Then why does my CPU usage go down with software offload when SQM is enabled? Is it disabling SQM behind the scenes?
Are you using QoS with the stock firmware? Otherwise it sounds like that your cable modem is doing some sort of QoS/Prioritization or your ISP behind the scenes...
I'm going to give SQM+Software Flow Offloading a try and I'll report if I encounter any issues. SQM is kinda CPU intensive so it would be quite nice to save a little bit CPU usage while SQM is active. ~15% does sound pretty good imho!
Absolutely no issue. Will be more than happy to make this change :).
It's not my cable modem, I use a pretty common SB6183. For years I used an R7000 router and it never got over B+ bufferbloat with the same modem and same internet. I got the WRT32X (off Amazon renewed for $100) 1-2 years ago and it's been A+ Bufferbloat and Quality ratings with the Linksys OEM firmware. Their firmware hasn't been updated in 2 years but it's still decent and based off of OpenWrt anyway. Now also getting more than my rated ISP speed and A+ on OpenWrt with SQM and software offloading enabled. Can't speak to what is happening behind the scenes other than that. A+/A+ should be expected these days though with these routers.
Just updated to davidc502 from 19.07.1 on wrt32x runs flawless.. as a AP wifi is working well with offloading + sqm thnks for all your hard work. 19.07.1 is not that far back One thing I did like is all of your basic pkgs are right out of the box . I went to facory. then I restored a backup of 19.07.1 work like a charm.
Just noticed yesterday that my VOIP handset was no longer registering with Sipgate. It's a Siemens N510 Pro and was showing "registration failed" in the web UI for the basestation. This behaviour has only manifested since recently updating my WRT32X to build r12235. Previously i had been on r10307 since June last year, so a big jump, I know...
I did a little tcpdump'ing (VOIP telephony is my day job, lucky me!) and saw REGISTER requests going out but nothing coming back in. Previously I had no port forwards for this device configured and everything worked fine. I set up SIP and RTP port forwards to my basestation as per the Sipgate FAQs and everything is working fine again now.
So, no help required or problem, just posting this in case anyone else runs into a similar issue as something has obviously changed.
EDIT Spoiler: it was Software Flow Offloading. I've now disabled it and the VOIP service is registering without and SIP port forwards.
There is a lets encrypt issue that could affect 3 million sites this afternoon and was due to a bug.
There is a tool to see if a site is affected, and fortunately the dc502wrt.org is not. - "The certificate currently available on dc502wrt.org is OK. It is not one of the certificates affected by the Let's Encrypt CAA rechecking problem."
I found the solution ..for who is interested
Thanks for your report!
I'm using a dedicated voip device in my network and never had problems with my SIP regs but your report coulp help if I run into problems after upgrading to the latest firmware (I'm still on r11829).
Btw, I'm using the following option on my voip device: Keep port forwarding of the Internet router active for telephony (every 30 seconds)
Maybe thats why I never ran into any problems with voip...?
edit: Just upgraded to the latest build and my numbers on my voip device are still working fine without the need of any manual port forwarding.
Everything else is also working fine (port forwarding, wireless, SQM, aso)!
I'm considering upgrading to r12394, for the sake of offloading and SQM - but please can someone explain (in one sentence) if/why I should enable both for a better WiFi experience?
Also, I rely on port forwarding for my servers and I read that there's an ongoing issue with that in r12394. Is everyone affected?
Yes upgrade, and yes enable software flow offloading (hardware offloading is not supported) and SQM. Just know this will have no impact on WiFi as the open source driver mwlwifi is abandoned. As a result there has been no WiFi improvement for our devices for over a year other than a firmware update for WRT3200ACM / WRT32X which didn't really do anything. Not sure about the port forwarding issue.
Issues with port forwarding seems to be (wan) setup related. No issues here @pppoe....
SQM with software flow offloading also seems to work fine but maybe there are some issues which I haven't encounterd yet. I'm using Layer_cake @diffserv4 + some DSCP tags for the egress.
New (Potential) user here for wrt3200acm, currently using dd-wrt r.42410, I would like to know before I switch (as I have heard great things about openwrt and Davidc builds), Can I have a few questions answered? Assuming yes:
- As I work from my home office and use cisco anyconnect to connect via VPN passthru, as I have read, is that this is possible via installing the kmod-nf-nathelper-extra package (which seems to be included in Davidc builds). True? Any config I would need to do?
- Firewall rules: I understand that basic 'out of box' zones are pretty good (e.g. wan to lan ports should be blocked/closed). Is this true? Are thee any shared FW rules to prevent DOS/Brute force?
a.I see that the latest marvel drivers are included. I assume these are the FW blobs and not the proprietary linksys drivers?
b. Has anyone seen any performance differences vs dd-wrt ?
c. Are there any recommended wifi settings published for wrt3200acm? e.g. 2,4: 20 vs 40, cts/rts protection
d. Beamforming function/work?
- Can assume I can run CRON startup scripts to schedule reboots? Or is there an option built into luci?
- Final q (thx for your patience): Is it safer to install from stock? re. I am running ddwrt on partition 2 so I would change to partition 1 and effectively replace ddwrt.
Same here. I'd love to see WireGuard included in these builds. As soon as @davidc502 is ready to include them, I'd be happy to help test.
Welcome to the community @steve2088
- The package should not be needed, but you can always install it later if you find out differently. It is an available package.
- For DOS and DDOS, you can't stop it with ANY software because if someone decides to stuff the pipe, you are finished regardless if this option is checked or not. What this might have implied at one time was the half-open syn attack, and the kernel we are on now should have built in protection against it anyway. As for brute force, that's going to depend on if you leave SSH/HTTPS open to the internet. If locked down the Brute force isn't an issue anyway.
3a. Eh, it's an ugly answer between yes and no, but really I'm not the best person to answer this question by far.
3b. This answer will vary from person to person. Test for yourself to see what is best for you.
3c. Wifi is generally stable on both radio's, and will generally give decent performance. At this time I don't recommend 160mhz width on 5Ghz, but feel free to test. DD-WRT may have a 3rd radio as an option on the 3200acm. This is not supported on this build.
3d. Beamforming? Snake-Oil and MU-MIMO also another form of Snake-Oil. But yes, beamforming is a part of a 802.11ac standard, and it works on the 3200acm.
. Yes and Yes
. Good question here. When installing from DD-WRT, use the .img, and do not save any settings. OpenWrt should automatically be installed on the other partition fresh with no saved configurations from DD-WRT. You should be able to boot back to DD-WRT if you want and vice versa.
Im having a strange issue where dnscrypt seems to be working but every time i upgrade it takes a while before i get an "A" https://cmdns.dev.dns-oarc.net/ when testing. I always start off with a C and "Invalid DNSSEC Signature". Even testing ESNI doesnt seem to be working right when i test it here https://www.cloudflare.com/ssl/encrypted-sni/ (though every other test shows up encrypted).
There are no dnsleaks: https://dnsleaktest.com/results.html. Only 1 server is found.
I am using cloudflare. tried google and cloudflare-ipv6 and get different results. anyone else have any issues after an upgrade? running on the latest version
root@wrt32x:~# dnscrypt-proxy -config /etc/dnscrypt-proxy2/dnscrypt-proxy.toml -list [2020-03-06 15:46:27] [NOTICE] dnscrypt-proxy 2.0.39 [2020-03-06 15:46:27] [NOTICE] Network connectivity detected [2020-03-06 15:46:27] [NOTICE] Source [public-resolvers] loaded [2020-03-06 15:46:27] [NOTICE] Source [relays] loaded cloudflare
Thank you for your releases, are great because it makes easy for everybody to get the best of our routers.
It's been a while since i have asked in this forum for some help to fix problems with latest releases with no avail. I just installed your latest release and things doesn't seem to get better, at least in my case, because on guest network it still been shown as dissasociated:
uPNP still not working on our gaming consoles (XBox One, shows as moderated NAT), and port forwarding seems to be failing too.
This problems was not on very older releases, so i don't know why happens now. Please tell me how can I fix this
I really want to use the latest release at least for dnscrypt2 and Software flow offloading, and so on...
Can you describe your wan setup? Have you tried to start from the scratch with a default config?
Since yesteday I'm running the latest build and everything is working absolutely fine on my end (Guest-Wifi, upnp@ps4, port forwarding, dnscrypt, aso).
I do have a feeling that the non-working port forwarding and upnp is somehow related to your wan-setup. In my case I'm on using pppoe (VDSL@bridged modem) and I never had any issues with upnp and port forwarding in any of davidc's builds.
I did had some problems with a couple firewall traffic rules (added via luci) a couple of builds ago but once I manually fixed them everything started to work again...
How did you fix them rules in the end.
I´m assuming that the problem is with latest releases (I have tested with latest 3), because when use older version (In my case r7360) I have not any problem, i only happens when upgrading.
I have started from scratch (Last night was my latest try) and nothing changes. So that is why always go back to r7360.