OpenWrt 23.05.0 - First stable release

Don't use auc for major upgrades.

Thanks devs, running fine for 24h+ on:

Archer A7 v5
D-Link DAP-X1860
Proxmox LXC/LXD (linuxcontainers.org builds are up as of today)

No, I will definitely use auc to perform major upgrades. My intent is to uncover issues that arise from using ASU and auc to cross large spans of upgrades, so that I can implement solutions to those problems and feed them back upstream.

4 Likes

@kramsac I have the same issue on RPi 4.

Thank you for rockchip support of NanoPi R2C and Orange Pi R1 LTS!

Updated 23.05.0 on Xiaomi AX3200 (RB01 model with MediaTek MT7622B and MediaTek MT7915E WiFi) and everything seems to work properly.

There is only a bit higher CPU sys usage (or at least top shows it as less idle usage than before) from the [napi/phy1-7] and [napi/phy1-9] processes.

Hardware offload and WED offload also seem to work correctly.

For anyone that uses MT7915E, please note that to activate WED (Wireless Ethernet Dispatch) on OpenWrt 23.05.0, you now need to:

  1. edit /etc/modules.conf
  2. append the line: options mt7915e wed_enable=Y

It's different than the procedure on 22.03, but it still seem to work.

After reboot, you can check if the module is active with:
cat /sys/module/mt7915e/parameters/wed_enable
if the output says "Y", the module should be active.

To check which connections are offloaded, you can now use:
cat /sys/kernel/debug/ppe0/bind

It will only show data while something is being actively offloaded, and it includes both LAN and WiFi connections.

Thank you so much for the great work on this update and for everyone that posted their experiences!

3 Likes

My WPS PBC not working on mbedtls, can you suggest a solution?Rest I don't have issue with wifi on newest version, thought I still downgraded.

Just upgraded my Linksys WRT3200 from rc3. No issues found, it was an entirely trouble free upgrade.
The OpenWRT project really is an outstanding achievement

4 Likes

I found the port status display bug on the X86/x64. on the vm it has 10 nics attached to it but It only show eth0 and eth1.


config interface 'loopback'
   option device 'lo'
   option proto 'static'
   option ipaddr '127.0.0.1'
   option netmask '255.0.0.0'

config globals 'globals'

config device
   option name 'br-lan'
   option type 'bridge'
   option stp '1'
   option igmp_snooping '1'
   option ipv6 '0'
   list ports 'eth2'
   list ports 'eth3'

config interface 'lan'
   option device 'br-lan'
   option proto 'static'
   option netmask '255.255.255.0'
   option ip6assign '60'
   option ipaddr '10.20.110.1'
   option delegate '0'
   option ipv6 '0'

config interface 'wan'
   option device 'eth0'
   option ipv6 '0'
   option proto 'dhcp'

config interface 'wan6'
   option device 'eth0'
   option proto 'dhcpv6'
   option peerdns '0'
   list dns '0::1'
   option reqaddress 'none'
   option reqprefix 'no'
   option auto '0'

config interface 'VLAN21_GWIFI'
   option proto 'static'
   option netmask '255.255.255.0'
   option ipaddr '10.110.21.1'
   option device 'br-vlan21'

config interface 'VLAN20_SRV'
   option proto 'static'
   option netmask '255.255.255.0'
   option auto '0'
   option ipaddr '10.110.20.1'

config interface 'VLAN22_IOT'
   option proto 'static'
   option netmask '255.255.255.0'
   option ipaddr '10.110.22.1'

config device 'wan1_dev'
   option name 'wan1'
   option mac '11:22:33:44:55:66'
   option ipv6 '0'

config device 'wan2_dev'
   option name 'wan2'
   option mac 'aa:bb:cc:dd:ee:ff'
   option ipv6 '0'

config device
   option type 'bridge'
   option name 'br-vlan21'
   list ports 'eth4'
   list ports 'eth5'
   option stp '1'
   option igmp_snooping '1'
   option ipv6 '0'

config device
   option type 'bridge'
   option name 'br-nuc-lan'
   list ports 'eth6'
   list ports 'eth7'
   option ipv6 '0'

config interface 'NUC_LAN'
   option device 'br-nuc-lan'
   option proto 'static'

1 Like

So, here's my experience upgrading my Archer C7 from 22.03.5, through an "Attended Sysupgrade", as of a couple of hours ago:

  1. "blind" attempt resulted in failure generating an image, specifically due to a conflict between "libustream" from "wolfssl" and "mbedtls";
  2. I was aware that this was most likely due to a change introduced in this major, but my (incorrect) expectation was that would be handled seamlessly; (I considered it could be due to the fact that I had VPN installed on this box, recently, and this resulted in leftover packages, but I was able to confirm this was not the case)
  3. After reading around, saw a couple of reports stating I should simply replace my "wolfssl" packages with their "mbedtls" equivalents using the command-line, through a recent Reddit post that led me to this thread with special care to download the replacing packages first, uninstall offending packages and then install the previously downloaded packages;
  4. ... but since I was not able to find "wpad-basic-mbedtls" using opkg, I abandoned this route;
  5. Instead, I stuck to "Attended Sysupgrade" and tested first manually inserting the new packages on the upgrade package list, while removing the conflicting ones;
  6. Ended up having trouble downloading "wpad-basic-mbedtls" anyway, so, armed with the knowledge that these might be default packages that are replaced as dependencies (thanks goes to @efahl for explaining here), I simply removed them without adding replacements; (this is probably a mistake, as you'll see further down)
    NOTE: In my case, "wolfssl" were default packages. Future readers should take care to understand if their package set included explicit "wolfssl" installs, or risk breaking functionality.
  7. At this point, I also found out that, since I had "adblock" installed, "luci-i18n-adblock-en" was also blocking the new image, but was meant to be removed altogether (again, thanks go to @efahl for confirming this on his own AUC upgrade attempt); I ended up removing this package too
  8. Upgrade took a while, and ended up coming back up with only ethernet; I read some posts in this regard, hinting at fixing them by installing offending packages;
  9. Since I had removed the aforementioned packages (specifically "*-wolfssl"), I tried connecting via ethernet to SSH/LUCI, and eventually found a port that allowed this, and surely enough "wpad-basic-mbedtls" was missing, so I went about installing it (was now found) and rebooting my router;
  10. Wifi came back up, albeit after more time than I was expecting (probably just anxious to sort this out, finally).

Not sure what failed here:

  1. Maybe my package list is overpopulated by default, and I should've trimmed it;
  2. But then, I did trim out "wpad-basic-wolfpad", but in the process couldn't get "wpad-basic-mbedtls" to replace it
  3. There's a chance that in some of these attempts, I forgot to select "23.05.0" (leaving my default 22.03.5) as the version to upgrade to (hence the failure to find "wpad-basic-mbedtls" in some of these attempts)

@efahl : from what I read, AUC should've automatically replaced "wolfssl" packages and even removed the "adblock" translation one; isn't AUC used by "Attended Sysupgrade" and consequently should've prevented this from happening?

All things considered, great release. I only ended up stumbling across these issues since I pressed on despite multiple error signs.

Does image for NanoPi R2C work for NanoPi R2C Plus? It has additional eMMC memory 8G. The 'problem' is that it is 'impossible' to find 'R2C' exactly on Aliexpress, only 'R2C Plus' is suggested.

@ravemir , I was expecting a similar situation upgrading my RT3200 from 22.03.5 to 23.05.0 because not only wolfssl changes to mbedtls, also the firmware is split and I could end up without WiFi, so I did the following:

  1. Opened the firmware selector and clicked on "Customize installed packages and/or first boot script".
  2. Added the packages I manually added on v22.03. In my case: nano, luci-app-attendedsysupgrade, luci-app-ddns, ddns-scripts-noip, curl, speedtestpp and so on. Also replaced wpad-basic-mbedtls for wpad-mbedtls because I use FT (802.11r) and requested a customized build like that.
  3. Did a sysupgrade keeping my settings.
  4. Everything was up and running and no missing firmware or dependencies.

In step 2, only the top packages are needed, for example luci-app-ddns install its dependencies automatically. I added the NoIP script because it wasn't a dependency of luci-app-ddns. For Attended Sysupgrade I only added luci-app-attendedsysupgrade. To be sure, I also added luci-app-firewall because it wasn't on the list and the theme I use (luci-theme-openwrt2020).

When 23.05.1 releases, I will do an attended syspgrade because in theory, there shouldn't be package name changes between minor releases. I hope not.

I hope this helps someone else.

4 Likes

That's not a bug, it's just a fact of life when using generic platforms without a specific configuration. You need to modify your /etc/board.json to correspond to the specifics of your device. Here's mine for a 4-port x86 box:

$ cat /etc/board.json
{
        "model": {
                "id": "x86_64,combined",
                "name": "CWWK N5105"
        },
        "network": {
                "wan": {
                        "device": "eth0",
                        "protocol": "dhcp"
                },
                "lan": {
                        "ports": [
                                "eth1",
                                "eth2",
                                "eth3"
                        ],
                        "protocol": "static"
                }
        }
}
4 Likes

No, and that's an issue. They are distinct, relatively thin wrappers around the opkg, the ASU Server database (sysupgrade.openwrt.com) and some RPC/exec calls. auc is a CLI-only C program (https://github.com/openwrt/packages/tree/openwrt-22.03/utils/auc) that does its own thing, while LuCI Attended Sysupgrade is a browser app (https://github.com/openwrt/luci/tree/master/applications/luci-app-attendedsysupgrade) that does many of the same things, but they are different in several ways.

For example, auc scans https://sysupgrade.openwrt.org/json/v1/overview.json and extracts the package_changes data, while it appears that Attended Sysupgrade does not (hence the differing wolfssl/mbedtls behaviors). Also, ASU lets you pick and choose packages to manually add or remove, while auc does not have that ability. Another one is that auc lets you pick any release/branch combination, while ASU tries to keep you on the garden path. I'm compiling a table of differences, hopefully can consolidate the behaviors where appropriate.

They both ultimately invoke the firmware builder and then run sysupgrade, but they get there from subtly different routes.

2 Likes

Hmm, you didn't have to manually intervene with the changes in /etc/config/wireless (the path becoming phy thing)? I wonder what fixed it...

No, I did the same procedure on my RT3200 and also my WDR4300 that I use as a dumb AP. Sysupgrade from 22.03.5 to 23.05.0 keeping settings.

Cheers!

EDIT: also did the same procedure on my GF's Redmi AC2100 and I plan to do the same on my mom's Xiaomi Mi 4A 100M.

2 Likes

Xiaomi Mi Router 3 Pro (R3P) has some problem when reading from USB attached HD + Samba 4. As reported by this user on Reddit, it's an ongoing bug that I started suffering after updating to main 23.05.0 (since I don't use RC on my router).

After 10-15 minutes streaming videos through my lan the router stops working completely and reboots.

1 Like

Hi all, I've just taken the plunge and decided that instead of playing it safe when upgrading my Unifi 6 LR from 22.03.05 to 23.05.0 (ie. by doing an upgrade with a standard build and then re-doing my settings), I would use efahl's earlier post about the Belkin RT3200 as a quick guide.

I connected via SSH and did

auc -y -b 23.05 -B 23.05.0

When the unit rebooted (it took a while), it mostly seemed OK. The 2.4GHz radio was working fine, but with the 6 LR that is MediaTek MT7622 802.11b/g/n. The 5GHz radio wasn't working. So back into SSH and as per efahl's post, I just took a punt at doing:

opkg update
opkg install kmod-mt7915-firmware
reboot

Because I haven't got a Belkin RT3200 I didn't make the changes to the /etc/config/wireless as recommended, and after reboot both radios appear to be working fine.

@efahl - thanks as always for your advice, as usual it works a treat. One quick question, would you still recommend the changes to the /etc/config/wireless file, or should I just leave it because the wireless seems to be working? Just one other thing, could you update your post because you left the mt out of the following line

opkg install kmod-mt7915-firmware

which caused me a bit of head scratching. That aside, you're a legend.

So in brief, well chuffed, thanks again to the community for making this stuff work

Happy

1 Like

I have updated my Netgear WAX202, again by getting SSH access and running:

auc -y -b 23.05 -B 23.05.0

but similar to this earlier post I get quite a few concerning log messages. I'm going to ignore unless I start seeing some other issues.

I initially got the same issues as @Settler but I just took a punt again with the following:

opkg update
opkg install kmod-mt7915-firmware
reboot

And hey presto, it's all up and running. It does seem to take longer for the wifi to come back up after a reboot though. Any ideas?

Also, the 2 devices I've upgraded tonight were both dumb APs. I'd previously disabled dnsmasq and firewall, but after using auc to upgrade both those services were back as enabled. Any ideas what's occurring there?

So overall, I've had a successful night moving onto the new release with my two dumb APs. In the next few days I'm going to update my main router which is a Mochabin. I have a question which I probably know the answer to though.

I previously increased the Overlay partition on my Mochabin to make use of the full eMMc card using the following instructions mochabin - expanding_the_emmc_partition

If I do the auc upgrade, is there any chance it will keep that partition size? I'm guessing not, but kind of hoping someone will tell me auc is even smarter than I already expect.

I'm aware my likely best alternative is to just use the image builder and change the hidden config file to increase the overlay partition, then run the manual upgrade and get it to keep all settings.