OpenWrt 22.03.0 first stable release

grrr2 · September 8, 2022, 2:59pm

it is stated in the release notes:

Some community packages that add firewall rules might not work for now, and will need to be adapted to fw4: this will happen gradually throughout the lifetime of the 22.03 release series.

so unfortunately if you want to use that particular package now you have to wait, or rollback.

Golpesar · September 8, 2022, 6:21pm

Hi dear friend
In my Archer C7 V4 there are two WAN led options: green:wan; orange:wan
Regards

Golpesar · September 8, 2022, 6:31pm

I decided to install 22.03 for sixth time on my Archer C7 V4.
This time I installed every package EXCEPT DNS OVER HTTPS.
Then I added all capabilities such as guest wifi for both bands, adsl setup for wan, dual access to the bridged modem, and wireless wan.
I tested all of them and they are working properly. Then I intentionally powered of the router and on after a few minutes. The problem has been solved. The router can now assign IP and DHCP server is working properly.
Finally I changed all devices from static to dynamic IP. Every thing is fine.

Conclusion:
the package DNS over https is sensitive to sudden power loss. after the restart DHCP won't work when this package is installed or even removed. It should not be installed at all.

Thank you.

mjs · September 8, 2022, 8:41pm

I've made a custom build of the 22.03.0 branch for my BT Hub 5As with many packages removed to workaround the BT hub boot loop issue, as I did with previous release candidates. I've built it so the "vermagic" matches so the official package feeds work and installed the omitted packages with opkg and I've rebooted it quite a lot of times and so far it boots successfully in about 60 seconds each time.

The build is missing lots of packages so needs a working internet connection to install the needed packages after flashing.

Here's my diffconfig for the build:-

CONFIG_TARGET_lantiq=y
CONFIG_TARGET_lantiq_xrx200=y
CONFIG_TARGET_lantiq_xrx200_DEVICE_bt_homehub-v5a=y
CONFIG_ALL_KMODS=y
CONFIG_ALL_NONSHARED=y
CONFIG_DEVEL=y
CONFIG_AUTOREMOVE=y
CONFIG_BPF_TOOLCHAIN_BUILD_LLVM=y
# CONFIG_BPF_TOOLCHAIN_NONE is not set
CONFIG_BUILDBOT=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_HAS_BPF_TOOLCHAIN=y
CONFIG_IMAGEOPT=y
CONFIG_KERNEL_BUILD_DOMAIN="buildhost"
CONFIG_KERNEL_BUILD_USER="builder"
# CONFIG_KERNEL_KALLSYMS is not set
CONFIG_PACKAGE_ath10k-board-qca988x=m
CONFIG_PACKAGE_ath10k-firmware-qca988x-ct=m
CONFIG_PACKAGE_fritz-caldata=m
CONFIG_PACKAGE_fritz-tffs=m
CONFIG_PACKAGE_fritz-tffs-nand=m
CONFIG_PACKAGE_hostapd-common=m
CONFIG_PACKAGE_iw=m
CONFIG_PACKAGE_iwinfo=m
CONFIG_PACKAGE_kmod-ath=m
CONFIG_PACKAGE_kmod-ath10k-ct=m
CONFIG_PACKAGE_kmod-ath9k=m
CONFIG_PACKAGE_kmod-ath9k-common=m
CONFIG_PACKAGE_kmod-cfg80211=m
CONFIG_PACKAGE_kmod-crypto-ccm=m
CONFIG_PACKAGE_kmod-crypto-cmac=m
CONFIG_PACKAGE_kmod-crypto-ctr=m
CONFIG_PACKAGE_kmod-crypto-gcm=m
CONFIG_PACKAGE_kmod-crypto-gf128=m
CONFIG_PACKAGE_kmod-crypto-ghash=m
CONFIG_PACKAGE_kmod-crypto-hmac=m
CONFIG_PACKAGE_kmod-crypto-rng=m
CONFIG_PACKAGE_kmod-crypto-seqiv=m
CONFIG_PACKAGE_kmod-crypto-sha256=m
CONFIG_PACKAGE_kmod-hwmon-core=m
CONFIG_PACKAGE_kmod-mac80211=m
CONFIG_PACKAGE_kmod-nls-base=m
CONFIG_PACKAGE_kmod-owl-loader=m
CONFIG_PACKAGE_kmod-usb-core=m
CONFIG_PACKAGE_kmod-usb-dwc2=m
CONFIG_PACKAGE_kmod-usb-roles=m
CONFIG_PACKAGE_libbpf=m
CONFIG_PACKAGE_libelf=m
CONFIG_PACKAGE_libiwinfo=m
CONFIG_PACKAGE_libiwinfo-data=m
CONFIG_PACKAGE_qosify=m
CONFIG_PACKAGE_tc-full=m
CONFIG_PACKAGE_tc-mod-iptables=m
CONFIG_PACKAGE_wireless-regdb=m
CONFIG_PACKAGE_wpad-basic-wolfssl=m
CONFIG_REPRODUCIBLE_DEBUG_INFO=y
CONFIG_USE_LLVM_BUILD=y
CONFIG_VERSIONOPT=y
CONFIG_VERSION_BUG_URL=""
CONFIG_VERSION_CODE=""
CONFIG_VERSION_CODE_FILENAMES=y
CONFIG_VERSION_DIST="OpenWrt"
CONFIG_VERSION_FILENAMES=y
CONFIG_VERSION_HOME_URL=""
CONFIG_VERSION_HWREV=""
CONFIG_VERSION_MANUFACTURER=""
CONFIG_VERSION_MANUFACTURER_URL=""
CONFIG_VERSION_NUMBER=""
CONFIG_VERSION_PRODUCT=""
CONFIG_VERSION_REPO="https://downloads.openwrt.org/releases/22.03.0"
CONFIG_VERSION_SUPPORT_URL=""
# CONFIG_IB is not set
# CONFIG_MAKE_TOOLCHAIN is not set
# CONFIG_SDK is not set
# CONFIG_SDK_LLVM_BPF is not set

I tried building an image using the firmware selector with a list of files from the manifest, However, I've NOT tested it because I don't have a router with serial soldered on to recover it in the likely event that something is missing or wrong and the router gets bricked

I'm not sure if that would result in the same image or not? I can post the list of packages from the manifest, if anyone with a serial connection able to recover it wants to risk a try.

Here's the stuff I installed with opkg:-

opkg update


opkg install ath10k-board-qca988x
opkg install ath10k-firmware-qca988x

opkg install hostapd-common
opkg install iw
opkg install iwinfo
opkg install kmod-ath
opkg install kmod-ath10k
opkg install kmod-ath9k
opkg install kmod-ath9k-common

opkg install kmod-cfg80211
opkg install kmod-crypto-ccm
opkg install kmod-crypto-cmac
opkg install kmod-crypto-ctr
opkg install kmod-crypto-gcm
opkg install kmod-crypto-gf128
opkg install kmod-crypto-ghash
opkg install kmod-crypto-hmac
opkg install kmod-crypto-rng
opkg install kmod-crypto-seqiv
opkg install kmod-crypto-sha256
opkg install kmod-hwmon-core
opkg install kmod-lib-crc16
opkg install kmod-mac80211
opkg install kmod-nls-base
opkg install kmod-owl-loader
opkg install kmod-usb-core
opkg install kmod-usb-dwc2
opkg install kmod-usb-roles

opkg install wireless-regdb
opkg install wpad-wolfssl
opkg install luci
opkg install luci-app-ddns
opkg install luci-lib-ipkg
opkg install ddns-scripts
opkg install ddns-scripts-services

#opkg install batctl-full
#opkg install kmod-batman-adv
#opkg install mesh11sd```

Stephane1 · September 8, 2022, 8:41pm

Just install this release and i saw that custom rules tab (firewall.user) is gone in luci. I had some ebtables rules in it. Where should i put these rules now ?

betterworlds · September 8, 2022, 9:30pm

Hi there. Congrats on the release!

What is the recommended approach if I have a device running on 19.07.10 that did not have support for the 21.x.x release, but does have support for the 22.03.0 release?

This is the Comfast CF-E375AC. It seems that the migration to ath79 was completed after the v21 series was released.

Asking because of the notice to not run sysupgrade from 19.07.10 to 22.03.0.

Catfriend1 · September 9, 2022, 9:29am

I'm experiencing the problem that "dnsmasq" does not start properly here. According to logread, it starts, output several info lines to the log indicating it should work properly.

I did a "netstat -tulpn | grep LISTEN | grep ":53"" and dnsmasq was NOT listening to any interface. It does not matter if I specify LISTEN interfaces in /etc/config/dhcp or if I leave the default to LISTEN to all interfaces.

Manual workaround 1: Use the Web UI / DHCP and DNS and do not change anything , just save&apply the existing config. dnsmasq immediately starts to LISTEN on port #53.

Manual workaround 2: /etc/init.d/dnsmasq restart

Automatic workaround: 3: Add those lines to "/etc/rc.local"

# 22.03.0: Fix dnsmasq not listening
/bin/netstat -tulpn | grep "LISTEN" | grep -q ":53" || /etc/init.d/dnsmasq restart

Here is my /etc/config/dhcp:


config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option expandhosts '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option localservice '1'
	option domain 'home.local'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	list interface 'lo'
(...)

It does not work with this config, no matter if I have the line "list interface 'lo'" in it or not. The exact same config worked fine on OpenWrt 21.02.3. It no longer works on OpenWrt 22.03.0.

slh · September 9, 2022, 11:06am

Do you have another DHCPd running in your network? dnsmasq checks that before starting up (or refuses to start).

SteMax97 · September 9, 2022, 12:04pm

Excuse me, but what are those issues?
I have UPNP perfectly working, with Luci as well showing redirections. The only think I had to do (because I did a clean upnp install) was to set the "Presentation URL" as the IP of the router (I don't use the default 192.168.1.1).

miniupnp-nftables is of course the one installed.

wunderspud · September 9, 2022, 12:45pm

It would be really valuable to open a github issue reporting this to raise awareness with devs.

pesa1234 · September 9, 2022, 12:55pm

later I check, but I also have issue with dnsmasq, sometimes goes in a crash loop, without any message on log...

At the moment back to 21.03.2

22.03 have this bug and also bug on flow control... need to be disabled Linksys WRT1900AC v2 Slow Upload speed on 22.03.0 stable - #4 by pesa1234

rhester72 · September 9, 2022, 1:28pm

I'm not sure that's the actual problem.

Generally, DNS-over-https breaks time sync, because the former requires reasonably accurate time to work and it becomes a chicken-and-egg problem.

If you don't have a RTC and aren't doing anything to manually correct the time on startup, problems will occur (but generally not associated with DHCP).

rhester72 · September 9, 2022, 1:31pm

There's a known crash bug in dnsmasq if you are using custom dnsmasq entries to modify returned responses on the fly (e.g. disabling IPv6 responses for certain domains, etc.)

It is an upstream bug that will require either upgrade to a newer dnsmasq within OpenWRT (when one becomes available) or a developer will need to backport the specific upstream patch that addresses this issue (which has not occurred).

It's mentioned on the release tracker but not the release notes for 22.03.

jbrossard · September 9, 2022, 2:19pm

Correct. Don't force the router to use DNS-over-HTTPS or DNS-over-TLS. Only force your network clients.
The router needs DNS to work on boot so the time and date can be set, otherwise the DNS secure transport fails due to the router's time and date being outside the certificate's validity dates.

Golpesar · September 9, 2022, 3:52pm

Many thanks. I wish I had known this before all my efforts. In fact I could have set up time manually. Anyway, I never use Dns over https any more.
Again thank you.

Rampler · September 9, 2022, 4:27pm

Now, a flashed my Archer C7 V2, so far so good .., but WAN LED is still missing.

smeep · September 9, 2022, 4:54pm

That's great to hear. I'd like to update my Archer C7 V2 as well.

Aside from the LED, does all functionality appear to work?

SteMax97 · September 9, 2022, 7:46pm

̶I̶ ̶a̶m̶ ̶h̶a̶v̶i̶n̶g̶ ̶s̶o̶m̶e̶ ̶p̶r̶o̶b̶l̶e̶m̶s̶ ̶w̶i̶t̶h̶ ̶c̶o̶n̶n̶e̶c̶t̶i̶n̶g̶ ̶t̶o̶ ̶H̶u̶r̶r̶i̶c̶a̶n̶e̶ ̶E̶l̶e̶c̶t̶r̶i̶c̶ ̶t̶u̶n̶n̶e̶l̶ ̶(̶c̶o̶m̶p̶l̶e̶t̶e̶l̶y̶ ̶w̶o̶r̶k̶i̶n̶g̶ ̶o̶n̶ ̶2̶1̶.̶0̶2̶.̶3̶,̶ ̶s̶a̶m̶e̶ ̶c̶o̶n̶f̶i̶g̶)̶.̶ ̶D̶i̶d̶ ̶y̶o̶u̶ ̶h̶a̶v̶e̶ ̶t̶o̶ ̶d̶o̶ ̶a̶n̶y̶t̶h̶i̶n̶g̶ ̶t̶o̶ ̶h̶a̶v̶e̶ ̶i̶t̶ ̶w̶o̶r̶k̶i̶n̶g̶?̶
̶
̶I̶n̶ ̶p̶a̶r̶t̶i̶c̶u̶l̶a̶r̶,̶ ̶I̶ ̶h̶a̶v̶e̶ ̶p̶r̶o̶b̶l̶e̶m̶s̶ ̶o̶n̶ ̶c̶l̶i̶e̶n̶t̶s̶:̶ ̶t̶h̶e̶y̶ ̶r̶e̶c̶e̶i̶v̶e̶ ̶t̶h̶e̶ ̶I̶P̶V̶6̶ ̶a̶d̶d̶r̶e̶s̶s̶ ̶f̶r̶o̶m̶ ̶t̶h̶e̶ ̶r̶o̶u̶t̶e̶r̶,̶ ̶b̶u̶t̶ ̶i̶t̶ ̶s̶e̶e̶m̶s̶ ̶t̶h̶a̶t̶ ̶t̶h̶e̶ ̶l̶i̶n̶k̶-̶l̶o̶c̶a̶l̶ ̶i̶s̶ ̶n̶o̶t̶ ̶w̶o̶r̶k̶i̶n̶g̶ ̶(̶i̶f̶ ̶I̶ ̶m̶a̶n̶u̶a̶l̶l̶y̶ ̶a̶s̶s̶i̶g̶n̶ ̶i̶p̶v̶6̶ ̶g̶a̶t̶e̶w̶a̶y̶ ̶o̶n̶ ̶t̶h̶e̶ ̶c̶l̶i̶e̶n̶t̶s̶ ̶e̶v̶e̶r̶y̶t̶h̶i̶n̶g̶ ̶w̶o̶r̶k̶s̶)̶.̶

The bug was on my side: I have a backup router with a mirror configuration that now I am just using as an AP; while I disabled dnsmasq, I did not disable odhcpd and therefore it was messing with the ipv6 routes. My fault, sorry for the notification.

Ricrdsson · September 9, 2022, 8:12pm

Thanks finally for a functional Upnp in the Luci interface as well

rwl408 · September 9, 2022, 8:43pm

I doubt anybody here cares whether you use OpenWrt or not.