Time Scheduling still broken

[Sébastien GEOFFROY]

Hi,

I own an Asus RT88U for a year.
Time scheduling feature does'nt work well, sometimes yes (often after a reboot)...sometimes no (feature becomes stuck quickly).
I did a firmware upgrade to Merlin 384.7 but same issue with this feature.

I tried several things like disable NAT acceleration....
On the Asus web console, parental controls are correctly set (like time scheduling for 5 devices).
Today on my Asus router smartphone app, time scheduling for these devices is empty (so not the same info Vs web console).

So it's 21pm and deviced should have no network since 1 hour, but they are connected to internet...
Time is ok (GMT+1 with pool.ntp.org as NTP server), same thing when I connect to the router over ssh.

I really need this feature working for my my children... Any help would be appreciate.

Thanks for your assistance.
Sebastien

iptables-save -t filter
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [4550:3583292]
:ACCESS_RESTRICTION - [0:0]
:FUPNP - [0:0]
:INPUT_ICMP - [0:0]
:NSFW - [0:0]
:OVPN - [0:0]
Controls - [0:0]
TCSRVLAN - [0:0]
TCSRVWAN - [0:0]
:SECURITY - [0:0]
:default_block - [0:0]
:logaccept - [0:0]
:logdrop - [0:0]
ther2wan - [0:0]
-A INPUT -i eth0 -p icmp -m icmp --icmp-type 8 -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -m state --state INVALID -j DROP
-A INPUT ! -i br0 -j PTCSRVWAN
-A INPUT -i br0 -j PTCSRVLAN
-A INPUT -i br0 -m state --state NEW -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -m state --state NEW -j OVPN
-A INPUT -d 224.0.0.0/4 -p igmp -j ACCEPT
-A INPUT -d 224.0.0.0/4 -p udp -m udp ! --dport 1900 -j ACCEPT
-A INPUT -p icmp -j INPUT_ICMP
-A INPUT -j DROP
-A FORWARD -d 224.0.0.0/4 -p udp -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD ! -i br0 -o eth0 -j other2wan
-A FORWARD -m state --state INVALID -j DROP
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -j NSFW
-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT
-A FORWARD -m state --state NEW -j OVPN
-A FORWARD -i br0 -j ACCEPT
-A INPUT_ICMP -p icmp -m icmp --icmp-type 8 -j RETURN
-A INPUT_ICMP -p icmp -m icmp --icmp-type 13 -j RETURN
-A INPUT_ICMP -p icmp -j ACCEPT
-A PControls -j ACCEPT
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -j DROP
-A SECURITY -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j RETURN
-A SECURITY -p icmp -m icmp --icmp-type 8 -j DROP
-A SECURITY -j RETURN
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
-A logdrop -m state --state NEW -j LOG --log-prefix "DROP " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop -j DROP
-A other2wan -i tun+ -j RETURN
-A other2wan -j DROP
COMMIT

 

[Easy Limits]

If you are referring to wireless scheduler - it does not work for me in my new 86U. Works great in my 56U.

 

[Sébastien GEOFFROY]

I'm talking about AiProtection --> Parental Controls --> Time scheduling feature

 

[AndreiV]

All the AiProtection components are closed source , nothing Merlin can touch/fix/repair.

 

[tbone73]

All the AiProtection components are closed source , nothing Merlin can touch/fix/repair.

Does that mean it will never get fixed in Asuswrt-Merlin because it will never get merged in, or does it mean it has to be fixed upstream before Merlin can release it as part of his firmware?

I just upgraded from RT-N66U to AC-86U yesterday, and assumed that Asuswrt-Merlin would work the same (obviously I was wrong about many things). Now I found that the most important feature I need is broken. I really, really like Asuswrt-Merlin, but this one is non-negotiable unfortunately.

I had some trouble with the Time Scheduling on the RT-N66U also, until I finally tried turning off NAT acceleration. The scheduling worked fine after that. But, I had some other issues with random reboots, and Merlin was no longer supporting the N66U, so I decided it was time to get a new one. I know about John's fork, but I decided I didn't want the hassle of switching, plus the random reboots for unknown reasons.

Unfortunately, the NAT acceleration is not a thing on the AC-86U, so I can't turn it off. Is there another setting I can try changing to make it work?

Thank you in advance.

 

[doczenith1]

Unfortunately, the NAT acceleration is not a thing on the AC-86U, so I can't turn it off. Is there another setting I can try changing to make it work?

Thank you in advance.

NAT acceleration is still a thing on the 86U but it has new names. The old Flow Acceleration has been replaced with Runner and Cut Through Forwarding has been replaced with Flow Cache. Via the GUI you can get Runner to be disabled be enabling certain options. I know that AiProtection or Traffic Analyzer - Statistic will both disable Runner. I do not know how to disable Flow Cache via the GUI. I think there are ways to disable both of them via SSH but do not know the commands. I'm sure someone will chime in the more information on the SSH commands.

 

[Vexira]

Does that mean it will never get fixed in Asuswrt-Merlin because it will never get merged in, or does it mean it has to be fixed upstream before Merlin can release it as part of his firmware?

I just upgraded from RT-N66U to AC-86U yesterday, and assumed that Asuswrt-Merlin would work the same (obviously I was wrong about many things). Now I found that the most important feature I need is broken. I really, really like Asuswrt-Merlin, but this one is non-negotiable unfortunately.

I had some trouble with the Time Scheduling on the RT-N66U also, until I finally tried turning off NAT acceleration. The scheduling worked fine after that. But, I had some other issues with random reboots, and Merlin was no longer supporting the N66U, so I decided it was time to get a new one. I know about John's fork, but I decided I didn't want the hassle of switching, plus the random reboots for unknown reasons.

Unfortunately, the NAT acceleration is not a thing on the AC-86U, so I can't turn it off. Is there another setting I can try changing to make it work?

Thank you in advance.

Asus has to fix it before Merlin can add it, might be useful to post in the Asus WRT section of th fourm and see if one of the devs can help.

 

[tbone73]

Thank you both for your quick replies! I am going to try toggling the features doczenith1 mentioned and see if that does it (starting with Traffic Analyzer - Statistic). If not, I will try posting in the AsusWRT section as Vexira suggested (I assume this means the "ASUSWRT - Official" forum?). I will report back with my findings.

 

[Sébastien GEOFFROY]

I found a fix, Asus smartp app was not synced with the Asus Merlin web console.
I removed all my AIprotect schedule time for the devices both on smartphone app and web console.
Then I did the settings with the smartphone app, everyhting is now ok ... Hopefully this will work for a long time...

 

[Vexira]

Thank you both for your quick replies! I am going to try toggling the features doczenith1 mentioned and see if that does it (starting with Traffic Analyzer - Statistic). If not, I will try posting in the AsusWRT section as Vexira suggested (I assume this means the "ASUSWRT - Official" forum?). I will report back with my findings.

Yes the official forum, but in glad to hear it works

 

[tbone73]

Thank you all for your suggestions. I was able to finally get it to work, though I haven't pinned it down to one specific setting.

I set up a test bench of sorts where I streamed a live (so it could not finish buffering) YouTube video one one PC, and configured the router on the other. I found that I could interrupt YouTube streaming with time scheduling after I turned on QoS. It was proven to work in a real-life scenario (teenager on Discord) later that night. Perfect.

Turning on AI Protection by itself did not work, nor did enabling Traffic Statistics, though I left the latter turned on, since I use that feature to monitor bandwidth. I also changed "QoS Type" to "Traditional QoS", with the "Queue Discipline" setting set to "fq_codel". I do not know for sure if that had an effect. I may play with that later.

However, as long as it works, I do not want to start turning things off again to narrow it down--but I thought I could at least help someone narrow their search by posting my results here.

Thank you again everybody!

 

[Sébastien GEOFFROY]

When enabling QoS like that (see tbone73 comment), the asus web console is very very low to respond... I suspect something wrong here.

 

[jhxetc]

I could never get time scheduling to reliably work through the GUI. If you use the operating system scheduler (cron) it works 100% reliably but you have to have your jffs partition set up and be comfortable logging in through SSH and creating a couple of scripts.

 

[tbone73]

When enabling QoS like that (see tbone73 comment), the asus web console is very very low to respond... I suspect something wrong here.

For what it is worth, the web interface is not noticeably slow or slower than before. Memory and CPU usage on the router are both normal (CPU mostly idle, RAM at about 75%).

I had an issue where it was slow in Firefox, but that turned out to be an issue with SSL certificates caching. However, now I am seeing some lag in games that I didn't notice before. However, nobody else has complained so far, so it could be a red herring.

 

[devdon]

Thank you all for your suggestions. I was able to finally get it to work, though I haven't pinned it down to one specific setting.

I set up a test bench of sorts where I streamed a live (so it could not finish buffering) YouTube video one one PC, and configured the router on the other. I found that I could interrupt YouTube streaming with time scheduling after I turned on QoS. It was proven to work in a real-life scenario (teenager on Discord) later that night. Perfect.

Turning on AI Protection by itself did not work, nor did enabling Traffic Statistics, though I left the latter turned on, since I use that feature to monitor bandwidth. I also changed "QoS Type" to "Traditional QoS", with the "Queue Discipline" setting set to "fq_codel". I do not know for sure if that had an effect. I may play with that later.

However, as long as it works, I do not want to start turning things off again to narrow it down--but I thought I could at least help someone narrow their search by posting my results here.

Thank you again everybody!

Tried on AC66U_B1 stock firmware, setting up and down bandwidth to maximum of broadband line. A big drop on speed test result was observed. After inspection, found that turning on Traditional QoS will disable NAT Acceleration (CTF on AC66U_B1) automatically. So I wonder this method is equivalent to disabling NAT acceleration? Now I turned off QoS.

New to SNB and hello to all.