What's new

[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I installed 25E6 on a 68U last night at 1040 PM. T3 had been solid for a long time.
It looks like I lost internet last night about 130AM. Got an email alert from Obi this morning that the Obi 200 phone device was offline.
I guess router restarted by itself?
Log: https://pastebin.com/Nv0CDGBC
 
@Lotta Cox
Looks like either....
- Your modem crashed for about an hour (check the modem logs) or
- You modem to router cable is bad or was unplugged
Code:
Jun  7 22:43:37 HTTP login: login 'xxxxxxx' successful from 192.168.1.2:80
Jun  7 22:45:01 HTTP login: logout successful (port 80 disconnected)
Jun  7 22:52:44 sd-idle-2.6[475]: spinning down /dev/sda
Jun  7 22:53:15 sd-idle-2.6[475]: spinning down /dev/sdb
Jun  8 01:16:48 WAN Connection: Ethernet link down.
....
Jun  8 02:11:46 WAN Connection: WAN was restored.
 
cat: can't open '/sys/class/net/br0/bridge/multicast_snooping': No such file or directory
:(
Well....looks like we all assumed something that was wrong. I can't find this parameter in the kernel for the MIPS routers. Next update won't show the option for the MIPS routers.

@RMerlin - an FYI
 
IPv6 connectivity does not work well (cannot ping from attached computer, but ping from router is ok). Also no IPv6 connectivity on computer. Does not happen on 24E3. I have sent the link to the log by conversation.

AC56U does OK with 25E6, but not RT-N16 (see above). Previously I thought that RT-N16 performed without problem, but this was because it offered IPv4 connectivity only.
 
In other words, not going to the GUI automatically when done.
It does when I refresh the webpage.
Thanks for reporting this....as I dug into it, it's another interaction with that damned CVE 5892 port (that port is going to drive me NUTS:rolleyes:). Working on another tweak now.[/QUOTE]
 
Last edited:
@Lotta Cox
Looks like either....
- Your modem crashed for about an hour (check the modem logs) or
- You modem to router cable is bad or was unplugged
Code:
Jun  7 22:43:37 HTTP login: login 'xxxxxxx' successful from 192.168.1.2:80
Jun  7 22:45:01 HTTP login: logout successful (port 80 disconnected)
Jun  7 22:52:44 sd-idle-2.6[475]: spinning down /dev/sda
Jun  7 22:53:15 sd-idle-2.6[475]: spinning down /dev/sdb
Jun  8 01:16:48 WAN Connection: Ethernet link down.
....
Jun  8 02:11:46 WAN Connection: WAN was restored.
Oh okay. Probably the Comcast cable went out.
The uptime on the router didn't change like it would if it rebooted?. It was about 11hours this when I checked it. Thx!
Edit: Checked modem SB6183 and it was full of: SYNC Timing Synchronization failure - Failed to acquire QAM/QPSK symbol timing;;CM-MAC=
 
Well....looks like we all assumed something that was wrong. I can't find this parameter in the kernel for the MIPS routers. Next update won't show the option for the MIPS routers.

@RMerlin - an FYI

sh*t happens :D

Seems like I ended up ordering a new TV settop box.
After some time problems came back.
When it heats up, it starts acting funny.
Ohhh well, never a dull moment. ;)
 
Last edited:
The uptime on the router didn't change like it would if it rebooted?. It was about 11hours this when I checked it. Thx!
I spent a fair amount of time making the router tolerate it when the modem goes down....so no breaks in the router uptime. I would have expected that the WAN uptime/current timers would have showed that you lost the hour.
 
IPv6 connectivity does not work well (cannot ping from attached computer, but ping from router is ok). Also no IPv6 connectivity on computer. Does not happen on 24E3. I have sent the link to the log by conversation.

AC56U does OK with 25E6, but not RT-N16 (see above). Previously I thought that RT-N16 performed without problem, but this was because it offered IPv4 connectivity only.
Nevermind, I have fixed it with:
Code:
nvram set dnscrypt2_port=41
nvram set dnscrypt2_resolver=cisco
nvram set dnscrypt2_ipv6=0
nvram commit

Nope, wrong, that only solved router instability, IPv6 is still not working on the computer.
 
Last edited:
@john9527
Still having the same issue :( Loosing IP addresses with all devices assigned to 66 Media Bridge
 
Nope, wrong, that only solved router instability, IPv6 is still not working on the computer.
As far as I know, it has something to do with ab-solution. Neither the ab-solution patched with ::1 instead of :: (and without the :: dnsmasq.conf entries), nor the latest original ab-solution (option 1233) work with a large hosts file (don't work in the sense that they cut IPv6 connectivity).

Then in the beginning dnsmasq is very active (70%-100% CPU usage) and /sbin/init is fairly active (like 15%-30% CPU usage).

Smaller hosts file: no problem (IPv6 does ok). Free memory isn't a problem for the large hosts file and the swap partition isn't even used (0 MB swapped).
 
Last edited:
...I am back to 23E4 as all my internet radio devices developed problems with 25E1.
They were able to connect to WiFi but couldn't reach the internet radio services....all other devices, like tablets, phones and laptops were doing fine though.
Running my AC68U in AP-Mode.

Edit: .and yes, I swapped back and forth between different revisions - tried even dd-wrt (which also worked but wifi range sucks) - to pin the cause of problem to the FW, not to availablitiy of the external radio services
 
Last edited:
...I am back to 23E4 as all my internet radio devices developed problems with 25E1.
They were able to connect to WiFi but couldn't reach the internet radio services....all other devices, like tablets, phones and laptops were doing fine though.
Running my AC68U in AP-Mode.

Edit: .and yes, I swapped back and forth between different revisions - tried even dd-wrt (which also worked but wifi range sucks) - to pin the cause of problem to the FW, not to availablitiy of the external radio services
25E6 is the latest, 25E1 had issues
 
@john9527

So I have been doing some reading and research, looking trough logs and trying to validate what is what. I have no packet capture to view so a few of my observations is specultive for now, but led me to try a few things
  1. Spanning tree is now off as I have seen behaivior with spanning tree that makes me hate it as an evil, evil thing from cisco (main Suspect)
  2. NAT exceleration is now off (I doubt this is an issue but my particular setup proves no reason to use it)
  3. All logs are set to debug
  4. established a target syslog server and pointed both routers to the syslog server.
I have found so far:
  • All devices on the RT-ac66 that are kept powered on maintains thier IP
  • All device power down over a period of hours when powered back up get an APIPA IP
  • The ac66 has to be powered off and on for item 2 to get IPs again.
  • Those devises with APIPA are DHCP Reserved on the Main ROuter ac68u
That makes me suspect evil, evil spanning tree interacting oddly with DHCP researved via the ac66. Agina I have zero proof, I am back on 25e6 and will see tomorrow morning
 
Spanning tree is now off as I have seen behaivior with spanning tree that makes me hate it as an evil, evil thing from cisco (main Suspect)

:D:D:D STP is not evil and it's not from Cisco, it's an IEEE Ethernet standard. It's also required in some network topologies if you're not using a more sophisticated (aka expensive) solution. That said, the vast majority of home users' setups don't require it. Granted there are propriety versions of STP from Cisco but these are only used in their own products or a few licenced enterprise products, I doubt that includes Asus ;).
 
Last edited:
@john9527

So I have been doing some reading and research, looking trough logs and trying to validate what is what. I have no packet capture to view so a few of my observations is specultive for now, but led me to try a few things
  1. Spanning tree is now off as I have seen behaivior with spanning tree that makes me hate it as an evil, evil thing from cisco (main Suspect)
  2. NAT exceleration is now off (I doubt this is an issue but my particular setup proves no reason to use it)
  3. All logs are set to debug
  4. established a target syslog server and pointed both routers to the syslog server.
I have found so far:
  • All devices on the RT-ac66 that are kept powered on maintains thier IP
  • All device power down over a period of hours when powered back up get an APIPA IP
  • The ac66 has to be powered off and on for item 2 to get IPs again.
  • Those devises with APIPA are DHCP Reserved on the Main ROuter ac68u
That makes me suspect evil, evil spanning tree interacting oddly with DHCP researved via the ac66. Agina I have zero proof, I am back on 25e6 and will see tomorrow morning
MediaBridge (and AP, MediaBridge is just a special case of AP) has a long standing problem of 'dropping' IPv6 connectivity. If you search the forum, you'll get several hits on various code levels. But, you should always maintain IPv4. I've been trying a few things, but haven't been able to make a substantial difference. I'm afraid it's inherent in the closed-source parts of the code.

BTW - I don't see any difference between V24 and V25 in this behavior.
 
Last edited:
That didn't quite work somehow. Do I need to regenerate my certs?

Thu May 18 15:03:57 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]12.34.56.78:1194
Thu May 18 15:03:57 2017 UDP link local: (not bound)
Thu May 18 15:03:57 2017 UDP link remote: [AF_INET]12.34.56.78:1194
Thu May 18 15:03:57 2017 Certificate does not have key usage extension
Thu May 18 15:03:57 2017 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Thu May 18 15:03:57 2017 TLS_ERROR: BIO read tls_read_plaintext error
Thu May 18 15:03:57 2017 TLS Error: TLS object -> incoming plaintext read error
Thu May 18 15:03:57 2017 TLS Error: TLS handshake failed
Thu May 18 15:03:57 2017 SIGUSR1[soft,tls-error] received, process restarting


I've been having a go at moving from static tls to cert type tls.
This is how I got it working.

In the vpn settings change it to this:
2017-06-10-21_36_19-asus-wireless-router-rt-n66u-vpn-server-png.9523


then in the custom settings I have set remote-cert-tls client. I also removed the static key from keys & certificates.
 

Attachments

  • 2017-06-10 21_36_19-ASUS Wireless Router RT-N66U - VPN Server.png
    2017-06-10 21_36_19-ASUS Wireless Router RT-N66U - VPN Server.png
    8.3 KB · Views: 1,508
MediaBridge (and AP, MediaBridge is just a special case of AP) has a long standing problem of 'dropping' IPv6 connectivity. If you search the forum, you'll get several hits on various code levels. But, you should always maintain IPv4. I've been trying a few things, but haven't been able to make a substantial difference. I'm afraid it's inherent in the closed-source parts of the code.

BTW - I don't see any difference between V24 and V25 in this behavior.
Yeeeeeeeeeeeeeea sorry not biting. I have been established with a 66 as Media bridge to 68 Router since day 1, used all three Asus WRT , MerlinWRT and your fork with ZERO problems until 25. I do not have IPv6 enabled dont use it unless there are other settings that are not managed via the Web GUI. Once I get back to 24e3 its once again stable. I will admit 25E4 fixed the WEB GUI processing and weird GUI behavior it never fixed and introduced the issue I see.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top