Beta Beta Firmware ASUS RT-AC86U - Version 9.0.0.4.386.41994

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

DarkKnight75

Senior Member
Still rocking latest .384 over 105 days uptime and solid. Still haven't jumped to .386..how's the performance on this beta version?
 

bbunge

Very Senior Member
You will want to upgrade if for nothing else to fix the dnsmasq security issue

ASUS RT-AC86U Firmware version 9.0.0.4.386.41994 (Beta Version)
Security Fixed:
Fixed CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686

Please be noted this is a quick fix beta version for DNSmasq vulnerabilities. Refer to "Method 2: Update Manually" in https://www.asus.com/support/FAQ/1008000 to update this firmware.

Please unzip the firmware file first then check the MD5 code.
MD5: 0231b2391f86615a4314e151f4ecd21d


Note: MD5 checksum matches
 

DarkKnight75

Senior Member
I understand, but that wasn't my question. More related to Wifi performance and or bugs found in this release.
 

bbunge

Very Senior Member
Based on my experience with this version on AC68U and AC66U_B1 I foresee no performance issues.

There is nothing in this firmware that will damage your AC86U! (Ignore that person behind the screen that is crying CPU temp too hot! I just isn't so...)
 

ATLga

Senior Member
Based on my experience with this version on AC68U and AC66U_B1 I foresee no performance issues.

There is nothing in this firmware that will damage your AC86U! (Ignore that person behind the screen that is crying CPU temp too hot! I just isn't so...)
Yeah, I'm not worried about the temps so much either. There are some negative comments about wifi performance though that concerns me.
 

OzarkEdge

Part of the Furniture
Still rocking latest .384 over 105 days uptime and solid. Still haven't jumped to .386..how's the performance on this beta version?

AC86U RC2-11 41994 beta is running fine here. The CPU wait state was fixed (enabled again) in 41700 (not released) and remains fixed in RC2-11 (normal CPU temp) (required a reset).

I've only skipped RC2-1,2,3,4, and 10:


OE
 

RMerlin

Asuswrt-Merlin dev
Off-topic posts and public arguing removed. Please keep discussions on the OP's question, which is this specific Asus beta release.
 

ATLga

Senior Member
AC86U RC2-11 41994 beta is running fine here. The CPU wait state was fixed (enabled again) in 41700 (not released) and remains fixed in RC2-11 (normal CPU temp) (required a reset).

I've only skipped RC2-1,2,3,4, and 10:


OE

I wonder if they'll just skip 41700 and just make this the general release (remove Beta label). They seems to be pretty much the same.
 

OzarkEdge

Part of the Furniture
I wonder if they'll just skip 41700 and just make this the general release (remove Beta label). They seems to be pretty much the same.

They've already skipped 41700. Not every extension gets released for a given model.

OE
 

Smedley

Regular Contributor
You will want to upgrade if for nothing else to fix the dnsmasq security issue
As I'm running my AC86U as an Access Point, am I correct in assuming the dnsmasq issue is not a security concern for my configuration?
 

ATLga

Senior Member
AC86U RC2-11 41994 beta is running fine here. The CPU wait state was fixed (enabled again) in 41700 (not released) and remains fixed in RC2-11 (normal CPU temp) (required a reset).

I've only skipped RC2-1,2,3,4, and 10:


OE
Any more issues with the channel changing from one you set to something else (you reported in the RC2 Beta thread a couple of days ago).
 

bbunge

Very Senior Member
As I'm running my AC86U as an Access Point, am I correct in assuming the dnsmasq issue is not a security concern for my configuration?
You should be OK but I would install the next "stable" release just to be sure.
 

OzarkEdge

Part of the Furniture
Any more issues with the channel changing from one you set to something else (you reported in the RC2 Beta thread a couple of days ago).

Nope. Maybe the post-upgrade power cycle set it right. There is no reason for it to be confused about what channel to use... it should stay where it's put by the router.

OE
 

DarkKnight75

Senior Member
Just upgraded.....so far so good, although my PS4 likes to show online eventhough it's offline..will power cycle again in the morning..
 
P

podkaracz

Guest
Aiprotection bugged on this beta. I had it off but tried to turn in on and update signatures but fails all the time. Unable to update signatures.
 

brentil

Occasional Visitor
I just updated my AC86U and all my DNS no longer works. I use two PiHoles for DNS for the router itself and DHCP configuration for everything in my network. The AC86U now is failing DNS lookups because my PiHoles are failing lookups.
 

brentil

Occasional Visitor
I just updated my AC86U and all my DNS no longer works. I use two PiHoles for DNS for the router itself and DHCP configuration for everything in my network. The AC86U now is failing DNS lookups because my PiHoles are failing lookups.
I powered off the AC86U and my router and repowered, the system was still blocking DNS from my PiHoles going outbound. I had to set the AC86U to use my ISP's DNS instead of my PiHoles to begin getting DNS again inside my network.
 

bbunge

Very Senior Member
I powered off the AC86U and my router and repowered, the system was still blocking DNS from my PiHoles going outbound. I had to set the AC86U to use my ISP's DNS instead of my PiHoles to begin getting DNS again inside my network.
The router needs to access upstream DNS resolvers in order to set its time. If the time does not get set some of the security settings will not work. Your Pi-Hole is not an upstream resolver and should not be used in the WAN - Internet Connection - DNS Server 1 or 2. If you want to use the Pi-Hole its LAN IP address goes in LAN - DHCP Server - DNS Server. Merlin firmware allows for two DNS Server entries in this area.

Another way is to turn off DHCP in the router and use the Pi-Hole as DHCP server. But leave the router WAN - Internet Connection - DNS Server 1 and 2 set to something upstream. Cloudflare 1.1.1.2 and 1.0.0.2 is good.

By-the-way did you know that you can run DoT via Stubby on the Pi-Hole?
 

brentil

Occasional Visitor
The router needs to access upstream DNS resolvers in order to set its time. If the time does not get set some of the security settings will not work. Your Pi-Hole is not an upstream resolver and should not be used in the WAN - Internet Connection - DNS Server 1 or 2. If you want to use the Pi-Hole its LAN IP address goes in LAN - DHCP Server - DNS Server. Merlin firmware allows for two DNS Server entries in this area.

Another way is to turn off DHCP in the router and use the Pi-Hole as DHCP server. But leave the router WAN - Internet Connection - DNS Server 1 and 2 set to something upstream. Cloudflare 1.1.1.2 and 1.0.0.2 is good.

By-the-way did you know that you can run DoT via Stubby on the Pi-Hole?
I've been running my configuration like this for 6 years across my AC68U and now AC86U and countless firmware updates with PiHoles and before that a Windows Domain DNS server with 0 issues for DNS. There's clearly something wrong with the way this update is handling allowing outbound DNS calls from systems that are not the router itself and I've done more testing to prove so.
  • Set DNS to ISP and reboot system = DNS resolves
  • Set DNS to PiHole and reboot = DNS fails from PiHoles
  • Set DNS to ISP and reboot system then change to PiHole after online = DNS resolves then fails to resolve from PiHoles
If this was only a time lookup issue then when I switch back to my PiHoles after booting using the ISP then why does it start failing again? The time should already be set from boot and shouldn't impact using the PiHoles.

If this configuration was such an issue why have I never had it once in the last 6 years but I can reproduce it every time now with this beta DNS firmware? My router is set to reboot weekly so I statistically should have had this problem at least once before now.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top