What's new

RTRMON RTRMON v2.1.4 -Nov 28, 2024- Monitor your Router's Health (New: AMTM, Network Conn/Bandwidth/Diag + Port Scanner + Speedtest)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I have this feeling in the back of my head that it might be because of your site-to-site setup... ;) let me take a look at the code. Could you verify that the IP on the other end is a private IP? Perhaps I can just exclude this from being able to run when it hits a private IP.

Would be interesting to see what results you get from:

Code:
iftop -i tun1x  (where x = the VPN slot# you want to listen to)
So in the snippet below, 10.8.1.2 is the tunnel and 192.168.1.3 is device that I'm accessing on remote side:
Code:
# iftop -t -i tun11
interface: tun11
IP address is: 10.8.1.2
MAC address is: 00:00:00:00:00:00
Listening on tun11
   # Host name (port/service if enabled)            last 2s   last 10s   last 40s cumulative
--------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------
Total send rate:                                         0b         0b         0b
Total receive rate:                                      0b         0b         0b
Total send and receive rate:                             0b         0b         0b
--------------------------------------------------------------------------------------------
Peak rate (sent/received/total):                         0b         0b         0b
Cumulative (sent/received/total):                        0B         0B         0B
============================================================================================

   # Host name (port/service if enabled)            last 2s   last 10s   last 40s cumulative
--------------------------------------------------------------------------------------------
   1 10.8.1.2                                 =>     22.0Kb     11.0Kb     11.0Kb     5.51KB
     192.168.1.3                              <=     75.2Kb     37.6Kb     37.6Kb     18.8KB
--------------------------------------------------------------------------------------------
Total send rate:                                     22.0Kb     11.0Kb     11.0Kb
Total receive rate:                                  75.2Kb     37.6Kb     37.6Kb
Total send and receive rate:                         97.3Kb     48.6Kb     48.6Kb
--------------------------------------------------------------------------------------------
Peak rate (sent/received/total):                     22.0Kb     75.2Kb     97.3Kb
Cumulative (sent/received/total):                    5.51KB     18.8KB     24.3KB
==========================================================================================
 
Could you please tell me how long it takes to run this on your end?

Code:
 iftop -t -i tun11 | sed '/^==/ q'
 
@visortgw ... I've got a potential fix here that should exclude private IPs from going through the iftop motions... let me know if this works for you?

Code:
curl --retry 3 "https://raw.githubusercontent.com/ViktorJp/RTRMON/develop/rtrmon.sh" -o "/jffs/scripts/rtrmon.sh" && chmod 755 "/jffs/scripts/rtrmon.sh"
 
@visortgw ... I've got a potential fix here that should exclude private IPs from going through the iftop motions... let me know if this works for you?

Code:
curl --retry 3 "https://raw.githubusercontent.com/ViktorJp/RTRMON/develop/rtrmon.sh" -o "/jffs/scripts/rtrmon.sh" && chmod 755 "/jffs/scripts/rtrmon.sh"
That is hung at the same spot — doesn't seem to make any difference. It finally completed (minutes later) with No Data for VPN1.
 
Could you please tell me how long it takes to run this on your end?

Code:
 iftop -t -i tun11 | sed '/^==/ q'
About 35 seconds.
Code:
# date
Sun Jun  2 17:08:15 EDT 2024
# iftop -t -i tun11 | sed '/^==/ q'
interface: tun11
IP address is: 10.8.1.2
MAC address is: 00:00:00:00:00:00
Listening on tun11
   # Host name (port/service if enabled)            last 2s   last 10s   last 40s cumulative
--------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------
Total send rate:                                         0b         0b         0b
Total receive rate:                                      0b         0b         0b
Total send and receive rate:                             0b         0b         0b
--------------------------------------------------------------------------------------------
Peak rate (sent/received/total):                         0b         0b         0b
Cumulative (sent/received/total):                        0B         0B         0B
============================================================================================
# date
Sun Jun  2 17:08:50 EDT 2024
 
That is hung at the same spot — doesn't seem to make any difference. It finally completed (minutes later) with No Data for VPN1.
Could you run this and let me know what it returns?

Code:
nvram get vpn_client1_addr

Whatever it returns... plug into this and please run it:

Code:
ping -c 1 -w 1 <address from above> | awk -F '[()]' '/PING/ { print $2}'

Did the ping take its time, or did it come right back?
 
Last edited:
Could you run this and let me know what it returns?

Code:
nvram get vpn_client1_addr

Whatever it returns... plug into this and please run it:

Code:
ping -c 1 -w 1 <address from above> | awk -F '[()]' '/PING/ { print $2}'
Probably not what you're expecting, but nvram get vpn_client1_addr returns the DDNS hostname for the remote site, and ping -c 1 -w 1 <address from above> | awk -F '[()]' '/PING/ { print $2}' returns the public WAN IP address for the remote site. I'd rather not release the actual hostname and associated public IP address.
 
Probably not what you're expecting, but nvram get vpn_client1_addr returns the DDNS hostname for the remote site, and ping -c 1 -w 1 <address from above> | awk -F '[()]' '/PING/ { print $2}' returns the public WAN IP address for the remote site. I'd rather not release the actual hostname and associated public IP address.
😂
 
OMG. I was definitely not prepared for that. I was expecting a private IP. Wow.

Let me stew on that over a beer... ;)
 
Probably not what you're expecting, but nvram get vpn_client1_addr returns the DDNS hostname for the remote site, and ping -c 1 -w 1 <address from above> | awk -F '[()]' '/PING/ { print $2}' returns the public WAN IP address for the remote site. I'd rather not release the actual hostname and associated public IP address.
So could you please do a search in your NVRAM for 10.8.1.2? That's the local VPN slot IP right? Wonder where that is hiding?

Code:
nvram show | grep "10.8.1.2"

Since this must be the IP you're getting on the other end... but turned into a hostname. Hopefully there's a record of it somewhere.
 
So could you please do a search in your NVRAM for 10.8.1.2? That's the local VPN slot IP right? Wonder where that is hiding?

Code:
nvram show | grep "10.8.1.2"

Since this must be the IP you're getting on the other end... but turned into a hostname. Hopefully there's a record of it somewhere.
Nope! Not a trace of it... (I had already searched for this.)
 
So could you please do a search in your NVRAM for 10.8.1.2? That's the local VPN slot IP right? Wonder where that is hiding?

Code:
nvram show | grep "10.8.1.2"

Since this must be the IP you're getting on the other end... but turned into a hostname. Hopefully there's a record of it somewhere.
[This makes no sense whatsoever!
CODE]# nvram show | grep "10.8"
vpn_client1_local=10.8.0.2
vpn_client1_remote=10.8.0.1
vpn_client2_local=10.8.0.2
vpn_client2_remote=10.8.0.1
vpn_client3_local=10.8.0.2
vpn_client3_remote=10.8.0.1
vpn_client4_local=10.8.0.2
vpn_client4_remote=10.8.0.1
vpn_client5_local=10.8.0.2
vpn_client5_remote=10.8.0.1
vpn_client_local=10.8.0.2
vpn_client_remote=10.8.0.1
vpn_server1_local=10.8.0.1
vpn_server1_remote=10.8.0.2
vpn_server1_sn=10.8.222.0[/CODE]
 
[This makes no sense whatsoever!
CODE]# nvram show | grep "10.8"
vpn_client1_local=10.8.0.2
vpn_client1_remote=10.8.0.1
vpn_client2_local=10.8.0.2
vpn_client2_remote=10.8.0.1
vpn_client3_local=10.8.0.2
vpn_client3_remote=10.8.0.1
vpn_client4_local=10.8.0.2
vpn_client4_remote=10.8.0.1
vpn_client5_local=10.8.0.2
vpn_client5_remote=10.8.0.1
vpn_client_local=10.8.0.2
vpn_client_remote=10.8.0.1
vpn_server1_local=10.8.0.1
vpn_server1_remote=10.8.0.2
vpn_server1_sn=10.8.222.0[/CODE]
My head... it hurts. 😋
 
Only the DDNS hostname.
Should that have pulled back stuff like this too?

vpn_client1_local=10.8.0.2
vpn_client1_remote=10.8.0.1

Sorry... Not in front of the computer right now. 😕
 
Should that have pulled back stuff like this too?

vpn_client1_local=10.8.0.2
vpn_client1_remote=10.8.0.1

Sorry... Not in front of the computer right now. 😕
Those exact values are in my NVRAM, which is why I said that it made no sense.
 
Well... then I'm at a loss. If we can't tell from the vpn_client1_addr value in NVRAM that it's a public or private IP address... then the only other way around this is to somehow manually create some manual exclusion for it in the settings.

Question... are you running only site-to-site VPNs on your router, or are you going out through a VPN provider as well? In other words, what are your other slots doing?
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top