What's new

[Dev] Asuswrt-Merlin 388.1 development

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
I installed gawk only. It is automatically replacing awk from busybox or I need to modify scripts to use gawk instead of awk.
Sorry, I am a greenhorn in this stuff on linux

That’s a good question. I’m not really sure as I’ve never really messed with replacing default packages much. I believe the pathing would be different, but manually changing these things seems like diving into a rabbit hole that’s way outside my knowledge. Someone else might know better.
 
No worries here. AWK is an important component for these routers. @RMerlin will eventually fix or work around. For now it's an unsupported alpha. Wait and see what the next build brings. IMHO. Cheers
 
Last edited:
I just installed the 388.1-a1 on my AX88, I just did a 'dirty' update...

This looks very promising, as far as I can see the old setup still works fine and I even got a WireGuard client to work at the first attempt :) ..

I still have to play more with this release to see/test if everything still works.

This is a very early version, I know... It is still 'under development' (first version) with WG (client) support.

Not sure whether this is on the list, just a suggestion:

It would be nice to have a 'Default' button in each WG client configuration, just like there is one in the OpenVPN client configuration (below). By clicking on it, you clear all the settings for that client...

It's more of a maintenance thing, not super important but 'nice to have'.

Thanks!
 
No killswitch for Wireguard, and no VPN Fusion in my firmware.

In fact, a killswitch isn't really possible with Wireguard, because Wireguard isn't a typical client that connects/disconnects. It's a network interface that communicates with another peer, with no way of knowing for sure if that other peer is gone. That's why after you "disconnect" a client, the peer still shows up in the Wireguard output.
I came to ask about VPN Fusion as well. I like the idea of having more than one VPN connected, and funneling certain devices (subnets? WLANs?) into particular VPNs; is anything along those lines coming? So you specifically mean "no VPN Fusion," or nothing at all of that sort? And if the latter, why not?
 
That’s a good question. I’m not really sure as I’ve never really messed with replacing default packages much. I believe the pathing would be different, but manually changing these things seems like diving into a rabbit hole that’s way outside my knowledge. Someone else might know better.
Assuming Entware has installed an updated $PATH, the gawk version should be found first. Its probably installed in /opt/bin or some other /opt location.
The Busybox awk is still around - likely in /bin

Interesting point - if a shell script author puts in full path (i.e. /bin/awk) the Entware version wont fix the problem. For many of my scripts I do indeed often use full path for commands. Not all (shame on me) and awk is one I likely wouldn’t since it’s usually somewhere in a long line of other commands and variables ;-)

Maybe we should just wait for Asus/RMerlin to fix it up.
 
I came to ask about VPN Fusion as well. I like the idea of having more than one VPN connected, and funneling certain devices (subnets? WLANs?) into particular VPNs; is anything along those lines coming? So you specifically mean "no VPN Fusion," or nothing at all of that sort? And if the latter, why not?
Asuswrt-Merlin has had policy-based routing since before VPN Fusion even existed. It's currently named VPN Director, and it`s far more flexible than VPN Fusion, which is why I have no intention of scrapping it to replace it with Fusion.
 
It's more of a maintenance thing, not super important but 'nice to have'.
I don`t think it`s worth the extra backend code as there are very few fields to clear and they are all just text fields, unlike OpenVPN where the default values aren`t just empty fields but actual values, and there are far more of them.
 
Another quick update.

After making another reboot- i saw a difference.
In the ASUS app any WIFi optimization proccess would say "reconnect to the <same Node>" .
If you try several times for the same device- the unit would crash (or WiFi would, could not really tell apart- was not near the unit , the logs are back to May, and back to October- so I guess it is unit crash).

On the WEB UI it actually does an optimization - only mobile device was not able to optimize through web UI.

Hopefully it assists us any better.
Thank you

@RMerlin
 
Another quick update.

After making another reboot- i saw a difference.
In the ASUS app any WIFi optimization proccess would say "reconnect to the <same Node>" .
If you try several times for the same device- the unit would crash (or WiFi would, could not really tell apart- was not near the unit , the logs are back to May, and back to October- so I guess it is unit crash).

On the WEB UI it actually does an optimization - only mobile device was not able to optimize through web UI.

Hopefully it assists us any better.
Thank you

@RMerlin

For clarification do you mean Webui via browser on mobile or the ASUS mobile app, which isn’t guaranteed any compatibility?
 
Really interesting reads and thank you for all the hard work @RMerlin . I have some free time for whole of November. Maybe I should use my RT-AX86S as AiMesh node connected to RT-AX86U when the alpha is ready rather than selling it? or just RT-AX86S as the main router testing alpha build. But not knowing/tested any router as node or use vpn based router, is this worth testing? Some quick yes/no feedback would be appreciated. Reading this real quick, maybe it is achievable vpn server double nat or purchase static IP for £5 month :D

Running RT-AX86U with Asuswrt-Merlin 386.7_2 smoothly now :)
 
For clarification do you mean Webui via browser on mobile or the ASUS mobile app, which isn’t guaranteed any compatibility?
For WEB- WORKS
FOR APP- NOT WORK
 
For WEB- WORKS
FOR APP- NOT WORK
79DBC29C-42F0-4F74-AF82-E6A22BB6B5FB.jpeg


Just a heads up their was a update.
 
I took the original 388 for AX86U and on my 2x AX55 I still had to use 386 latest, but still no answer from ASUS, the AX86U with 388 didn't accept 2.4 Ghz client anymore when in AiMesh. Did dirty and clean install. When switching back to Asuswrt Merlin latest 386 clean, it accepts 2.4 Ghz clients again. So when no answer from ASUS. I don't touch 388 for a while and stay safe.
Sometimes it showed a 2.4 Ghz device with 388 for a short time. And when you make it fixed to that 388, you are lost, cause it will never come online again.
 
I have no control over the mobile app, it's developed by Asus, not by me.

Well, it is weird.
Done another test here, and BOY it is hard to get a conclusion.
Now the app does optimize- just the notification says otherwise.

NVM, it is better than before? it is a progress indeed...
 
The current problem is that Internet connection speed is growing faster than the CPU speed on these routers. Over the past 5 years, Broadcom only increased their CPU clocks by 400 MHz, and are still using the same B53 core. Sure, with their runner/archer technology you can hit > 1 Gbps, but that means you basically have to give up on any advanced feature that would require disabling that hardware acceleration. For instance, that top-of-the-line router I'm currently using cannot even handle my 400 Mbps connection without runner enabled. That means I cannot use Traditional QoS, Cake, or Wireguard on it. And any IDS/IPS is limited to what little can be provided by Trend Micro's bwdpi, which didn't seem to be getting any real improvement since the initial launch back in 2014. When was the last time someone saw Trend Micro report a security issue that isnt 10+ years old, like that bogus Netcore issue they frequently report?


You can get a mini PC that draws less than 50W that would run circles around any Broadcom/Qualcomm based router. I have a Quotom i5-5200U here that I occasionally use to run VMs on it, that CPU has a TDP of 15W. I don't know what kind of routing throughput I'd be able to manage from it, but I suspect it would be faster than 400 Mbps.

Regarding Qotom, have been using one since last 4 years (i3-5005U CPU). With IDS and IPS, throughput drops to less than 300 Mbps. As per folks at OpnSense, CPU needs a serious upgrade to handle higher throughput. Maybe I should have gone with i5 instead of i3.
 
Note that this is still experimental, I haven`t made a final decision yet on whether I will keep supporting both UIs. I implemented a way for my build script to compile both images one after another and bundle them into the same archive, but what remains to be seen is how much extra work it will be to maintain both UIs.
Yea we wouldn't want you to waste your time if it creates unnecessary extra work just to support another UI "theme".
 
I don`t think it`s worth the extra backend code as there are very few fields to clear and they are all just text fields, unlike OpenVPN where the default values aren`t just empty fields but actual values, and there are far more of them.

Ok, fair enough..


Another thing I noticed is that in the VPN status screen, the 'Client status' statistics are the same for the each Wireguard connection (different connections though):
1665757937093.png


In my case, I am connected to 3 different Wireguard servers.


However, each Wireguard client screen shows different statistics:
1665758292778.png


Regards
 
The current problem is that Internet connection speed is growing faster than the CPU speed on these routers. Over the past 5 years, Broadcom only increased their CPU clocks by 400 MHz, and are still using the same B53 core. Sure, with their runner/archer technology you can hit > 1 Gbps, but that means you basically have to give up on any advanced feature that would require disabling that hardware acceleration. For instance, that top-of-the-line router I'm currently using cannot even handle my 400 Mbps connection without runner enabled. That means I cannot use Traditional QoS, Cake, or Wireguard on it. And any IDS/IPS is limited to what little can be provided by Trend Micro's bwdpi, which didn't seem to be getting any real improvement since the initial launch back in 2014. When was the last time someone saw Trend Micro report a security issue that isnt 10+ years old, like that bogus Netcore issue they frequently report?


You can get a mini PC that draws less than 50W that would run circles around any Broadcom/Qualcomm based router. I have a Quotom i5-5200U here that I occasionally use to run VMs on it, that CPU has a TDP of 15W. I don't know what kind of routing throughput I'd be able to manage from it, but I suspect it would be faster than 400 Mbps.
An RMerlin supported mini PC router would be so nice :)
No comments needed, just day-dreaming of the Power.
 
Last edited:
Status
Not open for further replies.

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top