Release ASUS RT-AX86U Firmware version 3.0.0.4.386.46061 (2022/01/11)

tallytr

Senior Member
I can see what Asus is doing, no more new firmware for AX86U...they want us to upgrade to AX6000 :)
 

tallytr

Senior Member
I just bought a AX86U, so I hope that’s not the case.
Pretty sure they will release an update shortly with new security related patches, having said that, if I were Asus I would take my time, no need to rush anything, especially with the recent update "bricking" some routers...
I take a stable firmware any day over a "bricked" router.
The AX86U has been my best router by far.
 

visortgw

Very Senior Member
Pretty sure they will release an update shortly with new security related patches, having said that, if I were Asus I would take my time, no need to rush anything, especially with the recent update "bricking" some routers...
I take a stable firmware any day over a "bricked" router.
The AX86U has been my best router by far.
The RT-AX86U was my best router so far until I replaced it with the GT-AX6000 (and upgraded my backbone to 2.5 Gbps), using the Merlin firmware — I relegated my RT-AX68U to its current role as an AiMesh node using the latest Asus baseline firmware. I have Spectrum 1 Gbps down/35 Mbps up cable connection — over the past month since upgrading to the GT-AX6000, I am averaging 1.1 Gbps down/40 Mbps up (yes, more than the advertised rates). I use a TP-Link TL-SG3210XHP-M2 10-port (8 2.5 Gbps RJ-45 ports plus 2 10 Gbps SFP+ ports) managed switch — the TRENDnet TEG-S380 8-port unmanaged switch does not forward VLAN tags necessary to fully support AiMesh guest network 1, and the TP-Link TL-SG108-M2 8-port unmanaged switch was simply unavailable (TP-Link unmanaged switches typically forward VLAN tags). I also added Cable Matters 2.5 Gbps USB-to-Ethernet adapters (Realtek RTL8156B chip) for my Synology NASs, greatly improving their performance — using iperf3 to test, I can realize 2.46 Gbps NAS-to-NAS.
 
Last edited:

L&LD

Part of the Furniture
Crystal ball is still broken, check stickies.
 

OzarkEdge

Part of the Furniture

SAL9K

Regular Contributor
The RT-AX86U was my best router so far until I replaced it with the GT-AX6000 (and upgraded my backbone to 2.5 Gbps), using the Merlin firmware — I relegated my RT-AX68U to its current role as an AiMesh node using the latest Asus baseline firmware. I have Spectrum 1 Gbps down/35 Mbps up cable connection — over the past month since upgrading to the GT-AX6000, I am averaging 1.1 Gbps down/40 Mbps up (yes, more than the advertised rates). I use a TP-Link TL-SG3210XHP-M2 10-port (8 2.5 Gbps RJ-45 ports plus 2 10 Gbps SFP+ ports) managed switch — the TRENDnet TEG-S380 8-port unmanaged switch does not forward VLAN tags necessary to fully support AiMesh guest network 1, and the TP-Link TL-SG108-M2 8-port unmanaged switch was simply unavailable (TP-Link unmanaged switches typically forward VLAN tags). I also added Cable Matters 2.5 Gbps USB-to-Ethernet adapters (Realtek RTL8156B chip) for my Synology NASs, greatly improving their performance — using iperf3 to test, I can realize 2.46 Gbps NAS-to-NAS.
Say you have a ISP plan capped at <= 2Gbps, can someone explain the performance differences between:

1.) AX86U WAN/LAN4 dual 1GbE WAN aggregation (w/ WAN aggregation capable cable modem), and 2.5GbE for LAN duty

vs.

2.) The AX6000 w/ dual 2.5GbE WAN/LAN??

Why is dual 2.5GbE so desirable with internet <= 2Gbps?? I feel like I'm missing some critical detail with the way WAN aggregation works. Is a single-client (w/ single TCP socket) connection on the 2.5GbE LAN side limited to 1GbE across the WAN aggregation?
 
Last edited:

OzarkEdge

Part of the Furniture
Say you have a ISP plan capped at <= 2Gbps, can someone explain the performance differences between:

1.) AX86U WAN/LAN4 dual 1GbE WAN aggregation (w/ WAN aggregation capable cable modem), and 2.5GbE for LAN duty

vs.

2.) The AX6000 w/ dual 2.5GbE WAN/LAN??

Why is dual 2.5GbE so desirable with internet <= 2Gbps?? I feel like I'm missing some critical detail with the way WAN aggregation works. Is a single-client (w/ single TCP socket) connection on the 2.5GbE LAN side limited to 1GbE across the WAN aggregation?

I would assume not much practical difference, barring unknown overhead, except a hard 2.5GbE port is likely easier to implement and inherently more reliable than using aggregated ports and cables.

OE
 

RMerlin

Asuswrt-Merlin dev

SAL9K

Regular Contributor
No, only firmware 384.xx and below were targeted by it, as per Asus' security advisory.
Also, didn't the router "Enable Web Access from WAN" need to be enabled (which is disabled by default) for the Cyclops Blink malware to take?

Seems like the best way to mass-infiltrate a consumer router network, is to hack the Asus firmware delivery server, and surreptitiously place infected f/w. Is this what happened on the last AX86U f/w that bricked peoples routers?? I AM ONLY JOKING, for the record. But, do check those MD5's, people!
 
Last edited:

RMerlin

Asuswrt-Merlin dev
Also, didn't the router "Enable Web Access from WAN" need to be enabled (which is disabled by default) for the Cyclops Blink malware to take?
The infection vector was never publicly disclosed, so it's unknown if it was required or not.

Seems like the best way to mass-infiltrate a consumer router network, is to hack the Asus firmware delivery server, and surreptitiously place infected f/w.
I don't know if it's currently in use for firmware updates, but the firmware code has provision for supporting RSA signing validation. They already use it for Trend Micro signature updates.
 

AStaUK

New Around Here
Also, didn't the router "Enable Web Access from WAN" need to be enabled (which is disabled by default) for the Cyclops Blink malware to take?

Seems like the best way to mass-infiltrate a consumer router network, is to hack the Asus firmware delivery server, and surreptitiously place infected f/w. Is this what happened on the last AX86U f/w that bricked peoples routers?? I AM ONLY JOKING, for the record. But, do check those MD5's, people!
A supply chain attack would be my biggest fear with any sort of auto firmware update, I know you were only joking but I seem to recall Asus were caught out with something like this a few years back with updates to their Live Update software.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top