Menu
What's new
By:
Filters Better Search

RT-AX88U Swapfile

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Val D. said:
I personally never run it on a VM, but I believe they solved this issue:
https://redmine.pfsense.org/issues/8954
Other people say it also works with VT-d enabled, if supported.
https://software.intel.com/en-us/ar...ms-for-efficient-virtualization-of-io-devices
Click to expand...

Don't know if that would apply to Xen (my Qotom runs XCP-NG). I only experimented with OpnSense a bit last year (overall it felt nicer than pfsense, where some of the stuff I wanted to test with it didn't even work properly - namely that DPI engine which's name I forgot).
 
RMerlin said:
Don't know if that would apply to Xen
Click to expand...

OK, you like to complicate things too much. :)
Intel VT-d needs software support too. For testing purposes VM is good, but I wouldn't share a working network Firewall on a VM.

RMerlin said:
namely that DPI engine which's name I forgot).
Click to expand...

OPNsense uses Suricata engine, pfSense has Snort and Suricata available. pfBlockerNG doesn't work in OPNsense, they have some workaround for IP/DNS filtering, but automatic updating of lists is an issue. At least it was few months ago when I played with it. Finding information about OPNsense is the major problem. You ask something and the first results in Google are for pfSense, thinking you made a typing error or something.
 
That was suricata. The pfsense updater didn't work when I tested it, but the Opnsense one did.
 
RMerlin said:
That was suricata. The pfsense updater didn't work when I tested it, but the Opnsense one did.
Click to expand...

It's working now on pfSense, but Snort rules (in case one wants to use them too in Suricata) require Registration or Subscription, otherwise only GPLv2 Community Rules are available. I use ETOpen rules, still free to use. Can't blame Talos (Snort) though, a lot of research is involved in packet inspection security. What I couldn't manage to do on OPNsense is blocking per IP first and then seeing more details what was it in Suricata. In pfSense it works with the same category lists in pfBlockerNG and then the same category rules in Suricata. In the same time I had to be careful with wife rules... I have both Subscription and Registration there, no choice. :)
 
An alternative to a Qotom, is an APUx from the Swiss company PC Engines.

https://www.pcengines.ch

The APU2C4 and the successive successors D and E revisions are also popular choices for building a personal firewall. It's a 64 bit platform with an embedded AMD G series GX-412TC 1 GHz CPU that support amongst other things AES-NI and ECC RAM (make sure you get the 4GB version and upgrade it to at least BIOS v4.8.0.5 Mainline to get ECC support). No VGA, serial only.

PC Engines - BIOS
https://pcengines.github.io

TinyCore Linux to upgrade BIOS
https://pcengines.ch/howto.htm#TinyCoreLinux

pfSense Router : I assemble and review a router based on the PCEngines APU2C4

OS install
https://pcengines.ch/howto.htm#OS_installation

Choose OS image
https://opnsense.org/download/
https://www.pfsense.org/download/
https://www.ipfire.org/download/ipfire-2.23-core139

Write image to USB stick.
https://www.balena.io/etcher/

On a ***Sense (Free/HardenedBSD) installation you can expect a 500 to 600 Mbit/s throughput. If you install IPFire or OpenWRT (Linux) you will get gigabit throughput easily.

Thera are however tweaks that promise gigabit throughput also from a ***Sense installation.

https://teklager.se/en/knowledge-base/apu2-1-gigabit-throughput-pfsense/
https://teklager.se/en/knowledge-base/opnsense-performance-optimization/

As always, choose hardware based on your expected user scenario.

PC Engines - Shop
https://www.pcengines.ch/newshop.php?c=4

~$150US APU2E4 4GB ECC RAM/16GB M-Sata SSD/Case/AC adapter

Don't forget a null modem cable.
 
Last edited:
Val D. said:
Continue inventing Reboot and Reset procedures in consumer routers. :)
Click to expand...

'Inventing'? Hardly! ;)

I've always stated that I have simply collected and organized the procedures that have been proven to work to get a router to a good/known state. Mostly from older posts from the many contributors here and from my own experiences in this field while I followed in their footsteps.
 
miroco said:
An alternative to a Qotom, is an APUx from the Swiss company PC Engines.
Click to expand...

Good little boxes, but for similar price all Intel based Qotom or Protectli (more expensive) offer more power and flexibility. I don't like to buy hardware just enough for today. What PC Engines offer is easily replicated with HP t620 Plus thin client + Intel NIC PCIe card. And HP version is faster, actually. PC Engines hardware is more power efficiency oriented. I was looking at PC Engines too, but decided to go different way.
 
I know the limitations very well, but I don't like many devices. I use only a MacBook, a bootable pedrive with Arch Linux (for when you need the sys admin), an active router (AC86U) and an inactive one (AC68U).
With my active services and memory management, I can maintain some interesting services on the AC86U. 89% ram.
 
You must log in or register to reply here.

Similar threads

S
Media Server not working
Replies
2
Views
802
drinkingbird
drinkingbird
TheMegaMan
Is my RT-AX86U dying?
Replies
8
Views
2K
Mogsy
Mogsy
David Cavalli
RT-AX88U Pro installation from RT-AC68U config files
Replies
12
Views
794
Tech9
Tech9
B
Asus - RT-AX88U - USB Application - Network Place (Samba) Share / Cloud Disk - Problem when enabling Allow guest login
Replies
4
Views
701
Benjamin1904
B
W
[Solved] RT-AX88U jffs/ubi brain mix
2
Replies
26
Views
2K
Aleksey Popov
A
Similar threads
Thread starter Title Forum Replies Date
Z Asus AX88u slow on 2.4ghz wifi on certain devices Asuswrt-Merlin 9
N Nightmare for AI mesh pairing with RT-AX88U Asuswrt-Merlin 12
D L2TP client on ax88U pro running latest merlin firmware how to add device Asuswrt-Merlin 0
StephanK RT-AX88U Pro Wireguard Asuswrt-Merlin 5
H RT-AX88U Merlin Parental Control not working Asuswrt-Merlin 3
N WiFi issues with latest version 388.8_2 on ASUS RT-AX88U Asuswrt-Merlin 7
A RT-AX88U - 3004.388.8_2 - SSH connection closed after few minutes from reboot Asuswrt-Merlin 10
S Merlin firmware and 2.4GHz band drops on AX88u and BE88u Asuswrt-Merlin 4
U Huawei E8372 LTE stick not working on AX88U Asuswrt-Merlin 1
A RT-AX88U clean installation guide Asuswrt-Merlin 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 521 (members: 20, guests: 501)
Top