What's new

ASUS RT-AC86U Weird Logs [MERLIN 386.2_4]

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

bbb27

New Around Here
Hello everyone,

So today, i noticed that after 10m i arrived home, i lost connection with my router. After a while, i was able to reconnect, and went to see the logs to try and get an idea of what happened, i saw types of logs that i've never seen before, even after rebooting (i won't insert ALL of them, since it's more than a thousand lines)


May 5 06:05:08 syslogd started: BusyBox v1.25.1
May 5 06:05:08 kernel: klogd started: BusyBox v1.25.1 (2021-04-30 17:01:16 EDT)
May 5 06:05:08 kernel: Booting Linux on physical CPU 0x0
May 5 06:05:08 kernel: Linux version 4.1.27 (merlin@ubuntu-dev) (gcc version 5.3.0 (Buildroot 2016.02) ) #2 SMP PREEMPT Fri Apr 30 17:41:41 EDT 2021
May 5 06:05:08 kernel: CPU: AArch64 Processor [420f1000] revision 0
May 5 06:05:08 kernel: Detected VIPT I-cache on CPU0
May 5 06:05:08 kernel: alternatives: enabling workaround for ARM erratum 845719
May 5 06:05:08 kernel: PERCPU: Embedded 15 pages/cpu @ffffffc01ffd6000 s21376 r8192 d31872 u61440
May 5 06:05:08 kernel: Built 1 zonelists in Zone order, mobility grouping on. Total pages: 122112
May 5 06:05:08 kernel: Kernel command line: coherent_pool=1M cpuidle_sysfs_switch
May 5 06:05:08 kernel: PID hash table entries: 2048 (order: 2, 16384 bytes)
May 5 06:05:08 kernel: Dentry cache hash table entries: 65536 (order: 7, 524288 bytes)
May 5 06:05:08 kernel: Inode-cache hash table entries: 32768 (order: 6, 262144 bytes)
May 5 06:05:08 kernel: Memory: 440096K/495616K available (4714K kernel code, 302K rwdata, 1580K rodata, 228K init, 534K bss, 55520K reserved, 0K cma-reserved)
.
.
.


I know it probably doesn't help much, but there's A LOT MORE of this type of logs (namely "kernel" ones), and before this, there's only entries for devices auth. and dissac, and etc, and then all of a sudden, i get more than a thousand lines of log with info that i've never seen before:confused:

It could be nothing then a simple glitch and the router simply hard rebooted itself (it's not unheard of and not the first time, although i've never noticed this logs before), or some funny individual that actually tried something that made my router hard reboot itself (i have 3 apartments connected to this router, with an average of 20+ devices connected everyday, so it's difficult for me to "control" what people do on the internet).

For what is worth, i though about asking a second opinion on this to people who knows about this stuff better than myself, if possible of course. :)

My configuration is: ISP Modem (configured on "Bridge Mode" with WiFi disabled), 1x ASUS RT-AC86U (Merlin 386.2_4) with 2x ASUS Lyra AC2200 (Asus_3.0.0.384.46630) with 1x wired and other on AiMesh.
 
What you are seeing is normal AFAIK. The May 5th date - not sure where the system gets that but that is the date it has on a cold start boot. When it finally NTP syncs its time to get a real clock it shifts to the current date/time stamp.

This is from my router tonight since I'm troubleshooting an issue and had restarted it.

May 5 01:05:26 syslog: wlceventd_proc_event(556): eth1: Assoc <masked>, status: Successful (0), rssi:0
May 5 01:05:26 dnsmasq-dhcp[467]: DHCPREQUEST(br0) 192.168.1.42 <masked>
May 5 01:05:26 dnsmasq-dhcp[467]: DHCPACK(br0) 192.168.1.42 <masked> Chromecast
May 5 01:05:27 custom_script: Running /jffs/scripts/service-event (args: start ntpd)
May 5 01:05:27 ntpd: Started ntpd
May 5 01:05:28 miniupnpd[1503]: HTTP listening on port 42876
May 5 01:05:28 miniupnpd[1503]: Listening for NAT-PMP/PCP traffic on port 5351
May 5 01:05:30 syslog: wlceventd_proc_event(527): eth1: Auth <masked>, status: Successful (0), rssi:0
May 5 01:05:31 syslog: wlceventd_proc_event(537): eth1: ReAssoc <masked>, status: Successful (0), rssi:0
May 28 21:03:33 syslog: wlceventd_proc_event(527): eth2: Auth <masked>, status: Successful (0), rssi:0
May 28 21:03:33 syslog: wlceventd_proc_event(556): eth2: Assoc <masked>, status: Successful (0), rssi:0
 
some funny individual that actually tried something that made my router hard reboot itself (i have 3 apartments connected to this router, with an average of 20+ devices connected everyday, so it's difficult for me to "control" what people do on the internet)
Have you considered connecting people you don’t know to a guest network?
 
I believe your two statements are the major concerns for both stability and legality:
"i have 3 apartments connected to this router"
"so it's difficult for me to "control" what people do on the internet).
 
Thank you for all the help guys, and sorry for the long delay answer. Been really busy.

I thought about the guest network, so i tried creating it and hide my "real" ssid, but because i have one of the AiMesh nodes connected through Wireless, the moment i hide it, it loses connection. So i went another route, and decided to install a VPN and restrict the access to the router to only my pc (i didn't know i could this last one, so it was pretty cool that i found it lol). I also had the Asus Router App on the phone and DoS protection on. I disabled DoS protection (since i saw a post of Rmerlin stating that it doesn't help much if someone actually WANTS to DDoS and it could cause some instability) and uninstalled the App.

I did all this after updating to the latest merlin firmware 386.2_6 and re-installing all latest firmwares on all routers & nodes using the L&LD guides.

It's been going for 1 and a half day without crashing, rebooting, wifi loss, "weird logs", and everything seems to be very stable for the moment, so here's hoping that the problem was fixed.
 
Last edited:
I thought about the guest network, so i tried creating it and hide my "real" ssid, but because i have one of the AiMesh nodes connected through Wireless, the moment i hide it, it loses connection.
IMHO there's no need to hide real ssid because the wireless network and the guest network could have different passwords. There is no access to the router's UI or to the LAN from within the guest network, so every client is basically on its own having access just to the Internet.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top