Diversion Diversion - the Router Ad-Blocker

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you will not be able to reply to threads 6 months after the thread is opened. Threads will not be locked, so posts may still be edited by their authors.

GregS

Occasional Visitor
@GregS, did you reuse your USB drive that was running Diversion on the RT-AC68U to the RT-AX88U?

If you did, I would recommend formatting the USB drive on a PC and 'Format JFFS partition on next reboot' to completely wipe out your previous configuration. Make sure to save anything of importance on the JFFS partition first, if needed.

Then, use amtm to format the USB drive to Ext4 w/journaling and create a swap file. Now, do a clean install of the scripts you use, beginning with Diversion.
Basically yes, it's from an AC86U that I returned. I'll try your idea and report back. Thanks
 

dave14305

Part of the Furniture
Yes, though during the last issue toggling it on/off didn't make a noticeable difference.
Is it any better if you disable logging in Diversion? Maybe it’s too slow to write the log to usb.
 

Wrkdbf_Guy

New Around Here
Stupid question probably, but I tried to install Diversion Lite on my ASUS RT-AC68U router but I got a message telling me the USB drive is "readable but not writable". So I exited the install.

As background, I formatted the USB drive via Windows to NTSF. Then using AMTM, I formatted the drive as EXT4 with Journalling; also creating a 2GB swap file. Everything formatted fine. (Not sure it's relevant, but I do see a "recovering Journal" message in the AMTM Disk Check log.)

I am a career, now retired, Software Developer - though on a different platform than Unix/Linux - so I understand profiles, permissions, etc. But not sure how to change the USB drive via the router, to make it writable. TIA, Bill
 

L&LD

Part of the Furniture
@Wrkdbf_Guy if trying to format it once again proves ineffective, just use/buy a different USB drive.
 

GregS

Occasional Visitor
Is it any better if you disable logging in Diversion? Maybe it’s too slow to write the log to usb.
I'll give that a try next time but it seems unlikely as it's a new/fast USB drive and the log doesn't move that fast normally, maybe a few queries per second during busy times and only 1 query per few seconds during slow times. Plus after I disable and re-enable there's nothing coming through in the logs. Also the AC68U instance that it replaced has a much slower USB and was handling the load fine for several years. Worth a try though, thanks.
 

GregS

Occasional Visitor
@dave14305 , @Ubimo , @L&LD
It just happened again, after the full format/re-install. Disabling the log didn't seem to make a difference. But I noticed if I turned off Skynet and Diversion, then turned Diversion back on, it would work. I tried many variations but I can't seem to get both Diversion and Skynet to work together unless I reboot; though each will work fine on it's own while in this state. To test after each change I just ran an nslookup from my computer. When I can get responses consistently without timeouts I call that a success, but there were 2 types of failure. The first is what happens initially when this problem starts, nslookup always times out and there is no activity in the log. The second type happens after I turn both Diversion and Skynet back on, responses frequently time out once or twice before returning an answer, though the log shows these requests. So basically any dns lookup takes about 4-8seconds. If while both are on I turn off Skynet then I get that first type of failure again, I must then turn Diversion off then on to get things working again (minus skynet). Not sure if it matters but I was turning these on and off via scMerlin and not through their respective GUIs. I haven't rebooted yet, is there something else I should try? Or a setting to change so it won't break again after the next reboot?
 

dave14305

Part of the Furniture
@dave14305 , @Ubimo , @L&LD
It just happened again, after the full format/re-install. Disabling the log didn't seem to make a difference. But I noticed if I turned off Skynet and Diversion, then turned Diversion back on, it would work. I tried many variations but I can't seem to get both Diversion and Skynet to work together unless I reboot; though each will work fine on it's own while in this state. To test after each change I just ran an nslookup from my computer. When I can get responses consistently without timeouts I call that a success, but there were 2 types of failure. The first is what happens initially when this problem starts, nslookup always times out and there is no activity in the log. The second type happens after I turn both Diversion and Skynet back on, responses frequently time out once or twice before returning an answer, though the log shows these requests. So basically any dns lookup takes about 4-8seconds. If while both are on I turn off Skynet then I get that first type of failure again, I must then turn Diversion off then on to get things working again (minus skynet). Not sure if it matters but I was turning these on and off via scMerlin and not through their respective GUIs. I haven't rebooted yet, is there something else I should try? Or a setting to change so it won't break again after the next reboot?
What are your WAN DNS settings? LAN DHCP Server DNS settings? LAN DNSFilter settings?

What is the full output of running nslookup snbforums.com on your computer?
 

GregS

Occasional Visitor
What are your WAN DNS settings? LAN DHCP Server DNS settings? LAN DNSFilter settings?

What is the full output of running nslookup snbforums.com on your computer?
upload_2020-3-28_21-13-15.png

upload_2020-3-28_21-14-11.png

upload_2020-3-28_21-14-46.png


C:\>nslookup snbforums.com
Server: RT-AX88U-EBF8
Address: 192.168.1.1

Non-authoritative answer:
Name: snbforums.com
Addresses: 2606:4700:20::681a:842
2606:4700:20::681a:942
104.26.9.66
104.26.8.66

Since my last post things have gotten worse, no dns nor dhcp queries work while Diversion is on. I've tried disabling logging, pixelserv to no effect. So that nslookup output above is with diversion disabled and here's what it looks like with it enabled:
C:\>nslookup snbforums.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
 

dave14305

Part of the Furniture
Since my last post things have gotten worse, no dns nor dhcp queries work while Diversion is on. I've tried disabling logging, pixelserv to no effect. So that nslookup output above is with diversion disabled and here's what it looks like with it enabled:
C:\>nslookup snbforums.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
Since you have DNS Privacy enabled, I might suspect an issue with Stubby, but it seems that dnsmasq is more the issue. What output is at the end of /opt/var/log/dnsmasq.log when the nslookup starts failing? Or follow the unfiltered diversion log in ssh and run the nslookup from your pc. Looking for SERVFAIL messages or anything about problems forwarding to 127.0.1.1 (Stubby).

Another test would be to nslookup something local such as router.asus.com to see if dnsmasq is only struggling with upstream requests or even local requests. The fact dhcp won’t work suggests it’s everything.

What block list do you use in Diversion?
 

Andy1932

Senior Member
I'm seeing an odd issue on my RT-AX88U, after awhile no DNS requests get resolved. nslookup from any client on the network will time out, following the dnsmasq log shows no queries. If I disable diversion then DNS resolution starts working again, enable and it stops again. A reboot will resolve the issue so dns will work while diversion is enabled; but the issue will return days later.
Any ideas what could be wrong? Or what I should check on the next time this happens. I did force a diversion update during the last issue but that didn't help.

For background I have been using Diversion for a few years on an AC68U and only recently upgraded to an AX88U as repeated requests to pixelserv from my ShieldTV kept overloading the router. I'm using the Standard+ blocking list. I'm using v384.15_0 of Merlin's firmware.
This happens to me, too. 86u.
 

juched

Senior Member
View attachment 22254
View attachment 22255
View attachment 22256

C:\>nslookup snbforums.com
Server: RT-AX88U-EBF8
Address: 192.168.1.1

Non-authoritative answer:
Name: snbforums.com
Addresses: 2606:4700:20::681a:842
2606:4700:20::681a:942
104.26.9.66
104.26.8.66

Since my last post things have gotten worse, no dns nor dhcp queries work while Diversion is on. I've tried disabling logging, pixelserv to no effect. So that nslookup output above is with diversion disabled and here's what it looks like with it enabled:
C:\>nslookup snbforums.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
Curious while this is failing if you see any high cpu usage from a process, or high NIC usage. It should show at the top of the top output how much is idle.

I wonder if something is spamming your network causing your router to stave out DNS responses.
 

GregS

Occasional Visitor
Since you have DNS Privacy enabled, I might suspect an issue with Stubby, but it seems that dnsmasq is more the issue. What output is at the end of /opt/var/log/dnsmasq.log when the nslookup starts failing? Or follow the unfiltered diversion log in ssh and run the nslookup from your pc. Looking for SERVFAIL messages or anything about problems forwarding to 127.0.1.1 (Stubby).

Another test would be to nslookup something local such as router.asus.com to see if dnsmasq is only struggling with upstream requests or even local requests. The fact dhcp won’t work suggests it’s everything.

What block list do you use in Diversion?
Looking through dnsmasq.log1, which is 17mb, I can see last nights testing where I was using 'nslookup microsoft.com' there were numerous SERVFAIL messages, like:
Mar 28 18:27:01 dnsmasq[9960]: query[AAAA] microsoft.com from 192.168.1.2
Mar 28 18:27:01 dnsmasq[9960]: forwarded microsoft.com to 127.0.1.1
Mar 28 18:27:02 dnsmasq[9960]: reply error is SERVFAIL

This is typically only after I'm turning things off/on to try to fix it. When it initially breaks the log won't show much at all, no odd errors or anything out of the ordinary right before it. It's as if the requests stop making it to that level. And for the times I turn it on/off and get back to that state then the last few lines are just the startup:
Mar 28 17:30:31 dnsmasq[19094]: started, version 2.80-114-ge40d8be cachesize 1500
Mar 28 17:30:31 dnsmasq[19094]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset no-auth DNSSEC no-ID loop-detect no-inotify no-dumpfile
Mar 28 17:30:31 dnsmasq[19094]: warning: interface pptp* does not currently exist
Mar 28 17:30:31 dnsmasq-dhcp[19094]: DHCP, IP range 192.168.1.100 -- 192.168.1.250, lease time 1d
(Due to a Cloudflare security block I had to replace the slashes with spaces below):
Mar 28 17:30:31 dnsmasq[19094]: read etc hosts - 5 addresses
Mar 28 17:30:36 dnsmasq[19094]: read opt share diversion list blockinglist - 27337 addresses
Mar 28 17:30:36 dnsmasq[19094]: read opt share diversion list blacklist - 0 addresses
Mar 28 17:30:36 dnsmasq[19094]: read etc hosts.dnsmasq - 0 addresses
Mar 28 17:30:37 dnsmasq[19094]: using nameserver 127.0.1.1#53

I use the Standard blocklist and then enabled Plus hosts after installing Skynet so in Diversion it shows: Standard+

I'll try router.asus.com next time it happens. DNS Privacy is not that important to me, would disabling it be a good option to try next?
 
Last edited:

GregS

Occasional Visitor
Curious while this is failing if you see any high cpu usage from a process, or high NIC usage. It should show at the top of the top output how much is idle.

I wonder if something is spamming your network causing your router to stave out DNS responses.
CPU used to be the first thing I checked as it was common whenever my old AC68U showed issues (w/pixelserv) that it'd have high cpu but on the AX88U I've never seen high sustained use; 0-3% is typical. RAM is typically only 75% utilized, it's rare I've even seen the swap file get used. How would I check NIC usage? General traffic (via SNMP) looks fine, I've not seen any correlation between overall network load and this issue. On many occasions it's happened in the middle of the night, waking me up from various alerting systems I have.
 

Wrkdbf_Guy

New Around Here
@Wrkdbf_Guy if trying to format it once again proves ineffective, just use/buy a different USB drive.
Thanks @L&LD. A second reformat of the USB device did the trick. Diversion Standard and all it's required tools are now installed and running.
 

dave14305

Part of the Furniture
DNS Privacy is not that important to me, would disabling it be a good option to try next?
It would remove the dependency of dnsmasq on Stubby to isolate.
 
Last edited:

juched

Senior Member
CPU used to be the first thing I checked as it was common whenever my old AC68U showed issues (w/pixelserv) that it'd have high cpu but on the AX88U I've never seen high sustained use; 0-3% is typical. RAM is typically only 75% utilized, it's rare I've even seen the swap file get used. How would I check NIC usage? General traffic (via SNMP) looks fine, I've not seen any correlation between overall network load and this issue. On many occasions it's happened in the middle of the night, waking me up from various alerting systems I have.
Run “top” in a terminal. It shows at the top the categories of use. I have seen an issue where NIC went very high and caused other issues.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top