Ipq806x NSS build (Netgear R7800 / TP-Link C2600 / Linksys EA8500)

Because the NSS code will never be able to be submitted upstream to Linux with how the NSS firmware binaries are licensed(Ignoring any other issues that maintainers view with the code) and OpenWrt will only accept the patches IF they're accepted by kernel maintainers to be included into the kernel and also legal to distribute(which they aren't legally allowed to).
Qualcomm is likely to never do anything to get their code into the kernel which makes "never" the answer.


Actually (almost) all the NSS firmware drivers' source codes are released by QCA via this site. We basically [shamelessly] suck everything we can from there to get NSS acceleration working for the ipq806x routers.

You're right in that the NSS firmware is a problem, and we cannot get an officially released recent enough NSS irmware blob from QCA, except for one that is really old that's based on QSDK 6 IIRC. That firmware was uploaded to Github by QCA.

Getting the Linux folks and Openwrt maintainers to accept the binary blobs and drivers is a whole can of worms altogether, so having it become a reality, while possible, will be extremely hard.


I see now. Thank you very much for the explanation.
I have to get accustomed with this router, with a legal build (read "stable"), take a note of how many services I can run with satisfaction, and then build a master with all the packets injected through build environment.
Got it.
It's not simple, but doable.
Licenses and copyrights are making the world a shitty place to live, but this forum is a ray of light.

Thank you all. I mean it.

what is the problem these days with dependencies, I egt that;

make defconfig
tmp/.config-package.in:104546:error: recursive dependency detected!
tmp/.config-package.in:104546:  symbol PACKAGE_shorewall6 depends on PACKAGE_shorewall6
For a resolution refer to Documentation/kbuild/kconfig-language.rst
subsection "Kconfig recursive dependency limitations"

tmp/.config-package.in:104582:error: recursive dependency detected!
tmp/.config-package.in:104582:  symbol PACKAGE_shorewall6-lite depends on PACKAGE_shorewall6-lite
For a resolution refer to Documentation/kbuild/kconfig-language.rst
subsection "Kconfig recursive dependency limitations"

tmp/.config-package.in:110247:error: recursive dependency detected!
tmp/.config-package.in:110247:  symbol PACKAGE_olsrd depends on PACKAGE_olsrd
For a resolution refer to Documentation/kbuild/kconfig-language.rst
subsection "Kconfig recursive dependency limitations"

tmp/.config-package.in:62481:error: recursive dependency detected!
tmp/.config-package.in:62481:   symbol PACKAGE_luci-app-olsr depends on PACKAGE_luci-app-olsr
For a resolution refer to Documentation/kbuild/kconfig-language.rst
subsection "Kconfig recursive dependency limitations"

tmp/.config-package.in:62498:error: recursive dependency detected!
tmp/.config-package.in:62498:   symbol PACKAGE_luci-app-olsr-services depends on PACKAGE_luci-app-olsr-services
For a resolution refer to Documentation/kbuild/kconfig-language.rst
subsection "Kconfig recursive dependency limitations"

tmp/.config-package.in:62514:error: recursive dependency detected!
tmp/.config-package.in:62514:   symbol PACKAGE_luci-app-olsr-viz depends on PACKAGE_luci-app-olsr-viz
For a resolution refer to Documentation/kbuild/kconfig-language.rst
subsection "Kconfig recursive dependency limitations"

1 Like

Updated the 21.02 build. Added in most of the new ramoops additions from master to the ipq8064-v2 and ipq8065 .dtsi files (plus added all the required packages). Haven’t checked if it is fully functional and has everything (additions shouldn’t affect functionality otherwise).

Post if you have any ramoops suggestions or logs saved that are helpful to the developers.

Will add ramoops to the next master build in a similar fashion to the .dts patch.


Just found out a new unpleasant discovery.
Today I've connected a gigabit switch to one of the ports LAN1 (to replace a 100Mbps old switch).

I have 3 devices connected to the switch - two Android TV boxes and a 4K TV. Switch is connected to the router port LAN1.
A desktop PC is connected to the R7800 port LAN4. There is a Plex server installed on the desktop PC.
When a 4K movie with bitrate ~70Mbps is played on the TV box or on the 4K TV set, the Internet download/upload speeds on the desktop PC or on any other device connected by cable drop dramatically from 940/680 Mbps with 1ms ping to just anything between 25-350/100-200Mbps (yes you read it right). The speedtest results are really low and inconsistent (varying hugely from as low as 25Mbps to 350Mbps) with high ping from 10 to over 25 ms.
I'm using current master with NSS but maybe this is not related to this particular firmware only.
Can anyone else try and then confirm or deny my observations. What are the WAN down/up speeds during a LAN traffic between two devices on the LAN (maybe around 100Mbps or higher).
I can hardly reach the speeds on the below picture during a LAN traffic from a desktop PC (serving a 4K movie with video bitrate around 70Mbps to Android TV playing the movie).
During this "hard time" for the router I cannot see a higher CPU usage.

And this is the sad picture when I try to play three 4K movies simultaneously on all three devices connected to the switch. At least one of the devices cannot play the movie without interruptions and continuous buffering every minute.

Finally it's really interesting that I have normal unaffected down/up speeds and ping from WLAN clients.

I've just deployed the ISP 20 bucks Gigabit router and with it I have no problems at all with cable connections.
This is the speedtest result with ISP router during simultaneous playing of three 4K movies on all three devices connected to the Gigabit switch with total video bitrate over 300Mbps.
I just don't understand the reason R7800 fails with this.

Probably my posts are not for this thread because I've tried several other firmwares - hnman's DSA master build, current stable 21.2 all with default settings. I have same bad results.
With Voxel firmware based on original Netgear firmware the router can reach maximum download speeds even with ping being 50-70 ms. But the upload is limited to around 150Mbps.

I've removed the switch and connected one Android TV box directly to the router - again no luck. When only a single 4K movie is played over direct 100Mbps cable connection the router is unable to reach normal down/up speeds. Only 100-200Mbps are possible.

I've just started searching for this and I found another post by user @riodoro complaining with the same symptoms.

Probably a bug.
Can anyone help with this.

Thank you for the image G10 :slight_smile: Here is the test result and most interestingly, the result is after WiFi :slight_smile: My internet speed is nominally 1000/60. It is not an optical fiber.

1 Like

I’d delete any extra vlans and extra virtual wifi networks and re-test.

What does the performance look like with the default settings?

If the router is having difficulty prioritizing traffic (video and constant streams are very latency sensitive) the next step would be to use nss qos like in the #2 post to optimize latency.

1 Like

I retested with three different versions with default settings only (even without WLANs), same low and bad results during LAN traffic.
I have to add to this that the connection to the Gigabit switch sometimes drops to 100Mbps. Router LAN port LED changes its colour.

Can you let us know what tipe of switch you are using? As daft as it sounds can you test with diffrent Ethernet cables for the switch just to rule it out?
All so is this with a stock build of OpenWrt master?

1 Like

I've put a low cost TP-Link LS1005G switch.
For tomorrow I plan to change the cables and try another WDR4300 just as a Gigabit switch in order (hopefully) to sort this out or confirm the same issue.
But as long as I changed the R7800 with a really cheap Gigabit router and it did the task really easily I'm a little concerned about the actual reasons.
The issue happens even without the additional TP-link switch. It is the same when the clients are directly connected to the R7800 ports and there is a LAN only traffic through the R7800 switch. When there's only NAT routing from WAN to LAN clients there's no problem.
I've changed the cable to an Android TV box. It has a 100Mbps NIC. The issue with low speeds remains.

I've tried several things today and definitely this looks like a software bug.
I've used three routers - two different R7800s (to reject it is a hardware problem only) and cheap no-name gigabit router with Ralink chipset.
My previous tests were only with a Desktop PC, two Android TV set-top boxes and a Smart TV set. Today I've added one Laptop connected by cable via gigabit NIC and second Laptop connected wirelessly via MediaTek MT7921 2x2 802.11ax (WiFi 6) Card .
I've made the same tests consequently with all three routers.
I can now confirm that the two R7800 routers experience absolutely the same slowdowns/drops of WAN download/upload throughput in case of even moderate LAN traffic.

After lots of tests here is the problem completely reproducible using iperf3 to make LAN traffic between LAN clients. In my case I run iperf3 (with a predefined throughput of 60Mbps) between a Laptop connected at 100Mbps! (this is the culprit) and PC connected at 1000Mbps. The result - the PC can only download/upload from/to WAN at really low speeds.
If the same test is performed when a Laptop is connected at 1000Mbps then there is no problem for the PC to achieve full speeds.
The slowdown only occurs when a device (Laptop, PC, Smart TV) is connected via cable and the negotiated speed is 100Mbps (I've used a 100Mbps cable). Then the other device even connected at 1000Mbps cannot download at high speed.
It's really tricky when there is an additional switch (even a gigabit one) connected to the router because I can see the link speed is 1000Mbps, but some clients have only 100Mbps NICs and when there is LAN traffic between the clients this becomes a nightmare because all the clients cannot download from Internet. The speed sometimes is just 5-6Mbps.
This definitely should be fixed because otherwise the Internet connection is almost unusable when we have LAN traffic. At least there are no problems with WLAN clients speed.
No similar slowdowns are observed with the third cheap router I've tested.

I have to stress that two compulsory conditions should be met at the same time in order to reproduce the WAN performance drop. A client connected at 100Mbps (let's call it "Problem Client") and a LAN traffic between the "Problem Client" and any other device connected to LAN by cable.

Further discussions about this issue are moved here


Anyone seeing this

with lots of log entries

kern.warn kernel: [123152.760364] nf_conntrack: nf_conntrack: table full, dropping packet

bittorrent clients do that. setting limits should help

I have a limit set to 400 total connections. I've never had problems so far.
I don't have any torrent client running and still get this.

Updated the Master build today. It is basically exact same as the brand new 22.03 branch that branched off today. Updated the nomenclature to qsdk10.0 - this is the most recent .bin file. Additionally - added ramoops to most of the targets. Post any ramoops files that are generated.

I’ll build a 22.03 branch with the same commits.

Let me know if you have any feedback.


it means 22.03 has firewall4?
Damn this is going to be a problem, afaik not everything is fixed (e.g. dnmasq-full with ipsets).
Will you keep also a 22.02 version?

Yep. I’m going off the OpenWrt nomenclature / branch points. There will be a 21.02 (5.4 kernel, branched off 1 year ago), 22.03 (just branched off master yesterday), and master build. :sunglasses:

I posted the 22.03 build with all the commits on my GitHub. Haven’t built any images yet.

1 Like

you are the man :slight_smile:
thanks, i'm not ready for firewall 4, still :slight_smile: