[Alpha] 386.2

[Striker317]

I would recommend you keep the leases file on /jffs so that you don’t have to worry about the timing of USB mounts.

The problem with this is that the jffs might be reset if I have to start over with a router reset

 

[Striker317]

Are you sure your mountpoint still is SDA1?

Yes, it is still SDA1. It just mounts after dnsmasq runs in 386.2 alpha. Whereas in all other versions, the drive has mounted before dnsmasq is run

if I restart dnsmasq after the SDA1 is mounted, it works fine. But not sure that is intended behaviour based on all the past versions.

 

[gwalker88]

The problem with this is that the jffs might be reset if I have to start over with a router reset

The better practice would be to run regular backups of jffs to a USB drive. Install NSRU from AMTM and either take a new backup manually whenever you make a change, or set up a cron job to run backups daily/weekly/monthly/whenever.

 

[Wade Coxon]

Is there any chance of enabling the skbedit feature in this alpha/beta as-per the post from @Odkrys here:

CakeQOS - CakeQoS Help

Hey! How would I go about including docsis and ack-filter the at the same time? When I do cake-qos settings optionsup docsis ack-filter, it only applies the docsis and not the ack-filter. If I do one at a time, it removes any previous settings. I'm not sure I understand, once you ssh...

www.snbforums.com

I would dearly love to try dscp marking of traffic for cake QoS.

 

[mohsha]

Came to know from @L&LD that GT-AX11000 is supported and just installed and everything is working fine. There was VPN server issue due to time not being updated quick enough but VPN server was up later. Thanks Merlin. Donation on your way for adding support to GT-AX11000 as I wanted to try few add-ons.

 

[bluepoint]

We do have almost the same settings except WAN DNS, I'm using Unbound for my DNS resolver, iPhone 12 iOS 14.4 Ovpn connect v3.2.3 through AT&T Mobile 5G. Last night I changed the RSA Encryption to 1024 bit and the initialization problem has not shown yet. If ever this stays fine for 24 hrs. then I can conclude as far as I'm concern that the problem only shows when RSA Encryption is @2048 bit. If you have time and don't mind, can you please leave your settings as is for 24 hrs while your iPhone is connected, can be all the time or in and out and see if you can duplicate the problem?

And another question. After I've chosen 1024 bit RSA Encryption and applied, is it normal the choice placement for the RSA Encryption bit to be hidden? It seems you can not change to 2048 not unless I restart disable/enable the O server. Thanks for your time @LimJK

View attachment 31370

Nope after 22+ hrs it's back. Same problem @1024 bit it just took a little longer to error out. Oh well.

 

[LimJK]

We do have almost the same settings except WAN DNS, I'm using Unbound for my DNS resolver, iPhone 12 iOS 14.4 Ovpn connect v3.2.3 through AT&T Mobile 5G. Last night I changed the RSA Encryption to 1024 bit and the initialization problem has not shown yet. If ever this stays fine for 24 hrs. then I can conclude as far as I'm concern that the problem only shows when RSA Encryption is @2048 bit. If you have time and don't mind, can you please leave your settings as is for 24 hrs while your iPhone is connected, can be all the time or in and out and see if you can duplicate the problem?

And another question. After I've chosen 1024 bit RSA Encryption and applied, is it normal the choice placement for the RSA Encryption bit to be hidden? It seems you can not change to 2048 not unless I restart disable/enable the O server. Thanks for your time @LimJK

View attachment 31370

bluepoint,

Can I make a suggestion, so that we can have better certainty to recreate the problem and catch the "bug" in a repeatable fashion from a known state as well as easier for us to make meaningful comparison for our respective settings. Can you consider to

• Uninstall ALL scripts from amtm (including Unbound) so that you have a minimum configuration with Merlin's FW NVRAM settings only; to rule out any issues related to scripts & scripts settings under the hood.
• After that, can you do a factory reset via GUI Administration -> Restore/Save/Upload Setting -> Restore (with "Initialize all the settings" selected)
• Set up your Router afresh, with WAN DDNS and OpenVPN, etc (minimum configuration) ... using similar OpenVPN related settings as mine
• Get your OpenVPN working before you carefully introduce desired scripts one at a time, those scripts I used and are working for my environment are in my signature below.

PS:

• My OpenVPN connection / usage pattern are usually for a couple of minutes and rarely up to 1 hour. So, I will test a much longer connection time when I get back tonight (I will setup guess network to test OpenVPN for my iPhone and MacBookPro, as I have limited Cellular Data cap). I will also test re-connection(s) as all my devices use default "sleep" values.
• I am quite certain it is not likely the RSA Encryption: 2048 bit, I used this setting for many years over Merlin & Stock Firmware. However, I can test that after we have done the above minimum configuration test with OpenVPN on your Router without any scripts.
• Hope you are able to resolve this ... all the best!

Edit: I have been running close to a week without any issue for my OpenVPN here.

Edit: So far running over 6 hours, on iOS OpenVPN Connect, and no problem so far.

 

[nzwayne]

One solid week now on RT-AX88U_386.2_alpha1 on RT-AX88U, backhaul'd AiMesh to AX86U, AX56U, AC86U. Dirty upgrade from RT-AX88U_386.1_2. The weeks operation has been totally seemless for Work, Home & Family (Avg 38 clients). Thanks from the household!!!

PS: Memory used on the AX88U, highest ratio I've seen before.

 

[LimJK]

I have been running smoothly with Merlin 386.2_alpha1-gc52b410e89 for about a week.

My Configuration:

• AiMesh Router: AX88U 386.2_alpha1-gc52b410e89 + 2 x AiMesh Nodes: AC86U 386.2_alpha1-gc52b410e89
• Backhaul (Priority:"Auto", Type:"Wired"), Asus GX-U1051 5-Port Gigabit Switch from Router to Nodes, ISP: 1 Gbps Fibre

After Upgrading Firmware to 386.2_alpha1-gc52b410e89, I did Factory reset for AiMesh Nodes first, followed by Router and use Merlin default NVRAM settings except with the following changes:

• Enabled AiProtection: ON
• USB Application
  • UPnP Media Server: OFF
  • Samba Share: OFF
• LAN:
  • 40 items in my DHCP manually Assigned IP List
• Wireless:
  • 2.4 GHz: Fixed Channel Bandwidth 20MHz, Control Channel: Auto, Universal Beamforming: Disable
  • 5.0 GHz: Fixed Channel Bandwidth 80MHz, Control Channel: Auto
• WAN DDNS:
  • Using Asus DDNS Service with Let’s Encrypt
  • DNS Privacy Protocol: DoT (pointing to Cloudflare DNS hosted in Country that I am in)
• VPN Servers (Connecting one at a time from the following clients):
  • OpenVPN works with
    • MacBookPro macOS Catalina - Tunnelblick 3.8.5beta05 (build 5650),
    • iPhoneXsMax iOS - OpenVPN Connect 3.2.3
  • IPSec works with MacBookPro & iPhoneXsMax Native Configurations
    • Cisco IPSec
    • IKEv2 (while connection works, there is not Status information on IPSec VPN Server)
  • Instant Guard works with iPhoneXsMax iOS Instant Guard 1.0.9
• Scripts on amtm 3.1.8FW
  • Diversion 4.1.12 uiDivStats 2.3.2 Skynet 7.2.3 connmon 2.8.4

 

[bluepoint]

bluepoint,

Can I make a suggestion, so that we can have better certainty to recreate the problem and catch the "bug" in a repeatable fashion from a known state as well as easier for us to make meaningful comparison for our respective settings. Can you consider to

• Uninstall ALL scripts from amtm (including Unbound) so that you have a minimum configuration with Merlin's FW NVRAM settings only; to rule out any issues related to scripts & scripts settings under the hood.
• After that, can you do a factory reset via GUI Administration -> Restore/Save/Upload Setting -> Restore (with "Initialize all the settings" selected)
• Set up your Router afresh, with WAN DDNS and OpenVPN, etc (minimum configuration) ... using similar OpenVPN related settings as mine
• Get your OpenVPN working before you carefully introduce desired scripts one at a time, those scripts I used and are working for my environment are in my signature below.

PS:

• My OpenVPN connection / usage pattern are usually for a couple of minutes and rarely up to 1 hour. So, I will test a much longer connection time when I get back tonight (I will setup guess network to test OpenVPN for my iPhone and MacBookPro, as I have limited Cellular Data cap). I will also test re-connection(s) as all my devices use default "sleep" values.
• I am quite certain it is not likely the RSA Encryption: 2048 bit, I used this setting for many years over Merlin & Stock Firmware. However, I can test that after we have done the above minimum configuration test with OpenVPN on your Router without any scripts.
• Hope you are able to resolve this ... all the best!

Edit: I have been running close to a week without any issue for my OpenVPN here.

View attachment 31388View attachment 31389

Edit: So far running over 6 hours, on iOS OpenVPN Connect, and no problem so far.

View attachment 31397

Actually, I've restored to factory default and formatted jffs to start clean with the latest Alpha1 due to unmounted jffs problem I had, so that part is out of the way. Right now the only addon I have are diversion, skynet, ntpmerlin(chrony) and unbound. To make it as close to your settings I reverted back to DOT(cloudflare) for DNS but left ntpmerlin, diversion and skynet. I'll see if that will make a difference, I think this will be my last try in finding the cause for now until a new Alpha build is released as it will contain OVPN 2.5.1.
Also, I hope somebody that has unlimited mobile data plan using iPhone Openvpn connect 3.2.3 can test Ovpn server and see if they can reproduce the problem. The bug comes out a little longer in RSA Enc 1024 than 2048 bits.

1G/1G Verizon FIOS
AT&T 5G
AiProtection disabled
All TrendMicro settings disabled
Not using AiMesh
Guest 2 enabled for iot's

 

[LimJK]

Actually, I've restored to factory default and formatted jffs to start clean with the latest Alpha1 due to unmounted jffs problem I had, so that part is out of the way. Right now the only addon I have are diversion, skynet, ntpmerlin(chrony) and unbound. To make it as close to your settings I reverted back to DOT(cloudflare) for DNS but left ntpmerlin, diversion and skynet. I'll see if that will make a difference, I think this will be my last try in finding the cause for now until a new Alpha build is released as it will contain OVPN 2.5.1.
Also, I hope somebody that has unlimited mobile data plan using iPhone Openvpn connect 3.2.3 can test Ovpn server and see if they can reproduce the problem. The bug comes out a little longer in RSA Enc 1024 than 2048 bits.

1G/1G Verizon FIOS
AT&T 5G
AiProtection disabled
All TrendMicro settings disabled
Not using AiMesh
Guest 2 enabled for iot's

bluepoint,

I can confirm the issue you discovered after I woke up in the morning:

 

[mohsha]

Came to know from @L&LD that GT-AX11000 is supported and just installed and everything is working fine. There was VPN server issue due to time not being updated quick enough but VPN server was up later. Thanks Merlin. Donation on your way for adding support to GT-AX11000 as I wanted to try few add-ons.

GT-AX11000 user and I couldn't install entware, it fails while creating folders inside /opt folder due to opt folder being read only and not a sys link folder as in other Asus routers. I am also unable to change permissions to this folder.

Info: Checking for prerequisites and creating folders...
Warning: Folder /opt exists!
mkdir: can't create directory '/opt/bin': Read-only file system

 

[bluepoint]

bluepoint,

I can confirm the issue you discovered after I woke up in the morning:

View attachment 31423View attachment 31424

Wow, thanks for the confirmation. So it is the cell data connection that is triggering the bug it seems.

 

[LimJK]

Wow, thanks for the confirmation. So it is the cell data connection that is triggering the bug it seems.

bluepoint,
I just left OpenVPN Connect 3.2.3 running, as I move in and out over various data connections over My Guest Network (when I am at home), Cellular (when on the road driving) or hotspots (as and when available).

• I only discovered the state on VPNServer when I woke up this morning,
• I actually checked the status of OpenVPN Connect regularly and observed that connection is fine ...
• It did not occur to me to check the VPN Server regularly, so I do not know when it was triggered.

During this period I have 2 OpenVPN Connections; one from iPhoneXsMax and another from MacBookPro running the most current TunnelBlick Beta.

My workaround on OpenVPN Server is to select "Advanced" and Apply.

PS: To get additional data point, I am going to try the OpenVPN connection with only Tunnelblick 3.8.5 beta 05 (build 5650) on MacBookPro with macOS Catalina running for 24 hours to see if this "does" or "does not" trigger the same issue you reported.

 

[bluepoint]

bluepoint,
I just left OpenVPN Connect 3.2.3 running, as I move in and out over various data connections over My Guest Network (when I am at home), Cellular (when on the road driving) or hotspots (as and when available).

• I only discovered the state on VPNServer when I woke up this morning,
• I actually checked the status of OpenVPN Connect regularly and observed that connection is fine ...
• It did not occur to me to check the VPN Server regularly, so I do not know when it was triggered.

During this period I have 2 OpenVPN Connections; one from iPhoneXsMax and another from MacBookPro running the most current TunnelBlick Beta.

My workaround on OpenVPN Server is to select "Advanced" and Apply.

PS: To get additional data point, I am going to try the OpenVPN connection with only Tunnelblick 3.8.5 beta 05 (build 5650) on MacBookPro with macOS Catalina running for 24 hours to see if this "does" or "does not" trigger the same issue you reported.

Yes, please do the Tunnelblick connection, this way we'll know if the iPhone ovpn connect is the only factor. Again thanks for your assist.
Oh btw, is your macbook connected to the home internet or cellular data?

 

[LimJK]

Yes, please do the Tunnelblick connection, this way we'll know if the iPhone ovpn connect is the only factor. Again thanks for your assist.
Oh btw, is your macbook connected to the home internet or cellular data?

I will have to do it through whatever connection I have,

• At Home: using Guest Network with no intranet access (to force an OpenVPN connection from WAN),
• Outside: using Personal Hotspot over iPhone Cellular or Free Hotspot if available

 

[iMinkYourDrillkShake]

GT-AX11000 user and I couldn't install entware, it fails while creating folders inside /opt folder due to opt folder being read only and not a sys link folder as in other Asus routers. I am also unable to change permissions to this folder.

Info: Checking for prerequisites and creating folders...
Warning: Folder /opt exists!
mkdir: can't create directory '/opt/bin': Read-only file system

Hi!

First post here, but popping in and out over the years. What a nice community.

@mohsha, I'm on a GT-AX11000 and encountered the same failure mode. Based on the Entware installer script, it looks like /opt should point to /tmp/opt which (currently, at least) points to an "entware" folder created on the mounted USB drive. Not sure what the issue is, but maybe it's jffs related? Unless someone knows about this issue already (or what I may have missed during setup), I'll follow the general advice of nuking everything, resetting to minimal config, and trying again.

Using a *sigh* Samsung 64 GB SSD. It's all I have left since my kiddo can somehow make them disappear. (Same thing with rechargeable AA batteries. But I digress...)

 

[mohsha]

Hi!

First post here, bug popping in and out over the years. What a nice community.

@mohsha, I'm on a GT-AX11000 and encountered the same failure mode. Based on the Entware installer script, it looks like /opt should point to /tmp/opt which (currently, at least) points to an "entware" folder created on the mounted USB drive. Not sure what the issue is, but maybe it's jffs related? Unless someone knows about this issue already (or what I may have missed during setup), I'll follow the general advice of nuking everything, resetting to minimal config, and trying again.

Using a *sigh* Samsung 64 GB SSD. It's all I have left since my kiddo can somehow make them disappear. (Same thing with rechargeable AA batteries. But I digress...)

Tried multiple resets, will wait for a fix. That is the only bug I have found so far.

 

[RMerlin]

You should soon be able to have it, and eat it. /cryptic wizard hat off

 

[maxbraketorque]

Cake built-in?