Jump to content


Forum Members
  • Posts

  • Joined


  • Keenetic
    Carrier, 3.09.A.5

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

rAcKShen's Achievements


Member (2/5)



  1. That is easy to explain: When you go through the wizard, you cannot deny it, it just happens. So it happened to me on the first time. I am sure that happens everyone who is not on the stable release but resets his device. Back then, I am not sure, I understood the downgrade is related to the wizard. First, I thought, the wizard is just re-installing some components as it always does. So I trapped into this a second time later. And then, I trapped into this a third time because it is so unusual and I forgot about it. So, my experience is actually the problem here: My expectation is still that this should not happen. So I placed a post-it on the device. Perhaps that helps next time. There is a second issue: When the device starts up, you cannot deny the wizard, the first step is always within the wizard. At least the wording is giving that impression. Only, only, only on page two of the wizard (not earlier, not later) I am able to exit the wizard. I had to find that button. I missed that several times, too. There is a third issue: 3.9 Alpha adds a new connection setup (DS-Lite with AFTR), which is needed here for one of my ISPs. So, I was curious to test the wizard how it is handled there. And then, at the end, I get downgraded to a version which does not give me access to that ISP. So, actually, I am wrong in my previous prost; I could test the wizard. Just get a bit of additional work afterwards. If Keenetic wants to force an update, OK. But then please on the branch were I left. Even better: If I am on a non-stable (faster) branch, ask whether I want to continue on that branch, or whether I want to go for one of the slower branches.
  2. When I enable the guest segment and connect a (W)LAN client, I do not see any IPv6 (Router Advertisements). Therefore, my client does not create an IPv6 address. Therefore, no IPv6 connectivity. Is that expected? The IPv6 prefix of my Internet Service Provider is large enough for several segments.
  3. OK. That is bad because – with my workaround above – several things are not set as expected by Keenetic support. That again can be workedaround with the trick of Ahmed. Thanks for that! However, I want to test the wizard actually, with the latest release (because of the new DS-Lite support). I cannot do that. If possible, that choice should be reconsidered. Never saw a downgrade with other vendors because of resetting and using a wizard. Was very unexpected. So unexpected, I forgot and got downgraded several times by now. 🤪
  4. For Dynamic DNS, I use No-IP. KeeneticOS 3.9 Alpha 4 sends the IP updates (and my password) in clear text because it uses HTTP. Is there a reason not to use HTTPs as offered by No-IP?
  5. Using the latest 3.9 alpha 4, PPPoE, IPv6 component installed and enabled … IPv6 works great on my clients. However, in Apple macOS, I do not see a DNS server via IPv6, just IPv4. Therefore, I opened Wireshark and filtered for icmpv6.type == 134 || dhcpv6. The router advertisement (RA) has the flag Other set. Therefore, LAN clients ask the (stateless) DHCPv6 server for the DNSv6 server. And that server does not answer. Is the RA simply wrong and there should be not DHCPv6 server. Or is the DHCPv6 server simply not running? Yes, I know, from the user experience, this is no issue because I can do IPv6 (DNS-AAAA) even via the existing DNSv4. However, my clients search for that DHCPv6 server all day long. And this is not the way it was designed. Either the Other flag is set incorrectly. Or a DHCPv6 server should answer.
  6. OK. Then, I do not understand it. Exactly, every 24 hours, another, a different IP is connected. I am not so much about that daily phoning home, I am more confused by that several ones after the first start. I see five TLS connections, some to the same, some to different IPs (of ‘ndss.keenetic.ndmsystems.com’). Any chance to look into those connections? I redirected the DNS, but you use HTTPs with Certificate Pinning. The used trust anchor ‘4096-KNT-root-ca.crt’ can be found in the file system, in ‘/usr/share/sign-ca-certificates‘. However, I am not able to simply replace the file content because it is on a read-only partition.
  7. Yes, I know. By the way, is there an easy way to look into what is exchanged exactly? Looking at Wireshark and the timings, it looks like failing over because it tries several different IPs in a row (and I blocked none of them, the TLS handshake succeeds and it looks like exchanging data successfully). Might be a bug but cannot say for sure.
  8. I am in the channel Dev and had 3.8 Alpha 8 installed. When I went for a Reset via the Web interface, the initial Wizard pops up again. When I go through the wizard, I was forced to install the latest update, on the channel Main: 3.7.4. Is this intended? I use the following path right now which feels like a workaround: When the wizard pops up, I hit the button ‘Run Wizard’. Then, I get a page with the modes. There is a button ‘Exit Wizard’. When I go for that, I am not forced to downgrade. However, many settings (like the mode and the recommended systems components are not set then).
  9. This is a small how-to silence a Keenetic in the mode Extender which can be used as a ‘Wi-Fi Bridge’, sometimes called ‘Wi-Fi Access Point’. This is useful, when you have no Keenetic in the mode Router around and you want a silent Access Point without NAT or Firewall, just doing Wi-Fi. Most of the steps are based on this help article. However, I had to do more: reset your Keenetic (button, Web, or CLI) when the Wizard in the Web interface offers the button ‘Exit Wizard’ go for that go for the command-line interface (for example, via the Web interface) and enter: interface Home lldp disable no ntp server ntp server ntp sync-period 40320 no service internet-checker components remove cloudcontrol components remove sstp-server (on default, was not installed) components remove webdav components remove ndns components remove ip6 (on default, was not installed) system configuration save components commit Keenetic does not learn the NTP server from DHCP. Therefore, I changed it manually to the IP address of my local main router. Double-check your IP address and that yours offers an NTP service. Furthermore, KeeneticOS 3.8 does not support IPv6 in mode Extender, yet. If you want to keep the system component IPv6 for future, then today, you have to go for: no ipv6 subnet Default system configuration save The bad news: Although I do not use any service of Keenetic anymore, I found no way to disable the ‘authentication and licensing service’ yet. So it is not totally silent and still phones home after start and once daily (connecting to all fail-over IPs learned from DNS, perhaps another software bug). The good news, the system components Package Manager (opkg) and Phone Station (nvox) can be used even in mode Extender. Consequently, I am able still to use my Keenetic for telephony like the Keenetic Linear and many more.
  10. @vst were you able to reproduce the issue via my steps? I re-tried after applying your CLI command (which did the job, thanks, by the way): After that CLI command, when I go through my steps again, that subnet re-appears again. Consequently, I do not think, it is any kind of left-over. If you were able to reproduce the issue, do you create the bug report internally or shall I via E-mail support?
  11. I get that subnet via: reset the system components to Minimal reset all settings exit wizard change Mode to Extender install the system component IPv6 all via the Web interface; 3.8 Beta 1. Re-tried just minutes ago.
  12. OK, attached in hidden mode. Are you not able to reproduce this issue with the steps above? Interesting. By the way, when I go for the file ‘/tmp/run/radvd.conf’, I see interface br0 { AdvSendAdvert on; AdvOtherConfigFlag on; AdvManagedFlag off; AdvDefaultLifetime 0; }; which matches my Router Advertisements, because the Flag Other is set indeed. However, I found no way to control that file, yet. After a restart, it is overwritten. And there seem to be no command on the CLI controlling this. The closest would be ‘no ipv6 subnet mode’. However, that did not work. Is there a trick to change/overwrite that? Something like a ‘ipv6 subnet mode client’ would be the correct approach in future, I think. Especially, because currently, I do not see IPv6 connectivity in Extender mode at all. However, that is another topic.
  13. What mean the two votes ‘need more info’ exactly? First of all: More info from me or someone from Keenetic? Steps to Reproduce: Web interface → (Management) System → Change operating mode → Extender Web interface → (Management) System → Component options → IPv6 → Install Then, on a computer in my home network, I open Wireshark and filter for icmpv6.type == 134. After several minutes, I see IPv6 RA coming from the Keenetic. Nothing inside (no IPv6 Prefix and not DNS) but still medium default route. This is confusing because I would have expected no RA from a non-router.
  14. I am in the operating mode Extender. I have installed the component IPv6. While debugging something else in Wireshark, I noticed, that my Keenetic is still sending IPv6 Router Advertisements (RAs; ICMPv6 134). Nothing much included, except the default route at medium preference. Anyway, confusing because in that mode my Keenetic is (should be) no router anymore. Is that intended? Sorry, have not checked 3.7.4 whether that is a 3.8 only thing.
  • Create New...