Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    unrelated. I've checked cf with more reliable tools like dig.
  2. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    fyi, as tured out earlier CF performs DNSSEC on its own, no need to enable it on router. but might be useful with other DoT servers w/o "builtin" DNSSEC
  3. T

    [384.11_Alpha - builds] Testing all variants.

    I'd suggest to use something like below instead #!/bin/sh echo "1" > /proc/sys/net/ipv6/conf/all/accept_ra echo "1" > /proc/sys/net/ipv6/conf/all/forwarding echo "1" > /proc/sys/net/ipv6/conf/eth0/accept_ra echo "0" > /proc/sys/net/ipv6/conf/eth0/forwarding
  4. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    Live client's DNS traffic is encrypted. As for router-originated resolving, it's tradeoff between unencrypted dns resolution of system services domains on router itself and internet connectivity in general. Mean - *for* internet connectivity in general (ntp update issue above is one of multiple...
  5. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    Depending on "Wan: Use local caching DNS server as system resolver (default: Yes)" setting, it was always enabled in Asuswrt-Merlin and only recently was exposed in web ui. If enabled - router will resolve though dnsmasq (and whatever dnsmasq is pointed), if disabled (official fw default...
  6. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    sure, it was done by reason. stubby must listen on default dns port, the only usable port for libc resolver. since addresses are different, there's nothing wrong with it.
  7. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    these addresses are already occupied by dnsmasq unless default config (listening interface, binding, dns port) was changed by hands. same, dnsmasq already listens to that addresses, no point to loop it into itself. thanks for report, ipv6 addresses were skipped due bug, fixed now.
  8. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    DNS Server1 and DNS Server2 play same ISP DNS role as before. They are used by router itself unless dnsmasq is set as system resolver (i.e for NTP server resolving, etc) and DoT is enabled. Things may change in the future. Do not enable DNSSEC on alpha2, or you'll end with no working DNS...
  9. T

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    One possible workaround for DNSSEC issue is to disable (set to No) "Wan: Use local caching DNS server as system resolver" at Tools / Other settings page.
  10. T

    Asus RT-AC88U - PPPoE WAN Connection problem

    https://yadi.sk/d/q7YVwjjpok4OrA SOP: 1. clone mac from tplink, check if it can connect now 2. add "lcp-ident MSRAS-0-a4b999" to Additonal pppd options, check if it can connect now (a4b999 is low half of wan mac) 3. if step 2 was succesfull, remove mac cloning, check if it can connect now 4. if...
  11. T

    [Dev][Feedback] Changing DNS behaviour on router

    but why? logic in rc is pretty clear (update_resolvconf) regarding how dns are managed. please look at the code. unfortunately not so easy. dnsmasq's cache ttl can be changed with options, therefore it's possible that dns_target gets stuck in dnsmasq's cache, which, as we know, had bugs in the...
  12. T

    [Dev][Feedback] Changing DNS behaviour on router

    also, with dns probing enabled it checks local dnsmasq for the response, not any real isp /whatever dns. this could potentially bring issues with some unusual dnsmasq configurations, i.e huge fixed cache ttl or even absence of dns probe target. what if make special settings alike existing "Wan...
  13. T

    [Dev][Feedback] Changing DNS behaviour on router

    two users from this thread are indeed a drop. let me rephrase, fw has bug with any isp l3 vpn services that needs fqdn server address, official fw has it fixed. millions users with multiple isps in multiple countries are potentially suffering from this. one-two (from this thread) users (capable...
  14. T

    [Dev][Feedback] Changing DNS behaviour on router

    beeline has more 2 million of customers in ru, I think it's more than enough, not counting multiple smaller isps. as for other countries, heard about some in CIS, Israel, France
  15. T

    [Dev][Feedback] Changing DNS behaviour on router

    can you give any example of such setup please?
  16. T

    [Dev][Feedback] Changing DNS behaviour on router

    not true. millions of users
  17. T

    [Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

    fyi, that change seems incomplete, dhcpv6 hostname matching is not supported. I've contacted Simon about, and before upstream solution handling wpad here would be temporary solution https://github.com/RMerl/asuswrt-merlin.ng/blob/master/release/src/router/dnsmasq/src/util.c#L203
  18. T

    384.7 IPV6 Stateful Generates Logged Errors, Stateless Does Not

    no idea about, pre-3.19 mips kernels have fork issues, but I've never heard about something similar on 4.x arm/aarch64. any steps to reproduce?
  19. T

    384.7 IPV6 Stateful Generates Logged Errors, Stateless Does Not

    Simon has decided to realign input data rather to support unaligned although more changes were required/size consumed. Both aproaches has same result, bug is gone, at least for current sources. Gonna to reuse upstream version a bit later, a bit more cosmetic changes might be expected. FYI...
Top