Asus RT-AC68U 386.2_6 low on free nvram

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

stretch

Occasional Visitor
I upgraded my RT-AC68U from 384.19 to 386.2_6 but i'm getting the following warning.

Your router is running low on free NVRAM, which might affect its stability.
Review long parameter lists (like DHCP reservations), or consider doing a factory default reset and reconfiguring.

Any idea how I can resolve this without doing a factory reset?
 

skeal

Part of the Furniture
Install YazDHCP from within AMTM and it moves your reserved IP lan information to /jffs usually helps people that have lots of reserved IP's
 

ColinTaylor

Part of the Furniture
Any idea how I can resolve this without doing a factory reset?
It's a warning not an error. It's likely nothing has changed it's just that the older firmware didn't show this sort of message. Check what your actual NVRAM usage is in the Tools > System Information page or on Network Map > System Status.
 
Last edited:

stretch

Occasional Visitor
Thanks everyone nvram usage is


Internal Storage
NVRAM usage65267 / 65536 bytes
JFFS5.69 / 62.75 MB

which seems awfully high?

I'll check out YazDHCP
 

ColinTaylor

Part of the Furniture
Yes that's too high.

Correction to my previous post :oops:, the NVRAM check was reintroduced in 384.14 so if there was an issue previously it should have shown up in 384.19. So my guess is the upgrade to 386.2_6 has consumed additional space for some reason.

Running the following command might shed some light on what is consuming some of the space:
Code:
nvram show | awk '{print length(), $0 | "sort -n -r"}' | cut -d"=" -f 1 | head -n 20
 

Morris

Senior Member
Plug in a USB3 Stick. Then go into AMTM and add a swap file
 

Morris

Senior Member
That won't help him as he's running out of space in NVRAM not memory.
Woops, read it wrong

It would be great if there were a way to map NVRAM to a USB stick.
 

Tech9

Very Senior Member
The only real remedy is factory reset and go easy on settings storing data in NVRAM.
 

RMerlin

Asuswrt-Merlin dev
It would be great if there were a way to map NVRAM to a USB stick.
nvram needs to be accessible at the very beginning of boot - long before the USB disk gets mounted.
 

RMerlin

Asuswrt-Merlin dev
If you ever used OpenVPN servers or clients, go through each of them, and click on "Default" to erase old settings.

Also if you have been running your router for many years without a factory default reset, you might have some very old certificate leftovers in memory. Create the following script then run it on your router:

Code:
#!/bin/sh

echo "Removing unused cert/key from nvram..."

for i in 1 2 3 4 5
do
    nvram unset vpn_crt_client$i\_ca
    nvram unset vpn_crt_client$i\_extra
    nvram unset vpn_crt_client$i\_crt
    nvram unset vpn_crt_client$i\_key
    nvram unset vpn_crt_client$i\_crl
    nvram unset vpn_crt_client$i\_static
done

for i in 1 2
do
    nvram unset vpn_crt_server$i\_ca
    nvram unset vpn_crt_server$i\_dh
    nvram unset vpn_crt_server$i\_ca_key
    nvram unset vpn_crt_server$i\_extra
    nvram unset vpn_crt_server$i\_client_crt
    nvram unset vpn_crt_server$i\_crl
    nvram unset vpn_crt_server$i\_crt
    nvram unset vpn_crt_server$i\_key
    nvram unset vpn_crt_server$i\_static
    nvram unset vpn_crt_server$i\_client_key
done

# SSH also migrated host keys to jffs a while back
nvram unset sshd_dsskey
nvram unset sshd_ecdsakey
nvram unset sshd_hostkey

nvram commit

echo "done."
 

stretch

Occasional Visitor
Yes that's too high.

Correction to my previous post :oops:, the NVRAM check was reintroduced in 384.14 so if there was an issue previously it should have shown up in 384.19. So my guess is the upgrade to 386.2_6 has consumed additional space for some reason.

Running the following command might shed some light on what is consuming some of the space:
Code:
nvram show | awk '{print length(), $0 | "sort -n -r"}' | cut -d"=" -f 1 | head -n 20

Code:
size: 65183 bytes (353 left)
2406 custom_clientlist
1089 sshd_hostkey
931 nc_setting_conf
624 sshd_dsskey
549 rc_support
339 vpn_serverx_clientlist
246 dhcp_staticlist
213 cfg_relist
205 wl1_chansps
202 sshd_ecdsakey
200 dhcp_hostnames
166 subnet_rulelist
150 vpn_server2_cust2
150 vpn_server1_cust2
149 vpn_server_cust2
149 MULTIFILTER_MACFILTER_DAYTIME_V2
129 wps_env_buf
126 pptpd_clientlist
120 qos_rulelist
117 sta_binding_list
 

learning_curve

Occasional Visitor
Code:
size: 65183 bytes (353 left)
2406 custom_clientlist
1089 sshd_hostkey
931 nc_setting_conf
624 sshd_dsskey
549 rc_support
339 vpn_serverx_clientlist
246 dhcp_staticlist
213 cfg_relist
205 wl1_chansps
202 sshd_ecdsakey
200 dhcp_hostnames
166 subnet_rulelist
150 vpn_server2_cust2
150 vpn_server1_cust2
149 vpn_server_cust2
149 MULTIFILTER_MACFILTER_DAYTIME_V2
129 wps_env_buf
126 pptpd_clientlist
120 qos_rulelist
117 sta_binding_list
FWIW (because we're both using an Asus RT-AC68U running on Asuswrt-Merlin 386.2_6) here's my own output from that post made by @ColinTaylor but, after last post I made too i.e after running the command contained in the link in my post, after my last reboot. There's individual config differences yes, but custom_clientlist looks like a starting point? There's plenty of existing threads on this too...

Code:
size: 46752 bytes (18784 left)
931 nc_setting_conf
597 sshd_authkeys
557 rc_support
512 custom_clientlist
164 subnet_rulelist
131 wl1_chansps
120 qos_rulelist
112 vlan_rulelist
92 1:pa5ga2
92 1:pa5ga1
92 1:pa5ga0
89 vpn_server2_ncp_ciphers
89 vpn_server1_ncp_ciphers
89 vpn_client5_ncp_ciphers
89 vpn_client4_ncp_ciphers
89 vpn_client3_ncp_ciphers
89 vpn_client2_ncp_ciphers
89 vpn_client1_ncp_ciphers
89 asus_device_list
88 vpn_server_ncp_ciphers
 

ColinTaylor

Part of the Furniture
All of the above ;) but once complete, this is a useful post to use, each time, after a reboot: https://www.snbforums.com/threads/solved-high-nvram-usage.56848/#post-494736
I would discourage people from automatically running that command after every reboot.

It's usually fine to run it once (if followed immediately by a reboot) when you're having NVRAM space problems. But there are many NVRAM variables that may legitimately contain an empty string. By deleting all these variables completely you are potentially putting the router into an unpredictable state.

Yes I know there will be people that say "Well I've never had a problem with it" but that doesn't mean others won't, or that it won't bite you in some future firmware. It's much better IMHO to solve the underlying cause for the lack of space rather than botching a way to ignore it.
 
Last edited:

ColinTaylor

Part of the Furniture
Code:
size: 65183 bytes (353 left)
2406 custom_clientlist
1089 sshd_hostkey
931 nc_setting_conf
624 sshd_dsskey
549 rc_support
339 vpn_serverx_clientlist
246 dhcp_staticlist
213 cfg_relist
205 wl1_chansps
202 sshd_ecdsakey
200 dhcp_hostnames
166 subnet_rulelist
150 vpn_server2_cust2
150 vpn_server1_cust2
149 vpn_server_cust2
149 MULTIFILTER_MACFILTER_DAYTIME_V2
129 wps_env_buf
126 pptpd_clientlist
120 qos_rulelist
117 sta_binding_list
Run Merlin's script. We can see that the three sshd_* variables can go for a start. Also review your custom client list to see if you really need so many entries.
 

learning_curve

Occasional Visitor
Yes I know there will be people that say "Well I've never had a problem with it"
That's me! ;) Ever since switching over to Merlin & despite having several setup changes since...
but that doesn't mean others won't, or that it won't bite you in some future firmware.
Fair point well made. "Your own experience may vary..." is perhaps the missing suffix from that code
 

ColinTaylor

Part of the Furniture
Fair point well made. "Your own experience may vary..." is perhaps the missing suffix from that code
I don't have an issue with the code per se just with the suggestion that it's run every time the router boots up. So each time the router is recreating all those variables in nvram only for them to almost immediately be deleted. Rinse and repeat.
 

stretch

Occasional Visitor
so I ran

Code:
nvram get custom_clientlist | sed 's/</\n/g; s/>/\t/g' | sed 's/^/custom\t/' | tail '+2' | sed 's/\(^.*\)\(\t.*\)\(\t[0-9A-F][0-9A-F]:.*$\)/\1\3\2/' | wc -l

And I have 57 entries and they are all valid and used. Is there a way to move them to jffs OR is there a hardware upgrade people can recommend? would the RT-AX68U or RT-AX82U be a good step up?
 
Last edited:

ColinTaylor

Part of the Furniture
Take a look at YazDHCP as per post #2. That may do it, I'm not sure.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top