Category: Mikrotik

Lots of changes in RouterOS 6.34
Some Standouts that will be of benefit to alot of folks I know
*) mipsle – architecture support dropped (last fully supported version 6.32.x);
*) btest – significantly increased TCP bandwidth test performance;
*) ssh – fixed possible kernel crash;
*) crs212 – fix 1Gbps ether1 linking problem;
*) tile – make sure that SFP rj45 modules that use forced 1G FD settings work correctly after system reboot;

What’s new in 6.34 (2016-Jan-29 10:25):

*) mipsle – architecture support dropped (last fully supported version 6.32.x);
*) dude – The reports of my death have been greatly exaggerated;
*) dude – dude RouterOS package added for tile and x86 (CHR) architecture;
*) dude – package included by default to all CHR images;
*) dude – initial work on dude integration into RouterOS;
*) bgp vpls – fixed initialization after reboot;
*) mpls – forwarding of VRF over TE tunnel stopped working after BGP peer reset;
*) ipsec – improved TCP performance on CCRs;
*) btest – significantly increased TCP bandwidth test performance;
*) winbox – fixed possible busy-loop on v2.x with latest 6.34RC versions;
*) cerm – allow to sign certificates from imported CAs created with RouterOS;
*) ldp – fix MPLS PDU max length;
*) net – improve 64bit interface stats support;
*) routerboard – print factory-firmware version in routerboard menu;
*) snmp – add oid from ucd mib for total cpu load OID 1.3.6.1.4.1.2021.11.52.0;
*) winbox – add extra items automatically to multi-line fields if at least one of them is required;
*) winbox – implemented full ipv6 dhcp client;
*) winbox – update blocked flag if user changed blocked field in dhcp server lease;
*) mac-telnet – fixed backspace when typing login username;
*) sstp – allow ECDHE when pfs enabled;
*) lte – fixed info command for Cinterion EHS5-E modem;
*) fast-path – fixed kernel crash on on/off;
*) licensing – fixed that some old 7 symbol keys could not be upgraded;
*) ssh – fixed possible kernel crash;
*) console – fixed crash on creating variable with “?” in it;
*) chr – fix SSH key import on AWS;
*) crs212 – fix 1Gbps ether1 linking problem;
*) timezone – use backward timezone aliases;
*) lte – support serial port for DellWireless 5570;
*) lte – improved dhcp handling on interfaces that doesn’t support it;
*) ipsec – allow my-id address specification in main mode;
*) dhcpv6 client – fix remove when client reappears on restart;
*) default config – fix hAP lite with one wireless;
*) firewall – added inversion support for “limit” option;
*) firewall – added bit rate matching for “limit” option;
*) firewall – improved performance for “limit” option;
*) dhcpv6-client – fix ia lifetime check;
*) ipsec – prioritize proposals;
*) ipsec – support multiple DH groups for phase 1;
*) netinstall – fix apply default config;
*) tile – make sure that SFP rj45 modules that use forced 1G FD settings work correctly after system reboot;
*) wireless – added WPS buttons support on hAP and hAP ac lite;
*) upnp – added comment for dynamic dst-nat rules to inform what host/program required it;
*) webfig – recognize properly CHR;
*) chr – license fix for AWS and similar solutions;
*) arm – fix usb modem modules on ARM;
*) dhcpv6-client – fixed stopped state;
*) netinstall – sort packages by name;
*) firewall – do not allow to add new rule before built-in (reverted);
*) winbox – include FP in fast-path column names;
*) ipsec – fix phase2 hmac-sha-256-128 truncation len from 96 to 128
This will break compatibility with all previous versions and any other
currently compatible software using sha256 hmac for phase2;
*) ssh, ftp – make read, write user group policy aware;
*) tunnel – fix keep-alive (introduced in 6.34rc);
*) cerm – show last crl update time;
*) quicket – support CAP mode on all existing wireless packages;
*) wlan – add united states3 country;
*) fast-path – fix locking issue which could lead to reboot loop (introduced in 6.34rc20);
*) userman4 – try loading signup files from db path first;
*) sstp – allow to limit tls version to v1.2 only;
*) chr – make tool profile work on 64bit x86;
*) dhcpv6-server – added binding server=all option;
*) hotspot – added html-directory-override & recognize default hotspot user;
*) hotspot – fixed export of default trial user;
*) hotspot – fixed memory leak on https requests;
*) winbox – allow to specify amsdu-limit & amsdu-threshold on 11n wifi cards;
*) winbox – added multicast-buffering & keepalive-frames settings to wireless interfaces;
*) CHR – implemented trial support for different CHR speed tiers;
*) dhcpv6-client – fix add route/address;
*) usb – enable ch341 serial module;
*) lte – make sure that both LTE miniPCI-e cards are recognized;
*) winbox – show Common-Name of certificates in certificate list;
*) winbox – added units to PCQ queue fields;
*) net – do not break connection when interface is added to bridge;
*) hotspot – show cookie add/remove events in hotspot,debug log;
*) hotspot – allow static entries with the same mac on multiple hotspot servers;
*) hotspot – do not remove mac-cookie in case of radius timeout;
*) hotspot – added byte limits option for default-trial users;
*) ipsec – make sure that dynamic policy always has dynamic flag;
*) CAPsMAN – use CAP name in log when remote-cap is deleted (wireless-cm2);
*) hotspot – fixed login by mac-cookie when roaming among hotspot servers;
*) hotspot – add html-directory-override for read-only directory on usb flash;
*) hotspot – add uptime, byte and packet counter variables to logout script;
*) net – fix statistics counters jumping up to 4G;
*) firewall – SIP helper update for newer Cisco phones;
*) usermanager – fixed usermanager web page crash;
*) ipsec – fixed active SAs flushing;
*) hotspot – added option to login user manually from cli;
*) hotspot – fixed trial-uptime parsing from CLI to Winbox/Webfig;
*) lte – added support for multiple E3372 on the same device;
*) modem – added wpd-600n ppp support;
*) console – fixed incorrect disabled firewall rule matching to “invalid flag”;
*) dns – fix for situation when dynamic dns servers could disappear;
*) sfp – fix 10g ports in 1g mode (introduced in 6.34rc1);
*) CCR1072 – added support for S-RJ01 SFP modules;
*) trafficgen – fixed issue that traffic-generator could not be started twice without reboot;
*) dhcpv6-server – replace delay option with preference option.

—

*) winbox – show properly route-distinguisher for bgp vpn4;
*) winbox – show dhcp server name in dhcp leases;
*) ppp – make CoA work correctly with address-lists;
*) winbox – fixed tab names to correspond to console;
*) winbox – show only actual switch-cpu ports in switch setting combobox;
*) winbox/webfig – fixed version column ordering in ip neighbors list;
*) webfig – fixed switch port “default vlan id” has missing “auto” value;
*) webfig – fixed firewall connection-bytes option;
*) ipsec – fixed kernel failure after underlying tunnel has been disabled/enabled;
*) romon – allow to see device identity if it is longer than 31 character;
*) fastpath – show fp counters in /interface monitor aggregate;
*) bridge firewall – fix chain check (broken since 6.33.2);
*) bridge firewall – fixed crash when jump rule points to disabled custom chain;
*) smb – fix crash when changing user which has open session;
*) address-list – properly remove unused address-lists from drop-downs;
*) fetch – fixed closure after 30 seconds;
*) capsman – fix radius accounting stop message;
*) log – reopen log file if deleted;
*) packing – fix tcp/udp checksums when simple packing is used;
*) tile – fix ipsec freeze after SA updates;
*) upnp – fixed missing in-interface option for dynamic dst-nat rules;
*) tunnel – fix complaining about loop after ~248 days;
*) vrrp – make sure that VRRP gets state on bootup;
*) ppp – fixed rare kernel crash (introduced in v6.33);
*) ppp – do not allow empty name ppp secrets;
*) ssh – fix active user accounting.