What's new

RT-N66U CFE Upgrade

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

schnappi

New Around Here
Tried to send a private message to @ryzhov_al, but could not do so. Maybe it is because just registered. So instead am posting here. Anyone else who can help is welcome to jump in as well.

Have a strange issue with an RT-N66U where sometimes it gets "stuck" after changing settings in the GUI. Manually turning the power off and on fixes the issue. There are other strange issues that will not get into. The only difference between this unit and other RT-N66U's running FreshTomato (not Asuswrt-Merlin) is the CFE on this unit is 1.0.1.4 instead of 1.0.1.9.

Since upgrading the CFE is dangerous wanted to touch base here before proceeding. Dooes anyone see any issue running this script (https://www.snbforums.com/threads/cfe-bootloader-update.8259/) while using FreshTomato instead of Asuswrt-Merlin?
 
Before you get to flashing a different CFE, what other steps have you taken? Have you tried a complete re-set, without anything plugged into the USB ports? Have you tried re-flashing the firmware (not CFE) to see if there is a borked nvram setting?

My N66U is running 1.0.1.3. I can tell you that I used to have Tomato (Shibby) on it and while the features were attractive, it was *not* stable. I thought that it was heat-related, and added a fan, but still found it to be unstable. Because I was sure that it was hardware related, I ended up replacing it. It spent about 6 years in a closet until I dusted it off, loaded @john9527 LTS version of Merlin with the intention to use it as an AP extender for guests.

Much to my surprise, it has been 100% stable since - almost 2 years. It's now performing yeoman's service at a relative's house. Bulletproof.

Before you flash CFE, I'd try the re-set (again) and the re-flash (with @john9527's).

Diddling with the CFE is not for the faint of heart. If you do need to flash CFE, re-set it to factory and back-up your existing CFE. There're plenty of instructions on how to do this. You also want to find a CFE reading tool to make sure that you have a valid backup.

Most of the instructions you will find on the internet use some variation of mtd-write (mtd write; mtd-write2) and only certain versions of firmware have these. On the rare occasion that I've had to flash CFE, I've tended to use the dd command to write to the appropriate partition (cat /proc/mtd).

That thread you linked to is pretty old and speculative. I'd be leery following something that's almost a decade old now.
 
Last edited:
First thank you for your role in vnStat-on-Merlin. Will admit that an RT-N66U AP running Asuswrt-Merlin LTS has always been rock solid and the Wifi performance is superior to Tomato, but FreshTomato 2021.2 has been rock solid as well with the 1.0.1.9 CFE. Tomato also allows the use of VLAN's, virtual wireless interfaces, built-in bandwidth monitoring similar to vnstat, ect.
 
This thread: https://www.linksysinfo.org/index.php?threads/best-way-to-flash-cfe-in-tomato.75113/ is focused on the R7000 but does mention the available "mtd-write" versions and has a dd mention to boot.

I completely understand the attractiveness of the ease of use of VLANs and other aspects of Tomato over Merlin. I'm still leaning towards a firmware issue rather than a CFE issue based on your description.

(PS I've tested and am using vnStat-on-Merlin R1 on the N66U and it works just fine. VLANs can be set up - albeit not as easily as FT - but once set up can be left to run.)
 
My RT-N66U running Asuswrt-Merlin LTS is in access point mode, so never have really been able to see all the features.

Does Asuswrt-Merlin LTS have an option to intercept client DNS and force a DNS server on clients as well as an adblocker/DNS filtering?
 
Does Asuswrt-Merlin LTS have an option to intercept client DNS and force a DNS server on clients...
Yes it has DNS Filtering.

as well as an adblocker/DNS filtering?
I don't know whether Diversion, the popular Merlin add-on is compatible with John's LTS fork. I just use my own 24 line script for ad-blocking.

With DNS Filtering you could use something like AdGuard DNS there as well.
 
Last edited:
Tried Asuswrt-Merlin LTS as a router, decided to stick with Tomato. Here are some observations. Wifi strength was far superior with Asuswrt-Merlin LTS. Put a Tomato RT-N66U next to a RT-N66U running Asuswrt-Merlin LTS and it was something like 65 db versus 50 db as walked further away. Stopped measuring at that point. Tomato wifi performance on the RT-N66U with FreshTomato 2021.2 is subpar, and it isn't the hardware.

However, FreshTomato 2021.2 really is just as rock solid, has a much better GUI, and better features. So FreshTomato for the router, Asuswrt-Merlin/LTS for access points.

The issues that started this thread have gone away after ATT swapped out their fiber router (have to put own network behind ATT router) and after installing a local Unbound recursive server for external queries while keeping local queries on the FreshTomato Dnsmasq. Did this by using Dnsmasq to send clients the Unbound server directly as a DNS server, and telling the Unbound server to send local queries back to Dnsmasq. While it is true that FreshTomato did hang after changing a setting, will chalk that up to changing settings left and right over a short period of time trying to figure out what was going on. After a restart it hasn't happened once (although do recall this happening once years ago as well).

External DNS through a local resolver is noticeably faster then when it has to go through Dnsmasq (both Tomato and Asuswrt-Merlin). Highly recommend using external DNS through a local resolver with a fiber connection. The internet is like it should be out of the box.

Another observation. The internet of the box directly from a BGW210-700 is the same as when using Dnsmasq on Tomato behind the BGW210-700. DNS going through a router/Dnsmasq just cannot be as fast as a local resolver for external queries no matter what public DNS server is used. A dedicated local DNS resolver on a fiber connection is magic.

Honestly, if the ATT router made the internet feel like this I never would have setup any of this. It is sad that all of this is needed to experience the internet as it should be.
 
Last edited:
Does anyone have a backup CFE from a 1.0.1.9 they could share?
I compared the Ryzhov one with another 1.0.1.9 from a N66U I have, and they have huge differences. The version string in the CFE is the same. It hardly makes sense that the same version would have vastly different code.
this is my version: "CFE 5.100.138.20 bl_version=1.0.1.9"
and the Ryzhov empty one: "CFE 5.100.138.20 bl_version=1.0.1.9"
See the attached, where Ryzhov has a massive empty block, while mine has code there. My router has done strange things recently, so I'm trying to figure out if I have a clean version, or somebody has modified it.
thanks
 

Attachments

  • Capture.PNG
    Capture.PNG
    532.8 KB · Views: 58
I have only bl_version=1.0.1.3 in my files. I do have 2 versions, 1 with stock in the name and the other with EU in the name. I don't particularly remember what each is, perhaps the EU one has different channels. If you're interested, PM me and I can forward them to you.
 
Does anyone have a backup CFE from a 1.0.1.9 they could share?
I have 2 copies of 1.0.1.9 from different routers if you're interested. Also have 1.0.1.2
 
I have 2 copies of 1.0.1.9 from different routers if you're interested. Also have 1.0.1.2
I think I figured it out. After a certain point, at at a spot in the PNG I attached, the CFE ends, and it's just garbage after that. I wanted to make sure the CFE wasn't messed around with because the router's DHCP kept freezing up once connected to the modem, .. I did the comparison and it was nearly identical up to that point. I took the CFE and erased the garbage and re-flashed it.. and it booted even with it erased, so it is just random data. After I reflashed Openwrt though, my Laptop froze, firefox disappeared, and after replacing the SSD with a backup, with no network connected, the Firefox profile disappeared, and I got some Windows errors.. So I'm throwing the router out .. and I'm not even sure what to do about the laptop. Looks like I should've just bought a new router rather than play with hex editing and flashing stuff. I need a very secure isolated VLAN router now.
thanks for the offer though.
 
CFE editor is not showing allow, just same values you can edit. If you remove same part of it that looks like random code you are done :(. You can find file CFE_AIO.zip file online that have all Asus old CFEs.
There are different version of CFE even on the same release number depend of region like EU, US etc. For example for asked CFE: rt-n66u_b1_1.0.1.1_us, rt-n66u_b1_1.0.1.2_eu, rt-n66u_b1_1.0.1.2_us, rt-n66u_b1_1.0.1.3_eu, rt-n66u_b1_1.0.1.4_eu, rt-n66u_b1_1.0.1.9_eu, rt-n66u_b1_1.0.1.9_us and additional CFE number could be related to HW version of router model - here good example is Asus RT-AC68U. And you need to remember to put yours MACs inside etc.

Therefore if you do not know what you are doing please do no play with CFE :). You can play with it to get experience if you are looking for excuse to replace old router.

New routers have it encrypted no much to do with it. If I remember correctly it started from AsusRT-AC5300.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top