Tomato RAF Releases

Discussion in 'Tomato Firmware' started by Victek, Dec 28, 2012.

  1. Spyros

    Spyros LI Guru Member

    What is your connection/authentication type? Maybe your issue has to do with not logging out from the ISP properly before the reboot.
  2. oneaty

    oneaty Connected Client Member

    DHCP, I forgot to mention the cable modem that lies behind my network.
    In DD-WRT, the scheduled reboot tool (much the same as Tomato's) was working fine for this same router and ISP, without the need for any special logging out procedure. (The only situation in which it didn't connect was after a power outage, when the router reboot was faster than the modem's. But this was easily solved by increasing nvram boot_wait from 5 to 120, which is more a less the time the modem needs to reboot.)
  3. oneaty

    oneaty Connected Client Member

    I'm not sure but maybe this issue is related to those MAC deletes that show up in the log entries (see the entries with black painted MACs here) soon after reboot; I know this modem has some kind of authentication based on MAC addresses, whenever I connect a different MAC to it, I have to reboot the modem to get Internet connection. So, if for some reason, Tomato does not handle the router MAC address to the modem when trying to reconnect, it would explain the issue.
    The strange thing is that this seems to be random. I did another batch of automated reboots, and the first three brought the router to the Internet, but the last attempt didn't.
    BTW, after the first occurence of this issue, I set boot wait time to 120 in Tomato. Those last tests I did were were done with that value.
    Last edited: May 23, 2014
  4. Victek

    Victek Network Guru Member

    Better wait for 1.28.9014 version.. I can't test your problem with older version.. but it looks as modem issue....
  5. oneaty

    oneaty Connected Client Member

    Is there an estimated time of release?
  6. Victek

    Victek Network Guru Member

    It's not foreseen to build 4MB firmware with latest changes in Tomato RAF... no ETA at the moment.
  7. Victek

    Victek Network Guru Member

    Version 1.3f starts the internal test. Testers with RT-N16 or E4200 wanted, send me a PM.

    #~ Quagga with OSPF, RIP, and SNMP Agent Monitoring + GUI. (Aaron Finley)
    #~ TCPdump + GUI.
    #~ Netflow + GUI.
    #~ Native VLAN support (Cisco Style)
    #- UCARP.
    UCARP allows a couple of hosts to share common virtual IP addresses in order to provide automatic failover. It is a portable userland implementation of the secure and patent-free Common Address Redundancy Protocol (CARP, OpenBSD's alternative to the patents-bloated VRRP).
    #- DNScrypt resolvers. Lance Fredrickson (lancethepants).
    #- DNScrypt update to version 1.4.0.
    #- Kernel:
    netfilter: xt_TCPMSS: fix handling of malformed TCP header and options
    jiffies: Avoid undefined behavior from signed overflow
    usbip: Fix the warning of unchecked sscanf return value.
    eventfd2 syscall
    math-emu: Fix prefix detection and COP1X function field definition
    Move _RET_IP_ and _THIS_IP_ to include/linux/kernel.h
    The Master, Spyros and Elfew like this.
  8. oneaty

    oneaty Connected Client Member

    And for the 8MB Linksys E1200 v2?
  9. Elfew

    Elfew Network Guru Member

    I think this build needs bigger flash memory...but wait for Victek
  10. Victek

    Victek Network Guru Member

    No problem, use the E2000 build. I'm answering for v1.3e versions.. the test build I announced needs 16MB flash and at least 64MB RAM.
  11. kIssGlaY

    kIssGlaY Networkin' Nut Member

  12. Edrikk

    Edrikk Network Guru Member

    I'll be happy to test R7000 for you Victek... ;)
  13. M0g13r

    M0g13r LI Guru Member

  14. Victek

    Victek Network Guru Member

    We don't use the same approach to IPv6 since longtime ago... (I don't know if shibby changed it in the last version).
  15. Victek

    Victek Network Guru Member

    I have it running since few hours ago in a friend's R7000 also, may I wait for 48hours and then I send it to you?... It's a pleasure see tomato flying in this powerful device, I'll write Santa's for a gift like R7000 ;)
    Edrikk likes this.
  16. Victek

    Victek Network Guru Member

    Yes, iptraffic statistics, right ?
  17. M0g13r

    M0g13r LI Guru Member

    the piecharts ..... yes
  18. Elfew

    Elfew Network Guru Member

    I think it wouldnt be hard to port it from shibbys build.

    Anybody - good dns provider with dnssec and dnscrypt support?
  19. lancethepants

    lancethepants Network Guru Member

    Elfew likes this.
  20. Elfew

    Elfew Network Guru Member

    Thanks, I am from the Czech Republic... so I have to choise something from Poland, Germany or Austria
  21. mp1111

    mp1111 Reformed Router Member

    Hey Vik,

    Are you adding back PPT VPN?

    It's out from 1.3e. I can test ->Linksys E3000

  22. kIssGlaY

    kIssGlaY Networkin' Nut Member

    Did you fix this problem or it's still there for the time being?
  23. nurofen

    nurofen Serious Server Member

    Vic, version 1.3f for asus rt-n66u please give?
  24. RonV

    RonV Network Guru Member

    I put up the 1.3e version about 5 days ago on my rt-n66 and after a couple of days I started to see the following error message in my log about dnscrypt:

    daemon.debug dnscrypt-proxy[2999]: resolver timeout (UDP)
    It shows up about every hour. I am using OpenDNS as my DNS service so I wonder if there is an issue on their end or in the proxy itself. I am digging a bit more into it as usual but there doesn't seem to be a lot on this message.
    Last edited: May 26, 2014
  25. kthaddock

    kthaddock Network Guru Member

    What I have discovered is that OpenDns isn't answer therefor you have that in your log.
    Just wait and see if you get an answere later on.
  26. Elfew

    Elfew Network Guru Member

    Ddns is set?
  27. RonV

    RonV Network Guru Member

    I seem to have narrowed it down to one or more wireless devices. One of my kids came home with their phone and I saw a group of 6 and a group of 8 udp timeout messages for the proxy. I think before other wireless phone was just sitting on a table when I saw the hourly message so I think that one was doing some scheduled syncing activity. I will keep an eye out maybe turn off the wireless on the router for a couple of hours to validate my theory.
  28. Victek

    Victek Network Guru Member

    Tomato RAF ARM/MIPS Platform version 1.3f ready. Changelog / Fixes:

    _ Wireless driver (r448163). Mature and stable. (ARM)
    _ Quagga replaced Zebra (not working in ARM platform).* (ARM && MIPS)
    _ Quagga RIP + GUI. (Advanced/Routing GUI).* (ARM && MIPS)
    _ Quagga OSPF + GUI. (Advanced/Routing GUI).* (ARM && MIPS)
    _ dnsmasq update to 2.71. (ARM && MIPS)
    _ DNSSEC + GUI (Basic Network GUI).** (ARM && MIPS)
    _ SQlite: Updated to version (ARM && MIPS)
    _ OpenVPN 2.3.4. Update and Tomato customization. (ARM && MIPS)
    _ TCPDUMP + GUI (Tools).* (ARM && MIPS)
    _ UCARP + libpcap.* (ARM && MIPS)
    _ Dnscrypt updated to 1.4.0. (ARM && MIPS)
    _ miniupnpd 1.8 updated and revised to release May 23, 2014. Tomato customization. (ARM && MIPS)
    _ GMP updated to version 6.0.0a for DNSSEC. (ARM && MIPS)
    _ Dnscrypt resolvers and options combo list.** (ARM && MIPS)
    _ Netflow + GUI (Administration/Netflow).* (ARM && MIPS)
    _ Minidlna version 1.1.2. Update and customized for Tomato. (ARM && MIPS)
    _ Comcast DSCP IPv6 fix (in firewall GUI). (ARM && MIPS)
    _ Update libsodium to version 0.5.0. (ARM && MIPS)
    _ ipv6: don't install anycast address for /128 addresses on routers. (ARM && MIPS)
    _ dropbear: sftp correct path (ARM).

    * Aaron Finley.
    ** Lance Fredrickson (lancethepants)

    Version for R7000, RT-AC56U and RT-AC68U.

    Note: All these updates are adapted from Tomato RAF MIPS platform, so, version 1.3f for MIPS routers soon ;)

    Download: Downloads page.

    Procedure: Restore Factory Default configuration, Upgrade with Erase NVRAM option ticked, Access to GUI, Press Reboot and Configure from scratch.
    Last edited: May 27, 2014
    eahm, Spyros, Riddlah and 4 others like this.
  29. nurofen

    nurofen Serious Server Member

    Victek, I'm waiting for the router Asus rt-n 66U! Thank you!
    eahm likes this.
  30. Victek

    Victek Network Guru Member

    You need to download .. it's waiting for you....

    Available version till this moment:

    RT-N16, RT-N53, RT-N66, RT-AC56, RT-AC66, RT-AC68, R7000, E4200.... and growing...
  31. Lorenceo

    Lorenceo Networkin' Nut Member

    Just flashed 1.3f. Two things I've noticed:
    Both IPv4 + IPv6 traffic passing at the same time seems to result in reduced throughput. This has been happening for a while. It happens with and without QoS enabled. v4 or v6 traffic on their own do not exhibit the same reduced throughput.

    New with 1.3f, under Advanced, Routing there seems to be a bit of a formatting issue happening:
  32. daytimehater

    daytimehater Network Newbie Member

    im new to this I had wwdrt before and it seems to have had stronger wifi also seemed to broadcast on two wifi channels at a time. is there a way to set up raf to do the same?
  33. Victek

    Victek Network Guru Member

    Unfortunately I can't test using tunnelbroker ... I know you mention it for each new version.
    Yes, I have my routing list even longer.. I'll set a frame to shift the infinite list ...

  34. JoeDirte

    JoeDirte Networkin' Nut Member

    Flashed 1.3f on my RT-N66U. So far so good. I am using PPPoE to a bridged ADSL modem. 2.4GHz and 5GHz working. I had to reformat my JFFS after upgrading, but that wasn't unexpected. I also have a USB drive mounted and that is working fine. I have it set up for internal SMB access only with authentication. I tested SSH and SCP successfully as well.

    Thanks Vic et al!
  35. Lorenceo

    Lorenceo Networkin' Nut Member

    If there's anything I can help test let me know.
  36. Except the build for the RT-N53 is still at 1.3c.;)
    Last edited by a moderator: May 27, 2014
  37. BlaSTiWi

    BlaSTiWi Network Guru Member

    Also, except the build for the RT-N16 is still at 1.3d/e too.
  38. Victek

    Victek Network Guru Member

    Why you don't use the web GUI instead of listing the directory? tomato-ARM-ASUS_9014-RAF-v1.3f.trx .. yes.. it's.
  39. BlaSTiWi

    BlaSTiWi Network Guru Member

    Ahhh sorry, browser refreshed but I was expecting for RT-N16 on the filename like the others.
  40. Just installed 1.3f on my AC66U and cleared the NVRAM.

    5GHz isn't shown, just 2,4GHz. Is this normal? I also did reboot 2x times after installing your firmware.
  41. Victek

    Victek Network Guru Member

    Since I don't have AC66U to test it might be normal... clear nvram and start again.
  42. I had to disable Wifi, reboot and enable Wifi again. Now it's working.
  43. Victek

    Victek Network Guru Member

    Wireless drivers differs from other versions .... thank you to figure it.. have to remember for the next claim. Pls check wireless transfer speed and stability.
  44. Wireless transfer speed seems slow to me, especially with 5GHz.

    Download: 14,7 Mbps (I should get around 50 Mbps, got it with tomato shibby)
    Upload: 4,9 Mbps (this is fine)

    Download: 13,71 Mbps
    Upload: 5,4 Mbps

    Range seems fine.

    LAN speed:
    Download: 114,2 Mbps
    Upload: 5,4 Mbps
  45. Second test is better, getting up to 30Mbps with 5GHz. Its jumping between 14 and 32 Mbps.

    Probably there are newer wireless drivers to include for the next release? :)
  46. Victek

    Victek Network Guru Member

    These drivers are very stable, I get 92Mbps/down 45Mbps/up in 5GHz and 50Mbps/down 35Mbps/up in 2.4GHz. As you read in many post it's a compatibility subject with your wireless card ... I use Intel 6300 card.
  47. teh_g

    teh_g Networkin' Nut Member

    For the life of me I cannot get IPv6 working correctly here. Not sure if it is derpy user or something else...

    I have Comcast
    IPv6 Service Type - DHCPv6 with Prefix Delegation
    Prefix Length - 64
    Static DNS - Setup for Google DNS
    Accept RA from: WAN

    It looks like my router is receiving an IPv6 address, and is doling out addresses to systems on the network, but when I try to do a tracert to "", it fails on the first hop:
    Tracing route to [2607:f8b0:4005:802::1006]
    over a maximum of 30 hops:
      1  Destination net unreachable.
    Trace complete.
    Only weird thing in the log is these:
    kern.debug kernel: icmpv6_send: no reply to icmp error
  48. Spyros

    Spyros LI Guru Member

    Flashed e2000 build, everything works, using ipv6 with manual config just for the fun, awesome job.
    lancethepants likes this.
  49. Love this firmware, thanks for making DNScrypt easy!

    But like I said before, I can't get faster download speed than 32Mbps with my AC66U using 5GHz.
    I tried it with a Galaxy S3, Nexus 7 2013 and a newer Asus Notebook.
    lancethepants likes this.
  50. szpunk

    szpunk LI Guru Member


    @Victek , for set CPU frequency, maybe check debug_clkfix first.

    Attached Files:

    • 11.png
      File size:
      26.9 KB
  51. R7000

    R7000 Networkin' Nut Member

    @Victek , Thanks for releasing a firmware for the R700! A few issues.

    I was previously testing with Shibby's 119 build of Tomato for ARM, and could not for the life of me get IPV6 working properly, or NAT Loopback.

    MODEL: Netgear R7000
    TOMATO:Tomato RAF ARM/MIPS Platform version 1.3f

    1.) The zlib library (/lib/ or /usr/lib/ is missing. When trying to run the built-in nginx server or running php-cli you get the error "can't load library ''"

    2.) NAT Loopback when set to: ALL and Masquerade, I am unable to get any loopback working when trying to hit my network from LAN->WAN. Port forwarding works great from outside my network, but not LAN. I've also tried setting it to "Forwarded Ports", but still nothing. Same thing with setting it as SNAT

    3.) IPV6 is not working, despite trying the following combos (I have TWC):

    IPV6 Service Type: Native IPV6 from ISP
    Prefix Length: 64
    Accept RA: WAN (x) LAN ( )
    Everything else left blank

    I don't receive anything on the br0 interface. And there is no default "ip -6 route"

    IPV6 Service Type: Native IPV6 from ISP
    Prefix Lemgth: 64
    Accept RA: WAN (x) LAN ( )
    Assigned Prefix: 2605:6000:1019:20::
    IPV6 Address: 2605:6000:1019:20:89df:15ff:fe27:a6e2

    I receive an IPV6 address on 'br0' (and only on br0), and the following route is added.
    "default dev vlan2 metric 2048 mtu 1500 advmss 1440 hoplimit 0"

    IPV6 Service Type: Native IPV6 from ISP
    Prefix: 64
    Accept RA: WAN (x) LAN ( )
    Everything else left blank

    I receive an IPV6 address on 'br0' (and only on br0), and their are ZERO defaults routes added.

    2605:6000:1019:20::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
    fe80::/64 dev vlan1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
    fe80::/64 dev eth2 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
    fe80::/64 dev eth3 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
    fe80::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
    fe80::/64 dev vlan2 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0

    root@TomatoARM root# ping6
    PING (2607:f8b0:4000:800::1007): 56 data bytes

    --- ping statistics ---
    41 packets transmitted, 0 packets received, 100% packet loss

    I wanted to note that I have been able make IPv6 work on this router using DD-WRT and on a WNDR3700v2 using OpenWRT. So I know it's working with my ISP.
  52. Netwet

    Netwet Reformed Router Member


    With a Intel 6300AGN under DD-WRT I get 200mbps with 5G and 170mbps with 2.4. I guess there are a few more issues to fix.
    By the way, with latest drivers as in Shibbys, Intel 6300 drops the connections on 2.4G frequently, same on Netgear FW,
    only build that does not have these issues is kongs OLDD build.
    It is the only build I have found that does not have any issues with 4 of my Intel, Broadcom, Ralink and Androids.
  53. If I set manually an entry to Static DNS, will DNScrypt still work?
  54. teh_g

    teh_g Networkin' Nut Member

    You aren't alone.
    R7000 likes this.
  55. teh_g

    teh_g Networkin' Nut Member

    I have the same issues. My understanding with Comcast is that they are setup to use DHCPv6 with Prefix Delegation. With just vanilla PD, and WAN RA setup, I am getting my address but not able to run any IPv6 tests.

    I have been tinkering with this most of the evening with @dc361... He pointed me to [link][/link], which led me down a rabbit hole to this thread [link][/link] by @koitsu

    From those threads, it looks like getting an IPv6 address on LAN instead of WAN is expected (obviously someone can correct me if I am wrong, but that seems to be what the threads found). I am now at the impasse of having an IPv6 address, but not being able to reach IPv6 sites (the test IPv6 pages specifically). I tried the scripts that are referenced by koitsu, but have not had any luck.

    I am going to work more with dc361 tomorrow hopefully, and perhaps make some progress. Until then, IPv6 is disabled since it breaks my printer in this state for some stupid reason... I definitely had IPv6 working on my RT-N16 with Toastman Tomato, so I presume it is Tomato-ARM related.

    I am definitely curious to see if any other Comcast customers are having issues with IPv6.
    R7000 likes this.
  56. mmosoll

    mmosoll Networkin' Nut Member

    I am upgrading from tomatoRAF 1.28.9011 to Tomato RAF 1.28.9014 1.3f, thank you for this new version and your very good work.

    I found that WDS 5Ghz bridge between two e4200's is disconnecting frequently. I used the same configuration many years with few problems but this new implementation is really unstable, I will check it more this week. Maybe some users have ideas to minimize this problem.

    vsftpd server is outdated, current versions 2.3.4 is the same that my previous firmware. Could you update to the 3.0.2 in a next release if possible?
  57. R7000

    R7000 Networkin' Nut Member

    Glad to see someone else having an issue with this as well. Well not GLAD, but hopefully means more people getting a chance to work on it.

    Those links you posted, yea... those are the exact ones I've been referencing and trying to analyze. I jumped to the very end of the posts hoping to work my backwards trying all the suggested "fixes". Learned quite a bit, what's interesting however, when the last reply was posted (over 2 years ago), that seemed to state the fix had been merged in the codebase, the same exact issue seems to have come back. Especially when choosing DHCPv6 PD and not getting a default route. Only when choosing PD first, having it fill in the Prefix, and switching to Native does it seem to add in a default route, but even that seems to be a dead end.

    Are you having issues with the NAT loopback as well? Strange this is, using nmap on my local devices with my external IP I am able to see all the ports I have forwarded as open, but that's about it. No two way communication at all. From the looks of how I understand iptables the MASQUERADE rule is properly setup, and I am able to connect just fine externally. I've even tried turning off CTF but no use... oh well, guess most of this is pointless right now as I have a bigger problem...

    I had unset a bunch of wl0.1 rules last night, and shortly after issuing a reboot, the router is no longer responding. No amount of pressing and holding rest during power up, or holding the WiFi toggle button seem to let me reimage through tftp, let alone respond to 20 seconds after boot.:mad:

    Not as a forgiving as my WNDR3800, that's for sure. Oh well I'll have to do more research to resurrect this guy.:rolleyes:

    Please keep me posted on what you discover regarding the IPv6 issue. I forgot to mention I had dd-wrt on this before going to Tomato, and that did work with IPv6. Albeit I had to install some optware to get it to work, but didn't want to go that route with Tomato, especially since the packages are very old and the alternative (Kong's repo) does not work with Tomato-ARM.
  58. Victek

    Victek Network Guru Member

    Thanks, I was reading last post now, let's go answering ...

    a) Thanks for issue, I missed in previous mips releases and didn't patch the ARM branch.
    b) IPv6 issue, just found the solution in ARM routers thread, I'll patch for next release.

    Yes, not a priority now... it's in the TODO list.

    a) As you know dd-wrt paid a lot of money to Broadcom to have their own SDK, they can build wireless driver for dd-wrt firmware and kernel ve. We work with the binaries provided by the manufacturer and we receive more complaints than donations ... ;)
    b) The Tomato RAF version is using a different wireless driver in an effort to minimize the wireless connectivity issues.

    Thanks for the information.

    a) Wireless driver is new, delete WDS configuration and configure again.
    b) Any security bug in VSFTP to upgrade it?.

    wmz0731 and R7000 like this.
  59. teh_g

    teh_g Networkin' Nut Member

    In case you missed it, the fix for now is to add "echo 0 > /proc/sys/net/ipv6/conf/`nvram get wan_iface`/forwarding" to the Firewall Up script.
  60. teh_g

    teh_g Networkin' Nut Member

    Can you add a note to the help section mentioning what gets disabled / broken when enabling CTF?
  61. mmosoll

    mmosoll Networkin' Nut Member

    - About vsftpd, really I don't have a critical security bug, I am using TLS/SSL, but many changes and fixes since the current version 2.3.4 released in 2011 about SSL and others. I understand it is not a priority, only a wish for the future.

    - About WDS, last configuration was deleted previously but I continue testing it.
  62. Victek

    Victek Network Guru Member

    @R7000 PM with link to test bug.

    @mmosoll updating vsftpd, I'll send you a link to test new version, what model do you own?
  63. mmosoll

    mmosoll Networkin' Nut Member

    e4200, thank you
  64. Victek

    Victek Network Guru Member

    @mmosoll I sent a PM with the link to a test version using vsftp 3.0.2 for your router please test and feedback your experience. Thanks.
  65. teh_g

    teh_g Networkin' Nut Member

    Other than the little issue with IPv6,everything is nice and stable on your latest release! Making leaps and bounds over the original ARM release...
  66. Victek

    Victek Network Guru Member

  67. teh_g

    teh_g Networkin' Nut Member

    Assuming this is for me? Yeah, I can give it a test today!

    I think this was answered before, but I can't find a definite list for the life of me.... What all does not work with CTF enabled and what benefits are there? My understanding is that port forwarding won't work, but the performance on the router is increased dramatically.

    Edit: I am also curious what the stock CPU values under Advanced -> Misc -> CPU Frequency is. I feel like 188,94 is lower than it aught to be.

    Edit2: RT-AC68U
  68. Victek

    Victek Network Guru Member

    If your Internet connection speed is >250Mbps download the CTF will help, if not.. leave as it's. Services not working with CTF enabled, QoS, Bandwidth Limiter, IPtraffic statistics...

    I'll build and send you the link.
  69. teh_g

    teh_g Networkin' Nut Member

    Keeping it disabled then :D
  70. srwal

    srwal Serious Server Member


    just wondering, is there a download for the Linksys EA6500. I saw it mentioned, but on the site I don't remember seeing a download.
  71. Victek

    Victek Network Guru Member

    The code for EA6500 it's in sources but I don't have unit to test, so, no release. ;)
  72. srwal

    srwal Serious Server Member

    Ah ok, I was being too hasty I guess. Thanks for the update
  73. RonV

    RonV Network Guru Member

    Hey Victek, would you recommend a full reset for the 1.3f on the RT-N66 when upgrading from 1.3e? I have some time to test this weekend. Some of the notes you provided here was about new driver support so I just want to know what my options are to save a hour or two of configuration.
  74. Victek

    Victek Network Guru Member

    Not needed when coming from 1.3e. ;)
  75. fubdap

    fubdap LI Guru Member

    @Victek - Yesterday I upgrade my N66U from 1.3e to 1.3f. The upgrade was successful but I was prompted to enter my password. But it does not recognize my old password. After several tries, I used tomato default password to login. It then wiped out all my settings. Luckily I had my files backed up before the upgrade. So I went back to 1.3e. I then tried again with the same problem. So I am back to 1.3e. Not sure what the problem is. This is just an FYI. Thanks for all your hard work.
  76. Victek

    Victek Network Guru Member

    Weird... I updated all the routers (without erase nvram box enabled) and didn't found this problem, also not mentioned by other users, don't know what happened in your case, ASCII password?
  77. M0g13r

    M0g13r LI Guru Member

    yepp here too...
    rtn-66u 64k cfe .... update from e to f = nvram erase (without erase nvram box enabled)
    under advanced ... routing ..... the pages have some formatting issue
    scheduller ... can't delete custom script ... after refresh it is back
  78. Victek

    Victek Network Guru Member

    Routing page indentation malformed is detected, it's due to quagga, not affecting functionality but as you see the information now is exhaustive, this is the reason.

    I know it will bore you.. but nvram erase in the unit to check if Scheduler issue is solved or confirm if scheduler was working in 1.3e version please.

  79. MatteoV

    MatteoV Networkin' Nut Member

    Hi @Victek , hi all,
    I'm testing 1.3f on E4200, after a long and boring nvram 100% reset and then the whole manual settings.
    It seems to work right, CPU consumption appears slightly improved too.
    I have two little issues:
    1) dnscrypt-proxy resolvers list is empty. Don't know if I'm missing something, I tried doing a research in this thread and it does not seem I should somehow provide it the .csv list. Not a big problem, manual input works.
    2) is this me crazy, or right now "ps -w" gives a non-wide list, i.e. with cut parameters, when they are particularly long, and instead it gives out the full version of the list without the "-w" parameter? This has suddenly and for the first time ever damaged some of my own scripts' commands, so I think it's something that did not happen previously...

    Thank you.
  80. Victek

    Victek Network Guru Member

    a) Yes, I missed the csv file in mips in cluster two (I have three computers compiling tomato builds, ARM is OK), thanks for pointing it.
    b) ps command didn't changed since 1.2n version in my logbook (when updated busybox to 1.21 version).
  81. MatteoV

    MatteoV Networkin' Nut Member

    Ok, no problem, just giving the feedback I could ;)

    About b, do you think this is the expected behaviour?
    root@ROUTER:/tmp/home/root# ps | grep dnsc
      902 root  1124 S  dnscrypt-proxy -d -a -m 99 -N -k 25C4:E188:2915:4697:8F9C:2BBD:B6A7:AFA4:01ED:A051:0508:5D53:03E7:1928:C066:8F21 -r
    root@ROUTER:/tmp/home/root# ps -w | grep dnsc
      902 root  1124 S  dnscrypt-proxy -d -a -m 99 -N -k 25C4:E188:2915:4697:8F9C:2BBD
    root@ROUTER:/tmp/home/root# ps --help
    BusyBox v1.21.1 (2014-05-27 14:31:35 CEST) multi-call binary.
    Usage: ps
    Show list of processes
      w  Wide output
    I would expect the contrary :confused: ...don't you?
    Not that important, for now I just substituted all my scripts having the "-w" with nothing, otherwise the grep just doesn't work for long strings..

    p.s. isn't 2014-05-27 a bit more recent than 1.2n?
  82. ntest7

    ntest7 Network Guru Member

    snmpd appears broken in 1.3f. Running "snmpd -c /etc/snmpd.conf" from the command line exists with a status of 1 but no error message.

    Reverted to 1.3e and it works again. Tried this with both an RT-N66U and an E3000. A thorough nvram clear doesn't help.
  83. Victek

    Victek Network Guru Member

    weird .. I'll check again mips build, thanks for the information, added to bug list.

    root@R7000:/tmp/etc# cat snmpd.conf
    agentaddress udp:161
    syslocation router
    syscontact admin@tomato <admin@tomato>
    rocommunity rocommunity
    master agentx
    root@R7000:/tmp/etc# snmpd
    root@R7000:/tmp/etc# snmpd -C /etc/snmpd.conf
  84. mmosoll

    mmosoll Networkin' Nut Member

    Some parameters of vsftpd 3.0.2 configuration file are not compatible with previous version 2.3.4. The first problem is configure users accounts and after I will check SSL parameters, one of them is not compatible at a first glance. I will report to you changes when ftp server operates again.

    About previous e4200 WDS response and stability wih 9014.1.3f firmware, erasing arp table of routers solves problem, but finally the best solution for me was to use a wireless ethernet bridge and forget WDS.
    Last edited: Jun 1, 2014
  85. Victek

    Victek Network Guru Member

    Much better solution than WDS if you are point to point (QoS and Bandwidth limiter in the main router controlling all devices), WDS is foreseen for more than two routers. By the way, looking vsftpd versions from other manufacturers I confirm tomato had the most recent version before updating the test version I sent...
    Last edited: Jun 1, 2014
  86. mmosoll

    mmosoll Networkin' Nut Member

    Thanks, my source for ftp server version was wrong, sorry
  87. Lorenceo

    Lorenceo Networkin' Nut Member

    My ISP is having DNS issues at the moment, which is resulting in some DNS queries not resolving.
    This seems to have revealed another bug with Tomato. It doesn't fall back to secondary/tertiary DNS servers if a domain cannot be resolved with the primary/secondary DNS server.
    In the options I have my ISP DNS servers set as primary and secondary servers, with Google's public DNS as the tertiary server.
    Both my ISP and the router DNS server cannot resolve a certain domain ( When I try manually with the public Google DNS however it works.
    When I remove my ISP DNS from Tomato and use only Google's DNS it resolves correctly.

    Shouldn't Tomato be falling back to the third DNS server, which is resolving a given domain, and returning this result to clients that request it instead of returning nothing?
    Last edited: Jun 1, 2014
  88. RonV

    RonV Network Guru Member

    Are you using "strict-order" as one of the DNSMasq parameters? This is turned on by default if you are using DNSCrypt. If you upstream server does resolve but not reliably this could be your issue. Below is the definition of strict-order

  89. Lorenceo

    Lorenceo Networkin' Nut Member

    I've not changed any of the Dnsmasq advanced options, nor am I using DNSCrypt.
    The only configuration related to Dnsmasq I've done is set static DHCP IPs through the GUI.

    I'll try adding strict-order to the advanced DNSMasq options.

    Edit: Adding strict-order to the advanced options results in the query for timing out.

    Without strict-order:
    Server:  Router
    DNS request timed out.
      timeout was 2 seconds.
    DNS request timed out.
      timeout was 2 seconds.
    DNS request timed out.
      timeout was 2 seconds.
    DNS request timed out.
      timeout was 2 seconds.
    *** Request to Router timed-out
    Non-authoritative answer:
    With strict-order:
    Server:  Router
    *** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available
    Last edited: Jun 1, 2014
  90. RonV

    RonV Network Guru Member

    Here is another option you can try in the configuration of DNSMasq. It will send the request to all configured DNS Servers:

    Also can you look into /etc/resolv.dnsmasq to verify that your DNS servers are properly listed.

    Also have you changed your upstream DNS to known working servers? Change the upstream to Google's or OpenDNS servers. I know it's a work around for the issue that you are seeing. I have seen the DNS service on the router fall back to other servers in the past when I used OpenDNS as primary and DNSAdvantage. AT&T blocked OpenDNS and it fell back to DNSAdvantage just fine.
    Last edited: Jun 1, 2014
  91. Spyros

    Spyros LI Guru Member

    Enable Use received DNS with user-entered DNS option
  92. Lorenceo

    Lorenceo Networkin' Nut Member

    After reading the MAN page for Dnsmasq I tried the all-servers option too. It results in this:
    Server:  UnKnown
    *** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available
    nameserver 2406:e000::200
    nameserver 2001:4860:4860::8888
    nameserver 2620:0:ccc::2
    Removing the IPv6 DNS servers makes no difference to some domains not resolving.

    As mentioned in my first post, yes. Removing my ISP DNS servers and using only Google's public DNS fixes some domains not resolving. I've been doing that since I noticed this issue, but posted as it seems to me that something in Tomato is not working correctly WRT DNS lookup order/failover.
    I'd like to use my ISP DNS servers in order, as when using them I'll be directed to caches hosted on their network rather than international ones.

    Edit: Enabling "Use received DNS with user-entered DNS" has no effect.
    Also upon looking closer, I have changed other Dnsmasq settings from their defaults. I've checked all three mute ipv4/v6/ra-logging boxes. Will try disabling them and report back.

    Edit 2: Unchecking all three mute ipv4/v6/ra-logging boxes in the advanced Dnsmasq config page made no difference.
    Last edited: Jun 1, 2014
  93. RonV

    RonV Network Guru Member

    That's a tough one to should be working. I just tested mine with a offline DNS server first as listed on the OpenNIC list of servers and it failed back from it to a OpenDNS server just fine. I used strict-order on and off and it worked in each case.

    Can't think of anything else to try at this time. :-(
  94. MatteoV

    MatteoV Networkin' Nut Member

    @Victek I should add a bigger problem with 1.3f. I am using IPv6 with the 4to6 SixXS service and I did previously save nvram exports to be able to avoid any issue while configuring the unit when upgrading to 1.3f.
    The result is I am unable to have ipv6 working with this version: I get ipv6s on the clients which seem right, but both dnscrypt-proxies set on the router itself, and ipv6 connectivity in general for clients, are not working at all.
    The SixXS tunnel page indicates a certain "Tunnel Out" packet number, but no "Tunnel In" or anything else like icmp responses (100% lost), no errors (there were some growing, and there should have been), and so on.
    Anyone else having these problems? Are there known bugs around?
    SixXS will be debiting me "credits" if I'm unreachable for more than a day, and disable me if off for a week, quite annoying :/ even if they are not real credits, I don't know what will happen if I get to zero!

    Thank you.
  95. ntest7

    ntest7 Network Guru Member

    If you follow the snmpd command you tried with "echo $?" to check the exit status, you'll see it's 1; should be 0 of course.

    another command line example:
    -f do not fork
    -V verbose
    -L log to std out (poorly documented?)

    On 1.3e (working properly)
    snmpd -c /etc/snmpd.conf -f -V -L
    NET-SNMP version 5.0.9
    and then it waits for activity, displaying queries on std out.

    On 1.3f:
    # snmpd -c /etc/snmpd.conf -f -V -L
    MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs
    Cannot find module (HOST-RESOURCES-MIB): At line 0 in (none)
    Cannot find module (HOST-RESOURCES-TYPES): At line 0 in (none)
    Cannot find module (UCD-SNMP-MIB): At line 0 in (none)
    Cannot find module (UCD-DEMO-MIB): At line 0 in (none)
    Cannot find module (SNMPv2-MIB): At line 0 in (none)
    Cannot find module (IF-MIB): At line 0 in (none)
    Cannot find module (IP-MIB): At line 0 in (none)
    Cannot find module (TCP-MIB): At line 0 in (none)
    Cannot find module (UDP-MIB): At line 0 in (none)
    Cannot find module (SNMP-VIEW-BASED-ACM-MIB): At line 0 in (none)
    Cannot find module (SNMP-COMMUNITY-MIB): At line 0 in (none)
    Cannot find module (IP-FORWARD-MIB): At line 0 in (none)
    Cannot find module (NET-SNMP-PASS-MIB): At line 0 in (none)
    Cannot find module (NET-SNMP-EXTEND-MIB): At line 0 in (none)
    Cannot find module (UCD-DLMOD-MIB): At line 0 in (none)
    Turning on AgentX master support.
    No support for any checked transport domain
    Error: Couldn't open a master agentx socket to listen on ():
    # echo $?
  96. Edrikk

    Edrikk Network Guru Member

    Quick question (posting here, as I use RAF, if I should split out into another thread, let me know, and I will)...

    I have aquired an Amovision Hi3518 IP Camera. The "strange" thing (to me) is that this camera has an ethernet IP address of "00:01:02:03:04:80". Now, for whatever reason, even though I've set Tomato to serve this IP address a Static DHCP IP (with a name associated), the IP Camera does not receive the IP I have assigned to it (there are no other devices with this IP), and the Device list page does not show the name I have assigned the camera (it shows nothing).

    Is there any commands I can run to see where things are going wrong?

    This is on an R7000 (1.3f), but I also experienced this with my E3000...
  97. Victek

    Victek Network Guru Member

    I'll follow this bug since it has been created by the enterprise features OR snmpd version update ( thanks!

    edit: yes, snmp 5.6.2 added new modules definition but not written ... so, have to delete.
    Last edited: Jun 2, 2014
  98. Victek

    Victek Network Guru Member

    Looking at settings user manual it seem that DHCP server is ON by default... may be need some homework in the camera settings before add to the network?
  99. Victek

    Victek Network Guru Member

    Matteo .. on E3000 model?
  100. MatteoV

    MatteoV Networkin' Nut Member

    Ops, forgot to mention, it's E4200.

    p.s. forget about ps bug, it seems it's related to initial window settings (with Putty), my fault :)
    Last edited: Jun 2, 2014
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice