Default crypto driver by QCA is very basic and only support payload of fixed size. Driver have to be enhanced to support arbitrary payload sizes.
1 Like
@sppmaster, @ninjanoir78, @egc could you guys please test this build, I've committed all Acwifidude's commits and asvio's .153 nss kernel refresh patches, also removed .127 which it seems to be the cause for the disconnects, although far less with .158 than .160. No disconnects so far with this build.
I'll keep the other repos for testing purposes and push to https://github.com/nihilt/openwrt from now on.
It has all the building and startup tweaks, I've included dnsproxy config, wifi (2g VHT40 noscan) and nss-rk2.qos (qosmio's forked version with minor corrections). Just copy/edit over your backup configs with winscp.
Name: bin.7z
Size: 101603275 bytes (96 MiB)
SHA256: a6625fae30b1ee6abff64b20dc7ced91ab0a4430a021b2d096a356f946b33315
........................Link removed..............................
I forgot to disable dnsproxy and since there are no dhcp entries it will spam the log file with errors.
To disable dnsproxy (v0.71.2) just install luci-app-dnsproxy (included) or edit config.
# For documents, please see https://github.com/AdguardTeam/dnsproxy#usage
config dnsproxy 'global'
option enabled '0'
[...]
If you want to test dnsproxy, then edit dnsproxy config as shown below.
Forced HTTP/3
# For documents, please see https://github.com/AdguardTeam/dnsproxy#usage
config dnsproxy 'global'
[...]
option http3 '0'
[...]
list upstream 'h3://1.1.1.2/dns-query'
list upstream 'h3://1.0.0.2/dns-query'
or
dnsproxy config: (this way it will choose HTTP/3 if it's faster. This works with quad9 too, still under testing phase https://dns9.quad9.net/dns-query).
# For documents, please see https://github.com/AdguardTeam/dnsproxy#usage
config dnsproxy 'global'
[...]
option http3 '1'
[...]
Replace
list upstream 'h3://1.1.1.2/dns-query'
list upstream 'h3://1.0.0.2/dns-query'
with
list upstream 'https://1.1.1.2/dns-query'
list upstream 'https://1.0.0.2/dns-query'
dhcp
list server '127.0.0.1#5353'
Both https-dns-proxy and luci-app-https-dns-proxy are under packages.
Summary
Building from my repo
git clone -b openwrt-23.05-nss https://github.com/nihilt/openwrt.git
cd openwrt
git pull
git status
git remote add upstream https://git.openwrt.org/openwrt/openwrt.git
./scripts/feeds update -a && ./scripts/feeds install -a && cp diffconfig .config && make defconfig && ./scripts/getver.sh
make dirclean && make -j9 download && make -j9 V=sc
Updating openwrt (excluding kernel updates).
git clone -b openwrt-23.05-nss https://git.openwrt.org/openwrt/openwrt.git
cd openwrt
git pull
git remote add oldrepo https://github.com/nihilt/openwrt.git
git remote update
git cherry-pick 7df23f7c0cb4ac7d4ccc82b78195e7edfc4311a4~1..4028eb8289662e76c79ee3d761bc6d02574eaab7
git remote remove oldrepo
git checkout openwrt-23.05
git status
git remote add upstream https://git.openwrt.org/openwrt/openwrt.git
./scripts/feeds update -a && ./scripts/feeds install -a && cp diffconfig .config && make defconfig && ./scripts/getver.sh
make dirclean && make -j9 download && make -j9 V=sc
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 23.05-SNAPSHOT, r23927-4028eb8289
-----------------------------------------------------
root@OpenWrt:~# opkg list-installed | grep qca-
kmod-qca-mcs - 5.15.158+2022-03-16-dd8a438-1
kmod-qca-nss-drv - 5.15.158+2020-03-20-3cfb9f43-1
kmod-qca-nss-drv-igs - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-l2tpv2 - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-netlink - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-pppoe - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-pptp - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-qdisc - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-tunipip6 - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-ecm-standard - 5.15.158+2023-01-20-db66c47-1
kmod-qca-nss-gmac - 5.15.158+2021-04-20-17176794-1
root@OpenWrt:~# lsmod | grep nss
ip6_tunnel 32768 2 qca_nss_tunipip6,ip6_gre
nss_ifb 16384 0
ppp_generic 36864 8 ecm,ppp_async,qca_nss_pptp,pptp,qca_nss_pppoe,pppoe,pppox,qca_nss_l2tpv2
pppoe 24576 2 ecm,qca_nss_pppoe
pptp 28672 2 ecm,qca_nss_pptp
qca_nss_drv 405504 8 nss_ifb,ecm,mac80211,qca_nss_tunipip6,qca_nss_qdisc,qca_nss_pptp,qca_nss_pppoe,qca_nss_l2tpv2
qca_nss_gmac 61440 1 qca_nss_drv
qca_nss_l2tpv2 20480 0
qca_nss_pppoe 16384 0
qca_nss_pptp 16384 0
qca_nss_qdisc 65536 5
qca_nss_tunipip6 16384 0
root@OpenWrt:~# cat /sys/kernel/debug/qca-nss-drv/stats/virt_if
if_num 29 stats start:
rx_packets = 215237
rx_bytes = 293929821
rx_dropped = 0
tx_packets = 9661
tx_bytes = 11056673
tx_enqueue_failed = 0
shaper_enqueue_failed = 0
ocm_alloc_failed = 0
if_num 29 stats end:
if_num 33 stats start:
rx_packets = 202416
rx_bytes = 278347505
rx_dropped = 0
tx_packets = 34892
tx_bytes = 4203686
tx_enqueue_failed = 0
shaper_enqueue_failed = 0
ocm_alloc_failed = 0
if_num 33 stats end:
if_num 37 stats start:
rx_packets = 2280
rx_bytes = 2295728
rx_dropped = 0
tx_packets = 7947
tx_bytes = 1137479
tx_enqueue_failed = 0
shaper_enqueue_failed = 0
ocm_alloc_failed = 0
if_num 37 stats end:
base node stats begin (shown on if_num 37):
active_interfaces = 6
ocm_alloc_failed = 0
ddr_alloc_failed = 0
base node stats end.
3 Likes
Thanks for all your work, I am traveling the coming weeks and do not have a R7800 with me so cannot test at the moment.
2 Likes
Thank you, i will try this week.
1 Like
Thank you for making this build.
I am having trouble accessing the web interface. I tried your pre-compiled build and also compiling it myself. I did not copy any backup configs over. Might that be the reason why?
Thanks
Edit: I flashed Acwifidue's build first, then your build, but keeping settings, and I can access luci now.
1 Like
No issues here, but I'll remove the link anyways.
I haven't flashed Kong's builds for quite some time now, so I tried his latest build and results were perfect, clean logs, performance and latency are identical. He's also including qosmio's forked qos script, wifi range is better (same settings). The key here are nss kernel refreshed patches, that explains such clean logs. He posted a few weeks ago that he's running nss bulds with all his ipq806x devices, meaning properly tested stable builds.
So, I would recommend to everyone to stick with kong bulds, maybe @KONG could also add qam-256 support.
The only issue was that I had to edit bootcount to set rmem and wmem, it runs last so it overrides whatever I set in rc.local (dnsproxy).
Summary
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
KONG 23, r0+23920-af78dfb207
-----------------------------------------------------
root@OpenWrt:~# opkg list-installed | grep qca-
kmod-qca-mcs - 5.15.158+2022-03-16-dd8a438-1
kmod-qca-nss-drv - 5.15.158+2020-03-20-3cfb9f43-1
kmod-qca-nss-drv-igs - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-l2tpv2 - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-netlink - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-pppoe - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-qdisc - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-drv-tunipip6 - 5.15.158+2020-10-29-ef082a73-2
kmod-qca-nss-ecm-standard - 5.15.158+2023-01-20-db66c47-1
kmod-qca-nss-gmac - 5.15.158+2021-04-20-17176794-1
root@OpenWrt:~# lsmod | grep nss
ip6_tunnel 32768 2 qca_nss_tunipip6,ip6_gre
nss_ifb 16384 0
ppp_generic 36864 7 ecm,pptp,ppp_async,qca_nss_pppoe,pppoe,pppox,qca_nss_l2tpv2
pppoe 24576 2 ecm,qca_nss_pppoe
qca_nss_drv 397312 7 nss_ifb,ecm,mac80211,qca_nss_tunipip6,qca_nss_qdisc,qca_nss_pppoe,qca_nss_l2tpv2
qca_nss_gmac 61440 1 qca_nss_drv
qca_nss_l2tpv2 20480 0
qca_nss_pppoe 16384 0
qca_nss_qdisc 61440 5
qca_nss_tunipip6 16384 0
root@OpenWrt:~# cat /sys/kernel/debug/qca-nss-drv/stats/virt_if
if_num 29 stats start:
rx_packets = 4424138
rx_bytes = 1768220740
rx_dropped = 0
tx_packets = 9637
tx_bytes = 4998283
tx_enqueue_failed = 0
shaper_enqueue_failed = 0
ocm_alloc_failed = 0
if_num 29 stats end:
if_num 33 stats start:
rx_packets = 5644
rx_bytes = 6174989
rx_dropped = 0
tx_packets = 10437
tx_bytes = 2124606
tx_enqueue_failed = 0
shaper_enqueue_failed = 0
ocm_alloc_failed = 0
if_num 33 stats end:
if_num 37 stats start:
rx_packets = 595
rx_bytes = 332808
rx_dropped = 0
tx_packets = 903
tx_bytes = 236432
tx_enqueue_failed = 0
shaper_enqueue_failed = 0
ocm_alloc_failed = 0
if_num 37 stats end:
base node stats begin (shown on if_num 37):
active_interfaces = 6
ocm_alloc_failed = 0
ddr_alloc_failed = 0
base node stats end.
https://www.waveform.com/tools/bufferbloat?test-id=7a4ce100-c6fb-4a07-80fc-a728a980aee3
OpenWrt 23.05-SNAPSHOT, r23927-4028eb8289
Bufferbloat and Internet Speed Test - Waveform
I can't find the NSS branch for 23.05.x on Kong's repo.
Hello, i have the same build from kong KONG 23 r0+23920-af78dfb207 / LuCI openwrt-23.05 branch git-24.086.45142-09d5a38 and i dont see the nss load.
?
Index of /openwrt > 23.05/ > ipq806x-nss/
You may want to post in the Kong thread:
Kong pro firmware for IPQ806x (R7500, R7800, EA8500, …)
1 Like
Hello,
I'm looking for his 23.03 NSS source repo, not his build binaries. Thanks.
1 Like
I am also looking for that as his builds are very feature rich and I want to compile my own leaner build.
2 Likes
Me too!Kong online storage only has compiled firmware and plugin packages, and his GitHub is still at version 18.06. I also want to know his latest source code. I have been having various problems upgrading Acwifidue's firmware version, and I would like to have a ready-made version that I can compile myself.
2 Likes
So far I just used a local checkout from acwifidude for nss builds.
I just pushed my local branch to github:
6 Likes
Congrats on this.
I will try to compile soon.
Can we use the instructions/config files in second post to build from your repo or maybe you can give us some more tweaked options/settings.
And one more vote if you can add QAM-256. I made some tests and it looks good.
These devices do not deserve a premature death. They can hold a few more years and serve reliably many people in the fiber era at low price.
1 Like
Config is here: http://desipro.de/openwrt/23.05/ipq806x-nss/config.buildinfo just download and copy it to nsssourcedir/.config
3 Likes
I've been using Kong's NSS build on my newly acquired Netgear XR500.
It all seems to work ok, but I'm getting a restart 4-5 days in.
I have set it to reboot every Sunday morning, but it never seems to reach it.
Latest log entries stopped at 23:42 and it restarted at 7:52 the next morning:
Thu Jun 6 23:42:21 2024 daemon.notice netifd: Network device 'phy1-ap0' link is up
Thu Jun 6 23:42:21 2024 daemon.notice hostapd: phy1-ap0: interface state HT_SCAN->ENABLED
Thu Jun 6 23:42:21 2024 daemon.notice hostapd: phy1-ap0: AP-ENABLED
Fri Jun 7 07:52:59 2024 daemon.notice ntpdate[5162]: step time server 27.124.125.250 offset +29432.674286 sec
Fri Jun 7 07:53:00 2024 daemon.err collectd[5271]: configfile: stat (/etc/collectd/conf.d/*.conf) failed: No such file or directory
Fri Jun 7 07:53:00 2024 daemon.err collectd[5271]: plugin_load: plugin "cpu" successfully loaded
Actually, I'm not sure if it rebooted or simply powered down/up.
The Uptime is reset, but the log seems to have paused/stopped overnight.
Check if there is any dump: ls -la /sys/fs/pstore/
1 Like
disable ddns in the startup menu, i have the same prolem in my xr500, now mine dont reboot.
I'll try it and see how it goes.