Beta Asuswrt-Merlin 3006.102.4 Beta is now available

[128bit]

. . . with the chatter dying down, i'm feeling we're gettin' very close to ga..

 

[RMerlin]

Is ASUS' Adaptive QoS implementation still broken ? Any ways to verify if Adaptive QoS is working

For Wifi 7, yes.

 

[Ripshod]

. . . with the chatter dying down, i'm feeling we're gettin' very close to ga..

With the recent firmware drop by asus for a rather badly behaved router RMerlin may have cause to hold back for that GPL.

 

[RMerlin]

. . . with the chatter dying down, i'm feeling we're gettin' very close to ga..

I am being more patient than usual with this release since it's a major one, with a lot of significant code changes. Also this is the first time 3006 gets a significant test base. A lot of reported issues actually were also present in previous 3006 releases, but were unreported until now since there were so few Wifi 7 device owners to test it.

 

[RMerlin]

With the recent firmware drop by asus for a rather badly behaved router RMerlin may have cause to hold back for that GPL.

The current GPLs for all three platforms (wifi 6, wifi 7 and rt-be92) is currently good enough. Getting updated GPLs for multiple models can be a 2 months long affair. Not gonna delay this relase by another three extra months.

 

[128bit]

I am being more patient than usual with this release since it's a major one, with a lot of significant code changes. Also this is the first time 3006 gets a significant test base. A lot of reported issues actually were also present in previous 3006 releases, but were unreported until now since there were so few Wifi 7 device owners to test it.

by all means, take your time. guest net pro has some bugs with the iot template on the stock release; @bbunge was extraordinarily helpful. there are also some mesh reconnection problems after a reboot. i do get that the latter bug may be out of your "reach" but either way, can't wait to come back home.

 

[Tiger22]

Is it possible to block ads with diversion for devices that on different VLAN for example 192.168.52.1, I tried the DNS Director but ads still showing.

 

[jerry6]

I am being more patient than usual with this release since it's a major one, with a lot of significant code changes. Also this is the first time 3006 gets a significant test base. A lot of reported issues actually were also present in previous 3006 releases, but were unreported until now since there were so few Wifi 7 device owners to test it.

No complaints here all my routers are working well with all the models you are supporting best to take your time . I would rather wait for stable FW than pull my hair out with buggy rushed through FW .

 

[copperhead]

Is it possible to block ads with diversion for devices that on different VLAN for example 192.168.52.1, I tried the DNS Director but ads still showing.

I've used IPTABLES to redirect all devices to Pi-Hole at 192.168.1.4. In your case i would do:

[ save to /jffs/scripts/firewall-start ]
iptables -I INPUT -i <interface> -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i <interface> -p tcp --dport 53 -j ACCEPT

[ save to /jffs/scripts/nat-start ]
iptables -t nat -I PREROUTING -i <interface> -p udp --dport 53 -j DNAT --to-destination <lan_ip>
iptables -t nat -I PREROUTING -i <interface> -p tcp --dport 53 -j DNAT --to-destination <lan_ip>

<interface> = the interface which the VLAN is using . use: ifconfig
<lan_ip> = the ip for where diversion is at

Paste both sets of IPTABLES into shell to have them take affect immediately rather than rebooting router.

 

[Tiger22]

I've used IPTABLES to redirect all devices to Pi-Hole at 192.168.1.4. In your case i would do:

(save to /jffs/scripts/firewall-start)
iptables -I INPUT -i <interface> -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i <interface> -p tcp --dport 53 -j ACCEPT

(save to /jffs/scripts/nat-start)
iptables -t nat -I PREROUTING -i <interface> -p udp --dport 53 -j DNAT --to-destination 192.168.1.1
iptables -t nat -I PREROUTING -i <interface> -p tcp --dport 53 -j DNAT --to-destination 192.168.1.1

<interface> = the interface which the VLAN is using . use: ifconfig

Paste both IPTABLES into shell to have them take affect immeidately rather than rebooting router.

Does Adguard Home uses the same port 53?

 

[copperhead]

Does Adguard Home uses the same port 53?

afaik, yes, port 53

 

[bennor]

Is it possible to block ads with diversion for devices that on different VLAN for example 192.168.52.1, I tried the DNS Director but ads still showing.

How did you configure DNS Director?
No problem using DNS Director to have two Guest Network Pro Profiles configured to use User Defined DNS 1 (a Pi-Hole). The Pi-Hole Query Log shows things are working with requests coming from both Guest Network Pro Profile's clients.

Edit to add: Note that there has been a slight change with DNS Director. Users may need to change the Global Redirect option to a User Defined DNS # rather than the previous setting of Router. From the DNS Director page:

A few special System options are available in the presets. "No Redirection" will bypass a global redirection, and "Router" will force clients to use the router itself as their resolver.

From the 3006 Change Log:

3006.102.x (xx-xxx-xxxx)
- CHANGED: Setting DNS Director to "Router" will now always
redirect to the router's own IP. Previously it
would redirect to the first DNS server configured
on the DHCP page (which defaults to the router
itself).
If you need DNS Director to redirect to an IP
configured in your DHCP settings, use a Custom DNS
entry in DNS Director. This makes it more consistant
with what the name implies, and was also necessary
for improved Guest Network support.

 

[TnF]

Just installed Beta 2 on RT-BE92U and there looks to be like some serious issues with Entware.
I was on Beta 1 with FlexQoS, uiDivStats, and Diversion all working perfectly fine.
As soon as i updated to Beta 2 i went to log in the UI, and it doesn't do anything; i refresh and it's like the router UI has freezed. It still continues to route just fine.
I go into amtm, Diversion is not there. I go to re-install, it says Entware is not there.
I try to install Entware, says No compatible device(s) found. Ok, is my usb drive not working, i go and check, looks fine. I try and reformat through amtm, and what i notice it takes 10 mins to format.

It reboots, again Entware can't be installed. I've fiddled around more, tried hard rebooting etc, same issue. At least i've managed to log into the UI once (i think it's just hangs somewhere then it works normally unless you try to do something with Entware). I am gonna try a new USB drive when i get back from work, but looks like i have to try re-flashing Beta 2 and re-test or just downgrade back to Beta 1.

I will try to get some logs, this is very weird behavior.

edit: At the log in page, i clicked log in and it takes approximately 6mins (i've timed it) and send be back on the log in screen again (tested both chrome and firefox)

edit2: After leaving it idle for 15mins i was able to log in normally:

lots of I/O errors on dev sda1 in the log, i think the usb drive is toast

 

[hroo772]

I'm running beta2 on my BE96U as the main with one AiMesh node (BE92U) running stock fw.

I've been having issues where the wifi networks all drop ever 12-24hrs. In the AiMesh settings, I'm running Wifi7 with MLO. The most instability seems to happen when I enable 'MLO Fronthaul for Clients' which I'd like to use if it were more stable.

I've also upload the syslog file (BE96U) for when the wifi network all drops off, the timestamp to start looking at the wifi dropping event is "Apr 22 19:10:14".
When I've run this syslog through some LLMs, it seems to point to the Broadcom driver due to error messages such as "WLC_SCB_DEAUTHORIZE error (-30)" and "Previous authentication no longer valid (2)".

Maybe this will be helpful in tracking something down. Thanks Merlin.

 

[JWoo]

3006.102.4 Beta2 working well now. Wireguard rule was set up incorrectly, that is on me. Now it is working fine. No issues. Wireless performance looks fine.

 

[Alfsu]

GT-AX6000 migration to Asuswrt-merlin 3006.102.4 alpha and betas successfully, and without troubles despite dirty-flashing from code base 3004 and being main to an RT-AC86U (3004.388.9) AiMesh.
Two guest networks migrated and clients reconnected every single time, VPN clients (2) and servers (02) worked without any additional intervention post flashing 3006.
Once again, a magnificent job by @RMerlin, thank you, thank you, thank you!

 

[Tiger22]

How did you configure DNS Director?
No problem using DNS Director to have two Guest Network Pro Profiles configured to use User Defined DNS 1 (a Pi-Hole). The Pi-Hole Query Log shows things are working with requests coming from both Guest Network Pro Profile's clients.

Edit to add: Note that there has been a slight change with DNS Director. Users may need to change the Global Redirect option to a User Defined DNS # rather than the previous setting of Router. From the DNS Director page:

From the 3006 Change Log:

I'm aware of the change but just to be clear I used Diversion and AGH one at the time within the AMTM not from the external device. Diversion for example will set DNS Director to router by default, I tried multiple ways but doesn't work for me. I have not tried the iptable way like "copperhead" said yet.

 

[sto]

Maybe I’m late to the game…but I notice CIRA Canadian Shield is no longer one of the presets for DNS over TLS. Any pariticular performance or privacy reason for this, or is it just a matter of space on the list? Just curious.

 

[Mutzli]

Just installed Beta 2 on RT-BE92U and there looks to be like some serious issues with Entware.
I was on Beta 1 with FlexQoS, uiDivStats, and Diversion all working perfectly fine.
As soon as i updated to Beta 2 i went to log in the UI, and it doesn't do anything; i refresh and it's like the router UI has freezed. It still continues to route just fine.
I go into amtm, Diversion is not there. I go to re-install, it says Entware is not there.
I try to install Entware, says No compatible device(s) found. Ok, is my usb drive not working, i go and check, looks fine. I try and reformat through amtm, and what i notice it takes 10 mins to format.

If you rely on multiple scripts like Diversion or Skynet, I’d recommend using an SSD instead of a USB stick. I went through several USB sticks before switching to one of these enclosures and using a 128GB SSD drive from an old computer. I haven't had any issues since I made the switch about a year ago.

 

[dave14305]

Maybe I’m late to the game…but I notice CIRA Canadian Shield is no longer one of the presets for DNS over TLS. Any pariticular performance or privacy reason for this, or is it just a matter of space on the list? Just curious.

Looks like some comment markers are being ignored or stripped during the build, letting the WAN page fetch Asus’ list of DoT servers and overwriting Merlin’s.

asuswrt-merlin.ng/release/src/router/www/Advanced_WAN_Content.asp at 1585de5f04b7bc51443ef8dfe4b0d6e197bd987d · RMerl/asuswrt-merlin.ng

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

@RMerlin it seems the 36521 GPL merge modified the www Makefile to change the path parameter to the genshfile.pl call. Maybe this explains (for better or worse) this issue and the previous issue with the missing X Unicode character. Perhaps genshfile wasn’t working at all before this change and now it is, or it’s too aggressive now working one directory level up.

EDIT: Even simpler, the newer version of the Multiservice WAN page doesn’t have the comment block around retrieving the Asus DoT list at all, which is why CIRA is overwritten.

asuswrt-merlin.ng/release/src/router/www/sysdep/FUNCTION/MULTISERVICE_WAN/Advanced_WAN_Content.asp at 3006.102-wifi6 · RMerl/asuswrt-merlin.ng

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com