What's new

DNScrypt dnscrypt installer for asuswrt

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Try it yourself - change the default admin user to marco, keep the memory management feature enabled and reinstall dnscrypt beta12 from 'scratch' then reboot.. I guarantee you the dnscrypt process will terminate after a short while ;)

I was about to edit my post when I saw your notification pop-up: I'm using a non-default admin username...

49SzS1k.png
 
I was about to edit my post when I saw your notification pop-up: I'm using a non-default admin username...

49SzS1k.png

I wonder why some of your files have different permissions and extensions than mine on a non-default admin user clean install.

Default install (without fix)

Code:
drwxrwxrwx    2 atam1    root             0 Feb  1 09:03 .
drwxr-xr-x   10 atam1    root             0 Feb  1 09:02 ..
-rw-r--r--    1 atam1    root            56 Feb  1 09:03 .config
-rw-r--r--    1 2000     2000           818 Jan 30 19:29 LICENSE
-rw-r--r--    1 2000     2000           707 Jan 30 19:29 blacklist.txt
-rwxr-xr-x    1 2000     2000       5929264 Jan 30 19:32 dnscrypt-proxy
-rw-r--r--    1 2000     2000          6474 Feb  1 09:05 dnscrypt-proxy.toml
-rw-------    1 atam1    root          4089 Feb  1 09:20 dnscrypt-proxy.toml.save
-rw-r--r--    1 atam1    root          6471 Feb  1 09:20 dnscrypt-proxy.toml.save.1
-rw-r--r--    1 2000     2000           495 Jan 30 19:29 forwarding-rules.txt
-rwxr-xr-x    1 atam1    root        109272 Feb  1 09:13 haveged
-rwxr-xr-x    1 atam1    root          2430 Feb  1 09:02 manager
-rwxr-xr-x    1 atam1    root          3568 Feb  1 09:02 nonroot
-rw-r--r--    1 atam1    root         15842 Feb  1 09:02 public-resolvers.md
-rw-r--r--    1 atam1    root           307 Feb  1 09:02 public-resolvers.md.minisig

How did you get .old and why are your public* files owned by nobody:nobody? Something's not adding up.

Let's see what other users, with the same problem, have to report after applying my fix.
 
@AtAM1 thanks for noticing that, it's fixed but that's unrelated to your issue. It is simply because I am OCD with different uid:gid pair from the binary tar package that I added chown there. dnscrypt-proxy in my package will always be run as nobody through nonroot binary for safety.

P.S. File owner would matter if I were to use setuid but I don't here.
 
Last edited:
@bigeyes0x0 No problem.. 2 hours have passed since the change in permissions and no crash or hung process. Can you explain the discrepancies in the above file permissions/extensions? Same router, same firmware build, same installer version but different sets of permissions/extensions - what gives?

@RMerlin have you seen this before?
 
@bigeyes0x0 No problem.. 2 hours have passed since the change in permissions and no crash or hung process. Can you explain the discrepancies in the above file permissions/extensions? Same router, same firmware build, same installer version but different sets of permissions/extensions - what gives?
It's coincident. I will explain below.

Try it yourself - change the default admin user to marco, keep the memory management feature enabled and reinstall dnscrypt beta12 from 'scratch' then reboot.. I guarantee you the dnscrypt process will terminate after a short while
Seems like we have the most likely culprit stated here. The memory management feature should have been disabled by default. The problem is people freaked out because they suddenly see they don't have any free RAM anymore, thus made @RMerlin enable it by default. In actuality most of the RAM used was for precious caching, making processes running faster with likely more cache hits. Having process caches evicted aggressively will lead to the opposite, cache misses and I have noticed smbd (for NAS) and transmission either crashed or killed by oom (without swap at the time though) because of this feature enabled.

With dnscrypt-proxy version 2 written in Go, I don't know the actual implementation but it seems to use a lot of virtual memory, thus having this feature enabled likely (the coincident happens more frequently) get it to be killed more quickly by OOM.

Personally I would propose @RMerlin disable the memory management feature and change the way webui reports mem usage to user by counting cache memory as free mem, considering cache will get evicted by the kernel as needed anyway. It's not technically correct but it'd give a more stable experience as well as make the less technical inclined people not freaking out about their RAM usage.

P.S. Not so sure, but I believe Windows counts cache as free RAM as well.
 
It's coincident. I will explain below.


Seems like we have the most likely culprit stated here. The memory management feature should have been disabled by default. The problem is people freaked out because they suddenly see they don't have any free RAM anymore, thus made @RMerlin enable it by default. In actuality most of the RAM used was for precious caching, making processes running faster with likely more cache hits. Having process caches evicted aggressively will lead to the opposite, cache misses and I have noticed smbd (for NAS) and transmission either crashed or killed by oom (without swap at the time though) because of this feature enabled.

With dnscrypt-proxy version 2 written in Go, I don't know the actual implementation but it seems to use a lot of virtual memory, thus having this feature enabled likely (the coincident happens more frequently) get it to be killed more quickly by OOM.

Personally I would propose @RMerlin disable the memory management feature and change the way webui reports mem usage to user by counting cache memory as free mem, considering cache will get evicted by the kernel as needed anyway. It's not technically correct but it'd give a more stable experience as well as make the less technical inclined people not freaking out about their RAM usage.

P.S. Not so sure, but I believe Windows counts cache as free RAM as well.
Won't this just reduce the risk of the process being terminated but at some point the router may flush cache and being dnscrypt down - isn't this the point of the daemonise option?
 
@bigeyes0x0 hehehe we are going around in circles here. I have memory management enabled, daemonize disabled/not present in conf file, with permissions set correctly (post-fix) and it has not crashed. If I change the permissions to the ones created by the installer (pre-fix) on the same installation then reboot, the dnscrypt process crashes after a short while. Seems to me the common denominator here is the permissions.

I only asked Marco to keep memory mgmt enabled so our environments/configs match.

Forgive my inquisitive mind... Anyway, at least for me the issue is resolved (with mem mgmt enabled.. hehehe). Thanks again for your contributions :)
 
Won't this just reduce the risk of the process being terminated but at some point the router may flush cache and being dnscrypt down - isn't this the point of the daemonise option?
The point of daemonizing is to have a process running in background with no standard io attached to any terminal. Only the latter part is different.

@AtAM1 My common setting with Marco is having mm disabled and he also have permission issue like you before but without problem ;).
 
My username is also non-default. Using the installer , the owner is nobody. Which I see pixelserv also using nobody.

There is no auto shutdown. 15hr.

@M@rco no problem. I am just doing trial and error. I too don’t believe swap plays a part. The swap file don’t even hit 50mb. Now at 10mb only. Maybe swappiness 100 helps?
 
How did you get .old and why are your public* files owned by nobody:nobody? Something's not adding up.

The dnscrypt-proxy.toml.old is renamed by me manually, before I started using the installer, cause I wanted to be able to compare both config files. It's obsolete now. As for the permissions, I don't know? I deleted the folder prior to start using the installer script, to make sure there where no leftovers, if I recall correctly (I have a short term memory of about 30 seconds, on good days, so YMMV).

Maybe swappiness 100 helps?

That would swapping make even more agressive and I don't see the need to do that.
 
@AtAM1 My common setting with Marco is having mm disabled and he also have permission issue like you before but without problem ;).

Uhm, minor correction: I have memory management ENABLED (default setting) and I don't experience any issues with permissions :p
 
Another thing is I didn’t do any restart of the dnscrypt-proxy manually via terminal after the reboot. Could that be the reason? If loaded via boot time is fine?

I will test in later time what if I restart the manager manually at terminal. And shut down terminal.
 
Last edited:
Dnscrypt-proxy v2.0.0 RC (release candidate) is available. Looking forward to it :)
 
Personally I would propose @RMerlin disable the memory management feature and change the way webui reports mem usage to user by counting cache memory as free mem, considering cache will get evicted by the kernel as needed anyway. It's not technically correct but it'd give a more stable experience as well as make the less technical inclined people not freaking out about their RAM usage.

Sorry for going slightly off-topic, but could that also be the reason why the WebUi always reports a higher memory usage than htop?

Ybt2MYE.png
 
@DonnyJohnny Thank you for your feedback as I just tried restarting dnscrypt via shell, exited the session and BOOM - the process terminated shortly after.

@bigeyes0x0 @M@rco So permissions weren't the issue as you have rightly pointed out but so wasn't memory mgmt.

The problem it seems is in the manager script - line 48 ... we need to use nohup!!!

Edit: corrected line number

Edit2: just realized you carried out the required changes... cheers!

Edit3: Updated my supposed fix post so users don't get confused with all this.
 
Last edited by a moderator:
I like this putty display!
How did you do it?
Uhm, it's just a partial screenshot of my desktop, showing htop running in a standard Putty ssh session, hovering over the WebUI. Nothing fancy. I don't do much customization. Ain't nobody got time for that! :D
 
Dnscrypt-proxy v2.0.0 RC (release candidate) is available. Looking forward to it :)
Where are you seeing this? I just loaded the beta installer again and it references beta 12 still.
 
Uhm, it's just a partial screenshot of my desktop, showing htop running in a standard Putty ssh session, hovering over the WebUI. Nothing fancy. I don't do much customization. Ain't nobody got time for that! :D

thanks! i try htop
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top