[ 3006.102 alpha Build(s) ] Testing available build(s)

[octopus]

OneDrive

www.asuswrt-merlin.net

No support with this builds.

ANNOUNCEMENT: Asuswrt-Merlin support underway for 3 Wifi 7 routers

Folks, this isn't the thread to discuss pricing. If you have a problem with procing, complain to Asus, not to this thread.

www.snbforums.com

Available builds:
RT-BE96U
GT-BE98_PRO

Available Alpha 2 builds: (20240531)
RT-BE96U
GT-BE98_PRO

- NEW: Rewrote OpenVPN killswitch implementation. The new method
uses an always present routing rule to prohibit access to
the main routing table, so it will be active even if the
user manually stops a client. Removing the prohibit rule
requires disabling the killswitch on the webui.
The rules are also created before WAN goes up, to reduce
the risks of leaks between WAN going up and VPN connecting.

- CHANGED: Removed led_disable nvram, we now share the same AllLED
nvram as used by Asus for the LED button (and AiMesh sync)

- CHANGED: Removed stop/start and "Start with WAN" buttons from
OpenVPN clients. There is now just a single
"Enable" option, which will immediately start the
client when applying changes, and will also start it
automatically when WAN comes up. This is to reduce
confusion, better integrate into SDN, and match how
WireGuard clients already worked.


3006.102.1 (xx-xxx-2024)

This is the initial release of Asuswrt-Merlin based on
the 3006 codebase. Only a few specific models are
currently available, more will be added over time as
Asus progressively migrates devices to the new codebase.

3006 introduces a number of major features, these will not
be listed - please review Asus' own documentation on the
new features added in 3006 (AKA Asuswrt 5.0). The two most
notable ones are VLAN and Guest Network Pro (also called
Self-Defined Networks, or SDN), both of which are supported
in Asuswrt-Merlin.

This initial 3006.102.xx release also includes a number of
potentially breaking changes over 3004. The most relevant
ones will be listed below.

Note that while Asus uses VPNFusion, Asuswrt-Merlin still
uses VPNDirector. The integration with Guest Network Pro
had to be re-implemented to work with Asuswrt-Merlin,
which required a few backend changes.

Due to the VPN backend differences, it's strongly recommended
to do a factory default reset after coming from the original
Asus firmware if you used any VPN-related functionality.


- NEW: Added support for GT-BE98_PRO.
- NEW: Added support for RT-BE96U.
- NOTE: Wifi 7 devices don't support NFS (issue with new
toolchain), QoS classification page (issue with
TrendMicro BWDPI) or Wifi Radar (not updated by
Broadcom).
- NEW: Added dnsmasq-INDEX.conf.add and stubby-INDEX.yml.add,
which are appended to SDN config files (INDEX = SDN
index number)
- NEW: Added dnsmasq-sdn.postconf and stubby-sdn.postconf.
They take two arguments:
- path to the config file for that SDN's instance
- the SDN index number (1 for the first SDN instance)

- CHANGED: Merged with GPL 3.0.0.6.102_34369.
- CHANGED: Chart.js was upgraded from 2.x to 3.9, to share the
same version used by Asus. Any third party addon
that used it will need to upgrade their charts to
the new version.
- CHANGED: Switched to a different qrcode generation script, to
share the same script used by Asus.
- CHANGED: WireGuard and OpenVPN clients use different iproute2
table IDs, to be in line with Asus's own table IDs.
The names defined in rt_tables remain unchanged.
- CHANGED: Implemented support for Wifi 7 and SDN on the
Wireless Log page.
- CHANGED: Implemented DNSDirector webui for SDN.
- CHANGED: Main routing table is no longer copied to the OpenVPN
client routing tables, to be in line both Asus' own
behaviour and the way WireGuard clients already work.
- CHANGED: Removed stop/start and "Start with WAN" buttons from
OpenVPN clients. There is now just a single
"Enable" option, which will immediately start the
client when applying changes, and will also start it
automatically when WAN comes up. This is to reduce
confusion, better integrate into SDN, and match how
WireGuard clients already worked.
- CHANGED: ipset is now compiled into the kernel rather than as
modules (to match with Asus)
- FIXED: JS error on Wifi 6e/7 models when toggling DDNS.
- REMOVED: Option dns_local_cache from Tools -> Tweak settings,
to avoid issues with SDN that run their own
dnsmasq instances.

 

[Analog-1]

How much feedback can there be with 2 models that very few people have. Should be interesting.

 

[Lax]

Just received my reordered router GT-BE98_PRO. Installing this beta build. Will update the status.

 

[betovanbuuren]

Flashed on BE98 Pro, so far so good, VPN WG and Ovpn clients works better on this alpha than on the latest stock firmware.

Had to reconfigure again both profiles.

Will keep informing

 

[DJones]

@octopus (Self-Defined Networks, or SDN)

Actually stands for Software-Defined Network.

Edit: Apparently Asus is just special and called it self-defined network. Tomato tomato but probably means it doesn’t contain the real feature sets of a true SDN software defined network.

 

[Tech9]

Unrelated to Software Defined Network. Asus Self-Defined Network is when you want something to happen in settings, but the network does unexpected to you things or completely refuses to listen to you. This term preserves the network's rights to self-define and it will do so without asking for permission.

 

[Alaska99]

Can anyone confirm if we can configure the Open VPN server on port 443 in the Merlin built?? Now Asus makes the use of port above 1024 mandatory. Even if on the GUI it is indicated suggested... Probably in Korea suggestions are obligatory....

 

[RMerlin]

Can anyone confirm if we can configure the Open VPN server on port 443 in the Merlin built?? Now Asus makes the use of port above 1024 mandatory. Even if on the GUI it is indicated suggested... Probably in Korea suggestions are obligatory....

I don't place any restriction on the port, however using 443 means you will get tons of connection attempts in your system log. Using UDP instead of TCP might help with that.

 

[thecheapseats]

Unrelated to Software Defined Network. Asus Self-Defined Network is when you want something to happen in settings, but the network does unexpected to you things or completely refuses to listen to you. This term preserves the network's rights to self-define and it will do so without asking for permission.

ok... that was funny... thx...

 

[jerry6]

Flashed on BE98 Pro, so far so good, VPN WG and Ovpn clients works better on this alpha than on the latest stock firmware.

Had to reconfigure again both profiles.

Will keep informing

will be watching for updates , almost pulled the trigger on this router last night , will wait for more feedback before buying

 

[Viktor Jaep]

3006.102.1 (xx-xxx-2024)

- CHANGED: WireGuard and OpenVPN clients use different iproute2
table IDs, to be in line with Asus's own table IDs.
The names defined in rt_tables remain unchanged.
- CHANGED: Main routing table is no longer copied to the OpenVPN
client routing tables, to be in line both Asus' own
behaviour and the way WireGuard clients already work.
- CHANGED: ipset is now compiled into the kernel rather than as
modules (to match with Asus)

In preparation for this change across many of our other routers, I was wondering what the community's take is on how these particular changes in 3006 (above) may break (or leave alone) the "Unbound over VPN" functionality that was devised by @Martineau, and currently implemented in VPNMON-R3. It basically allows Unbound traffic to flow over a specified VPN slot tunnel, instead of going out over the WAN. The main meat to all this are these rules inserted into the nat-start that affect the way this all might function.... as well as the "unbound_DNS_over_OVPN.sh" script that basically tackles making iprules changes based on the VPN slot selected. I mean, it is fairly complex, and much goes into this... Any concerns on first glance?

nat-start

#!/bin/sh

sleep 10  # During the boot process nat-start may run multiple times so this is required

# Ensure duplicate rules are not created
for VPN_ID in 0 1 2 3 4 5
  do
    ip rule del prio 999  2>/dev/null
  done

# Create the RPDB rules
ip rule add from 0/0 fwmark "0x8000/0x8000" table main   prio 9990        # WAN   fwmark
ip rule add from 0/0 fwmark "0x7000/0x7000" table ovpnc4 prio 9991        # VPN 4 fwmark
ip rule add from 0/0 fwmark "0x3000/0x3000" table ovpnc5 prio 9992        # VPN 5 fwmark
ip rule add from 0/0 fwmark "0x1000/0x1000" table ovpnc1 prio 9993        # VPN 1 fwmark
ip rule add from 0/0 fwmark "0x2000/0x2000" table ovpnc2 prio 9994        # VPN 2 fwmark
ip rule add from 0/0 fwmark "0x4000/0x4000" table ovpnc3 prio 9995        # VPN 3 fwmark

 

[betovanbuuren]

@RMerlin One thing noticed is that with stock firmware 3.0.0.6.102_34491, vpn fusion was more unstable, since while enabling WG client, lot of times got stuck in "Connecting" and tunnel was never completed, since my devices on the vpn director wasn't detecting the vpn.

Using this alpha1 with VPN director, is way more stable, while enabling, it always shows "Connected" after couple seconds.

Not sure if at some point this firmware will merge with stock vpn fusion, but hopefully works like current vpn director in terms of stability.

In general wifi connection, i haven't seen any drops, so far all good.

 

[Alaska99]

The changelog say "Merged with GPL 3.0.0.6.102_34369" but the latest firmware for BE98 Pro is 3.0.0.6.102_34491. So Merlin firmware is based on older firmware? What is change between this 2 releases?

I know that factory reset is recommended but all my devices are manually assigned IP in the DHCP Server tab. Is there a way to easily backup the dhcp reservation because it is very painful to reconfigure each device one by one.

 

[RMerlin]

Not sure if at some point this firmware will merge with stock vpn fusion, but hopefully works like current vpn director in terms of stability.

I evaluated the possibility of porting VPN Fusion during early 3006 development, but the project got dropped. Too much work for no real benefit, VPN Director is a better alternative in general. So instead I opted for implementing a direct integration between SDN and OpenVPN/WireGuard, which was a bit easier to do.

 

[RMerlin]

Any concerns on first glance?

Just make sure that rule priorities don`t clash. SDN may create routing rules of its own with higher priorities.

 

[Dutchman01]

Hi, the question i do have is about the new RT-BE88U
will this router (soon) alse be supported with Asus Merlin software?

To me it looks very promising considered the price tag around 360 euro's
It also gets delivered with enough multigig ports for the home user.
The models supported lusted above are way more expensive.

Not knowing i will be able to flash with merlin software i don't want to order it yet.



Regards,
Dutchman01

 

[RMerlin]

Hi, the question i do have is about the new RT-BE88U
will this router (soon) alse be supported with Asus Merlin software?

ANNOUNCEMENT: Asuswrt-Merlin support underway for 3 Wifi 7 routers

Hi everyone, I am now able to officially announce support for three different Wifi 7 routers is currently under development, to be part of the 3006.102.1 release: RT-BE96U GT-BE98_PRO GT-BE98 (by Gnuton) Things are still too early to have any kind of ETA, even for snapshot builds, as there...

www.snbforums.com

 

[Old Fart]

The changelog say "Merged with GPL 3.0.0.6.102_34369" but the latest firmware for BE98 Pro is 3.0.0.6.102_34491. So Merlin firmware is based on older firmware? What is change between this 2 releases?

I know that factory reset is recommended but all my devices are manually assigned IP in the DHCP Server tab. Is there a way to easily backup the dhcp reservation because it is very painful to reconfigure each device one by one.

Tutorial - Minimal backup and restore

Lately there have been discussions regarding router backup and restore and how tedious it is. There are instances when a full restore is NOT in your best interest. I have found that the majority of time is spent reconfiguring your clientlist and DHCP reservations. The following has been posted...

www.snbforums.com

 

[nzwayne]

Installed this Alpha release on my GT-BE98 Pro (yippee...). A dirty conversion on former ASUS code "FW_GT-BE98_PRO_300610234491". Everything seems fine, been through panels & selections I would config, all looks good. Thanks @RMerlin your a super-star to many (have my wife's vote too). Donation from the family as a Thank-You.

 

[Martinski]

Hello folks,

I'm currently gathering information so I can eventually modify scMerlin's SSH UI & Web GUI (and YazFi's, at some point) to support the new routers running the upcoming RMerlin's "3006.102.XXX" F/W versions.

To that end, would users currently running the 3006.102.1 Alpha version on the "RT-BE96U" or the "GT-BE98_PRO" router please provide the output of the following code?

{
  printf "\nModel ID: [$(nvram get odmpid)]"
  printf "\nProduct ID: [$(nvram get productid)]"
  printf "\nRC_Support:\n-----------\n"
  nvram get rc_support
}

I'd appreciate the help. Thank you.