What's new

Asuswrt-Merlin 3.0.0.4.374.33 Beta 1 available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Confirmed that "format JFFS on next boot" solved the problem, but there is still an issue - updating the FW, even without factory reset, breaks the Entware installation.

I don't have that problem on either my N66 (SD card) or my AC66 (USB flash) - I regularly use nano on both of these, installed through Entware. Could it be that your device's mount point has changed?
 
I'm having trouble with smart access in AIcloud - it doesn't connect to any of my SMB shares in my internal network (I have 3 my book live NAS). It appears to be ok, finds the devices but connection to the shares always fails even though I have re-validated the credentials.

I only have a desktop here that has network shares (all protected through user/password access) and it works fine. Could perhaps be an issue specific to NAS running Samba?

Note that Samba is quite picky about username/passwords, check for uppercase/lowercase characters even in the username. I remember that it made a difference for me at one point (which is more a bug than anything IMHO - AFAIK usernames should not be case-sensitive).
 
I'm not seeing the little picture of the router and the meter bar that displays how full your USB drive doesn't appear to be working in AiCloud 2.0 using both Chrome and IE10. Clearing browser cache didn't help. I am seeing the following error in the log for AiCloud if it helps;

Sep 10 21:36:39 webdav: Request: 501-Error! method= GETPRODUCTICON GETPRODUCTICON / HTTP/1.1

I've seen a few of these myself in AiCloud's log.

At this point there's a good chance I might revert back to AiCloud 1.0, until Asus can iron out some of these new issues that seem to have crept up with it. Could also be caused by the fact that the GPL release isn't fully in-sync with their released AC56U firmware (from where I had to extract the AiCloud 2.0 js/css content).
 
So Far Parental controls seems to work, will let you know if a couple of days, that's usually when it starts to block all traffic..

Chris

What you describe sounds pretty similar to the issue that Makkie fixed. The firewall rules weren't all properly generated. For instance in his test case, if you allowed access all week except for Wednesday, then the firewall rules would allow access until Wednesday morning, and then it failed to allow access back until the start of next week, Sunday morning.

Keep me informed. If I can get enough validations that this new code resolves most of the reported issues, that will give me more leverage to convince Asus to either use that new code as-is, or take a close look at it as a basis for fixing their own existing code.
 
but its sad that my RT-AC66U and DIR-655 Sit 6 inches from one another and its sad that on the 2.4 band my brand new top of the line $190 asus cant even match letalone beat the performance of my 4 year old d link worth half as much

Some routers will be more aggressive in "overriding" any interferring router, while others will properly back out if there is already another router using the same channels. If you do have both routers up at the same time at such close proximity, that might be what you are experiencing, where the Asus would back out. Make sure that they don't use overlapping channel.

and as for the dual wan mode im just curious exactly how it works

Dual WAN can work in two modes:

1) Fail-over

In that mode, you have a primary link (the WAN port) and a secondary link )either a specific LAN port, or a USB port). If the router detects it lost connection on the primary WAN, it will start using the secondary WAN for your Internet access.

The current limitation is that once the primary comes back on, the router does not properly detect it, and will still remain on the secondary, until the secondary fails, or the router gets rebooted.

Asus have been notified of this issue.

2) Load-Balancing
In this mode, every NEW connection (important to note the "NEW" specification here) will get spread between both connections, going through an established ratio. FOr instance with a 3:1 ration, it means that the first 3 new connections go on the primary WAN, and the fourth one goes through the secondary WAN.

It's important to keep in mind this applies to new connections only. The load balancing isn't done at a packet level, but at a connection level. That means if you start one single download, it will only use the max speed of whichever connection it's going through. However if you use something like Bittorrent which establishes dozens of connections, they will be spread between both WANs, giving you an effective speed close to the sum of both Internet connection.

load-balancing is usually good if 1) both connections have fairly similar speeds, and 2) you have a lot of users sharing these connections.

There's also been some reports that load-balancing isn't working 100% yet either - I haven't tested that one personally (only failover mode to confirm that the recovery feature was still not working).
 
But what are the rest of them for??
These ones??


Open TCP Port: 3394 d2k-tapestry2
Open TCP Port: 3838 sos
Open TCP Port: 5473
Open TCP Port: 9100 hp-pdl-datastr
Open TCP Port: 9998 distinct32
Open TCP Port: 18017
Open TCP Port: 43698

i am guessing that 9100 is a printer related port too.

Here who's listening to what here, when checking using the full build of netstat (the router only has a stripped down version provided by Busybox):

Code:
admin@Stargate3:/tmp/home/root# net-tools-netstat  -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   
tcp        0      0 0.0.0.0:5473            0.0.0.0:*               LISTEN      693/u2ec            
tcp        0      0 0.0.0.0:18017           0.0.0.0:*               LISTEN      499/wanduck         
tcp        0      0 0.0.0.0:3394            0.0.0.0:*               LISTEN      693/u2ec            
tcp        0      0 0.0.0.0:515             0.0.0.0:*               LISTEN      695/lpd             
tcp        0      0 0.0.0.0:1194            0.0.0.0:*               LISTEN      1188/vpnserver1     
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      899/smbd            
tcp        0      0 0.0.0.0:9100            0.0.0.0:*               LISTEN      695/lpd             
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      522/httpd           
tcp        0      0 0.0.0.0:46193           0.0.0.0:*               LISTEN      1212/miniupnpd      
tcp        0      0 0.0.0.0:8082            0.0.0.0:*               LISTEN      680/lighttpd        
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      933/dnsmasq         
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      516/dropbear        
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      680/lighttpd        
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      899/smbd            
tcp        0      0 0.0.0.0:3838            0.0.0.0:*               LISTEN      695/lpd             
udp        0      0 0.0.0.0:9999            0.0.0.0:*                           526/infosvr         
udp        0      0 0.0.0.0:42000           0.0.0.0:*                           518/eapd            
udp        0      0 127.0.0.1:42032         0.0.0.0:*                           655/acsd            
udp        0      0 0.0.0.0:53              0.0.0.0:*                           933/dnsmasq         
udp        0      0 0.0.0.0:67              0.0.0.0:*                           933/dnsmasq         
udp        0    328 0.0.0.0:51283           0.0.0.0:*                           6660/lighttpd-arppi 
udp        0      0 0.0.0.0:5474            0.0.0.0:*                           693/u2ec            
udp        0      0 0.0.0.0:18018           0.0.0.0:*                           499/wanduck         
udp        0      0 0.0.0.0:1900            0.0.0.0:*                           1212/miniupnpd      
udp        0      0 0.0.0.0:38000           0.0.0.0:*                           518/eapd            
udp        0      0 192.168.10.1:137        0.0.0.0:*                           897/nmbd            
udp        0      0 0.0.0.0:137             0.0.0.0:*                           897/nmbd            
udp        0      0 192.168.10.1:138        0.0.0.0:*                           897/nmbd            
udp        0      0 0.0.0.0:138             0.0.0.0:*                           897/nmbd            
udp        0      0 127.0.0.1:38032         0.0.0.0:*                           524/nas             
udp        0      0 192.168.10.1:59851      0.0.0.0:*                           1212/miniupnpd      
udp        0      0 192.168.10.1:5351       0.0.0.0:*                           1212/miniupnpd      
udp        0      0 0.0.0.0:43000           0.0.0.0:*                           518/eapd

u2ec = USB 2 EC - used for printer sharing

If you want to check on your specific router, make sure you have either Optware or Entware installed, then install the net-tools package.
 
RT-AC66U, sorry about that. I'll adjust my sig

374.32 final was using the latest driver from Asus, same is used in 374.33 Beta 1. 372.32 Beta however was still using an older version, so if you went from the previous beta into this new beta, you just upgraded to a newer driver version indeed, which might explain the improvements.
 
Here who's listening to what here, when checking using the full build of netstat (the router only has a stripped down version provided by Busybox):

Code:
admin@Stargate3:/tmp/home/root# net-tools-netstat  -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   
................

If you want to check on your specific router, make sure you have either Optware or Entware installed, then install the net-tools package.[/QUOTE]

Thanks. for the info.
 
I use the Yandex DNS for the kids devices on our home network.

It's a pretty good initial line of defense for the little ones and their minecraft searches.

I only have their devices listed.

~Steph
 
Samba in Media server not accesible

Have lost access to the usb hard disk connected to the media server, problem from .32 and continues on .33 beta1.
Two Ac66U's one in Ms mode one in Router mode. same firmware.
 
Last edited:
I use the Yandex DNS for the kids devices on our home network.

It's a pretty good initial line of defense for the little ones and their minecraft searches.

I only have their devices listed.

Thanks for the feedback, so far you're the first user that tells me he is actually using it. Any particular problem with it so far? I was worried that its performance might not be optimal for anyone outside of Russia. Having it limited to only the children's computer might not make it a major issue at least.

If it's working well, I might just promote it to the main build.
 
I use the Yandex DNS for the kids devices on our home network.

It's a pretty good initial line of defense for the little ones and their minecraft searches.

I only have their devices listed.

~Steph
I also use Yandex DNS in the simailar manner.
So that service seems to be useful if it remains in the firmaware.
Thanks, Merlin!
 
Some routers will be more aggressive in "overriding" any interferring router, while others will properly back out if there is already another router using the same channels. If you do have both routers up at the same time at such close proximity, that might be what you are experiencing, where the Asus would back out. Make sure that they don't use overlapping channel.

thank you for the very good explanation on the dual wan feature. now as for what you were saying about the wifi i dont think thats the issue, i did tests with the d link completely off in the beginning all day and the range was never good on this thing, also when i initially got the asus, i had massive problems with it interfering with my 2.4GHz wireless headset, but i ended up fixing it for the mostpart by setting the router to channel 1, originally my choice was channel 11 but that seem to caused the most problems with my headset while my d link could be on any channel and not cause problems with the headset, im almost 100% the range has nothing to do with interference from my router or any of my neighbors routers, but if anything would affect it the most it would be mine and it didnt seem to so i cant imagine my neighbors could be doing a much but there is a few networks around me, the funiest part of all is i tried with my d link forever to get it to go full n300 a while back (using 2 20mhz channels to make 1 single 40mhz channel essentially) and i was trying on channel 11 because the other channels seemed the most crowded, i think i must have tried on 6 before but i couldnt get it to work, but when i initially got my asus i switched my d link to 1( in ssid it showed up on 1+5) and asus to 11, but now i have my asus on 1 and my d link on 6 (shows up as 6+2 on ssidinsider) i know the d link is on channel 6 and 2 so obviously the lower end could collide with the asus a bit, but the d link wont go full 300n on channel 11 or any others i dont think, while the asus router i have never seen show up on more then 1 channel even when the 40mhz was on and it always showed a rate or like 217 or whatever, and like i said even with the d link off, i tried every setting on the asus to fix the wifi and it never got better signal strength, i suspect it has to do with the way the router is dispersing the signal (like a pancake possibly), or the fact that canadas laws on what the max tx can be are not allowing it to reach its max potential performance, and also maybe that the netgear lawsuit could have made it a bit worse aswell
 
I don't have that problem on either my N66 (SD card) or my AC66 (USB flash) - I regularly use nano on both of these, installed through Entware. Could it be that your device's mount point has changed?

Merlin, my post you quoted had some history before. So, problems with JFFS and running of entware-install.sh, raised during our common attempts to solve the initial problem.

This is my initial post after installation of 33.beta1 which started the discussion on Entware:
33.beta1 installed. LAN, WAN, Wi-Fi, WebUI, OpenVPN servers working as expected. Only two issues so far:

First issue
Entware installation is broken. Typing:
admin@Router:/tmp/home/root# opkg list
-sh: opkg: not found


Typing:
admin@Router:/tmp/mnt/Data/entware/bin# opkg list
Collected errors:
* opkg_conf_load: Couldn't stat /opt/etc/opkg.conf: No such file or directory.


Typing:
admin@Router:/# ls -al opt
lrwxrwxrwx 1 admin root 7 Sep 10 03:31 opt -> tmp/opt


Typing:
admin@Router:/tmp# ls -al opt
ls: opt: No such file or directory


In addition there was a line in the syslog after first boot saying that something wrong is with sda1 filesystem (32GB MicroSD to be mount on /tmp/mnt/Data) and recommending to run e2fsck. Following this I typed e2fsck -p /dev/sda1. Then after next boot this warning disappeared but there is still the following message:

Jan 1 02:00:11 hotplug[347]: USB /dev/sda1(ext4) failed to mount at the first try!

Which is strange as the MicroSD is formatted as ext2.

Second issue:
The following lines appeared in the syslog:
Sep 10 23:38:46 openvpn[449]: 192.168.xx.xx:4716 WARNING: Bad encapsulated packet length from peer (20304), which must be > 0 and <= 1591 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Sep 10 23:38:46 openvpn[449]: 192.168.xx.xx:4716 Connection reset, restarting [0]
Sep 10 23:38:46 openvpn[449]: 192.168.xx.xx:4716 SIGUSR1[soft,connection-reset] received, client-instance restarting


That type of lines are usual in my configuration as one of the OpenVPN servers listens on WAN TCP port 80 and very often some bots trying to connect there. But the strange thing here is that the 192.168.xx.xx address belongs to my home PC I am using now and is from internal LAN.

Any ideas what to do?

It is clear that the information about existence of Entware was lost. The output from commands typed just show that

1. FW lost the "path" to the Entware
and
2. The directory contained Entware has not been mounted on /opt
May be these are two separate issues or may be they are connected.

P.S. I will appreciate if you find some time to comment the second issue. It is not of great importance as it never happen again, but it is still weird and has no explanation.
 
Last edited:
Does load-balancing (when it gets fixed) have failover intelligence in it?

I mean, if I have a dual wan load balancing and one of them goes offline, will all traffic go to the other wan?
 
P.S. I will appreciate if you find some time to comment the second issue. It is not of great importance as it never happen again, but it is still weird and has no explanation.

Might be your client devices connecting to port 80 as they are looking for the presence of a proxy configuration file. Some other things will also try to connect to port 80 to look for the presence of a web server (the router does it while scanning the network for instance).

It's never a good idea to use a know-service port and repurpose it for a different service. Bad things can happen when clients make assumptions (in this case, some softwares will expect a web server on that port).
 
[*]General stability and performance (N16/N66/AC66). Any performance overall improvement from the compiler optimizations?

Stability is very good for me. Router is up since updated firmware, no hangs, no need to reboot it.
I'm using transmission, Amuled and OpenVPN server. No issue in wifi: both bands work great with my iDevice.

About speed... I'm finding it fast but I have no run any benchmarks.

My two cents :)
 
Might be your client devices connecting to port 80 as they are looking for the presence of a proxy configuration file. Some other things will also try to connect to port 80 to look for the presence of a web server (the router does it while scanning the network for instance).

Thank you for your suggestion. I tried to connect on router LAN port 80 TCP and weird lines immediately appeared in the syslog. This is strange as the OpenVPN server should listen ONLY on the WAN-side port 80, not on the LAN side. Am I wrong?

It's never a good idea to use a know-service port and repurpose it for a different service. Bad things can happen when clients make assumptions (in this case, some softwares will expect a web server on that port).

I am forced to do this as I am traveling a lot, also my daughter is studying abroad, so very often we are in very paranoid environment. Some organisations like universities, companies and hotels are trying to filter everything except TCP port 80 and also are using HTTP proxies, so connecting to my home OpenVPN server could be impossible. The only solution is to configure the OpenVPN server on TCP port 80. This always guarantees connection as at least port 80 is open on every public network. I had several problems in some places when I used standard OpenVPN ports.

Merlin, do you have any ideas about problems with existing Entware installation described in my previous posts?
 
Last edited:

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top