i was testing yesterday some stuff and i had a buffer overflow warning (actually a panic) with ecm about ipv6 module... could be related? could be there is some problem with pppoe an ipv6 and this problem is triggered?
Yes. Obtain IPv6 address is disabled. IPv6 assignment length is also disabled. Delegate IPv6 prefixes is also disabled. And on my end, IPv6 is disabled on the LAN interface + DHCP server as well. Never encountered a crash or anything weird on PPPoE.
@Ansuel @dchard Yeah, as soon as I disable the WAN6 interface then PPoE works just fine and gets offloaded.
I have no tried running IPv6 PPoE
so ecm have some funny problem with ipv6 and pppoe or ipv6 in general ahahah
i'm currently trying to add support for ipq806x as soon as i manage that i will try to understand this problem
or maybe we just didn't set the flag in Makefile?
Its still enabled by default as ecm_front_end_ipv6.c and others are being built.
After installed qca-nss-ecm package, the load goes to 1.00 very quickly, even I did nothing...
btw, I have a IPv6 connection.
Yes, its a know bug.
Will be resolved soon.
Got it, thank you so much!
Hi!
How are things going? Is there any stable and functional version over there?
@robimarko was thinking if i can think about a way to make some kernel patch applicable based on build package... Do you think that can be acceptable for openwrt?
(can't edit the message)
something like apply these kernel patch if this package is selected...
That would be very useful for our package but i think would benefit also other project
That would require fundamental changes to the buildroot as currently it just looks for the patches folder and applies that.
Adding support for selective patches will take quite a work and I don't think its worth it, especially since it will lead to patches not being applicable due to lack of proper testing when adding new ones and so on.
Will have to check if there is a clean and easy way to add support for package to define their kernel patch to apply on top of the generic and target one...
(something like a kernel-patch directory that if it's present in the package directory is applied to the kernel source)
We have many patch added to generic that are really required by some package...
Mhe will check if it's not that impossible... i see this solution as the only way to make the ecm stuff workable
So current progress is: IPv6 might leak memory, crypto core unable to work. Am I right?
ipv6 ecm offload crash the router
crypto accelleration with nss won't work with a normal image (it does require a firmware that only the user can provide... the company enforced NDA rules, we can't redistribute them)
everything else seems to work
@Ansuel , in commit "ipq807x: xiaomi-ax3600: correctly handle boot flag from uboot" why did you switch flag_ota_reboot
to flag_boot_rootfs
+ flag_last_success
+ flag_boot_success
in platform.sh
?
Because I was able to switch partitions easily with flag_ota_reboot
: when I installed OpenWrt over OEM firmware I flash the "other" partition only and set flag_ota_reboot
to 1
. After reboot OpenWrt booted.
Am I missing something?
from my understanding ota reboot is only something used by xiaomi...
the bootloader actually use the boot roofs and last succes and boot success to understand what partition to run.
also if they are not in a logical mode everything is bypassed and the second partition is loaded
we initially used the ota flag and discovered that the partition switching with sysupgrade with openwrt system was unreliable and actually very random.
Thanks. Btw, can users extract crypto firmware from official router firmware and put it inside openwrt? I think this could evade the NDA.
Yes, its easily extractable from the stock fw.
Unfortunately, crypto will cause the NSS FW to crash