What's new

Asuswrt-Merlin 3.0.0.4.372.32 Beta 3 available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

RMerlin

Asuswrt-Merlin dev
Staff member
Howdy folks,

I initially planned on waiting for the 374 code before finalizing this release, however since it contains quite a few changes already, including two security fixes, I decided to go ahead and release it as a beta release.

Beta builds have been uploaded for all four routers. This is based on the 372 code, with one fix backported from 374 (the Parental Control issue that prevent it from working under IE10).

The highlights:

IPv6 firewall
Probably a major issue that prevented this router from being safely usable on an IPv6 connection - until now. There is now an IPv6 firewall configurable under Firewall -> IPv6 Firewall. By default this new firewall will be ENABLED. That means if you previously relied on the fact that there was no firewall on the IPv6 network to allow remote access to computers on your LAN, you will now have to configure the appropriate firewall rules on that new tab.

Bear in mind that this is quite different from what you are used with IPv4. In IPv4, by default no device is reachable because of NAT. You have to open a port, which will allow connection on your router IPv4 to be forwarded to the selected computer.

With IPv6, every device on your network gets its own, fully routable IPv6. Instead of forwarding ports, you will be opening ports in the firewall, specifying the IPv6 IP of the target computer. That also means that, when connecting (or testing with a port scanner) to that open port, you have to use the computer's IP, not the WAN IP.

The firewall has been tested by various users already through Comcast, Hurricane Electrics's 6in4 tunnel, and probably a few more.

Security fixes
This beta release includes two security fixes:

- ACSD exploit. Unlike Asus who seem to have totally disabled that service, I decided to simply prevent connection from your LAN to that service through a firewall rules. This means that in theory, the automatic channel selection feature that service provides should still be working.

- Samba symlink issues. I won't give too much details since this isn't patched by Asus yet (they will be patching it in the next release), but this was recently disclosed in a security-related document.

Component updates
OpenVPN was upgraded to 2.3.2, miniupnpd to 20130730, and the e2fsprogs tools (fsck, mkfs, etc...) to 1.42.8. Please make sure you don't see any regression introduced by the first two updates (OpenVPN and UPNP).

Various random fixes
The usual. Webui should no longer crash when pasting an abnormaly long value in the OpenVPN fields (and a notice was also added to remind you to only paste the BEGIN/END block), fixes to wireless client list mixing up MACs if two IPs looked too similar (192.168.1.100 and 192.168.1.10 for example), and some more. Details are in the changelog.


What I mostly need tested in this release:

- OpenVPN. Make sure there was no regression introduced by the upgrade to 2.3.2
- UPNP. Same thing
- IPv6 firewall: while this was already pretty well tested with the limited Beta 1 release, keep an eye on any oddity related to IPv6.
- New "smart" minidlna database location. VinceV developped a smarter database location function that will greatly reduce the chances of people accidentally having their DLNA database stored in RAM, potentially filling it up, and leading to a router crash due to running out of memory. Make sure DLNA still starts normally.

There was no change in relation to wireless drivers (except for the RT-AC56U that uses the final 372 driver, while I was previously using an early prerelease version).

You can safely upgrade from any 3.0.0.4.3xx version to this new one without having to revert back to factory default. Remember however to go to the OpenVPN Keys page, and re-save your keys if you are upgrading from a release OLDER than 372.30. If you were keeping a saved copy of your settings that was created in a version OLDER than 372.30, you should also download a new copy of your settings, as older versions are potentially corrupted.
 
Last edited:
2.4 GHz regression with Intel WiFi

2.4GHz connection has now dropped from 300 to 144-130, while 5GHz band is intact - still connects at 300!

Wireless clients - Intel 5300 and 6250
same locations where before it was reliably >270

Resetting wifi NICs does not have any effect.

Beta3 firmware was flashed as an upgrade; router been rebooted couples times with no change.
 
Clearing NVRAM and resetting CPU clocks to 800MHz did not help - still connects only at 144 Mbps.

On the router 2.4GHz is set:
- Wireless Mode: N Only
- b/g Protection: off
- Channel bandwidth: 40 MHz
- Control Channel: Auto
- Power output: 180mW

Same settings with 3.0.0.4_372.31_2 were working great...
 
I have flashed 372 Beta 3 on my RT-AC66U from Beta 1. No change in speeds or stability which were both fine under Beta 1.
 
Clearing NVRAM and resetting CPU clocks to 800MHz did not help - still connects only at 144 Mbps.

On the router 2.4GHz is set:
- Wireless Mode: N Only
- b/g Protection: off
- Channel bandwidth: 40 MHz
- Control Channel: Auto
- Power output: 180mW

Same settings with 3.0.0.4_372.31_2 were working great...

You have channel on auto. It's possible it switched to a channel that has more interference, causing it to fallback to 20 Mhz, which explains the speed dropping to half of what it was. From what I've seen, Asus will follow the 802.11 specification by downgrading to 20 MHz if there is any interference.

I just tried it here with a Centrino 6230, and was able to maintain a stable 300 Mbps connection. I have very little interference here however.

Getting a stable 40 Mhz connection on the 2.4 GHz band will always be tricky. In fact, I never recommend to use 40 Mhz on the 2.4 GHz band, unless you are in area with very little interference on that band.
 
something is wrong. After re-flashing back the previous Merlin firmware I still cannot restore the performance on 2.4GHz

I cleared the NVRAM again and re-stored saved Config file (which was created on the same version of FW)
 
something is wrong. After re-flashing back the previous Merlin firmware I still cannot restore the performance on 2.4GHz

I cleared the NVRAM again and re-stored saved Config file (which was created on the same version of FW)

I told you - this is related to interference. The router will fallback to 20 Mhz mode if there is interference, which is why your performance was cut in half on the 2.4 GHz band. This is perfectly normal behaviour. Since you have the channel set to Auto, that means you are probably sitting on a different channel than before.
 
I am preparing to eat my own hat... changing channel to from Auto to 2 immediately raised the speed to 300Mbps... (can I put some hot sauce on the hat?)

Next step is flash the firmware to Beta3 and confirm that changing the default channel restores the speed
 
Last edited:
Forgot one but very important detail - this is RT-AC56U (correction - by mistake I typed AC66U)
 
Last edited:
Forgot one but very important detail - this is RT-AC66U

Are you sure? Cause you said you had changed the CPU clock to 800 MHz - that router's default clock is 600 MHz.

Interference has nothing to do with the range. If your neighbors have as trong signal on the same channel as you, it will cause your router to downgrade to 20 MHz channel width. You have to use a tool such as InSSIDer to find out which channel has the least interference. InSSIDer will also confirm that your router has downgraded to 20 MHz, that it's not the client having difficulties.

There are 11 channels on the 2.4 GHz band. Using 40 MHz means you will be overlapping no less than 5 of these 11 channels. That's why it's very difficult to have any stable connection with 40 MHz width on the 2.4 GHz band.
 
RT-AC66U default CPU clock is 600MHz (ands it is a single core), but RT-AC56U is dual core 800MHz (and that's what I have). Since I have extra cooler, my wifi module temperatures are always reasonable - so there is no issue of overheating.

Merlin, I had very stable connection on 2.4GHz with full 300Mbps until I flashed Beta3 - and I kept checking the connection speeds frequently since I pumped the power output from default 80mW to 180mW...

Now with setting wifi channel to 2, FW 3.0.0.4_372.31_2 still gets 300, but Beta3 seems to be less consistent.

I will try the latest ASUS FW to see if that makes difference and which version has the best 2.4GHz performance.
 
So I checked the inSSDer and the router's Visible networks

- the most powerful neighbor network is "g" on channel 11 (and it uses WEP), and I am on channel 2 ("n" only). That network been there for years, I know the owner and I do not think he did any changes (for example, if he upgraded the router it would have been "N" and not "G"). So unlikely that to start causing the trouble.

The remaining wifi networks as per router's Wireless - Visible Networks are 20% and below (and the router sees more networks than my laptop!)
 
RT-AC66U default CPU clock is 600MHz (ands it is a single core), but RT-AC56U is dual core 800MHz (and that's what I have). Since I have extra cooler, my wifi module temperatures are always reasonable - so there is no issue of overheating.

Merlin, I had very stable connection on 2.4GHz with full 300Mbps until I flashed Beta3 - and I kept checking the connection speeds frequently since I pumped the power output from default 80mW to 180mW...

Now with setting wifi channel to 2, FW 3.0.0.4_372.31_2 still gets 300, but Beta3 seems to be less consistent.

I will try the latest ASUS FW to see if that makes difference and which version has the best 2.4GHz performance.

The wifi performance should be similar in 372.32-Beta 3 and Asus's 372 release. 372.31 was using a wireless driver from a beta SDK.

I haven't updated to their 374 driver version yet as I was waiting to get newer 374 base code first, so it's possible that Asus's 374 yields different results.
 
thanks Merlin; any (rough) on 374-based your firmware? :)

Maybe a week or two, the 374_168 code was merged in tonight. I need to see what feedback comes from the beta release first.

374 itself doesn't bring much that would be noteworthy if you look at the changelog on Asus's site, so it's not a big deal. I already have my own fix for acsd, and the Parental Control IE10 fix was backported in Beta 3. No big need for the 374_257 GPL either, since the new N66U driver isn't stable enough yet to be merged in.
 
Last edited:
Thanks for this new firmware. Is it possible the wired connection is slower since .31 firmware?
With .25 firmware i was able to download 10MB/s, with .31 and .32.3 only 3,4MB/s (8 connections).
My Feature-requests:
- It took a while to discover the actual date/time in router web interface. I set ntp-Server, but i don't know if the server set the actual date/time. Then i discovered the time in general system log.
Is it possible to add the actual date/time at time server page or summary page, to see the setting immediately?
- Any possibility to disable connection logging?
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top