Pittsburg Mikrotik User Meeting

General Information
MikroTik is happy to announce MikroTik User Meeting in Pittsburgh, USA, September 11 – 12, 2014


Router OS 6.18 released

From The ChangeLog

What's new in 6.18 (2014-Aug-01 10:47):

*) sstp - report TLS encryption as well;
*) safe mode - do not allow user with less permissions to disrupt active safe mode;
*) console - print command does not try to reuse item numbers assigned by
    previous invocations of 'print' when doing 'print where' or 'print follow',
    items are numbered consecutively starting from '0'.
*) console - fix compact export of some partially modified
    configuration values;
*) api - use the same syntax for property values as is used in 'print detail'
    output, with the exception of numbers, that are not shown with suffixes
    (K/M/G/T or bitrate) and are not contracted or separated into digit groups,
    and "yes"/"no" values that continue to be reported as "true"/"false".
*) console - show internal numbers in the form returned by 'find' (like *9A0F)
    instead of "(unknown)" when configuration refers to
    deleted items. This change also applies to API.
*) ipsec - fix addition of default policy template;
*) console - values of type 'nil' were returning 'nil' as result of most
    operations. Now it compares less than all values except 'nil'
    and 'nothing', and compares inequal to all values except 'nil'.
    This was changed to make 'print where' and 'find where' more useful.
    An example. Previously the following command
        /ip route print where routing-mark!=nosuch
    Would not print routes that had no value for 'routing-mark' set, because
    (nil != "nosuch") was equal to nil. Now it evaluates to 'true', and this
    command will also print all routes that have no 'routing-mark' value set.
*) l2tp - fixed problem on CCR where server responded with wrong source address;
*) console export - put qutes around item names that start with a digit;
*) sntp client - added support for dns lookup of ntp servers;
*) console - when exporting to file, use name ending in '.in_progress', and
   rename when export finishes;
*) bridge setups sometimes could crash on CCR devices;
*) fixed port flapping in 1G mode on sfp-sfpplus1 on CRS226;
*) fixed SXT ac model losing it's interface if changing regulatory settings in "routerboard" menu



Mikrotik 6.16 and 6.17 Released

From the ChangeLogs

What's new in 6.17 (2014-Jul-18 15:14):

*) CCR1009 - fixed crash, only affects CCR1009;
What's new in 6.16 (2014-Jul-17 13:12):

*) 802.11ac support added in wireless-fp package for QCA9880/9882 rev2 (-BR4A) chips;
*) ip cloud now allows to set which IP to use - detected (public) or local (private);
*) l2tp, pptp, pppoe - fixed possible packet corruption when encryption was enabled;
*) ovpn - fixed ethernet mode;
*) certificates - use SHA256 for fingerprinting;
*) ipsec - fix AH proposal and problem when sometimes policy was not generated;
*) snmp - support AES encryption (rfc3826);
*) l2tp server: added option to enable IPsec automatically;
*) poe-out: added power-cycle-ping and power-cycle-interval settings;
*) gps - increased retry duration to 30 seconds;
*) time - on routerboards, current time is saved in configuration on reboot
    and on clock adjustment, and is used to set initial time after reboot;
*) sntp - disabling/enabling client was causing dynamic-servers to be ignored
    (bug introduced in 6.14);
*) CCR - fixed rare file system corruption when none
   of configuration could be changed or some of it disappeared;
*) ipsec - allow multiple encryption algorithms per peer;
*) email - support tls only connections;
*) smb - fixed usb share issues after reboot
*) snmp - fix v3 protocol time window checks;
*) updated timezone information;
*) quickset - added VPN settings for HomeAP mode;
*) latency improvements on CCR devices;
Mikrotik Site News xISP

Most Popular Services

I was recently asked what some of our most popular services we offer to clients are.  The following are the top ones that come to mind

1.Converting bridged networks to routed
2.Remote Monitoring from our Data Centers. This allows a client to be notified in case they lose connectivity to the outside world.
3.Backend automation.  Implementing radius, monitoring links, and other things to give the ISP more information
4.Data Center services such as DNS hosting, circuit termination, and bandwidth.
5.Mikrotik configuration and support


Router OS 6.15 Released

Big bug fix if you are upgrading from V5.x

What's new in 6.15 (2014-Jun-12 12:25):

*) fixed upgrade from v5 - on first boot all the optional packages were disabled;
*) fixed problem where sntp server could not be specified in winbox & webfig;
*) metarouter - make openwrt work on ppc metarouter again;


Mikrotik Networking

Router OS 6.13

Straight from Mikrotik

What’s new in 6.13

*) console – comments are now accepted where new command can start, that is,

    where ‘/’ or ‘:’ characters can be used to start new command, e.g.

/interface { # comment until the end of the line



*) backup – backups by default are encrypted now (with user password).

   To use backup on older versions, you should disable encryption with dont-encrypt

   flag when creating it;

*) files with ‘.sensitive.’ in the filename require ‘sensitive’

    permission to manipulate;
*) lcd – reduce CPU usage when displaying static screens;
*) l2tp – fixed occasional server lockup;
*) pptp – fixed memory leak;
*) sstp – fixed crashes;

Simply click “Check for updates” in QuickSet, Webfig or Winbox packages menu. If you run v5 or older, download the newest NPK package from our webpage, upload to your router, and reboot:

Mikrotik Networking

Mikrotik Chains Explained

What the wiki says:

  • input – used to process packets entering the router through one of the interfaces with the destination IP address which is one of the router’s addresses. Packets passing through the router are not processed against the rules of the input chain (DST address of the router)
  • forward – used to process packets passing through the router (SRC and DST is not on the router)
  • output – used to process packets originated from the router and leaving it through one of the interfaces. Packets passing through the router are not processed against the rules of the output chain