Software update: RouterOS 7.10
MikroTik recently released version 7.10 of RouterOS. RouterOS is an operating system that focuses on running router tasks. This naturally includes routing network traffic, but also bandwidth management, a firewall, controlling wireless access points, a hotspot gateway and a VPN server. It can be done both on the hardware of MikroTik as well as on x86 or virtual machines. Before use is a license required, which is included with the purchase of MikroTik hardware. The changelog for this release can be found below.
What’s new in 7.10:
- ipv6 – fixed DNS server processing by IPv6/ND services (CVE-2023-32154)
- route – added BFD
- bgp – allow to filter BGP sessions by AFI
- bgp – changed default VPNv4 import distance to iBGP value (200)
- bgp – do not check route distinguisher on import
- bgp – fixed “as-override” and rename to “output.as-override”
- bgp – fixed “remove-private-as” and rename to “output.remove-private.as”
- bgp – show address family in advertisements
- bgp – show approximate received prefix count by the session
- branding – fixed custom logo (introduced in v7.8 )
- bridge – fixed HW offloaded STP state on port disable
- bridge – fixed HW offloading for vlan-filtered bridge on devices with multiple switches (introduced in v7.8 )
- bridge – fixed incorrect host moving between ports with enabled FastPath
- certificate – fixed display of certificate serial number
- certificate – improved error reporting for Let’s Encrypt certificate
- certificate – restore available “key-usage” property options
- conntrack – added read-only “active-ipv4” and “active-ipv6” fields to “/ip/firewall/connection/tracking” (CLI only)
- console – added timeout error for configuration export
- console – changed time format according to ISO standard
- console – disable output when using “as-value” parameter
- console – fixed “:terminal inkey” input when resizing terminal
- console – fixed “print without-paging” output in some cases
- console – hide past commands with sensitive arguments
- console – improved stability when using command completion
- container – fixed “container pull” to support OCI manifest format
- container – fixed crash due to missing system directories
- container – improved default internal environment values
- defconf – allow to use device factory preset credentials in Flashfig and Netinstall configuration files
- defconf – fixed default configuration for RBSXTLTE3-7
- dhcp server – fixed accounting on RADIUS interim update
- dhcpv4-server – added name for “IPv6-Only Preferred” option (108) in debug logs
- doh – less verbose logging
- firewall – added “endpoint-independent-nat” support
- firewall – added “nth” option for IPv6 firewall
- gps – expose GPS port for Quectel RM520N-GL
- ike2 – improved child SA delete request processing
- iot – added option to send Modbus function code commands directly from RouterOS (CLI only)
- ipsec – added hardware acceleration support for IPQ-5010 (hAP ax lite)
- ipsec – refactor public key authentication
- ipsec – removed “ec2n185” and “ec2n155” values from proposal configurations
- ipv6 – fixed IPv6 address removal
- l3hw – added “autorestart” option to L3HW settings
- l3hw – added advanced configuration options for fine-tuning the L3HW offload (l3hw-settings are cleared after upgrade or downgrade) (CLI only)
- l3hw – added error message and reset “l3-hw-offloading=no” if L3HW driver fails to start
- l3hw – added monitoring options for L3HW utilization (CLI only)
- l3hw – fixed /32 route deletion
- l3hw – fixed IPv6 ECMP route offloading
- l3hw – fixed offloading of /32 IPv4 and /128 IPv6 routes
- l3hw – fixed route table offloading during large volume of route updates
- l3hw – improved host and nexthop offloading
- l3hw – improved offloading of IPv6 hosts after L3HW driver restart
- l3hw – improved performance of partial offloading
- l3hw – improved route offloading after gateway change
- l3hw – improved system stability for partial routing table offload
- leds – fixed modem RAT mode indication on hAP ac^3 LTE6 WPS mode button LEDs
- lora – improved gateway card detection and upgrade logic
- lora – updated firmware version for LoRaWAN gateway (for R11e-LoRa8, R11e-LoRa9 cards)
- lte – added serving cell query for MBIM modems with necessary MBIM extension
- lte – disable DHCP request filtering (UDP port 67) for Chateau 5G
- lte – fixed APN authentication for R11e-LTE6 modem
- lte – fixed Google Pixel 7 tethering support
- lte – improved MBIM modem firmware reported error handling when settings RAT modes
- lte – improved modem firmware upgrade stability for MBIM modems
- lte – improved stability for Chateau 5G LTE modem firmware upgrade
- lte – reduced SIM slot switchover time for MBIM modems with UUIC reset support
- lte – stop “cell-monitor” on LTE interface configuration change for MBIM modems
- mpls – added FastPath support
- netwatch – added warning about non-running probe due to “startup-delay” (CLI only)
- ovpn – added initial support for V2 data transfer protocol
- ovpn – improved system stability
- poe – fixed bogous “poe-in-voltage” values when using DC jack for RB5009
- pppoe – fixed PPPoE client scan when server is sending PADO messages without Service-Name tag
- qos-hw – added QoS marking support for 98DXxxxx switches (CLI only)
- qos-hw – renamed VLAN “priority” field to “pcp” to avoid confusion
- rose-storage – added support for multiple smb users and smb shares
- route – improved system stability when removing multicast forwarding entries
- routerboard – fixed memory test on CCR2116-12G-4S+ (“/system routerboard upgrade” required)
- routerboard – improved RouterBOOT stability for Alpine CPUs (“/system routerboard upgrade” required)
- routerboot – increased “preboot-etherboot” maximum value to 30 seconds (“/system routerboard upgrade” required)
- scheduler – fixed incorrectly started scheduler during reboot or shutdown
- sfp – fixed “rate” monitor value for SFP interface on L009UiGS series devices
- sfp – fixed combo-ether link monitor for CRS328-4C-20S-4S+ switch
- sfp – fixed combo-sfp linking at 1G rate for CRS312 switch
- sfp – improved 10G interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 based switches
- sfp – improved module compatibility with bad EEPROM data for RB4011, RB5009, CCR2xxx, CRS312 and CRS518 devices
- sfp – improved Q/SFP interface stability for 98DX8208, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255, 98PX1012 switches
- sfp – improved SFP interface handling for RB4011, RB5009, CCR2xxx and CRS518 devices
- sfp – improved system stability with certain SFP modules for CCR2216 and CRS518 devices
- sfp – report EEPROM data even if “auto-init-failed” has occurred
- smb – improved SMB v1 operation
- sniffer – fixed large .pcap file limit
- snmp – added “engine-id-suffix” setting and display actual “engine-id” as read-only property
- snmp – added BGP peer table support IPv4 only (1.3.6.1.2.1.15.3.1)
- snmp – added new “mtxrInterfaceStatsTxRx1024ToMax” OID to MIKROTIK-MIB
- ssh – added inline key “passphrase” property
- ssh – fixed RouterOS SSH client login when using a key (introduced in v7.9)
- switch – added more precise “storm-rate” configuration options for 98DXxxxx switches (CLI only)
- switch – fixed storm rate on 10G links for 98DX8208, 98DX8216, 98DX8212, 98DX8332, 98DX3257, 98DX4310, 98DX8525, 98DX3255 switches
- system – improved watchdog reporting in log after reboots for several ARM and ARM64 devices
- system – reduced RAM usage for SMIPS devices
- tile – fixed support for microSD card
- tr069 – added 5G SCC “SNR” parameter for modems that report it
- upgrade – do not run manual upgrade if some packages are missing
- ups – fixed updating of “battery-voltage” property
- vrrp – added warning if “sync-connection-tracking=yes” while the global connection tracking is inactive
- vrrp – added warning if the VRRP group is misconfigured
- vrrp – added warning if VRRP or its interface does not have an IP address
- vrrp – do not start connection synchronization if the global connection tracking is inactive
- vrrp – fixed issue where disabled VRRP interface is affecting group
- vrrp – fixed VRRP interface state on physical cable disconnection
- vrrp – improved system stability on changing “group-authority” or “sync-connection-tracking”
- vrrp – renamed “group-master” to “group-authority” to avoid confusion with VRRP master
- vrrp – send VRRP announcements only by “group-authority”
- w60g – improved interface stability for PTMP setups
- webfig – added high-resolution favicon
- webfig – allow limitless upper bounds for number range
- webfig – allow to set “0” second time for fields with default values
- webfig – changed time format according to ISO standard
- webfig – display date and time in local time zone
- webfig – fixed missing “WifiWave2” menu
- webfig – fixed missing property names in “WifiWave2” menu
- webfig – redesigned item configuration display
- webfig – redesigned top menu bar
- webfig – removed “Tools/Telnet” menu
- webfig – removed auto-login with default credentials (admin without a password)
- wifiwave2 – avoid transmitting extra bytes at the end of the packet after stripping a VLAN tag
- wifiwave2 – do not show placeholder transmit power values on interface startup
- wifiwave2 – fixed CAP connection when provisioning “manager=capsman”
- wifiwave2 – fixed CAP interface name when using “name-format”
- wifiwave2 – fixed connectivity issues when access list is used
- wifiwave2 – fixed DFS channel availability warning (introduced in v7.9)
- wifiwave2 – fixed dynamic interface adding to bridge on CAP device
- wifiwave2 – fixed inability to disable CAPsMAN when there are RADIUS-authenticated clients connected
- wifiwave2 – fixed incorrect limits on number of interfaces in station mode
- wifiwave2 – fixed interface name change when restoring backup
- wifiwave2 – fixed key handshake timeout with re-associating clients
- wifiwave2 – fixed OWE authentication compatibility with 802.11ax client devices
- wifiwave2 – fixed OWE authentication compatibility with third-party client devices (introduced in v7.8 )
- wifiwave2 – fixed wireless throughput issues after 802.11r client roaming events on 802.11ac devices
- wifiwave2 – improve protections against DoS attacks on WPA3-PSK
- wifiwave2 – improved logging when an interface is unable to assign a VLAN tag to client
- wifiwave2 – improved system stability when trying to exceed virtual AP limit
- wifiwave2 – less verbose logging when WPA3-PSK clients are connecting
- wifiwave2 – other system stability improvements
- wifiwave2 – restore interface running state when connection to CAPsMAN is lost
- winbox – added “MPLS/Settings” menu
- winbox – added “Queues” configuration tab when creating new entries under “IPv6/DHCP-Server” menu
- winbox – rename “URL” property to “Action data” under “IP/Web-Proxy/Access” menu
- wireguard – fixed IPv6 traffic processing with multiple peers
- wireguard – retry “endpoint-address” DNS query on failed resolve
- x86 – ice driver update to v1.11.14
- zerotier – make “identity” setting sensitive
Version number | 7.10 |
Release status | Final |
Website | MikroTik |
Download | https://mikrotik.com/download |
License type | Freeware/Paid |