Menu
What's new
By:
Filters Better Search

Recent content by Nodens

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. N

    [Dev] Asuswrt-Merlin 388.1 development

    You don't need a kill switch on WG. The interface does not go down in case the other side is unreachable so no traffic bound for the tunnel can leak. You just get loss of connectivity, like using a kill switch. "Allowed IPs" in WG terms does 2 things. First it's what is allowed to go through...
  2. N

    [Dev] Asuswrt-Merlin 388.1 development

    Oh I read it very carefully I just fail to understand what you imply, technically, by "Not every connection is going to be as impervious as fiber. A similar asymmetric cable connection would easily buckle to the bottleneck produced by the routers insufficient arm processors having to respond...
  3. N

    [Dev] Asuswrt-Merlin 388.1 development

    This is what I actually use with my ONT and it works great. The VID is usually 835 for ISPs in Europe and since he said Vodafone IT, I assume it's Italy so that should work. Here, in Greece, Vodafone uses 835 as well. EDIT: Do notice that usually static package offerings usually require the...
  4. N

    [Dev] Asuswrt-Merlin 388.1 development

    Do you mean due to retransmissions and NAT acceleration? I'm not sure on the impact there so I can't comment. If you mean due to retransmissions and AES acceleration wireguard should still be faster. If it's not userland implementation then yeah it's wireguard-linux-compat for sure. Asus may be...
  5. N

    [Dev] Asuswrt-Merlin 388.1 development

    I know its hardcoded. The difference between Xchacha20 and chacha20 is that the first uses a 192bit nonce vs a 64bit nonce on the later (with the obvious benefits). It is pretty trivial to implement support for it and fallback if it's not supported on the endpoint. This is why I said that I...
  6. N

    [Dev] Asuswrt-Merlin 388.1 development

    The original point was that this is simply not true and I explained why. No worries, we're just having a technical discussion. No one is badmouthing anything :) No one said anything about swapping kernels or whatever. At some point devices will move to newer kernels though as they always have...
  7. N

    [Dev] Asuswrt-Merlin 388.1 development

    The reasons you dislike it though are actually features. Perhaps you're too accustomed to the openvpn flow of things. This is not entirely correct. I assume you got this info trying to google for details. 5.6 is when the linux kernel merged wireguard in (2019), so from 5.6 and afterwards, it's...
  8. N

    Asuswrt-Merlin Port 80 DNAT's

    Pretty sure that's for letsencrypt certificate issuing renewal as it works exactly like that.. it uses nginx on port 80 to do the verification cause that's how letsencrypt works with the web authentication option. I know it for sure because I've tested it to see the implementation as I'm not...
  9. N

    Dual WAN (Failover with LTE LAN modem) & /28 Static Public IP DNAT/SNAT

    I have fiber WAN to AX88U and a static /28 from my ISP. I assign two IPs from this /28 to two servers providing public services. The configuration I use is this: in nat-start: ip addr add xxx.xxx.xxx.xxx/28 dev ppp0 iptables -t nat -A PREROUTING -d xxx.xxx.xxx.xxx -j DNAT --to-destination...
  10. N

    AX88U USB Ports

    Wow. How did I miss that all this time. Haha. I looked at the manual again and on the legend it uses 1 for USB port, immediately my eyes went to the port I knew that was there at the back so looking at the legend for a second port I found none but at a closer inspection now both are marked with...
  11. N

    AX88U USB Ports

    I want to attach a 5G failover USB modem to the router but don't want to lose the usb drive for scripting. The router has a single physical USB port although ASUS web page technical specs and Asuswrt web interface list 2 ports. Does this mean I can easily connect a 2 port hub and be done with...
  12. N

    Dynamic updates to BIND DNS server.

    So. What I need to do is dynamic DNS updates on an authorative BIND9 DNS server for both IPv4 and IPv6 addresses. This can be easily done with dhcpd with something like this added to conf: ddns-domainname "domain.com"; ddns-rev-domainname "in-addr.arpa"; ddns-update-style standard...
See more
Top