xlr8r Posted February 8, 2019 Share Posted February 8, 2019 On 2/5/2019 at 6:46 PM, Netduma Fraser said: So you never encounter this issue if VPN is completely disabled? Can you get the log when the issue occurs please if thats the case. Yes, internet drops only when Hybrid VPN is enabled. i sent the log the last time to another Admin (cant rem which one) but heard nothing since. just gona abandon the Hybrid VPN for now. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 9, 2019 Administrators Share Posted February 9, 2019 If you can provide it again, I'll chase the team Link to comment Share on other sites More sharing options...
terabyte Posted February 11, 2019 Author Share Posted February 11, 2019 There we go. The VPN just crashed again and brought down the whole wifi network with it. I guess it happens because all wifi devices are set to use Hybrid VPN? The error log in System Information is still the same as the ones I provided before here in this same topic's first post and in the PM I sent. === I just had a thought. The Hybrid VPN log was quite huge when I checked this morning (pages and pages of it). Could it be that it is somehow reaching some kind of limit and when that happens the whole thing comes down? Maybe trimming the log is all it would take. (Yeah, just dreaming, ignore me...) Link to comment Share on other sites More sharing options...
xlr8r Posted February 12, 2019 Share Posted February 12, 2019 14 hours ago, terabyte said: There we go. The VPN just crashed again and brought down the whole wifi network with it. I guess it happens because all wifi devices are set to use Hybrid VPN? The error log in System Information is still the same as the ones I provided before here in this same topic's first post and in the PM I sent. === I just had a thought. The Hybrid VPN log was quite huge when I checked this morning (pages and pages of it). Could it be that it is somehow reaching some kind of limit and when that happens the whole thing comes down? Maybe trimming the log is all it would take. (Yeah, just dreaming, ignore me...) i had been thinking the same thing, perhaps if next firmware has a toggle for disabling logging....? (like any other router) Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 12, 2019 Administrators Share Posted February 12, 2019 23 hours ago, terabyte said: There we go. The VPN just crashed again and brought down the whole wifi network with it. I guess it happens because all wifi devices are set to use Hybrid VPN? The error log in System Information is still the same as the ones I provided before here in this same topic's first post and in the PM I sent. === I just had a thought. The Hybrid VPN log was quite huge when I checked this morning (pages and pages of it). Could it be that it is somehow reaching some kind of limit and when that happens the whole thing comes down? Maybe trimming the log is all it would take. (Yeah, just dreaming, ignore me...) Every device that you had added to VPN was via WiFi? So no ethernet devices were added and they did not go down? Do you have block traffic if VPN disconnects enabled? That's pretty interesting, could be on to something there potentially. Link to comment Share on other sites More sharing options...
terabyte Posted February 12, 2019 Author Share Posted February 12, 2019 45 minutes ago, Netduma Fraser said: Every device that you had added to VPN was via WiFi? So no ethernet devices were added and they did not go down? Do you have block traffic if VPN disconnects enabled? That's pretty interesting, could be on to something there potentially. I currently have 2 wired/ethernet devices. My desktop and my NAS. My desktop is excluded from VPN and kept working just fine. But the NAS (which is linked to the VPN) also couldn't connect to the internet anymore. And yes, I currently have the option block traffic if VPN disconnects enabled right now. But I tested with it disabled before and nothing changed. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 12, 2019 Administrators Share Posted February 12, 2019 Okay so even with that disabled the VPN crashed and all devices under it still lost connection? Link to comment Share on other sites More sharing options...
terabyte Posted February 12, 2019 Author Share Posted February 12, 2019 44 minutes ago, Netduma Fraser said: Okay so even with that disabled the VPN crashed and all devices under it still lost connection? Yes, all devices set to use the VPN lost the internet connection instead of being re-routed to no-VPN (except my desktop which wasn't using the VPN from the start). Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted February 12, 2019 Administrators Share Posted February 12, 2019 Thanks for the info, I've passed your theory and experiences to the devs Link to comment Share on other sites More sharing options...
nisavid Posted February 16, 2019 Share Posted February 16, 2019 I've had a similar experience with Hybrid VPN on my XR700, also with ProtonVPN (mostly using their UDP config for routers, but also confirmed with their TCP config for routers). In an attempt to verify and pinpoint the issue, I reproduced it after resetting to factory settings (with official firmware 1.0.1.8), manually reapplying all of my settings, leaving the Hybrid VPN configuration for last. Very soon after I enabled Hybrid VPN for the first time, some of my devices lost IPv4 connectivity, and all the rest followed likewise during the next several hours. From the devices' standpoint, the symptoms indicated that the router's DHCP server was not responding to their requests, so they were falling back to auto-configured private (169.254/16) addresses. From the router's standpoint, according to the logs, it was assigning leases when requested, without any noted issues. This behavior continued even after disabling the Hybrid VPN, and likewise after disabling the (inbound) VPN service, Dynamic DNS, IPv6 routing, and all Wi-Fi antennas. IPv6 connectivity was initially not affected, although eventually it went down too (for all devices at once) after I toggled various settings back and forth (I don't recall which ones). I could not find any way to restore it, thus rendering the router completely non-functional. Another factory reset restored all functionality and connectivity, and likewise after restoring the configuration from a backup snapshot created prior to setting up the Hybrid VPN. Again I configured Hybrid VPN, and again it brought down DHCP and IPv4 connectivity over the course of several hours, remaining that way even after I disabled Hybrid VPN. I left it this way for around 8 hours, during which I did not observe any further changes—DHCP and IPv4 connectivity were still broken, and IPv6 connectivity was still normal. Note that I do not use DHCP for my IPv6 LAN. Suspecting some sort of buggy caching behavior in the DHCP server, I changed my IPv4 LAN prefix (from 10.𝑥.0/24 to 10.𝑦.0/24). Immediately, all devices regained IPv4 connectivity, obtaining DHCP leases without any issues. Remarkably, this continued to be so even after I enabled the previously configured Hybrid VPN. In the several hours since, I have not observed any further issues. I have not yet tested the actual Hybrid VPN functionality; it is configured and connected, but it is not yet configured to service the traffic for any of my devices. I'm hesitant to make any further changes to the router's configuration until this issue is diagnosed more thoroughly and we have either a permanent fix or at least a more complete description of the impact. [TL;DR:] At least in my case, the particular issue appears to be that configuring a Hybrid VPN breaks the IPv4 DHCP server for the network prefix that is configured at the time. Changing the IPv4 network prefix appears to be a complete and reliable workaround, assuming no further changes to the configuration. [EDIT: This only helped temporarily. See the next post in this thread.] [EDIT] The specific VPN configuration I am using is ProtonVPN's UDP configuration for routers, routing through their Secure Core via Iceland and exiting in Canada. Regarding alternative configurations, I have only reproduced this issue from scratch (i.e. from no Hybrid VPN setup, after a factory reset) using those choices. However, I have confirmed that, after triggering the issue, reconfiguring the Hybrid VPN (not from scratch) to either use TCP (with all other choices as stated) or route through Germany via Iceland (with all other choices as stated) does not resolve the issue. I have not done any testing with their single-hop (e.g. straight to Canada) configurations, nor with their Tor-routed configurations. In case it's relevant: I am using a ProtonVPN Plus subscription. Link to comment Share on other sites More sharing options...
nisavid Posted February 17, 2019 Share Posted February 17, 2019 Regarding the above-mentioned workaround: I spoke too soon. After working without any apparent issues for several hours, the router abruptly resumed its previous broken behavior (no DHCP for IPv4). As before, disabling Hybrid VPN (and rebooting) did not fix it. I saved a backup snapshot of my configuration and reset to factory settings. After restoring the backed-up settings, I noticed that although some settings (e.g. LAN prefix, Wi-Fi SSID, Wi-Fi password) were restored, others (e.g. custom device names, dashboard layout) were not. I restored from the same snapshot a second time, which successfully restored all of my settings. (I mention this not only because it's a significant bug, but also because this is the second time I've seen it while troubleshooting this issue, so perhaps the underlying causes are somehow related.) More to the point, IPv4 DHCP functionality was also restored. I left it this way for 24 hours to affirm that this wasn't another ephemeral fix, and indeed, I did not observe any further incidents. For now, I am concluding that Hybrid VPN should be avoided altogether until Netduma releases a fix. A pity, because this is one of the features that excited me about this router, as it's (to my knowledge) the first of its kind. Perhaps it will inspire a similar feature—that is, selective routing to an outbound VPN, without requiring any manual setup of VLANs or iptables rules—among the open source router firmware projects. It's a good idea. Link to comment Share on other sites More sharing options...
Administrators Netduma Admin Posted February 17, 2019 Administrators Share Posted February 17, 2019 Hi Nisavid - thanks for joining the forum and for your detailed write up, really appreciate you taking the time helping us. I can't say when an update will be released, by I can assure you we're looking into improvements for Hybrid VPN and any/all user feedback is very helpful. Thanks again. Link to comment Share on other sites More sharing options...
terabyte Posted April 9, 2019 Author Share Posted April 9, 2019 Was anything changed with the latest FW v1.0.1.10? After updating to it more than a week ago I haven't had any wifi issue so far. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted April 9, 2019 Administrators Share Posted April 9, 2019 4 hours ago, terabyte said: Was anything changed with the latest FW v1.0.1.10? After updating to it more than a week ago I haven't had any wifi issue so far. That's great to hear, there were changes yes to try and resolve a disconnection issue. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.