[Experimental] Asuswrt-Merlin 384.13 test - AiMesh/DNSSEC through OpenSSL

[SomeWhereOverTheRainBow]

Various Asus engineers promised that feature at various times during the public beta cycles for the (stock) AIMesh firmware, and it has never eventuated after nearly 2 years, which may mean it was a lot harder to implement than they initially thought ... which is not to say Eric couldn’t outsmart them yet again and do it himself, just that it is definitely not trivial from what I can tell?

it is simply because all guest network is doing is mirroring the router wireless, or when you have it turned on with the AP it is mirroring the AP wireless, certain features would not be native and functional on node guest wifi, like isolating the guest network from communicating with the rest of the network and the guest network would be able to access the main. where as the guest network on the Aimesh parent router would be able to restrict such actions, but the child node wouldn't without extra help and there is no telling what kind of impact that help would have on the node guest networks already dampen performance.

You can use SSH to turn on guest network on AImesh node, you will see it has not Isolation of any kind.

 

[bbunge]

Guess you did not get my jab at Merlin. We have had a difference in how things should work with Stubby/DNSSEC for some time. Neither of our ways is wrong. It boils down to what we prefer. I've been running DNSSEC via Stubby for a couple of weeks even though I've had to solve the router not resolving after a reboot.

IMO if DoT is enabled it should be married to stubby DNSSEC, with the simple option of DNSSEC, no need to tell dnsmasq to validate unsigned replies.

I usually bite the bullet, as I'm doing now, and run the firmware in (almost) default config for DoT/DNSSEC (yes, the .13 Alpha2). The only things I've changed are some of the timings and round robbin = 0 in Stubby.

Will I keep changing things? Sure, it is how I learn and sometimes I do come up with a better idea....

 

[Magnus33]

let it be noted you may also need a good reset done to your primary router not just the nodes.

Certainly never hurts

 

[SomeWhereOverTheRainBow]

Guess you did not get my jab at Merlin. We have had a difference in how things should work with Stubby/DNSSEC for some time. Neither of our ways is wrong. It boils down to what we prefer. I've been running DNSSEC via Stubby for a couple of weeks even though I've had to solve the router not resolving after a reboot.


I usually bite the bullet, as I'm doing now, and run the firmware in (almost) default config for DoT/DNSSEC (yes, the .13 Alpha2). The only things I've changed are some of the timings and round robbin = 0 in Stubby.

Will I keep changing things? Sure, it is how I learn and sometimes I do come up with a better idea....

I can see the point of DNSMASQ dnssec (being able to log being one), but i prefer to pass the servers validations to stubby to be validated, mainly for security. Not saying dnsmasq dnssec isn't secure. I just do not trust DoT to be dissected at that point.

 

[HuskyHerder]

Using Merlin alpha 2 on a 5300, and while setting up a 3rd 5300 as a wired node. As I was searching for the node the GUI crashed (page spontaneously refreshed) and reverted back to what would be seen pre merlin mesh support.

A simple refresh of the page brought me back to AiMesh being show in the GUI. The node was successfully added after a page refresh and going through the pairing process.

* This behavior was not noted in Alpha 1, when searching.
* This particular node is wired thru a switch. Not directly to the Master. ASUS had issues with switches earlier on. However on the last 2 or 3 fw (If I recall correctly), I have had no issues with paring thru a switch. Fluke maybe.
* Node removed and re-paired a few additional times and I was unable to replicate the GUI issue.

All in all for me it's a non issue, Ive played with Mesh enough to know it can be a fickle beast at times. Just notating it here.

 

[RMerlin]

If i have mixed node setup, will it still allow me to live up date my stock nodes that maybe in a mixed setup with merlin nodes?

Yes. The Firmware Upgrade button will appear if at least one Asus node is present and has an update available.

Only "issue" I noticed so far is that the WiFi Site survey doesn't seem to work, but consider that a very minor issue.

You have to enable data gathering on the Settings page.

which is not to say Eric couldn’t outsmart them yet again and do it himself, just that it is definitely not trivial from what I can tell?

AiMesh code is closed source, I cannot make any change to its functionality.

 

[Swistheater]

Using Merlin alpha 2 on a 5300, and while setting up a 3rd 5300 as a wired node. As I was searching for the node the GUI crashed (page spontaneously refreshed) and reverted back to what would be seen pre merlin mesh support.

A simple refresh of the page brought me back to AiMesh being show in the GUI. The node was successfully added after a page refresh and going through the pairing process.

* This behavior was not noted in Alpha 1, when searching.
* This particular node is wired thru a switch. Not directly to the Master. ASUS had issues with switches earlier on. However on the last 2 or 3 fw (If I recall correctly), I have had no issues with paring thru a switch. Fluke maybe.
* Node removed and re-paired a few additional times and I was unable to replicate the GUI issue.

All in all for me it's a non issue, Ive played with Mesh enough to know it can be a fickle beast at times. Just notating it here.

Have you tested merlin nodes yet?

 

[Swistheater]

Yes. The Firmware Upgrade button will appear if at least one Asus node is present and has an update available.



You have to enable data gathering on the Settings page.



AiMesh code is closed source, I cannot make any change to its functionality.

Thank you for your hard work on this. I will eventually see about testing scripts on nodes ,i have a few in mind, once I see the long term stability has kicked in. so far it is working great though. Thank you again for your hard work on making this test phase possible.

 

[AmyGrrl]

Woah! This is pretty awesome that we will have AiMesh now. Might have to looking into getting a 2nd router now to use with my RT-AX88U. I gave my brother my two RT-AC66U B1's that I had. But had to put the stock firmware on them so he could use AiMesh. I will have to upgrade the firmware on them later when the final build comes out. Thanks for getting this working!

 

[octopus]

Now I got this AiMesh figured out it sure is nice!! I vote to keep it as feature if we can do so without to much trouble. Great work Eric!!

What lan-ip do you have on you aimesh routers? Just asking as Im using 12.1 instead of 1.1 May have to change that to get nodes working.

 

[marcwkh]

Tried enabled the cpuwait manually, and there is around 8-9 degrees difference in CPU temperature in same ambient temp.
Eric, if it is possible to ask Asus why they disable cpuwait?
Thx a lot!

 

[Bexar]

I have a mix of routers - AC88U, AC86U and 3 Lyra Trio.

I have upgraded AC88U and AC86U to 384.13 alpha and AC88U is able to act as a master to Lyra Trio.

When trying to set up AC86U as a node and noticed that 2.4Ghz band is not working and 5Ghz band is working ok and when searching for a node, it didn’t find AC86U. Does it need both bands to be working in order to be a node to the master?

As a workaround, I put one Lyra Trio behind AC86U and have AC86U acting as a switch. So it is no big deal not to have AC86U as a node.

 

[Metallic Blue]

Long time user here, first time poster. I created my account to leave this feedback because I'm loving the AiMesh support so much and hope that this functionality makes it beyond "experimental".

Running alpha 1 (yep, I just saw there is an alpha 2 now) on an RT-AC86U with my old RT-AC68U as the node, setup wirelessly, performed firmware upgrade, switched to ethernet backhaul.. everything has worked brilliantly, not a single issue.

Thanks for the awesome work.

 

[AndreiV]

Long time user here, first time poster. I created my account to leave this feedback because I'm loving the AiMesh support so much and hope that this functionality makes it beyond "experimental".

Running alpha 1 (yep, I just saw there is an alpha 2 now) on an RT-AC86U with my old RT-AC68U as the node, setup wirelessly, performed firmware upgrade, switched to ethernet backhaul.. everything has worked brilliantly, not a single issue.

Thanks for the awesome work.

https://www.snbforums.com/threads/the-rmerlin-donation-thread.17285/

 

[Empassant18]

Quick question for the group: what is the benefit of using AiMesh with ethernet back-haul vs. setting the second router up as an access point? Right now, I have two AX88Us, both running Merlin 384.12 and I want to know what benefit I will gain over my current setup. The access point is set up with the same wireless SSIDs as the router but have different channels. It seems to work fine roaming from one to the other on VOIP, which is my main goal: fast switching with my iphone VOIP setting.

 

[JemTheWire]

Setup:
AX88U (main) running 384.13 alpha2 connected via Ethernet backhaul to an AC88U (node) running 384.12.

I am having trouble with the the node (AC88U) loosing connection after a couple of minutes. It doesn’t reconnect after it drops.

I have factory reset, including an NVRAM erase, of the node, but still it drops.

Does the node also have to be running 384.13 alpha2 as well?

Any ideas gratefully received, thanks.

 

[Kingp1n]

Setup:
AX88U (main) running 384.13 alpha2 connected via Ethernet backhaul to an AC88U (node) running 384.12.

I am having trouble with the the node (AC88U) loosing connection after a couple of minutes. It doesn’t reconnect after it drops.

I have factory reset, including an NVRAM erase, of the node, but still it drops.

Does the node also have to be running 384.13 alpha2 as well?

Any ideas gratefully received, thanks.

The recommendation is for the nodes to use the stock FW. Does the AC88U have any issues when using as the main router as far as disconnects? I was having a similar issue where when one of my nodes did not have 2.4ghz. I resetted the node and temporarily set up as my main router. The 2.4ghz signal had gone bad and would need service. It's an old router so I'm ditching it for now. All my other nodes are working flawlessly. Thanks RMerlin for this great feature. Hopefully is here to stay. No issues running alpha2 since released.

 

[HuskyHerder]

Have you tested merlin nodes yet?

Ah thank you, much appreciated. I had. missed the part for alpha 2 allowing Merlin nodes.

 

[Swistheater]

Quick question for the group: what is the benefit of using AiMesh with ethernet back-haul vs. setting the second router up as an access point? Right now, I have two AX88Us, both running Merlin 384.12 and I want to know what benefit I will gain over my current setup. The access point is set up with the same wireless SSIDs as the router but have different channels. It seems to work fine roaming from one to the other on VOIP, which is my main goal: fast switching with my iphone VOIP setting.

*note asus router also has a roaming assistant that can contribute to this behavior.*

well when you deal with AImesh the networks wireless bands are toned to each other to all have the same channels on the wireless to match your main routers wireless channels think of it as becoming a big wifi umbrella and all your wireless is suppose to the be able to seamlessly transition from one AP to the next. the wired back-haul just gives the extra added advantage of freeing up the strain on the wireless, while still benefiting from the pre-configured umbrella model. when you just have them turned on as AP you do not get the added benefit of the wireless auto adjusting power levels and channels to appropriately match the main and the enhanced benefits of the seamless capabilities. As an AP you have to configure things in a way that works for you and each band act independently of each other. this leads to you having to adjust channels and power levels properly to prevent interference.

For example, with gig speeds , i get a better wifi speed off of my 68U with Aimesh(wired back-haul used) configured, than i do with having it configured as a simple access point, I don't know why, but i just do.

 

[JemTheWire]

The recommendation is for the nodes to use the stock FW. Does the AC88U have any issues when using as the main router as far as disconnects? I was having a similar issue where when one of my nodes did not have 2.4ghz. I resetted the node and temporarily set up as my main router. The 2.4ghz signal had gone bad and would need service. It's an old router so I'm ditching it for now. All my other nodes are working flawlessly. Thanks RMerlin for this great feature. Hopefully is here to stay. No issues running alpha2 since released.

Thanks, but if I have read correctly, from alpha2, the nodes can also be running Merlin firmware.

Previously I had my AX88U in router mode and my AC88U as an access point with Ethernet backhaul, obviously. That setup was rock solid, no disconnects at all.

I have gone back to this setup and all is well again.

Is there any benefit of AIMesh over Router/AP setup?