What's new

No internet connection for amtm after pi-hole installation

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

routersecskisthedude

Occasional Visitor
Hello,

Initially, I followed this guide to setup amtm which was working well. Then, I setup a pi-hole dns filter following these instructions which works flawlessly for pi-hole. However, amtm can no longer reach its backend to check for updates and Dual WAN failover shows 100% packet loss. However, I am able to check for updates for Merlin using the WebUI without issue. Does someone have guidance on how to fix this issue? I own an RT-AX88U Pro on firmware 3004.388.8_2.
 
You would be better off to use Diversion. You can use the same block lists as the pi-hole.
 
Pi-hole is not the issue here. The description of this configuration is not enough to diagnose the issue and the guides followed are years old.
 
Merlin firmware comes with amtm already installed. That guide is old now (5 years?). All you need to do, once you have the ssh connection, is type "amtm" (without the quotes) and you're in.
As you've done the manual install of an old version I think it's best to factory reset and start again.
 
Initially, I followed this guide to setup amtm which was working well. Then, I setup a pi-hole dns filter following these instructions which works flawlessly for pi-hole. However, amtm can no longer reach its backend to check for updates and Dual WAN failover shows 100% packet loss. However, I am able to check for updates for Merlin using the WebUI without issue. Does someone have guidance on how to fix this issue? I own an RT-AX88U Pro on firmware 3004.388.8_2.
What were you planning to use AMTM for? What addon scripts were you looking to install and why? What is your use case for the addon script(s)?

AMTM comes preinstalled on current Asus-Merlin firmware. You just run "amtm" from the SSH command line while connected to the router via SSH. That 2019 AMTM installation instructions are depreciated and no longer used or needed now that AMTM is included with the Asus-Merlin firmware. You may have corrupted something by trying to "install" AMTM using that old install method. If so, you might need to reset the router using a hard factory reset and then reconfigure. Then run AMTM the SSH command line.

There are various ways to setup Pi-Hole to work on Asus routers. One method is detailed here: https://www.snbforums.com/threads/pihole-dns.74646/page-3#post-712319

Modifying the /jffs/configs/dnsmasq.conf.add file to add the code indicated in the second link you provided, as that link indicates, is not needed if one uses the Pi-Hole's Conditional Forwarding option located in the Pi-Hole GUI Settings > DNS > Use Conditional Forwarding.
 
Last edited:
Merlin firmware comes with amtm already installed. That guide is old now (5 years?). All you need to do, once you have the ssh connection, is type "amtm" (without the quotes) and you're in.
As you've done the manual install of an old version I think it's best to factory reset and start again.
amtm was working until I changed the dns settings in merlin. I am running amtm version 4.9 FW (built-in firmware version).
 
What were you planning to use AMTM for? What addon scripts were you looking to install and why? What is your use case for the addon script(s)?

AMTM comes preinstalled on current Asus-Merlin firmware. You just run "amtm" from the SSH command line while connected to the router via SSH. That 2019 AMTM installation instructions are depreciated and no longer used or needed now that AMTM is included with the Asus-Merlin firmware. You may have corrupted something by trying to "install" AMTM using that old install method. If so, you might need to reset the router using a hard factory reset and then reconfigure. Then run AMTM the SSH command line.

There are various ways to setup Pi-Hole to work on Asus routers. One method is detailed here: https://www.snbforums.com/threads/pihole-dns.74646/page-3#post-712319

Modifying the /jffs/configs/dnsmasq.conf.add file to add the code indicated in the second link you provided, as that link indicates, is not needed if one uses the Pi-Hole's Conditional Forwarding option located in the Pi-Hole GUI Settings > DNS > Use Conditional Forwarding.
I would prefer not to factory reset until I try every other avenue possible. I renamed /jffs/configs/dnsmasq.conf.add as /jffs/configs/dnsmasq.conf.add.old. Unlike your settings, I do not have anything in lan -> dns server 2, and am advertising the router's ip in addition to the user-defined DNS. It seems that all dns requests are going through the pi-hole. What I like about the solution is that it uses the router as a backup dns server if the pi-hole fails. Under no circumstances do I want internet service to stop working.

How can I diagnose why amtm is blocked from internet access?
 
Well, after making the change above (in addition, I changed the global redirection in dns director to router instead of custom 1 ( custom 1 -> router ip)), amtm is back up. I am not sure which change made the difference. I may revert one change and see what happens.
 
Last edited:
I do not have anything in lan -> dns server 2, and am advertising the router's ip in addition to the user-defined DNS.
When you have Advertise router's IP in addition to user-specified DNS enabled (set to YES), there exists the possibility of Client DNS requests not going through the Pi-Hole. Instead those request possibly would (if not using DNS Director) go through what ever DNS servers are configured in the router's WAN DNS section. At that point, why bother with Pi-Hole if Client DNS requests can possibly bypass the Pi-Hole?

Not sure but maybe its the use of the router's IP in addition to Pi-Hole that are causing the issue you are experiencing. Or maybe a misconfiguration somewhere either with the router or Pi-Hole.

Depending on one's network equipment it may be possible to setup a second Pi-Hole on one's local network on a different device. Personally I run a couple of Raspberry Pi's devices loaded with Pi-Hole + Unbound for redundancy. Or one can use other methods (like AdGuardHome or Diversion) that accomplish the same/similar as Pi-Hole.
 
When you have Advertise router's IP in addition to user-specified DNS enabled (set to YES), there exists the possibility of Client DNS requests not going through the Pi-Hole. Instead those request possibly would (if not using DNS Director) go through what ever DNS servers are configured in the router's WAN DNS section. At that point, why bother with Pi-Hole if Client DNS requests can possibly bypass the Pi-Hole?

Not sure but maybe its the use of the router's IP in addition to Pi-Hole that are causing the issue you are experiencing. Or maybe a misconfiguration somewhere either with the router or Pi-Hole.

Depending on one's network equipment it may be possible to setup a second Pi-Hole on one's local network on a different device. Personally I run a couple of Raspberry Pi's devices loaded with Pi-Hole + Unbound for redundancy. Or one can use other methods (like AdGuardHome or Diversion) that accomplish the same/similar as Pi-Hole.
I am definitely not an expert at this, but @dave14305 mentioned" This should tell your LAN clients to use the Pi-Hole as their DNS server (via DHCP) with the router IP as a backup (in case of Pi-Hole failure)." I have it set up this way in order to have a backup if pi-hole fails. From what I can tell (by looking at pi-hole logs and using nslookup) all devices are using pi-hole (as long as they are not on a vpn). Maybe in the future, I will purchase a second mini pc to install a second pi-hole, but at this time, this works for me.
 
Put things back how you had them and run nslookup diversion.ch from the router’s SSH command line to diagnose what’s wrong.

It would also be nice to post screenshots of your WAN DNS, LAN DNS, DNS Director, and dnsmasq.conf.add.
 
I am definitely not an expert at this, but @dave14305 mentioned" This should tell your LAN clients to use the Pi-Hole as their DNS server (via DHCP) with the router IP as a backup (in case of Pi-Hole failure)." I have it set up this way in order to have a backup if pi-hole fails. From what I can tell (by looking at pi-hole logs and using nslookup) all devices are using pi-hole (as long as they are not on a vpn). Maybe in the future, I will purchase a second mini pc to install a second pi-hole, but at this time, this works for me.
This is a case of your milage may vary but in my usage I have several devices (including a Windows 11 PC) that periodically hit my second (DNS #2) Pi-Hole for what ever reason even though my first Pi-Hole (DNS #1) is online. One particular IoT camera, out of several of the same brand/model, seems to do it most often.
 
Put things back how you had them and run nslookup diversion.ch from the router’s SSH command line to diagnose what’s wrong.

It would also be nice to post screenshots of your WAN DNS, LAN DNS, DNS Director, and dnsmasq.conf.add.
Thanks @dave14305. I put things back, but amtm continued to work. I will check again in a week, and if things change, I will report back.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top