[Beta 384/NG] Asuswrt-Merlin 384.5 Beta is now available

[jerry6]

I have been running a fan on mine since I installed it because it is located in a hot environment.
You must remember to clean it every 6 months if you do use a fan because it will gather dirt. I use a grounded vacuum on it with a brush.

Current Temperatures:
Room Air 85 °F
Router temps:
Fan ON: 2.4 GHz: 108 °F - 42°C - 5 GHz: 118 °F - 48°C - CPU: 135 °F - 57°C

I don't know of any tools other than knowing the temp and how it runs when its hot. Whatever the case most routers can handle some heat but we all know ICs don't like heat. I have seen 225 °F before I installed the fan and I did not want the router running that hot. That's why I installed the fan. I feel that the coller it can run the longer the router will last.

Seems some routers run cooler , I have 3 AC 3200 , 2 run hot 56c to 68 c , but one runs 42 to 48 c , seems some must have a better bond between chip and heatsink . Luck of the draw , some are just built better . I had a fan on one of the "hot running 3200 but it collected a lot of dust so now it runs no fan .

 

[DonCatoli]

folks need to understand, if you want AImesh you need to segregate that from your merlin router... have your main router with merlin and wifi off (use it for your isp routing, scripts, etc.), then get the set of cheap routers with stock asus fw with wifi on for your aimesh that are behind your merlin router.

 

[cmkelley]

I don't think easy-rsa2 supports it, and easy-rsa3 would break compatibility with other portions of the firmware that might also rely on it.

People looking to use ECDH can manually generate and configure it.

Well, it's a server-side only setting, so it wouldn't affect the firmware-generated client script. BUT, the user would have to select which curve to use, so yeah, I can see why it's not worth you implementing. It IS easy enough to add in the custom configuration section.

 

[HuskyHerder]

Update to b2 while on VPN, used a computer on site to push the update out to the 5300. All went well with no issues, & all services came back online. No remote power cycle needed from the mrs.

 

[PDinDetroit]

USB Health Scanner Tab would not update until I went to the Information Tab and back to the Health Scanner Tab. On RT-AC86U running AMTM, AB-Solution, DNSCrypt, Skynet.

 

[NoSync]

With alpha3 (dirty upgrade) I had a problem with my RT-AC86U which would cause it to require a power cycle after changing some options in the web UI (eg. some LAN or wireless settings); they would be stored, but the router wouldn’t go back up and, strange things, the leds would stay off until the power cycle.

I updated to beta2, reconfigured from scratch, same thing keeps on happening. Restarting from the web UI or via SSH works fine. Nothing relevant in the logs.

 

[RMerlin]

I do not really know how to do these things you ask, can you give me an idea of where I find that info?

Over SSH:

iptables -t nat -L PREROUTING -vn
iptables -t nat -L VSERVER -vn

 

[Steven Reid]

Over SSH:

iptables -t nat -L PREROUTING -vn
iptables -t nat -L VSERVER -vn

ASUSWRT-Merlin RT-AC87U 384.5-beta2 Sun May  6 20:47:17 UTC 2018
admin@RT-AC87R-E620:/tmp/home/root# iptables -t nat -L PREROUTING -vn
Chain PREROUTING (policy ACCEPT 250 packets, 29294 bytes)
 pkts bytes target     prot opt in     out     source               destination                                                          
  314 32117 VSERVER    all  --  *      *       0.0.0.0/0            156.57.229.2                                                          22
    0     0 PCREDIRECT  all  --  br0    *       0.0.0.0/0            0.0.0.0/0                                                                      MAC 00:12:13:39:52:EF
    8  2272 PCREDIRECT  all  --  br0    *       0.0.0.0/0            0.0.0.0/0                                                                      MAC E8:AB:FA:75:CD:4B

156.57.229.2 is not my wan address currently, not sure why this is not working right.

admin@RT-AC87R-E620:/tmp/home/root# iptables -t nat -L VSERVER -vn
Chain VSERVER (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:3074 to:192.168.1.3:3074
    0     0 DNAT       udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:3074 to:192.168.1.3:3074
 1965  187K VUPNP      all  --  *      *       0.0.0.0/0            0.0.0.0/0

I don't have anything custom done to the firmware. Just a basic home setup.

 

[RMerlin]

156.57.229.2 is not my wan address currently, not sure why this is not working right.

That would explain your problem. Is it the same IP shown on the webui (on the first page), or is it different?

You could try restarting your WAN interface:

service restart_wan

 

[Steven Reid]

That would explain your problem. Is it the same IP shown on the webui (on the first page), or is it different?

You could try restarting your WAN interface:

service restart_wan

No the proper IP is on the first page. I issued the restart wan command and now the proper IP shows up in the first commands results.

I restarted the router multiple times yesterday and that didn't seem to fix the problem. Wondering why it's holding on to the wrong external IP if the webui has the right one.

 

[Steven Reid]

Disregard the comment about the IP reverting... was an oversight.

I am thinking the external IP was correct the whole time, just was displaying cut off for me.

When I restarted the wan Google remote desktop still would not connect.

 

[RMerlin]

Disregard the comment about the IP reverting... was an oversight.

I am thinking the external IP was correct the whole time, just was displaying cut off for me.

When I restarted the wan Google remote desktop still would not connect.

Try disabling NAT acceleration under LAN ->switch control.


Sent from my P027 using Tapatalk

 

[Steven Reid]

Try disabling NAT acceleration under LAN ->switch control.


Sent from my P027 using Tapatalk

I turned it off and rebooted both machines yet it still won't connect... The weird thing is that it used to connect every so often, but after testing recently it doesn't seem to ever connect. And on the older firmware it would connect almost every time.

 

[jass]

I turned it off and rebooted both machines yet it still won't connect... The weird thing is that it used to connect every so often, but after testing recently it doesn't seem to ever connect. And on the older firmware it would connect almost every time.

I dont think this has anything to do with Merlin FW, my guess is Microsoft recent updates (not necessery april update). I'm experiencing "weird" connections problems with Chrome Remote and I still run 380.70 on a AC88 router, three AC88 AP's and two AC66 AP's. Worked flawless for weeks and for almost a week ago CRD started to struggle.

This is what i've found so far: I'm experiencing CRD problems on both Win 1709 and 1803 builds and with different AV solutions (Norton internet security and MS Defender). Which tells me it's problably not the AV or the April update itself. But I know MS is making quite some changes in how windows is handling the network/shares/homegroups/etc these days, so thats my prime suspect so far.

There is also a chance that Chrome/CRD itself have gotten an update without me registrating it, but my gut feeling says MS is the cause. Because I experinced something of the same around the launch of Fall Creators update too.

But I absolutely do not believe it's Merlins FW which causes the CRD problems, in that case its problaby related to an Trend signature update which both 380.70 and all newer FW has gotten, which is out of his control.


Follow up:

Here's what made CRD work for me again (inhouse):

1. Start your Chrome browser ->wrench/menu ->Help ->About Chrome, and make sure it's updated.

2. Right click the start button and click on run ->Type services.msc in the run box and press enter ->Scroll down to the Function Discovery Resource Publication. Set it to Automatic. Then right click it and choose start.

3. Goto windows powersettings and make sure quick/fast start are disabled under what the on/off button should do. (also a setting which all of a sudden changed recently)

4. Never hurt to boot your machine or your router for that matter...

This also solves the issue which network machines no longer was visible in windows. This setting has recently changed on all my windows machines, both 1709 and 1803. For some reason I've been able to CRD in to a remote located windows 1709 machine. But not my inhouse (on the same network as me) windows machines (both 1709 and 1803) the last week or two. There has been sporadically connections inhouse during this period, but mostly unsuccessful and if any at all unstable.

I still believe the origin of this CRD problems has something to do with Microsoft changing the way they are handling the network (thrashing Homegroups and phasing out SMB1, etc), even though I first believed it was solved just by updating Chrome, but no.

 

[RMerlin]

I turned it off and rebooted both machines yet it still won't connect... The weird thing is that it used to connect every so often, but after testing recently it doesn't seem to ever connect. And on the older firmware it would connect almost every time.

I can't think of anything else on the router's side then, sorry. NAT loopback is working fine here, and it does show up as being configured in your router's firewall.

 

[jass]

So maybe one stupid question, but it is relevant for this release also.

I've registered some talk about a maxlength of dhcp list 2500 char in the NG FW.

Does this mean the router/ap's will crash if you have enough clients, or just that the name wont be registered ?

The reason I ask is that I have about 75 clients, but a good portion of them are random visitors so I have no control over most client name/length. I am planning to upgrade my AC88 router and AP's as soon as 384.5 beta goes to stable. But I have not fully understood consequense of this maxlen dhcp list.

anyone care to explain what will happen if I go over the limit.

 

[RMerlin]

Does this mean the router/ap's will crash if you have enough clients, or just that the name wont be registered ?

The webui will warn you when applying your settings that the list is too long, and will ask you to edit it first.

If your router already had a list longer than 2500 characters then it depends. Most likely the router will complain the first time you try to save settings on any page that tries to access the dhcp_clientlist variable.

The reason I ask is that I have about 75 clients, but a good portion of them are random visitors so I have no control over most client name/length. I am planning to upgrade my AC88 router and AP's as soon as 384.5 beta goes to stable. But I have not fully understood consequense of this maxlen dhcp list.

The 2500 chars limitation is only for static lease, it does not affect DHCP clients that don't have a static lease configured on the router.

 

[jass]

The webui will warn you when applying your settings that the list is too long, and will ask you to edit it first.

If your router already had a list longer than 2500 characters then it depends. Most likely the router will complain the first time you try to save settings on any page that tries to access the dhcp_clientlist variable.



The 2500 chars limitation is only for static lease, it does not affect DHCP clients that don't have a static lease configured on the router.

Thank you so much Merlin for your detailed answer, and your heroic efford to make Asus routers great with your FW.

This really eased my stomic regarding migrating to NG.

 

[RMerlin]

USB Health Scanner Tab would not update until I went to the Information Tab and back to the Health Scanner Tab. On RT-AC86U running AMTM, AB-Solution, DNSCrypt, Skynet.

Tested with both an ext2 thumbdrive and an NTFS HDD< still can't reproduce the issue here. Try with a different browser.

 

[Unisoft]

Can somebody confirm/check if MAC clone works on the 'WAN'?

Normally if I change a MAC here, and reboot both cable router and Asus router, it forces a new IP address. I keep getting the old one back?

thanks.