Быстрая навигация
802.11ac 802.11ac Wave 2 802.11n Android DVB-T2 Google hAP HotSpot IPSec Keenetic LTE Mikrotik MU-MIMO Netis Newsletter Realtek RouterBOARD RouterOS Rozetka rozetka.com.ua Strong Trimax Ubiquiti UBNT UniFi wAP 60G Wi-Fi Winbox wireless Zyxel безопасность маршрутизатор настройка обзор обновление промо промо-код прошивка роутер скидкиОбновления и исправления RouterOS 6.35-6.35.4, а также подробности новой версии RouterOS 6.36
Выход обновления RouterOS 6.35 привнес достаточно много изменений, среди которых новый беспроводной пакет wireless-rep.
После обновления 6.35 было выпущено еще 3 дополнительные обновления: 6.35.1, 6.35.2 и 6.35.4.
В версии RouterOS 6.35.4 есть изменение, которое вызвало достаточно активную дискуссию, в частности, речь идет об изменении опции dynamic=yes. Установив таймаут, вы потеряете возможность дальнейшего изменения данного параметра, обратите на это внимание, если вы используете специализированные скрипты.
Ниже приведен полный список изменений, в сравнении с RouterOS 6.35. Обновление рекомендуется владельцам RB3011 – для этой платформы улучшена производительность.
Изменения RouterOS 6.35.4 относительно 6.35.2:
- address-list - make "dynamic=yes" as read-only option;
- bonding - fixed 802.3ad load balancing mode over tunnels ;
- bonding - fixed bonding primary slave assignment for ovpn interfaces after startup;
- bonding - fixed crash on RoMON traffic transmit;
- dhcpv6 client - fixed ia lifetime validation when it is set by dhcpv6 client;
- disk - added support for Plextor PX-G128M6e(A) SSD on CCR1072;
- ethernet - fixed memory leak when setting interface without changing configuration;
- firewall - do not show disabled=no in export;
- health - fixed broken factory voltage calibration data for some hAP ac boards;
- health - fixed incorrect voltage after reboot on RB2011UAS;
- ipsec - fixed mode-config export;
- ipsec - fixed route cache overflow when using ipsec with route cache disabled;
- lte - use only creg result codes as network status indications;
- ovpn - enable perfect forwarding secrecy support by default;
- rb3011 - fixed port flapping on ether6-ether10;
- rb3011 - fixed reset button functionality;
- rb3011 - improved performance on high cpu usage;
Изменения RouterOS 6.35.2 относительно 6.35.1:
- discovery - fixed identity discovery (introduced in 6.35.1);
- firewall - fixed policy routing configurations (introduced in 6.35rc38);
- log - fixed time zone adjustment (introduced in 6.35.1);
- queue - fixed interface queue type for ovpn tunnels;
- snmp - fixed snmp timeout (introduced in 6.35.1);
- vrrp - fixed missing vrrp interfaces after upgrade (introduced in 6.35.1);
Изменения RouterOS 6.35.1 относительно 6.35:
- bonding - do not corrupt bonding statistics on configuration changes;
- bonding - fixed crash when vlan parent mtu is higher than bonding mtu;
- ethernet - do not allow mtu to be higher than l2mtu and l2mtu to be higher than max-l2mtu (reduce automatically on upgrade if it was wrong before);
- log - fixed reboot log messages;
- lte - do not allow to set multiple modes when it is not supported;
- lte - fixed address acquisition on Huaweii LTE interfaces;
- winbox - show voltage in Health only if there actually is voltage monitor;
- wireless - fixed issue when CAPsMAN could lock CAPs interface;
Изменения RouterOS 6.36: текущие изменения
Тем временем, новая версия RouterOS 6.36 тестируется уже с середины апреля, за это время набралось достаточно большое количество изменений. Так что же нас ожидает в новой версии?
Одним из самых важных изменений является отключение пакета wireless-fp, который как вы помните, имеет поддержку CAPsMAN v1. Относительно официального релиза, нюансы будут описаны чуть позже, при выходе. Касаемо RC-версии, при её установке требуется отключить либо удалить пакет fireless-fp, вместо него следует использовать пакет wireless-cm2 либо новый wireless-rep.
Вчера, 21-го июня вышла новая версия 6.36 RC30 (Release Canditate), среди интересных изменений, доработка Firewall, а именно два новшества.
Первое новшество: добавлен «interface list», что позволяет избежать дублирования правил файрволла при использовании Multi-WAN (несколько провайдеров).
Второе новшество: добавлена поддержка добавления доменных имен для «address list». Ранее для доменов с несколькими либо меняющимися IP требовалось использовать отдельные скрипты, сейчас же достаточно добавить домен, система автоматически получит IP-адреса от DNS-сервера и создаст дополнительные динамические записи.
Ниже приведен полный список всех изменений.
Изменения RouterOS 6.36rc30:
- certificate - do not exit after card-verify;
- console - fixed get false function;
- dude - changes;
- ipsec - fixed windows msgid check on x86 devices;
- lte - added support for Huawei E3531;
- lte - fixed modem init when pin request present;
- mesh - fixed crash when connection references a mesh network but it is not available any more;
- modem - added support for SpeedUP SU-900U modem;
- queue - reset queue type on interfaces which default queue type changes to no-queue after upgrade;
- rb3011 - fixed usb driver load (introduced in 6.36r22);
- route - added suppport for more than 8 bits of options;
- ssl - do not exit while there still are active sessions;
- timezone - updated timezone information from tzdata2016e release;
- upnp - fixed nat rule dst-port by making it visible again;
- wireless-rep - fixed nstreme reset on poll timeout;
- address - allow multiple equal ip addresses to be added if neither or only one is enabled;
- address-list - make "dynamic=yes" as read-only option;
- arm - added Dude server support;
- arm - fixed kernel failure on low memory;
- arp - added arp-timeout option per interface;
- bonding - fixed 802.3ad load balancing mode over tunnels ;
- bonding - fixed bonding privmary slave assignment for ovpn interfaces after startup;
- bonding - fixed crash on RoMON traffic transmit;
- bonding - implemented l2mtu value == smallest slave interfaces l2mtu;
- capsman - fixed crash when running over ovpn;
- certificate - added automatic scep renewal delay after startup to avoid all requests accessing CA at the same time;
- certificate - cancel pending renew when certificate becomes valid after date change;
- certificate - display issuer and subject on check failure;
- certificate - force scep renewal on system clock updates;
- chr - fixed stalling services (introduced in 6.36rc6);
- clock - save current time to configuration once per day even if there are no time zone adjustments pending;
- cloud - fixed export order;
- console - show message time in echo log messages;
- defconf - changed channel extension to 20/40/80mhz for all ac boards;
- dhcp-pd - correct server listing for commands;
- dhcp-server - fixed radius framed route addition after reboot on client renew;
- dhcpv6 client - fixed ia lifetime validation when it is set by dhcpv6 client;
- dhcpv6-server - fixed binding last-seen update;disk - added support for Plextor PX-G128M6e(A) SSD on CCR1072;
- dude - changes;
- dude - server package is now made smaller. client side content upgrade is now removed from it and is downloaded straight from our cloud. So workstations on which client is used will require access to wan. Alternatively upgrade must be done by reinstalling the client on each new release;
- e-mail - removed subject and body length limit;
- ethernet - fixed memory leak when setting interface without changing configuration;
- fastpath - fixed kernel failure when fastpath handles packet with multicast dst-address;
- fetch - support tls host name extension;
- firewall - added "/interface list" menu which allows to create list of interfaces which can be used as in/out-interface-list matcher in firewall;
- firewall - added pre-connection tracking filter - "raw" table, that allow to protect connection-tracking from unnecessary traffic;
- firewall - added udplite, dccp, sctp connection tracking helpers;
- firewall - allow to add domain name to address-lists (dynamic entries for resolved addresses will be added to specified list);
- firewall - do not show disabled=no in export;
- firewall - fixed spelling in built-in firewall commentary;
- gps - fixed longitude seconds part;
- health - fixed broken factory voltage calibration data for some hAP ac boards;
- health - fixed incorrect voltage after reboot on RB2011UAS;
- icmp - fixed kernel failure when icmp packet could not be processed on high load;
- ippool6 - fixed crash on acquire when prefix length is equal with pool prefix length;
- ipsec - add dead ph2 detection exception for windows msgid noncompilance with rfc;
- ipsec - added dead ph2 reply detection;
- ipsec - don't register temporary ph2 on dead list;
- ipsec - fix initiator modecfg dynamic dns;
- ipsec - fixed AH with SHA2;
- ipsec - fixed checks before accessing ph1 nat options;
- ipsec - fixed mode-config export;
- ipsec - fixed route cache overflow when using ipsec with route cache disabled;
- ipsec - store udp encapsulation type in proposal;
- kernel - fixed possible kernel deadlock when Sierra USB mode is being used;
- lcd - reduced lowest backlight-timeout value from 5m to 30s;
- log - added whole scep certificate chain print;
- logs - increase excessive multicast/broadcast warning threshold every time it is logged;
- lte - added allow-roaming option for Huawei MU709, ME909s, ME909u devices;
- lte - added cinterion pls8 support;
- lte - changed driver loading for class 2 usb rndis devices;
- lte - fix crash on SXT LTE while resetting card while at high traffic;
- lte - fixed connection for huawei without cell info;
- lte - Huawei MU609 must use latest firmware to work correctly;
- lte - improved multiple same model modems identification;
- lte - removed option allow-roaming for Huawei ME909u and MU609 devices;
- lte - use only creg result codes as network status indications;
- nand - improved nand refresh feature to enhance stored data integrity;
- ntp - fixed time keeping on SXT ac, RB911L, cAP and wAP
- ovpn - enable perfect forwarding secrecy support by default;
- ovpn - fixed compatibility with OpenVPN 2.3.11;
- proxy - limit max ram usage to 80% for tile and x86 devices;
- rb3011 - fixed port flapping on ether6-ether10;
- rb3011 - fixed reset button functionality;
- rb3011 - improved performance on high cpu usage;
- route - fixed ospf by handling ipv6 encoded prefixes with stray bits;
- route - fixed ospf-v3 crash (introduced in 6.36rc6);
- sniffer - fixed ipv6 address matching;
- snmp - fixed get function for snmp>=v2 when oid does not exist;
- snmp - fixed interface stats branch from MikroTik MIB;
- snmp - report current access technology and cell id for lte modems;
- snmp - report ram memory as ram instead of other;
- ssh - add rsa host key size parameter;
- ssh-keygen - add rsa key size parameter;
- ssl - fixed memory leak on ssl connect/disconnect (fetch, ovpn, etc.);
- supout - erase panic data properly on Netinstall;
- switch - fixed switch compact export;
- traffic-flow - added ipfix support (RFC5101 and RFC5102);
- trafficflow - allow to filter with interface lists;
- tunnel - added option to auto detect tunnel local-address;
- usb - I-tec U3GLAN3HUB usb hub/ethernet dongle now shows up correctly as ethernet interface;
- usb - implement possibility to recognize usb hubs/ethernet-dongles (if usb hubs/ethernet-dongles are not recognized with this version - send supout.rif file);
- userman - fixed crash on database upload;
- userman - use ipnpb.paypal.com for payment verification;
- winbox - report correctly dude users in active users list;
- wireless - wireless-fp is discontinued, it needs to be uninstalled/disabled before upgrade;
- wireless-rep - added initial API support for snooper;
- wireless-rep - fixed crash on nv2 reconnect;
- wireless-rep - fixed scan-list unset;
- wireless-rep - treat missing SSID element as hidden SSID;
Видеокурс «Настройка оборудования MikroTik» (аналог MTCNA)
Учитесь работать с MikroTik? Рекомендую видеокурс «Настройка оборудования MikroTik». В курсе разобраны все темы из официальной учебной программы MTCNA и много дополнительного материала. Курс сочетает теоретическую часть и практику – настройку маршрутизатора по техническому заданию. Консультации по заданиям курса ведет его автор Дмитрий Скоромнов. Подойдет и для первого знакомства с оборудованием MikroTik, и для систематизации знаний опытным специалистам.