[384.11_Alpha - builds] Testing all variants.

[QuikSilver]

Upgraded 1 of 2 of my routers. Dirty upgrade, but uninstalled NTPmerlin just before. No issues noticed so far.

 

[TheOldMan]

Self-compiled 384.11_A2 seems to be working OK on the RT-AC86U. Nothing strange happening in syslog except the dcd taint, same old.

 

[Jack Yaz]

woah.
Not exactly sure what "proper ntpd implementation" means, but having followed ntpmerlin and kvic's version before it, I'm pretty sure that's the gold standard.
I think @Jack Yaz 's script lets me input more than 2 ntp servers for redundancy. (4-5 if memory serves...maybe more)
in the (hopefully unlikely) event something fairly catastrophic happens, the likelihood of having a reliable time to reference to drops considerably in this case:
most publicly-accessible timeservers are stratum 2, but they commonly access the same stratum 1 servers for their reference.
Suggesting referencing pools invites the possibility for more significant jitter and the resultant offset, because geography/consensus. I'm of a mind that building a constellation of reference clocks to make sure I have a reliable and redundant stream from a variety of stratum 1 servers is probably better, even with rollover times.

The built-in ntpd does not allow for the same level of customisation as the entware package, plus you'll lack the graphs from ntpmerlin!

 

[Howard_inGA]

Dirty install of the new Alpha on RT AC5300...No glitches so far!

 

[octopus]

Just updated to alpha2 and no problem so far. I don't use dns-over-tls atm.
Uptime 0 days 0 hours 21 minute(s) 12 seconds

Thank you RM.

 

[RMerlin]

Not exactly sure what "proper ntpd implementation" means, but having followed ntpmerlin and kvic's version before it, I'm pretty sure that's the gold standard.

Proper means instead of using a custom-made ntp client to set the clock, I am now using an actual ntp daemon.

And since the goal is to synchronize a home router's clock and not SpaceX's Command Center, two NTP servers is sufficient (compared to previously ntpclient using only one, with the second as a fallback in case the first one failed to respond). ntpclient was also only updating the clock once per day (if memory's right), now ntpd will self-adjust based on the skew, like a real ntpd.

If you have some unusual needs, then feel free to keep the NTP server option disabled (ntpd will only run as a client then, similar to the original ntpclient implementation), and keep using an Entware-based setup. Steps were taken to ensure that the two wouldn't clash (different process name, and disabling NTP Server functionality won't bind to port 123). Note that you will get some redundant clock syncing, since both the firmware's ntpd and the Entware one will sync the same clock.

 

[grifo]

Note that you will get some redundant clock syncing, since both the firmware's ntpd and the Entware one will sync the same clock.

I haven't tried the alpha but is it possible to prevent the redundant syncing by the firmware ntpd client, maybe killing it using a script?

I think I'll continue using ntpMerlin due to its "redirect of all NTP traffic to ntpMerlin" feature. Or is this also included in the FW ntpd server implementation / are you planning to include it?

BTW many thanks for always keeping improving your great firmware!

 

[Jack Yaz]

I haven't tried the alpha but is it possible to prevent the redundant syncing by the firmware ntpd client, maybe killing it using a script?

I think I'll continue using ntpMerlin due to its "redirect of all NTP traffic to ntpMerlin" feature. Or is this also included in the FW ntpd server implementation / are you planning to include it?

BTW many thanks for always keeping improving your great firmware!

I can probably kill the firmware ntp like we do now (crudely via killall ntp)
I should add the dnsmasq option, but from what I recall not many clients actually use it?

 

[RMerlin]

I haven't tried the alpha but is it possible to prevent the redundant syncing by the firmware ntpd client, maybe killing it using a script?

No, as this ntpd instance can get restarted whenever doing a config changes that restarts it (like making changes on the System page for instance).

 

[heysoundude]

The built-in ntpd does not allow for the same level of customisation as the entware package, plus you'll lack the graphs from ntpmerlin!

That means that users will have to make choices. It's good we're having this discussion, then.

 

[Milan]

flashed now to AC-3200, DNSSEC enabled, DNS over TLS enabled to Cloudflare, all is working fine even with DNS cache settings ...

 

[Swistheater]

flashed now to AC-3200, DNSSEC enabled, DNS over TLS enabled to Cloudflare, all is working fine even with DNS cache settings ...

try rebooting and see if it still works fine

 

[bbunge]

try rebooting and see if it still works fine

Seems that with DNSSEC enabled on a reboot the router will not get a time update. Set to just DoT with CF resolvers. Reboot worked fine. Suspect an issue with a stubby.yml setting. Stay tuned...

 

[skeal]

Seems that with DNSSEC enabled on a reboot the router will not get a time update. Set to just DoT with CF resolvers. Reboot worked fine. Suspect an issue with a stubby.yml setting. Stay tuned...

If you put;

server=/pool.ntp.org/1.1.1.1

Into the;

/jffs/configs/dnsmasq.conf.add

file. If it isn't there create it. Reboot and everything should work even with DNSSEC enabled.

 

[bbunge]

If you put;

server=/pool.ntp.org/1.1.1.1

Into the;

/jffs/configs/dnsmasq.conf.add

file. If it isn't there create it. Reboot and everything should work even with DNSSEC enabled.

Didn't

Edit: Reboot gets me a WAN IP but with DNSSEC enabled it does not get me a time sync thus no internet connection. Tried to add "server=/pool.ntp.org/1.1.1.1" to dnsmasq.conf.add with no success. Tried a time server IP address in NTP Server, no success. Tried both CF and Q9 resolvers, no success.

Am wondering if Stubby should listen on - 127.0.0.1@5453 and - 0::1@5453 which would mean a corresponding dnsmasq.conf entry as we did with the Entware version of Stubby.

 

[EmeraldDeer]

In a prior alpha IPv6 appeared disabled.

In 384.11_alpha2-g2603c17197 IPv6 looks fine from the web GUI and I cannot find errors in syslog, but I do not have IPv6 from an external point of view. For example, https://browserleaks.com/ip and http://test-ipv6.comcast.net do not report an IPv6 address and seem to take a while to complete as if dropped packets are involved.

 

[XIII]

Can't get ntp to work (neither new firmware ntp feature nor ntpMerlin); date remains Sat May 5 07:xx:yy CEST 2018... (breaking unbound)

(yes, I tried adding server=/pool.ntp.org/1.1.1.1 to /jffs/configs/dnsmasq.conf.add)

 

[Swistheater]

In a prior alpha IPv6 appeared disabled.

In 384.11_alpha2-g2603c17197 IPv6 looks fine from the web GUI and I cannot find errors in syslog, but I do not have IPv6 from an external point of view. For example, https://browserleaks.com/ip and http://test-ipv6.comcast.net do not report an IPv6 address and seem to take a while to complete as if dropped packets are involved.

check your IPV6 log page under system log and make sure it is establishing connection there first.

 

[no_name]

Flashed RT-AC86U from 384.10 to 384.11_alpha2-g33fcd89869

Set format JFFS partition at next boot and factory reset and manually reconfigured settings

Settings used

VPN client using ExpressVPN
DHCP Server
Traffic Analyzer
Adaptive QoS
AIProtection

All are working as expected

I decided to learn how to install scripts for the 1st time

amtm, diversion, skynet & spdmerlin are installed plus Diversion Adblocker and NetworkCheck shortcuts

I will be having a play later

Many thanks to you guys who do all the hard work so people like myself are able to copy and paste these scripts and learn a little more about our routers capabilities








Sent from my iPad using Tapatalk

 

[dvohwinkel]

octopus, you might want to update your first post with these bits of information?

So many very exciting changes.