@stangri -
same message as prior build:
Advanced Reboot
Warning: This system does not have two partitions!
@stangri -
same message as prior build:
Advanced Reboot
Warning: This system does not have two partitions!
This text is not even a part of the newer build.
Are you sure you're getting this with the latest build from my repo?
latest build git-18.163.61042-b5a43cf-30b5 is working on latest Davidc502 on the wrt32x ,display text is this:
1 Alternative Unknown/Compressed Reboot to Alternative Partiion....
2 Current Unknown/Compressed Reboot to Current Partition
@stangri -
thank you for persisting. it works!
even though i removed the prior package, updated sources, and reinstalled your latest, i had to reboot the router to get your verssion working.
currently-installed version: https://github.com/stangri/openwrt-repo/blob/master/luci-app-advanced-reboot_git-18.184.32851-8ca29ef-31_all.ipk
this is the result now:
Advanced Reboot
Linksys WRT32X Partitions
Partition Status Firmware/OS (Kernel) Action
1 Current Unknown/Compressed
2 Alternative Unknown/Compressed
is there something i should have done short of rebooting to get your module working?
thank you!
I've read a lot on here and other forums and there seems to be some confusion, it seems early on the WRT32x would not load the image via the GUI, which at first was using the acm version as the hardware is similar.
Can I ask if the latest Davidc502 factory image loads fine through the linksys webGUI or do we have to still do it via the serial TTL ? i.e. can i just load it on a new WRT32x through the GUI ?
EDIT: looks like it was solved, found this thread: linksys-install
Dear bhlc,
I had noticed the same problem you mention - i.e. - but I still see request from network clients connecting to google DNS.
See my guides here ( for better legibility / readability ): https://torguard.net/forums/index.php?/topic/1374-adding-dns-over-tls-support-to-openwrt-lede-with-unbound/ and on this Lede Forum here: Adding DNS-Over-TLS support to OpenWrt (LEDE) with Unbound
From my guide / tutorial - the fix is here ( near the bottom )
Parallel DNSMASQ /etc/config/dhcp
After Some Reflection and Observations - Fine Tuning Your DNS Resolver
After reading System Logs I realized that there is a need to amend DNSMASQ ( DHCP ) after implementing option noresolv β1β in /etc/config/dhcp configuration file. This dawned on me from my years of running DNSCRYPT Proxy on OpenWrt. I referred to this guide:
Go to this section near bottom of page.
Use specific DNS server to lookup one or more host names
https://www.leowkahman.com/2016/05/23/openwrt-encrypted-dns-lookup-using-multiple-dnscrypt-servers/
option noresolv β1β is to prevent using any upstream DNS server other than those specified in this file # this file being: /etc/config/dhcp
Solution is as follows add these four lines to /etc/config/dhcp:
nano /etc/config/dhcp - enter these lines before / option domain βyourdomainβ
list server '127.0.0.1#5453' # Stubby/Unbound Default Address/Port
list server '/pool.ntp.org/84.200.69.80' # DNS WATCH SECURE
option noresolv β1β # Make sure to change this as indicated
option allservers '1'
After you complete all the steps in this tutorial and restart your Router Check Status > System Log - You will find an entry like the one below:
daemon.info dnsmasq[8532]: using nameserver 127.0.0.1#5453 - which indicates that your OpenWrt Router is using Unbound and Stubby for Encrypted DNS Resolution
I suggest that you read one of the tutorials at the links on the top of my reply.
Peace and God Bless,
directnupe
Dear slim0287,
Take a look at the following guides: https://torguard.net/forums/index.php?/topic/1374-adding-dns-over-tls-support-to-openwrt-lede-with-unbound/
It is for DNS OVER TLS - This method combines Unbound (as a caching proxy) and Stubby (as fully featured TLS forwarder).
I run GETDNS and STUBBY with Unbound DNS and Dnsmasq for DHCP. You also can leave out GETDNS and STUBBY see here: https://blog.grobox.de/2018/what-is-dns-privacy-and-how-to-set-it-up-for-openwrt/
Just follow this : Proper Setup For New Native Unbound DNS-Over-TLS Feature Starting With UNBOUND 1.7.1
Peace and God Bless,
directnupe
Hey @directnupe thank you for mentioning this, I appreciate when people take the time to document these types of guides for others.
I have one small comment I wanted to share after reviewing your linked tutorial, or maybe more of a clarification. Where it says:
# more outgoing connections
# depends on number of cores: 1024/cores - 50
outgoing-range: 8192
Since WRT1900ACS and 3200ACM are dual core, wouldn't this value be 1024/2 - 50 = 512 - 50 = 468?
Directnupe,
Wow! Great links. Now you left me with a choice, however. The GETDNS/STUBBY route or the no-GETDNS/STUBBY route. With my luck so far with ubound, I'm almost guarenteed to make thew wrong choice! (Heh, my first time installing unbound, the process crashed)
Slim
Dear bhlc,
Thanks for the question. I changed the guide to reflect the answer to your question. You should optimize UNBOUND see here: https://www.unbound.net/documentation/howto_optimise.html
At the bottom of the page - go to this section:
Using Libevent
Libevent is a BSD licensed cross platform wrapper around platform specific event notification system calls.
Unbound can use it to efficiently use more than 1024 file descriptors.
Install libevent (and libevent-devel, if it exists) with your favorite package manager. Before compiling unbound run ./configure --with-libevent.
Now you can give any number you like for outgoing-range. Also increase the num-queries-per-thread value.
# with libevent
outgoing-range: 8192
num-queries-per-thread: 4096
Libevent comes pre-installed on Davidc502 LEDE Snapshots ( which I use ). There is a package for libevent in OpenWrt / Lede repos. Actually the current package on Dave's Builds is - libevent2 2.0.22-1. I do not know if libevent2 is downloaded and installed when installing UNBOUND as per tutorial as one of its' dependencies or if Dave installs libevent2 since his builds are moderately Customized LEDE Development Builds. I would install libevent2 before installing UNBOUND and all the other UNBOUND packages listed in the tutorial.
You can install libevent2 by issuing the following commands by way of SSH:
opkg update and then opkg install libevent2
Then you can increase outgoing range and number of threads as per instructions listed above.
Peace and God Bless,
directnupe
Dear slim0287,
If you are comfortable with the use of shell commands I would strongly suggest that you go with DNS OVER TLS using GETDNS and STUBBY with Unbound DNS and Dnsmasq for DHCP. Between the two places that I put up this method there are over four thousand folks who have given it a go and had excellent results. The tutorial is well documented and laid out step by step. Lastly, it is more secure and GUARANTEED to work - just take your time and you will definitely be able to get UNBOUND working. Also, IMHO it is the more secure ( most secure ) method as I describe in the tutorial.
Let me know how it works out. I will assist you should you need any help in order to get this up and running.
Peace and God Bless,
directnupe
directnupe,
I'm definitely comfortable with shell commands as many years ago I was a developer on Unix boxes. So I will give it ago over the course of the next few days and thank you for the advice.
Cheers,
Slim
Not really, I don't know why Luci cache wasn't automatically deleted on new luci app install.
I'll send a PR for build 31 to an official repo.
Is there any way to test the latest wifi commits with an older build (r7093) ??
I'm having serious problems with my Wifi performance and the WRT3200acm...
Most of the time Wifi performance is very bad (2,4+5Ghz) and speed is dropping to down to 20-40Mbps even when i'm only 1m away from the AP. I'm using Iperf3 for testing...
I'm wondering if my Wifi unit is defective !?
C:\Users\Admin\iperf-3.1.3-win64>iperf3.exe -c 192.168.1.155 -t 60s
Connecting to host 192.168.1.155, port 5201
[ 4] local 192.168.1.199 port 60232 connected to 192.168.1.155 port 5201
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-1.00 sec 28.4 MBytes 238 Mbits/sec
[ 4] 1.00-2.00 sec 17.9 MBytes 150 Mbits/sec
[ 4] 2.00-3.00 sec 19.2 MBytes 162 Mbits/sec
[ 4] 3.00-4.00 sec 26.0 MBytes 218 Mbits/sec
[ 4] 4.00-5.00 sec 34.5 MBytes 289 Mbits/sec
[ 4] 5.00-6.00 sec 7.50 MBytes 63.0 Mbits/sec
[ 4] 6.00-7.00 sec 3.50 MBytes 29.4 Mbits/sec
[ 4] 7.00-8.00 sec 3.50 MBytes 29.3 Mbits/sec
[ 4] 8.00-9.00 sec 13.9 MBytes 116 Mbits/sec
[ 4] 9.00-10.00 sec 31.0 MBytes 260 Mbits/sec
[ 4] 10.00-11.00 sec 34.5 MBytes 289 Mbits/sec
[ 4] 11.00-12.00 sec 20.5 MBytes 172 Mbits/sec
[ 4] 12.00-13.00 sec 22.6 MBytes 190 Mbits/sec
[ 4] 13.00-14.00 sec 17.1 MBytes 144 Mbits/sec
[ 4] 14.00-15.00 sec 3.50 MBytes 29.4 Mbits/sec
[ 4] 15.00-16.00 sec 3.38 MBytes 28.3 Mbits/sec
[ 4] 16.00-17.00 sec 9.25 MBytes 77.7 Mbits/sec
[ 4] 17.00-18.00 sec 21.4 MBytes 179 Mbits/sec
[ 4] 18.00-19.00 sec 23.9 MBytes 200 Mbits/sec
[ 4] 19.00-20.00 sec 23.6 MBytes 198 Mbits/sec
[ 4] 20.00-21.00 sec 23.0 MBytes 193 Mbits/sec
[ 4] 21.00-22.00 sec 32.2 MBytes 270 Mbits/sec
[ 4] 22.00-23.00 sec 5.38 MBytes 45.1 Mbits/sec
[ 4] 23.00-24.00 sec 3.88 MBytes 32.5 Mbits/sec
[ 4] 24.00-25.00 sec 3.50 MBytes 29.4 Mbits/sec
[ 4] 25.00-26.00 sec 23.2 MBytes 195 Mbits/sec
[ 4] 26.00-27.00 sec 25.6 MBytes 215 Mbits/sec
[ 4] 27.00-28.00 sec 24.9 MBytes 209 Mbits/sec
[ 4] 28.00-29.00 sec 28.8 MBytes 241 Mbits/sec
[ 4] 29.00-30.00 sec 26.9 MBytes 226 Mbits/sec
[ 4] 30.00-31.00 sec 11.8 MBytes 98.5 Mbits/sec
[ 4] 31.00-32.00 sec 3.25 MBytes 27.3 Mbits/sec
[ 4] 32.00-33.00 sec 4.00 MBytes 33.5 Mbits/sec
[ 4] 33.00-34.00 sec 2.75 MBytes 23.1 Mbits/sec
[ 4] 34.00-35.00 sec 17.8 MBytes 149 Mbits/sec
[ 4] 35.00-36.00 sec 23.6 MBytes 198 Mbits/sec
[ 4] 36.00-37.00 sec 28.9 MBytes 242 Mbits/sec
[ 4] 37.00-38.00 sec 18.1 MBytes 152 Mbits/sec
[ 4] 38.00-39.00 sec 14.4 MBytes 121 Mbits/sec
[ 4] 39.00-40.00 sec 3.75 MBytes 31.4 Mbits/sec
[ 4] 40.00-41.00 sec 5.00 MBytes 42.0 Mbits/sec
[ 4] 41.00-42.00 sec 8.00 MBytes 67.1 Mbits/sec
[ 4] 42.00-43.00 sec 23.9 MBytes 200 Mbits/sec
[ 4] 43.00-44.00 sec 23.6 MBytes 198 Mbits/sec
[ 4] 44.00-45.00 sec 23.2 MBytes 195 Mbits/sec
[ 4] 45.00-46.00 sec 16.6 MBytes 139 Mbits/sec
[ 4] 46.00-47.00 sec 19.5 MBytes 164 Mbits/sec
[ 4] 47.00-48.00 sec 3.25 MBytes 27.3 Mbits/sec
[ 4] 48.00-49.00 sec 5.00 MBytes 41.9 Mbits/sec
[ 4] 49.00-50.00 sec 4.00 MBytes 33.5 Mbits/sec
[ 4] 50.00-51.00 sec 24.6 MBytes 207 Mbits/sec
[ 4] 51.00-52.00 sec 25.5 MBytes 214 Mbits/sec
[ 4] 52.00-53.00 sec 24.2 MBytes 204 Mbits/sec
[ 4] 53.00-54.00 sec 26.2 MBytes 220 Mbits/sec
[ 4] 54.00-55.00 sec 25.8 MBytes 216 Mbits/sec
[ 4] 55.00-56.00 sec 9.12 MBytes 76.5 Mbits/sec
[ 4] 56.00-57.00 sec 3.88 MBytes 32.5 Mbits/sec
[ 4] 57.00-58.00 sec 3.25 MBytes 27.3 Mbits/sec
[ 4] 58.00-59.00 sec 14.9 MBytes 125 Mbits/sec
[ 4] 59.00-60.00 sec 19.2 MBytes 161 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-60.00 sec 1000 MBytes 140 Mbits/sec sender
[ 4] 0.00-60.00 sec 1000 MBytes 140 Mbits/sec receiver
iperf Done.
Directnupe,
Thanks for the well-written guide. I went ahead and switched to unbound with GETDNS and STUBBY with all 9 of your listed steps, including the bonus set of watchcat at the end. It seems to have gone very smoothly!
Slim
I would just like to drop this current fact about DNS-Over-TLS.
It leaks hostnames in plaintext.
So if that is a concern for you, you should look at alternatives.
Dear antonsamoziv
Does running a VPN which is properly configured help with eliminating SNI leakage in plain test? Thanks for this caveat though. Also, can you suggest alternatives which fix the SNI issue?
FYI:
From DNSPRIVACY WEBSITE - DNS Privacy - The Problem
Created by Sara Dickinson, last modified on May 10, 2018
SNI
Unfortunately the Server Name Indicator header in HTTPS messages also reveals the name of the website contacted by the user.
As such this provides a similar leakage channel for web traffic as do DNS queries.
However there is work underway to try to encrypt that information too.
Peace,
directnupe
Dear slim0287,
Hello and I am glad to hear that you were able to get this up and running. Peace and
God Bless,
directnupe
@davidc502 I've tested r7360 and wasn't able to add any new vlan under the switch config, even with the bootstrap theme it wasn't possible...
So i reverted back to r7210 and it's working fine again.
Does the vlan config at the GUI work for anyone ?
It is the first I've heard, but will take a look at it tonight when I get home.
Anyone else having vlan issues with r7360?