-
RouterOS 7.17 arm64 Stable
released this
2025-01-18 11:13:51 +08:00 | 0 commits to main since this releaseWhat's new in 7.17 (2025-Jan-16 10:19):
!) device-mode - after upgrade, mode "enterprise" is renamed to "advanced" and traffic-gen, partition (command "repartition"), routerboard and install-any-version features will be disabled;
!) webfig - redesigned HTML, styling and functionality;
*) 6to4 - fixed issue where 6to4 relay would not forward traffic unless destination address is set;
*) adlist - improved logging;
*) adlist - improved system stability;
*) adlist - optimized import on system with low disk space;
*) api - fixed REST API serialization of binary data;
*) arm64 - fixed for bare-metal servers to be able to access more than 2GB RAM;
*) arm64 - show CPU frequency on bare-metal installations;
*) arm64/x86 - added missing PCI id for mlx4 driver;
*) bonding - hide mlag-id property on non-compatible devices;
*) bridge - add HW offload support for active-backup bonds on 98DXxxxx, 88E6393X, 88E6191X and88E6190 switches;
*) bridge - added interface-list support for VLANs;
*) bridge - added message for inactive port reason;
*) bridge - added priority setting to manually elect primary MLAG peer;
*) bridge - correctly display PPP interfaces in VLAN menu;
*) bridge - disallow duplicate static VLAN entries;
*) bridge - disallow multicast MAC address as admin-mac;
*) bridge - enable faster HW offloading when detect-internet is disabled;
*) bridge - fixed first host table response for SNMP;
*) bridge - fixed incorrect HW offloaded port state in certain cases on MSTI add;
*) bridge - fixed missing slave flag on port in certain cases;
*) bridge - fixed MVRP registrar and applicant port options;
*) bridge - fixed port monitor with interface-lists;
*) bridge - fixed port move command;
*) bridge - fixed setting bridge MTU to L2MTU value;
*) bridge - fixed VLAN overlap check;
*) bridge - ignore disabled interfaces when calculating bridge L2MTU;
*) bridge - improved port handling;
*) bridge - improved stability;
*) bridge - prioritize MAC selection from Ethernet interfaces when using auto-mac feature;
*) bridge - re-synchronize MLAG system-id when bridge MAC changes;
*) bridge - removed support for master port config conversion (used before version 6.41);
*) bridge - update dynamic MSTI priority value when changing configuration;
*) bth - improved stability on system time change;
*) certificate - do not download CRL if there is not enough free RAM;
*) certificate - do not show not relevant values for certificate template (CLI only);
*) certificate - fixed handling of capsman-cap certificates (introduced in v7.16);
*) certificate - removed unstructured address field support;
*) chr - added Chelsio VF driver for PCIID 5803;
*) chr/arm64 - fixed kernel crypto use without crypto extensions for RPi CM4;
*) cloud - changed ddns-enabled setting from "no" to "auto" (service is enabled when BTH is enabled);
*) cloud - improved DDNS and VPN state stability;
*) console - added :range command;
*) console - added group-by property for print command;
*) console - added json.no-string-conversion to :serialize;
*) console - added lf/crlf options to :convert transform;
*) console - added more argument definitions for mac-protocol property;
*) console - added password property to "/system/ssh-exec" command;
*) console - added to/from=num option for :convert command;
*) console - allow clearing history for a specific user;
*) console - allow setting width to supout.rif output;
*) console - clear history when removing user;
*) console - disallow autocomplete hints for user without read policy;
*) console - execute :return command without error;
*) console - fixed endless loop when closing input prompt;
*) console - fixed missing arguments in wifi menu in certain cases;
*) console - force print paging when output does not fit terminal width;
*) console - improved printing output in some menus;
*) console - improved scripting system stability;
*) console - increased w60g scan-list size to 6;
*) console - print warning in CLI after enabling protected bootloader;
*) console - removed "chain" names from print parameter list and show all print parameters in "/ipv6/firewall/filter" directory;
*) console - show system-id in export for CHR;
*) console - updated copyright notice;
*) container - allow import from .tar.gz file;
*) container - do not log start, end events unless logging is enabled;
*) container - fixed user and group ID range;
*) container - improved "start-on-boot" stability;
*) container - improved container shell;
*) crypto - improve crypto speeds;
*) crypto - use hardware accelerator for GCM cipher in TLS connection on Alpine CPUs;
*) defconf - changed wireless installation from "indoor" to "any";
*) defconf - disable 5GHz secondary channel on RB4011;
*) defconf - do not add default password for CAP mode configuration on older Audience devices without a password;
*) defconf - fixed new port name recognition;
*) detnet - remove dynamic DHCP client creation;
*) device-mode - added "allowed-versions" list which are allowed to be installed without "install-any-version" mode enabled;
*) device-mode - added "basic" mode;
*) device-mode - added routerboard, install-any-version and partitions features;
*) device-mode - allow feature and mode update on x86 via power button and reboot/shutdown from AWS;
*) device-mode - fixed feature and mode update on ARM64 Hetzner;
*) device-mode - fixed feature and mode update via power-reset on MIPSBE devices;
*) device-mode - limit "/tool/ping-speed" and "/tool/flood-ping" under "traffic-gen" feature;
*) device-mode - limit device-mode update maximum allowed attempt count which can be reset only with reboot or button press;
*) device-mode - provide more precise device-mode update action printout;
*) device-mode - show all features and active restrictions with "print" command;
*) dhcp-relay - added "local-address-as-src-ip" property;
*) dhcp-server - use interface ID for NAS-Port and added interface name to NAS-Port-ID attribute in RADIUS requests;
*) dhcp-server - use single RADIUS accounting session for IPv4 and IPv6 when dual stack is used;
*) dhcpv4-client - correctly handle adding/setting emtpy dhcp-options;
*) dhcpv4-client - fixed crash when releasing disabled DHCP client;
*) dhcpv4-client - respect Renewal-Time (58) and Rebinding-Time (59) options;
*) dhcpv4-server - do not remove options set config when DHCP network is changed;
*) dhcpv4-server - properly detect DHCP server address when underlying interface has multiple IP addresses configured;
*) dhcpv4-server/relay - added additional error messages for DHCP servers and relays;
*) dhcpv4/v6-server - added address-list parameter to which address will be added if the lease is bound;
*) dhcpv6-client - added prefix-address-list parameter;
*) dhcpv6-client - improved system stability when DHCPv6 client is enabled on non-existing interface;
*) dhcpv6-client - log message when response with invalid transaction-id received;
*) dhcpv6-client/server - added support for DHCPv6 reconfigure messages;
*) dhcpv6-server - added IPv6 address delegation support;
*) dhcpv6-server - do not require "prefix-pool" to be specified;
*) dhcpv6-server - fixed DHCPv6 server "address-pool" property showing in command line as "unknown" when real value is "static-only";
*) dhcpv6-server - improved system stability when removing actively used DHCPv6 server;
*) dhcpv6-server - include all existing prefixes (with lifetime 0) in renew reply and new prefix if RADIUS returns different prefix;
*) dhcpv6-server - properly display "static-pool" value in server print output for "prefix-pool" argument;
*) discovery - added support for LLDP DCBX;
*) discovery - use LLDP description field to populate platform, version and board-name;
*) disk - added "type=file" for file-based block devices, useful for using file as a swap, or when having file-based filesystem images (CLI only);
*) disk - added btrfs filesystems list (CLI only);
*) disk - added mount-read-only and mount-filesystem options to allow read-only mounts and prevent mounting device at all (CLI only);
*) disk - added sshfs client to "/disk" menu (CLI only);
*) disk - added support for SWAP, currently allowed on any block device with "set x swap=yes" when container package is installed (CLI only);
*) disk - allow to configure global and per disk mountpoint template - [slot],[model],[serial],[fw-version],[fs-label],[fs-uuid],[fs] variables supported;
*) disk - auto mount iso and squashfs images;
*) disk - fixed managing and cleaning up mount points;
*) disk - fixed raid role auto selection for up to 64 drives;
*) disk - improve slot naming and improvements for visualizing complex hardware topology;
*) disk - improve test to report zero byte iops;
*) disk - improved system stability;
*) disk - read/show exfat filesystem label;
) disk - recognize virtual sd interfaces;
*) disk - remove 32 character slot name limit;
*) disk - save raid superblock and raid bitmap superblock on member devices in 1.2 format/location;
*) disk - show detailed mountpoint users when unable to unmount;
*) disk - show usage as percentage (CLI only);
*) disk - try all NFS versions (4.2,4.1,4.0,3,2) when mounting NFS in that order;
*) disk,nvme - show nvme namespaces if configured more than one on a nvme drive;
*) dns - added option to create named DNS servers that can be used as forward-to servers;
*) dns - do not look up local cache when executing ":resolve" command with specified "server" parameter (introduced in v7.16);
*) dns - DoH whitelist support for adlist using static FWD entries;
*) dns - refactored DNS service internal processes;
*) dns - whitelist support for adlist using static FWD entries;
*) ethernet - improved interface stability for RB4011 devices;
*) ethernet - improved linking after reboot for hAP ax lite devices ("/system routerboard upgrade" required);
*) ethernet - improved stability after reboot for Chateau PRO ax;
*) ethernet - improved system stability for CCR2004-1G-2XS-PCIe device;
*) ethernet - log warning only about excessive broadcast (do not include multicast) and reduced log count;
*) fetch - fixed certificate check when provided hostname is IP address;
*) fetch - fixed large file (over 4GB) fetch in HTTP/HTTPS mode;
*) file - correctly identify mounted disks;
*) file - do not needlessly scan large filesystems, could prevent unmounting;
*) file - improved handling of changes to the file system;
*) file - improved service stability when accessing files list from other system services;
*) file - support files over 4GB size;
*) file - update file size before trying to request content;
*) firewall - added none-dynamic and none-static arguments for IPv6 address-list-timout settings;
*) firewall - added support for random external port allocation;
*) firewall - added warning log for TCP SYN flood;
*) firewall - fixed "dst-limit" and "limit" mathers when using zero value for burst argument;
*) firewall - improved matching from deeply nested interface-lists;
*) firewall - removed default mangle passthrough=yes configuration from export;
*) ftp - added VRF support;
*) gps - changed default GPS antenna setting for LtAP mini with internal LTE/GPS combo antenna;
*) graphing - fixed graphing rule removal;
*) graphing - fixed queue graph storing on disk;
*) health - added cpu-overtemp-check on ARM, ARM64 devices (CLI only);
*) health - changed PSU state from "no-ac" to "no-input";
*) health - hide settings in CLI if there is nothing to show;
*) health - removed board-temperature on RB5009UPr+S+IN device;
*) igmp-proxy - refactored IGMP querier;
*) ike2 - improved performance by balancing multicore CPU usage for key exchange calculation also for initiator;
*) iot - added additional debug for LoRa logging;
*) iot - added an option to print out LoRa traffic in CLI (not GUI-only option anymore);
*) iot - added new LoRa traffic FCnt packet counter parameter;
*) iot - added support for USB Bluetooth dongles (LE 4.0+) which enables Bluetooth functionality;
*) iot - bluetooth peripheral device menu now displays correct iBeacon major/minor values;
*) iot - fixed duplicate LoRa payloads in the traffic tab;
*) iot - fixed incorrect LoRa joineui filter export behavior;
*) iot - fixed LoRa behavior, where join eui or dev eui could be incorrectly converted during forwarding;
*) iot - improved system stability for LoRa;
*) iot - improvements to LoRa device's stats tab;
*) iot - LoRa LNS improvement;
*) iot - LoRa traffic tab RSSI now shows proper values for ARM architecture;
*) iot - modbus rework which improves Tx Rx switching behavior;
*) iot - mqtt improvement to support large payloads and gracefully discard payloads above size limit;
*) iot - removed crc-disabled and crc-error options from the LoRa forwarding;
*) iot - removed LoRa pause traffic option/setting;
*) iot - removed some LoRa radio related parameters (e.g. RSSI-OFF and Tx-enabled) that were not meant to be changed;
*) ippool - removed maximum "63 bit" prefix length limitation;
*) ipsec - ike2 improved process for policies;
*) ipv6 - added comment property to "/ipv6/nd/prefix" menu;
*) ipv6 - added IPv6 settings related to stale IPv6 neighbor cleanup;
*) ipv6 - added support for manual link-local address configuration;
*) isis - do not disable fast-path when isis is enabled on an interface;
*) isis - fixed console flags;
*) isis - fixed invalid L2 LSP type;
*) isis - make it work when MTU is larger than 1500;
*) isis - update interface MAC address on change (caused neighbor to stuck in init state);
*) kid-control - use time format according to ISO standard;
*) l3hw - improved system stability;
*) l3hw - rate limit error logging;
*) leds - fixed issue where interface LEDs might not properly disable in some cases;
*) log - added basic validation for "disk-file-name" property;
*) log - added hostname support to remote logging action;
*) log - added regex parameter for log filtering in rules;
*) log - fixed e-mail logging (introduced in v7.16);
*) log - use time format according to ISO standard;
*) lte - added option to check/install modem firmware from early-access/testing channel (CLI only);
*) lte - added provider specific firmware update (FOTA) for Cosmote GR networks on Chateau 5G;
*) lte - disabled ims service for Chateau 5G on operator "3 AT" network (PLMN ID 23205);
*) lte - drop operator selection support for R11e-4G modem as it is unreliable;
*) lte - fixed "default-name" property in export when multiple LTE interfaces are used;
*) lte - fixed "lte monitor" signal reporting for RG520F-EU modem when connected to 5G SA network;
*) lte - fixed "operator" setting for EC200A-EU modem;
*) lte - fixed long "PLMN search in progress" for SXT 3-7;
*) lte - fixed LTE band setting for SXT LTE 3-7;
*) lte - fixed roaming barring (allow-roaming=no) for EC200A-EU modem;
*) lte - fixed signal info reporting for FG621-EA modem in UMTS network;
*) lte - fixed SMS sender parsing;
*) lte - improved modem FW upgrade for Chateau 5G;
*) lte - improved R11eL-EC200A-EU modem firmware upgrade procedure;
*) lte - improved recovery after unexpected modem reboot for Chateau's 5G and 5G R16 series devices;
*) lte - improvements to modem "firmware-upgrade" command;
*) lte - MBIM increased assignable APN profile count up to 8 then modem firmware allows it;
*) lte - modem firmware update (FOTA), added support to install provider specific version;
*) lte - removed trailing "F" symbol from uicc;
*) lte - set "sms-read=no" and "sms-protocol=auto" as default values;
*) lte - set IPv6 address reporting format in modem init for AT modems and MBIM modems with AT channel;
*) mac-server - allow MAC-Telnet access through any bridged port when bridge interface is allowed;
*) mac-telnet - use ASCII DEL as erase/backspace char instead of BS (fixes mac-telnet backspace for WinBox4);
*) macvlan - improved error when trying to create new interface on already busy parent interface;
*) macvlan - updated driver;
*) modem - KNOT BG77 modem, improved handling of modem unexpected restarts;
*) mpls - added fast-path support for VPLS;
*) mpls - added MPLS mangle support;
*) mpls - added support for "ICMP Fragmentation needed";
*) mpls - do no drop LDP peering session on PW deactivation;
*) mpls - do not reconnect VPLS on name or comment changes;
*) netinstall - removed unused "Get key" button;
*) netinstall - save and restore device-mode configuration on format;
*) netinstall-cli - added "-o" option to install devices only once per netinstall run;
*) netinstall-cli - fixed x86 detection;
*) netwatch - added "ignore-initial-up" and "ignore-initial-down" properties;
*) netwatch - fixed multiple variables;
*) netwatch - fixed probe toggle when adding a comment;
*) ospf - fixed memory corruption;
*) ospf - improved stability on configuration update;
*) ovpn - added VRF support to OVPN server (server menu now supports multiple entries and previous server configuration is automatically imported);
*) ovpn - improved system stability;
*) ovpn-client - added tls-crypt, tls-crypt-v2 support;
*) ovpn-server - added "user-auth-method" property and allow mschap2 for RADIUS authentication;
*) pimsm - improved system stability after interface disable;
*) poe-out - added low-voltage-too-low status;
*) poe-out - improved PoE-out configuration handling when doing reset-configuration command;
*) poe-out - upgraded firmware for CRS354-48P-4S+2Q+ device (the update will cause brief power interruption to PoE-out interfaces);
*) poe-out - upgraded firmware for PSE (BT) controlled boards (the update will cause brief power interruption to PoE-out interfaces);
*) port - display a warning when using invalid log-file with the "remote-access" feature;
*) port - more detailed print command output, include in "USED-BY" property channel number(s);
*) ppp - add routes in matching VRF;
*) ppp - added support for bridge-port-pvid configuration via ppp profile;
*) ppp - added support for bridge-port-trusted configuration via ppp profile;
*) ppp - do not print local/remote pool related errors in log when configuration does not require pool usage;
*) ppp - fixed typos in log message;
*) ppp - reuse link-local IPv6 address for static bindings when possible;
*) ppp - set APN/PDN type "IPv4/v6" according assigned PPP profile protocol setting;
*) pppoe - added support for PPPoE server over 802.1Q VLANs;
*) profiler - classify ppp processing;
*) profiler - improved process classification;
*) profiler - renamed radv process to radvd;
*) ptp - added dynamic switch ACL rules in order to trap PTP packets to CPU instead of forwarding;
*) ptp - added option to configure L2 transport with forwardable and non-forwardable MAC destination;
*) ptp - added PTP support for CRS320-8P-8B-4S+ and CRS326-4C+20G+2Q+ devices;
*) ptp - display warning when none of the PTP ports has a link;
*) ptp - fixed DSCP values for IPv4 packets;
*) ptp - fixed packet receive with enabled igmp-snooping;
*) ptp - fixed packet tx/rx when enabling PTP on 1/2.5/100Gbps links for 98CX8410, 98DX8525, 98DX4310 switches (introduced in v7.16);
*) ptp - fixed synchronization on QSFP28 interfaces;
*) ptp - make PTP process more stable and deterministic when applying configuration;
*) ptp - restrict configuring g8275 profile with IPv4 transport;
*) qos-hw - allow to disable/enable profiles, disabled or removed profile gets replaced with the default;
*) qos-hw - enabling PFC on port also requires setting egress-rate-queueN;
*) qos-hw - fixed export when changing default Tx Manager;
*) qos-hw - fixed incorrect port byte-use counter;
*) qos-hw - improved PFC behavior;
*) qos-hw - improved system stability when enabling QoS;
*) qos-hw - improved WRED and ECN behavior;
*) qos-hw - rename pfcN-pause and pfcN-resume to pfcN-pause-threshold and pfcN-resume-threshold;
*) qos-hw - reworked PCP and DSCP mapping (now supports single, multiple and range values, previous configuration with minimal value mapping is converted to a single value);
*) qos-hw - switch-cpu port trust settings are forced to "keep";
*) queue - improved system stability when too many simple queues are added;
*) quickset - added "LTE AP" quickset profile with one wifi interface;
*) rip - improved stability when changing metric;
*) romon - added dynamic switch rules on devices supporting it when enabling the service;
*) romon - added interface-list support;
*) romon - send uptime in discovery;
*) rose-storage - allow to set iscsi-iqn only when type=iscsi and allow nvme-tcp-name only when type=nvme-tcp;
*) rose-storage - do not allow to format exported disks;
*) rose-storage - enable autocomplete for local-path property in "/file/sync" menu;
*) rose-storage - enable more threads for faster RAID sync;
*) rose-storage - ensure unique nvme-tcp-names for nvme-tcp clients;
*) rose-storage - improved error messages;
*) rose-storage - improved system stability;
*) rose-storage,raid - improved stability of degraded arrays on startup;
*) rose-storage,raid - store superblock in 1.2 format, show raid super block info when detected to help with reassembling arrays;
*) route - fixed discourse attribute print;
*) route - fixed minor typo in failure message;
*) route - fixed possible issue with inactive routes after reboot (introduced in v7.16);
*) route - improved stability;
*) route - improved stability with static route configuration;
*) route - increased interface name length limit in log messages;
*) route - removed possibility for IPv6 routes to specify interface in the dst-address;
*) routerboot - fixed boot MAC for devices with Alpine CPU ("/system routerboard upgrade" required);
*) routerboot - fixed boot MAC for MIPSBE CRS3xx and CRS5xx switches ("/system routerboard upgrade" required);
*) routerboot - improved stability for IPQ8072 and IPQ6010 when flash-boot is used ("/system routerboard upgrade" required);
*) routing-filter - fixed subtract and add for numerical values (+x, -x);
*) rsync - fixed when used over ssh and spaces in directory names;
*) sfp - fixed 1Gbps supported rate for RB960 and RB962 devices;
*) sfp - fixed linking with 1Gbps optical modules with "combo-mode=sfp" configuration for CRS312 device;
*) sfp - improved initialization and linking for some SFP modules;
*) sfp - improved initialization for certain SFP modules on CRS309 and CRS317 devices ("/system routerboard upgrade" required);
*) sfp - improved power control configuration for QSFP optical modules according to the EEPROM field;
*) sfp - improved SFP auto-negotiation for L22, L23 devices;
*) sfp - improved SFP28, QSFP28 interface stability using DAC cable for CRS520 switch;
*) smb - stability improvements for client/server;
*) snmp - added wifi fields to MIKROTIK-MIB;
*) socks - fixed comment property for access configuration;
*) ssh - added option to configure SSH ciphers (replaced allow-none-crypto parameter);
*) ssh - do not regenerate host key after update from RouterOS version older than 7.9;
*) ssh - improved logging;
*) ssh - improved speed;
*) ssh - prefer GCM ciphers for arm64 and x86 devices when ciphers=auto;
*) ssl/tls - improved performance;
*) sstp - added pfs=required option to allow only ECDHE during TLS handshake;
*) storage - preserve permissions,owners,attributes when syncing under "/file/sync";
*) storage,rsync - fixed to work with clients passing "-a" option;
*) supout - added BGP advertisements section;
*) supout - added device-mode section;
*) supout - do not create autosupout.rif for second time after system reboot;
*) supout - print non BGP and OSFP routes if route list is too large;
*) supout - reduce minimal RAM required for export to be included;
*) supout - use separate LTE section;
*) switch - added "all" argument for "new-dst-ports" switch rule property for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) switch - added IPv6 flow label matching in switch rules for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) switch - allow bond interfaces in switch rules for CRS3xx, CRS5xx, CCR2116 and CCR2216 devices;
*) switch - allow matching network bitmask for IPv4 and IPv6 dst/src-address properties in switch rule;
*) switch - disallow switch-cpu in "ports" and "new-dst-ports" rule properties for CRS3xx, CRS5xx, CCR2116, CCR2216 and RB5009 devices;
*) switch - fixed a potential issue with packet corruption caused by incorrect switch initialization on CRS3xx/5xx devices;
*) switch - fixed L2MTU for 25Gbps ports;
*) switch - fixed RSPAN error message when using mirror-target=cpu;
*) switch - fixed rule disable in certain cases for 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) switch - fixed storm-rate accuracy on 98DX224S, 98DX226S, and 98DX3236 switch chips;
*) switch - force "mac-protocol" when matching IPv4 or IPv6 specific properties;
*) switch - improved CPU performance for CRS328-24P-4S+ switch;
*) switch - improved system stability for RB5009 and CCR2004-16G-2S+ devices;
*) switch - make switch rule "ports" property not required and unsettable (allows matching packets on all switch ports);
*) switch - updated dynamic switch rules when using HW bridge with IGMP snooping (224.0.0.0/24 and ff02::/16 destination addresses are forwarded and copied to CPU);
*) system - improved IPv6 maximum routing table size based on total memory;
*) system - make ICMP error source address selection configurable (icmp-errors-use-inbound-interface-address parameter in ip settings);
*) system - make TCP timestamp handling configurable (tcp-timestamps parameter in ip settings);
*) system - moved "/system/upgrade" to "/system/package/local-update";
*) tftp - improved stability;
*) upnp - rename service description file from gateway_description.xml back to gateway.xml;
*) user-manager - improved stability;
*) vpls - added support for bridge-pvid configuration;
*) vrf - fixed packet handling with enabled queues;
*) vxlan - fixed issue causing to loose IPv6 VTEP address setting;
*) webfig - added search option for settings;
*) webfig - allow download from file details;
*) webfig - allow style.css and script.js in branding packages;
*) webfig - fixed uploading files with Windows style newlines;
*) webfig - hide inherited wifi password;
*) webfig - improved keyboard navigation;
*) webfig - improved screen reader support;
*) webfig - improved system stability when used over many simultaneous sessions;
*) webfig - redirect "/help/license.html" to "/license.txt" for backwards compatibility;
*) webfig - reduce flickering when table is sorted by column with duplicate values;
*) webfig - Skin Designer moved to centralized page;
*) webfig - status page is deprecated, old status page config will work, but can't be updated or created;
*) webfig - support unicode strings;
*) wifi - add information to each interface, showing which CAPsMAN manages it or which CAP hosts it when applicable;
*) wifi - added a debug log entry when switching channel;
*) wifi - added ability to set security.owe-transition-interface to "auto";
*) wifi - added access-list stats (CLI only);
*) wifi - added configuration.installation property to limit use of indoor-only channels;
*) wifi - added debug log messages on station authentication mismatch;
*) wifi - added extra info to CAPsMAN about message;
*) wifi - added last-activity property in registration table;
*) wifi - added multi-passphrase (PPSK) support (CLI only);
*) wifi - added option to reset MAC address (CLI only);
*) wifi - added station-roaming support;
*) wifi - allow IPv6 LL address in caps-man-addresses;
*) wifi - disabled 802.11h on 2.4GHz station;
*) wifi - fixed "disabled" property in certain cases;
*) wifi - fixed failure to resume operation after DFS non-occupancy period has elapsed;
*) wifi - fixed failure with "auto" peer update on the OWE interface;
*) wifi - fixed occasional failure to bring up management frame protection and channel switch capabilities;
*) wifi - fixed the "no available channels" message still being displayed after a setting change has made some channels available;
*) wifi - improved FT roaming with WPA3 for some Apple devices;
*) wifi - indicate radios' ability to perform a channel switch in their "hw-caps" attribute;
*) wifi - indicate which channels are subject to DFS, or are indoor-only in output of "monitor" command;
*) wifi - re-word the "SA Query timeout" log message to "not responding";
*) wifi - show authentication type and wireless standard used by each client in registration table;
*) wifi - show regulatory limits on maximum bandwidth in output of radio/reg-info command;
*) wifi - when operating in station mode, log more information when AP switches to an unsupported channel;
*) wifi-qcom - added Superchannel country profile;
*) wifi-qcom - updated regulatory info for Ukraine, Australia and United States;
*) wifi-qcom-ac - allow use of channel 144 under "Japan" regulatory domain;
*) wifi-qcom-ac - fix possible conflict between radio and USB initialization on hAP ac2;
*) wifi-qcom-ac - improved CPU load balancing and system stability;
*) winbox - added "Copy to Access List" option under "WiFi/Registration" menu;
*) winbox - added "Max Entries" and "Total Entries" properties under "IP/Firewall/Connections/Tracking" menu;
*) winbox - added "Scan" and "Test Disks" features under "System/Disks" menu;
*) winbox - added Enable/Disable buttons under "Tools/Graphing" menus;
*) winbox - added MAC address support for "Group" property under "Bridge/MDB" menu;
*) winbox - added missing "bus" option for compatible devices under "System/RouterBOARD/USB Power Reset" menu;
*) winbox - added missing properties under "IP/Neighbors" menu;
*) winbox - allow to edit Ethernet MAC address;
*) winbox - clear "Value" field when unset under "IP/DNS/Static" menu;
*) winbox - fixed duplicate timezone names;
*) winbox - fixed typo in "System/Reset Configuration" menu;
*) winbox - hide LCD menu for devices without display;
*) winbox - hide LTE "External Antenna" menu for devices without switchable antenna option;
*) winbox - improved stability;
*) winbox - minimal required version is v3.41;
*) winbox - refresh values under "Bridge/VLANs/MVRP Attributes" menu;
*) winbox - renamed and moved "System/Auto Upgrade" to "System/Packages" menu;
*) winbox - renamed wrong invalid interface flag to inactive;
*) winbox - show "FEC" property on status tab for interfaces that use it;
*) winbox - show MLAG settings for CRS326-4C+20G+2Q+ device;
*) winbox - updated properties and behavior under "Switch/QoS" menu;
*) wireguard - do not initiate handshake when peer is configured as responder;
*) wireless - added option to reset MAC address (CLI only);
*) wireless - added vlan-id to registration-table;
*) wireless - allow to set Canada2 country profile when locked with US lock package for CubeG device;
*) wireless - enable all chains by default for RB911 and RB922 series devices;
*) wireless - fixed antenna gain for SXT5ac device;
*) wireless - preserve configured country while using setup-repeater, added "country" argument (CLI only);
*) x86 - Realtek r8169 updated driver;
*) zerotier - added debug logging;
*) zerotier - do not show default settings in export;
*) zerotier - upgraded to version 1.14.0;Downloads
- Source Code (ZIP)
- Source Code (TAR.GZ)
-
all_packages-arm64-7.17.zip
49 MiB
-
chr-7.17-arm64.img.zip
19 MiB
-
chr-7.17-arm64.qcow2.zip
19 MiB
-
chr-7.17-arm64.vdi.zip
19 MiB
-
chr-7.17-arm64.vhd.zip
19 MiB
-
chr-7.17-arm64.vhdx.zip
19 MiB
-
chr-7.17-arm64.vmdk.zip
19 MiB
-
mikrotik-7.17-arm64.iso
83 MiB
-
routeros-7.17-arm64.npk
12 MiB