en-usMikroTik Candidatehttps://www.mikrotik.comCopyright 2018, Mikrotikls LtdMikroTik Rss60Feed for newest RouterOS updates.RouterOS 6.43rc56 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc56 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) bridge - added support for BPDU Guard (CLI only);
*) bridge - added support for DHCP Option 82 (disables hardware offloading, CLI only);
*) bridge - added support for DHCP Snooping (disables hardware offloading, CLI only);
*) bridge - forward LACPDUs when "protocol-mode=none";
*) bridge - improved packet handling;
*) cloud - added simultaneous IPv4/IPv6 support;
*) console - added "dont-require-permissions" parameter for scripts;
*) dhcpv4-relay - fixed false invalid flag presence;
*) dhcpv6-server - do not allow to run DHCPv6 server on slave interface;
*) dhcpv6-server - fixed dynamic simple queue creation for RADIUS bindings;
*) dhcpv6-server - properly update interface for dynamic DHCPv6 servers;
*) ethernet - fixed possible link flaps after disabling/enabling the interface (introduced in v6.43rc51);
*) ethernet - improved large packet handling on ARM devices with wireless;
*) ethernet - removed obsolete slave flag from "/interface vlan" menu;
*) hotspot - fixed customized HTML file usage (introduced in 6.43rc47);
*) ike1 - zero out reserved bytes in NAT-OA payload;
*) ike2 - fixed initiator first policy selection;
*) ippool - improved used address error message;
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ppp - fixed interface enabling after a while if none of them where active;
*) ppp - improved modem mode switching;
*) snmp - added "temp-exception" trap;
*) switch - fixed possible switch chip hangs after initialization on MediaTek and Atheros8327 switch chips;
*) tile - fixed false HW offloading flag for MPLS;
*) tr069-client - allow editing of "provisioning-code" attribute (CLI only);
*) tr069-client - fixed unresponsive tr069 service when blackhole route is present;
*) upgrade - fixed RouterOS upgrade process from RouterOS v5;
*) ups - improved UPS serial parsing stability;
*) w60g - general stability and performance improvements;
*) w60g - stop doing distance measurements after first successful measurement;
*) winbox - added "default-route-distance" parameter for "IPv6/DHCP-client" menu;
*) winbox - fixed "sfp-connector-type" value presence under "Interface/Ethernet";
*) winbox - fixed warning presence for "IP/IPsec/Peers" menu;
*) winbox - fixed "write-sect-since-reboot" value presence under "System/Resources";
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) wireless - added option to disable PMKID for WPA2 (CLI only);
*) wireless - fixed memory leak when performing wireless scan on ARM;
*) wireless - updated "united-states" regulatory domain information;

Other changes since v6.42.6:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - added per-port based "tag-stacking" feature;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - fixed "ingress-filtering", "frame-types" and "tag-stacking" value storing;
*) bridge - improved bridge port state changing process;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) bridge - renamed option "vlan-protocol" to "ether-type";
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) certificate - do not allow to perform "undo" on certificate changes;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added command that forces fan detection on fan-equipped devices;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed port disable on CRS326 and CRS328 devices;
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-client - allow to set "default-route-distance";
*) dhcpv6-client - fixed "add-default-route" parameter;
*) dhcpv6-client - fixed option handling;
*) dhcpv6 - improved reliability on IPv6 DHCP services;
*) dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - fixed default ethernet advertise values after configuration reset (introduced in v6.43rc33)
*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - fixed voltage measurements for RB493G devices;
*) health - improved speed of health measurement readings;
*) hotspot - allow to properly configure Hotspot directory on external disk for devices that have flash type storage;
*) hotspot - fixed RADIUS CoA & PoD by allowing to accept "NAS-Port-Id";
*) ike1 - added unsafe configuration warning for main mode with pre-shared-key authentication;
*) ike1 - purge both SAs when timer expires;
*) ike2 - fixed rekeyed child deletion during another exchange;
*) ike2 - improved basic exchange logging readability;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - fixed AES-CTR and AES-GCM key size proposing as initiator;
*) ipsec - fixed "sa-src-address" deduction from "src-address" in tunnel mode;
*) ipsec - fixed "static-dns" value storing (CLI only);
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) ldp - properly load LDP configuration;
*) led - fixed default LED configuration for RBLHGG-5acD-XL devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional D-Link PIDs;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added additional low endpoint SIM7600 PIDs;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added "registration-status" parameter under "/interface lte info" command;
*) lte - added roaming status reading for info command (CLI only);
*) lte - added signal readings under "/interface lte scan" for 3G and GSM modes;
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed memory leak on USB disconnect;
*) lte - fixed SIM7600 registration info;
*) lte - fixed SMS send feature when not in LTE network;
*) lte - ignore empty MAC addresses during Passthrough discovery phase;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - properly detect interface state when running for IPv6 only connection for R11e-LTE modem;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) multicast - allow to add more than one RP per IP address for PIM;
*) ntp - allow to specify link-local address for NTP server;
*) ospf - improved link-local LSA flooding;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) rb1100ahx4 - added DES and 3DES hardware acceleration support;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) routerboot - removed RAM test from TILE devices (routerboot upgrade required);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) sfp - fixed default advertised link speeds;
*) sfp - hide "sfp-wavelength" parameter for RJ45 transceivers;
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) snmp - added "phy-rate" reading for "station-bridge" mode;
*) snmp - fixed "remote-cap" peer MAC address format;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) ssh - strengthen strong-crypto (add aes-128-ctr and disallow hmac sha1 and groups with sha1);
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tile - added DES and 3DES hardware acceleration support;
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - added distance measurement feature;
*) w60g - fixed random disconnects;
*) w60g - improved MCS rate detection process;
*) w60g - improved MTU change handling;
*) w60g - properly close connection with station on disconnect;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - properly display all flags for bridge host entries;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed "/interface wireless sniffer packet print follow" output;
*) wireless - fixed packet processing after removing wireless interface from CAP settings;
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 reliability on ARM devices;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc56' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 14 Aug 2018 12:57:06 +0300ea7936130cfe2f2aa227709be2533656
RouterOS 6.43rc51 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc51 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) bridge - added per-port based "tag-stacking" feature;
*) bridge - fixed "ingress-filtering", "frame-types" and "tag-stacking" value storing;
*) bridge - improved bridge port state changing process;
*) bridge - improved packet processing when bridge port changes states;
*) bridge - renamed option "vlan-protocol" to "ether-type";
*) certificate - do not allow to perform "undo" on certificate changes;
*) crs3xx - added command that forces fan detection on fan-equipped devices;
*) crs3xx - fixed port disable on CRS326 and CRS328 devices;
*) dhcpv6-client - allow to set "default-route-distance";
*) dhcpv6-client - fixed "add-default-route" parameter;
*) dhcpv6-client - fixed option handling;
*) dhcpv6-server - added additional RADIUS parameters for Prefix delegation, "rate-limit" and "life-time";
*) ethernet - fixed default ethernet advertise values after configuration reset (introduced in v6.43rc33)
*) filesystem - fixed NAND memory going into read-only mode (requires "factory-firmware" >= 3.41.1 and "current-firmware" >= 6.43);
*) health - fixed voltage measurements for RB493G devices;
*) hotspot - allow to properly configure Hotspot directory on external disk for devices that have flash type storage;
*) hotspot - fixed RADIUS CoA & PoD by allowing to accept "NAS-Port-Id";
*) ike1 - added unsafe configuration warning for main mode with pre-shared-key authentication;
*) ike1 - zero out reserved bytes in NAT-OA payload;
*) ike2 - fixed rekeyed child deletion during another exchange;
*) ike2 - improved basic exchange logging readability;
*) ipsec - fixed "sa-src-address" deduction from "src-address" in tunnel mode;
*) ipsec - fixed "static-dns" value storing (CLI only);
*) ipsec - fixed AES-CTR and AES-GCM key size proposing as initiator;
*) ldp - properly load LDP configuration;
*) led - fixed default LED configuration for RBLHGG-5acD-XL devices;
*) lte - added "registration-status" parameter under "/interface lte info" command;
*) lte - added additional D-Link PIDs;
*) lte - added additional low endpoint SIM7600 PIDs;
*) lte - added signal readings under "/interface lte scan" for 3G and GSM modes;
*) lte - fixed memory leak on USB disconnect;
*) lte - fixed SMS send feature when not in LTE network;
*) lte - ignore empty MAC addresses during Passthrough discovery phase;
*) lte - properly detect interface state when running for IPv6 only connection for R11e-LTE modem;
*) multicast - allow to add more than one RP per IP address for PIM;
*) ospf - improved link-local LSA flooding;
*) rb1100ahx4 - added DES and 3DES hardware acceleration support;
*) routerboot - removed RAM test from TILE devices (routerboot upgrade required);
*) sfp - hide "sfp-wavelength" parameter for RJ45 transceivers;
*) snmp - added "phy-rate" reading for "station-bridge" mode;
*) snmp - fixed "remote-cap" peer MAC address format;
*) ssh - strengthen strong-crypto (add aes-128-ctr and disallow hmac sha1 and groups with sha1);
*) tile - added DES and 3DES hardware acceleration support;
*) w60g - added distance measurement feature;
*) w60g - fixed random disconnects;
*) w60g - improved MCS rate detection process;
*) w60g - improved MTU change handling;
*) w60g - properly close connection with station on disconnect;
*) wireless - fixed "/interface wireless sniffer packet print follow" output;
*) wireless - fixed packet processing after removing wireless interface from CAP settings;

Other changes since v6.42.6:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6 - improved reliability on IPv6 DHCP services;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - improved speed of health measurement readings;
*) ike1 - purge both SAs when timer expires;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) sfp - fixed default advertised link speeds;
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - properly display all flags for bridge host entries;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 reliability on ARM devices;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc51' version here: https://www.mikrotik.com/download

]]>
Release candidateThu, 02 Aug 2018 11:42:30 +030055725473bec4940e52f0853f9fd5064c
RouterOS 6.43rc45 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc45 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) ethernet - improved stability when changing ethernet interface L2MTU on CRS328-24P-4S+ (introduced in v6.43rc11);
*) ipsec - improved invalid policy handling when a valid policy is uninstalled;
*) lte - added additional ID support for SIM7600 modem;
*) sfp - fixed default advertised link speeds;
*) vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;
*) winbox - properly display all flags for bridge host entries;
*) winbox - show "System/RouterBOARD/Mode Button" on devices that has such feature;
*) wireless - improved Nv2 reliability on ARM devices;

Other changes since v6.42.6:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6 - improved reliability on IPv6 DHCP services;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - improved speed of health measurement readings;
*) ike1 - purge both SAs when timer expires;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for alternative SIM7600 PID;
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) sms - improved reliability on SMS reader;
*) snmp - added CAPsMAN "remote-cap" table;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - temporary disabled distance measurement feature;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc45' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 23 Jul 2018 08:56:39 +030035ed4eb9e169eeb54489dd1d16701f30
RouterOS 6.43rc44 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc44 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

*) backup - added support for new backup file encryption (AES128-CTR) with signatures (SHA256);
*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1;
*) crs3xx - fixed tagged packet forwarding in 802.1ad aware bridges (introduced in 6.43rc13);
*) dhcpv6 - improved reliability on IPv6 DHCP services;
*) lte - added support for alternative SIM7600 PID;
*) sms - improved reliability on SMS reader;
*) w60g - temporary disabled distance measurement feature;

Other changes since v6.42.6:

*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) check-installation - improved system integrity checking;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved balooning process;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) chr - reduced RAM memory required per interface;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - improved speed of health measurement readings;
*) ike1 - purge both SAs when timer expires;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) snmp - added CAPsMAN "remote-cap" table;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc44' version here: https://www.mikrotik.com/download

]]>
Release candidateThu, 12 Jul 2018 13:53:35 +03001ab697cda815b97790f3e150454b3213
RouterOS 6.43rc42 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc42 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - added support for licensed CHR instances (including trial);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release:

!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
*) check-installation - improved system integrity checking;
*) chr - fixed interface name order when "virtio-net is not being used on KVM installations;
*) chr - improved balooning process;
*) chr - reduced RAM memory required per interface;
*) defconf - fixed bridge default configuration for SOHO devices with more than 9 Ethernet interfaces;
*) health - improved speed of health measurement readings;
*) interface - improved interface "last-link-down-time" and "last-link-up-time" values;
*) package - free up used storage space consumed by old RouterOS upgrades;
*) routerboard - fixed wrongly reported RAM size on ARM devices;
*) snmp - fixed w60g "phy-rate" readings;
*) w60g - general stability and performance improvements;
*) winbox - added 64,6 GHz frequency to w60g interface frequency settings;

Other changes since v6.42.5:

*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) bridge - properly handle packets when bridge port changes states
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs317 - properly report link state when one side has disabled interface;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed LACP member failover;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) ethernet - properly handle Ethernet interface default configuration;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) ike1 - purge both SAs when timer expires;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) smb - fixed valid request handling when additional options are used;
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) snmp - added CAPsMAN "remote-cap" table;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) supout - added "ip-cloud" section to supout file;
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed modem initialisation on LtAP mini;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - fixed compatibility with PayPal TLS 1.2;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - do not reset interface after adding comment;
*) watchdog - added "ping-timeout" setting;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "sector-writes" on devices that have such counters;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc42' version here: https://www.mikrotik.com/download

]]>
Release candidateThu, 05 Jul 2018 10:45:56 +030044db0621a4c1bee337100028de74f427
RouterOS 6.43rc40 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc40 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - added IPv6 support;
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release

!) cloud - added support for licensed CHR instances (including trial);
*) bridge - properly handle packets when bridge port changes states
*) crs317 - properly report link state when one side has disabled interface;
*) ethernet - properly handle Ethernet interface default configuration;
*) ike2 - use "/32" netmask by default on initiator if not provided by responder;
*) package - do not allow to install out of bundle package if it already exists within bundle;
*) package - free up used storage space consumed by old RouterOS upgrades;
*) package - renamed "current-version" to "installed-version" under "/system package install";
*) sms - converted "keep-max-sms" feature to "auto-erase";
*) snmp - added CAPsMAN "remote-cap" table;
*) supout - added "ip-cloud" section to supout file;
*) usb - fixed modem initialisation on LtAP mini;
*) userman - fixed compatibility with PayPal TLS 1.2;
*) w60g - do not reset interface after adding comment;
*) watchdog - added "ping-timeout" setting;
*) winbox - show "sector-writes" on devices that have such counters;
*) winbox - show "Switch" menu on hAP ac^2 devices;

Other changes since v6.42.5:

*) backup - generate proper file name when devices identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) console - do not show spare parameters on ping command;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed flow control;
*) crs3xx - fixed LACP member failover;
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-client - fixed double ACK packet handling;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) ike1 - purge both SAs when timer expires;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added eNB ID to info command;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) smb - fixed valid request handling when additional options are used;
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) ssh - disconnect all active connections when device gets rebooted or turned off;
*) supout - added "w60g" section to supout file;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the device at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc40' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 03 Jul 2018 11:32:58 +0300a2eab24fe61ffbc7071480788de0df67
RouterOS 6.43rc34 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc34 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
!) winbox - minimal required version is v3.15;
----------------------

Changes in this release

!) cloud - added IPv6 support;
*) console - do not show spare parameters on ping command;
*) crs317 - properly report link state when one link interface is disabled;
*) crs326/crs328 - fixed broken "new-dst-port" ACL rules (introduced in 6.43rc10);
*) crs3xx - fixed flow control;
*) crs3xx - fixed LACP member failover;
*) dhcpv4-client - fixed double ACK packet handling;
*) ethernet - do not show "combo-state" field if interface is not SFP or copper;
*) led - fixed LED default configuration for LtAP mini;
*) lte - added eNB ID to info command;
*) ssh - allow to use "diffie-hellman-group1-sha1" on TILE and x86 devices with "strong-crypto" disabled;
*) supout - added "w60g" section to supout file;
*) watchdog - added "ping-timeout" setting (CLI only);
*) winbox - show "sector-writes" on ARM routers that has such counters;
*) winbox - show "System/Health" only on boards that have health monitoring;

Other changes since v6.42.4:

*) api - properly classify API sessions in log;
*) backup - generate proper file name when router identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - enabled promiscious mode (requires to be enabled on host as well) when running CHR on Hyper-V;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) export - do not show w60g password on "hide-sensitive" type of export;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) ike1 - purge both SAs when timer expires;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - added dynamic accept firewall rules in order to allow limit bandwidth when FastTrack is enabled;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - show UICC in correct format for SXT LTE devices;
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) romon - properly classify RoMON sessions in log and active users list;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) smb - fixed valid request handling when additional options are used;
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) snmp - added "rssi" and "tx-sector-info" value support for w60g type interfaces;
*) ssh - disconnect all active connections when router gets rebooted or turned off;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - added 4th 802.11ad channel (CLI only);
*) w60g - added distance measurement (CLI only);
*) w60g - general stability and performance improvements;
*) w60g - improved link stability;
*) w60g - improved maximal achievable distance;
*) w60g - improved maximum link distance;
*) w60g - properly report center status under "tx-sector-info";
*) w60g - removed distance lock for wAP 60G devices;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the router at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;
*) x86 - improved Ethernet driver for Davicom DM9x0x;

Download the new 'RouterOS 6.43rc34' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 25 Jun 2018 12:59:38 +0300e732e5de862f3ad5c0e86317c6250a5d
RouterOS 6.43rc32 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc32 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility;
----------------------

Changes in this release

!) winbox - minimal required version is v3.15;
*) api - properly classify API sessions in log;
*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading;
*) chr - enabled promiscious mode (requires to be enabled on host as well) when running CHR on Hyper-V;
*) crs317 - fixed Ethernet inteface stuck on 100 Mbps speed;
*) crs328 - fixed transmit on sfp-sfpplus1 and sfp-sfpplus2 interfaces;
*) crs3xx - do not report SFP interface as running when interface on opposite side is disabled;
*) dude - fixed client auto upgrade (broken since 6.43rc17);
*) export - do not show w60g password on "hide-sensitive" type of export;
*) log - fixed false log warnings about system status after power on for CRS328-4C-20S-4S+;
*) lte - show UICC in correct format for SXT LTE devices;
*) romon - properly classify RoMON sessions in log and active users list;
*) w60g - improved maximal achievable distance;
*) w60g - properly report center status under "tx-sector-info";

Other changes since v6.42.4:

*) backup - generate proper file name when router identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - reduced resource usage of DHCP services;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) ike1 - purge both SAs when timer expires;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - added dynamic accept firewall rules in order to allow limit bandwidth when FastTrack is enabled;
*) kidcontrol - allow to edit discovered devices;
*) led - improved w60g alignment trigger;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) ppp - added support for additional ID for E3531 modem;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) smb - fixed valid request handling when additional options are used;
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) snmp - added "rssi" and "tx-sector-info" value support for w60g type interfaces;
*) ssh - disconnect all active connections when router gets rebooted or turned off;
*) switch - added support for port isolation by switch chip;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed power-reset for hAP ac^2 devices;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - added 4th 802.11ad channel (CLI only);
*) w60g - added distance measurement (CLI only);
*) w60g - general stability and performance improvements;
*) w60g - improved link stability;
*) w60g - improved maximum link distance;
*) w60g - removed distance lock for wAP 60G devices;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the router at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;

Download the new 'RouterOS 6.43rc32' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 19 Jun 2018 12:38:12 +03008ed56206a9d57eda8f3dfd68756566a5
RouterOS 6.43rc29 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc29 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility (Winbox v3.14 required);
----------------------

Changes in this release:

*) dhcp - reduced resource usage of DHCP services;
*) ipsec - improved reliability on IPsec hardware encryption for RB1100Dx4;
*) led - added "dark-mode" functionality for SXTsq 5 ac devices;
*) led - use routers uptime as a starting point when turning off LEDs if option was not enabled on boot;
*) sfp - fixed DDM data with SFP+ modules on CRS328-4C-20S-4S+ (introduced in v6.43rc10);
*) sms - do not require "port" and "interface" parameters when sending SMS if already present in configuration;
*) swos - implemented "/system swos" menu that allows to upgrade, reset, save or load configuration and change address for dual-boot CRS devices (CLI only);
*) w60g - improved maximum link distance;
*) w60g - improved RAM memoy allocation processes;
*) wireless - improved Nv2 reliability on ARM devices;

Other changes since v6.42.3:

*) backup - generate proper file name when router identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - allow to make changes for bridge port when it is interface list;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - fixed FastPath for bridge master interfaces (introduced in v6.42);
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) certificate - fixed "add-scep" template existence check when signing certificate;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations (might require more RAM assigned than in previous versions);
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed adding MSTI entries;
*) chr - fixed boot on hosts older than Windows Server 2012 when running CHR on Hyper-V;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - fixed various network hang scenarios when running CHR on Hyper-V;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) console - fixed script permissions if script is executed by other RouterOS service;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - fixed DHCP server stuck in invalid state;
*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - fixed DHCP server that was stuck on invalid state;
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) health - changed "PSU-Voltage" to "PSU-State" for CRS328-4C-20S-4S+;
*) health - fixed incorrect PSU index for CRS328-4C-20S-4S+;
*) ike1 - purge both SAs when timer expires;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) ipsec - use monotonic timer for SA lifetime check;
*) kidcontrol - added dynamic accept firewall rules in order to allow limit bandwidth when FastTrack is enabled;
*) kidcontrol - allow to edit discovered devices;
*) kidcontrol - fixed dynamically created firewall rules order;
*) led - added "dark-mode" functionality for hEX S devices;
*) led - fixed CCR1016-12S-1S+ LED behaviour after Netinstall (introduced in v6.41rc58);
*) led - improved w60g alignment trigger;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - added support for Quanta 1k6e modem;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ntp - allow to specify link-local address for NTP server;
*) ppp - added support for additional ID for E3531 modem;
*) ppp - fixed "hunged up" grammar to "hung up" within PPP log messages;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - added missing wireless "channel-width" settings;
*) quickset - added support for "5ghz-a/n" band when CPE mode is used;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) smb - fixed valid request handling when additional options are used;
*) snmp - added "rssi" and "tx-sector-info" value support for w60g type interfaces;
*) snmp - added remote CAP count OID for CAPsMAN;
*) snmp - fixed readings for CAPsMAN slave interfaces;
*) ssh - disconnect all active connections when router gets rebooted or turned off;
*) supout - added "partitions" section to supout file;
*) switch - added support for port isolation by switch chip;
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) usb - fixed power-reset for hAP ac^2 devices;
*) usb - properly detect USB 3.0 flash on RBM33G when jumper is removed;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) userman - improved unique username generation process when adding batch of users;
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - added 4th 802.11ad channel (CLI only);
*) w60g - added distance measurement (CLI only);
*) w60g - general stability and performance improvements;
*) w60g - improved link stability;
*) w60g - improved maximal achievable distance;
*) w60g - removed distance lock for wAP 60G devices;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added missing "dscp" and "clamp-tcp-mss" settings to IPv6 tunnels;
*) winbox - allow to specify full URL in SCEP certificate signing process;
*) winbox - by default specify keepalive timeout value for tunnel type interfaces;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the router at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "scep-url" for certificates;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show "System/Health" only on boards that have health monitoring;
*) winbox - show firmware upgrade message at the bottom of "System/RouterBOARD" menu;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;

Download the new 'RouterOS 6.43rc29' version here: https://www.mikrotik.com/download

]]>
Release candidateFri, 15 Jun 2018 12:43:06 +03006ed7e37522db7f4ba60118b0d3ee56b6
RouterOS 6.43rc27 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.43rc27 changelog:

MAJOR CHANGES IN v6.43:
----------------------
!) api - changed authentication process (https://wiki.mikrotik.com/wiki/Manual:API#Initial_login);
!) backup - do not encrypt backup file unless password is provided;
!) btest - requires at least v6.43 Bandwidth Test client when connecting to v6.43 or later version server except when authentication is not required;
!) cloud - reworked "/ip cloud ddns-enabled" implementation (suggested to disable service and re-enable after installation process);
!) mac-telnet - require at least v6.43 MAC Telnet client when connecting to v6.43 or later version server;
!) radius - use MS-CHAPv2 for "login" service authentication;
!) romon - require at least v6.43 RoMON agent when connecting to v6.43 or later RoMON client device;
!) webfig - improved authentication process;
!) winbox - improved authentication process excluding man-in-the-middle possibility (Winbox v3.14 required);
----------------------

Changes in this release:

*) dhcpv4-client - fixed DHCP client that was stuck on invalid state;
*) dhcpv4-server - fixed DHCP server that was stuck on invalid state;
*) health - changed "PSU-Voltage" to "PSU-State" for CRS328-4C-20S-4S+;
*) health - fixed incorrect PSU index for CRS328-4C-20S-4S+;
*) ike1 - purge both SAs when timer expires;
*) ipsec - use monotonic timer for SA lifetime check;
*) led - added "dark-mode" functionality for hEX S devices;
*) lte - added additional ID support for SIM7600 modem;
*) lte - added support for Quanta 1k6e modem;
*) lte - improved r11e-LTE and r11e-LTE-US dialling process;
*) lte - improved readings of info command results for the SXT LTE;
*) lte - improved stability of USB LTE interface detection process;
*) ntp - allow to specify link-local address for NTP server;
*) ppp - added support for additional ID for E3531 modem;
*) snmp - added remote CAP count OID for CAPsMAN;
*) snmp - fixed readings for CAPsMAN slave interfaces;
*) usb - fixed power-reset for hAP ac^2 devices;
*) usb - properly detect USB 3.0 flash on RBM33G when jumper is removed;
*) userman - improved unique username generation process when adding batch of users;
*) w60g - added distance measurement (CLI only);
*) w60g - improved link stability;
*) w60g - improved maximum link distance;
*) wireless - improved Nv2 reliability on ARM devices;

Other changes since v6.42.3:

*) backup - generate proper file name when router identity is longer than 32 symbols;
*) bridge - add dynamic CAP interface to tagged ports if "vlan-mode=use-tag" is enabled;
*) bridge - added ingress filtering options to bridge interface;
*) bridge - added initial Q-in-Q support;
*) bridge - allow to make changes for bridge port when it is interface list;
*) bridge - fixed bridge hw-offloading on MMIPS devices (introduced in v6.43rc10);
*) bridge - fixed dynamic VLAN table entries when using ingress filtering;
*) bridge - fixed FastPath for bridge master interfaces (introduced in v6.42);
*) capsman - allow to change "radio-name" (CLI only);
*) capsman - increase timeout for the CAP to CAPsMAN communication;
*) certificate - added "expires-after" parameter;
*) certificate - fixed "add-scep" template existence check when signing certificate;
*) chr - added checksum offload support for Hyper-V installations;
*) chr - added large send offload support for Hyper-V installations;
*) chr - added multiqueue support on Xen installations;
*) chr - added support for multiqueue feature on "virtio-net";
*) chr - added virtual Receive Side Scaling support for Hyper-V installations;
*) chr - by default enable link state tracking for virtual drivers with "/interface ethernet disable-running-check=no";
*) chr - do not show IRQ entries from removed devices;
*) chr - fixed adding MSTI entries;
*) chr - fixed boot on hosts older than Windows Server 2012 when running CHR on Hyper-V;
*) chr - fixed interface name assign process when running CHR on Hyper-V;
*) chr - fixed MTU changing process when running CHR on Hyper-V;
*) chr - fixed NIC hotplug for "virtio-net";
*) chr - fixed various network hang scenarios when running CHR on Hyper-V;
*) chr - improved boot time for Hyper-V installations;
*) chr - provide part of network interface GUID at the beginning of "bindstr2" value when running CHR on Hyper-V;
*) console - fixed script permissions if script is executed by other RouterOS service;
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only);
*) crs3xx - fixed ACL rate rules (introduced in v6.41rc27);
*) crs3xx - fixed packet forwarding on SFP+ interfaces (introduced in v6.43rc11);
*) crs3xx - fixed VLAN filtering when there is no tagged interface specified;
*) defconf - fixed missing bridge ports after configuration reset;
*) dhcp - added dynamic IPv4/IPv6 "dual-stack" simple queue support, based on client's MAC address;
*) dhcp - fixed DHCP server stuck in invalid state;
*) dhcpv4-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv4-server - do not allow override lease "always-broadcast" value based on offer type;
*) dhcpv4-server - fixed DHCP server functionality (introduced in v6.43rc);
*) dhcpv4-server - improved performance when "rate-limit" and/or "address-list" setting is present;
*) dhcpv6-client - added missing "Server identifier" parameter in release message;
*) dhcpv6-server - added "allow-dual-stack-queue" implementation (CLI only);
*) dhcpv6-server - added initial dynamic simple queue support;
*) filesystem - improved software crash handling on devices with FLASH type memory;
*) interface - improved reliability on dynamic interface handling;
*) ipsec - added "responder" parameter for "mode-config" to allow multiple initiator configurations;
*) ipsec - added "src-address-list" parameter for "mode-config" that generates dynamic "src-nat" rule (CLI only);
*) ipsec - added warning messages for incorrect peer configuration;
*) ipsec - do not allow removal of "proposal" and "mode-config" entries that are in use;
*) ipsec - improved reliability on generated policy addition when IKEv1 or IKEv2 used;
*) ipsec - install all DNS server addresses provided by "mode-config" server;
*) ipsec - separate phase1 proposal configuration from peer menu;
*) kidcontrol - added dynamic accept firewall rules in order to allow limit bandwidth when FastTrack is enabled;
*) kidcontrol - allow to edit discovered devices;
*) kidcontrol - fixed dynamically created firewall rules order;
*) led - fixed CCR1016-12S-1S+ LED behaviour after Netinstall (introduced in v6.41rc58);
*) led - improved w60g alignment trigger;
*) log - show interface name on OSPF "different MTU" info log messages;
*) lte - added extended LTE signal info for SIM7600 modules;
*) lte - added extended signal information for Quectel LTE EC25 and EP06 modem;
*) lte - added ICCID reading for info command R11e-LTE and R11e-LTE-US (CLI only);
*) lte - added roaming status reading for info command (CLI only);
*) lte - added support for Novatel USB730LN modem with new ID;
*) lte - allow to execute concurrent internal AT commands;
*) lte - allow to use multiple PLS modems at the same time;
*) lte - do not allow to remove default APN profile;
*) lte - do not allow to send "at-chat" commands for configless modems;
*) lte - expose GPS channel for PLS modems;
*) lte - fixed SIM7600 registration info;
*) lte - improved modem event processing;
*) lte - improved r11e-LTE configuration exchange process;
*) lte - improved reading of SMS message after entering running state;
*) lte - renamed LTE scan tool field "scan-code" to "mcc-mnc" (CLI only);
*) lte - use "/32" address for the Passthrough feature when R11e-LTE module is used;
*) lte - use alphanumeric operator format in info command;
*) ppp - fixed "hunged up" grammar to "hung up" within PPP log messages;
*) ppp - show comments from "/ppp secrets" menu within "/ppp active" menu when client is connected;
*) quickset - added missing wireless "channel-width" settings;
*) quickset - added support for "5ghz-a/n" band when CPE mode is used;
*) quickset - recognize 160 MHz channel as HomeAP mode;
*) romon - fixed RoMON services becoming unavailable after disabled once during active scanning process;
*) routerboard - allow to fill up to half of the RAM memory with files on devices with FLASH storage;
*) routerboard - fixed "protected-routerboot" feature (introduced in v6.42);
*) smb - fixed valid request handling when additional options are used;
*) snmp - added "rssi" and "tx-sector-info" value support for w60g type interfaces;
*) ssh - disconnect all active connections when router gets rebooted or turned off;
*) supout - added "partitions" section to supout file;
*) switch - added support for port isolation by switch chip;
*) tr069-client - fixed setting of "DeviceInfo.ProvisioningCode" parameter;
*) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades);
*) vrrp - improved reliability on VRRP interface configured as a bridge port when "use-ip-firewall" is enabled;
*) w60g - added 4th 802.11ad channel (CLI only);
*) w60g - general stability and performance improvements;
*) w60g - improved maximal achievable distance;
*) w60g - removed distance lock for wAP 60G devices;
*) webfig - properly display time interval within Kid Control menu;
*) webfig - properly show NTP clients "last-adjustment" value;
*) winbox - added "poe-fault" LED trigger;
*) winbox - added "secondary-channel" setting to wireless interface if 80 MHz mode is selected;
*) winbox - added bridge Fast Forward statistics counters;
*) winbox - added missing "dscp" and "clamp-tcp-mss" settings to IPv6 tunnels;
*) winbox - allow to specify full URL in SCEP certificate signing process;
*) winbox - by default specify keepalive timeout value for tunnel type interfaces;
*) winbox - fixed arrow key handling within table filter fields;
*) winbox - fixed bridge port MAC learning parameter values;
*) winbox - properly close session when uploading multiple files to the router at the same time;
*) winbox - removed duplicate "20/40/80MHz" value from "channel-width" setting options;
*) winbox - show "scep-url" for certificates;
*) winbox - show "Switch" menu on hAP ac^2 devices;
*) winbox - show "System/Health" only on boards that have health monitoring;
*) winbox - show firmware upgrade message at the bottom of "System/RouterBOARD" menu;
*) winbox - show HT MCS tab when "5ghz-n/ac" band is used;
*) wireless - added option for RADIUS "called-station-id" format selection;
*) wireless - do not disconnect clients when WDS master connects with MAC address "00:00:00:00:00:00";
*) wireless - fixed wireless interface lockup after period of inactivity;
*) wireless - improved Nv2 stability for 802.11n interfaces on RB953, hAP ac and wAP ac devices;
*) wireless - updated "germany 5.8 ap" and "germany 5.8 fixed p-p" regulatory domain information;

Download the new 'RouterOS 6.43rc27' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 12 Jun 2018 15:22:11 +030028ce38b5ecf464064dfd0a73284d8032