLI implementations I've seen and one has to use workarounds (such as enclosing such file name in a pair of double quotes).
/file print file="name with spaces"
/file set "name with spaces" contents="it works"
:put [/file get "name with spaces" contents]
# it works
Also saw it on AX2 and AX3.I have a script error...
08:36:22 script,error executing script from console failed, please check it manually
Cap ax
[admin@COB] > :put [ip/ad/find address=10.172.70.18/30]
[admin@COB] > :put [ip/ad/find address="10.172.70.18/30"]
*1
Yeah, like home devices such as hAP series had 2 GB RAM.What is the problem with that? Several MikroTik routers have 1-2 GB of memory and little they can do with it.I'm quoting myself, because it just occurred to me that out of those 25.5 MiB source ad blocking lists only a small part was loaded (others were in the 2 formats not handled yet by RouterOS) and this small part required 130 MiB of DNS cache. So a lot more memory will have been required if all the files will have loaded in full. Half a gigabyte maybe, or more :-)
I would be more concerned about the implementation of lookup (does it search sequentially or is there some more efficient indexing).
Some features are not usable on some models.Yeah, like home devices such as hAP series had 2 GB RAM.
IMHO suffix trees are not the proper choice as they solve the pattern matching problem (finding a pattern inside a long string) instead of string matching. And they are not very efficient in practice because they are pointer-based (i.e. memory accesses are rather expensive) and their storage requirements (albeit linear) have a pretty large hidden constant.Of course it's not sequential search, Mikrotik's DNS cache is very efficient, but storage-hungry. And there's a dedicated data structure called suffix tree, a variant of a general tree-like structure called "trie", which is both very compact in terms of memory usage and very efficient in terms of creation and lookups. I've implemented it once in Golang for this precise use case and it worked marvelously. And that's what I already written in my previous post. So don't worry about computational efficiency, but I think they do need make it more compact in memory. Unfortunately I don't have time now to make a test implementation in C, that'd be helpful.
It took ChatGPT one second to come up with suffix trie solution, which consumes two pointers per unique domain name letter. With small caches it will take more space than text list. With larger ones containing longer domain names with same suffixes, the trie will improve storage efficiency.Yeah, like home devices such as hAP series had 2 GB RAM.
What is the problem with that? Several MikroTik routers have 1-2 GB of memory and little they can do with it.
I would be more concerned about the implementation of lookup (does it search sequentially or is there some more efficient indexing).
Of course it's not sequential search, Mikrotik's DNS cache is very efficient, but storage-hungry. And there's a dedicated data structure called suffix tree, a variant of a general tree-like structure called "trie", which is both very compact in terms of memory usage and very efficient in terms of creation and lookups. I've implemented it once in Golang for this precise use case and it worked marvelously. And that's what I already written in my previous post. So don't worry about computational efficiency, but I think they do need make it more compact in memory. Unfortunately I don't have time now to make a test implementation in C, that'd be helpful.
This implementation is a crap. I've seen it before. Not only it doesn't split domain name by the full stop character, it's also very memory hungry.
It took ChatGPT one second to come up with suffix trie solution, which consumes two pointers per unique domain name letter. With small caches it will take more space than text list. With larger ones containing longer domain names with same suffixes, the trie will improve storage efficiency.
suffixtrie.c
Not a lot of developers know what bloom filters are, and those who do know usually work with DDoS mitigation projects.
How many of those did you actually implement and test?IMHO suffix trees are not the proper choice as they solve the pattern matching problem (finding a pattern inside a long string) instead of string matching. And they are not very efficient in practice because they are pointer-based (i.e. memory accesses are rather expensive) and their storage requirements (albeit linear) have a pretty large hidden constant.
Probably Bloom filters and dichotomic search is way more efficient.
But I assume that the developers know that better than us.
The common issue seems to be that people uses spaces in their System->Identity and then later use that as a filename.MikroTik has once AGAIN managed to break script compatibility by prohibiting something as common as spaces in file names.
Since you asked, my job is about (large) text indexing and searching/processing, especially in compressed space. My (old) implementation of suffix trees was a toy one because, for my job, ST are largely surpassed by suffix arrays and FM-index. Thus nobody use suffix trees as far as I know. At least in Bioinformatics, where the smallest collections of strings are in the order of tens of GB.How many of those did you actually implement and test?
irrelevant since a hostname is typed out differently anyway (with dots and subdomains).The common issue seems to be that people uses spaces in their System->Identity and then later use that as a filename.MikroTik has once AGAIN managed to break script compatibility by prohibiting something as common as spaces in file names.
Just don't do that! Something as basic as an Identity better should have no spaces in it, so you can also have it as a hostname etc.
Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.I do have a certain understanding they want to avoid control characters and similar, but not when it comes to common characters like spaces.
please don't muddy the water.Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.I do have a certain understanding they want to avoid control characters and similar, but not when it comes to common characters like spaces.
Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.
And considered bad practice, universally, where programmatic access is used, for good reason dating back before unicode's more wide acceptance and implementation. I don't think the problem is Mikrotik deciding to stop supporting something that was always a bad idea is the problem, it's discontinuing support in a minor release without a number of warnings around it, so people who've made unfortunate prior decisions have time to prepare. I'd strongly argue on the public release this needs to be very clearly communicated to avoid disasters for those who've unfortunately used spaces.please don't muddy the water.
Problem is: where do you define the bounds. Characters like / : \ can also cause trouble. People have used date/time as part of a filename and ran into "inexplicable problems". At least that does not happen anymore.
nobody is asking for / : \
we're asking for space, and maybe comma.
perfectly supported in every OS for the last i don't know how many decades.
i will ask one more time.where programmatic access is used
It took one whole second to produce - it took me more time to check there was main with driver code. You are being very insecure about LLMs. Relax, it wouldn't replace you anytime soon. As for professionals working on DNS code - sure.. producing implementation which stops caching records once cache size is reached.. no matter how old or infrequently used are the records in the cache.This implementation is a crap. I've seen it before. Not only it doesn't split domain name by the full stop character, it's also very memory hungry.
It took ChatGPT one second to come up with suffix trie solution, which consumes two pointers per unique domain name letter. With small caches it will take more space than text list. With larger ones containing longer domain names with same suffixes, the trie will improve storage efficiency.
suffixtrie.c
Not a lot of developers know what bloom filters are, and those who do know usually work with DDoS mitigation projects.
Do not rely on AI for things you don't understand.
Did you realize that the implementation uses 129 pointers per unique character at each position? >1KB per character. Lol.It took one whole second to produce - it took me more time to check there was main with driver code. You are being very insecure about LLMs. Relax, it wouldn't replace you anytime soon. As for professionals working on DNS code - sure.. producing implementation which stops caching records once cache size is reached.. no matter how old or infrequently used are the records in the cache.
:put [:time command={:do {:resolve "www.ibm.com"} on-error={}}]
# 00:00:00.014935
# last item in GH adlist
:put [:time command={:do {:resolve "zqtk.net"} on-error={}}]
# 00:00:00.006335
the actual issue is when running /system/backup/save from the CLI, as opposed to from winbox (or, i'd assume, from API) is that the file name generated gets "corrected" to use _ instead of spaces or commas or anything else it deems reserved.as far as I understand MT did not discontinue support for file names which include special characters ... only the way one has to work with such file names, was made different).
It's actually up to 128 (and you are not going to exhaust every combination - many character positions are not even registered and DNS is not case-sensitive) and it's two pointers per unique charecter at specific position, you are clearly not as good as you claim since you can't even read trivial code. Please go back to LC.Did you realize that the implementation uses 129 pointers per unique character at each position? >1KB per character. Lol.It took one whole second to produce - it took me more time to check there was main with driver code. You are being very insecure about LLMs. Relax, it wouldn't replace you anytime soon. As for professionals working on DNS code - sure.. producing implementation which stops caching records once cache size is reached.. no matter how old or infrequently used are the records in the cache.
Tip: try sizeof(TrieNode)It's actually up to 128 (and you are not going to exhaust every combination - many character positions are not even registered and DNS is not case-sensitive) and it's two pointers per unique charecter at specific position, you are clearly not as good as you claim since you can't even read trivial code. Please go back to LC.
Did you realize that the implementation uses 129 pointers per unique character at each position? >1KB per character. Lol.
Really? But why? I want to be protected both.If you use doh, it won't work.
ccr2004-1g-12s: upgrade failed, free 209 kB disk space for a (null)upgrade
Uptime 00:10:24
Free Memory 3866.9 MiB
Total Memory 4096.0 MiB
CPU ARM64
CPU Count 4
CPU Load 0 %
Free HDD Space 91.2 MiB
Total HDD Size 128.0 MiB
Sector Writes Since Reboot 39
Total Sector Writes 663 093
Bad Blocks 0.0 %
Architecture Name arm64
Board Name CCR2004-1G-12S+2XS
Version 7.14.1 (stable)
Build Time 2024-03-08 12:50:23
Factory Software 6.48.2
7.15beta6
In Proxmox VE VNC shows Starting services...
Unable to access the system.
Similar screen is on UTM, but WinBox discovered the IP and I was able to login.
7.15beta6
In Proxmox VE VNC shows Starting services...
Unable to access the system.
True, but it will say "Service stopping" if STOP is request by QEMU host as an added detail here.Yes, I can access it through winbox too.Similar screen is on UTM, but WinBox discovered the IP and I was able to login.
But not through the screen.
It always says the service is starting.
> ipv6/route/print where dst-address in ::/16
Flags: D - DYNAMIC; A - ACTIVE; c - CONNECT, o - OSPF; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, DISTANCE
DST-ADDRESS GATEWAY DISTANCE
D oH ::1/128 fe80::de2c:6eff:fe38:c7e6%vlan13-sfpplus3 110
DAc ::1/128 lo
> ip/route/print where dst-address in 127.0.0.0/8
Please keep this forum topic strictly related to this particular RouterOS release.
And still my comment about upcoming beta7 custom ACME server got deleted as well?
Please keep this forum topic strictly related to this particular RouterOS release.
Friendly reminder ...
This has already been fixed and the fix will be included in the next version of RouterOS.7.15beta6
In Proxmox VE VNC shows Starting services...
Unable to access the system.
*) quicksest - only show LTE mode for devices without other wireless interfaces;
Even if MT has reduced size on latest version, your older version are to big to upgrade.Update to 7.15beta8 fails on wAP AC with error: upgrade failed, free 133kB disk space for a(null)upgrade
MikroTik definitely not reduced size of RouterOS + Qualcomm WiFi Drivers. They are bigger. They only reduced size of old and obsolete own not Wave 2Even if MT has reduced size on latest version, your older version are to big to upgrade.Update to 7.15beta8 fails on wAP AC with error: upgrade failed, free 133kB disk space for a(null)upgrade
Netinstall may be the only way out.