What is this "packet steering" you speak of? I do not see it in the configuration screens on Luci....
(Never mind -- I found it under global network options -- it is not on, but I still find that without the Multicast-to-unicast switch on I have occasional issues, including lots of dropped/reconnect associations.)
8 posts were split to a new topic: Scheduled Tasks - difficulty with crontab
A post was merged into an existing topic: Scheduled Tasks - difficulty with crontab
Getting dual firmware / advanced reboot on the DL-WRX36 is awesome thanks for posting that (it's a feature I've loved over the years on my WRT32X). Performance and RAM is great, and price is oddly low for these specs. This would solidify this as one of the best WiFi 6 devices for OpenWrt.
I cloned openwrt from "git clone https://github.com/openwrt/openwrt.git". Then I selected dl-wrx36, and build the image. After that, I used tftpboot to download "openwrt-qualcommax-ipq807x-dynalink_dl-wrx36-initramfs-uImage.itb" into dl-wrx36 router. Then ran "bootm" to startup the kernel. AFter kernel boot finished, the br-lan and wan are all fine. But the wifi interface did not come up (I used ifconfig to check it). Can someone tell me how to bring up wifi interface? Do I have to flash the "openwrt-qualcommax-ipq807x-dynalink_dl-wrx36-squashfs-factory.ubi" in the flash memory. Then boot up, and update /etc/config/wireless to enable the wifi devices?
Yes, the initramfs image is just a middle step in the flashing process. Read all steps from the device wiki.
You need to download and flash the factory image, and also modify the uboot bootcmd
@hnyman, thanks for your reply. After I posted my question, I played with the dl-wrx36 router. I still tftpboot the "openwrt-qualcommax-ipq807x-dynalink_dl-wrx36-initramfs-uImage.itb" into dl-wrx36 router. After reboot finished, I edited the /etc/config/wireless for two things: (1) remove option disabled '1'; (2) changed ssid to something easy to recognize. Then I issued "wifi down", followed by "wifi up". That is it. The ifconfig shows phy0-ap0 and phy1-ap0. With my cell phone I can see the private ssid and I can connect to them. Of course this way of using initramfs will not keep the edited wireless configuration file. It would be better to burn factory.ubi into flash memory.
Does usb device work on dl-wrx36's openwrt build?
dear friends, could you please share your experience on the maximum download speeds that you got when using VPN. OpenVPN protocol or wireguard. Stock and openwrt. Thanks a lot. (i have got 100-120 max on stock firmware OPENVPN (nordVPN, mullvad, protonvpn) with default 500Mbit connection). Is it maximum for our 2.2Ghz processor? I didnt flash openwrt yet.
It's been posted in this thread already, at least for Openwrt.
As for stock, you own one, you post it.
There is not one "OpenVPN speed". The speed highly depends on the encryption algorithm you are going to use. The classic one, AES, is a block chiffre and better for hardware implementations. If you going to use CHACHA20-POLY1305 for OpenVPN (that's a stream Chiffre and the one also used by WireGuard) you usually get much better results if the encryption is done in software. It brings my OpenVPN performance quite close to the WireGuard performance.
I am not sure about that as OpenVPN only uses a single thread and WireGuard is multithreaded and WireGuard runs in kernel space.
My R7800 does about 85 Mb/s running OpenVPN (and using CHACHA20) and about 270 Mb/s running WireGuard.
Note there is no hardware acceleration in play here (the R7800 does not have that, routers with hardware acceleration can have AES acceleration so can accelerate the AES ciphers but not CHACHA20) .
In my testing there is very little speed difference between AES and CHACHA20 ciphers as the relatively slow performance of OpenVPN is caused by the single thread constantly switching between user and kernel space.
That is why OpenVPN has been frantically working on DCO which is available in OpenVPN 2.6 but I am not talking about that.
I have not seen throughput testing with OpenWRT and OpenVPN using DCO (not even sure DCO is activated in OpenWRT) DCO should speed up OpenVPN considerably
I have not continued the effort of dual and failsafe boot as I've been busy with some other things.
I now wonder whether the additional complexity introduced (which means more room for bugs as well) is worth it?
At that time, there were a couple of things that were pending and I think should be addressed to have a robust implementation.
1: When doing a sysupgrade, or bootenv initialization, boot slot being flashed should be checked to be compatible with OpenWrt.
OEM firmware has UBI volumes that are not compatible with the ones from OpenWrt.
If OEM UBI volumes are found, you could either refuse to flash or attempt to format the UBI (ubiformat can be used, but you would need to detach it first and find the proper one).
This could be implemented as part of platform_check_image(), or platform_do_upgrade().
I think I tried once of flashing a OpenWrt on top of OEM UBI volumes and it didn't boot properly.
For reference, here is a comparison between UBI volumes (on my device):
UBI vol | OEM | OpenWrt
0 | kernel (4.0 MiB) | kernel (4.7 MiB)
1 | ubi_rootfs (33.5 MiB) | rootfs (8.7 MiB)
2 | rootfs_data (51.1 MiB) | rootfs_data (75.1 MiB)
2: Be robust (or try to detect) OEM boot slot change.
OEM boot slot defines how the offsets and names of mtd partitions are observed by u-boot and OpenWrt.
Current logic to detect OEM boot slot relies on offset of mtd18 and is only done once when initializing uboot env.
OpenWrt relies on this detection to define an appropriated value for mtdparts u-boot variable, and the "OpenWrt slot".
When booting, kernel partition is taken from mtdparts (fs or fs_1), and UBI (for rootfs) from mtd partition (rootfs or rootfs_1, as observed by kernel).
This works fine as long as OEM boot slot does not change.
However, OEM boot slot can be changed by writing to BOOTCONFIG mtd partition (or maybe by trying to restore OEM firmware).
If this changes, u-boot variable mtdparts no longer represents correct partitions and it might boot a kernel and rootfs that no longer match.
I'm not sure how to fix this, or if it can be ignored hoping that never occurs.
I can only tell you what my experience is but I used GL.iNet devices (and also one TP-Link device) for my testing. If you have different results on the DL-WRX36, I would be interested to see the actual numbers.
DL-WRX36 WireGuard iperf3 throughput, router lightly used measured between PC on the WAN side and PC on the LAN side:
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-10.00 sec 919 MBytes 771 Mbits/sec sender
[ 4] 0.00-10.00 sec 919 MBytes 771 Mbits/sec receiver
iperf Done.
OpenVPN CHACHA20
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-10.00 sec 252 MBytes 211 Mbits/sec sender
[ 4] 0.00-10.00 sec 252 MBytes 211 Mbits/sec receiver
OpenVPN AES-256-GCM
[ ID] Interval Transfer Bandwidth
[ 4] 0.00-10.00 sec 267 MBytes 224 Mbits/sec sender
[ 4] 0.00-10.00 sec 267 MBytes 224 Mbits/sec receiver
Note this is 23.05 with OpenVPN 2.5.8 on the router, so no DCO
Again tested with iperf3 between client PC on the WAN side and Client PC on the LAN side.
Client PC uses OpenVPN 2.6.2 with wintun driver
Thanks, that's actually a big differences and very different from the results I got during my tests with the GL.iNet devices. I'm currently on vacation but I will get my DL-WRX36 when I am back. After setting it up I will run some WireGuard / OpenVPN comparison tests between the DL-WRX36, the WAX206 and the GL.iNet Brume 2 and post the results.
Thanks for taking the time to reply, I appricate it.
A. We can remove a lot of complexity by cutting the recovery logic, and try to boot initramfs image from usb every boot (as recovery), and if usb boot fails, try to boot the active partition.
B. About the issue with the OEM Firmware on the alternative partition, we have three options here:
Flat out refuse the sysupgrade with some details and in the wiki add a small peragraph about this. (Refuse)
Locate mtd/ubi, detach if required, format mtd and then sysupgrade. (Force)
Leave it as is, with (from your experience) a silent fail, which will require usb boot recovery. (Ignore)
I'm leaning towards option 3 (Ignore), as the initial instructions in the wiki detail the formatting of both mtd18 and mtd20 with the factory image, and if an advanced user wants to go off-book they would/should probably be able to sort it out. We can add a note in the wiki detaling why it is important to flash both mtd18 and mtd20.
C. About the issue with the OEM boot slot changing.
I can't think of a simple way to counter this in a uboot script / within openwrt.
Again, I'm leaning towards ignoring this, with the same reasoning as above (advanced user).
Once we settle on the above, we should allign the wiki to the above (to allow dual boot out after initil install), or as an alternative, mention in the wiki that after the first sysupgrade the bootenvs will change, and that dual boot won't work until the first sysupgrade.
We can also have some advanced recovery info to the wiki, to deal with issues resulting from B/C, as in:
Use serial to get to uboot command prompt.
'env default -a' to reset the uboot envs to default.
'saveenv' to save the default uboot envs.
Redo the initial install (as if coming from stock).
I'm happy to work on A, but we need decisions about B and C.
Would be nice to see it for a comparison.
But as said some routers have hardware crypto acceleration for AES (I think the DL-WRX36 is capable of that but I do not have it implemented as Wireguard is faster and easier).
The newest OpenVPN will have DCO which is the kernel module for OpenVPN which should improve speed quite a bit might test a snapshot build and enable DCO later if I can find the time.
The speed tests are in line with other routers I have, WireGuard is usually three times faster than OpenVPN (again no hardware acceleration)
thank you very much friends for your answers regarding openvpn. The reason for my post was my direct comparison of the WRX36 and Asus RT-AX59U (both on stock firmware) with the same OVPN settings file and the same external server being tested. And for me it was a pleasant surprise asus openvpn speed 220...250Mbps. Although the asus's processor is 2Ghz. I don't have Asus anymore.