WAN "Extend the TTL value" lost after reload

[pcunha]

Hello guys,

I have recently migrated to Merlin and I'm facing an issue that I could not find a answer yet. My ISP forces me to set "Extend the TTL value" to "Yes" on WAN settings. Everything works fine until the router is reloaded. When it comes up, this value is set to "No" again. Is there a way to make this configuration permanent?

By the way, after setting the value to "Yes", if I close the interface and open it again, it's still set to "Yes". It's really lost after the reload only.

device: RT-N66U
firmware:376.49_5

Thanks!

 

[RMerlin]

Hello guys,

I have recently migrated to Merlin and I'm facing an issue that I could not find a answer yet. My ISP forces me to set "Extend the TTL value" to "Yes" on WAN settings. Everything works fine until the router is reloaded. When it comes up, this value is set to "No" again. Is there a way to make this configuration permanent?

By the way, after setting the value to "Yes", if I close the interface and open it again, it's still set to "Yes". It's really lost after the reload only.

device: RT-N66U
firmware:376.49_5

Thanks!

After setting it to Yes, try manually forcing writing back to flash. Enable SSH, connect using an SSH client, then run the following command:

nvram commit

I'll have to check to make sure that the referred setting does exist in the list of default settings, otherwise it could explain why the setting disappears after a reboot.

 

[pcunha]

Hi RMerlin,

Thanks for your reply. I followed your instructions but, even after the "nvram commit" this value was set back to "no" after the reload.

 

[RMerlin]

It works fine for me with my latest development build, so maybe it's an issue that got fixed since the 376.49_5 release. All I can recommend is to wait for the next release, or to manually add the firewall rule using a nat-start script:

iptables -t mangle -A PREROUTING -i $(nvram get wan0_ifname) -m ttl --ttl-eq  1 -j TTL --ttl-set 64

 

[pcunha]

I tried that command via terminal but it didn't work. I get the message below:

iptables v1.3.8: Couldn't load match `ttl':File not found

But no problem. I'll wait for the next release. Thank you.

 

[john9527]

I tried that command via terminal but it didn't work. I get the message below:

iptables v1.3.8: Couldn't load match `ttl':File not found

But no problem. I'll wait for the next release. Thank you.

Note to Merlin....

I was looking at backporting this to my fork, and found the fork had not linked the xt_hl (lowercase hl) module which gave the same error. I figured this had been added upstream, but maybe not in all cases?

 

[RMerlin]

Note to Merlin....

I was looking at backporting this to my fork, and found the fork had not linked the xt_hl (lowercase hl) module which gave the same error. I figured this had been added upstream, but maybe not in all cases?

At one point Asus implemented as an RTCONFIG option. I think that a few revisions later, they made it a permanent addition to the firmware rather than one that had to be enabled.

I'd have to re-check how it's currently implemented, also ensure that it's in both kernels.

It might be necessary to add the module with insmod/modprobe first.

 

[john9527]

At one point Asus implemented as an RTCONFIG option. I think that a few revisions later, they made it a permanent addition to the firmware rather than one that had to be enabled.

I'd have to re-check how it's currently implemented, also ensure that it's in both kernels.

It might be necessary to add the module with insmod/modprobe first.

They have the modprobe command in the code to load the module when you select the option....it just wasn't there (at least in the fork)

 

[RMerlin]

They have the modprobe command in the code to load the module when you select the option....it just wasn't there (at least in the fork)

I was referring to the OP's attempt at manually adding the rule.

 

[Buzz Lighting]

I know this is an old post but it is the closest to the subject I am searching for info on.

There is a field under WAN settings on the ASUS Router that refers to "Spoof LAN TTL value". If this is checked what TTL value is set?

If using an ASUS Router behind a 4G Router which connects to am ISP that checks the TTL value, it would be handy to do this on the ASUS Router, as then any device that connects would appear on the 4G network with the correct TTL value. For example if:

iptables -t mangle -I POSTROUTING -o `nvram get wan_iface` -j TTL --ttl-set 65

works on a DD-WRT Router, would this same command work on an ASUS Router using Merlin?

One can set this on a Windows PC with:

netsh int ipv4 set glob defaultcurhoplimit=65

run from an elevated command prompt
​