Router: R7000
Firmware: upgraded from 30965 (had issues with 31135 and had to roll back to 30965)
Status: Working good and has been up for 3 days no issues.
Reset: Yes. All settings redone by hand (Didn't want any corruption from 31135 to taint anything)
Load Average 0.06, 0.01, 0.00
CPU Temperatures: CPU 64.1 °C / WL0 49.5 °C / WL1 53.3 °C
Joined: 18 Mar 2014 Posts: 12885 Location: Netherlands
Posted: Tue Jan 24, 2017 9:18 Post subject:
Router Model: Linksys EA6900 (XVortex CFE)
Firmware Version: DD-WRT v3.0-r31160M kongac (01/18/17)
Kernel Version: Linux 4.4.43 #223 SMP Wed Jan 18 20:22:16 CET 2017 armv7l
Upgraded: from 31135M via telnet (update via GUI or ddup –flash-latest not possible because nvram is placed on linux partition and not linux2 partition due to Xvortex CFE)
Reset: Yes, before and after (Erase NVRAM and WPS reset)
Configuration: AP, DHCP server, 2,4GHz wireless running, 5GHz running, some static leases and some port range forwarding, NVRAM size 32K (NVRAM size should not be a problem with the Xvortex CFE)
Status: Up and stable for 24 h, excellent wireless speed and range, WAN throughput 40/4 (is my ISP's maximum)
Errors: none so far
Just updated my two R7000s to this build and all went well, USB/QoS/Radios. However, OpenVPN Server no longer works on my gateway box when it previously did on build 30910. Did something change that I missed? Need to change a setting or is broken completely?
Thanks for your work, devs.
Recently (don't recall exactly when), Openvpn was upgraded to v2.4.
This caused me some grief since my settings needed to be adjusted.
The most crucial change needed is to change from "udp" to "udp4". Can confirm that openvpn still works though. _________________ Netgear R7000 on Build 55109
Asus AC-AC68U rev. C1 (AP) on Build 55109
Asus AC-68U rev. A1 on Build 54604
Asus AC-68U rev. A1 on Build 53339
Router: Asus RT-AC56U
Firmware: DD-WRT v3.0-r31160M kongac (01/18/17)
Kernel: Linux 4.4.43 #223 SMP Wed Jan 18 20:22:16 CET 2017 armv7l
Status: OK
Reset: NO
Errors: NONE
Thank you Kong and Brainslayer!
Snap. Same router upgraded from an older Brainslayer build (the last one I could find that didn't die after an hour). It's used as a bridge between my server and my router. TX/RX rate has gone from 400M to 866M and signal quality from ~56% to between 94 and 100%.
Router: ASUS RT-AC68U
Previous: 30880 BS
Status: had to revert back to 30880
I need dnscrypt and BrainSlayer is delaying his build, so...
Previous: 30880 - i've made nvram backup, then flashed 31160M with no nvram reset. Router rebooted, everything was looking OK. I did not checked guest network at this time. Then i've turned DNSCrypt ON. It offered predefined list of cryptDNSes, i was planning to use d0wn-cz-ns1 server but it's not on the list and there is no way of specifying it manually. Ok, I've choosed sweden d0wn server, rebooted router and... no internet access, because router's date is 01.01.1970 and dnscrypt wont work with such date, and NTP client was not able to resolve time.nist.gov server. Deadlock. I've waited couple of minutes then logged in to router, corrected date with "date 2017-01-24" command, then things started to work. I've checked dns - everything was working as expected, no ISP messing with resolving, yes! Then i went through settings and it came to my attention, that guest network option "Forced DNS Redirection" is turned off. I've turned it on, then router asked for Optional DNS Target, i'm not sure what it is, specified router's ip of the guest network: 192.168.10.1, then saved and applyed settings. Now i've tried to reconnect to guest network and... "unable to get IP address", guest network died. I tried to clear Optional DNS Target - noway, router won't let me clear values in there. Tried to turn Forced DNS Redirection off, reboot router and so on. No result, wl0.1 became not connectable. After half hour of attempts to bring router back to life, i gave up, flashed 30880 with nvram reset, loaded nvram settings from backup, and now everything works as expected, except for missing dnscrypt.
Sorry for getting off topic but the above post isn't a build issue, but a configuration issue when using DNSCrypt.
NTP Client has to be set to verify certificates Dates for DNSCrypt and also OpenVPN Client.
There are 2 options that work. Having a fixed NTP Server IP Address will give you the fastest startup of services. I use Google's NTP Server IP 216.239.35.0 The only problem with a static IP is if the server is down the Time/Date update will not happen.
2nd Option NTP Client setup:
Used NTP Server Name in your country (example the USA):
us.pool.ntp.org
Then add into the Additional DNSMasq Options:
server=/us.pool.ntp.org/8.8.8.8 _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Sorry for getting off topic but the above post isn't a build issue, but a configuration issue when using DNSCrypt.
NTP Client has to be set to verify certificates Dates for DNSCrypt and also OpenVPN Client.
There are 2 options that work. Having a fixed NTP Server IP Address will give you the fastest startup of services. I use Google's NTP Server IP 216.239.35.0 The only problem with a static IP is if the server is down the Time/Date update will not happen.
2nd Option NTP Client setup:
Used NTP Server Name:
ntp.org
Then add into the Additional DNSMasq Options:
server=/ntp.org/8.8.8.8
qGUBcZWwBHb1 wrote:
You should not be using ntp.org as the NTP server name. Use pool.ntp.org or one of the other subvariants.
I agree--ntp.org in the dnsmasq settings to direct the TLD to 8.8.8.8, or other DNS server(s) of your choice, is fine. Just specify ntp settings to us.pool.ntp.org or some other similar subdomain. _________________ R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x https://pi-hole.net/ https://github.com/DNSCrypt/dnscrypt-proxy
Sorry for getting off topic but the above post isn't a build issue, but a configuration issue when using DNSCrypt.
NTP Client has to be set to verify certificates Dates for DNSCrypt and also OpenVPN Client.
There are 2 options that work. Having a fixed NTP Server IP Address will give you the fastest startup of services. I use Google's NTP Server IP 216.239.35.0 The only problem with a static IP is if the server is down the Time/Date update will not happen.
2nd Option NTP Client setup:
Used NTP Server Name:
ntp.org
Then add into the Additional DNSMasq Options:
server=/ntp.org/8.8.8.8
qGUBcZWwBHb1 wrote:
You should not be using ntp.org as the NTP server name. Use pool.ntp.org or one of the other subvariants.
I agree--ntp.org in the dnsmasq settings to direct the TLD to 8.8.8.8, or other DNS server(s) of your choice, is fine. Just specify ntp settings to us.pool.ntp.org or some other similar subdomain.
I stand corrected. Thanks guys! _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Sorry for getting off topic but the above post isn't a build issue, but a configuration issue when using DNSCrypt.
NTP Client has to be set to verify certificates Dates for DNSCrypt and also OpenVPN Client.
There are 2 options that work. Having a fixed NTP Server IP Address will give you the fastest startup of services. I use Google's NTP Server IP 216.239.35.0 The only problem with a static IP is if the server is down the Time/Date update will not happen.
2nd Option NTP Client setup:
Used NTP Server Name in your country (example the USA):
us.pool.ntp.org
Then add into the Additional DNSMasq Options:
server=/us.pool.ntp.org/8.8.8.8
Corrected. Thanks for the pointers. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
Joined: 09 Nov 2014 Posts: 314 Location: Bakersfield, CA
Posted: Wed Jan 25, 2017 22:54 Post subject:
wabe wrote:
SinCalChewy wrote:
Just updated my two R7000s to this build and all went well, USB/QoS/Radios. However, OpenVPN Server no longer works on my gateway box when it previously did on build 30910. Did something change that I missed? Need to change a setting or is broken completely?
Thanks for your work, devs.
Recently (don't recall exactly when), Openvpn was upgraded to v2.4.
This caused me some grief since my settings needed to be adjusted.
The most crucial change needed is to change from "udp" to "udp4". Can confirm that openvpn still works though.
I got it working, thanks for the tip(s). _________________ Deployed Routers:
Netgear R7800 - 1x build 46979
- Gateway (USB /w Entware, CAKE QoS)
Netgear R7000 - 3x build 46979
Posted: Thu Jan 26, 2017 23:04 Post subject: Re: New firmware: DD-WRT v3.0-r31160M kongac (01/18/17)
Openvpn normal use for a period of time after a half-day link is disconnected state
There is a problem log this does not affect the link
20170106 22:34:04 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible
20170106 22:34:04 W WARNING: file '/tmp/openvpncl/credentials' is group or others accessible
20170106 22:34:04 I OpenVPN 2.4.0 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan 4 2017
20170106 22:34:04 I library versions: OpenSSL 1.0.2j 26 Sep 2016 LZO 2.09
>>>>>>>>>
Sorry for getting off topic but the above post isn't a build issue, but a configuration issue when using DNSCrypt.
NTP Client has to be set to verify certificates Dates for DNSCrypt and also OpenVPN Client.
There are 2 options that work. Having a fixed NTP Server IP Address will give you the fastest startup of services. I use Google's NTP Server IP 216.239.35.0 The only problem with a static IP is if the server is down the Time/Date update will not happen.
2nd Option NTP Client setup:
Used NTP Server Name in your country (example the USA):
us.pool.ntp.org
Then add into the Additional DNSMasq Options:
server=/us.pool.ntp.org/8.8.8.8
I tried option 2 first and it did not work for me. Never picked up the time.
Router: R7000
Firmware: upgrade from bs29739
Status: OK
Reset: erase nvram
Errors:
Hitting a hard bandwidth limit using QoS/HTB/FQ_CODEL that doesn't match settings. When QoS is enabled, bandwidth appears capped around 160Mbps. Disabled, I reach my Comcast limit (around 240Mbps). I can set uplink/downlink to 999999, doesn't make any difference, still ~160Mbps. No rules configured, no other devices on network. Verified wshaper NVRAM settings are synced with GUI.
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Fri Jan 27, 2017 11:06 Post subject:
zombeefs wrote:
Router: R7000
Firmware: upgrade from bs29739
Status: OK
Reset: erase nvram
Errors:
Hitting a hard bandwidth limit using QoS/HTB/FQ_CODEL that doesn't match settings. When QoS is enabled, bandwidth appears capped around 160Mbps. Disabled, I reach my Comcast limit (around 240Mbps). I can set uplink/downlink to 999999, doesn't make any difference, still ~160Mbps. No rules configured, no other devices on network. Verified wshaper NVRAM settings are synced with GUI.
well do keep in mind that QoS is CPU aggressive so u can expect lower WAN speeds...
generally DD-WRT has a very good speed shaper even if you don't use QoS....
but then again if case of many clients or heavy streaming/DL you might need QoS so you can give a try
also don't use HTB try with HFSC it less CPU demanding... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
