[Dev] Asuswrt-Merlin 388.1 development

[RMerlin]

The thing is though that you don't actually *need* to debug the kernel module, unless you're actually doing development on it.

My point was that Wireguard gives no user feedback if it fails to connect for one reason or another. It leaves the end user having to figure out on his own why the tunnel won't go up. Is it a misconfigured AllowedIP? The remote peer not being reachable? A mismatched private/public key? You are left guessing, while with another traditionnal VPN solution, you can have a quick glance at a log, which will tell you what is failing.

This is also a feature. Wireguard has built in roaming support. There is no concept of disconnecting. As long as there's internet connectivity between the 2 ends, packets will flow. As long as you've bound an application to an interface or ip, or as long as you're routing there via other means (eg namespaces) there's no chance of a leak. The interface will not go down, and once your internet connectivity to the other end is restored, packets will begin to flow as normal. This is superior design

It might be superior if the goal is to have a permanent tunnel between two sites. But if you have an on-demand tunnel (like a VPN connection with a VPN provider which you might want to start/stop on demand), it becomes unintuitive.

Seriously though, wireguard is the future,

I disagree. It might be a good design for some type of uses, but for other uses it's no replacement to an existing technology like IPSEC or OpenVPN. For the goal of having an on-demand tunnel with a VPN provider, it's a clunky solution.

The fact that it has been merged natively into the linux kernel is proof of that

No, the fact that it was merged in is proof that it has enough uses to be worth merging into mainline kernel. That does not mean it's a panacea to replace every existing VPN technologies. The fact that reiserfs was merged into the kernel never meant it was the future of filesystems, for example. And for a home router, with the hardware involved and the typical use case involved, wireguard is not the best option for end users to use.

 

[JGrana]

FWIW, the donation link is also on his official site... https://www.asuswrt-merlin.net/contact

There is also a donation thread for Addon Developers. They also deserve some cheer!

Asuswrt-Merlin AddOn Developers Donation Links

AddOn developers create many useful scripts, WebUI addon pages, system extensions and useful utilities to enhance Asuswrt-Merlin supported routers. These "devs", like RMerlin, do this all voluntarily. This requires lots of time, effort, support of users, upkeep and maintenance. They do it for...

www.snbforums.com

 

[capncybo]

While I certainly did enjoy the techno-babble exchange between @Nodens & @RMerlin. Very little people understand the (hardware/software) limitations of these Asus routers better than RMerlin.
RMerlin already knows this & as @SomeWhereOverTheRainBow just reminded us: "... with these routers you are lucky to push 350 mbps off of a 1gbps line speed without hardware acceleration."
So...
Why do some people still insist on talking-up wireguard?
Unless the Asus router CPU is replaced with something superior... The Wireguard Tunnel's network speed will never keep up with the current (almost-common) 1G ISP Connection.

EDIT: But I do suppose to some... Wireguard could be considered slightly easier to setup & establish a connection than many previous options.

 

[skeal]

On my AX88U, I changed from using OVPN to Wireguard, and to test I disabled the OVPN client from starting at boot time. However when I reboot the OVPN client starts anyway.

 

[skeal]

After a while, my Traffic Analyzer tab just loads endlessly. It stops the entire UI from loading eventually
Still have internet access on devices just can't access the UI

Edit: UI becomes accessible after a while again but Traffic Analyzer is still unresponsive and breaks the UI again after opening the tab.

No trouble with traffic analyzer on my AX88U.

 

[skeal]

While I certainly did enjoy the techno-babble exchange between @Nodens & @RMerlin. Very little people understand the (hardware/software) limitations of these Asus routers better than RMerlin.
RMerlin already knows this & as @SomeWhereOverTheRainBow just reminded us: "... with these routers you are lucky to push 350 mbps off of a 1gbps line speed without hardware acceleration."
So...
Why do some people still insist on talking-up wireguard?
Unless the Asus router CPU is replaced with something superior... The Wireguard Tunnel's network speed will never keep up with the current (almost-common) 1G ISP Connection.

On my AX88U, Runner is still enabled while running Wireguard.

 

[Smokey613]

I have used Wireguard on my Firewalla units. It is easy to setup and use on that platform however, it does not provide anything better than I get from openvpn on my Asus routers. If my ISP bandwidth was greater it might be a different story.

 

[capncybo]

On my AX88U, Runner is still enabled while running Wireguard.

I thought speed gains from runner where considered minimal & to establish any serious speed gains... HW acceleration relied on FlowCache.
EDIT: Yep just checked on my AX86U the toggling Wireguard On/Off (On the Older firmware) toggles FC but doesn't muck with Runner.

 

[skeal]

I thought speed gains from runner where considered minimal & to establish any serious speed gains... HW acceleration relied on FlowCache.
EDIT: Yep just checked on my AX86U the toggling Wireguard On/Off (On the Older firmware) toggles FC but doesn't muck with Runner.

I'll take any enhancement to traffic flow.

 

[DJones]

]
Alot of @kernol swapping indeed.....

As I primarily use Ubuntu on my server I usually run the stable mainline kernel opposed to LTS 5.19 on 22.10. I like to live on the fringe. But yes I lots of kernol swapping

 

[capncybo]

I'll take any enhancement to traffic flow.

LOL I certainly can relate. But just a FYI... as you mentioned: You recently switched from using OVPN to Wireguard.
(I've been playing with both, for quite a while but...)
The main purpose of either in my case is to remote from the outside internet back into my LAN.
Either option will work but...
With OpenVPN I can have HW acceleration with Runner & Flow Cache enabled.
Yet with Wireguard, I can only have HW acceleration with Runner
Problem...
On my network I have local LAN clients which can transfer data in the 800+ range
Except if using Wireguard... no Flow Cache, hence
ALL my local Clients struggle to hit 300

Certainly Not an upgrade, so... back to OVPN I went.
And I haven't read anything that will change this behavior.
Router Hardware/Software limitation.
True Story ;-)

 

[lancethepants]

Here's one you can probably file in the round bin
On my RT-AX88U under 386 zfs and ext4 over samba both ran at line speed ~112MBps, but under 388 zfs is like ~70MBps and very erratic, but ext4 is unaffected.
Any kernel features maybe that changed you're aware of?

 

[RMerlin]

Here's one you can probably file in the round bin
On my RT-AX88U under 386 zfs and ext4 over samba both ran at line speed ~112MBps, but under 388 zfs is like ~70MBps and very erratic, but ext4 is unaffected.
Any kernel features maybe that changed you're aware of?

No, but 388 did switch to a different Samba codebase, and some Broadcom specific tweaks for it were only added in 21224 (while the RT-AX88U runs on 20566). That might possibly make a difference in your case.

 

[lancethepants]

No, but 388 did switch to a different Samba codebase, and some Broadcom specific tweaks for it were only added in 21224 (while the RT-AX88U runs on 20566). That might possibly make a difference in your case.

I see, is that a change that will eventually make it to 388 final?

 

[DJones]

I see, is that a change that will eventually make it to 388 final?

Likely. Once he gets the GPL for more routers on master currently only two routers support 21224 I think.

 

[capncybo]

Likely. Once he gets the GPL for more routers on master currently only two routers support 21224 I think.

Yeah this wait for my AX86U source is slowly killing me, I've even resorted to working on my car. LOL

 

[RMerlin]

I see, is that a change that will eventually make it to 388 final?

It's included for all models currently based on 21224. I'm still getting new model GPLs on a daily basis, so for now I'm focusing on merging these. Once I get most models, I'll see what I'm going to do with these first two models.

Likely. Once he gets the GPL for more routers on master currently only two routers support 21224 I think.

It's the opposite. The first two models received are on 20566, five are on 21224, with two more to be added soon (their GPLs were uploaded by Asus earlier today).

 

[capncybo]

...with two more to be added soon

Curious as to which ones (or better yet) is their a link/URL us curious cats can check-ourselves without always bothering the BIG Dog ?

 

[RMerlin]

...with two more to be added soon

Curious as to which ones (or better yet) is their a link/URL us curious cats can check-ourselves without always bothering the BIG Dog ?

It's a work-in-progress, I'm getting new GPLs on a daily basis lately. It will be on Github and/or the test-builds folder once it's ready.

 

[skeal]

On my AX88U, I changed from using OVPN to Wireguard, and to test I disabled the OVPN client from starting at boot time. However when I reboot the OVPN client starts anyway.

UPDATE: This was caused by a left over custom configuration of mine, this is not an issue. Cheers!