Notes: 1. SFE accelerated NAT is in 33006+ builds but only in kernel 3.2 and newer 2. 'KRACK' vulnerability fixes were completed in r33678 for Broadcom, including k26 (33655) & k24 (33656); use build 33772 or later.
3. Bridge modes on k4.4 devices may sometimes work in some configurations in certain builds but are not supported by the bcmdhd driver. Use client or repeater instead as WDS doesn't work with Broadcom ARM either (see Issues below).
4. Since 39469, udhcpd was removed and replaced with the already present dnsmasq, and PIE qdisc was added for some builds.
5. Policy-Based Routing with SFE enabled was fixed in r39556: 5986 and 5900 6. k2.4 (broadcom/) builds were fixed in 39715 (broken in 39144 through 39654)
Issues, observations, and/or workarounds reported: 1.Trendnet 81*DRU models are missing factory-to-flash 2.DNScrypt is mostly only using v2 protocols now, but requires Golang that DD can't use:6246 3.WDS does not work on Broadcom ARM devices (only MIPS<->MIPS) 4.K2.6 builds are broken since 38253(?); GUI issues:6538 5.VAPs not working at boot; workaround startup command:
sleep 10;stopservice nas;stopservice wlconf;startservice wlconf;startservice nas
This appears to be fixed for some routers (different kernels, modes, and radios) since build 39508.
Important: if any issues are found, please provide log info (GUI syslog, `dmesg`, `cat /var/log/messages`).
Or put into SVN ticket. For firewall issues, also provide "iptables" info (`iptables -L`, `iptables -t nat -L`, & the /tmp/.ipt file).
Template to copy (after "Code:") for posting issues, be sure to include the mode in use (gateway, AP, CB, etc.):
WARNING:This thread is to report on flashing this experimental test build, providing important info for both developers and users. Always state your hardware model, version, mode (e.g. Repeater) and SPECIFIC build (e.g. 33555_NEWD-2_K3.x_mega-nv64k.bin). Please avoid discussions and create a new thread to discuss specific problems or questions, as this thread is for reporting, not support. Posts may be deleted or moved to keep this thread manageable and useful. If you don't understand the risks or what to flash and how, with a means of recovery if it bricks, do NOT flash this experimental test build. _________________ #NAT/SFE/CTF: limited speed w/ DD#Repeater issues#DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo#
OPNsense x64 5050e ITX|DD: DIR-810L, 2*EA6900@1GHz, R6300v1, RT-N66U@663, WNDR4000@533, E1500@353,
WRT54G{Lv1.1,Sv6}@250|FreshTomato: F7D8302@532|OpenWRT: F9K1119v1, RT-ACRH13, R6220, WNDR3700v4
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Mon Jun 03, 2019 18:28 Post subject:
Router Model: Linksys E2000 (converted N320)
Firmware Version: DD-WRT v3.0-r39927 mega (06/03/19)
Kernel Version: Linux 3.10.108-d8 #24753 Mon Jun 3 13:41:54 CEST 2019 mips
Upgraded: from DD-WRT v3.0-r39884 mega (05/30/19) with IE, Firefox seems flaky when updating
Reset: No, not this time
Status: Up and running for 4 hours, basic setup as Gateway, static leases, OpenVPN client (tun) (on PIA) up and running, VPN download speed 5-6 Mb/s, Wifi 2,4GHz working, VAP bridged and unbridged working without any workarounds!!.
OpenVPN server working.
I have tested the new unidirectional firewall (Inbound Firewall on TUN) for OVPN client and can see that the necessary firewall rules are in place, good job!
Router/Version: ASUS RT-AC3200 File: Kernel:
Linux 4.4.180 #177 SMP PREEMPT Mon Jun 3 09:03:31 CEST 2019 armv7l Mode: Gateway Status: VAP problem
Looks like I need to do the whole stopservice and startservice thing for the 'nas' & 'wlconf' again _________________ ASUS RT-AC3200 - Deployed Client's site
ASUS RT-AC5200 - Merlin
ASUS RT-AX88U - Merlin
Last edited by mbze430 on Mon Jun 03, 2019 22:51; edited 1 time in total
Router/Version: Netgear R7000
Firmware: DD-WRT v3.0-r39927 std (06/03/19)
Kernel: Linux 4.4.180 #172 SMP PREEMPT Sun Jun 2 22:19:47 CEST 2019 armv7l
Previous: r39884
Mode/Status: Gateway / working
Reset: no
Issues/Errors: Working so far.
Uptime: 17m
Temperatures: CPU 68.0 °C / WL0 48.3 °C / WL1 54.1 °C
Router/Version: Asus RT-AC68U
File: asus_rt-ac68u-firmware.trx
Firmware: DD-WRT v3.0-r39927 std (06/03/19)
Kernel: Linux 4.4.180 #172 SMP PREEMPT Sun Jun 2 22:19:47 CEST 2019 armv7l
Previous: DD-WRT v3.0-r36006 std (05/28/18)
Reset: No
Mode: Gateway/AP
Uptime: 2 hours
Status: OK
Issues/Errors:
VAP didn't work with the command recommended in OP, but does work with the command given here:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320004&highlight=policybased+routing+sfe
39572 -> 39927
* no nas/timer/rekey events [so far]
* iot 2.4GHz devices ok
* balanced interractive+streaming wifi [vegas, no QoS]
I'll update after a bit of soak.
Post Soak:
* 5Ghz 157+161 RX:12MB/s TX:16MB/s [server <> wifi]
* RX:112MB/s TX:111MB/s [GbE <> GbE]
* nas/timer/rekey events:
4.53 million "timer : #nnnn" messages over a 4.4 hour period of normal use.
Unlike before, no timer+<hang|crash|reboot> events.
* nas/timer spew averaged 286 messages/sec with bursts of 4600 messages/sec to both local and remote logs:
Code:
$ sudo egrep 'Jun 6 .*\.2 .*(: #0 | event)' /var/log/messages
Jun 6 08:57:32 192.168.10.2 : timer : #0 (0x42fba0)->0x42fc40: ^I0 sec 0 usec^I0x4033a9
Jun 6 08:57:32 192.168.10.2 : timer : eventlist is full
Jun 6 08:57:32 192.168.10.2 : timer : #0 (0x42fc40)->0x42e7c0: ^I0 sec 0 usec^I0x4033a9
Jun 6 08:57:33 192.168.10.2 : timer : eventlist is full
Jun 6 08:57:33 192.168.10.2 : timer : #0 (0x42fc40)->0x42e7c0: ^I0 sec 0 usec^I0x4033a9
Jun 6 08:57:33 192.168.10.2 : timer : eventlist is full
Jun 6 08:57:33 192.168.10.2 : timer : #0 (0x42fc40)->0x42e7c0: ^I0 sec 0 usec^I0x4033a9
Jun 6 08:57:34 192.168.10.2 : timer : eventlist is full
...
Jun 6 13:25:24 192.168.10.2 : timer : #0 (0x430a40)->0x430a80: ^I399 sec 707094 usec^I0x4033a9
Jun 6 13:25:25 192.168.10.2 : timer : eventlist is full
Jun 6 13:25:25 192.168.10.2 : timer : #0 (0x430a40)->0x430a80: ^I399 sec 707094 usec^I0x4033a9
Jun 6 13:25:25 192.168.10.2 : timer : eventlist is full
Jun 6 13:25:25 192.168.10.2 : timer : #0 (0x430a40)->0x430a80: ^I399 sec 707094 usec^I0x4033a9
Update 2: After turning on the nas/timer watchdog script, events are caught and nas/wl restarted in 2-3 timer cycles rather than thousands of cycles. Restarting nas/wl early appears to result in only 3-6 events per day. Or it is a coincidence.