Release Asuswrt-Merlin 386.1 is now available

[capncybo]

Updated Post #2 concerning a few missing features related to build profiles being out of sync with upstream, will be fixed for the next release.

Oh Boy... So my aging RT-AC68U will get Instant Guard after-all !!! But Now, I have to wait... Dammit. Thanks RMerlin LOL

 

[AntonK]

It must have been a bug as 160 MHz is only relevant to Wi-Fi 6 (AX) and not Wi-Fi 5 (AC). So not applicable then to AC-88U model but it is on the AX-88U which I have.

"160 MHz sometimes available but non-working on RT-AC88U (build profile out of sync with upstream, fixed for next release. Note that this option is only available to certain RT-AC88U SKUs and is either region or revision specific.) Update from post #2 by Rmerlin.

 

[L&LD]

@capncybo what irony! Waiting, for Instant Guard.

Welcome to the forums!

 

[hifiwifi]

Thanks @RMerlin, @themiron, et al. for the work you've put into the 386.1 release and Asuswrt-Merlin in general!
I performed a (dirty) upgrade of my RT-AC86U from 384.19 to 386.1. Everything seems to work fine.
I do have a ~ +3 degree Celsius CPU temperature (~73c -> 76c) after +3 hours uptime going from 384.19 to 386.1.
FYI, I had traditional QoS enabled and noticed the Traffic Classification Pie Chart doesn't render (this is after clearing my browser cache):

View attachment 30073
I have since disabled QoS as I wasn't really taking advantage of it and had only enabled it a few weeks ago.

I have the same experience. I have to manually restart FlexQoS using amtm for the graphs to render.

 

[DarkKnight75]

Upgrading back to merlin from 384 tonight....looking fwd to all the new features again.

 

[L&LD]

@DarkKnight75, looking forward to your experience!

Guess the 'off-topic' posts (that got deleted) in the other thread didn't go to waste.

 

[princi]

Upgrading back to merlin from 384 tonight....looking fwd to all the new features again.

Then why not go all out and try 386.2 Alpha for the full effect ;-)

 

[shabbs]

Then why not go all out and try 386.2 Alpha for the full effect ;-)

Thought you were joking... then I looked... LOL.

 

[Morac]

My LAN/WAN went down again today on my RT-AC88U. That’s less than 2 days after it went down last time and that was less than 2 days after I upgraded to 386.1.

Wifi didn’t go “down” per say, but if I disconnected from WiFi I couldn’t get back on.

Having this happen twice in 2 days is more or less unheard of. Something seems off with this update.

 

[Citius]

RMerlin was spot on [as usual] with his response to my original post ... problem was coming from Trend Micro code [closed source].

I have perfectly stable RT-AX86U's on 386.1 - HOWEVER ... in my view after flashing 386.1 firmware [with USB ejected] it is ESSENTIAL to do a full WPS button factory reset if you want proper stability. Even with that - my AX86U still does NOT like Guest WiFi 1 being used at all - whether across AiMesh nodes or confined to the Aimesh main Router ["buggy" errors abound] and I do NOT enable AiProtection - but prefer to rely on Skynet addon.

If you have ever enabled AiProtection and then later disable it - the problem remains - you must go to the "Administration" Tab and then to "Privacy" sub-tab and hit "Withdraw" button on the section denoting AiProtect / QOS etc.

Sadly - that blows out the use of FlexQOS, my favourite QOS add-on ... so I have had to revert to cake-qos for decent buffer bloat reduction.

Actually i removed my ovpn client and turned off my YazFi 2,4Ghz guest network and then i removed the guest network.
I went into YazFi config with vi and set everything to default again and saved, rebooted, let it run with just my isp for some hours, without any guest wifi and most errors in the log dissapered and then i made another try.

But this time i created two VPN connections.
The first one was for all my home/Private devices so i set it to strict policy and 192.168.xx.2/24, started it up and all devices went on the VPN without any problems.

The other one for my work laptop: I set YazFi to connect my work laptop to VPN2 and set it to force DNS from vpn provider. and forced it in to the tunnel.

They worked fine together and i was utterly impressed by running two VPN connections at the same time and routing private and work to different VPNs.
But then came the backside. Commercial everywhere and no more Skynet.
Diversion and Skynet stops working when i use the ovpn serviceproviders DNS.

After a little searching in this forum i found others with the same problem.
So with my home network i first tried to setup it up as Merlin and some others suggested with the VPN DNS setting to disabled, and also setting up CloudFlare DOT in WAN settings.
Unfortunately my vpn provider doesn't allow to disable the DNS settings or they don't work whithout me using their DNS servers.
So i got no internet connection and a constant restart of the ovpn client with a message in the system log with some error about "block-outside-dns".

So i turned off my Private Networks VPN connection, since i'm not concerned with my isp snooping on my internet traffic or anything like that.
I'm using the ISP that hosted PirateBay for the first years untill the Swedish Police heavily influenced and threatened by US goverment broke in to the ISPs server room and took The Piratebay servers out of there. The ISP refused to comply or let the Police or anyone get to their customers data so they had to force them self in to the server room.

They are all about privacy already and i don't have anything to hide privately so i'd rather have Diversion and Skynet protecting me than using a vpn tunnel for watching some streaming media that i pay for and doing everyday normal booring stuff like paying bills and reading emails from my childrens school.

It worked fine. So now im running the guest network on VPN 2 and my private Network with my ISPs settings.
My work laptop has always on VPN and running inside a VPN already so that's no issue that Diversion and skynet is not working for that.

And no more DCD Taunted errors either. I'm really not sure what was causing it. Since i did turn off all things related to Ai Protection. Traffic monitoring, QOS, web history, and all that and also removed my acceptance to Trends agreement already.

The only thing that has been causing errors is YazFi (but nothing serious) and my 5Ghz wifi 6 net I'm not so familiar with WIFI 6 and the correct settings. I only have a few devices connected to it but i get errors with bad frame packets that has something to do with Protected Management Frames not working properly. And some errors when changing the encryption keys. (I'm running WPA3-Personal).
My Xaomi supports wifi6 and wpa 3 but still it´s the one often causing errors in the log. my laptop only supports AC but it supports WPA3 so it works fine.
My Daughters ipad and iphone made me want to throw the devices out the window. They were constantly causing errors in the log, untill i removed the WiFi privacy that causes them to change MAC adress frequently.
That was something my Xaomi understood by itself since i have Lan MAC adress setting and Wifi MAC filtering set to "Accept" and have entered all devices in different ip blocks. It turned off its privacy mode and uses the phones MAC, but the Apple devices i had to turn it off manually.

 

[AntonK]

My LAN/WAN went down again today on my RT-AC88U. That’s less than 2 days after it went down last time and that was less than 2 days after I upgraded to 386.1.

Wifi didn’t go “down” per say, but if I disconnected from WiFi I couldn’t get back on.

Having this happen twice in 2 days is more or less unheard of. Something seems off with this update.

Why this update? 386.1 is working perfectly on my RT-AC88U and I've got no history, as you do, with these "lockups" you've been experiencing since 2017. Stop throwing good money after bad with attempted fixes such as remote power switches, etc. You've got a dud and have been tolerating it for four years now. Enough is enough, drop some coin on a new router.

 

[Maverickcdn]

WPS reset-->upgrade-->GUI reset/format(jffs) and 24hrs in all is buttery smooth. Thank you!!!

 

[DarkKnight75]

@DarkKnight75, looking forward to your experience!

Guess the 'off-topic' posts (that got deleted) in the other thread didn't go to waste.

Actually tried the release and my network mapping was way off...so after an hr went back to the old off topic firmware..lol

 

[Morac]

I decided to do a factory reset of my RT-AC88U to see if that helps with the lock ups. After setting my router back up though and putting them back on my usual manual 5 GHz channel (44), I found that my iPad and iPhone were dropping a ton of packets. The connection was horrible.

I checked the Wifi professional page and saw that Enable IGMP Snooping and Multi-User MIMO now default to being enabled, when I previously had them disabled, so I changed them, but that made no difference. Airtime Fairness was already disabled (the new default?).

The only thing that worked was to switch my Wifi channel to auto which picked 153 at first and then later 157. That stopped the dropped pings on my iPad. My iPhone still has dropped ping for about 30 seconds and then seems to stabilize.

i checked the site survey and there is a nearby Wifi network on channel 44, but the strength is 10% so it shouldn’t interfere.

Any idea why channel 44 simply wasn’t working after a factory reset when it’s worked fine for years?


On a side note, on the site survey screen do the number of rings on the Wifi signal mean anything at all? Some of the ones with full rings have 5% signal. These are “open system“ networks, but that seems wrong.

 

[sivaprasath]

Hi Everyone,
I just upgraded my RT-AX58U to Merlin 386.1 by doing clean upgrade from Stock Asus Firmware. After updating to this Merlin FW, every 2 - 3 minutes, I am seeing the below logs in my System Log:

Feb 4 22:50:29 kernel: CFG80211-ERROR) wl_cfg80211_change_station : WLC_SCB_AUTHORIZE sta_flags_mask not set
Feb 4 22:51:43 kernel: CFG80211-ERROR) wl_cfg80211_change_station : WLC_SCB_AUTHORIZE sta_flags_mask not set
Feb 4 22:54:46 kernel: CFG80211-ERROR) wl_cfg80211_change_station : WLC_SCB_AUTHORIZE sta_flags_mask not set

Is it something I can ignore, or should be worried?

 

[oldgringo]

It looks like the /rom/etc/init.d/ssl.sh file is missing there (for longer period of time), in /rom/etc/rc3.d/ there is the linked file S50ssl which points to it. Nothing terrible, only to know to clean it up.

 

[athua]

I decided to do a factory reset of my RT-AC88U to see if that helps with the lock ups. After setting my router back up though and putting them back on my usual manual 5 GHz channel (44), I found that my iPad and iPhone were dropping a ton of packets. The connection was horrible.

How close to the router is your iPad or iPhone when the dropouts occur?
With the 386 release from ASUS, it looks like the region on the router is not changing from the default of US which has the maximum power available to be less on the lower 5Ghz channels.
If you SSH to your router and issue the following command, it will tell you the max power for each available channel.

wl -i eth2 chanspec_txpwr_max

Output:
36 (0xd024) 18.00(dbm)
40 (0xd028) 18.00(dbm)
44 (0xd02c) 18.00(dbm)
48 (0xd030) 18.00(dbm)
149 (0xd095) 25.50(dbm)
153 (0xd099) 25.50(dbm)
157 (0xd09d) 25.50(dbm)
161 (0xd0a1) 25.50(dbm)
165 (0xd0a5) 25.50(dbm)

The following command will tell you the region it is currently on:
wl -i eth2 country

By default it is on:
US (US/0) UNITED STATES

If I issue the following to change it to Australia:
wl -i eth2 country AU

I now get the following but it resets back to US if I restart the router.

36 (0xd024) 21.00(dbm)
40 (0xd028) 21.00(dbm)
44 (0xd02c) 21.00(dbm)
48 (0xd030) 21.00(dbm)
52 (0xd034) 21.00(dbm)
56 (0xd038) 21.00(dbm)
60 (0xd03c) 21.00(dbm)
64 (0xd040) 21.00(dbm)
100 (0xd064) 21.00(dbm)
104 (0xd068) 21.00(dbm)
108 (0xd06c) 21.00(dbm)
112 (0xd070) 21.00(dbm)
116 (0xd074) 21.00(dbm)
132 (0xd084) 21.00(dbm)
136 (0xd088) 21.00(dbm)
140 (0xd08c) 21.00(dbm)
144 (0xd090) 21.00(dbm)
149 (0xd095) 21.00(dbm)
153 (0xd099) 21.00(dbm)
157 (0xd09d) 21.00(dbm)
161 (0xd0a1) 21.00(dbm)
165 (0xd0a5) 21.00(dbm)

 

[DeepAnger]

With the 386 release from ASUS, it looks like the region on the router is not changing from the default of US which has the maximum power available to be less on the lower 5Ghz channels.
If you SSH to your router and issue the following command, it will tell you the max power for each available channel.

wl -i eth2 chanspec_txpwr_max

This gave me false hope. I selected 165, did Apply but it ended up in Auto (36). My router is in DE by default, most channels in DFS (the highest is 112).

 

[FTC]

Updated Post #2 concerning a few missing features related to build profiles being out of sync with upstream, will be fixed for the next release.

Hi Eric, wouldn't it be appropriate to add also the other known and reported here bugs of this release (even if being more of a GPL thing and also existing in the official firmwares) ?

- Regression : Spikes in traffic monitor stats
- Phantom devices in network map
- Unstable 2.4Ghz band on RT-AX88U when channel bandwidth is set to 40Mhz

My rational is that having those at least mentioned in the 'known bugs' section would allow many users not to spend time with those issues, and for the rest save time in repeating that those are already known.

 

[bastecio75]

hi I have a strange problem when I update to latest merlin version 386.1 on my router RT-AC86U: i cannot play bf5 online anymore. I get 'Connection to EA online timed out. Your network bandwidth and/or network latency may not meet the requirements for this game'. This is def an issue with the firmware upgrade because it did work after I have downgraded to previous version? Any ideas? Apparently it has to do with port forwarding or similar. I didnt change anything and the ports are forwarded. My internet / ping is abs fine. Tried both wifi and wire same issue? Any ideas what has changed from the last firmware to the new one that would cause this? thx