Joined: 07 Jan 2025 Posts: 242 Location: Bethel Park, PA, USA
Posted: Wed Jun 18, 2025 4:01 Post subject:
ssergey wrote:
If anyone can test the tunnel from Hurricane Electric, please conduct tests to identify errors. There is a well-founded concern that the tunnel connection is unstable. Almost a day on the new firmware and there was a break in the connection. Restarting the router did not help. The connection was restored after manually applying the settings on the tab IPv6.
Sorry if this is a duplicate post but I don't see my reply...
I have been testing Hurricane off an on for the last few builds. I was getting an IPv6 address on the router, and on my clients, but I couldn't ping IPv6 addresses or resolve DNS to an IPv6 address. This is the first build where it's working as expected. Hurricane tunnel has been up for about 3 hours now. I'll let it go a bit longer and see if it's stable. I usually do native IPv6 from my ISP (DHCP with prefix delegation). _________________ Formerly dpp3530 Linksys MR7350
Gateway, 2 wired APs, NSS-ECM , Clock 1440MHz
VAPs on wlan0 and wlan1 for guest/IOT devices
IPv4 & IPv6 (Prefix Delegation)
Static Leases & DHCP
SmartDNS (DOT using NextDNS, Cloudflare), DNSMasq
Wireguard and OpenVPN server
2.4GHz: dd-wrt, AX Only, ACK Timing 1350, WPA3 SAE & WPA2 w/AES
5GHz: dd-wrt, AX/AC/N Mixed, ACK Timing 1350, WPA3 SAE & WPA2 w/AES
Verizon Fios, 500/500Mbps
Sorry if this is a duplicate post but I don't see my reply...
I have been testing Hurricane off an on for the last few builds. I was getting an IPv6 address on the router, and on my clients, but I couldn't ping IPv6 addresses or resolve DNS to an IPv6 address. This is the first build where it's working as expected. Hurricane tunnel has been up for about 3 hours now. I'll let it go a bit longer and see if it's stable. I usually do native IPv6 from my ISP (DHCP with prefix delegation).
On the previous firmware build it didn't work at all. There was one connection break in 24 hours. I don't think I'll ever find out the reason for this.
There may be several reasons, including firmware stability
Update method: Web
Router/Version: Linksys MX4300
Previous/Reset: DD-WRT v3.0-r61337
Mode/Status: Gateway / Working Normally
Issues/Errors: Yes
Using guest network configuration on my 2.4Ghz network.
Also assigned many client to static to static leases.
Upgraded from 61337 through web as I usually do without reset to factory setting.
none of the guest client were able to connect, also the dhcp clients list under status --> LAN wouldn't populate.
Went back to r61337 _________________ Linksys MX8500
Joined: 16 Nov 2015 Posts: 7069 Location: UK, London, just across the river..
Posted: Wed Jun 18, 2025 11:22 Post subject:
Issues/Errors: Static Leases --> Lease Expiration cannot be blank (infinite).
Quote:
Jun 17 18:50:00.380 DD-WRT user.info : [dnsmasq] : maybe died, we need to re-exec it
Jun 17 18:50:00.486 DD-WRT daemon.crit dnsmasq[2105]: bad option at line 11 of /tmp/dnsmasq.conf
Jun 17 18:50:00.488 DD-WRT daemon.crit dnsmasq[2105]: FAILED to start up
Jun 17 18:50:00.489 DD-WRT user.info : [dnsmasq] : Error on startup, returncode 1
It will error out and change /tmp/dnsmasq.conf to
Quote:
dhcp-host=EC:71:DB:XX:XX:XX,DEVICENAME,192.168.XXX.XXX,infinite
m
bogus-priv
Workaround by adding 1440 to Lease Expiration, /tmp/dnsmasq.conf will change to this
if in hostname user write wrong sign like: ()_ etc. DHCP don't run after restart router
[color=red]similar with field "Lease Expiration"
if user leave it empty, DHCP don't run run after restart router
nope that magic didnt work...on R7800 nor XR500...and yes on my x2 R7800 those ware expressed differently...things i havent tried is to delete all boxes static leases and addd those via dnsmasq rules...as this R7800 with those was able to flash all the rest gone to bootloop...interesting they went to bootloop with no way to be reseted via button...not even with 5 times bad boot ...there is something odd with this build...and noting that fixes it in the logs...apart of adding new hardware and so on R7800 wifi performance is also from bad to worst...
p.s.
Finally.... yes things i haven't tried is to delete all boxes static leases and add those via dnsmasq rules .....removed all those boxes with static leases and XR500 update worked...but not for R7800..still investigating... _________________ Atheros
TP-Link WR1043NDv2 -DD-WRT 62606 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 -DD-WRT 63257 GTW/SmDNS/DoT,AD-Blk,Forced DNS,AP&Net Isolation,x2VLAN,Vanilla
Netgear R7800 --DD-WRT 62606 Gateway/DNSCryptv2,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla,VPN cli
Netgear R9000 --DD-WRT 62606 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Dynalink DL-WRX36-DDWRT 62606
Broadcom
Netgear R7000 --DD-WRT 63257 GTW/DNScrypt-proxy2/AD-Block,IPset Firewall,Forced DNS,x4VLAN,VPN cli
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Wed Jun 18, 2025 14:06; edited 1 time in total
the problem was with lease expiration, it was empty on my router, thus on dnsmasq it was infinite, I changed it to 999999999 in the GUI and now it is working. _________________ Linksys MX8500
Joined: 07 Jan 2025 Posts: 242 Location: Bethel Park, PA, USA
Posted: Wed Jun 18, 2025 13:21 Post subject:
dplotz wrote:
I have been testing Hurricane off an on for the last few builds. I was getting an IPv6 address on the router, and on my clients, but I couldn't ping IPv6 addresses or resolve DNS to an IPv6 address. This is the first build where it's working as expected. Hurricane tunnel has been up for about 3 hours now. I'll let it go a bit longer and see if it's stable. I usually do native IPv6 from my ISP (DHCP with prefix delegation).
Well, sometime between when I went to bed at midnight, and 8AM when I got up, the tunnel stopped routing. I don't see anything in the log specifically pertaining to IPv6, but I see this sequence repeating periodically in the log after 5:33AM. Only thing I see unusual that could be related.
Joined: 04 Aug 2018 Posts: 1577 Location: Appalachian mountains, USA
Posted: Wed Jun 18, 2025 15:36 Post subject:
blaser wrote:
thanks
the problem was with lease expiration, it was empty on my router, thus on dnsmasq it was infinite, I changed it to 999999999 in the GUI and now it is working.
If you leave the lease-time empty in a dnsmasq config "dhcp-host=" line, it normally defaults to the lease expiration setting from GUI>Settings>BasicSetup. It does not default to infinite. _________________ On 61465: 3x Dynalink DL-WRX36, Linksys MX4200v2, 2x MR7350. WPA2personal/WPA3 w/ AES, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), Two SmartDNS/DoT providers and one DNSCrypt provider via VPNs. DNSmasq manages that plus ad blocking and local DNS.
Last edited by SurprisedItWorks on Thu Jun 19, 2025 14:32; edited 1 time in total
I did so, looking at dnsmasq.conf I see infinite, also I see the letter m
after each line
dhcp-host=44:61:32:xx:xx:xx,Ecobee4-downstairs,192.168.2.103,infinite
m
and some of the appliances will not connect _________________ Linksys MX8500
Posted: Wed Jun 18, 2025 21:34 Post subject: OpenVPN server not work
Router/Version: TP-Link TL-WR1043ND v2
Update method: WebUpgrade
File/Kernel: tplink-tl-wr1043nd-v2.bin
Previous/Reset: r59468 / YES
Mode/Status: router
Issues/Errors:YES and for a long time.
Hello, I tried again and the OpenVPN server still doesn't work...
02-02-2025-r59468=OpenVPN server working for me
02-09-2025-r59582=OpenVPN server stopped working for me.
06-17-2025-r61806=OpenVPN server still not working.
Even with the latest build OpenVPN server still doesn't work. Is it even worth writing about here? I've been writing here for several months... and the fix is simple.
Today I generated again completely new openvpn files but still the same problem, in the old build the VPN server works but in the new one it doesn't.
Is there a way to go back from that stupid custom WolfSSL to good quality and verified OpenSSL? Or at least give the option to choose OpenSSL for the OpenVPN Server?
Previous code (error still the same in the new build):
Code:
Apr 19 16:21:38.563 TP-LINK daemon.err openvpn[1002]: MyIP:40686 VERIFY ERROR: depth=0, error=no support for error strings built in: CN=egcs-client1, serial=.....
...
Apr 19 16:22:20.445 TP-LINK daemon.err openvpn[1002]: MyIP:40535 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
R7800 wifi performance is also from bad to worst... 
