MT1300 stability

Ben92 · 2021-05-26T15:01:39.949Z

Hi,

I’m using a MT1300 since 1 month now, but I’m having some stability issues.
It’ s configured as follow :
wwan connected to the main wifi in 5ghz
wireless AP in 2.4 and 5ghz with guest wifi disabled
wireguard client configured with VPN policies enabled
all VPN policies options enabled
button configured for wireguard client toggle
DNS and mtu adjusted on luci

I need to restart it 1 or 2 times per day. Most of the times the router’s blue light is blinking.
Sometimes the light is steady white, but there is no connection. I need to switch the button wait for the connection without the vpn and put back the switch to have the connection with the vpn working.
Sometimes the web interface is not starting after reboot or stops working after some time.

Can it be related to the configuration, or is there any known instability with this product ?

Regards

alzhao · 2021-05-29T03:53:57.966Z

First, use 3.201 firmware.

then seems that you set vpn and dns, which could be the reason.

How was the dns set?

Ben92 · 2021-05-30T18:43:02.522Z

Hi @alzhao,

Installed firmware is already 3.201.

DNS is setup as followed:
LAN (from luci)
use custom dns : 8.8.8.8
DHCP-Options : 6,8.8.8.8

wireguard interface dns : 91.121.161.184

Today after running fine for 3 days, when coming back home led was breathing blue.
web interface is down (site not reachable)
ssh is working.
Connected through ssh this is the result of test :
root@GL-MT1300:~# ping 8.8.8.8 100% packet lossroot@GL-MT1300:~# ping -I wg0 8.8.8.8 100% packet lossroot@GL-MT1300:~# ping -I apcli0 8.8.8.8 64 bytes from 8.8.8.8 seq=0 ttl=116 time=91.740 ms 64 bytes from 8.8.8.8 seq=0 ttl=116 time=91.740 msroot@GL-MT1300:~# ping -I wg0 10.10.0.1 # ip of the wireguard interface on the server 100% packet lossroot@GL-MT1300:~# ping aaa.bbb.ccc.ddd # public ip of the wireguard server 64 bytes from aaa.bbb.ccc.ddd seq=0 ttl=116 time=138.319 ms ping: sendto: operation not permittedroot@GL-MT1300:~# ping -I aplci0 aaa.bbb.ccc.ddd # public ip of the wireguard server 64 bytes from aaa.bbb.ccc.ddd seq=0 ttl=116 time=138.319 ms 64 bytes from aaa.bbb.ccc.ddd seq=0 ttl=116 time=138.410 ms

Internet access is working from apcli0, but when trying to ping the wireguard server without specifying the interface, each time, the first ping is working and then ping stop with the error : operation not permitted.

When restarting the web interface :
root@GL-MT1300:~# /etc/init.d/lighttpd start
The WireGuard client menu appear with an orange circle and the main button is in red saying “Abort”
After disconnecting the wireguard vpn from the web interface and then connect it again, internet access is working back.
root@GL-MT1300:~# ping aaa.bbb.ccc.ddd # public ip of the wireguard server 64 bytes from aaa.bbb.ccc.ddd seq=0 ttl=116 time=137.819 ms 64 bytes from aaa.bbb.ccc.ddd seq=0 ttl=116 time=138.210 msroot@GL-MT1300:~# ping -I aplci0 aaa.bbb.ccc.ddd # public ip of the wireguard server 64 bytes from aaa.bbb.ccc.ddd seq=0 ttl=116 time=138.528 ms 64 bytes from aaa.bbb.ccc.ddd seq=0 ttl=116 time=138.901 ms

alzhao · 2021-05-31T03:07:24.022Z

Seems that repeater is still on while wireguard is down.

How is the vpn policy set up?

Ben92 · 2021-05-31T18:57:04.401Z

The vpn policy is setup as follow :
Enable VPN Policy : enable
Use VPN for guest network : enable
Use VPN for all processes on the router : enable
Please Choose Policy : Domain/IP
Please Choose Rules : Do not use VPN for the following
netflix.com nflxvideo.net 82.148.126.0/24

alzhao · 2021-06-01T01:44:50.038Z

You can change this to disable so that the router still have Internet while wireguard drops. But I don’t know if this helps wireguard reconnection.

Use VPN for all processes on the router : enable

Seems the problem happens on wireguard and wireguard dns. Do you have any access to the server? Are you using ddns? Also try other ports?

joylen · 2021-06-04T11:34:26.252Z

mt1300交流群：Telegram: Contact @glmt1300

Ben92 · 2021-06-04T13:55:01.962Z

Hi,

I’ve got full admin access on the server, I’m not using ddns and I haven’t try other port.

For the moment I’ve got an uptime of almost 4 days without any issue.

I’ve extract routing tables, rules and firewall rules after reboot and will check when next crash happen if they remain the same.