Networking

Asus AiMesh Routers – Show Ethernet Link Speed via CLI

/ Christopher Paquin / Leave a comment

Introduction

How to show ethernet connection link speed on Asus AiMesh routers via SSH. While you can see the link speeds via the Web UI for the main AiMesh router, you cannot, as far as I can tell, find the same info for each of your AiMesh nodes. Normally on a Linux system I would use Ethtool to show my such info, but we are running ASUSWRT, and do not want to have to install any additional packages.

Enter robocfg

The command you are looking for is “robocfg

Below is an example of the output from one of my AiMesh Nodes (not primary). Specifically I am looking to see the connection speed on port0 as this is my backhaul network

Command below.

admin@RT-AC68U-CA00:/tmp/home/root# robocfg show
Switch: enabled 
Port 0: 1000FD enabled stp: none vlan: 2 jumbo: off mac: f8:0f:f9:98:a3:1e
Port 1:  100FD enabled stp: none vlan: 1 jumbo: off mac: 9c:8e:cd:09:f6:1b
Port 2:  100FD enabled stp: none vlan: 1 jumbo: off mac: 9c:8e:cd:13:32:5f
Port 3:  100FD enabled stp: none vlan: 1 jumbo: off mac: 9c:8e:cd:12:32:29
Port 4:   DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 5: 1000FD enabled stp: none vlan: 1 jumbo: off mac: 68:1d:ef:21:d3:9b
Port 7:   DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 8:   DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
VLANs: BCM5301x enabled mac_check mac_hash
   1: vlan1: 1 2 3 4 5t
   2: vlan2: 0 5t
1045: vlan1045: 0 2 3t 7 8t
1046: vlan1046: 1 3 4t 5 7
1047: vlan1047: 0t 4t 7
1099: vlan1099: 3t 4
1100: vlan1100: 5t 8u
1101: vlan1101: 0t 3 4 7 8u
1102: vlan1102: 1 2 3t 4t 5t 7t
1103: vlan1103: 1 3t 4 5

Screenshot for reference

What else does robocfg do?

Appears that you can also use robocfg to set link speeds and disable/enable ports – Here is more info

Asus AIMesh – Find AI Mesh Node IP addresses and Test Connectivity

/ Christopher Paquin / Leave a comment

Introduction

This post will show you how to find the dynamic ip address assigned to your AiMesh node, and then test connectivity via ping.

Currently using 3 Asus AiMesh (similar to what is shown above) nodes in my home network to provide decent wireless coverage in my home. With so many devices using wireless these days, you are bound to run into a number of devices that just have terrible WIFI radios, and therefore are difficult to keep online unless they are right next to the wireless router.

I recently experienced an issue with poor connectivity between nodes, this was mostly due to the fact that I was not using a wired backhaul between nodes to connect the “mesh“, rather I was using 5ghz wifi to connect the nodes. This is not optimal, so I purchased a couple of Powerline ethernet adapters to “wire” the backhaul,

Note, My main router is a RT-AC68R. I am currently running Firmware Version 3.0.0.4.386_43129, directly from Asus, have not explored using Merlin with my AiMesh routers.

Once you connect an existing router to your main AiMesh router, it appears that any static IP addresses assigned to any of the devices removed and an IP address is statically assigned. Finding that IP is the challenge, as you need that to test connectivity

Finding IP addresses of AiMesh Nodes

Select Network Map, if this is not the default screen you see after login.

Click the Number by “AiMesh Node” – I have two additional nodes, so the number I see is “2“. Click this number.

You will now see your AiMesh nodes in the right pane.

Now select each node individually by clicking on them. This will result in a pop-up window that will show you the IP of each node. In the example below, the IP address of my node in the basement is 192.168.0.164.

Testing Connectivity via Ping

Select Network Tools under Advanced Settings in the left pane.

Using Ping as method, enter your AiMesh Node IP address in the target, set count. I suggest at least 10 or more packets. Then mash Diagnose. This will show your the time a packet and its response take to travel to the selected IP and then back again.

Asus RT-AC66U: How to Configure DHCP Static IP Reservations for IOT/Smart Home Devices

/ Christopher Paquin / 1 Comment

533bdddb0ad6e58

I’ve never been a fan of using DHCP reservations to reserve an IP address for a device. However, there are a few situations where a static reservation is the best route to take.

Try your hand with Home Automation via devices like the Wink Hub,  IP cameras,  smart plugs,  satellite receivers, or even the Raspberry Pi and you will know full well the right time to use a static IP reservation.

In this post, I am going to walk you through that process on the Asus RT-AC66u.

First, log into your Routers webUI, select “LAN” in the left-hand menu. Then select the “DHCP Server” tab. Scroll midway down the page. Locate “Enable Manual Assignment” and select the “Yes” radio button.

asus0

 

Just below the section above, you will see a drop down box that you can use to select your device using the MAC or currently assigned IP. Enter the “Hostname” for the device. Select “Add/Delete“. This will add your device to the list.

 

asus3

Scroll down and find your device in the list. Select the icon to the left.  Change the “Name” of the device if you so desire. The only really important information here is the “IP” and the “MAC”. 

asus4

 

 

Here you also can change the default icon for the device, or add your own custom icons. Here, I am using a camera icon that I downloaded.

asus6

 

Below you can see some of the custom icons and names that I have set to help me keep track of my devices.

asus-1

 

Asus RT-AC66: Cannot Login Unless Logout Another User First

/ Christopher Paquin / 1 Comment

asus-rt-ac66u

 

When attempting to login to your router’s webUI, you may have run into the error below.

cannot Login unless logout another user first.

This error is usually caused by improperly closing router’s WebUI. This can occur if you are logged in and lose connectivity, or if your browser crashed.

Fortunately, the fix is simple… Assuming you have SSH enabled.

First, SSH into your router and run the two commands shown below.

admin@RT-AC66U:/tmp/home/root# nvram unset login_ip
admin@RT-AC66U:/tmp/home/root# nvram commit

See screenshot below

login-cleanup

Now, attempt to login via the webUI. You should be able to log in without issue.

If you do not have SSH or telnet enabled, you can just power cycle your router.

 

 

Asus RT-AC66U – Installing the ipkg Command

/ Christopher Paquin / Leave a comment

asus-rt-ac66u

Note: The RT-AC66U and the RT-AC66R are identical other than their product number. The RT-AC66R is the product sold through Best Buy and RT-AC66U is the product sold directly from ASUS.

IPKG is a cli utility used for package management. It is required to have ipkg installed if you want to configure your router for SNMP,  install BIND, or view I/O to a usb disk as you will need to install software packages that are not included in the stock firmware.

Note: I am running the ASUSWRT-Merlin firmware, you can find it here. The stock firmware may be a bit different, so you might not see the exact screens as shown below.

Prerequisite : USB Drive

To install ipkg you will need to install Download Master.  To Install Download Master you will need to have a USB drive plugged into the router and mounted. In the image below you can see my USB disk, labeled as “SMI USB DISK”

asus-0

Troubleshooting USB Drives

I had a bit of an issue here as I was trying to mount a drive that was formatted as EXT4. Apparently this was not supported. See error below.

EXT3-fs: sda1: couldn’t mount because of unsupported optional features (240).
EXT2-fs: sda1: couldn’t mount because of unsupported optional features (240).

I pulled the drive, reformatted as EXT3 and was off and running.

usb 1-1.1: USB disconnect, address 4
usb 1-1.2: new high speed USB device using ehci_hcd and address 5
usb 1-1.2: configuration #1 chosen from 1 choice
scsi2 : SCSI emulation for USB Mass Storage devices
scsi 2:0:0:0: Direct-Access SMI USB DISK 1100 PQ: 0 ANSI: 4
sd 2:0:0:0: [sda] 8196096 512-byte hardware sectors (4196 MB)
sd 2:0:0:0: [sda] Write Protect is off
sd 2:0:0:0: [sda] Mode Sense: 43 00 00 00
sd 2:0:0:0: [sda] Assuming drive cache: write through
sd 2:0:0:0: [sda] Assuming drive cache: write through
sda: sda1
sd 2:0:0:0: [sda] Attached SCSI removable disk
sd 2:0:0:0: Attached scsi generic sg0 type 0

You can find the list of supported formats and partition sizes here. I would suggest EXT3. NTFS and FAT32 are supported, but I have heard that you might run into issues.

Installing Download Master

Now that you have your USB disk mounted you can install Download Master.

Select USB Applications on the left pane. Then click on Download Master. In the example below, you can see that I have already performed the install.

asus-2

You should see the screen below once Download Master is installed.

asus1

Accessing the Router via the CLI

Now you can either telnet or SSH to your router using its LAN IP address.  Note that telnet is the default protocol, however you can enable SSH by clicking on “Administration” in the lower left pane, and then clicking the “System” tab. Under “SSH Daemon” select “Enable SSH”.

asus-3

Ipkg installs to the path shown below.

# which ipkg
/opt/bin/ipkg

A guide to using ipkg can be found here.

 

 

Introduction to Managing OVS Bridges

/ Christopher Paquin / 1 Comment

London Bridge

Open Vswitch is an Open Source software switch designed specifically to be used in virtualized environments such as OpenStack or RHEV-H.  OVS (Open Vswitch) was designed to make it easier to manage, configure, and monitor virtual traffic within a virtualized environment.

Below, is Part 1 in what I suspect will be a multiple part series on configuring, viewing, and managing your virtualized network via OVS.

Viewing OVS Bridges

To view OVS Bridges configured on a system, use the command ovs-vsctl as shown below. On my test system, we have three configured bridges; br-ex, br-int, and br-tun.

# ovs-vsctl show
b5aa3cf4-d962-4cb2-b3b6-20f0b4858f59
Bridge br-ex
Port br-ex
Interface br-ex
type: internal
Port “eth0”
Interface “eth0”
Port phy-br-ex
Interface phy-br-ex
type: patch
options: {peer=int-br-ex}

Bridge br-int
fail_mode: secure
Port int-br-ex
Interface int-br-ex
type: patch
options: {peer=phy-br-ex}
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port br-int
Interface br-int
type: internal

Bridge br-tun
fail_mode: secure
Port br-tun
Interface br-tun
type: internal
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
ovs_version: “2.4.0”

The output from the command above is rather verbose. If you prefer a more terse output you best try the command below. In this instance the only output is the name of our bridges.

Continue reading

Configure Syslog Logging Levels on the Asus RT-AC66U Router

/ Christopher Paquin / 22 Comments


4614_WizardStressToy_1

So here is a quick little one that I figured out the other day. Having just setup a Splunk server at home I wanted to make sure that I was not going to hit the data limit of 500mb a day for the free version of Splunk. I figured out pretty fast that my ASUS RT-AC66U was a very chatty-cathy when it came to syslog… sending me all sorts of very raw data that I was, at least at first, not so sure I was interested in indexing. So I hit the cli and started poking around.

First off, before we jump in, let’s make sure that we are all on the same page. First thing to note is that I am running the custom Merlin firmware, however that doubt that the stock firmware is much different. Second, let’s make sure that we all know how to configure syslog on our Asus.

To setup forwarding syslog to a remote syslog server, you first client on “Administration” in the “Advanced Settings” panel on the left. Then select the “System” tab near the top of the page. Scroll down to “Miscellaneous”. This section is shown below. Enter the IP address of your syslog server (or Splunk server in this case) in the “Remote Log Server” field.

syslog_asus

Now lets get down to the business of adjusting our logging level. First you need to ssh into your router.

Note that it appears that by default the log level is set to 7.

admin@RT-AC66U: # nvram show | grep log_level
log_level=7

Now before you get too excited, I am actually not sure that the main log level adheres to rfc5424. I have yet to find any published documentation from Asus to confirm this. However, according to this guy’s blog, this configuration might be a bit less chatty. Note that there are a few additional settings here which you can play around with. With these settings, I am assuming that 1 is on, and 0 if off. I am still experimenting.

admin@RT-AC66U: # nvram set log_level=2
admin@RT-AC66U: # nvram set log_enable=1
admin@RT-AC66U: # nvram set log_rejected=1
admin@RT-AC66U: # nvram set log_dropped=1
admin@RT-AC66U: # nvram set log_accepted=0

Now lets save our change and reboot

admin@RT-AC66U: # nvram commit
admin@RT-AC66U: # reboot

Note that there also is a vpn_loglevel=3 setting that can be configured via nvram. This setting might be useful to those running a VPN server on their router.