en-usMikroTik Downloadhttps://www.mikrotik.comCopyright 2017, Mikrotikls LtdMikroTik Rss60Feed for newest RouterOS updates.RouterOS 6.41rc52 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc52 changelog:

*) discovery - use "/interface list" instead of interface name under neighbor discovery settings;
*) hotspot - fixed Walled Garden IP functionality when address-list is used;
*) ovpn-server - do not periodically change automatically generated server MAC address;
*) poe - added new "poe-out" status "controller-error";
*) poe - fixed false positive excessive logs in auto-on mode when connected to 100 Mbps device powered from another power source;
*) poe - log PoE status related messages under debug topic;
*) ppp - do not disconnect PPP connection after "idle-timeout" even if traffic is being processed;
*) quickset - added support for "/interface list" in firewall, neighbor discovery, MAC-Telnet and MAC-Winbox;
*) quickset - fixed situation when Quickset automatically changes mode to CPE;
*) w60g - general work on PtMP implementation for 60 GHz connections;
*) wireless - added "indonesia3" regulatory domain information;
*) wireless - added passive scan functionality (CLI only);

Other changes since 6.40.5:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) detnet - implemented "/interface detect-internet" feature;
https://wiki.mikrotik.com/wiki/Manual:Detect_internet
!) routerboot - RouterBOOT version numbering system merged with RouterOS;
*) arm - minor improvements on CPU load distribution for RB1100 series devices;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bgp - added 32-bit private ASN support;
*) bridge - added comment support for VLANs (CLI only);
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - added support for "/interface list" as a bridge port;
*) bridge - assume "point-to-point=yes" for all Full Duplex Ethernet interfaces when STP is used (as per standard);
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - set "igmp-snooping=no" by default on new bridges;
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) console - removed "/setup";
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added ingress/egress rate input limits;
*) crs3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcp-client - limited DHCP client "default-route-distance" minimal value to 1;
*) dhcp-server - added "option-set" argument (CLI only);
*) dhcpv4-client - add dynamic DHCP client for mobile clients which require it;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) ethernet - removed "master-port" parameter;
*) export - fixed interface list export;
*) fetch - accept all HTTP 2xx status codes;
*) health - fixed bogus voltage readings on CCR1009;
*) ike1 - fixed crash on xauth if user does not exist;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - fixed initiator DDoS cookie processing;
*) ike2 - fixed responder DDoS cookie first notify type check;
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added default "/interface list" "dynamic" which contains dynamic interfaces;
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2;
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - fixed incorrect esp proposal key size usage;
*) ipsec - fixed policy enable/disable;
*) ipsec - improved reliability on certificate usage;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipsec - skip invalid policies for phase2;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) l2tp - improved reliability on packet processing in FastPath;
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) log - added "bridge" topic;
*) log - fixed interface name in log messages;
*) log - optimized "poe-out" logging topic logs;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration);
*) lte - added Passthrough support (CLI only);
*) lte - added Passthrough support;
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - added Yota non-configurable modem support;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - fixed error when trying to add APN profile without name;
*) lte - fixed rare crash when initializing LTE modem after reset;
*) lte - fixed user authentication for R11e-LTE when new firmware is used;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - limited minimal default route distance to 1;
*) m11g - improved ethernet performance on high load;
*) mac-server - use "/interface list" instead of interface name under MAC server settings;
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) neighbor - show neighbors on actual bridge port instead of bridge itself
*) netinstall - fixed missing "/flash/etc" on first bootup;
*) netinstall - fixed missing default configuration prompt on first startup after reset/netinstall;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) quickset - renamed router IP static DNS name to "router.lan";
*) radius - limited RADIUS timeout maximum value to 3 seconds;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sms - fixed minor problem for SMS delivery;
*) snmp - fixed "ifHighSpeed" value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) snmp - show only available OIDs under "/system health print oid";
*) ssh - do not use DH group1 with strong-crypto enabled;
*) ssh - enforced 2048bit DH group on tile and x86 architectures;
*) tile - improved hardware encryption processes;
*) traceroute - improved "/tool traceroute" results processing;
*) upnp - add "src-address" parameter on NAT rule if it is specified on UPnP request;
*) upnp - deny UPnP request if port is already used by the router;
*) ups - fixed duplicate "failed" UPS logs;
*) webfig - added favicon file;
*) webfig - fixed terminal graphic user interface under Safari browser;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - added support for "_" symbol in terminal window;
*) winbox - do not show duplicate "Switch" menus for CRS326;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - do not show unnecessary tabs from "Switch" menu;
*) winbox - fixed "/certificate sign" process;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries;
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - log "signal-strength" when successfully connected to AP;
*) wireless - new driver with initial support for 160 and 80+80 MHz channel width;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated "united kingdom" regulatory domain information;

Download the new 'RouterOS 6.41rc52' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 07 Nov 2017 15:14:47 +020040a6e153c90f41d72a7889ef7e685b9e
RouterOS 6.40.5 [Current]https://www.mikrotik.com/download/changelogs/current

6.40.5 changelog:

*) certificate - fixed import of certificates with empty SKID;
*) crs3xx - fixed 100% CPU usage after interface related changes;
*) firewall - do not NAT address to 0.0.0.0 after reboot if to-address is used but not specified;
*) ike1 - fixed crash after downgrade if DH groups 19,20,21 were used for phase1;
*) ike1 - fixed RSA authentication for Windows clients behind NAT;
*) ipsec - fixed lost value for "remote-certificate" parameter after disable/enable;
*) ipv6 - fixed IPv6 addresses constructed from prefix and static address entry;
*) log - properly recognize MikroTik specific RADIUS attributes;
*) lte - do not reset modem when it is not possible to access SMS storage;
*) lte - fixed modem initialization after reboot;
*) lte - fixed PIN option after setting up the band;
*) sms - include time stamps in SMS delivery reports;
*) sms - properly initialize SMS storage;
*) snmp - fixed "/system license" parameters for CHR;
*) winbox - allow shorten bytes to k,M,G in Hotspot user limits;
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;

Download the new 'RouterOS 6.40.5' version here: https://www.mikrotik.com/download

]]>
CurrentTue, 07 Nov 2017 10:58:46 +0200f4e2dee1f0155d5e7030b0a111a5169c
RouterOS 6.41rc50 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc50 changelog:

*) bridge - set "igmp-snooping=no" by default on new bridges;
*) crs3xx - added ingress/egress rate input limits;
*) dhcp-client - limited DHCP client "default-route-distance" minimal value to 1;
*) dhcp-server - added "option-set" argument (CLI only);
*) discovery - use "/interface list" instead of interface name under neighbor discovery settings;
*) health - fixed bogus voltage readings on CCR1009;
*) ike1 - fixed crash after downgrade if DH groups 19,20,21 were used for phase1;
*) ike1 - fixed crash on xauth if user does not exist;
*) ipv6 - fixed IPv6 addresses constructed from prefix and static address entry;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration);
*) lte - added Passthrough support;
*) lte - fixed user authentication for R11e-LTE when new firmware is used;
*) m11g - improved ethernet performance on high load;
*) netinstall - fixed missing "/flash/etc" on first bootup;
*) quickset - renamed router IP static DNS name to "router.lan";
*) radius - limited RADIUS timeout maximum value to 3 seconds;
*) sms - fixed minor problem for SMS delivery;
*) webfig - added favicon file;
*) webfig - fixed terminal graphic user interface under Safari browser;
*) winbox - do not show unnecessary tabs from "Switch" menu;
*) wireless - new driver with initial support for 160 and 80+80 MHz channel width;

Other changes since 6.40.4:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) routerboot - RouterBOOT version numbering system merged with RouterOS;
*) arm - minor improvements on CPU load distribution for RB1100 series devices;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bgp - added 32-bit private ASN support;
*) bridge - added comment support for VLANs (CLI only);
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - added support for "/interface list" as a bridge port;
*) bridge - assume "point-to-point=yes" for all Full Duplex Ethernet interfaces when STP is used (as per standard);
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) console - removed "/setup";
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - add dynamic DHCP client for mobile clients which require it;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) ethernet - removed "master-port" parameter;
*) export - fixed interface list export;
*) fetch - accept all HTTP 2xx status codes;
*) firewall - do not NAT address to 0.0.0.0 after reboot if to-address is used but not specified;
*) ike1 - fixed RSA authentication for Windows clients behind NAT;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - fixed initiator DDoS cookie processing;
*) ike2 - fixed responder DDoS cookie first notify type check;
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added default "/interface list" "dynamic" which contains dynamic interfaces;
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2;
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - fixed incorrect esp proposal key size usage;
*) ipsec - fixed lost value for "remote-certificate" parameter after disable/enable;
*) ipsec - fixed policy enable/disable;
*) ipsec - improved reliability on certificate usage;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipsec - skip invalid policies for phase2;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) l2tp - improved reliability on packet processing in FastPath;
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) log - added "bridge" topic;
*) log - fixed interface name in log messages;
*) log - optimized "poe-out" logging topic logs;
*) log - properly recognize MikroTik specific RADIUS attributes;
*) lte - added Passthrough support (CLI only);
*) lte - added Yota non-configurable modem support;
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - do not reset modem when it is not possible to access SMS storage;
*) lte - fixed PIN option after setting up the band;
*) lte - fixed error when trying to add APN profile without name;
*) lte - fixed modem initialization after reboot;
*) lte - fixed rare crash when initializing LTE modem after reset;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - limited minimal default route distance to 1;
*) mac-server - use "/interface list" instead of interface name under MAC server settings;
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) neighbor - show neighbors on actual bridge port instead of bridge itself
*) netinstall - fixed missing default configuration prompt on first startup after reset/netinstall;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sms - include timestamps in SMS delivery reports;
*) sms - properly initialize SMS storage;
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed "ifHighSpeed" value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) snmp - show only available OIDs under "/system health print oid";
*) ssh - do not use DH group1 with strong-crypto enabled;
*) ssh - enforced 2048bit DH group on tile and x86 architectures;
*) tile - improved hardware encryption processes;
*) traceroute - improved "/tool traceroute" results processing;
*) upnp - add "src-address" parameter on NAT rule if it is specified on UPnP request;
*) upnp - deny UPnP request if port is already used by the router;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - added support for "_" symbol in terminal window;
*) winbox - allow shorten bytes to k,M,G in Hotspot user limits;
*) winbox - do not show duplicate "Switch" menus for CRS326;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed "/certificate sign" process;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries;
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - log "signal-strength" when successfully connected to AP;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated "united kingdom" regulatory domain information;

Download the new 'RouterOS 6.41rc50' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 01 Nov 2017 15:01:08 +0200bf03ce4d6d01b16bedc4977763561da1
RouterOS 6.41rc47 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc47 changelog:

*) bridge - assume "point-to-point=yes" for all Full Duplex Ethernet interfaces when STP is used (as per standard);
*) console - removed "/setup";
*) crs3xx - added ingress/egress rate input limits;
*) discovery - use "/interface list" instead of interface name under neighbour discovery settings;
*) ethernet - fixed missing "sfp-tx-power" option (introduced in v6.41rc14);
*) ipsec - fixed incorrect esp proposal key size usage;
*) lte - temporarily disabled user authentication using user/password PAP/CHAP support for R11e-LTE (introduced in v6.41rc44);
*) lte - fixed PIN option after setting up the band;
*) lte - fixed error when trying to add APN profile without name;
*) lte - fixed rare crash when initializing LTE modem after reset;
*) netinstall - fixed missing default configuration prompt on first startup after reset/netinstall;
*) ssh - do not use DH group1 with strong-crypto enabled;
*) ssh - enforced 2048bit DH group on tile and x86 architectures;
*) winbox - added support for "_" symbol in terminal window;

Other changes since 6.40.4:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
*) arm - minor improvements on CPU load distribution for RB1100 series devices;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bgp - added 32-bit private ASN support;
*) bridge - added comment support for VLANs (CLI only);
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - added support for "/interface list" as a bridge port;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) crs3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - add dynamic DHCP client for mobile clients which require it;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) ethernet - removed "master-port" parameter;
*) export - fixed interface list export;
*) fetch - accept all HTTP 2xx status codes;
*) firewall - do not NAT address to 0.0.0.0 after reboot if to-address is used but not specified;
*) ike1 - fixed RSA authentication for Windows clients behind NAT;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - fixed initiator DDoS cookie processing;
*) ike2 - fixed responder DDoS cookie first notify type check;
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added default "/interface list" "dynamic" which contains dynamic interfaces;
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2;
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - fixed lost value for "remote-certificate" parameter after disable/enable;
*) ipsec - fixed policy enable/disable;
*) ipsec - improved reliability on certificate usage;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipsec - skip invalid policies for phase2;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) l2tp - improved reliability on packet processing in FastPath;
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) log - added "bridge" topic;
*) log - fixed interface name in log messages;
*) log - optimized "poe-out" logging topic logs;
*) log - properly recognize MikroTik specific RADIUS attributes;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration);
*) lte - added Passthrough support (CLI only);
*) lte - added Yota non-configurable modem support;
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - do not reset modem when it is not possible to access SMS storage;
*) lte - fixed modem initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - limited minimal default route distance to 1;
*) mac-server - use "/interface list" instead of interface name under MAC server settings;
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) neighbor - show neighbors on actual bridge port instead of bridge itself
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sms - include timestamps in SMS delivery reports;
*) sms - properly initialize SMS storage;
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed "ifHighSpeed" value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) snmp - show only available OIDs under "/system health print oid";
*) tile - improved hardware encryption processes;
*) traceroute - improved "/tool traceroute" results processing;
*) upnp - add "src-address" parameter on NAT rule if it is specified on UPnP request;
*) upnp - deny UPnP request if port is already used by the router;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - allow shorten bytes to k,M,G in Hotspot user limits;
*) winbox - do not show duplicate "Switch" menus for CRS326;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed "/certificate sign" process;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries;
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - log "signal-strength" when successfully connected to AP;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated "united kingdom" regulatory domain information;

Download the new 'RouterOS 6.41rc47' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 18 Oct 2017 15:45:42 +030042cc4d2305b48d1a8ac9962c79d2397a
RouterOS 6.39.3 [Bugfix only]https://www.mikrotik.com/download/changelogs/bugfix

6.39.3 changelog:

*) arp - properly update dynamic ARP entries after interface related changes;
*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) bonding - improved reliability on bonding interface removal;
*) console - fixed different command auto complete;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added L2MTU support;
*) crs3xx - improved packet processing in slowpath;
*) dhcp - fixed downgrade from RouterOS v6.41 or higher;
*) dhcpv4-server - fixed lease renew for DHCP clients that sends renewal with "ciaddr = 0.0.0.0";
*) dhcpv6-client - do not run DHCPv6 client when IPv6 package is disabled;
*) dhcpv6-client - fixed IA evaluation order;
*) dhcpv6-client - require pool name to be unique;
*) dhcpv6-server - do not release address of static binding from pool after server removal;
*) discovery - fixed timeouts for LLDP neighbours;
*) ethernet - fixed occasional broken interface order after reset/first boot;
*) ethernet - fixed rare linking problem with forced 10Mbps full-duplex mode;
*) export - fixed export for PoE-OUT related settings;
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) fasttrack - fixed fasttrack over interfaces with dynamic MAC address;
*) firewall - fixed bridge "action=log" rules;
*) firewall - fixed crash on fasttrack dummy rule manual change attempt;
*) firewall - properly remove "address-list" entry after timeout ends;
*) firewall - removed unique address list name limit;
*) hAP ac lite - removed nonexistent "wlan-led";
*) hotspot - improved user statistics collection process;
*) hotspot - require "dns-name" to contain "." symbol under Hotspot Server Profile configuration;
*) ike1 - fixed initiator ID comparison to NAT-OA;
*) interface - improved interface state change handling when multiple interfaces are affected at the same time;
*) ipsec - do not deduct "dst-address" from "sa-dst-address" for "/0" policies;
*) ipv6 - fixed IPv6 address request from pool;
*) metarouter - fixed display of bogus error message on startup;
*) ntp-client - properly start NTP client after reboot if manual server IP is not configured;
*) ovpn - added support for "push-continuation";
*) ovpn - added support for topology subnet for IP mode;
*) ovpn - fixed duplicate default gateway presence when receiving extra routes;
*) ovpn - improved performance when receiving too many options;
*) ping - fixed ping getting stuck (after several thousands of ping attempts);
*) ppp - fixed non-standart PAP or CHAP packet handling;
*) pppoe-client - fixed incorrectly formed PADT packet;
*) pppoe-client - fixed wrong MRU detection over VLAN interfaces;
*) proxy - fixed rare program crash after closing client connection;
*) quickset - fixed incorrect VPN address value on arm and tilera;
*) rb1100ahx4 - fixed HW acceleration fragmented packet decryption when fragment is smaller than 64 bytes;
*) rb1100ahx4 - fixed startup problems (requires additional reboot after upgrade);
*) rb2011 - fixed possible LCD blinking along with ethernet LED;
*) rb3011 - fixed packet passthrough on switch2 while booting;
*) rb922 - restored missing wireless interface on some boards;
*) safe-mode - fixed session handling when Safe Mode is used on multiple sessions at the same time;
*) sfp - fixed invalid temperature readings when ambient temperature is below 0C;
*) sfp - fixed OPTON module DDM information readings;
*) sfp - fixed temperature readings for various SFP modules;
*) sniffer - do not skip L2 packets when "all" interface mode was used;
*) snmp - fixed "/caps-man registration-table" uptime values;
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed "/system resource cpu print oid";
*) snmp - fixed crash on interface table get;
*) ssh - do not execute command if it starts with "-" symbol;
*) supout - fixed IPv6 firewall section;
*) switch - fixed multicast forwarding on CRS326;
*) tile - fixed copying large amount of text over serial console;
*) tile - improved reliability on MPLS package processing;
*) traffic-flow - fixed reboots when IPv6 address has been set as target address without active IPv6 package;
*) trafficgen - fixed "lost-ratio" showing incorrect statistics after multiple sequences;
*) userman - do not send disconnect request for user when "simultaneous session limit reached";
*) userman - fixed "limitation" and "profile-limitation" update;
*) userman - fixed CoA packet processing after changes in "/tool user-manager router" configuration;
*) userman - lookup language files also in "/flash" directory;
*) vlan - do not allow VLAN MTU to be higher than L2MTU;
*) vlan - do not delete existing VLAN interface on "failure: already have such vlan";
*) webfig - allow to unset "rate-limit" for DHCP leases;
*) webfig - fixed wireless "scan-list" parameter not being saved after applying changes;
*) webfig - improved reliability of login process;
*) winbox - added possibility to define "comment" for "/routing bgp network" entries;
*) winbox - added support for certificate CRL list;
*) winbox - do not show LCD menu for devices which does not have it;
*) winbox - fixed ARP table update after entry changes state to incomplete;
*) winbox - hide "level" and "tunnel" parameters for IPSec policy templates;
*) winbox - hide FAN speed if it is 0RPM;
*) winbox - make IPSec policies table an ordered list;
*) winbox - properly show "dhcp-server" warnings;
*) winbox - show "/interface wireless cap print" warnings;
*) winbox - show "/system health" only on boards that have health monitoring;
*) winbox - show "D" flag under "/interface mesh port" menu;
*) wireless - added "etsi1" and "russia3" regulatory domain information;
*) wireless - fixed compatibility with "AR5212" wireless chips;
*) wireless - improved WPA2 key exchange reliability;
*) wireless - updated "china", "norway" and "new-zealand" regulatory domain information;

Download the new 'RouterOS 6.39.3' version here: https://www.mikrotik.com/download

]]>
Bugfix onlyMon, 16 Oct 2017 08:57:36 +0300078b76e97c20c8d05b90653b93282119
RouterOS 6.41rc44 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc44 changelog:

*) bridge - added comment support for VLANs;
*) bridge - added support for "/interface list" as a bridge port;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs3xx - fixed 100% CPU usage after interface related changes (introduced in v6.41rc31);
*) dhcpv4-client - add dynamic DHCP client for mobile clients which require it;
*) fetch - accept all HTTP 2xx status codes;
*) firewall - do not NAT address to 0.0.0.0 after reboot if to-address is used but not specified;
*) ike1 - fixed RSA authentication for Windows clients behind NAT;
*) interface - added default "/interface list" "dynamic" which contains dynamic interfaces;
*) interface - added option to join and exclude "/interface list" from one and another;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2;
*) ipsec - fixed lost value for "remote-certificate" parameter after disable/enable;
*) ipsec - fixed policy enable/disable;
*) ipsec - improved reliability on certificate usage;
*) ipsec - skip invalid policies for phase2;
*) l2tp - improved reliability on packet processing in FastPath;
*) log - fixed interface name in log messages;
*) log - properly recognize MikroTik specific RADIUS attributes;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration);
*) lte - added Passthrough support (CLI only);
*) lte - fixed modem initialization after reboot;
*) lte - limited minimal default route distance to 1;
*) mac-server - use "/interface list" instead of interface name under MAC server settings;
*) neighbor - show neighbors on actual bridge port instead of bridge itself
*) sms - include timestamps in SMS delivery reports;
*) sms - properly initialize SMS storage;
*) snmp - show only available OIDs under "/system health print oid";
*) winbox - allow shorten bytes to k,M,G in Hotspot user limits;
*) winbox - do not show duplicate "Switch" menus for CRS326;
*) winbox - fixed "/certificate sign" process;
*) wireless - added "allow-signal-out-off-range" option for Access List entries;

Other changes since 6.40.4:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) arm - minor improvements on CPU load distribution for RB1100 series devices;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bgp - added 32-bit private ASN support;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) ethernet - removed "master-port" parameter;
*) export - fixed interface list export;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - fixed initiator DDoS cookie processing;
*) ike2 - fixed responder DDoS cookie first notify type check;
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added "bridge" topic;
*) log - optimized "poe-out" logging topic logs;
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - added Yota non-configurable modem support;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - do not reset modem when it is not possible to access SMS storage;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) ppp - fixed serial port loading (introduced in v6.41rc);
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed "ifHighSpeed" value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved hardware encryption processes;
*) traceroute - improved "/tool traceroute" results processing;
*) upnp - add "src-address" parameter on NAT rule if it is specified on UPnP request;
*) upnp - deny UPnP request if port is already used by the router;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - log "signal-strength" when successfully connected to AP;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated "united kingdom" regulatory domain information;

Download the new 'RouterOS 6.41rc44' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 11 Oct 2017 12:34:21 +030098a46767dcc44ecc19f55b08db67f339
RouterOS 6.41rc38 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc38 changelog:

*) arm - minor improvements on CPU load distribution for RB1100 series devices;
*) bgp - added 32-bit private ASN support;
*) lte - added Passthrough support (CLI only);
*) snmp - fixed "/system license" parameters for CHR;
*) upnp - add "src-address" parameter on NAT rule if it is specified on UPnP request;
*) upnp - deny UPnP request if port is already used by the router;

Other changes since 6.40.4:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - initial support for "/interface list" as a bridge port (CLI only);
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) ethernet - removed "master-port" parameter;
*) export - fixed interface list export;
*) fetch - accept all HTTP 2xx status codes;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - fixed initiator DDoS cookie processing;
*) ike2 - fixed responder DDoS cookie first notify type check;
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added "bridge" topic;
*) log - fixed "unknown" interface name in log messages;
*) log - optimized "poe-out" logging topic logs;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - added Yota non-configurable modem support;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - do not reset modem when it is not possible to access SMS storage;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) ppp - fixed serial port loading (introduced in v6.41rc);
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed "ifHighSpeed" value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved hardware encryption processes;
*) traceroute - improved "/tool traceroute" results processing;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries (CLI only);
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - log "signal-strength" when successfully connected to AP;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated "united kingdom" regulatory domain information;

Download the new 'RouterOS 6.41rc38' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 03 Oct 2017 15:53:40 +0300e5921deec64f9a5ce8eab35f2df43e09
RouterOS 6.40.4 [Current]https://www.mikrotik.com/download/changelogs/current

6.40.4 changelog:

*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - properly update dynamic ARP entries after interface related changes;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added L2MTU support;
*) crs3xx - improved packet processing in slowpath;
*) defconf - fixed RouterOS default configuration (introduced in v6.40.3);
*) dhcp - fixed downgrade from RouterOS v6.41 or higher;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipv6 - fixed IPv6 address request from pool;
*) lte - fixed modem initialization after reboot;
*) ntp-client - properly start NTP client after reboot if manual server IP is not configured;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed OPTON module DDM information readings;
*) sfp - fixed temperature readings for various SFP modules;
*) snmp - fixed "/caps-man registration-table" uptime values;
*) snmp - fixed "/system license" parameters for CHR;
*) tile - improved reliability on MPLS package processing;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) vlan - do not allow VLAN MTU to be higher than L2MTU;
*) webfig - improved reliability of login process;
*) wireless - added "etsi1" regulatory domain information;
*) wireless - improved WPA2 key exchange reliability;
*) wireless - updated "norway" regulatory domain information;

Download the new 'RouterOS 6.40.4' version here: https://www.mikrotik.com/download

]]>
CurrentTue, 03 Oct 2017 14:36:12 +030031e127af1a63368a63392d5bff1945e1
RouterOS 6.41rc37 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc37 changelog:

*) bridge - initial support for "/interface list" as a bridge port (CLI only);
*) fetch - accept all HTTP 2xx status codes;
*) ike2 - fixed initiator DDoS cookie processing;
*) ike2 - fixed responder DDoS cookie first notify type check;
*) lte - fixed modem initialization after reboot;
*) ntp-client - properly start NTP client after reboot if manual server IP is not configured;
*) sfp - fixed OPTON module DDM information readings;
*) wireless - added "etsi1" regulatory domain information;
*) wireless - improved WPA2 key exchange reliability;
*) wireless - updated "norway" regulatory domain information;

Other changes since 6.40.3:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs317 - added L2MTU support;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) crs3xx - improved packet processing in slowpath;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) defconf - fixed RouterOS default configuration (introduced in v6.40.3);
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) ethernet - removed "master-port" parameter;
*) export - fixed interface list export;
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added "bridge" topic;
*) log - fixed "unknown" interface name in log messages;
*) log - optimized "poe-out" logging topic logs;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added Passthrough support (CLI only);
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - added Yota non-configurable modem support;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - do not reset modem when it is not possible to access SMS storage;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) ppp - fixed serial port loading (introduced in v6.41rc);
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sfp - fixed temperature readings for various SFP modules;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed "ifHighSpeed" value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) snmp - fixed "/caps-man registration-table" uptime values;
*) tile - improved reliability on MPLS package processing;
*) tile - improved hardware encryption processes;
*) traceroute - improved "/tool traceroute" results processing;
*) ups - fixed duplicate "failed" UPS logs;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) vlan - do not allow VLAN MTU to be higher than L2MTU;
*) webfig - improved reliability of login process;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries (CLI only);
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - log "signal-strength" when successfully connected to AP;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated "united kingdom" regulatory domain information;

Download the new 'RouterOS 6.41rc37' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 02 Oct 2017 10:20:14 +0300a3c1144aaa5892e93b4521c98409866e
RouterOS 6.41rc34 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc34 changelog:

*) crs3xx - improved packet processing in slowpath;
*) defconf - fixed RouterOS default configuration (introduced in v6.40.3);
*) ethernet - removed "master-port" parameter;
*) log - fixed "unknown" interface name in log messages;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - do not reset modem when it is not possible to access SMS storage;
*) snmp - fixed "ifHighSpeed" value of VLAN, VRRP and Bonding interfaces;
*) snmp - fixed "/caps-man registration-table" uptime values;
*) tile - improved hardware encryption processes;
*) vlan - do not allow VLAN MTU to be higher than L2MTU;
*) wireless - fixed rate selection process when "rate-set=configured" and NV2 protocol is used;

Other changes since 6.40.3:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs317 - added L2MTU support;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) export - fixed interface list export;
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added "bridge" topic;
*) log - optimized "poe-out" logging topic logs;
*) lte - added Passthrough support (CLI only);
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - added Yota non-configurable modem support;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - fixed mode initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) ppp - fixed serial port loading (introduced in v6.41rc);
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sfp - fixed temperature readings for various SFP modules;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) traceroute - improved "/tool traceroute" results processing;
*) ups - fixed duplicate "failed" UPS logs;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) webfig - improved reliability of login process;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries (CLI only);
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - log "signal-strength" when successfully connected to AP;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Download the new 'RouterOS 6.41rc34' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 27 Sep 2017 14:23:58 +0300d9145288f4358588f91eb2ced08e5154
RouterOS 6.41rc32 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc32 changelog:

*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - implemented software based "igmp-snooping";
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) traceroute - improved "/tool traceroute" results processing;
*) wireless - log "signal-strength" when successfully connected to AP;

Other changes since 6.40.3:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - removed "master-port" parameter;
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) crs317 - added L2MTU support;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) export - fixed interface list export;
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added "bridge" topic;
*) log - optimized "poe-out" logging topic logs;
*) lte - added Passthrough support (CLI only);
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - added Yota non-configurable modem support;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) lte - fixed mode initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) ppp - fixed serial port loading (introduced in v6.41rc);
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sfp - fixed temperature readings for various SFP modules;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed "/system license" parameters for CHR;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) ups - fixed duplicate "failed" UPS logs;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) webfig - improved reliability of login process;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries (CLI only);
*) wireless - improved reliability on "rx-rate" selection process;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Download the new 'RouterOS 6.41rc32' version here: https://www.mikrotik.com/download

]]>
Release candidateFri, 22 Sep 2017 14:02:10 +03009dde3f2b3042f9a538aa59051beeed0d
RouterOS 6.41rc31 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc31 changelog:

*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added Passthrough support (CLI only);
*) lte - added support for ZTE ME3630 E1C with additional "/port" for GPS usage;
*) lte - automatically add "/ip dhcp-client" configuration on interface;
*) lte - changed default values to "add-default-route=yes", "use-peer-dns=yes" and "default-route-distance=2";
*) ppp - fixed serial port loading (introduced in v6.41rc);
*) sfp - fixed temperature readings for various SFP modules;
*) snmp - fixed "/system license" parameters for CHR;
*) wireless - improved reliability on "rx-rate" selection process;

Other changes since 6.40.3:

!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - removed "master-port" parameter;
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added L2MTU support;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) export - fixed interface list export;
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added "bridge" topic;
*) log - optimized "poe-out" logging topic logs;
*) lte - added Yota non-configurable modem support;
*) lte - fixed mode initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) ups - fixed duplicate "failed" UPS logs;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) webfig - improved reliability of login process;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "allow-signal-out-off-range" option for Access List entries (CLI only);
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Download the new 'RouterOS 6.41rc31' version here: https://www.mikrotik.com/download

]]>
Release candidateWed, 20 Sep 2017 16:38:16 +030074bc02c6a7167a7a8e243ce0b6446fe1
RouterOS 6.41rc30 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc30 changelog:

*) crs317 - added L2MTU support;
*) crs326 - fixed packet processing speed on switch chip if individual port link speed differs;
*) crs3xx - added port ingress and egress rate limiting;
*) export - fixed wireless "ssid" and "supplicant-identity" compact export;
*) ppp - fixed situation when part of PPP configuration was reset to default values after reboot;
*) wireless - added "allow-signal-out-of-range" option for Access List entries (CLI only);

Other changes since 6.40.3:

!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - removed "master-port" parameter;
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) export - fixed interface list export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - added "bridge" topic;
*) log - optimized "poe-out" logging topic logs;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added Passthrough support (CLI only);
*) lte - added support for ZTE ME3630 E1C;
*) lte - added Yota non-configurable modem support;
*) lte - fixed mode initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) ups - fixed duplicate "failed" UPS logs;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) webfig - improved reliability of login process;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Download the new 'RouterOS 6.41rc30' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 19 Sep 2017 14:50:29 +030000a476448b0ccafd67e855c4dfc53709
RouterOS 6.41rc28 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc28 changelog:

*) console - do not stop "/certificate sign" process if console times out in 1 minute;
*) crs317 - added L2MTU support;
*) crs3xx - added port ingress and egress rate limiting;
*) log - added "bridge" topic;
*) lte - added Passthrough support (CLI only);

Other changes since 6.40.3:

!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - removed "master-port" parameter;
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) e-mail - do not show errors when sending e-mail from script;
*) eoip - made L2MTU parameter read-only;
*) export - fixed interface list export;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - optimized "poe-out" logging topic logs;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added support for ZTE ME3630 E1C;
*) lte - added Yota non-configurable modem support;
*) lte - fixed mode initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) ups - fixed duplicate "failed" UPS logs;
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) webfig - improved reliability of login process;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Download the new 'RouterOS 6.41rc28' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 12 Sep 2017 14:23:37 +0300c807d8ee05914e5bb13d09720525076a
RouterOS 6.41rc26 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc26 changelog:

*) chr - added KVM memory balloon support;
*) chr - added suspend support;
*) crs1xx/2xx - fixed 1 Gbps forced mode for several SFP modules;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) dhcp - fixed unresponsive DHCP service caused by inability to read not set RAW options;
*) e-mail - auto complete file name on "file" parameter (introduced in v6.40);
*) eoip - made L2MTU parameter read-only;
*) hotspot - fixed missing "/ip hotspot server profile" if invalid "dns-name" was specified;
*) lte - added Passthrough support (CLI only);
*) lte - added support for ZTE ME3630 E1C;
*) lte - fixed mode initialization after reboot;
*) ppp - fixed missing PPP client interface after reboot (introduced in v6.41rc);
*) rb931-2nd - fixed startup problems (requires additional reboot after upgrade);
*) userman - fixed unresponsive RADIUS server (introduced in v6.40.3);
*) webfig - improved reliability of login process;

Other changes since 6.40.3:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
*) address - show warning on IPv6 address when acquire from pool has failed;
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - removed "master-port" parameter;
*) bridge - show "admin-mac" only if "auto-mac=no";
*) bridge - show bridge interface local addresses in the host table;
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcp - require DHCP option name to be unique;
*) dhcpv4-client - allow to use DUID for client as identity string as the option 61;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "rapid-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) dhcpv6-client - require pool name to be unique;
*) e-mail - do not show errors when sending e-mail from script;
*) export - fixed interface list export;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in v6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - optimized "poe-out" logging topic logs;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added Yota non-configurable modem support;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in v6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Download the new 'RouterOS 6.41rc26' version here: https://www.mikrotik.com/download

]]>
Release candidateFri, 08 Sep 2017 09:37:53 +0300a316ba7a668e6032ce4f1ea38e3e381a
RouterOS 6.41rc23 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc23 changelog:

*) address - show warning on IPv6 address when acquire from pool has failed;
*) bridge - fixed connectivity issues when there are multiple VLAN interfaces on bridge;
*) bridge - show bridge interface local addresses in the host table;
*) crs317 - added initial support for HW offloaded MPLS forwarding;
*) dhcp - fixed DHCP services failing after reboot when DHCP option was used;
*) dhcpv4-client - allow to use DUID for client ID;
*) dhcpv6-client - require pool name to be unique;
*) routerboard - fixed "/system routerboard upgrade" for CRS212-8G-4S;

Other changes since 6.40.3:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - removed "master-port" parameter;
*) bridge - show "admin-mac" only if "auto-mac=no";
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - require DHCP option name to be unique;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "raoud-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) e-mail - do not show errors when sending e-mail from script;
*) export - fixed interface list export;
*) hotspot - fixed missing "/ip hotspost server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added "/interface reset-counters" command (CLI only);
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in 6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - optimized "poe-out" logging topic logs;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added Passthrough support (CLI only);
*) lte - added Yota non-configurable modem support;
*) lte - fixed mode initialization after reboot;
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in 6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) tile - improved reliability on MPLS package processing;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Download the new 'RouterOS 6.41rc23' version here: https://www.mikrotik.com/download

]]>
Release candidateMon, 04 Sep 2017 14:42:57 +0300f76dbbe85a06e1a3018e11d47074b962
RouterOS 6.41rc21 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc21 changelog:

*) arp - properly update dynamic ARP entries after interface related changes;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "master-port" parameter;
*) ike1 - remove PH1 and PH2 when "mode-config" exchange fails;
*) interface - added "/interface reset-counters" command (CLI only);
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) lcd - fixed "flip-screen=yes" state after reboot;
*) lte - added "/interface lte apn" menu (Passthrough requires reconfiguration) (CLI only);
*) lte - added Yota non-configurable modem support;
*) lte - fixed mode initialization after reboot;
*) sniffer - fixed VLAN tag reporting for TX packets (introduced 6.41rc14);
*) tile - improved reliability on MPLS package processing;
*) wireless - pass interface MAC address in Sniffer TZSP frames;
*) wireless - updated United Kingdom regulatory domain information;

Other changes since 6.40.3:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option;
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "fast-forward" counters;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping";
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - require DHCP option name to be unique;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "raoud-commit" is enabled;
*) dhcpv6-client - ignore unknown IA;
*) e-mail - do not show errors when sending e-mail from script;
*) export - fixed interface list export;
*) hotspot - fixed missing "/ip hotspost server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - kill PH1 on "mode-config" address failure;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in 6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) log - optimized "poe-out" logging topic logs;
*) lte - added Passthrough support (CLI only);
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in 6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;

Download the new 'RouterOS 6.41rc21' version here: https://www.mikrotik.com/download

]]>
Release candidateFri, 01 Sep 2017 13:58:06 +030047dfda437df0ab027e6079701bfcbde6
RouterOS 6.40.3 [Current]https://www.mikrotik.com/download/changelogs/current

6.40.3 changelog:

*) dhcpv6-server - do not release address of static binding from pool after server removal;
*) export - fixed "/system routerboard" export (introduced in 6.40.1);
*) export - fixed export for PoE-OUT related settings;
*) ike1 - fixed initiator ID comparison to NAT-OA;
*) led - fixed "on" and "off" triggers when multiple LEDs are selected;
*) led - fixed RB711UA ether1 LED (introduced in v6.38rc16);
*) lte - do not show USB LTE modem under "/port" menu;
*) lte - fixed ethernet flap when LTE establishes connection;
*) lte - fixed SXT LTE graphs in QuickSet;
*) lte - improved reliability of USB LTE modems;
*) poe-out - fixed router reboot after "poe-out-status" changes;
*) rb1100ahx4 - fixed HW acceleration fragmented packet decryption when fragment is smaller than 64 bytes;
*) rb750gr3 - show warning and do not allow to use "protected-bootloader" feature if "factory-firmware" older than 3.34.4 version;
*) routerboard - added "mode-button" support for RB750Gr3 (CLI only);
*) ssh - do not execute command if it starts with "-" symbol;
*) traffic-flow - fixed reboots when IPv6 address has been set as target address without active IPv6 package;
*) userman - fixed "limitation" and "profile-limitation" update;
*) userman - fixed CoA packet processing after changes in "/tool user-manager router" configuration;
*) webfig - allow to open table entry even if table is not sorted by # (introduced in v6.40);
*) webfig - allow to unset "rate-limit" for DHCP leases;
*) winbox - added possibility to define "comment" for "/routing bgp network" entries;
*) winbox - do not show FAN related information under "/system health" menu for devices which does not have it;
*) winbox - do not show LCD menu for devices which does not have it;
*) winbox - fixed ARP table update after entry changes state to incomplete;
*) wireless - added "russia3" country settings;
*) wireless - added New Zealand regulatory domain information for P2P links;
*) wireless - updated China and New Zealand regulatory domain information;
*) www - fixed unresponsive Web services (introduced in v6.40);

Download the new 'RouterOS 6.40.3' version here: https://www.mikrotik.com/download

]]>
CurrentFri, 01 Sep 2017 13:32:40 +030031c5b95106c37b9f927f57ca7847a785
RouterOS 6.41rc20 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc20 changelog:

*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx;
*) bridge - fixed "fast-forward" counters;
*) bridge - implemented software based "igmp-snooping";
*) bridge - implemented software based MSTP;
*) bridge - removed "master-port" parameter;
*) dhcpv6 client - added IAID check in reply;
*) dhcpv6-client - fixed IA check on solicit when "raoud-commit" is enabled;
*) dhcpv6-server - do not release address of static binding from pool after server removal;
*) export - fixed export for PoE-OUT related settings;
*) ipsec - kill PH1 on "mode-config" address failure;
*) led - fixed RB711UA ether1 LED (introduced in v6.38rc16);
*) lte - added Passthrough support (CLI only);
*) lte - integrated IP address acquisition without DHCP client for wAP LTE kit-US;
*) userman - fixed "limitation" and "profile-limitation" update;
*) userman - fixed CoA packet processing after changes in "/tool user-manager router" configuration;

Other changes since 6.40.2:

*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - changed "Host" and "MDB" table column order;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - require DHCP option name to be unique;
*) dhcpv6-client - ignore unknown IA;
*) e-mail - do not show errors when sending e-mail from script;
*) export - fixed "/system routerboard" export (introduced in 6.40.1);
*) export - fixed interface list export;
*) hotspot - fixed missing "/ip hotspost server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - fixed initiator ID comparison to NAT-OA;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in 6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) led - fixed "on" and "off" triggers when multiple LEDs are selected;
*) log - optimized "poe-out" logging topic logs;
*) lte - do not show USB LTE modem under "/port" menu (introduced in 6.41rc);
*) lte - improved reliability of USB LTE modems;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in 6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) poe-out - fixed router reboot after "poe-out-status" changes;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb1100ahx4 - fixed HW acceleration fragmented packet decryption when fragment is smaller than 64 bytes;
*) rb750gr3 - show warning and do not allow to use "protected-bootloader" feature if "factory-firmware" older than 3.34.4 version;
*) routerboard - added "mode-button" support for RB750Gr3 (CLI only);
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) ssh - do not execute command if it starts with "-" symbol;
*) traffic-flow - fixed reboots when IPv6 address has been set as target address without active IPv6 package;
*) ups - fixed duplicate "failed" UPS logs;
*) webfig - allow to open table entry even if table is not sorted by # (introduced in v6.40);
*) webfig - allow to unset "rate-limit" for DHCP leases;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - added possibility to define "comment" for "/routing bgp network" entries;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - do not show FAN related information under "/system health" menu for devices which does not have it;
*) winbox - do not show LCD menu for devices which does not have it;
*) winbox - fixed ARP table update after entry changes state to incomplete;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "russia3" country settings;
*) wireless - added New Zealand regulatory domain information for P2P links;
*) wireless - updated China and New Zealand regulatory domain information;
*) www - fixed unresponsive Web services (introduced in v6.40);

Download the new 'RouterOS 6.41rc20' version here: https://www.mikrotik.com/download

]]>
Release candidateTue, 29 Aug 2017 11:12:00 +0300e93302bd8eb56522e90456c2cc408d93
RouterOS 6.41rc18 [Release candidate]https://www.mikrotik.com/download/changelogs/release

6.41rc18 changelog:

*) bridge - changed "Host" and "MDB" table column order;
*) ipv6 - add dynamic "/ip dns" server address from RA when RA is permitted by configuration;
*) log - optimized "poe-out" logging topic logs;
*) lte - added Passthrough support (CLI only);
*) poe-out - fixed router reboot after "poe-out-status" changes;
*) userman - fixed "limitation" and "profile-limitation" update;
*) webfig - allow to open table entry even if table is not sorted by # (introduced in v6.40);
*) webfig - allow to unset "rate-limit" for DHCP leases;
*) winbox - added "notrack-chain" setting to IPSec peers;
*) winbox - do not show FAN related information under "/system health" menu for devices which does not have it;
*) winbox - fixed ARP table update after entry changes state to incomplete;

Other changes since 6.40.2:

!) bridge - implemented software based vlan-aware bridges;
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering
!) switch - "master-port" conversion into a bridge with hardware offload "hw" option (CLI only);
https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#Bridge_Hardware_Offloading
!) bridge - general development of hw-offload bridge implementation (introduced in v6.40rc36);
*) arp - fixed invalid static ARP entries after reboot on interfaces without IP address;
*) bridge - added initial support for hardware "igmp-snooping" on CRS1xx/2xx (CLI only);
*) bridge - automatically turn off "fast-forward" feature if both bridge ports have "H" flag;
*) bridge - fixed "R" state for bridge interfaces on x86 and CHR installations (introduced in v6.41rc12);
*) bridge - fixed ARP setting (introduced in v6.40rc36);
*) bridge - fixed multicast forwarding (introduced in v6.40rc36);
*) bridge - implemented dynamic entries for active MST port overrides;
*) bridge - implemented software based "igmp-snooping" (CLI only);
*) bridge - implemented software based MSTP (CLI only);
*) bridge - removed "frame-types" and "ingress-filtering" for bridge interfaces (introduced in v6.40rc36);
*) bridge - removed "master-port" parameter (CLI only);
*) bridge - show "admin-mac" only if "auto-mac=no";
*) btest - improved reliability on Bandwidth Test when device`s RAM is almost full;
*) capsman - added "vlan-mode=no-tag" option;
*) capsman - return complete CA chain when issuing new certificate;
*) certificate - fixed import of certificates with empty SKID;
*) certificate - fixed SCEP "get" request URL encoding;
*) certificate - show "Expired" flag when initial CRL fetch fails;
*) CRS3xx - switch VLAN configuration integrated within bridge VLAN configuration with hw-offload;
*) dhcp - require DHCP option name to be unique;
*) dhcpv6-client - ignore unknown IA;
*) e-mail - do not show errors when sending e-mail from script;
*) export - fixed "/system routerboard" export (introduced in 6.40.1);
*) export - fixed interface list export;
*) hotspot - fixed missing "/ip hotspost server profile" if invalid "dns-name" was specified;
*) hotspot - improved user statistics collection process;
*) ike1 - fixed initiator ID comparison to NAT-OA;
*) ike1 - release mismatched PH2 peer IDs;
*) ike2 - check identities on "initial-contact";
*) ike2 - use peer configuration address when available on empty TSi;
*) interface - added option to join and exclude "/interface list" from one and another;
*) interface - fixed corrupted "/interface list" configuration after upgrade;
*) ippool6 - try to assign desired prefix for client if prefix is not being already used;
*) ipsec - added DH groups 19, 20 and 21 support for phase1 and phase2 (CLI only);
*) ipsec - allow to specify "remote-peer" address as DNS name;
*) ipsec - renamed "firewall" argument to "notrack-chain" in peer configuration;
*) ipv6 - fixed IPv6 address request from pool (introduced in 6.41rc1);
*) l2tp-server - fixed PPP services becoming unresponsive after changes on L2TP server with IPSec configuration;
*) lcd - fixed unresponsive LCD (introduced in v6.41rc15);
*) led - fixed "on" and "off" triggers when multiple LEDs are selected;
*) lte - do not show USB LTE modem under "/port" menu (introduced in 6.41rc);
*) lte - improved reliability of USB LTE modems;
*) lte - properly recognize USB devices under "/system resource usb" (introduced in 6.41rc12);
*) modem - added initial support for Alcatel IK40 and Olicard 500;
*) ospf - fixed OSPF v2 and v3 neighbor election;
*) ppp - added support for Sierra MC7750, Verizon USB730L;
*) pppoe - fixed invalid PPPoE server or client after reboot or "interface" edit (introduced in v6.41rc9);
*) pppoe-server - fixed situation when PPPoE servers become invalid on reboot;
*) rb1100ahx4 - fixed HW acceleration fragmented packet decryption when fragment is smaller than 64 bytes;
*) rb750gr3 - show warning and do not allow to use "protected-bootloader" feature if "factory-firmware" older than 3.34.4 version;
*) routerboard - added "mode-button" support for RB750Gr3 (CLI only);
*) sfp - fixed SFP interface power monitor when bad SFP DDMI information is received;
*) sftp - added functionality which imports ".auto.rsc" file or reboots router on ".auto.npk" upload;
*) snmp - fixed bridge host requests on devices with multiple bridge interfaces;
*) ssh - do not execute command if it starts with "-" symbol;
*) traffic-flow - fixed reboots when IPv6 address has been set as target address without active IPv6 package;
*) ups - fixed duplicate "failed" UPS logs;
*) winbox - added possibility to define "comment" for "/routing bgp network" entries;
*) winbox - do not show duplicate "Template" parameters for filter in IPSec policy list;
*) winbox - do not show duplicate filter parameters "Published" in ARP list;
*) winbox - do not show LCD menu for devices which does not have it;
*) winbox - fixed bridge port sorting order by interface name;
*) winbox - show warnings under "/system routerboard settings" menu;
*) wireless - added "russia3" country settings;
*) wireless - added New Zealand regulatory domain information for P2P links;
*) wireless - updated China and New Zealand regulatory domain information;
*) www - fixed unresponsive Web services (introduced in v6.40);

Download the new 'RouterOS 6.41rc18' version here: https://www.mikrotik.com/download

]]>
Release candidateThu, 24 Aug 2017 12:58:31 +030021444b6da8554edfd1bf52fe69bb7b5d