What's new

Beta Asuswrt-Merlin 388.1 Beta is available for select models

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Has anyone tried to run this on a main router (such as the GT-AX11000) while running nodes on the prior firmware? I have ZenWifi XT8 nodes which Gnuton will eventually provide matching firmware for based on this same architecture, but I’m wondering if my nodes will be compatible with this in the interim running 386.7_2…
My AXE16000 is my main and my node AC88U is running 386.7_2.
 
Beta 2 is now available. Changes since beta 1:

Code:
d38e529fda Update documentation
d5d74b7843 bwdpi: new cache bypass logic for BCM4912 which is now compatible with that platform (fix provided by Asus)
811f8da0d5 webui: hide WPA passphrase by default on wireless settings for the GT-AXE11000
b044136f42 webui: hide WPA passphrase by default on Wireless Settings for the GT-AXE16000
927c8513c6 webui: replace hardcoded Chinese labels with localized labels on Wireless router status pane
046227166f rc: implement inbound firewall for WireGuard clients (defaults to Block)
ec94039240 bwdpi: disable flow cache bypass by AiProtection on BCM4912 (fix provided by Asus)
cf74ee5066 lltd: fix dangling symlinks for RT-AX88U and GT-AX11000 icons
7e7ff61ceb lltd: resync with upstream
478f0b9712 libovpn: update amvpn_update_exclusive_dns_rules() so OVPNC rules are before WGC rules
595d22d6ed rc: re-apply OpenVPN exclusive DNS rules after WGC rules, so they get inserted before them
961b9f2336 rc: re-apply WG clients exclusive DNS rules on firewall restarts
3627943427 rc: webui: remove NAT type setting from HND 5.04 models
5ac92c10a7 build: enable ASD on RT-AX68U (fixes missing libasc.so needed by networkmap)
f72f313807 webui: update reference to DNSFilter on WAN page
a253718ffc webui: fix VPNDirector's edit panel location
6710f7c803 webui: remove stray <tr> fromm VPNDirector's WGC client state
cff5673d3d Bumped version to beta 2
 
I know it is probably a firefox issue but I just want to report it.
AX-3000
1668207732900.png
 
WOOHOO! Beta 2! Let's go!

EDIT: Filthy upgrade from Beta 1 completed on all APs. No issues to report off the bat. Main router still at Release level.
 
Last edited:
@RMerlin DNS Director is still not forcing DNS for Wireguard client devices. They remain under the DNS configured in the router client. Everything else works fine now though. You can reboot, apply DNS Director settings, and QOS without messing with Wireguard DNS. VPN Director page looks correct now. Definitely progress has been made.
 
Last edited:
Main 58U & 58U Nodes all working great so far (BETA 2).
 
You would think there would be a log in syslog from Wireguard stating the new DNS forced. There is for the connection when disabled and enabled.
 
On beta 2 but still seeing these errors




Error locking /var/lock//usr/networkmap/nmp_conv_type.js.lock: 2 No such file or directory Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error unlocking -1: 9 Bad file descriptor Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error locking /var/lock//usr/networkmap/nmp_vendor_type.js.lock: 2 No such file or directory Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error unlocking -1: 9 Bad file descriptor Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error locking /var/lock//usr/networkmap/nmp_bwdpi_type.js.lock: 2 No such file or directory Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error unlocking -1: 9 Bad file descriptor


Any idea where the extra / is coming from?
 
b2 no issue
 
On beta 2 but still seeing these errors




Error locking /var/lock//usr/networkmap/nmp_conv_type.js.lock: 2 No such file or directory Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error unlocking -1: 9 Bad file descriptor Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error locking /var/lock//usr/networkmap/nmp_vendor_type.js.lock: 2 No such file or directory Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error unlocking -1: 9 Bad file descriptor Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error locking /var/lock//usr/networkmap/nmp_bwdpi_type.js.lock: 2 No such file or directory Nov 11 20:11:01 RT-AX86S-5820 networkmap: Error unlocking -1: 9 Bad file descriptor


Any idea where the extra / is coming from?
Networkmap is closed source and outside of my control.
 
After a stable run on 388.1_beta1 for 5 days 11 hour(s), I did a dirty upgrade to 388.1_beta2. The update did seem to trigger a let's encrypt certificate renewal, could be a coincidence. After that, I had to login again and everything is running fine.
 
Last edited:
I just put 388.1_beta2 on my RT_AX86U and it was not noted as changing. But I still find that if DNS Directors redirect to Router is enabled Android devices using Private DNS can not use the wifi from the RT-AX86U.
The Android device will simply say the RT-AX86U WiFi has no internet and private dns cannot be accessed.
Currently I have turned off DNS Directors redirect to Router and instead set No Redirection.

I want to use DNS Director to ensure DNS traffic on my network of devices that can not encrypt their own DNS is encrypted. EG when a device is not set to use the Asus router as the DNS server because DNS setting is not exposed or locked by some other admin.
I also want to ensure Android devices are always using encrypted DNS for when they are not connected to the RT-AX86U, eg random wifi or carrier data etc.

Currently the 388.1 is making me chose to not automatically encrypt unencrypted DNS traffic for devices connected to the router or force all Android users on the network to turn off their system wide DNS encryption.
This worked fine under 386 when Android devices encrypted their own data and the router automatically redirecting any DNS traffic from other devices that was not encrypted.

Perhaps this block of device DoT was put in place to ensure DNS filtering applies (excluding DoH that still successfully bypasses), but I do not not use DNS filtering I am only interested in the encryption side of DNS Director.

Is there a switch to say to not block a device that is already using DoT?
 
Last edited:
Status
Not open for further replies.

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top