What's new

Asus RT-AC68U 386.2_6 low on free nvram

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

stretch

Occasional Visitor
I upgraded my RT-AC68U from 384.19 to 386.2_6 but i'm getting the following warning.

Your router is running low on free NVRAM, which might affect its stability.
Review long parameter lists (like DHCP reservations), or consider doing a factory default reset and reconfiguring.

Any idea how I can resolve this without doing a factory reset?
 
Install YazDHCP from within AMTM and it moves your reserved IP lan information to /jffs usually helps people that have lots of reserved IP's
 
Any idea how I can resolve this without doing a factory reset?
It's a warning not an error. It's likely nothing has changed it's just that the older firmware didn't show this sort of message. Check what your actual NVRAM usage is in the Tools > System Information page or on Network Map > System Status.
 
Last edited:
Thanks everyone nvram usage is


Internal Storage
NVRAM usage65267 / 65536 bytes
JFFS5.69 / 62.75 MB

which seems awfully high?

I'll check out YazDHCP
 
Yes that's too high.

Correction to my previous post :oops:, the NVRAM check was reintroduced in 384.14 so if there was an issue previously it should have shown up in 384.19. So my guess is the upgrade to 386.2_6 has consumed additional space for some reason.

Running the following command might shed some light on what is consuming some of the space:
Code:
nvram show | awk '{print length(), $0 | "sort -n -r"}' | cut -d"=" -f 1 | head -n 20
 
Plug in a USB3 Stick. Then go into AMTM and add a swap file
 
That won't help him as he's running out of space in NVRAM not memory.
Woops, read it wrong

It would be great if there were a way to map NVRAM to a USB stick.
 
It would be great if there were a way to map NVRAM to a USB stick.
nvram needs to be accessible at the very beginning of boot - long before the USB disk gets mounted.
 
If you ever used OpenVPN servers or clients, go through each of them, and click on "Default" to erase old settings.

Also if you have been running your router for many years without a factory default reset, you might have some very old certificate leftovers in memory. Create the following script then run it on your router:

Code:
#!/bin/sh

echo "Removing unused cert/key from nvram..."

for i in 1 2 3 4 5
do
    nvram unset vpn_crt_client$i\_ca
    nvram unset vpn_crt_client$i\_extra
    nvram unset vpn_crt_client$i\_crt
    nvram unset vpn_crt_client$i\_key
    nvram unset vpn_crt_client$i\_crl
    nvram unset vpn_crt_client$i\_static
done

for i in 1 2
do
    nvram unset vpn_crt_server$i\_ca
    nvram unset vpn_crt_server$i\_dh
    nvram unset vpn_crt_server$i\_ca_key
    nvram unset vpn_crt_server$i\_extra
    nvram unset vpn_crt_server$i\_client_crt
    nvram unset vpn_crt_server$i\_crl
    nvram unset vpn_crt_server$i\_crt
    nvram unset vpn_crt_server$i\_key
    nvram unset vpn_crt_server$i\_static
    nvram unset vpn_crt_server$i\_client_key
done

# SSH also migrated host keys to jffs a while back
nvram unset sshd_dsskey
nvram unset sshd_ecdsakey
nvram unset sshd_hostkey

nvram commit

echo "done."
 
Yes that's too high.

Correction to my previous post :oops:, the NVRAM check was reintroduced in 384.14 so if there was an issue previously it should have shown up in 384.19. So my guess is the upgrade to 386.2_6 has consumed additional space for some reason.

Running the following command might shed some light on what is consuming some of the space:
Code:
nvram show | awk '{print length(), $0 | "sort -n -r"}' | cut -d"=" -f 1 | head -n 20

Code:
size: 65183 bytes (353 left)
2406 custom_clientlist
1089 sshd_hostkey
931 nc_setting_conf
624 sshd_dsskey
549 rc_support
339 vpn_serverx_clientlist
246 dhcp_staticlist
213 cfg_relist
205 wl1_chansps
202 sshd_ecdsakey
200 dhcp_hostnames
166 subnet_rulelist
150 vpn_server2_cust2
150 vpn_server1_cust2
149 vpn_server_cust2
149 MULTIFILTER_MACFILTER_DAYTIME_V2
129 wps_env_buf
126 pptpd_clientlist
120 qos_rulelist
117 sta_binding_list
 
Code:
size: 65183 bytes (353 left)
2406 custom_clientlist
1089 sshd_hostkey
931 nc_setting_conf
624 sshd_dsskey
549 rc_support
339 vpn_serverx_clientlist
246 dhcp_staticlist
213 cfg_relist
205 wl1_chansps
202 sshd_ecdsakey
200 dhcp_hostnames
166 subnet_rulelist
150 vpn_server2_cust2
150 vpn_server1_cust2
149 vpn_server_cust2
149 MULTIFILTER_MACFILTER_DAYTIME_V2
129 wps_env_buf
126 pptpd_clientlist
120 qos_rulelist
117 sta_binding_list
FWIW (because we're both using an Asus RT-AC68U running on Asuswrt-Merlin 386.2_6) here's my own output from that post made by @ColinTaylor but, after last post I made too i.e after running the command contained in the link in my post, after my last reboot. There's individual config differences yes, but custom_clientlist looks like a starting point? There's plenty of existing threads on this too...

Code:
size: 46752 bytes (18784 left)
931 nc_setting_conf
597 sshd_authkeys
557 rc_support
512 custom_clientlist
164 subnet_rulelist
131 wl1_chansps
120 qos_rulelist
112 vlan_rulelist
92 1:pa5ga2
92 1:pa5ga1
92 1:pa5ga0
89 vpn_server2_ncp_ciphers
89 vpn_server1_ncp_ciphers
89 vpn_client5_ncp_ciphers
89 vpn_client4_ncp_ciphers
89 vpn_client3_ncp_ciphers
89 vpn_client2_ncp_ciphers
89 vpn_client1_ncp_ciphers
89 asus_device_list
88 vpn_server_ncp_ciphers
 
All of the above ;) but once complete, this is a useful post to use, each time, after a reboot: https://www.snbforums.com/threads/solved-high-nvram-usage.56848/#post-494736
I would discourage people from automatically running that command after every reboot.

It's usually fine to run it once (if followed immediately by a reboot) when you're having NVRAM space problems. But there are many NVRAM variables that may legitimately contain an empty string. By deleting all these variables completely you are potentially putting the router into an unpredictable state.

Yes I know there will be people that say "Well I've never had a problem with it" but that doesn't mean others won't, or that it won't bite you in some future firmware. It's much better IMHO to solve the underlying cause for the lack of space rather than botching a way to ignore it.
 
Last edited:
Code:
size: 65183 bytes (353 left)
2406 custom_clientlist
1089 sshd_hostkey
931 nc_setting_conf
624 sshd_dsskey
549 rc_support
339 vpn_serverx_clientlist
246 dhcp_staticlist
213 cfg_relist
205 wl1_chansps
202 sshd_ecdsakey
200 dhcp_hostnames
166 subnet_rulelist
150 vpn_server2_cust2
150 vpn_server1_cust2
149 vpn_server_cust2
149 MULTIFILTER_MACFILTER_DAYTIME_V2
129 wps_env_buf
126 pptpd_clientlist
120 qos_rulelist
117 sta_binding_list
Run Merlin's script. We can see that the three sshd_* variables can go for a start. Also review your custom client list to see if you really need so many entries.
 
Yes I know there will be people that say "Well I've never had a problem with it"
That's me! ;) Ever since switching over to Merlin & despite having several setup changes since...
but that doesn't mean others won't, or that it won't bite you in some future firmware.
Fair point well made. "Your own experience may vary..." is perhaps the missing suffix from that code
 
Fair point well made. "Your own experience may vary..." is perhaps the missing suffix from that code
I don't have an issue with the code per se just with the suggestion that it's run every time the router boots up. So each time the router is recreating all those variables in nvram only for them to almost immediately be deleted. Rinse and repeat.
 
so I ran

Code:
nvram get custom_clientlist | sed 's/</\n/g; s/>/\t/g' | sed 's/^/custom\t/' | tail '+2' | sed 's/\(^.*\)\(\t.*\)\(\t[0-9A-F][0-9A-F]:.*$\)/\1\3\2/' | wc -l

And I have 57 entries and they are all valid and used. Is there a way to move them to jffs OR is there a hardware upgrade people can recommend? would the RT-AX68U or RT-AX82U be a good step up?
 
Last edited:

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top