Qualcommax NSS Build

AgustinLorenzo · October 28, 2024, 7:25am

Your problem is the DHCP issue that has been repeated a few times around here.

Link: https://github.com/AgustinLorenzo/openwrt/issues/5

Regards, Agustin

qosmio · October 28, 2024, 7:33am

ft_psk_generate_local and pmk_r1_push are only for WPA2 mode.

I've upgraded the config to use sae-mixed mode as it's successfully working with NSS and 802.11r, which was the biggest blocker for me. That's since been fixed.

XiaoliChan · October 28, 2024, 8:00am

Yes, I am also following your config to setup wpa3/mixed mode with 802.11r

BTW, is this 802.11w needed? I checked some posts it said wpa3 is need 802.11w

github.com/openwrt/luci

Wireless ieee80211w with WPA3

opened 09:30PM - 26 Sep 21 UTC

closed 08:05AM - 27 Sep 21 UTC

ByCzech

802.11w Management Frame Protection option has 3 values: disabled, optional and …required. Luci sets it with: "uci del wireless.default_radioN.ieee80211w" for "disabled" "uci set wireless.default_radioN.ieee80211w='1'" for "optional" "uci set wireless.default_radioN.ieee80211w='2'" for "required" which is OK for WPA and WPA2 modes. But in WPA2/WPA3 mixed mode or in WPA3 mode "disabled" not working. For disabling 802.11w is needed manual setting: uci set wireless.default_radioN.ieee80211w='0' this option setting is working well as "disabled" for WPA and WPA2 modes too. So I wish to Luci change his behavior in this setting.

For me, if set ieee80211w to 0 (disable), my iPhone can't join that wifi

If set ieee80211w to 2, my nintendo switch can't join the wifi.

Only set it to 1, both device can join

XiaoliChan · October 28, 2024, 8:38am

Confirm 802.11r works, the system log shows auth_alg=ft when I come into another room

If user is refreshing the config from Luci interface to @qosmio sae-mixed, must do this step

set 802.11w Management Frame Protection to Optional (by default is disabled)

bgcngm · October 28, 2024, 9:11am

Many thanks for your reply @AgustinLorenzo, but I did try that before posting and it didn't change anything. DHCP was actually working because I had IP address when connected via cable. The issue was just with the WiFi interface.

Meanwhile I compiled a build myself and it works. I am now struggling recreating my old setup with trunked vlans on the ethernet ports. Is anyone here running such a setup, to connect one ethernet port to a dumb AP that supports two trunked vlans? Is this similar to what has been described by @Ka6uka in this post - Qualcommax NSS Build - #3751 by Ka6uka ?

qosmio · October 28, 2024, 9:39am

Nope, you can leave it as disabled

paulomp · October 28, 2024, 10:29am

Hello @qosmio, @AgustinLorenzo and @Ka6uka ,

Thanks for the support!
I fixed my problem, the problem was in the managed switch between the dummy AP and the router

Does the NSS version support vlan over mesh? Or does it require the creation of a tunnel ("GRETAP tunnel over IPv4")?

Best regards,
Paulo

XiaoliChan · October 28, 2024, 10:59am

I set it disabled, and my iphone can't connect it anymore.

qosmio · October 28, 2024, 2:49pm

You have to do a "forget this network" on your iPhone as it tries to always use the previous option.

sppmaster · October 28, 2024, 3:48pm

As I've promised I've tested the same scenario with my Mikrotik RB5009UG and the results are repeatable. I've tried another VPN provider and there are no speed drops. Looks like the first VPN provider implemented a speed limiting so not many consecutive tests can be run in a row.
On my Moto smartphone and Laptop connected wirelessly to the router I even get over 500 Mbps using the WG tunnel and that's great.
So no NSS nor Vanilla OpenWrt issues obviously.
Cheers.

paulomp · October 29, 2024, 7:28am

Hello,

No one with the same use case?

Best regards,
Paulo

bgcngm · October 29, 2024, 10:13am

Can you please detail your setup? I might be facing the same problem as you. I have Xiaomi AX3600 running NSS build and therefore can't use the usual VLAN tagging anymore. The problem is that then I have a dumb AP configured with VLAN tagging and a managed switch, both running OpenWrt and connected to two trunked VLAN ports on the router.

paulomp · October 29, 2024, 12:00pm

Hello @bgcngm ,

In my use case I have the Xiaomi AX3600 without NSS build and using the DSA vlan tagging, an managed switch where I just put unmanaged in the dumb AP port, and then the Linksys Mx4200 as dumb AP (with NSS build). My next step in dumb AP is to connect over MESH to another dumb AP that's in the garage.

So my previous question, I was trying to understand how to make the VLAN filtering work with NSS building, and mesh (right now I was using tunnel on the original OpenWrt snapshot). Can you confirm if the process is the same?

Best regards,
Paulo

bgcngm · October 29, 2024, 12:19pm

Well... I had to downgrade AX3600 to the non NSS build in order to use DSA VLAN tagging just like you. Based on the examples from @qosmio I understand how to setup VLANs in the new way, but I don't know how to setup NSS to have two trunked VLAN ports so that I can still connect the AP and the managed switch. I guess we are in the same boat then.

paulomp · October 29, 2024, 12:49pm

I start the other way round, I was thinking of setting up the dummy AP's first, and then setting up the router later

zxlhhyccc · October 30, 2024, 12:31pm

What impact does this printed log have on wireless?

cjom · October 30, 2024, 12:54pm

Just to say this is the best AX3600 build I ever used

Based in @JuliusBairaktaris repo but my fork removes banIP and adds the Wireguard VPN client, Policy-Based Routing, AdBlock Fast, and SQM.
No MESH.

JuliusBairaktaris · October 30, 2024, 1:15pm

Thanks for the compliment!

SaddFox · October 30, 2024, 7:13pm

I got another system freeze on AX3600. Updated to a newer version and got another one in just a few minutes while watching multicast IPTV. This time with option disable_offloads '1'. Something about ecm not playing along with multicast traffic. It works fine with snapshot builds, including the same kernel 6.6.58.
@qosmio any ideas what might be causing this and what I can do to help debug it?

crash log

[   90.141318] br-lan: port 5(phy1-ap0) entered blocking state
[   90.141379] br-lan: port 5(phy1-ap0) entered forwarding state
[  234.610744] rcu: INFO: rcu_sched self-detected stall on CPU
[  234.610797] rcu: 	1-...!: (6000 ticks this GP) idle=5604/1/0x4000000000000000 softirq=23512/23512 fqs=0
[  234.615141] rcu: 	(t=6000 jiffies g=18017 q=1205 ncpus=4)
[  234.624509] rcu: rcu_sched kthread timer wakeup didn't happen for 5999 jiffies! g18017 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  234.630075] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=4665
[  234.641352] rcu: rcu_sched kthread starved for 6000 jiffies! g18017 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  234.648043] rcu: 	Unless rcu_sched kthread gets sufficient CPU time, OOM is now expected behavior.
[  234.658456] rcu: RCU grace-period kthread stack dump:
[  234.667304] task:rcu_sched       state:I stack:0     pid:15    ppid:2      flags:0x00000008
[  234.672431] Call trace:
[  234.680578]  __switch_to+0xc0/0x120
[  234.683012]  __schedule+0x28c/0x608
[  234.686483]  schedule+0x50/0xac
[  234.689955]  schedule_timeout+0x70/0xe0
[  234.693081]  rcu_gp_fqs_loop+0xc4/0x454
[  234.696901]  rcu_gp_kthread+0xfc/0x128
[  234.700721]  kthread+0xdc/0xe0
[  234.704538]  ret_from_fork+0x10/0x20
[  234.707578] rcu: Stack dump where RCU GP kthread last ran:
[  234.711316] CPU: 1 PID: 6350 Comm: igmpproxy Tainted: G           O       6.6.58 #0
[  234.716614] Hardware name: Xiaomi AX3600 (DT)
[  234.724160] pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  234.728677] pc : queued_spin_lock_slowpath+0x58/0x2d0
[  234.735445] lr : ipmr_find_mfc_entry+0x174/0x1a0
[  234.740652] sp : ffffffc08000b360
[  234.745337] x29: ffffffc08000b360 x28: ffffff8003186104 x27: ffffffc08000b838
[  234.748557] x26: ffffff8014e1e800 x25: 0000000039020aef x24: 0000000000000001
[  234.755675] x23: ffffffc080e075e8 x22: ffffffc08000b538 x21: 0000000000000010
[  234.762793] x20: ffffff80127620c0 x19: ffffff800203c000 x18: 0000000000000070
[  234.769910] x17: ffffffbf9f312000 x16: ffffffc080008000 x15: d815c29b6fbc0283
[  234.777028] x14: 1168b14b6344394d x13: 0000000000000000 x12: 0000000000000001
[  234.784146] x11: 0000000000000000 x10: fffffffff8dd5d30 x9 : ffffffc08000b4d0
[  234.791266] x8 : ffffffc08000b578 x7 : 0000000039020aef x6 : 00000000f88d11ac
[  234.798383] x5 : 000000001a03181f x4 : ffffffc080e07600 x3 : 0000000000000000
[  234.805502] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffffffc080e07600
[  234.812620] Call trace:
[  234.819728]  queued_spin_lock_slowpath+0x58/0x2d0
[  234.821990]  ecm_multicast_ipv4_connection_process+0x1f0/0x2d3c [ecm]
[  234.826855]  ecm_ipv4_ip_process+0x3a4/0x1c54 [ecm]
[  234.833274]  ecm_ipv4_ip_process+0xe08/0x1c54 [ecm]
[  234.837961]  nf_hook_slow+0x48/0xe8
[  234.842821]  ip_mc_output+0x1b4/0x1f8
[  234.846293]  NF_HOOK.constprop.0.isra.0+0xb4/0xd0
[  234.850114]  ipmr_queue_xmit+0x368/0x548
[  234.854801]  ip_mr_forward+0x184/0x368
[  234.858793]  ip_mr_input+0x7c/0x330
[  234.862352]  ip_sublist_rcv_finish+0x70/0x9c
[  234.865739]  ip_sublist_rcv+0x194/0x1b4
[  234.870252]  ip_list_rcv+0x120/0x1b0
[  234.873811]  __netif_receive_skb_list_core+0x1ec/0x2a0
[  234.877633]  netif_receive_skb_list_internal+0x1fc/0x338
[  234.882581]  napi_complete_done+0x68/0x1bc
[  234.888048]  nss_core_handle_napi_queue+0x60/0x80 [qca_nss_drv]
[  234.891956]  __napi_poll+0x38/0x178
[  234.897768]  net_rx_action+0x14c/0x2d0
[  234.901240]  handle_softirqs+0xfc/0x230
[  234.905059]  __do_softirq+0x14/0x20
[  234.908792]  ____do_softirq+0x10/0x1c
[  234.912265]  call_on_irq_stack+0x24/0x4c
[  234.916086]  do_softirq_own_stack+0x1c/0x28
[  234.920079]  irq_exit_rcu+0x90/0xc8
[  234.923984]  el1_interrupt+0x38/0x54
[  234.927457]  el1h_64_irq_handler+0x18/0x24
[  234.931277]  el1h_64_irq+0x68/0x6c
[  234.935181]  ipmr_update_thresholds+0x60/0xe8
[  234.938568]  ipmr_mfc_add+0x458/0x840
[  234.942995]  ip_mroute_setsockopt+0x428/0x514
[  234.946642]  do_ip_setsockopt+0xf0/0xff4
[  234.950980]  ip_setsockopt+0x34/0x9c
[  234.954973]  raw_setsockopt+0xd4/0x1b4
[  234.958532]  sock_common_setsockopt+0x1c/0x28
[  234.962092]  do_sock_setsockopt+0x64/0x138
[  234.966519]  __sys_setsockopt+0x58/0xc4
[  234.970512]  __arm64_sys_setsockopt+0x28/0x38
[  234.974246]  invoke_syscall.constprop.0+0x5c/0x108
[  234.978761]  do_el0_svc+0x40/0xc8
[  234.983445]  el0_svc+0x30/0xb8
[  234.986830]  el0t_64_sync_handler+0x120/0x12c
[  234.989784]  el0t_64_sync+0x178/0x17c
[  234.994218] CPU: 1 PID: 6350 Comm: igmpproxy Tainted: G           O       6.6.58 #0
[  234.997863] Hardware name: Xiaomi AX3600 (DT)
[  235.005322] pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  235.009840] pc : queued_spin_lock_slowpath+0x58/0x2d0
[  235.016608] lr : ipmr_find_mfc_entry+0x174/0x1a0
[  235.021816] sp : ffffffc08000b360
[  235.026500] x29: ffffffc08000b360 x28: ffffff8003186104 x27: ffffffc08000b838
[  235.029720] x26: ffffff8014e1e800 x25: 0000000039020aef x24: 0000000000000001
[  235.036837] x23: ffffffc080e075e8 x22: ffffffc08000b538 x21: 0000000000000010
[  235.043956] x20: ffffff80127620c0 x19: ffffff800203c000 x18: 0000000000000070
[  235.051074] x17: ffffffbf9f312000 x16: ffffffc080008000 x15: d815c29b6fbc0283
[  235.058193] x14: 1168b14b6344394d x13: 0000000000000000 x12: 0000000000000001
[  235.065309] x11: 0000000000000000 x10: fffffffff8dd5d30 x9 : ffffffc08000b4d0
[  235.072429] x8 : ffffffc08000b578 x7 : 0000000039020aef x6 : 00000000f88d11ac
[  235.079546] x5 : 000000001a03181f x4 : ffffffc080e07600 x3 : 0000000000000000
[  235.086665] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ffffffc080e07600
[  235.093782] Call trace:
[  235.100891]  queued_spin_lock_slowpath+0x58/0x2d0
[  235.103151]  ecm_multicast_ipv4_connection_process+0x1f0/0x2d3c [ecm]
[  235.108017]  ecm_ipv4_ip_process+0x3a4/0x1c54 [ecm]
[  235.114438]  ecm_ipv4_ip_process+0xe08/0x1c54 [ecm]
[  235.119124]  nf_hook_slow+0x48/0xe8
[  235.123983]  ip_mc_output+0x1b4/0x1f8
[  235.127455]  NF_HOOK.constprop.0.isra.0+0xb4/0xd0
[  235.131277]  ipmr_queue_xmit+0x368/0x548
[  235.135964]  ip_mr_forward+0x184/0x368
[  235.139956]  ip_mr_input+0x7c/0x330
[  235.143514]  ip_sublist_rcv_finish+0x70/0x9c
[  235.146902]  ip_sublist_rcv+0x194/0x1b4
[  235.151415]  ip_list_rcv+0x120/0x1b0
[  235.154973]  __netif_receive_skb_list_core+0x1ec/0x2a0
[  235.158796]  netif_receive_skb_list_internal+0x1fc/0x338
[  235.163744]  napi_complete_done+0x68/0x1bc
[  235.169210]  nss_core_handle_napi_queue+0x60/0x80 [qca_nss_drv]
[  235.173121]  __napi_poll+0x38/0x178
[  235.178932]  net_rx_action+0x14c/0x2d0
[  235.182404]  handle_softirqs+0xfc/0x230
[  235.186223]  __do_softirq+0x14/0x20
[  235.189956]  ____do_softirq+0x10/0x1c
[  235.193428]  call_on_irq_stack+0x24/0x4c
[  235.197247]  do_softirq_own_stack+0x1c/0x28
[  235.201241]  irq_exit_rcu+0x90/0xc8
[  235.205145]  el1_interrupt+0x38/0x54
[  235.208619]  el1h_64_irq_handler+0x18/0x24
[  235.212438]  el1h_64_irq+0x68/0x6c
[  235.216344]  ipmr_update_thresholds+0x60/0xe8
[  235.219731]  ipmr_mfc_add+0x458/0x840
[  235.224157]  ip_mroute_setsockopt+0x428/0x514
[  235.227804]  do_ip_setsockopt+0xf0/0xff4
[  235.232143]  ip_setsockopt+0x34/0x9c
[  235.236136]  raw_setsockopt+0xd4/0x1b4
[  235.239696]  sock_common_setsockopt+0x1c/0x28
[  235.243255]  do_sock_setsockopt+0x64/0x138
[  235.247683]  __sys_setsockopt+0x58/0xc4
[  235.251675]  __arm64_sys_setsockopt+0x28/0x38
[  235.255409]  invoke_syscall.constprop.0+0x5c/0x108
[  235.259922]  do_el0_svc+0x40/0xc8
[  235.264607]  el0_svc+0x30/0xb8
[  235.267992]  el0t_64_sync_handler+0x120/0x12c
[  235.270948]  el0t_64_sync+0x178/0x17c

nss_diag

root@OpenWrt:~# nss_diag
     MODEL: Xiaomi AX3600
   OPENWRT: r0-9e31cc9c
IPQ BRANCH: qualcommax-6.x-nss-wifi
IPQ COMMIT: 9e31cc9c
  IPQ DATE: 2024-10-25
    NSS FW: NSS.HK.11.4.0.5-6-R
  MAC80211: v6.11.2-0-g7aa21fec187b
 ATH11K FW: WLAN.HK.2.9.0.1-02146-QCAHKSWPL_SILICONZ-1
  GRO FRAG: br-lan      : off
            erspan0     : off
            gre0        : off
            gretap0     : off
            lan1        : off
            lan2        : off
            lan3        : off
            phy1-ap0    : off
            phy2-ap0    : off
            wan         : off
            wg0         : off

  NSS PKGS: kmod-qca-nss-dp - 6.6.58.2024.04.16~5bf8b91e-r1
            kmod-qca-nss-drv - 6.6.58.11.4.0.5.2021.09.13~53e5863-r15
            kmod-qca-nss-drv-bridge-mgr - 6.6.58.11.4.0.5.2021.08.17~c4049d1-r7
            kmod-qca-nss-drv-igs - 6.6.58.11.4.0.5.2021.08.17~c4049d1-r7
            kmod-qca-nss-drv-qdisc - 6.6.58.11.4.0.5.2021.08.17~c4049d1-r7
            kmod-qca-nss-drv-vlan-mgr - 6.6.58.11.4.0.5.2021.08.17~c4049d1-r7
            kmod-qca-nss-ecm - 6.6.58.12.5.5.2024.09.02~bd5057b-r3
            nss-firmware-default - 2024.08.04~794fe373-r1
            nss-firmware-ipq8074 - 2024.08.04~794fe373-r1

/etc/config/ecm

root@OpenWrt:~# cat /etc/config/ecm
config ecm 'global'
	option acceleration_engine 'auto'

config ecm 'general'
	option enable_bridge_filtering	'0'
	option disable_offloads '1'
	option disable_flow_control '0'
	option disable_interrupt_moderation '0'
	option disable_gro '0'
	option disable_gro_list '1'

bgcngm · October 30, 2024, 10:08pm

@junky I was looking at your post Qualcommax NSS Build - #1673 by junky and it seems that you have configured trunked vlan ports. How did you set this up on the NSS enabled device?