-Old- ASUSWRT bug forces netmask 255.255.255.0

[Darf Nader]

Not sure if this is a bug in factory ASUSWRT or Merlin’s fork, but here goes:

Having been a Merlin ASUSWRT user for years I was surprised that after a network renumbering that most of my hosts were not showing up in the network “map” (the host list) nor in the QOS inventory. I thought it was a new bug, or maybe a hardware issue, but it finally dawned on me after some mucking about with addresses that the problem was that even though my network was configured to be a /22 network, and otherwise functioned just fine, I found that those aforementioned features would appear to be “hardwired” to only recognize hosts who that had a third octet that matched the router’s. Therefore, any hosts that had a different third octet but still in the same /22 network were simply not seen by the network mapping or QOS inventory firmware. When I went back and basically undid all of the work of renumbering my network (I was trying an easy IP-base security scheme to better wrangle IoT devices) and made my LAN a /24 network again so all hosts had the same third octet again, everything was back to normal.

I am sure this has been a long-standing issue as I have seen this behavior before without realizing the cause. I am guessing I am one of the few people to even bother with a network address space that was larger than /24 so this never was seen before. The work around is simply to always have your LAN be a /24 network (netmask 255.255.255.0) which is not a horrible thing I guess, but it is limiting and certainly frustrating to find out after already renumbering an entire network.

While it might seem silly to need more room than for 254 hosts on your LAN, with everything having an IP these days, it is becoming an actual concern, especially if, like me, you were trying to put “high risk” devices in their own octet and have more restrictive rules accordingly.

Anyway, I thought I should at least report this.


Sent from my iPad using Tapatalk Pro

 

[RMerlin]

It's a known limitation, and something I cannot do anything about.

 

[Darf Nader]

Thanks for responding, I was hoping that I would eventually hear from you on this issue since I have not had much luck either finding any info on this bug either here nor anywhere as I was not able to get any feedback on previous posts on the subject. I am glad that I was able to figure it out on my own so I could at least work around it, but I am happy that this is something that should now be easily searchable when other people are trying to figure out why the ASUS QoS and Network Map features for any ASUS router running any version of ASUSWRT will only report on hosts that share the first, second, and third octet with the router which makes the features that allow you to set up a a larger network than a /24 kind of not something you'd want to use unless you're not going to use those features.

While I don't want to speculate and get it totally wrong, but it sounds like it's either a ASUS hardware issue or a function of an ASUS binary where the source code of QoS and the Network Map is not available to be forked and modified. Am I close? If so, has ASUS every commented on whether this is something they won't fix? It just seems like an odd restriction when ASUSWRT supports pretty much any sized network along with any other static routes if needed, unless for some reason the net mask has to be hard-coded and compiled to only register hosts as if they were on a /24 network and ignore any devices which don't have conforming IPs, which would certainly be a peculiar design choice on their part.

Anyway, if you have any more information to share on this issue I'd be interested in understanding why. Either way, as always, thanks again for your hard work maintaining this fork of ASUSWRT which I and so many others depend on.

 

[ColinTaylor]

I was hoping that I would eventually hear from you on this issue since I have not had much luck either finding any info on this bug either here nor anywhere as I was not able to get any feedback on previous posts on the subject.

Apart from the answer I previously gave you in your other thread.

 

[MichaelCG]

I don't get the part about putting high risk devices in their own octet? If they are high risk, they should isolated from your other devices as well as from the Internet.

If you really want to "organize" your devices, that can still be done with /27 blocks...you just have to remember where the dividers are. I previously ran my home network off of a /27 which finally was moved to a /24 a couple years ago. I still have my /27 breakdown divisions just out of habit. For my true "high risk" stuff, it sits in an isolated DMZ that I can control access to/from both the Internet as well as the rest of my home network.

 

[RMerlin]

While I don't want to speculate and get it totally wrong, but it sounds like it's either a ASUS hardware issue or a function of an ASUS binary where the source code of QoS and the Network Map is not available to be forked and modified. Am I close?

There are parts of the firmware code that are hardcoded to a /24, including among other things the networkmap. Networkmap code is now closed source.