What's new

Help with AX88U as subnet router

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jayd33

New Around Here
We have been struggling with installing a second AX88U, router 2, utilized as a gateway for another subnet. We were hoping someone has already been able to implement this or may recognize the issue we are seeing. The diagram below shows the general setup of the network although our addressing differs. Generally, some pretty standard stuff but there are a few L2 switches not on the drawing along with isolated WLANs. Some background and history first before describing the problem...This configuration started out 12-15 years ago with two Netopia routers. Obviously, Router 1 is the internet gateway. There is a isolated (guest) subnet along with the pictured lan configuration. Router 1 also supports VPN connections of a couple of different flavors. Total connections for wired and wireless can approach 50 devices at times. Router 2 just supports the LAN pictured along with another isolated (guest internet only) LAN. Router 2 generally does not support more than 25 devices. Both routers support several manual/fixed address devices. With the use of some IP table entries on router 2, only the first 10 addresses on Router 1's normal LAN, 192.168.1.1 - 192.168.1.10, are visible to LAN 192.168.2.0. While there are several devices, the load is not heavy. The Netopia routers were replaced with two AC66Us running Tomato Shibby 31; we were not aware of Merlin's firmware as an option at the time. Two months ago, router 1 was replaced with an AX88U and is currently running Merlin 386.3. The integration/setup/swap of router 1 with the new AX88U running the Merlin firmware went completely as expected. The network has been stable for weeks. All isolation, port forwarding and isolated addressing is working as designed. While the guest (isolated) wireless network works as expected, I know YazFi could be used to tweak settings and offers more control. No routers overlap any wireless signals.

two_routers2.jpg


The problem: We have been unable to change out router 2 with a new AX88U running Merlin 386.2.6 or 386.3. When the AX88U is installed with Merlin firmware, everything seems to work with only one wired connection. While using a machine on the 192.168.2.0 network, pinging 192.168.1.100, 192.168.1.1 and google.com all work without issue although there is an extremely rare drop. Speed tests are satisfactory, but not maxed. As more wired devices are added back to router 2, pings begin to be lost much more frequently and eventually to the point of being unusable. Traceroute shows no odd information. Config in router 2 has been reduced to : WAN IP 192.168.1.100, WAN gateway 192.168.1.1, WAN netmask 255.255.255.0, WAN DNS1 192.168.1.1 and WAN DNS2 left blank. No NAT and no UPnP. The LAN IP is 192.168.2.1 with DNS1 1.1.1.1 and DNS2 1.0.0.1 being shelled out via DHCP. No other configuration setups are being used at this time (no special IP table rules). No guest/isolated network implemented yet and the wireless SIDS are junk data with junk passwords to prevent any devices from connecting while troubleshooting this problem.

1.) Both Merlin firmware versions were installed, reset and tested with a clean setup using: WPS button, NVRAM erase and the internal gui screens- multiple times to ensure clean.
2.) With several wired devices connected on the router 2 LAN, the router 2 network is unstable regardless of various different settings in the AX88U.
3.) No strange total amount of packets visible in the L2 switch connect to router 2.
4.) If the original AC66U is reinstalled, the network becomes stable instantly.
5.) A spare AC66U with Merlin 380.70_0 installed as router 2 reacts exactly like the AX88U. There was a feeling that there was a hardware issue with the AX88U, but having the AC66U perform the same way indicates we are missing something in the setup.
6.) A borrowed Tenda AC18 with stock firmware and very basic settings described above installed as router 2 works as expected with no losses.
7.) Unable to find anything like this for a setup in the forums to help with this problem.

The stock Asus firmware has not been tested yet, but my gut says it is unlikely to react any differently than with Merlin firmware installed. Any help or suggestions on this would be greatly appreciated. We have put in a considerable amount of time testing and reloading firmware along with reading the SNB forum posts. I don't think I have ever been this baffled with a network issue. I am humbly sure we are just missing something simple but need to ask for help. Newer, much more powerful hardware running Merlin software is the goal.

Thanks, Jay
 
Frankly, daisy-chaining routers in this fashion, WAN to LAN, is about as basic as it comes. Typically, all you need to do is make sure each has its own unique IP network (192.168.1.x, 192.168.2.x, etc.). So it's hard to imagine how things could go wrong, esp. if you the only change from a reset is the IP network.

That said, there is one difference; you've disabled NAT on router #2. And presumably you've added a static route to router #1 that points to the WAN ip of router #2 as the gateway to the 192.168.2.x network. On the face of it, NOT a big deal.

In the name of keeping the changes confined to *only* the IP network, I'd like to see if re-enabling NAT makes a difference. I have a theory about how disabling NAT *might* lead to unexpected problems, but it's complicated to explain, and I'd rather just have you make the change right now and see if it makes a difference.
 
We tried toggling NAT on and off with no difference in performance.

Yes, you are correct, there is a static route in Router 1:
192.168.2.0255.255.255.0192.168.1.1000LAN

We re-flashed the AX88U and reset it again today. Just setup basic config for the subnet (for at least the 50th time). WAN IP 192.168.1.100, WAN gateway 192.168.1.1, WAN netmask 255.255.255.0, WAN DNS1 192.168.1.1 and WAN DNS2 left blank. No NAT and no UPnP. The LAN IP is 192.168.2.1. Everything else defaulted. Nothing else to test the NAT ON/OFF conditions. From there, toggled everything we could think of On/Off while watching the ping activity on BOTH the 192.168.1.0 and the 192.168.2.0 LANs. The 192.168.1.0 LAN never drops or misses a ping. No excessive packets seen inside the switches. The 192.168.2.0 LAN does not go more than 20-25 pings before dropping a one or two. Most of the time it just goes less than 7 or 8 in a row. Aside from a major DNS config error we are just not recognizing, I have no idea what to try at this point. One odd issue is that the Web Config interface on router 2 becomes very unresponsive and sometimes does not load when the WAN port is connected. Once disconnected it is responsive again. We did not notice this earlier, but repeated it several times today. An attempt with router 2 for DHCP pulls from router 1 also produced the same results- intermittent throughput and pings.
 
Print the routing tables of both routers and examine carefully.
Check multicast routing settings in the radio configurations
Check for loop created by port to port connection between the two routers
Check for client connecting to both routers via both wired and wireless connection

The symptom is the clastic symptom of a looping data with amplification as it repeats through your network. If this is the case, the activity lights should be blinking if you stop the ping.

Good luck,

Morris
 
Thank you for the suggestions:

Print the routing tables of both routers and examine carefully.
First thing we checked - 7 lines in router 1 and 6 in router 2. Very clean.
Investigated the collision possibility with the two non-configurable guest wireless subnets. Router 2 is not using them in the tables so that was eliminated. Turning on NAT should have killed that anyway.

Check multicast routing settings in the radio configurations
Not sure what you mean? Using the default radio settings, but no devices connected to router 2 yet. In fact, the last rounds of testing were with the radios muted in router 2.

Check for loop created by port to port connection between the two routers
This was checked previously, but was triple checked after your suggestion. The WAN from router 2 feeds back at a distance to router 1 directly into the built in switch. Another port feeds the local LAN for router 1. As noted, two other routers can be substituted into the router 2 location with the exact same connections and IP addresses with neither exhibiting the problem. The only caveat is that they do not run stock or Merlin firmware. This was why we felt this was possibly DNS configuration related, not a hardware wiring issue. There are significantly more interrelated settings in the AX88U with Merlin firmware than the older/cheaper routers tested.

Check for client connecting to both routers via both wired and wireless connection
Again, not physically possible; no devices fit this criteria.

The symptom is the clastic symptom of a looping data with amplification as it repeats through your network. If this is the case, the activity lights should be blinking if you stop the ping.
With so many wired devices on the router 2 LAN, the lights never really stop. Spent more time looking at packet counts and found nothing interesting going into or out of the router. Router 1 is not seeing an issue either. Will need to reset everything again and test with one device and note if the lights continue after stopping the continual ping; maybe indicate packets being bounced around inside router 2?. This will be tested and updated. Command line pinging from inside router 2 on an SSH does seem slightly more stable, but still not solid.

Thanks-
 
One odd issue is that the Web Config interface on router 2 becomes very unresponsive and sometimes does not load when the WAN port is connected.
I would suggest checking the CPU usage level and or check the running processes to see what is going on at this point under those conditions. Also, see what the system log has to offer, if anything.

I've run my RT-AX88U behind my ISP router in a double Nat scenario for a couple years without seeing this sort of issue. I'm still on 384.18 fw though as I've been leary about the setup differences and various issues some seem to have with the 386 stream.
 
Last edited:
I'm running something similar (not quite identical though), but with a long range wireless link in between the two routers. No problems at the moment but several years ago I had a similar issue to yours. Turned out to be a dodgy patch cable plugged into the first router that as I recall wasn't even connected to any other device.

Pings would be fine for first minute or so, then would increase rapidly and then drop as if some kind of amplification loop was going on.

Check your cables or unplug anything not in use or essential during testing.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top