Šta je novo?

Merlin Firmware v388.1-beta 1 - WireGuard podrška za Asus AX routere.

alex303

Čuven
Učlanjen(a)
19.04.2005
Poruke
2,822
Poena
815
Jako lepa vest za vlasnike jeftinijih Asus AX routera koji ne podržavaju ni jedan drugi firmware osim Merlin Firmware-a. Za one koji ne znaju, premium modeli Asus routera kao što je recimo Asus AC68U podržavaju flešovanje custom firmware-a kao što je OpenWRT, DD-WRT, FreshTomato...itd koji mogu značajno da prošire mogućnosti routera i njihov životni vek. Svi navedeni firmware-i podržavaju WireGuard Client/Server režim što ih čini odličnim za kućnu upotrebu u sprezi sa nekim VPN servisom kao što su Mullvad VPN ili NordVPN.

Jeftiniji Asus AX routeri u koje spada recimo Asus AX56U, nemaju podršku za gore navedene custom firmware. Takvi routeri podržavaju samo Merlin firmware koji je modifikacija originalnog Asus firmware-a sa proširenim mogućnostima. Merlin firmware je do danas podržavao samo OpenVPN a to nije dovoljno zbog mnogo većih brzina interneta. Korišćenje OpenVPN-a protokola na ovim routerima ima kao rezultat veliki pad brzine i odziva interneta kada se koristi neki od VPN servisa. Danas je tome došao kraj, jer je Merlin firmware v388.1-beta 1 napokon dobio full WireGuard Client/Server podršku što će jeftinijim Asus AX routerima drastično povećati vrednost i upotrebljivost a pogotovo brzinu i odziv kada se koristi neki VPN servis.

Trenutno podržani router su:
  • RT-AX56U
  • RT-AX58U
  • RT-AX86U
  • RT-AX88U
  • GT-AX11000
  • RT-AX68U
  • GT-AXE11000
  • ZenWiFi Pro XT12
  • GT-AX6000
  • GT-AXE16000
  • GT-AX11000 Pro
  • RT-AX86U Pro

Firmware se može skinuti odavde. A ovo je changelog.

Kod:
Asuswrt-Merlin Changelog
========================

388.1 (xx-xxx-xxxx)
  - NOTE: This release is only available for AX models.
    AC models will remain on the 386_xx release branch.

  - NEW: Add RT-AX86U_PRO support.
  - NEW: Merged with GPL 388_20566 (RT-AX88U and GT-AX11000)
  - NEW: Merged with GPL 388_21224 (all other AX models)
  - NEW: Experimental ROG UI version for GT models, as a separate
         firmware image within the distribution archive, with
         "_rog" in the filename.
  - NEW: (Asus 388) WireGuard client and server.  The server uses
         the new 388 VPN server webui.  Implemented a webui for
         clients, based on the early development UI from Asus.

         WG client routing is handled by VPN Director - you must
         configure redirection rules through it, same as on stock
         firmware which requires configuring rules through
         VPN Fusion.

         DNS handling will be identical to OpenVPN's Exclusive DNS
         mode, forcing clients to use the DNS provided by it
         (if any is provided).

         Note that enabling WireGuard will disable hardware
         NAT acceleration due to compatiblity reasons.

  - UPDATED: getdns/stubby to 1.7.2/0.4.2.
  - UPDATED: zlib to 1.2.12 + backports.
  - UPDATED: openssl to 1.1.1s.
  - CHANGED: Rebranded DNSFilter as DNS Director.  This will prevent
             confusion with the company sharing the same name, and
             also better describes what the feature does.
  - CHANGED: Setting an OpenVPN client to redirect all traffic while
             in "Exclusive" DNS mode will now force redirect ALL
             DNS traffic just like in VPN Director mode.
             While this will allow redirecting clients with
             hardcoded DNS servers, it also means that your whole
             LAN will lose the ability of doing local name
             resolution.  It might be best to use VPN Director
             in that case to control which client should
             be involved in the DNS redirection, or use
             DNS Director instead of Exclusive DNS mode.
  - CHANGED: (Asus 388) nvram storage increased to 192 KB on newer
             HND 5.04 devices like the GT-AXE16000.
  - CHANGED: Reworked VPN Status page to only show currently
             active services.
  - CHANGED: Reworked VPN Director page design, added buttons to
             access a client's settings page, and allow leaving
             both source and destination IPs empty (for "all").
  - CHANGED: Optimized VPN Director WAN and DNS rule creation, so
             they no longer get re-created multiple times when
             editing VPNDirector rules.
  - FIXED: Wrong temperatures used by the temperature graphs
           (386.8 regression)
  - FIXED: CVE-2022-37434 in zlib.
  - FIXED: GT-AXE16000 random reboots when using an OpenVPN
           client with VPN Director and Adaptive QoS.
  - FIXED: Clients connected to Guest Network 1 aren't
           redirected if NTP interception is enabled.
  - FIXED: Name was truncated to 31 chars when enabling OpenVPN client's
           Server Certificate Name Validation.
  - REMOVED: Interface selector on Speedtest page (no longer
             working, possibly due to an ookla client update)
 

PapaBear66

Poštovan
Učlanjen(a)
14.05.2021
Poruke
349
Poena
55
Moja oprema  
CPU & Cooler
Intel I5 8400
Matična ploča
ASUS ROG STRIX H370F GAMING
RAM
Kinston Fury 32GB DDR4-2666
GPU
NVIDIA GeForce GTX 1060 6GB
Storage
NVME X2 , HDD X2 = 7TB
Zvuk
SupremeFX S1220A-Codec
PSU
CORSAIR 750W Gold Modular
Kućište
Cooler Master Masterbox MB511 RGB
Monitor
GIGABYTE Gaming monitor 27 IPS M27Q-EK
Miš & tastatura
Logitech G603, Logitech MX Keys
Laptop
Asus Vivobook Pro 15 Oled K3500Pc-L1010 Blue
Mobilni telefon
Huawei Mate 10 Pro, Poco F3 8/256
Pametni uređaji
Ticwatch 3 Pro GPS, Sijalice wifi
Steam
Da
Pristup internetu
  1. Optički internet
  2. Mobilni internet
Stavio sinoc na moj GT-AX 6000 i za sad radi kako treba, sve funkcije rade nisam imao crash ili reboot.
Instalirao obicnu verziju ROG mi se ne svidja previse sareno.
Wireguard client radi neverovatno brzo, koristim Nordvpn i Surfshark. Dostize i do 300Mps u downu i 140Mbps u uploadu i to za Ameriku :)
 
OP
OP
alex303

alex303

Čuven
Učlanjen(a)
19.04.2005
Poruke
2,822
Poena
815
Stavio sinoc na moj GT-AX 6000 i za sad radi kako treba, sve funkcije rade nisam imao crash ili reboot.
Instalirao obicnu verziju ROG mi se ne svidja previse sareno.
Wireguard client radi neverovatno brzo, koristim Nordvpn i Surfshark. Dostize i do 300Mps u downu i 140Mbps u uploadu i to za Ameriku :)
Koliko si imao sa OpenVPN-om ? Čisto da znamo koliki je dobitak.
 

PapaBear66

Poštovan
Učlanjen(a)
14.05.2021
Poruke
349
Poena
55
Moja oprema  
CPU & Cooler
Intel I5 8400
Matična ploča
ASUS ROG STRIX H370F GAMING
RAM
Kinston Fury 32GB DDR4-2666
GPU
NVIDIA GeForce GTX 1060 6GB
Storage
NVME X2 , HDD X2 = 7TB
Zvuk
SupremeFX S1220A-Codec
PSU
CORSAIR 750W Gold Modular
Kućište
Cooler Master Masterbox MB511 RGB
Monitor
GIGABYTE Gaming monitor 27 IPS M27Q-EK
Miš & tastatura
Logitech G603, Logitech MX Keys
Laptop
Asus Vivobook Pro 15 Oled K3500Pc-L1010 Blue
Mobilni telefon
Huawei Mate 10 Pro, Poco F3 8/256
Pametni uređaji
Ticwatch 3 Pro GPS, Sijalice wifi
Steam
Da
Pristup internetu
  1. Optički internet
  2. Mobilni internet
Evo sad testiram i nije ko sinoc ni blizu hmmm.
sad su priblizno iste vrednosti 150/50 a sinoc Wireguartd isao do 300 a OpenVPN ko i sad do 150.
Secam se na starom ruteru AC 68U OpenVPN nije hteo preko 50 tako da mnogo znaci jaci procesor na novom ruteru.
Tako da mogu da pocnem da razmisljam da stavljam uredjaje preko rutera, realno imam 5x OpenVPN i 5x Wireguard u VPN Directoru za settings.
Onda 10 uredjaja mogu na 10 lokacija razlicitih u isto vreme, nece to nikad biti korisceno tako naravno niti bi procesor to podneo ali moze.
 
OP
OP
alex303

alex303

Čuven
Učlanjen(a)
19.04.2005
Poruke
2,822
Poena
815
Evo sad testiram i nije ko sinoc ni blizu hmmm.
To je zagušenje na strani NordVPN-a. To je kod njih i ExpressVPN-a normalna stvar jer koriste M247 cloud provajder. Punom brzinom rade samo kad nema mnogo ljudi.
sad su priblizno iste vrednosti 150/50 a sinoc Wireguartd isao do 300 a OpenVPN ko i sad do 150.
Čim si jednom uspeo da dobiješ 300, to je to. WireGuard radi posao.
Secam se na starom ruteru AC 68U OpenVPN nije hteo preko 50 tako da mnogo znaci jaci procesor na novom ruteru.
Naravno da znači. Samo glavni problem sa OpenVPN-om je taj što nije multithreadovan. Ako imaš dual core ili quad core procesor, on vidi samo jedno jezgro. Tu je WireGuard u velikoj prednosti jer je multithreadovan + je mnogo jednostavniji. Zato se i dobijaju ludačke brzine sa njim.
Tako da mogu da pocnem da razmisljam da stavljam uredjaje preko rutera, realno imam 5x OpenVPN i 5x Wireguard u VPN Directoru za settings.
Previše je to za običan consumer router.
Onda 10 uredjaja mogu na 10 lokacija razlicitih u isto vreme, nece to nikad biti korisceno tako naravno niti bi procesor to podneo ali moze.
Sa OpenVPN-om ne, ali mislim da 10 tunela nije problem za WireGuard. Čak i na slabijim routerima sa dual core procesorom.
 

PapaBear66

Poštovan
Učlanjen(a)
14.05.2021
Poruke
349
Poena
55
Moja oprema  
CPU & Cooler
Intel I5 8400
Matična ploča
ASUS ROG STRIX H370F GAMING
RAM
Kinston Fury 32GB DDR4-2666
GPU
NVIDIA GeForce GTX 1060 6GB
Storage
NVME X2 , HDD X2 = 7TB
Zvuk
SupremeFX S1220A-Codec
PSU
CORSAIR 750W Gold Modular
Kućište
Cooler Master Masterbox MB511 RGB
Monitor
GIGABYTE Gaming monitor 27 IPS M27Q-EK
Miš & tastatura
Logitech G603, Logitech MX Keys
Laptop
Asus Vivobook Pro 15 Oled K3500Pc-L1010 Blue
Mobilni telefon
Huawei Mate 10 Pro, Poco F3 8/256
Pametni uređaji
Ticwatch 3 Pro GPS, Sijalice wifi
Steam
Da
Pristup internetu
  1. Optički internet
  2. Mobilni internet

Merlin Firmware v388.1-beta 2​

 
OP
OP
alex303

alex303

Čuven
Učlanjen(a)
19.04.2005
Poruke
2,822
Poena
815
Izašla BETA-3. Upravo flešovao, sve radi ok. Još malo pa final release.

1669243775916.png
 
OP
OP
alex303

alex303

Čuven
Učlanjen(a)
19.04.2005
Poruke
2,822
Poena
815
Izašla BETA-4 iz nekog čudnog razloga. Uflešovano, sve radi ok. Izgleda da ćemo još čekati za final release.

1669811476333.png
 

bmaxa

Poznat
Učlanjen(a)
22.01.2021
Poruke
392
Poena
40
Jako lepa vest za vlasnike jeftinijih Asus AX routera koji ne podržavaju ni jedan drugi firmware osim Merlin Firmware-a. Za one koji ne znaju, premium modeli Asus routera kao što je recimo Asus AC68U podržavaju flešovanje custom firmware-a kao što je OpenWRT, DD-WRT, FreshTomato...itd koji mogu značajno da prošire mogućnosti routera i njihov životni vek. Svi navedeni firmware-i podržavaju WireGuard Client/Server režim što ih čini odličnim za kućnu upotrebu u sprezi sa nekim VPN servisom kao što su Mullvad VPN ili NordVPN.

Jeftiniji Asus AX routeri u koje spada recimo Asus AX56U, nemaju podršku za gore navedene custom firmware. Takvi routeri podržavaju samo Merlin firmware koji je modifikacija originalnog Asus firmware-a sa proširenim mogućnostima. Merlin firmware je do danas podržavao samo OpenVPN a to nije dovoljno zbog mnogo većih brzina interneta. Korišćenje OpenVPN-a protokola na ovim routerima ima kao rezultat veliki pad brzine i odziva interneta kada se koristi neki od VPN servisa. Danas je tome došao kraj, jer je Merlin firmware v388.1-beta 1 napokon dobio full WireGuard Client/Server podršku što će jeftinijim Asus AX routerima drastično povećati vrednost i upotrebljivost a pogotovo brzinu i odziv kada se koristi neki VPN servis.

Trenutno podržani router su:
  • RT-AX56U
  • RT-AX58U
  • RT-AX86U
  • RT-AX88U
  • GT-AX11000
  • RT-AX68U
  • GT-AXE11000
  • ZenWiFi Pro XT12
  • GT-AX6000
  • GT-AXE16000
  • GT-AX11000 Pro
  • RT-AX86U Pro

Firmware se može skinuti odavde. A ovo je changelog.

Kod:
Asuswrt-Merlin Changelog
========================

388.1 (xx-xxx-xxxx)
  - NOTE: This release is only available for AX models.
    AC models will remain on the 386_xx release branch.

  - NEW: Add RT-AX86U_PRO support.
  - NEW: Merged with GPL 388_20566 (RT-AX88U and GT-AX11000)
  - NEW: Merged with GPL 388_21224 (all other AX models)
  - NEW: Experimental ROG UI version for GT models, as a separate
         firmware image within the distribution archive, with
         "_rog" in the filename.
  - NEW: (Asus 388) WireGuard client and server.  The server uses
         the new 388 VPN server webui.  Implemented a webui for
         clients, based on the early development UI from Asus.

         WG client routing is handled by VPN Director - you must
         configure redirection rules through it, same as on stock
         firmware which requires configuring rules through
         VPN Fusion.

         DNS handling will be identical to OpenVPN's Exclusive DNS
         mode, forcing clients to use the DNS provided by it
         (if any is provided).

         Note that enabling WireGuard will disable hardware
         NAT acceleration due to compatiblity reasons.

  - UPDATED: getdns/stubby to 1.7.2/0.4.2.
  - UPDATED: zlib to 1.2.12 + backports.
  - UPDATED: openssl to 1.1.1s.
  - CHANGED: Rebranded DNSFilter as DNS Director.  This will prevent
             confusion with the company sharing the same name, and
             also better describes what the feature does.
  - CHANGED: Setting an OpenVPN client to redirect all traffic while
             in "Exclusive" DNS mode will now force redirect ALL
             DNS traffic just like in VPN Director mode.
             While this will allow redirecting clients with
             hardcoded DNS servers, it also means that your whole
             LAN will lose the ability of doing local name
             resolution.  It might be best to use VPN Director
             in that case to control which client should
             be involved in the DNS redirection, or use
             DNS Director instead of Exclusive DNS mode.
  - CHANGED: (Asus 388) nvram storage increased to 192 KB on newer
             HND 5.04 devices like the GT-AXE16000.
  - CHANGED: Reworked VPN Status page to only show currently
             active services.
  - CHANGED: Reworked VPN Director page design, added buttons to
             access a client's settings page, and allow leaving
             both source and destination IPs empty (for "all").
  - CHANGED: Optimized VPN Director WAN and DNS rule creation, so
             they no longer get re-created multiple times when
             editing VPNDirector rules.
  - FIXED: Wrong temperatures used by the temperature graphs
           (386.8 regression)
  - FIXED: CVE-2022-37434 in zlib.
  - FIXED: GT-AXE16000 random reboots when using an OpenVPN
           client with VPN Director and Adaptive QoS.
  - FIXED: Clients connected to Guest Network 1 aren't
           redirected if NTP interception is enabled.
  - FIXED: Name was truncated to 31 chars when enabling OpenVPN client's
           Server Certificate Name Validation.
  - REMOVED: Interface selector on Speedtest page (no longer
             working, possibly due to an ookla client update)
Merlin samo i moze na high end Asus ruterima :p
Sada su i jeftiniji dobili podrsku. OpenWRT i prijatelji ne valjaju na Asus ruterima, posto koriste open source Wifi drajver, koji ne podrzava MU-MIMO...
Tako da jedini firmware koji valja osim Asus-ovog, je Merlin.
 

PapaBear66

Poštovan
Učlanjen(a)
14.05.2021
Poruke
349
Poena
55
Moja oprema  
CPU & Cooler
Intel I5 8400
Matična ploča
ASUS ROG STRIX H370F GAMING
RAM
Kinston Fury 32GB DDR4-2666
GPU
NVIDIA GeForce GTX 1060 6GB
Storage
NVME X2 , HDD X2 = 7TB
Zvuk
SupremeFX S1220A-Codec
PSU
CORSAIR 750W Gold Modular
Kućište
Cooler Master Masterbox MB511 RGB
Monitor
GIGABYTE Gaming monitor 27 IPS M27Q-EK
Miš & tastatura
Logitech G603, Logitech MX Keys
Laptop
Asus Vivobook Pro 15 Oled K3500Pc-L1010 Blue
Mobilni telefon
Huawei Mate 10 Pro, Poco F3 8/256
Pametni uređaji
Ticwatch 3 Pro GPS, Sijalice wifi
Steam
Da
Pristup internetu
  1. Optički internet
  2. Mobilni internet
Jel vama radi Wireguard?
Meni od B2 ne radi ni jedna konfiguracija na ruteru, Nord, Surfshark ili Keepsolid.
Sve isto ko i kod B1ali ne radi startujem u Directoru i pokaze zelenu kvaku ali kad odem u vpn client wireguard pise enabled ali stopped.
1669894393324.png1669894455018.png
 
OP
OP
alex303

alex303

Čuven
Učlanjen(a)
19.04.2005
Poruke
2,822
Poena
815
Taj problem ima i fabrički firmware kada se koristi OpenVPN. To se vuče već godinama. Kada se mnogo flešuje i mnogo čačka oko VPN-a, ta stranica pobrljavi. Ja sam to rešavao tako što stvarno stavim client na disable i rebootujem router. Posle reboot-a uradim enable i sve radi. Kad to ne pomogne, onda obrišem ceo setup i krenem od nule.
 

PapaBear66

Poštovan
Učlanjen(a)
14.05.2021
Poruke
349
Poena
55
Moja oprema  
CPU & Cooler
Intel I5 8400
Matična ploča
ASUS ROG STRIX H370F GAMING
RAM
Kinston Fury 32GB DDR4-2666
GPU
NVIDIA GeForce GTX 1060 6GB
Storage
NVME X2 , HDD X2 = 7TB
Zvuk
SupremeFX S1220A-Codec
PSU
CORSAIR 750W Gold Modular
Kućište
Cooler Master Masterbox MB511 RGB
Monitor
GIGABYTE Gaming monitor 27 IPS M27Q-EK
Miš & tastatura
Logitech G603, Logitech MX Keys
Laptop
Asus Vivobook Pro 15 Oled K3500Pc-L1010 Blue
Mobilni telefon
Huawei Mate 10 Pro, Poco F3 8/256
Pametni uređaji
Ticwatch 3 Pro GPS, Sijalice wifi
Steam
Da
Pristup internetu
  1. Optički internet
  2. Mobilni internet
Probao ne pomaze, restartovao router i importovao postavke na novo.
Za razliku od openvpn u wireguard postavkama nema dugmeta Default da se postavke vrate na "prazno".
Openvpn radi bez problema sta god da ubacim, tako da sumnjam na firmware i dalje a neda mi se da restujem router na fabricke pa sve iz pocetka.
To cu kad izadje finalna verzija ovog firmwarea, do sad flashujem dirtu jedno preko drugog.
 
OP
OP
alex303

alex303

Čuven
Učlanjen(a)
19.04.2005
Poruke
2,822
Poena
815
Pa možeš da sačivaš config, uradiš factory defaults, i onda opet učitaš config. Ne gubiš baš ništa.
 

PapaBear66

Poštovan
Učlanjen(a)
14.05.2021
Poruke
349
Poena
55
Moja oprema  
CPU & Cooler
Intel I5 8400
Matična ploča
ASUS ROG STRIX H370F GAMING
RAM
Kinston Fury 32GB DDR4-2666
GPU
NVIDIA GeForce GTX 1060 6GB
Storage
NVME X2 , HDD X2 = 7TB
Zvuk
SupremeFX S1220A-Codec
PSU
CORSAIR 750W Gold Modular
Kućište
Cooler Master Masterbox MB511 RGB
Monitor
GIGABYTE Gaming monitor 27 IPS M27Q-EK
Miš & tastatura
Logitech G603, Logitech MX Keys
Laptop
Asus Vivobook Pro 15 Oled K3500Pc-L1010 Blue
Mobilni telefon
Huawei Mate 10 Pro, Poco F3 8/256
Pametni uređaji
Ticwatch 3 Pro GPS, Sijalice wifi
Steam
Da
Pristup internetu
  1. Optički internet
  2. Mobilni internet
Da nista sem sto ce me ukucani lincovati zbog downtime routera.
Videcu jedino nocu ili neko vreme kad niko u kuci ne koristi net, preko 20 raznih uredjaja je sto na LAN sto na VLAN.
 
Vrh Dno