What's new

[Release] Asuswrt-Merlin 384.13 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
And why don 't you use LibreSSL instead OpenSSL in the firmware?? Just question;)

I see no reason to do the switch, and also it's not backward compatible - some components don't support it.
 
3 days working with this FW version in an RT-AC87U. No issue so far.

Thank you again for allowing RT-AC87U users keep updating our router. :)
 
Hi. (My configs are in my sign)

Yes, I'm using AiMesh. Using 86 as both master and node.
Yes, I have renamed some of my devices.
No problems with freezing what so ever
My ISP speed is 600/50 which I fully use.

Sorry If I was not much of a help...or maybe I was...

I just noticed that Asus has removed version 81039 from the 68u download page so It is quite possible that it is only affecting those with the 68u or those using the 68u as an Aimesh node.
That would explain why you havent encountered any issues, cause trust me you would have noticed very slow loading gui and eventually it quit loading altogether,
 
I just noticed that Asus has removed version 81039 from the 68u download page so It is quite possible that it is only affecting those with the 68u or those using the 68u as an Aimesh node.
That would explain why you havent encountered any issues, cause trust me you would have noticed very slow loading gui and eventually it quit loading altogether,
Jepp. It has been pulled from the 86 page also. I'll stay with 81039 since it seems to work for me.
 
Make sure a browser ad-blocker is not interfering with the router GUI pages.
Thank you for your support. I tested it with firefox and opera without any addons but the same strange behaviour was observed.

Sometimes I think that it could be related to the SPKI ? The first configuration with Merlins preconfigured setups worked without problems. First as I added servers manually (which normally have SPKI) I saw this strange behaviour. Could it be the SPKI reduces the amount of entries to use ?

Currently I don´t want to touch my working system (e.g. removing the clients) because I had had so much tries to get the manual servers into the configuration. But it would be nice to readd Quad9 again.
Currently I only have 3 servers with SPKI configured - addition of more (even with the preconfigured setups) is not possible.....
 
Thank you for your support. I tested it with firefox and opera without any addons but the same strange behaviour was observed.

Sometimes I think that it could be related to the SPKI ? The first configuration with Merlins preconfigured setups worked without problems. First as I added servers manually (which normally have SPKI) I saw this strange behaviour. Could it be the SPKI reduces the amount of entries to use ?

Currently I don´t want to touch my working system (e.g. removing the clients) because I had had so much tries to get the manual servers into the configuration. But it would be nice to readd Quad9 again.
Currently I only have 3 servers with SPKI configured - addition of more (even with the preconfigured setups) is not possible.....
The total list can only be 1024 characters in nvram, so SPKI will use more characters than those without.
 
@RMerlin Hey is it possible to add AiMesh Router in Roaming Block list as well instead of just nodes and gives us the option to select which router or node we want to stick to? it's useful when we want to force clients to only connect to one particular device. If it's possible then please consider it as a feature request and if that part of the code is also closed then let's just hope Asus feels the importance of this feature soon.
 
@RMerlin Hey is it possible to add AiMesh Router in Roaming Block list as well instead of just nodes and gives us the option to select which router or node we want to stick to? it's useful when we want to force clients to only connect to one particular device. If it's possible then please consider it as a feature request and if that part of the code is also closed then let's just hope Asus feels the importance of this feature soon.

Closed source and outside of my control.
 
The client list is empty and I have 7 devices connected.
 

Attachments

  • Capture.JPG
    Capture.JPG
    29 KB · Views: 357
Problem often report after a flash, and always the same solutions :cool: :
*Clean the browser cache, refresh the page, and try with another browser

Thanks for the suggestions!

I have an ASUS RT-AC88U

Yes, of course. I did all that. Firefox, Chrome, Edge. Restarted router. Re-Flashed back and fourth.

I have seen this issue already with version 384.12
 
Guys, please help me to understand what is going on. I use DNS from AdGuard via DoT and sometimes get an NXDOMAIN error. After 1-2 minutes, the site loads normally. There are no errors in the log through stubby -l, but in the log dnsmasq at the time of the error I see such lines:

Aug 15 18:27:53 dnsmasq[989]: query[A] accounts.epicgames.com from 192.168.1.3
Aug 15 18:27:53 dnsmasq[989]: forwarded accounts.epicgames.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: dnssec-query[DS] amazonaws.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: Insecure DS reply received for com, could be bad domain configuration or lack of DNSSEC support from upstream DNS servers
Aug 15 18:27:53 dnsmasq[989]: reply amazonaws.com is BOGUS DS
Aug 15 18:27:53 dnsmasq[989]: validation accounts.epicgames.com is BOGUS
Aug 15 18:27:53 dnsmasq[989]: reply accounts.epicgames.com is <CNAME>
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 52.202.243.46
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.168.66.53
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.171.206.70
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.205.226.14
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.230.100.209
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.203.152.178
Aug 15 18:27:53 dnsmasq[989]: query[A] accounts.epicgames.com from 192.168.1.3
Aug 15 18:27:53 dnsmasq[989]: forwarded accounts.epicgames.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: dnssec-query[DS] amazonaws.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: Insecure DS reply received for com, could be bad domain configuration or lack of DNSSEC support from upstream DNS servers
Aug 15 18:27:53 dnsmasq[989]: reply amazonaws.com is BOGUS DS
Aug 15 18:27:53 dnsmasq[989]: validation accounts.epicgames.com is BOGUS
Aug 15 18:27:53 dnsmasq[989]: reply accounts.epicgames.com is <CNAME>
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 52.202.243.46
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.168.66.53
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.171.206.70
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.205.226.14
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.230.100.209
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.203.152.178
Aug 15 18:27:53 dnsmasq[989]: query[A] accounts.epicgames.com from 192.168.1.3
Aug 15 18:27:53 dnsmasq[989]: forwarded accounts.epicgames.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: dnssec-query[DS] amazonaws.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: Insecure DS reply received for com, could be bad domain configuration or lack of DNSSEC support from upstream DNS servers
Aug 15 18:27:53 dnsmasq[989]: reply amazonaws.com is BOGUS DS
Aug 15 18:27:53 dnsmasq[989]: validation accounts.epicgames.com is BOGUS
Aug 15 18:27:53 dnsmasq[989]: reply accounts.epicgames.com is <CNAME>
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 52.202.243.46
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.168.66.53
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.171.206.70
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.205.226.14
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.230.100.209
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.203.152.178
Aug 15 18:27:53 dnsmasq[989]: query[A] accounts.epicgames.com from 192.168.1.3
Aug 15 18:27:53 dnsmasq[989]: forwarded accounts.epicgames.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: dnssec-query[DS] amazonaws.com to 127.0.1.1
Aug 15 18:27:53 dnsmasq[989]: Insecure DS reply received for com, could be bad domain configuration or lack of DNSSEC support from upstream DNS servers
Aug 15 18:27:53 dnsmasq[989]: reply amazonaws.com is BOGUS DS
Aug 15 18:27:53 dnsmasq[989]: validation accounts.epicgames.com is BOGUS
Aug 15 18:27:53 dnsmasq[989]: reply accounts.epicgames.com is <CNAME>
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 52.202.243.46
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.168.66.53
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.171.206.70
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.205.226.14
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.230.100.209
Aug 15 18:27:53 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.203.152.178
Aug 15 18:27:58 dnsmasq[989]: query[A] accounts.epicgames.com from 192.168.1.3
Aug 15 18:27:58 dnsmasq[989]: forwarded accounts.epicgames.com to 127.0.1.1
Aug 15 18:27:58 dnsmasq[989]: dnssec-query[DS] amazonaws.com to 127.0.1.1
Aug 15 18:27:58 dnsmasq[989]: Insecure DS reply received for com, could be bad domain configuration or lack of DNSSEC support from upstream DNS servers
Aug 15 18:27:58 dnsmasq[989]: reply amazonaws.com is BOGUS DS
Aug 15 18:27:58 dnsmasq[989]: validation accounts.epicgames.com is BOGUS
Aug 15 18:27:58 dnsmasq[989]: reply accounts.epicgames.com is <CNAME>
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.168.66.53
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.171.206.70
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.205.226.14
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.230.100.209
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.203.152.178
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 52.202.243.46
Aug 15 18:27:58 dnsmasq[989]: query[A] accounts.epicgames.com from 192.168.1.3
Aug 15 18:27:58 dnsmasq[989]: forwarded accounts.epicgames.com to 127.0.1.1
Aug 15 18:27:58 dnsmasq[989]: dnssec-query[DS] amazonaws.com to 127.0.1.1
Aug 15 18:27:58 dnsmasq[989]: Insecure DS reply received for com, could be bad domain configuration or lack of DNSSEC support from upstream DNS servers
Aug 15 18:27:58 dnsmasq[989]: reply amazonaws.com is BOGUS DS
Aug 15 18:27:58 dnsmasq[989]: validation accounts.epicgames.com is BOGUS
Aug 15 18:27:58 dnsmasq[989]: reply accounts.epicgames.com is <CNAME>
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.168.66.53
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 35.171.206.70
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.205.226.14
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.203.152.178
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 34.230.100.209
Aug 15 18:27:58 dnsmasq[989]: reply accountportal-website-prod07-epc-739724359.us-east-1.elb.amazonaws.com is 52.202.243.46

Whether it is possible that DNSSEC incorrectly works on these servers? I have these options in the WAN tab for DNSSEC:

Enable DNSSEC support - YES
Validate unsigned DNSSEC replies - YES
Enable DNS Rebind protection - YES

Thanks.

Similar issues happening since .13 update. Will get pages that fail to load with DNS NX record, or DNS lookup error. then wait a bit and it reloads fine.

Looking at Diversion logs, watching for BOGUS returns, it seems that with DNSSEC enabled I get random failures. This may be related to the usage of UDP vs TCP depending on the DNSMASQ cache state as indicated here:

https://discourse.pi-hole.net/t/since-update-to-ftldns-bogus-dnssec-results-have-increased/9136/21

But at this time I believe I need to leave DNSSEC disabled. I am using Quad9.
 
AiP privacy issues aside, I'm a little suspicious of it... my router just 'feels' healthier without it running.
I haven't done much thinking about it, but always enable it-- I have teenagers. I LIKE it when I try to access websites and get that big warning on risky pages. Just curious: what do you use instead?

PS: NVM. I don't want to hijack this thread. As others have said, search is my friend.
 
Last edited:
When flashing the latest stable version on my AP it gets stuck in a bootloop when flashing an older version it boots and works fine. I even flashed the new one and reset all settings but as soon as I select AP mode it rebooted and bootlopps
 
When flashing the latest stable version on my AP it gets stuck in a bootloop when flashing an older version it boots and works fine. I even flashed the new one and reset all settings but as soon as I select AP mode it rebooted and bootlopps

Which router? Which older version?
 
Status
Not open for further replies.

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top