What's new

Beta Asuswrt-Merlin 386.3 beta is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Installed beta 3 this morning on AC88U and AC68U (mesh router), over previous official release. Nothing to complain about thus far, other than the same problem I had before: With Dual Wan in load balancing mode and routing rules enabled, the devices that should use Secondary WAN are still routed through Primary. Below is snapshot of the rules.

What am I doing wrong?

View attachment 35140
I went down the dual WAN weighted LB + OVPN road. From my experience, it’s unreliable and the traffic will leak. I ended up buying another AX88U and segregated my LAN into two subnets and then route between the two networks. Clean and reliable to use and qualify 2 seperate gateways instead of trying to bind and prioritise all interface routes on the same box.

In summary dual LB WAN setups don’t strictly work well with VPN policies.
 
Last edited:
@RMerlin with beta2 and also beta3, when Guest Network 1 is set to Redirect all to VPN Client 1, the option "Redirect Internet traffic through tunnel" is blank after reboot; or when Stop/Start client via VPN Director page.
 
@RMerlin with beta2 and also beta3, when Guest Network 1 is set to Redirect all to VPN Client 1, the option "Redirect Internet traffic through tunnel" is blank after reboot; or when Stop/Start client via VPN Director page.
Please do not duplicate post the same info in multiple threads.
Locate the most likely thread (or create a new one) and post in there.
Cross posted in Yazfi 4.x
 
And I believe many of the Addons devs (@Jack Yaz specifically) mentioned they will wait for the release of 386.2_6 before updating their addons. Can't blame them!
It is one of the issues to be aware of when installing beta releases.
 
Jul 22 07:41:02 roamast: sta D2:77:41:FD:34:D7 ap E0:3F:49:EF:61:0C rcpi 118
Jul 22 07:41:02 roamast: after rssi 205

Getting a ton of these errors with Beta 3.
 
Jul 22 07:41:02 roamast: sta D2:77:41:FD:34:D7 ap E0:3F:49:EF:61:0C rcpi 118
Jul 22 07:41:02 roamast: after rssi 205

Getting a ton of these errors with Beta 3.
That's not an error, that's debugging info from the roaming assistant. And that code hasn't changed since 386.3 released months ago.
 
What was wrong with RTFCL (Read the Frickin’ ChangeLog) by my previous alter ego?

 
Can you see what's in that log specifically that is flooding it?

That log is related to IPSEC/Instant Guard, so nothing has changed there with 386.3, and it's also unrelated to VPN Director.

Certainly. I've changed my IP address to ###.###.###.###...

Code:
admin@RT-AX88U-27B8:/tmp/home/root# tail -f /var/log/strongswan.charon.log
Jul 22 10:59:27 08[IKE] remote host is behind NAT
Jul 22 10:59:27 08[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jul 22 10:59:27 08[NET] sending packet: from ###.###.###.###[500] to 75.146.134.42[500] (244 bytes)
Jul 22 10:59:27 06[NET] received packet: from 75.146.134.42[4500] to ###.###.###.###[4500] (108 bytes)
Jul 22 10:59:27 06[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 10:59:27 06[ENC] could not decrypt payloads
Jul 22 10:59:27 06[IKE] message parsing failed
Jul 22 10:59:27 06[ENC] generating INFORMATIONAL_V1 request 2692616857 [ HASH N(PLD_MAL) ]
Jul 22 10:59:27 06[NET] sending packet: from ###.###.###.###[500] to 75.146.134.42[500] (76 bytes)
Jul 22 10:59:27 06[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 10:59:33 05[JOB] deleting half open IKE_SA with 72.19.150.170 after timeout
Jul 22 10:59:37 06[NET] received packet: from 75.146.134.42[4500] to ###.###.###.###[4500] (108 bytes)
Jul 22 10:59:37 06[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 10:59:37 06[ENC] could not decrypt payloads
Jul 22 10:59:37 06[IKE] message parsing failed
Jul 22 10:59:37 06[ENC] generating INFORMATIONAL_V1 request 1959529149 [ HASH N(PLD_MAL) ]
Jul 22 10:59:37 06[NET] sending packet: from ###.###.###.###[500] to 75.146.134.42[500] (76 bytes)
Jul 22 10:59:37 06[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 10:59:43 07[JOB] deleting half open IKE_SA with 45.48.96.61 after timeout
Jul 22 10:59:43 08[NET] received packet: from 45.48.96.61[500] to ###.###.###.###[500] (168 bytes)
Jul 22 10:59:43 08[ENC] parsed ID_PROT request 0 [ SA V V V V ]
Jul 22 10:59:43 08[IKE] received NAT-T (RFC 3947) vendor ID
Jul 22 10:59:43 08[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
Jul 22 10:59:43 08[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Jul 22 10:59:43 08[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Jul 22 10:59:43 08[IKE] 45.48.96.61 is initiating a Main Mode IKE_SA
Jul 22 10:59:43 08[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Jul 22 10:59:43 08[ENC] generating ID_PROT response 0 [ SA V V V V ]
Jul 22 10:59:43 08[NET] sending packet: from ###.###.###.###[500] to 45.48.96.61[500] (160 bytes)
Jul 22 10:59:43 06[NET] received packet: from 45.48.96.61[500] to ###.###.###.###[500] (284 bytes)
Jul 22 10:59:43 06[ENC] parsed ID_PROT request 0 [ KE No V V V NAT-D NAT-D ]
Jul 22 10:59:43 06[IKE] received DPD vendor ID
Jul 22 10:59:43 06[ENC] received unknown vendor ID: bb:d3:8e:e7:62:27:5f:8a:a7:4e:59:58:42:eb:1f:53
Jul 22 10:59:43 06[IKE] received XAuth vendor ID
Jul 22 10:59:43 06[IKE] remote host is behind NAT
Jul 22 10:59:43 06[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jul 22 10:59:43 06[NET] sending packet: from ###.###.###.###[500] to 45.48.96.61[500] (244 bytes)
Jul 22 10:59:43 05[NET] received packet: from 45.48.96.61[4500] to ###.###.###.###[4500] (108 bytes)
Jul 22 10:59:43 05[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 10:59:43 05[ENC] could not decrypt payloads
Jul 22 10:59:43 05[IKE] message parsing failed
Jul 22 10:59:43 05[ENC] generating INFORMATIONAL_V1 request 1201172663 [ HASH N(PLD_MAL) ]
Jul 22 10:59:43 05[NET] sending packet: from ###.###.###.###[500] to 45.48.96.61[500] (76 bytes)
Jul 22 10:59:43 05[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 10:59:47 07[NET] received packet: from 75.146.134.42[4500] to ###.###.###.###[4500] (108 bytes)
Jul 22 10:59:47 07[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 10:59:47 07[ENC] could not decrypt payloads
Jul 22 10:59:47 07[IKE] message parsing failed
Jul 22 10:59:47 07[ENC] generating INFORMATIONAL_V1 request 2211980669 [ HASH N(PLD_MAL) ]
Jul 22 10:59:47 07[NET] sending packet: from ###.###.###.###[500] to 75.146.134.42[500] (76 bytes)
Jul 22 10:59:47 07[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 10:59:53 06[NET] received packet: from 45.48.96.61[4500] to ###.###.###.###[4500] (108 bytes)
Jul 22 10:59:53 06[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 10:59:53 06[ENC] could not decrypt payloads
Jul 22 10:59:53 06[IKE] message parsing failed
Jul 22 10:59:53 06[ENC] generating INFORMATIONAL_V1 request 1882038892 [ HASH N(PLD_MAL) ]
Jul 22 10:59:53 06[NET] sending packet: from ###.###.###.###[500] to 45.48.96.61[500] (76 bytes)
Jul 22 10:59:53 06[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 10:59:57 05[JOB] deleting half open IKE_SA with 75.146.134.42 after timeout
Jul 22 11:00:03 08[NET] received packet: from 45.48.96.61[4500] to ###.###.###.###[4500] (108 bytes)
Jul 22 11:00:03 08[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 11:00:03 08[ENC] could not decrypt payloads
Jul 22 11:00:03 08[IKE] message parsing failed
Jul 22 11:00:03 08[ENC] generating INFORMATIONAL_V1 request 2442741824 [ HASH N(PLD_MAL) ]
Jul 22 11:00:03 08[NET] sending packet: from ###.###.###.###[500] to 45.48.96.61[500] (76 bytes)
Jul 22 11:00:03 08[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 11:00:05 06[NET] received packet: from 184.183.92.67[500] to ###.###.###.###[500] (168 bytes)
Jul 22 11:00:05 06[ENC] parsed ID_PROT request 0 [ SA V V V V ]
Jul 22 11:00:05 06[IKE] received NAT-T (RFC 3947) vendor ID
Jul 22 11:00:05 06[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
Jul 22 11:00:05 06[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Jul 22 11:00:05 06[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Jul 22 11:00:05 06[IKE] 184.183.92.67 is initiating a Main Mode IKE_SA
Jul 22 11:00:05 06[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Jul 22 11:00:05 06[ENC] generating ID_PROT response 0 [ SA V V V V ]
Jul 22 11:00:05 06[NET] sending packet: from ###.###.###.###[500] to 184.183.92.67[500] (160 bytes)
Jul 22 11:00:05 05[NET] received packet: from 184.183.92.67[500] to ###.###.###.###[500] (284 bytes)
Jul 22 11:00:05 05[ENC] parsed ID_PROT request 0 [ KE No V V V NAT-D NAT-D ]
Jul 22 11:00:05 05[IKE] received DPD vendor ID
Jul 22 11:00:05 05[ENC] received unknown vendor ID: 6c:1f:a1:34:16:de:55:f0:b0:0c:d8:f1:17:ae:f3:ce
Jul 22 11:00:05 05[IKE] received XAuth vendor ID
Jul 22 11:00:05 05[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jul 22 11:00:05 05[NET] sending packet: from ###.###.###.###[500] to 184.183.92.67[500] (244 bytes)
Jul 22 11:00:05 07[NET] received packet: from 184.183.92.67[500] to ###.###.###.###[500] (108 bytes)
Jul 22 11:00:05 07[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 11:00:05 07[ENC] could not decrypt payloads
Jul 22 11:00:05 07[IKE] message parsing failed
Jul 22 11:00:05 07[ENC] generating INFORMATIONAL_V1 request 2192012807 [ HASH N(PLD_MAL) ]
Jul 22 11:00:05 07[NET] sending packet: from ###.###.###.###[500] to 184.183.92.67[500] (76 bytes)
Jul 22 11:00:05 07[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 11:00:13 06[NET] received packet: from 161.129.49.58[500] to ###.###.###.###[500] (168 bytes)
Jul 22 11:00:13 06[ENC] parsed ID_PROT request 0 [ SA V V V V ]
Jul 22 11:00:13 06[IKE] received NAT-T (RFC 3947) vendor ID
Jul 22 11:00:13 06[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID
Jul 22 11:00:13 06[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Jul 22 11:00:13 06[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Jul 22 11:00:13 06[IKE] 161.129.49.58 is initiating a Main Mode IKE_SA
Jul 22 11:00:13 06[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Jul 22 11:00:13 06[ENC] generating ID_PROT response 0 [ SA V V V V ]
Jul 22 11:00:13 06[NET] sending packet: from ###.###.###.###[500] to 161.129.49.58[500] (160 bytes)
Jul 22 11:00:13 05[NET] received packet: from 161.129.49.58[500] to ###.###.###.###[500] (284 bytes)
Jul 22 11:00:13 05[ENC] parsed ID_PROT request 0 [ KE No V V V NAT-D NAT-D ]
Jul 22 11:00:13 05[IKE] received DPD vendor ID
Jul 22 11:00:13 05[ENC] received unknown vendor ID: 03:69:7c:20:5b:46:af:22:fa:33:bf:3a:fd:4d:2c:78
Jul 22 11:00:13 05[IKE] received XAuth vendor ID
Jul 22 11:00:13 05[IKE] remote host is behind NAT
Jul 22 11:00:13 05[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jul 22 11:00:13 05[NET] sending packet: from ###.###.###.###[500] to 161.129.49.58[500] (244 bytes)
Jul 22 11:00:13 07[NET] received packet: from 161.129.49.58[4500] to ###.###.###.###[4500] (108 bytes)
Jul 22 11:00:13 07[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 11:00:13 07[ENC] could not decrypt payloads
Jul 22 11:00:13 07[IKE] message parsing failed
Jul 22 11:00:13 07[ENC] generating INFORMATIONAL_V1 request 1788166884 [ HASH N(PLD_MAL) ]
Jul 22 11:00:13 07[NET] sending packet: from ###.###.###.###[500] to 161.129.49.58[500] (76 bytes)
Jul 22 11:00:13 07[IKE] ID_PROT request with message ID 0 processing failed
Jul 22 11:00:13 08[JOB] deleting half open IKE_SA with 45.48.96.61 after timeout
Jul 22 11:00:15 05[NET] received packet: from 184.183.92.67[500] to ###.###.###.###[500] (108 bytes)
Jul 22 11:00:15 05[ENC] invalid ID_V1 payload length, decryption failed?
Jul 22 11:00:15 05[ENC] could not decrypt payloads
Jul 22 11:00:15 05[IKE] message parsing failed
Jul 22 11:00:15 05[ENC] generating INFORMATIONAL_V1 request 1146871001 [ HASH N(PLD_MAL) ]
Jul 22 11:00:15 05[NET] sending packet: from ###.###.###.###[500] to 184.183.92.67[500] (76 bytes)
Jul 22 11:00:15 05[IKE] ID_PROT request with message ID 0 processing failed
 
I don't recognize these IP addresses. Does this indicate a large number of brute-force attempts to remote into my router? Is there anything I can do to quell the traffic while still allowing myself to log in legitimately? I use the VPN occasionally from my phone or laptop for remotely logging into some home computers.

If the flood of requests can't be ignored, then maybe the charon log needs to be archived and rotated above a certain size. I don't see the value in keeping it more than a few days, even 24 hours. However, if you do see value in keeping it back this far, please consider some kind of log rotation as part of good housekeeping.


Other people have asked about installing logrotate and syslog-ng. Even without these utilities, I think *some* form of log rotation (with a compressed archive of the previous copy) ought to be standard to avoid having to set a reboot schedule. Even keeping just one archive for the last 24 hours would probably serve >99% of the users and use cases here. The OS on the firmware includes the utilities find, tar, gzip and crontab — everything one would need to write a barebones log rotation batch job.

Previous posts:
CMKelley posted "scribe" that installs both logrotate and syslog-ng:

elorimer shared his example configuration of logrotate:
 
We need a new acronym.

Most know RTFM
New version RTFT. (Read The F$*# Thread)

lol if we have any Hard OCP forum members on here.

RTFT was a common phrase over there.
 
@Hazel, Marco! Welcome back! :)
 
Also, I have been keeping tabs on the RAM and mount point usage.

As far as I can tell, there is no memory leak. In fact, the process /usr/lib/ipset/charon --use-syslog has been holding steady at ~5.5 MB Resident Set Size (RSS), and ~35.3 MB Virtual Memory Size (VSZ). No other processes appear to be leaking RAM or growing rapidly.

Meanwhile, the /var mount point is growing steadily.

On July 20 @ ~5:00 PM, it was using 59.1MB. Today that mount point is up to 90.4MB

July 20 @ 5:19 PM
tmpfs 441.2M 59.1M 382.1M 13% /var
July 22 @ 11:41 AM
tmpfs 441.2M 90.4M 350.8M 20% /var

After an uptime of 4 days, here are my stats:
Code:
admin@RT-AX88U-27B8:/tmp/home/root# uptime
 12:08:31 up 4 days, 14 min,  load average: 1.97, 1.98, 1.99
admin@RT-AX88U-27B8:/tmp/home/root# top -m -b -n 1 | head -14
Mem total:903560 anon:44152 map:18668 free:345020
 slab:258912 buf:0 cache:162600 dirty:0 write:0
Swap total:0 free:0
  PID^^^VSZ^VSZRW   RSS (SHR) DIRTY (SHR) STACK COMMAND
 1676 35372 18316  5468  2452  1696     0   132 /usr/lib/ipsec/charon --use-syslog
 1887 20196  3272  5144  2664  2480     0   132 amas_lib
 1883 19720  7404  3244  2656   588     0   132 roamast
 5255 19184 12360  3732  1592  1612     0   132 dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  321 18524 16724   872   656   112     0   132 /bin/swmdk
 5253 16880  5364  4828  1468  2000     0   132 wred -B
 1118 16724  7148  2404  1920   460     0   132 wps_pbcd
 1986 15172  2488  3660  2488   828     0   132 cfg_server
 1885 13800  3276  4180  3260   868     0   132 conn_diag
 1025 13556  3032  2696  2236   460     0   132 /sbin/netool
 
If you don't actively need that log, you could have a cron job regularly deleting it as a workaround.
 
Also, I have been keeping tabs on the RAM and mount point usage.

As far as I can tell, there is no memory leak. In fact, the process /usr/lib/ipset/charon --use-syslog has been holding steady at ~5.5 MB Resident Set Size (RSS), and ~35.3 MB Virtual Memory Size (VSZ). No other processes appear to be leaking RAM or growing rapidly.

Meanwhile, the /var mount point is growing steadily.

On July 20 @ ~5:00 PM, it was using 59.1MB. Today that mount point is up to 90.4MB

July 20 @ 5:19 PM
tmpfs 441.2M 59.1M 382.1M 13% /var
July 22 @ 11:41 AM
tmpfs 441.2M 90.4M 350.8M 20% /var

After an uptime of 4 days, here are my stats:
Code:
admin@RT-AX88U-27B8:/tmp/home/root# uptime
12:08:31 up 4 days, 14 min,  load average: 1.97, 1.98, 1.99
admin@RT-AX88U-27B8:/tmp/home/root# top -m -b -n 1 | head -14
Mem total:903560 anon:44152 map:18668 free:345020
slab:258912 buf:0 cache:162600 dirty:0 write:0
Swap total:0 free:0
  PID^^^VSZ^VSZRW   RSS (SHR) DIRTY (SHR) STACK COMMAND
1676 35372 18316  5468  2452  1696     0   132 /usr/lib/ipsec/charon --use-syslog
1887 20196  3272  5144  2664  2480     0   132 amas_lib
1883 19720  7404  3244  2656   588     0   132 roamast
5255 19184 12360  3732  1592  1612     0   132 dcd -i 3600 -p 43200 -b -d /tmp/bwdpi/
  321 18524 16724   872   656   112     0   132 /bin/swmdk
5253 16880  5364  4828  1468  2000     0   132 wred -B
1118 16724  7148  2404  1920   460     0   132 wps_pbcd
1986 15172  2488  3660  2488   828     0   132 cfg_server
1885 13800  3276  4180  3260   868     0   132 conn_diag
1025 13556  3032  2696  2236   460     0   132 /sbin/netool
here is mine

Code:
@RT-AX88U-C7C0:/tmp/home/root# uptime
16:57:46 up 1 day, 20:28,  load average: 1.78, 2.00, 2.05

@RT-AX88U-C7C0:/tmp/home/root# top -m -b -n 1 | head -14
Mem total:903560 anon:72472 map:31848 free:19520
slab:332712 buf:49592 cache:326544 dirty:44 write:0
Swap total:2097148 free:2084396
  PID^^^VSZ^VSZRW   RSS (SHR) DIRTY (SHR) STACK COMMAND
9627  366m 36960  5296  2560  2216   376   132 syslog-ng
9756  163m 25608  3900  2268   844     0   132 transmission-daemon -g /opt/etc/transmission
9703 81440  9148  7020  3132  1016     0   132 chronyd -r -u nobody -f /opt/share/ntpmerlin.d/chrony.conf
9726 60888  8060 14092 10616  8988  6400   132 php-cgi -b 127.0.0.1:9000
9967 60888  8060  7352  7004  6524  6228   132 php-cgi -b 127.0.0.1:9000
9973 60888  8060  6732  6680  6348  6296   132 php-cgi -b 127.0.0.1:9000
2566 58212 43608 12852  2720  9764     0   132 cfg_server
1466 35240 18108  3632  2400   656     0   132 /usr/lib/ipsec/charon --use-syslog
9710 22728 10620  6208  5284  2376  1488   132 nginx: worker process
9709 22728 10620  6172  5292  2372  1492   132 nginx: worker process

@RT-AX88U-C7C0:/tmp/home/root# df -h /var
Filesystem                Size      Used Available Use% Mounted on
tmpfs                   441.2M    728.0K    440.5M   0% /var

also

Code:
@RT-AX88U-C7C0:/tmp/home/root# free -m
             total       used       free     shared    buffers     cached
Mem:        903560     885204      18356       5904      50104     327820
-/+ buffers/cache:     507280     396280
Swap:      2097148      12752    2084396
 
Status
Not open for further replies.

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top