[Release] Asuswrt-Merlin 384.9 is now available

[octopus]

Thanks.
Now vpn working and get DNS from vpnprovider. Exempions working, bypass ipnummer.
All other device on lan-net get same DNS as vpnprovider there I would to use my ISP-DNS servers.

Someone have a small clue.....maby

 

[skeal]

Someone have a small clue.....maby

Go to the WAN page and instead of a specific dns server, use connect to dns automatically. This should pull your ISP DNS to the router. All devices except the vpn will use the automatically assigned DNS.

 

[Howard_inGA]

Nothing that I can think of, but there are thousands of line changes, so it's hard to tell for sure. Since I have never experienced it, it must be triggered by something very specific.



Using a Guest Network or some kind of bridge/repeater?

I do have an active Guest network, but there aren't any clients using it over the period since I upgraded to 9.
I also have a Netgear wifi bridge active in extending internet access to various wired devices in the home entertainment center. These are new log entries that started after the new software update, and I can't figure if they are significant?

 

[RMerlin]

I do have an active Guest network, but there aren't any clients using it over the period since I upgraded to 9.

Your log says otherwise:

Feb 17 10:03:56 WLCEVENTD: wl1.1: Assoc **:6E

That was a client connecting to the 5GHz Guest Network.

 

[RMerlin]

People with dnsmasq errors, any of you using IPv6? That was the only change in that dnsmasq section of the code since 2017.

What about DNSFilter?

 

[octopus]

Go to the WAN page and instead of a specific dns server, use connect to dns automatically. This should pull your ISP DNS to the router. All devices except the vpn will use the automatically assigned DNS.

Thanks
I have tried that and and vpn use vpn-provider dns and wan use vpn-provider dns.
I use automatic wan-dns. So wan use vpn-dns instead of ip-provider-dns.
And that was my thoughts how it works.

 

[skeal]

Thanks
I have tried that and and vpn use vpn-provider dns and wan use vpn-provider dns.
I use automatic wan-dns. So wan use vpn-dns instead of ip-provider-dns.
And that was my thoughts how it works.

For this to work, do what I said for DNS on the WAN page. In the settings for the OVPN client, choose accept DNS Exclusive. This will make it so that only vpn devices use vpn provider DNS. Your other non vpn devices will use your ISP DNS.

 

[octopus]

For this to work, do what I said for DNS on the WAN page. In the settings for the OVPN client, choose accept DNS Exclusive. This will make it so that only vpn devices use vpn provider DNS. Your other non vpn devices will use your ISP DNS.

I you use Exclusive you cant use Exceptions of some ip on wanside, have to use strict to have that working.

 

[skeal]

I you use Exclusive you cant use Exceptions of some ip on wanside, have to use strict to have that working.

What do you mean exceptions?

 

[octopus]

What do you mean exceptions?

Like this:
pc1-bypass 192.168.12.134 213.136.63.73 WAN

 

[skeal]

Like this:
pc1-bypass 192.168.12.134 213.136.63.73 WAN

Excuse my stupidity but what is that used for?

 

[octopus]

Excuse my stupidity but what is that used for?

If you want to have som ipnumber or net bypass vpn-provider and use isp-ip.

 

[skeal]

I understand that but you can do that with policy rules. Route what you want through the tunnel and the rest through WAN.

 

[DroidST]

Dirty Update to 384.9 (from 384.8_2) on the 68R two days ago and the 86U this morning. I always reboot the router before applying the f/w update and after.

So far, good. I see the dcd log and of course read the changelog first. I like the additional log info and Wireless Log Streams data.

.

 

[owine]

People with dnsmasq errors, any of you using IPv6? That was the only change in that dnsmasq section of the code since 2017.

What about DNSFilter?

Native IPv6 here. All works as expected, 10/10 on test-ipv6.

DNSFilter enabled with Global mode Router and no exceptions.

 

[octopus]

I understand that but you can do that with policy rules. Route what you want through the tunnel and the rest through WAN.

Yes, policy rules only work if you use strict, but then vpn and wan use same dns, from vpn-provider.
Everything works fine if I use Exclusive but then it not possible to use exceptions.

 

[Howard_inGA]

Your log says otherwise:



That was a client connecting to the 5GHz Guest Network.

You are so correct! I had forgotten that there was a visitor on Guest. However, then those 'WLCEVENTD: wl1.1: Assoc entries' probably do not have anything to do with the hundreds of 'dnsmasq[323]: failed to send packet: Operation not permitted' entries being generated?
I am using IPv6 as the norm on my network, so that might make a difference?

 

[Sonyrolfy]

Yes, policy rules only work if you use strict, but then vpn and wan use same dns, from vpn-provider.
Everything works fine if I use Exclusive but then it not possible to use exceptions.

You are right, DNS strict uses VPN DNS on WAN, I’ve posted this on 30th January, but must say I didn’t pay much attention to it later on. I came across this when my tried my LG tv to play Netflix, and it said its not able to play due to a VPN? That made me wonder. Because TV was set on policy rules outside the vpn, using wan. But VPN was set to strict for other devices. I remember that in the beta 9 the dnsmasq was changed because it was not working accordingly. Anyhow i didnt tested it lateron. When I set VPN to exclusive it works as expected and policy rules work for me.

<a href="https://www.snbforums.com/threads/b...eta-is-now-available.54731/page-3#post-462798">[Beta] Asuswrt-Merlin 384.9 Beta is now available</a>

 

[skeal]

The configuration I have been explaining to you, has been working for me and many others, since ovpn 2.4 was released on Merlin. Check some of the many related posts throughout this forum. If you still need help I would encourage you to start your own thread. Cheers!

 

[Mutzli]

Hi Eric
I have a problem with adaptive QOS using FQ_codel. I am on 384.9 using AC5300. My link speed is 50/20.
With QOS disabled i get 46/16.5 - and DSL Reports gives me an A+,A,A+ most of the time
I have my manual settings D- 45, U-15 and everything set at default priority.
When I enable QOS my speeds go down to D-14.5 U-8 - I noticed this in Log.

Feb 19 13:32:40 rc_service: httpd 3833:notify_rc restart_qos;restart_firewall
Feb 19 13:32:41 qos: Applying codel patch
Feb 19 13:32:42 BWDPI: fun bitmap = ff
Feb 19 13:32:42 A.QoS: qos_count=0, qos_check=0
Feb 19 13:32:42 kernel: ERR[qos_start:3364] qos_ops is not registered!
Feb 19 13:32:42 A.QoS: set_qos_on fails
Feb 19 13:32:42 A.QoS: restart A.QoS because set_qos_conf / set_qos_on / setup rule fail
Feb 19 13:32:42 kernel: ioctl_iqos_op_switch(1) fail!
Feb 19 13:32:43 A.QoS: qos_count=0, qos_check=1
Feb 19 13:32:46 A.QoS: qos rule is less than 22
Feb 19 13:32:46 A.QoS: restart A.QoS because set_qos_conf / set_qos_on / setup rule fail
Feb 19 13:32:48 A.QoS: qos_count=1, qos_check=1
Feb 19 13:32:48 A.QoS: qos rule is less than 22
Feb 19 13:32:48 A.QoS: restart A.QoS because set_qos_conf / set_qos_on / setup rule fail
Feb 19 13:32:49 A.QoS: qos_count=2, qos_check=1
Feb 19 13:32:49 A.QoS: qos rule is less than 22
Feb 19 13:32:49 A.QoS: restart A.QoS because set_qos_conf / set_qos_on / setup rule fail

I have reset to factory default numerous times - and rentered config - still no change to degraded speeds with QOS enabled.

Check out the script from FreshJR to improve router throughput.