Adding OpenWrt support for Xiaomi AX3600 (Part 1)

bitthief · April 15, 2021, 7:43pm

I think you have a solid point, this is the output of swconfig with the default config and NSS enabled:

This is present in /etc/config/network:

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

root@OpenWrt:/etc/config# swconfig list
Found: switch0 - QCA HPPE

Also, by default, eth0 is down. I know that on other devices, this is sometimes the CPU port (when tagging VLANs etc.). No idea how to test your theory though, and from what I can see, the switch0 device (QCA HPPE) might be using something proprietary..?

When I killed NSS by renaming the firmware, I was eventually able to logon to the router via the 2.4GHz Wi-Fi network, and I took a look at dmesg, the interfaces were up, but degraded to 10Mbps.

Mel · April 15, 2021, 8:20pm

In case it will help, here is my swconfig dump from a CN router reflashed with Xiaomi ax3600 INT firmware:

And here is my /etc/config/network:

root@XXXX:~# cat /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config switch
	option name 'switch0'

config interface 'lan'
	option ifname 'eth2 eth3 eth4'
	option force_link '1'
	option type 'bridge'
	option proto 'static'
	option netmask '255.255.255.0'
	option multicast_querier '0'
	option igmp_snooping '0'
	option macaddr 'XX:XX:XX:XX:XX:XX'
	option ieee1905managed '1'
	option ipaddr '192.168.8.1'
	option ip6assign '64'
	option ipv6 '1'

config interface 'eth1'
	option ifname 'eth1'
	option keepup '1'

config interface 'wan'
	option proto 'dhcp'
	list dns '1.1.1.1'
	list dns '8.8.4.4'
	option mtu '1500'
	option peerdns '0'
	option ifname 'eth1'

config interface 'ifb'
	option ifname 'ifb0'

config interface 'wan_6'
	option ifname 'eth1'
	option proto 'dhcpv6'
	option reqaddress 'try'
	option reqprefix 'auto'
	option peerdns '0'
	list dns '2606:4700:4700::1001'
	list dns '2001:4860:4860::8844'

anon4457646 · April 15, 2021, 8:29pm

strange switch config eth1 is wan

lantis1008 · April 15, 2021, 10:28pm

Wireless at the speed of sound. That's a new one.

OneB1t · April 15, 2021, 11:02pm

actually i dont believe this as for example if i create wireless hotspot on my mobile phone its good 2-3ms faster to ping gateway than on ax3600

there must be other reason

bitthief · April 16, 2021, 2:25am

Game over, we win.

Ladies and gentlemen, I present to you the first WireGuard benchmarks on AX3600..

root@OpenWrt:~# wg show
interface: wg0
  public key: kLwJWmOZLuCxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  private key: (hidden)
  listening port: 31337

peer: w4r/o6VImF7l0/De3Jpxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  endpoint: 193.32.2xx.xx:3xxx
  allowed ips: 0.0.0.0/0, ::/0
  latest handshake: 2 minutes, 37 seconds ago
  transfer: 603.68 MiB received, 789.64 MiB sent
root@OpenWrt:~# ifconfig wg0
wg0       Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.66.xx.xxx  P-t-P:10.66.xx.xxx  Mask:255.255.255.255
          inet6 addr: fc00:bbbb:bbbb:bbxx::3:xxxx/128 Scope:Global
          inet6 addr: fe80::a67:9xxx:7xxx:7xxx/64 Scope:Link
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1420  Metric:1
          RX packets:671983 errors:0 dropped:0 overruns:0 frame:0
          TX packets:761560 errors:0 dropped:2244 overruns:0 carrier:0
          collisions:0 txqueuelen:500 
          RX bytes:608520972 (580.3 MiB)  TX bytes:801218863 (764.1 MiB)

quarky · April 16, 2021, 3:36am

100mbps is kind of low for this SoC tho. For comparison, I could get more than 200mbps with WireGuard across two dual-core1GHz broadcom SoCs.

Gruntruck · April 16, 2021, 8:03am

We do not win anything until we can have full mainstream OpenWRT for the device with source code available. Hacks using a mystery Chinese binary blob is nice from benchmarking point of view but the whole point of OpenWRT is the "open" part

wackou · April 16, 2021, 11:12am

I agree with you.
But its huge step forward to maybe better understand what going on and the difference between the official firmware and a pure OpenWrt build.
An example like the NSS

dchard · April 17, 2021, 7:48am

What I noticed, is if you choose a FIG_TARGET_ALL QSDK, then the QCA-hyfí and NSS parts are missing (the build script alarms about them right at the beginning), although the relevant source files are there. But if I choose an "NHSS" named release, these missing elements are there during the build, but no kernel 5.4 yet. So I dont think this is a "proprietary" issue, more like they forget tot add it, or something like that.

MOD: this QSDK is as crap as it gets. Large pile of compile errors everywhere... No dependency list etc. If anyone thinks that it is really four commands to get it working, has no idea... Ironed out some of it, but there are still some cross compile erros here and there. Had enough of it for now.

elPulpo · April 19, 2021, 4:20pm

would you have any clues to adapt it, to make it work for ax1800.

krasny · April 19, 2021, 11:26pm

are u sure about the secure boot on ax9000? It seems to be a very nice piece of hardware, but if the bootloader is locked there is no hope of OpenWRT on it.

bmork · April 19, 2021, 11:39pm

Sorry to hijack this thread, but that one is definitely not Qualcomm proprietary. It's GPLv2 and developed despite Qualcomms efforts to make life hard for users of their hardware. I've never received any help from Qualcomm.

efsg · April 20, 2021, 4:26am

Don’t worry, MiCode will open these.

krasny · April 20, 2021, 5:41pm

can you please elaborate your answer or give a link to any documentation about it? I know about the bootloader unlock in xiaomi's mobile phones, but that is a much bigger market and potentially more users insterested in that. However, in the router market I don't think that Xiaomi will provide unlock codes if they decided lock the bootloader.

I searched about micode but I can only find a github repo with kernels, which I don't think that is the thing that you are refering to.

efsg · April 24, 2021, 6:59am

I was sloppy, the secure boot is off

dchard · April 25, 2021, 3:27pm

Tried today with AU_LINUX_QSDK_NHSS.QSDK.11.4.1.R1_TARGET_ALL.11.4.1.434.008, this one is at least not failing randomly at building curl, but it points to target files that does not exists at the locations the build script tries to download it from... Ridiculous.

dchard · April 26, 2021, 8:57pm

@efsg

What I would like to know is how can your "openwrt-ipq-ipq807x_64-xiaomi_ax3600-squashfs-nand-factory.bin" fit mtd13 while your file is 46 010 368 bytes, but mtd13 is only able to fit 37 486 592 bytes? Can you explain that to me?

McGiverGim · April 27, 2021, 10:16am

I don't know if this maybe has nothing to do with your question, but I've found a "description" of how this people has built the firmware here: https://hackmd.io/@tAQ3QkjhQp6sdU_ak2LXgQ/HJ678KU68#后记 (it's in Chinese but the Chrome translation works ok). In the postscript part they say that the nand flash is not being used totally by Xiaomi and they modify it to use all. Maybe at this moment they resize the mtd13?

I don't understand the major part of the process so maybe I'm wrong.

krasny · April 27, 2021, 4:17pm

great news then!

Thank you for the info. Let's hope that the IPQ807x gets supported soon in official OpenWRT.