Last time I have done full reset is when I went from 380=>384 builds and not have any truoble since then.I think everyone should consider resetting to factory defaults when 384.11 final is released.
I tried to reach out to Cloudflare over Twitter, we'll see.
Cloudflare should donate to this project lol, since you've effectively found a bug in their code!
So this issue with https://cloudflare-dns.com/help/ has been there since I've been "testing" DoT/DNSSEC and was well documented in the Xentrk/Stubby thread. We know Stubby works and we know DNSSEC works. Both work very well together in the recent Merlin Alpha builds. Proving that they work is a challenge for most. Someday some person with time on their hands will come up with a great test for DoT/DoH/DNSSEC that actually works. Until then we should be concerned with our governments efforts to limit encryption and track everything we do.And disabling Strict Validation allows both Cloudflare test pages to now properly report the use of DoT.
So it's now confirmed to be a problem on their end. That test entry they create fails DNSSEC validation.
Thanks @RMerlin, gonna try a few things tonight as well to see if I can narrow down the issue. So far the only changes I'm made to both router (both are 86u units) is go from Alpha 3 to alpha 4. Dirty upgrades on both so it may be time to do a factory reset. Have noticed it doesn't matter where I make a "change" within the GUI it still does the same thing. Gonna try accessing it through the host name locally to see if it makes a difference. Normally use the local IP address. Gonna also try a different browser as I mostly use Chrome.Could be because the router has to restart various network components when making changes on that particular page (in addition to the WAN connection itself), which can interfere with the page reload. I suspect this is particularly the case if accessing the router through an IP instead of a hostname, tho I never experienced that issue myself in either scenarios.
So this issue with https://cloudflare-dns.com/help/ has been there since I've been "testing" DoT/DNSSEC and was well documented in the Xentrk/Stubby thread. We know Stubby works and we know DNSSEC works. Both work very well together in the recent Merlin Alpha builds. Proving that they work is a challenge for most. Someday some person with time on their hands will come up with a great test for DoT/DoH/DNSSEC that actually works. Until then we should be concerned with our governments efforts to limit encryption and track everything we do.
Merlin's product has gotten me a router that runs the security features I want without a USB drive! Thank you very much!!!
opkg install tcpdump
tcpdump -i eth0 port 53
tcpdump -i eth0 port 853
+1 I can confirm this.Following Merlin's previous advice, I have installed tcpdump and I believe it tests/shows that all is working as it should.
What I did is open 2 ssh windows and type in each:
Code:opkg install tcpdump tcpdump -i eth0 port 53 tcpdump -i eth0 port 853
As I watch both windows I see no traffic on port 53 but see all the traffic on port 853.
If I use DNS Filtering and choose global router mode, but put my laptop to no filtering, I then see my laptop DNS traffic on port 53.
I think this is visual verification that all is working but feel free to correct me if wrong.
In my case on my AX88U, you are not allowed to leave WAN DNS empty. You get this error:Thx for the reply. I would like to point out that when both WAN DNS server blocks are empty (and that's the way I am running at the moment), that the Internet status page obtain via the Network Map page shows a blank DNS box. If you have set a DOT server via the WAN page, it should probably be reflected in that box (maybe with a dot after it?) or we, the unwashed masses, might become confused and ask for support. Also, you have a warning message concerning the DNS Filter, but shouldn't there also be a warning message if a the DHCP DNS blocks are occupied since the clients can now bypass DOT (at least according to some on this thread)?
Please set up the DNS server on the client device.
Yes, I’ve even noticed something funky using their app on my phone since the last update.
Sent from my iPhone using Tapatalk
Could be because the router has to restart various network components when making changes on that particular page (in addition to the WAN connection itself), which can interfere with the page reload. I suspect this is particularly the case if accessing the router through an IP instead of a hostname, tho I never experienced that issue myself in either scenarios.
Did you do anything extra after you uninstalled like reboot or re log in? I went into the GUI to verify it was still doing it (used the QOS page apply without making changes to verify) uninstalled spdmerlin using putty, then redid steps, still getting applying settings spinning wheel.I was having the same problem, I uninstalled spdmerlin and applying settings worked properly
I'm not using any add-ons so I don't know. Not a big deal for me.I was having the same problem, I uninstalled spdmerlin and applying settings worked properly
Did you do anything extra after you uninstalled like reboot or re log in? I went into the GUI to verify it was still doing it (used the QOS page apply without making changes to verify) uninstalled spdmerlin using putty, then redid steps, still getting applying settings spinning wheel.
Good move, the beer I mean, you were under alot of pressure!Finally tried it...
Using these 2 Cloudflare IPv6 addresses selected from the drop down box:
2606:4700:4700::1111
2606:4700:4700::1001
So, 7 mouse clicks, then had to select 'Apply!' I am exhausted...think I'll have a beer!?! ;-)
Thanks to Eric for clearing up a thorny issue!
Finally, could I have just as easily used these from Google?:
2001:4860:4860::8888
2001:4860:4860::8844
RT AC-5300
I had this happening with ntpmerlin. So I uninstalled it and I'm working fine now.Anyone having an issue where you make changes and the webpage seems to stay on applying settings forever? Reloading the screen manually shows the changes were accepted though.
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!