Joined: 04 Aug 2018 Posts: 1586 Location: Appalachian mountains, USA
Posted: Tue Jul 09, 2024 21:59 Post subject:
I also upgraded my DL-WRX36 to 57200. Had no trouble setting up the two wifis and four VAPs along with an extra bridge br1, all set up as six subnets counting the main one, for a total of five extra DHCP servers. In bridge assignment I split ethernet ports eth0 .. eth3 between br0 and br1. (The WAN is eth4.) That's a nice feature: like port-splitting VLANs without technically needing a Switch Config page or swconfig commands.
Am also using multiuser beamforming with no obvious problems. I'm seeing a clear benefit over no beamforming but haven't compared to single-user.
I did not manage to get WPA3 going, so I'm still using WPA2 Personal / AES. I don't really have a clue how to set up for WPA3 on one wifi subnet as a test. Have some old and some new clients, so I'll have to stick to a WPA2 / WPA3 combo somehow. My half-baked experiments seemed to hit the prohibition on mixing wifi encryption types. Should I just use the usual AES choice everywhere? Can I enable both WPA2 Personal and WPA3, or is it strictly one per network or one per radio? Advice welcome.
I did set up my 5G wifi for N/AC/AX, and my phone happily made an HE40 AX connection faster (515 Mbps-ish IIRC with 40 MHz BW) than the 400 Mbps connection I can get with AC in that corner of the house where signal strength is modest.
A ton more to do... wireguard is next up. _________________ 62606: 3x Dynalink DL-WRX36, Linksys MX4200v2, 1x MR7350. 61465: 1x MR7350. WPA2personal/WPA3 w/ AES, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), Two SmartDNS/DoT providers and one DNSCrypt provider via VPNs. DNSmasq manages that plus ad blocking and local DNS.
Joined: 04 Aug 2018 Posts: 1586 Location: Appalachian mountains, USA
Posted: Sun Jul 14, 2024 15:56 Post subject:
Update on my DL-WRX36 config project.
I now have wireguard clients to two different providers running, along with an OpenVPN client to one of those providers. A wireguard client to a dd-wrt router in another state is up also. A wireguard server is configured now but not yet tested. A fifth wireguard client (oet1 actually) is still not handshaking, but I haven't given up yet. I'll soon be applying a microscope to its config. Firewall/routing tweaks for VPN port forwarding are coming soon as well.
NFS file server manages a USB drive almost perfectly. Haven't tried SAMBA yet but will soon. "Almost" is because umount on my linux laptop won't unmount it without an -l argument for a lazy unmount, even if I am careful to make sure (no open files, CWD not on that drive) the drive is no longer "busy." This was an issue on build 55630 on an XR500 also, so it's not about the Dynalink.
With SES unmounts enabled, the button on the back of the Dynalink umounts the /opt partition that I didn't access but also fails to unmount (on the router) my main partition, I assume because it has no -l argument on the umount. Of course "umount -l" works fine in the CLI.
A little config and lots of testing still to do... _________________ 62606: 3x Dynalink DL-WRX36, Linksys MX4200v2, 1x MR7350. 61465: 1x MR7350. WPA2personal/WPA3 w/ AES, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), Two SmartDNS/DoT providers and one DNSCrypt provider via VPNs. DNSmasq manages that plus ad blocking and local DNS.
Joined: 04 Aug 2018 Posts: 1586 Location: Appalachian mountains, USA
Posted: Sun Jul 14, 2024 17:19 Post subject:
Also... On other routers (linksys, netgear) I've been able to post a script at /tmp/etc/config/SOMENAME.sesbutton to do my bidding on a push of the SES button. For example, I've used this to change the server to which the OpenVPN client is connecting. Easy to use for family members who encounter a server hang.
I haven't experimented with this button thing yet on this router, because I'm finding no hint of a gpio map after much searching, and I like to use gpio commands to change LED colors or blink it or something to let the user know that a button push has been noticed. I did find a line in dmesg and a similar one in the syslog saying "ssdk_dt_parse_interrupt[943]:INFO:intr-gpio does not exist", so I assume the gpio system is not interrupt capable and that polling the button would be the only way to sense it. No clue whether dd-wrt is set up for that. I also found an "OEM bootlog" at https://openwrt.org/toh/dynalink/dl-wrx36 saying
Quote:
[ 0.223392] gpiochip_add: registered GPIOs 0 to 69 on device: 1000000.pinctrl
[ 0.223404] GPIO chip 1000000.pinctrl: created GPIO range 0->69 ==> 1000000.pinctrl PIN 0->69
so I guess we know the range of gpio numbers that might do something. Some routers have a gpio "pin" mapped to "reset," so I'm reluctant to just try random things.
Has anyone looked into gpio LED control for this router?
In bridge assignment I split ethernet ports eth0 .. eth3 between br0 and br1. (The WAN is eth4.) That's a nice feature: like port-splitting VLANs without technically needing a Switch Config page or swconfig commands.
I absolutely LOVE this new way of configuring vlans and the independent ports. I believe this is how it is done now on most if not all newly supported AX routers. While it did take a minute for me to figure out this new method, in my opinion it's way better and easier than using the combination of Switch Config and Networking tabs in previous units. Great job BS! _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
Wifi issue happened a few times over the weekend, the wifi will slow down to a crawl and will not return to normal by disconnect/reconnect, only can go back to normal speed by performing a reboot, not sure what's happening, this is happening with build 57200. Wired connection to desktop has been ok when wifi has some issue.
Joined: 01 Feb 2017 Posts: 97 Location: Netherlands
Posted: Tue Jul 23, 2024 13:48 Post subject:
Did someone tried the latest r57538 already? Which uses the newer NSS Firmware?
I'm thinking of buying this router to replace my Netgear R7000.
I use OpenVPN, Wireguard (both as server), and further IPv6, Guest WLAN, some Custom iptable rules to force DNS traffic to my PiHole. Some Port-Forwardings and DDNS. That is about it.
I upgraded to 57538 two days ago and it's been fine, the wifi traffic stall issue has been fixed since 57447. I'm currently using SFE without NSS which is enough for my 500Mbps internet, haven't test NSS yet.
Router is very stable and running for a full week on 57447 without any issue. I upgraded from R7000 over a year ago to WRX36 running OpenWRT, switched a few weeks ago to running DD-WRT and it's been perfect since 57447, very stable and a lot of new functions added to DD-WRT compared to 10 year old R7000.
Joined: 01 Feb 2017 Posts: 97 Location: Netherlands
Posted: Tue Jul 30, 2024 9:22 Post subject:
I received my hardware yesterday, and i tried to install r57595, but without any luck.
The same goes for r57564 and r57538.
When I used r57447 or the first one supported r56820 those worked too.
I tried using the webflash of both r57538 and r57595 using r57447 as the working base image, but that resulted in that the router was not reachable anymore. It was not sending out DHCP, and it was also not reachable by setting a static IP on my laptop. Though the light in the front was blue as if it was up and running.
When i compare the UBI images which are needed to flash the only difference when ignoring the rootfs changes is that the First UBI PEB Number is set to 0 on the working images and it is set to 1 on the images that fail to flash. I have no clue what that means though.
During flashing of the failing images i receive the following message.
Code:
root@OpenWrt:~# ubiformat /dev/mtd18 -y -f /tmp/factory_image.ubi
ubiformat: mtd18 (nand), size 101711872 bytes (97.0 MiB), 776 eraseblocks of 131072 bytes (128.0 KiB), min. I/O size 2048 bytes
libscan: scanning eraseblock 775 -- 100 % complete
ubiformat: 776 eraseblocks have valid erase counter, mean value is 6
ubiformat: flashing eraseblock 523 -- 100 % complete ubiformat: error!: bad UBI magic 00000000, should be 0x55424923
ubiformat: error!: bad EC header at eraseblock 523 of "/tmp/factory_image.ubi"
While a working flash show this:
Code:
root@OpenWrt:~# ubiformat /dev/mtd18 -y -f /tmp/factory_image.ubi
ubiformat: mtd18 (nand), size 101711872 bytes (97.0 MiB), 776 eraseblocks of 131072 bytes (128.0 KiB), min. I/O size 2048 bytes
libscan: scanning eraseblock 775 -- 100 % complete
ubiformat: 775 eraseblocks have valid erase counter, mean value is 6
ubiformat: 1 eraseblocks are supposedly empty
ubiformat: flashing eraseblock 519 -- 100 % complete
ubiformat: formatting eraseblock 775 -- 100 % complete
So, using r57447 i encountered the following issue(s)/questions.
2.4GHz isn't working. I tried several settings but none of my clients will connect.
Also trying to set it to AX Only results in the value being changed to Disabled.
Not sure if this is already fixed in a newer firmware though.
Regarding the Shortcut Forwarding Engine:
Is there somewhere which explains the difference between all the options?
SFE, NSS-ECM, NSS-SFE, NSS-ECM-SFE. I currently use SFE, which i think is a software only option, but please correct me if I am wrong, and that NSS will utilize the special hardware. For me currently SFE seems to be able to get the max speed I have from my ISP, but using the hardware features will probably lower the CPU load. And, does it have any effect on the NAT Rules defined in the Firewall like CTF did?
Ow, and i very much like the USB Boot option for this router as a recovery feature.
All other things are working fine for now currently.
Regarding the Shortcut Forwarding Engine:
Is there somewhere which explains the difference between all the options?
SFE, NSS-ECM, NSS-SFE, NSS-ECM-SFE. I currently use SFE, which i think is a software only option, but please correct me if I am wrong, and that NSS will utilize the special hardware. For me currently SFE seems to be able to get the max speed I have from my ISP, but using the hardware features will probably lower the CPU load. And, does it have any effect on the NAT Rules defined in the Firewall like CTF did?
I did some search on the NSS-ECM, the only information I can get, is that SFE is software (like a hack), and NSS-ECM is the Qualcomm Network SubSystem engine which can offload certain traffic to the NSS core. There is post from a few months ago, New Build - 05/02/2024 - r56182 post #19, said CTF would not work with NSS enabled.
As for the wifi, I had some issue with wifi working partially before 57200 build, and after that it's been perfectly fine for my unit; but I do have issues with the wifi traffic stopping after a few days but that problem was resolved with 57447 build.
