R7000 & ebtables broken on recent builds?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
Kermee
DD-WRT Novice


Joined: 19 Jun 2008
Posts: 30

PostPosted: Tue Aug 16, 2016 2:10    Post subject: R7000 & ebtables broken on recent builds? Reply with quote
Hi All,

I have two R7000's that were running r27745 (2015/08/25) and decided since it's been about a year see if any of the latest beta firmwares were worth upgrading to. I installed r30385 (2016/08/12) on one of them and I have a start-up script which runs which inserts the necessary kernel modules to support ebtables filtering. I use it to block port 67:68 on an OpenVPN tap device as to make sure no DHCP requests traverse over the bridge.

Upon upgrading one of the R7000's, I've noticed that the ebtables command/binary hangs on run and pegs the CPU to 100%. Thinking it might be a fluke, I upgraded the second R7000 and the same thing occurs. I decided then wipe and reset the NVRAM on one of the R7000's so it was clean and only loaded the ebtables modules and attempted to run a test command to see if ebtables would run. No such luck. It hangs on the CLI and from another Terminal running top, seeing it peg the CPU at 100%.

I started back-tracking a bit until I found a build of DD-WRT where ebtables runs properly. I went to the start of each month in reverse order until I happened upon r29396 (2016/04/04) where ebtables runs properly... However, OpenVPN was broken for me (Note: I did not do much troubleshooting with OpenVPN however). r29607 (2016/05/09) was the one previous to testing so inbetween those two builds, ebtables broke for me.

Has anyone run into similar issues with ebtables not working on the R7000 with recent builds? In the interim, I've flashed both R7000's back to r27745 (2015/08/25) and they're humming perfectly again. Was hoping to see if others have had similar issues in the forum but couldn't find anything. (Also, I realize ebtables isn't often used either. I can obviously block ports 67:68 from the OpenVPN server side, but I put them on the R7000 OpenVPN client side just in case).

Thanks in advance.

Cheers,
Kermee
Sponsor
Kermee
DD-WRT Novice


Joined: 19 Jun 2008
Posts: 30

PostPosted: Tue Aug 16, 2016 2:35    Post subject: Reply with quote
One thing, just to be clear, the ebtables is on a bridge interface (i.e. br0), and not on the actual OpenVPN tap interface which joins the bridge interface after the VPN connection comes up. The bridge interface is brought up immediately after boot so it's not an order issue.

Cheers,
Kermee
Hawk2001
DD-WRT Novice


Joined: 01 Apr 2017
Posts: 4

PostPosted: Sat Apr 01, 2017 12:34    Post subject: ebtables 100% load Reply with quote
I'm having the same issue with 31544 std on my R7000. Any attempt to use OpenVPN causes an ebtables process to hang at 100% of one of the CPUs. Also, I'm seeing the same issue with the ebtables CLI regardless of arguments.

Edit: Upgraded to 31791. Issue still present.
jaskerx
DD-WRT Novice


Joined: 24 Aug 2016
Posts: 31

PostPosted: Sat Apr 01, 2017 14:27    Post subject: Reply with quote
I've definitely been having this issue. Every time I boot up I need to ssh in and kill the ebtables pid, sometimes it drops the openvpn connection in which case I have to restart the openvpn service and kill the ebtables pid until ebtables stops starting and using 49.9 percent of the cpu. PITA!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum