Быстрая навигация
802.11ac 802.11ac Wave 2 802.11n Android DVB-T2 Google hAP Intel IPSec Keenetic LTE Mikrotik MU-MIMO Netis Newsletter Realtek RouterBOARD RouterOS Rozetka rozetka.com.ua Strong Trimax Ubiquiti UBNT UniFi usb wAP 60G Wi-Fi Winbox wireless Zyxel безопасность маршрутизатор обзор обновление промо промо-код прошивка роутер скидкиMikrotik выпустил обновление RouterOS 6.35: исправления, оптимизации, новые возможности при работе с беспроводными сетями
Компания Mikrotik сегодня представила обновление операционной системы RouterOS до версии 6.35. Обновление ROS уже доступно на официальном сайте, а также через интерфейс управления.
Список изменений RouterOS v6.35
+ arp - apply Linux Kernel patch to stop RouterOS from randomly exhibiting misplaced ARPs;
+ mipsbe - (excluding RB4xx and CRS series) fixed rare ethernet tx buffer corruption;
+ nand - implemented once a week nand refresh to improve stored data integrity (will increase sector writes);
+ pppoe-client - implemented fastpath support;
+ l2tp - implemented l2tp and lns fastpath/fasttrack support;
+ queue - added bucket-size setting to queues (derived from max-limit);
+ tile - fixed rare situation when some cores decide not to take part in packet processing till next reboot;
+ tunnels - fixed performance slowdown on any other tunnel disable/enable;
+ winbox - increased minimal required winbox version to 3.4;
+ wireless - added new package "wireless-rep";
+ wireless - improved 1-chain 802.11ac station compatibility with other vendor multi-chain APs;
+ address-list - fixed crash in low memory situations;
+ bonding - fixed crash when creating vlans on bonding interface;
+ capsman - added 802.11g/n band;
+ capsman - fixed capsman extension channel names;
+ certificate - revoked certificates not showing as (R)evoked;
+ certificate - allow manual crl url addition;
+ chr - added support for VLAN on Hyper-V;
+ chr - fixed Hyper-V booting from SCSI;
+ chr - fixed Hyper-V on windows 8/10 reboot loop;
+ chr - fixed bridge firewall;
+ chr - fixed kernel crash when virtual ethernet was not connected to anything in Hyper-V;
+ chr - implemented automatic storage increase on disk image size increase;
+ chr - implemented kernel crash saving to autosupout.rif (will utilize additional 24Mb of RAM);
+ chr - make shutdown request from hyper-v work (might fix other hypervisor as well);
+ chr - no more installation on first boot;
+ chr - try to renew expired license once a hour instead of 100h;
+ cloud - don't write minor status changes to storage;
+ console - fixed print follow in "/ip dns cache" menu;
+ console - show RouterOS Version in /interface wireless scan;
+ console - sort completions/hints in natural order;
+ console - update copyright notice;
+ defconf - fixed default configuration for SXT LTE;
+ dhcpv6-client - fixed wrong error message;
+ dhcpv6-client - fix ia expiration and lifetime validation;
+ dhcpv6-server - acquire binding on renew if it does not exist;
+ dude - changes;
+ dude - fixed dude login logging, no more shows as winbox login;
+ email - fixed send cmd server addr override;
+ ethernet - add option to see S-GPON-ONU module, GPON side SN in "/int eth mon sfp#";
+ ethernet - do not allow to set self as master port;
+ export - bonding did not show up in global export;
+ export - exclude default values from export in "/interface l2tp-server server" menu;
+ export - fixed export when ipv6 address was taken from pool;
+ export - fixed rare situations when not whole config was exported;
+ export - updated defaults for compact export;
+ fastpath - fixed crash when packet arrives on disabled interface;
+ fastpath - fixed show rx-bits-per-second on all VLAN interfaces;
+ fastpath - improved vlan fastpath;
+ fasttrack - fixed timer updating in connections table for fasttrack connections;
+ fetch - decrease connection idle timeout;
+ firewall - added experimental "action=route" in mangle prerouting - that forces packets to specific gateway by ignoring routing decisions (CLI only);
+ health - always report fan speed (even if it is 0);
+ health - swap fan2 and fan3 on CCR1072;
+ hotspot - clean-up all dead entries at once;
+ hotspot - fixed possible deadlock;
+ hotspot - improved html page resistance against attacks;
+ hotspot - make video tag work properly on hotspot login.html page
+ ip - rename max-arp-entries to less confusing max-neighbor-entries;
+ ippool6 - fixed potential crash;
+ ipsec - always re-key ph1 because it was possible that ph1 without DPD would expire;
+ ipsec - better flush on proposal change;
+ ipsec - fixed crash on policy update;
+ ipsec - fixed fast ph2 SA addition;
+ ipsec - fixed larval SA refresh for display;
+ ipsec - fixed multiple consecutive dynamic policy flush;
+ l2tp & pppoe - fixed user traffic accounting when fastpath was used;
+ l2tp - introduced per tunnel allow-fast-path option;
+ l2tp - added support for Hidden AVP, it is needed for proxy authentication;
+ l2tp - added support for max-sessions;
+ l2tp - added support for proxy authentication when receiving forwarded PPPoE sessions;
+ l2tp - fixed small memory leak on reconnects;
+ lcd - fixed branding packet logo drawing on startup;
+ led - fixed crash on assigned interface removal;
+ led - turn on fault led on CCR1072 if CPU too hot;
+ leds - fixed AP-CAP led blinking after successful association to CAPsMAN;
+ lte - added ipv6 support for SXT LTE;
+ lte - changed AT command processing;
+ lte - changed AT parsing because supported Huawei modems use unsolicited events instead of polling;
+ lte - fixed bandlux modem dialing;
+ lte - fixed crash on early initialization;
+ lte - improve situation when SXT modem never finds operator;
+ lte - replaced signal-strength with rssi in info command;
+ lte - support Alt38XX modem;
+ lte - support for zte mf820s2;
+ lte - supported modems now use unsolicited events for network monitoring;
+ lte - use timer for modem info;
+ map lite - added hardware WPS button support;
+ mpls - do not reset VPLS on TE tunnel re-optimize;
+ ntp - fixed ntp client hangs in reached state;
+ ospf - fixed crash when getting neighbor router-id in NBMA area;
+ ppp - fixed ppp interface reconnect when uPnP was used;
+ ppp - close connection if peer wants to re-authenticate;
+ ppp - fixed memory leak high number of pppoe clients to the same server;
+ ppp - fixed ppp crash if lcp packets were lost and authentication got delayed;
+ ppp - fixed some clients can not connect due to LCP restart;
+ pppoe - added rfc4679 support;
+ pppoe - fixed crash when removing pppoe service;
+ pppoe-server - added pado-delay option;
+ profiler - classify certificate signing;
+ proxy - fixed ftp request url decode;
+ queue - improve "/queue interface" menu;
+ quickset - fixed invalid date adjusted the signal threshold for the signal chart and refresh rate;
+ quickset - fixed situations when hidden password was passed as ******* from winbox nd webfig;
+ radius - warn radius client if incorrect secret is being used;
+ rb3011 - fixed sfp compatibility with CCR when using direct attached cables;
+ rb3011 - fixed time keeping;
+ rb3011 - make ether6-ether10 work if SFP module is present on bootup;
+ romon-ssh - fixed active addresses for romon user;
+ route - do not show duplicate gateway on connected route;
+ route - fixed filter by routing table;
+ routing - fixed rare kernel failure on different dynamic routing configurations;
+ routing - fixed routing-marks were not erased from memory when they are not being used;
+ services - do not show ssh entry under ip services if security package is disabled;
+ snmp - don't group oids for bulk get with maxreps > 1 ;
+ snmp - fixed cpu load reporting to 1min average and change oid to 1.3.6.1.4.1.2021.11.10.0;
+ snmp - fixed dhcpv4 lease hwaddr format according to mib;
+ snmp - fixed getbulk result ordering with multiple request OIDs;
+ ssh - simplify login process;
+ ssl - optimized certificate update;
+ system - log time changes;
+ tile - corrected max-l2mtu;
+ tile - fixed fastpath related memory leak;
+ tile - fixed performance regression on switch chip (introduced in 6.33rc18);
+ tile-crypto - fixed minor memory leak;
+ tool fetch - fixed https cleanup on user stop while handshaking;
+ trafficgen - fixed console arguments;
+ trafficgen - fixed crash when unexpected stream reappears;
+ trafflow - fixed potential deadlock;
+ ups - fixed entering hibernate mode when below battery capacity limit;
+ users - added separate RoMoN policy;
+ webfig - fixed firewall rule sorting did not work in other chains except all;
+ webfig - show single item groups as optional values;
+ webfig - sort numeric columns numerically even if they contain some text;
+ winbox - added "pw-type" to "/interface vpls bgp-vpls" menu;
+ winbox - added "use-control-word" and "pw-mtu" to "/interface vpls cisco-bgp-vpls" menu;
+ winbox - added /interface wireless setup-repeater;
+ winbox - added all the rates settings to the capsman;
+ winbox - added flip-screen option to lcd settings;
+ winbox - added init-delay option to routerboard settings;
+ winbox - added ipv6 firewall missing log option;
+ winbox - added missing eap-ttls-mschamv2 method to wireless security profile;
+ winbox - added mtu=auto support to eoipv6 tunnel;
+ winbox - added sfp-mac for GPON interfaces;
+ winbox - added support for new settings from wireless-rep package;
+ winbox - added support for route action in mangle rules;
+ winbox - allow to set additional-network-modes;
+ winbox - allow to set multiple dh-groups;
+ winbox - disable autostart for wireless scan,snooper,align etc. on open;
+ winbox - do not show "enable-jumper-reset" setting on devices without serial port;
+ winbox - do not show real-tx-power column in current-tx-power by default;
+ winbox - fixed unset options in /routing ospf interface menu;
+ winbox - hotspot default-trial user shows profile as "unknown" in Winbox;
+ winbox - improved winbox connection loss detection, fixes winbox safe mode;
+ winbox - limit ospf key to 16 symbols;
+ winbox - make additional-network-mode optional for lte interface;
+ winbox - make build with latest lte changes;
+ winbox - make mrru disabled and set mtu+mru to auto by default on new servers;
+ winbox - show "usb-power-reset" option on all boards that have it;
+ wireless - fixed crash on nstreme-dual interface stats update;
+ wireless-rep - added 802.11g/n only band;
+ wireless-rep - added STEP feature for the scan-list;
+ wireless-rep - added WPS client support;
+ wireless-rep - added support for saving wireless scan results to file;
+ wireless-rep - added support for wireless background scan for 802.11 protocol;
+ wireless-rep - added support for wireless repeater mode for 802.11 protocol;
+ wireless-rep - added support for wireless scan rounds setting;
+ wireless-rep - adjust roaming scan times;
+ wireless-rep - allow to connect to AP after scan;
+ wireless-rep - do not allow empty ssid for AP modes;
+ wireless-rep - fixed crash on non-HT clients;
+ wireless-rep - fixed latency issues with Intel wireless clients;
+ wireless-rep - fixed nv2 protocol;
+ wireless-rep - fixed qos frame-priority when nv2 protocol used in station-wds mode;
+ wireless-rep - fixed signal leds;
+ wireless-rep - fixed speed issue when connected with Intel 802.11ac;
+ wireless-rep - initial support for station roaming for station mode in 802.11 protocol;
+ wireless-rep - request interface name for setup-repeater;
+ wireless-rep - use full identity where possible;
+ wireless-rep,capsman - added more configuration settings;
+ wireless-rep,capsman - added rate config support.
Список изменений, исправлений и оптимизаций весьма внушительный, поэтому обновление затронет практически все существующие конфигурации. Известные проблемы: некоторые LTE-модемы Huawei могут не получать IP-адрес после перезагрузки маршрутизатора, в качестве временного решения – подключите/отключите устройство.
Из новшеств – пакет wireless-rep. На текущий момент новый пакет необходимо устанавливать вручную, скачав его вручную с официального сайта. Со временем wireless-rep будет использоваться по-умолчанию. Пакет wireless-rep использует более новый драйвер и заменяет стандартный пакет для работы Wi-Fi, по сути это тот же wireless-cm2, в который добавлены новые возможности.
Среди новых возможностей wireless-rep:
- поддержка роуминга в режиме станции для протокола 802.11;
- режим репитера для протокола 802.11;
- фоновое сканирование;
- сохранение результатов сканирования в файл.
Относительно роуминга – к сожалению, это не тот роуминг, о котором многие могли подумать. Речь идет о роуминге в режиме станции (Station), когда RouterOS работает в режиме беспроводного клиента. Система запускает фоновое сканирование точек доступа (AP), при обнаружении точки доступа с лучшими параметрами, ROS попробует перейти на сеть с лучшими параметрами. Данная функция будет весьма полезной для Mikrotik mAP lite. Будем ждать более подробной информации и документации по этой функции.
Режим репитера позволяет создать беспроводной клиент и точку доступа (AP) на одном и том же физическом интерфейсе. Обратите внимание, режим репитера доступен только для одного интерфейса. Для настройки используйте команду /interface wireless setup-repeater.
Для запуска фонового сканирования (background scan), запустите стандартный Scan, перед запуском сканирования, установите соответствую опцию «background scan» под списком выбора интерфейса.
С более подробной информацией вы можете ознакомиться на официальном форуме в темах про 6.35 [current] и 6.35 [release candidate].
Как выбрать подходящий пакет wireless?
- wireless-fp – старый пакет с поддержкой Fast Path и CAPsMAN v1
- wireless-cm2 – аналогичен wireless-fp, имеет поддержку CAPsMAN v2
- wireless-rep – аналогичен wireless-cm2, добавлены новые функции
Обратите внимание, CAPsMAN v1 и CAPsMAN v2 не совместимы.
Видеокурс «Настройка оборудования MikroTik» (аналог MTCNA)
Учитесь работать с MikroTik? Рекомендую видеокурс «Настройка оборудования MikroTik». В курсе разобраны все темы из официальной учебной программы MTCNA и много дополнительного материала. Курс сочетает теоретическую часть и практику – настройку маршрутизатора по техническому заданию. Консультации по заданиям курса ведет его автор Дмитрий Скоромнов. Подойдет и для первого знакомства с оборудованием MikroTik, и для систематизации знаний опытным специалистам.