MikroTik RouterOS TILE Firmware 7.19 Beta 2

What's new in 7.19beta2:

- arp - added warning, when "Published" ARP entry used on an interface with "reply-only" ARP mode enabled;
- bgp - added input.filter-community;
- bgp - fixed input.accept-community;
- bgp - fixed memory leak on receiving notify and closing session;
- bgp - improved performance on BGP input;
- bonding - added setting for LACP active/passive modes;
- bridge - added new STP monitoring fields for bridge and ports (Tx/Rx BPDU, Tx/Rx TC, forward/discard transitions, last topology change, message-age, max-age, remaining-hops, bridge-id);
- bridge - fixed bridge port hang when using invalid port IDs;
- bridge - fixed dhcp-snooping in QinQ setups;
- bridge - fixed minor memory leak on link down;
- bridge - fixed multicast packet flow on hardware offloaded bridge which acts as "multicast-router";
- bridge - improved default bridge and port layout on console and GUI;
- bridge - improved stability in case of configuration error (introduced in v7.15);
- bridge - moved "TCHANGE" logs from bridge,stp to bridge,stp,debug;
- bridge - rename "ports" to "interface" under MDB table for configuration consistency with other menus;
- bridge - renamed STP monitor fields (port-number to port-id, designated-port-number to designated-port-id, designated-bridge to designated-bridge-id);
- bridge - show designated- monitor field for all port roles;
- bridge - show warning instead of causing error when using multicast MAC as admin-mac (introduced in v7.17);
- capsman - fixed "undo" command for cap interfaces;
- certificate - added built-in root certificate authorities store;
- certificate - do not include CA identity in SCEP POST requests;
- certificate - improve error message when trying to use certificate;
- certificate - optimize trust store;
- cloud - fixed issues when BTH is toggled fast between enable/disable;
- cloud - improved "BTH Files" web page design;
- console - disallow incomplete double-quoted arguments (allows multiline string pasting);
- console - fixed issue with files when using scripts (introduced in v7.18);
- console - fixed misaligned multiline in brief print mode;
- console - improved file add/remove process stability;
- console - set "/system/note show-at-login=yes" the default value after configuration reset;
- container - allow changing container name;
- container - try to derive a user readable container name from remote image or file;
- dhcpv4 - improved outgoing packet logging;
- dhcpv4-server - accept packets with htype 6;
- dhcpv4/v6-client - added check-gateway parameter;
- dhcpv6-client - allow selecting to which routing tables add default route;
- dhcpv6-relay - clear saved routes on DHCP release;
- dhcpv6-relay - show client address;
- dhcpv6-server - change bound status to waiting on binding disable;
- dhcpv6-server - fix when expired static binding is declined with false "binding belogs to another server" reason;
- dhcpv6-server - improved stability when disabling server with active bindings;
- disk - add "sector-size" property in print detail;
- disk - add reset-counters to /disk btrfs filesystem;
- dlna - improved folder indexing behavior;
- dns - improved DNS server service stability;
- dot1x - fixed dynamic switch ACL rules on boards with a lot of ports (e.g. CRS520);
- ethernet - improved Ethernet and PoE port mapping to ensure a consistent and reliable interface order;
- file - improved responsiveness on slow filesystems;
- firewall - always show "passthrough" when exporting mangle table;
- firewall - detect VRF addresses as local;
- health - hide settings in CLI if there is nothing to show;
- health - improved performance on devices with simple voltage sensors;
- igmp-proxy - do not try to send leave message for multicast groups that the device itself has joined on the upstream interface (cosmetic fix for proxy error logs);
- iot - improvement to lora dev-addr-validation behavior;
- iot - improvement to lora join eui/net id filtering behavior;
- ip-service - show all TCP/UDP connections on the system;
- ip-service - show all TCP/UDP ports on system, including ports in containers;
- ip-service - show error message when service enable fails;
- ipv6 - avoid watchdog reboot due to link-local IPv6 address reconfiguration on thousand of interfaces at once;
- l2tp-ether - improved stability when trying to connect to disabled L2TP server with IPsec;
- l3hw - remove VLAN tag before VXLAN encapsulation (fixes pvid behavior for bridged VXLAN);
- log - added additional CEF fields from firewall and login logs;
- log - populate in/out fields in firewall CEF logs with correct data;
- lte - added UICC parameter in LTE monitor for R11e-4G modem;
- lte - fixed modem recovery after firmware upgrade for R11e-LTE modem;
- lte - fixed Router Advertisement processing issue for AT modems when an APN with "ip-type=ipv6" was configured;
- lte - improved dialer for EC200A-EU modem;
- lte - set apn profile name the same as apn if no name specified when creating the profile;
- netinstall - improved network socket re-opening when NIC status changes while running the server;
- netinstall - show warning when network configuration on PC might not be appropriate for installation;
- netinstall-cli - fixed issue with applying the branding package;
- ovpn - disable hardware accelerator for GCM on MMIPS CPUs (introduced in v7.18);
- ovpn-server - do not reset active connections when changing comment or name;
- pimsm - fixed issue where own query caused querier detection;
- poe-out - upgraded firmware for 802.3at/bt PSE controlled boards (the update will cause brief power interruption to PoE-out interfaces);
- ppc - fixed VLAN TCP packet transmit on PPC devices;
- profiler - improved process classification;
- ptp - added "ptp" logging topic;
- quickset - improved system stability;
- rose-storage - fixes for btrfs;
- route - added options to set dynamic-in and connected-in chains in /routing/settings;
- route - fixed stuck output when calling prints from multiple routing menus;
- route - make AFI naming consistent;
- route - show BGP session name instead of cache-id;
- route-filter - improved performance;
- sfp - added sfp-encoding data output from EEPROM;
- sniffer - add max-packet-size (2k-64k) setting to be able to sniffer more than 2k data per packet;
- ssh - fixed authorization with SSH key when multiple user SSH public keys are imported;
- ssl/tls - respond with more precise alert error messages;
- ssl/tls - send certificate authority in Certificate message even if it is not trusted;
- switch - do not count rx-too-long multiple times on 100Gbps QSFP28;
- switch - fixed egress mirroring for packets coming from external CPU port (e.g. CRS520, CCR2216, CCR2116);
- switch - flush CPU port FDB entries on switch disable;
- switch - improve rate limit accuracy for MT7531, MT7621, EN7562CT;
- switch - improved boot stability on devices with Alpine CPU and switch chip;
- switch - improved stability when enabling IGMP snooping with VXLAN (introduced in v7.18);
- system - improved internal "flash/" prefix handling for different file path related settings;
- webfig - allow table column resize over side toolbar;
- webfig - don't reorder rows when selecting header cells with Alt+click;
- webfig - show IPv6 firewall connections;
- webfig - show missing data in "IP/DNS/Cache" records;
- wifi - add channel.reselect-time parameter which allows to perform channel re-sellection at given time of day (CLI only);
- wifi - add information on CAP uptime and connection uptime in "Remote CAP" list;
- wifi - added "eap-identity" to registration table;
- wifi - added SSID to logs;
- wifi - fix authentication of clients which omit some RSN information at association;
- wifi - fix incorrect info about current channel for station interfaces after AP has switched channel (introduced in v7.17);
- wifi - re-word log entries about disconnections which are likely caused by peer using a wrong passphrase;
- wifi - use at least TLS 1.2 for securing connection between CAPsMAN manager and CAPs;
- wifi-qcom - fix inability of interfaces in station mode to connect if they do not support full bandwidth of AP;
- winbox - added "MAC Telnet" under "Wifi/Registration" menu;
- winbox - added "Multi Passphrase Group" for wifi;
- winbox - added "Reset MAC address" for legacy wireless and wifi;
- winbox - added country to wireless setup-repeater;
- winbox - changed default wireless wds-cost-range values;
- winbox - do not show not relevant values for certificate template;
- winbox - fixed missing SMB client on non-ROSE devices;
- winbox - fixed switch menu for Chateau 5G;
- winbox - improve graphing efficiency when communicating with WinBox;
- wireguard - add wg-import config-string parameter to import config directly from terminal;
- wireguard - update peer info on "get" command;
- wireless - added "eap-identity" to registration table;
- wireless - implement handling of RADIUS disconnect messages by CAPsMAN;
- wireless - suggest all legitimate frequencies for interfaces with 20/40mhz-XX channel width in GUI;
- x86 - added support for Emulex NIC;

About Router Firmware:

Before you consider downloading this firmware, go to the system information page of the router and make sure that the currently installed version isn't either newer or matching this release.

Due to the large variety of router models and different methods for upgrading the device, it is highly recommended that you read and, above all, understand the installation steps before you apply the new firmware, even if you are a power user.

In theory, these steps shouldn't be much of a hassle for anyone, because manufacturers try to make them as easy as possible, even if they don't always succeed. Basically, you must upload the new firmware to the router through its administration page and allow it to upgrade.

If you install a new version, you can expect increased security levels, different vulnerability issues to be resolved, improved overall performance and transfer speeds, enhanced compatibility with other devices, added support for newly developed technologies, as well as several other changes.

If you're looking for certain safety measures, remember that it would be best if you perform the upload using an Ethernet cable rather than a wireless connection, which can be interrupted easily. Also, make sure you don't power off the router or use its buttons during the installation, if you wish avoid any malfunctions.

If this firmware meets your current needs, get the desired version and apply it to your router unit; if not, check with our website as often as possible so that you don't miss the update that will improve your device.