Thank you for the image G10 
Here is the test result and most interestingly, the result is after WiFi My internet speed is nominally 1000/60. It is not an optical fiber.
1 Like
I’d delete any extra vlans and extra virtual wifi networks and re-test.
What does the performance look like with the default settings?
If the router is having difficulty prioritizing traffic (video and constant streams are very latency sensitive) the next step would be to use nss qos like in the #2 post to optimize latency.
1 Like
I retested with three different versions with default settings only (even without WLANs), same low and bad results during LAN traffic.
I have to add to this that the connection to the Gigabit switch sometimes drops to 100Mbps. Router LAN port LED changes its colour.
Can you let us know what tipe of switch you are using? As daft as it sounds can you test with diffrent Ethernet cables for the switch just to rule it out?
All so is this with a stock build of OpenWrt master?
1 Like
I've put a low cost TP-Link LS1005G switch.
For tomorrow I plan to change the cables and try another WDR4300 just as a Gigabit switch in order (hopefully) to sort this out or confirm the same issue.
But as long as I changed the R7800 with a really cheap Gigabit router and it did the task really easily I'm a little concerned about the actual reasons.
The issue happens even without the additional TP-link switch. It is the same when the clients are directly connected to the R7800 ports and there is a LAN only traffic through the R7800 switch. When there's only NAT routing from WAN to LAN clients there's no problem.
I've changed the cable to an Android TV box. It has a 100Mbps NIC. The issue with low speeds remains.
I've tried several things today and definitely this looks like a software bug.
I've used three routers - two different R7800s (to reject it is a hardware problem only) and cheap no-name gigabit router with Ralink chipset.
My previous tests were only with a Desktop PC, two Android TV set-top boxes and a Smart TV set. Today I've added one Laptop connected by cable via gigabit NIC and second Laptop connected wirelessly via MediaTek MT7921 2x2 802.11ax (WiFi 6) Card .
I've made the same tests consequently with all three routers.
I can now confirm that the two R7800 routers experience absolutely the same slowdowns/drops of WAN download/upload throughput in case of even moderate LAN traffic.
After lots of tests here is the problem completely reproducible using iperf3 to make LAN traffic between LAN clients. In my case I run iperf3 (with a predefined throughput of 60Mbps) between a Laptop connected at 100Mbps! (this is the culprit) and PC connected at 1000Mbps. The result - the PC can only download/upload from/to WAN at really low speeds.
If the same test is performed when a Laptop is connected at 1000Mbps then there is no problem for the PC to achieve full speeds.
The slowdown only occurs when a device (Laptop, PC, Smart TV) is connected via cable and the negotiated speed is 100Mbps (I've used a 100Mbps cable). Then the other device even connected at 1000Mbps cannot download at high speed.
It's really tricky when there is an additional switch (even a gigabit one) connected to the router because I can see the link speed is 1000Mbps, but some clients have only 100Mbps NICs and when there is LAN traffic between the clients this becomes a nightmare because all the clients cannot download from Internet. The speed sometimes is just 5-6Mbps.
This definitely should be fixed because otherwise the Internet connection is almost unusable when we have LAN traffic. At least there are no problems with WLAN clients speed.
No similar slowdowns are observed with the third cheap router I've tested.
I have to stress that two compulsory conditions should be met at the same time in order to reproduce the WAN performance drop. A client connected at 100Mbps (let's call it "Problem Client") and a LAN traffic between the "Problem Client" and any other device connected to LAN by cable.
Further discussions about this issue are moved here
2 Likes
Anyone seeing this
with lots of log entries
kern.warn kernel: [123152.760364] nf_conntrack: nf_conntrack: table full, dropping packet
bittorrent clients do that. setting limits should help
I have a limit set to 400 total connections. I've never had problems so far.
I don't have any torrent client running and still get this.
1 Like
Updated the Master build today. It is basically exact same as the brand new 22.03 branch that branched off today. Updated the nomenclature to qsdk10.0 - this is the most recent .bin file. Additionally - added ramoops to most of the targets. Post any ramoops files that are generated.
I’ll build a 22.03 branch with the same commits.
Let me know if you have any feedback.
3 Likes
it means 22.03 has firewall4?
Damn this is going to be a problem, afaik not everything is fixed (e.g. dnmasq-full with ipsets).
Will you keep also a 22.02 version?
Yep. I’m going off the OpenWrt nomenclature / branch points. There will be a 21.02 (5.4 kernel, branched off 1 year ago), 22.03 (just branched off master yesterday), and master build. 
I posted the 22.03 build with all the commits on my GitHub. Haven’t built any images yet.
1 Like
you are the man
thanks, i'm not ready for firewall 4, still
try the real time graph/connections tab to get the list of ip and ports. that should give you an idea which service/machine is causing.
Edit - luci would probably crash, try getting the data from
cat /proc/net/nf_conntrack
1 Like
@ACwifidude Hi, thanks for your new code.
I have built the new kernel5.10-nss-qsdk10.0 branch for my ea8500, but the new driver+patch still not work on my ea8500 Lan port. I have to change it back, the following is my modified files, then the Lan port worked.
-
in file
990-00-Add-required-entries-in-dts-files-for-5.10-NSS-support.patch, removed ea8500 and eax500 related parts. -
in file
qcom-ipq8064-ea8500.dts:
&partitions {
partition@5f80000 {
label = "syscfg";
reg = <0x5f80000 0x2080000>;
};
};
&mdio0 {
phy4: ethernet-phy@4 {
reg = <4>;
};
};
&gmac1 {
qcom,phy-mdio-addr = <0>;
qcom,poll-required = <0>;
qcom,rgmii-delay = <1>;
};
/* LAN */
&gmac2 {
qcom,phy-mdio-addr = <4>;
qcom,poll-required = <0>;
qcom,rgmii-delay = <0>;
};
- in file
qcom-ipq8064-eax500.dtsi:
&mdio0 {
status = "okay";
pinctrl-0 = <&mdio0_pins>;
pinctrl-names = "default";
phy0: ethernet-phy@0 {
reg = <0>;
qca,ar8327-initvals = <
0x00004 0x7600000 /* PAD0_MODE */
0x00008 0x1000000 /* PAD5_MODE */
0x0000c 0x80 /* PAD6_MODE */
0x00010 0x2613a0 /* PWS_REG */
0x000e4 0x6a545 /* MAC_POWER_SEL */
0x000e0 0xc74164de /* SGMII_CTRL */
0x0007c 0x4e /* PORT0_STATUS */
0x00094 0x4e /* PORT6_STATUS */
>;
};
phy4: ethernet-phy@4 {
reg = <4>;
};
};
&gmac1 {
status = "okay";
compatible = "qcom,nss-gmac";
reg = <0x37200000 0x200000>;
interrupts = <GIC_SPI 223 IRQ_TYPE_LEVEL_HIGH>;
phy-mode = "rgmii";
qcom,id = <1>;
qcom,pcs-chanid = <0>;
qcom,phy_mii_type = <0>;
qcom,emulation = <0>;
qcom,forced-speed = <1000>;
qcom,forced-duplex = <1>;
qcom,socver = <0>;
qcom,irq = <255>;
mdiobus = <&mdio0>;
pinctrl-0 = <&rgmii2_pins>;
pinctrl-names = "default";
fixed-link {
speed = <1000>;
full-duplex;
};
};
&gmac2 {
status = "okay";
compatible = "qcom,nss-gmac";
reg = <0x37400000 0x200000>;
interrupts = <GIC_SPI 226 IRQ_TYPE_LEVEL_HIGH>;
phy-mode = "sgmii";
qcom,id = <2>;
qcom,pcs-chanid = <1>;
qcom,poll-required = <0>; /* no polling */
qcom,rgmii-delay = <0>;
qcom,phy_mii_type = <1>;
qcom,emulation = <0>;
qcom,forced-speed = <1000>;
qcom,forced-duplex = <1>;
qcom,socver = <0>;
qcom,irq = <258>;
mdiobus = <&mdio0>;
fixed-link {
speed = <1000>;
full-duplex;
};
};
&adm_dma {
status = "okay";
};
(above 2 files, not all parts, the rest parts are same as new code.)
1 Like
I've identified the intruder.
Now I need a firewall rule to limit all those endless connections.
1 Like
Updates:
- added 22.03 build
- changed .dts patch for the ea8500 as per @RadioOperator above post. 22.03 and master builds should work now for the ea8500.
- will look in to @quarky UDP patches for next build which could potentially solve UDP issues.
7 Likes
Hi all, I'm currently rocking the latest 21.02 build with ath10k non-ct and it's working good so far. I was wondering if upgrading to master or even this new 22.03 build would give me more features/performance in my case? Thank you!
As far as version numbers currently (+19 custom commits) here is a rough difference (when they branch off they have their own commits that don’t match up with trunk).
21.02 is r16514+19
22.03 is r19165+19
Master is r19174+19
So upgrading ~2500+ commits gets you kernel 5.10, firewall 4, and a couple other more recent versions of software packages. This may be a good thing, maybe a bad thing. Stability vs cutting edge vs performance is tough. I personally run master and find the performance to be great. I haven’t compared recent 21.02 vs recent master. You can flash back and forth and compare - feel free to try and post some test results about your findings.
2 Likes