Severe bug in 32k NVRAM routers causing crashing

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
tedm
DD-WRT Guru


Joined: 13 Mar 2009
Posts: 554

PostPosted: Sun Nov 05, 2023 12:50    Post subject: Severe bug in 32k NVRAM routers causing crashing Reply with quote
I am finding the following in many of my 32k NVRAM routers. I'll use my Netgear WGR614v8 as an example.

This device is upgradable to build DD-WRT v3.0-r53843M mini (11/01/23) K24) via Telnet to the command line.

However, on reboot, and on pin reset, the router will boot, give you the login screen asking for the new password. Then it brings you to the main screen of the webinterface.

At that time, you can telnet into the router and issue a "nvram show" and all NVRAM variables are dumped, and at the end of the dump the total free NVRAM is shown. This is:

size: 27366 bytes (5402 left)

The problem is that as you click on different screens of the webinterface, EVEN IF YOU CHANGE NOTHING AND SET NO VARIABLES the dd-wrt webinterface is in the background, injecting empty variables into NVRAM. After about the 3rd of 4th screen - the router runs out of NVRAM variable space and overflows it, then it immediately becomes unresponsive - you cannot telnet into it or access it via webinterface. If you immediately reboot then the router becomes responsive again - but once more as you click on the different webinterface screens and the NVRAM variable space fills up, the process repeats again. And if you save ANYTHING on any screen right when the router is about ready to overflow NVRAM - then you are lost. pin reset won't work, 30/30/30 reset won't work (for some reason) the router then bricks. Only serial port debricking fixes it.

In order to kludge around this, what I have done is after pin reset, and applying the password, I telnet into the router and issue the following at the command line:

nvram show

I come up with
size: 27366 bytes (5402 left)

I then issue the command:

for line in `nvram show | grep =$ `; do var=${line%*=}; nvram unset $var; done

After doing that, my 614 now shows:


nvram show
.
.
.
default_uplevel=100000
wla_temp_secu_type=None
wl_antdiv=-1
size: 18598 bytes (14170 left)
0;root@DD-WRT: ~root@DD-WRT:~#


At that point, clicking different webinterface screens while doing show nvram at the command prompt clearly shows free NVRAM dropping:


show nvram
.
.
.
wla_temp_secu_type=None
wl_antdiv=-1
size: 18757 bytes (14011 left)

0;root@DD-WRT: ~root@DD-WRT:~#
show nvram
.
.
.
wla_temp_secu_type=None
wl_antdiv=-1
size: 18781 bytes (13987 left)
0;root@DD-WRT: ~root@DD-WRT:~#

Eventually it SEEMS to reach 13987 free after clicking all webinterface screens (and saving nothing and setting no variables.)

Obviously, as more things are set, more NVRAM variable space is used up.

I assume that a factory reset/pin reset which clears NVRAM triggers a process to rebuild NVRAM on a fresh boot - and that process adds a LOT of crufty junk NVRAM variables that are not used - so much so that NVRAM is almost completely filled up. By emptying NVRAM of empty variables, I am buying some space back - for a while.

These low-NVRAM routers I tend to use as Access Points anyway, so there's not a lot of NVRAM space needed. Saving the above command line in the Startup of the router is a long-term kludge fix and I've started doing it automatically in any routers I have with 32K of NVRAM.

I've read hints of this problem in various posts in the forums and indeed the command line above is not my own, either. But, nobody seems to have tied into the fact that operation of the webinterface itself - WITHOUT setting variable - is indeed adding EMPTY variables which is then using up NVRAM space. Setting ANY variable on ANY screen then clicking SAVE then fixates all those empty NVRAM variables into NVRAM. While this "works" with 64K NVRAM machines - there is enough space for extra crufty unused NVRAM variables - it's a death knell for 32K NVRAM routers.

Hopefully BS can work out a long term permanent fix for this. But until then the kludge in the startup is now required on any 32K NVRAM machines, even those using K24.
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sun Nov 05, 2023 13:07    Post subject: Reply with quote
Probably also set the rule in your Firewall script and not only on startup.

Note:
If you use WireGuard that rule can remove the WG keys as those end in =. Then use this (experimental) script:
Code:
for line in $(nvram show | grep '=$' | grep -v '=.*=' ); do var=${line%*=}; nvram unset $var; done


I know not many 32K NVRAM routers have WireGuard.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
tedm
DD-WRT Guru


Joined: 13 Mar 2009
Posts: 554

PostPosted: Sun Nov 05, 2023 13:35    Post subject: Reply with quote
egc wrote:

I know not many 32K NVRAM routers have WireGuard.


Unfortunately all those Linksys EAxxxx ones that use the split partitions and the 32k/64k NVRAM seem to and there's much discussion in the forums about those as well as pointers to modified CFE's (many dead links now) that people have built to "fix" the problem.

The EAxxx series are VERY plentiful in the used market and VERY cheap since so many people read up on that problem and don't want to mess with them, plus Linksys put that firmware check in their factory flash (easy to get around by flashing to the CFE tftp server yet still advanced difficulty for a newbie) Yet they have very nice radios and lots of CPU power so if you don't need a router but just an AP they work quite nicely. My main wifi router in the house is a EA6700 what more could you want with an 80Mhz wide 5Ghz radio and an 800Mhz CPU in a box that cost USD$9.99? And the radio is rock-solid, never a drop. (I don't use wireguard on it)

Linksys really dropped the ball with those, they could have been a killer router line during their time.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sun Nov 05, 2023 13:42    Post subject: Reply with quote
I use a Linksys EA6900, but it has the alternate CFE which allows 64K NVRAM.
EA6900 install guide

A new CFE allowing 64 K is available for a lot of the EA6xxx series and yes those have WireGuard

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum