Ipq806x NSS build (Netgear R7800 / TP-Link C2600 / Linksys EA8500)

I tried to make a build for EA8500 and every time failed, it said my uImage is too big.
In diffconfig, I've tried to delete almost all addons but do no work, still "too big".

Then I looked up for target/linux/ipq806x/image/generic.mk and found

define Device/linksys_ea8500
	$(call Device/LegacyImage)
	DEVICE_VENDOR := Linksys
	DEVICE_MODEL := EA8500
	SOC := qcom-ipq8064
	PAGESIZE := 2048
	BLOCKSIZE := 128k
	KERNEL_SIZE := 3072k

Then I changed the KERNEL_SIZE to 3200k and build success

Will this brick my router? Or should I just proceed?
I don't think the partition table allows me to change, but how could I shrink the kernel size then?

I think it's fixed in master tho' but this build isn't updated yet.

1 Like

It's working for me so it certainly looks like it's fixed in master now. There were a couple of extra fixes earlier this week, so for now, anything from the 9th onwards should be good for a basic fw4 setup, although obviously there are a lot of other packages that need to be updated still...

Speaking of which, I can see the SQM script nss.qos uses iptables to MARK packets but I can't see anything that actually makes use of them, unless nssfq_codel uses them internally?

I have no such script... wonder where you got it from?
Can you run opkg whatprovides nss.qos

Yep. With the current master build I did a opkg upgrade firewall4 and now it's working.

It's part of a fork of the sqm-scripts package that I think kong created, followed the instructions here pulls the code from the fork in to the build

The basics are as per the example given in the nss-ifb readme (package/qca/nss-ifb/README.md in the source tree)

You can get that script from this GitHub repo[1]. See my post from some weeks ago for some config instructions.

[1]: Apparently the sqm-scripts development for NSS-based SQM takes place in the ipq806x_nss branch of the ricsc/sqm-scripts GitHub repository and not the tohojo/sqm-scripts GitHub repository which OpenWrt's official sqm-scripts package is built from.

Mmh, wonder if they actually work as intended.
On top of this thread there's a far simpler example.

I guess it depends on the intent...

It certainly works as well as the simple script, but the extra bits don't work, so those iptables rules really aren't doing anything

1 Like

now after 9 days the 5ghz wifi network has dropped, it has been left without internet access. I have only restarted the wifi 5ghz and everything ok again.

For what it's worth to those perhaps having glitches with the current build that's posted - Firewall4 has been updated since this build has been posted. May be worth rebuilding / updating to see if it resolves any issues you may be having.

1 Like

Does the nss fq_codel work with pppoe?

If I use eth0 I get only one flow in "tc -s qdisc" and it also behaves, as if I only have one flow (one udp stream nukes everthing). If I try pppoe-wan as device the R7800 hangs and reboots after some time. There is no error message, the tc command hangs only and can not be canceld (even kill -9 does not work). I use the 21.02 qsdk11 build (self compiled). The acceleration for nat and pppoe works. Also the limiter works, but it is only one stream.

It does on my R7800:

qdisc nsstbl 1: dev eth0 root refcnt 2 buffer/maxburst 53125b rate 425Mbit mtu 1514b accel_mode 0 
 Sent 32000055682 bytes 82969325 pkt (dropped 22896, overlimits 156315 requeues 0) 
 backlog 0b 0p requeues 0
qdisc nssfq_codel 10: dev eth0 parent 1: target 5ms limit 1001p interval 100ms flows 1024 quantum 1514 set_default accel_mode 0 
 Sent 32000055682 bytes 82969325 pkt (dropped 22896, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
 maxpacket 1518 drop_overlimit 22886 new_flow_count 38418438 ecn_mark 0
 new_flows_len 0 old_flows_len 0
---snip---
qdisc nsstbl 1: dev nssifb root refcnt 2 buffer/maxburst 53125b rate 425Mbit mtu 1514b accel_mode 0 
 Sent 426105870465 bytes 324232153 pkt (dropped 4164, overlimits 2935133 requeues 0) 
 backlog 0b 0p requeues 0
qdisc nssfq_codel 10: dev nssifb parent 1: target 5ms limit 1001p interval 100ms flows 1024 quantum 1514 set_default accel_mode 0 
 Sent 426105870465 bytes 324232153 pkt (dropped 4164, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
 maxpacket 1518 drop_overlimit 3042 new_flow_count 100375267 ecn_mark 0
 new_flows_len 0 old_flows_len 0
---snip---
root@OpenWrt:~# cat /etc/config/sqm

config queue 'eth1'
	option debug_logging '1'
	option verbosity '8'
	option linklayer 'ethernet'
	option script 'nss.qos'
	option qdisc 'fq_codel'
	option enabled '1'
	option interface 'pppoe-wan'
	option download '425000'
	option upload '425000'
	option overhead '50'
	option qdisc_advanced '1'
	option squash_dscp '1'
	option squash_ingress '1'
	option ingress_ecn 'ECN'
	option egress_ecn 'ECN'
	option linklayer_advanced '1'
	option tcMTU '2047'
	option tcTSIZE '128'
	option tcMPU '0'
	option linklayer_adaptation_mechanism 'default'

I hardly get A-ratings sadly, mostly B, sometimes even a C-rating on waveform's buffer bloat test. DSL-reports seems happy with bloat on download, but upload not at all, way too much bloat. I have a symmetric 500/500Mbps fiber connection. If someone has tips, ideas to improve my configuration I'd be happy to hear them. My fiber is terminated and available on a NTU. My R7800 is connected directly to that NTU and sets up a PPPoE connection.

I honestly don't really know how to tune nss fq_codel to get better scores. I grab configs from the Internet that seem to match my set up but I hardly notice any difference in measurements from waveform or DSL-reports.

I get A on waveform and A+ on dslreports without any shaping...

Sounds like an excellent ISP. I might try without SQM.

The problem is, that old_flows_len never goes above 1, regardless the number of parallel tcp down/upload sessions. If I do a iperf with udp, normal ping times go up to several seconds. With normal openwrt without nss the old_flows_len goes above 1, sometimes 8. And there the fq_codel is working.

It seems reasonable, that is not working, because on eth0 only is the one pppoe-session. And for the pppoe-wan interface I cannot setup the qdiscs, as it freezes.

The R7800 is running like a champ now... 4 days of uptime... (waiting for the reboot to happen any time now tho')
What did I change? Nothing really, I updated so I got the newer fw4 and ucode stuff and made sure scaling_min_freq is 800000
br-lan is still set to promisc mode for the hairpin rules to work...

2 Likes

@ACwifidude You may want to consider adding this patch. One of the patch file is to fix ecm’s bridge hairpin mode:

2 Likes

Seems like it's already included but under a different name and slightly larger.

However I wonder what sets br_is_hairpin_enabled?

You can set a bridge port's hairpin mode via ssh console. Default is off. For example for the bridge br-lan with eth1.1 as one of it's bridge port, the hairpin_mode debug_fs config can be found here:

/sys/class/net/br-lan/brif/eth1.1

You can also set it using the ip command. ip -d show link eth1.1 should show all the configured parameters. IIRC, the ip utility also sets it via the /sys/class/net/ debug_fs config.

1 Like