Qualcommax NSS Build

Community Builds, Projects & Packages
4201

I am testing dynamic vlan.
First, the AP is set to bridge AP mode as the default setting, and the WAN interface is assigned 192.168.1.100.
The WAN interface and the phy1-ap0 interface are bridged, and when the station connects to the SSID of phy1-ap0, an IP in the 192.168.1.xxx range is assigned.
In this state, the SSID of phy1-ap0 is set to apply dynamic vlan.

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'wan'
        option mode 'ap'
        option ssid 'ACB7D5-2g'
        option encryption 'wpa2'
        option wmm '1'
        option auth_server '192.168.254.210'
        option auth_port '1812'
        option auth_secret '123123123123'
        option dynamic_vlan '1'
        option vlan_naming '1'
        option vlan_tagged_interface 'br-wan'
        option vlan_bridge 'brvlan'

When the station performs 802.1x authentication through the ssid of phy1-ap0, I confirmed that it receives the VLAN ID (120) from the radius server. Then, the br-wan.120 and phy1-ap0.120 interfaces were created, and a bridge interface called brvlan that connects them was also created. The station's connection was changed to phy1-ap0.120. When receiving dhcp with VLAN tagging, normally 192.168.120.xxx band should be allocated, but 192.168.1.xxx band is allocated. Based on this phenomenon, it seems that interfaces for dynamic vlan to operate were automatically created, but packets are going out without vlan tagging.
Please share what you know about the parts to check and solutions to resolve this.

4202

Hi boys,

This version include NSS offload for WiFi

I am redo the repos over the latest commit from OpenWRT.

Changelog (include upstream of OpenWRT):

  • Updated NSS kernel and software to version 6.6.59.
  • Added the latest changes developed by @qosmio for NSS.

Notes:

Sources:

BUILDED (NORMAL): https://github.com/AgustinLorenzo/openwrt/releases/tag/ipq807x-nsswifi-2024-11-05-1023

BUILDED (MESH BUILD): https://github.com/AgustinLorenzo/openwrt/releases/tag/ipq807x-nsswifi-mesh-2024-11-05-1240

NOTE: Now I only compile the build for the following devices AX3600, AX6, AX9000, Dynalink DL-WRX36, Buffalo WXR-5950AX12, QNAP QHora-301W, Netgear RAX120v2, Arcadyan AW1000, Zyxel NBG7815, Linksys MX4200 (v1 and v2), Netgear SXR80, Netgear SXS80, Spectrum SAX1V1K and Netgear WAX218 if someone has used my versions with other devices (and it is supported), let me know and I will add it.

7 Likes
4203

Hi, can I ask if you can include an Imagebuilder for arcadyan aw1000?

4204

Using you example I was finally able to get a working NSS config with VLAN's. Using the latest build from @AgustinLorenzo I know have my Netgear WAX218's setup as 'dumb AP's' with NSS enabled.

Config is as follows for me:


config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'xxxxxxxxxxx::/48'
	option packet_steering '0'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.0.252'
	option netmask '255.255.255.0'
	option gateway '192.168.0.1'
	option delegate '0'
	list dns '192.168.0.1'

config interface 'wlan'
	option device 'br-wlan'
	option proto 'static'
	option ipaddr '192.168.10.252'
	option netmask '255.255.255.0'
	option gateway '192.168.10.1'
	option delegate '0'

config interface 'iot'
	option device 'br-iot'
	option proto 'static'
	option ipaddr '192.168.2.252'
	option netmask '255.255.255.0'
	option gateway '192.168.2.1'
	option delegate '0'

config device
	option type '8021q'
	option ifname 'lan'
	option vid '1'
	option name 'lan.1'

config device
	option type '8021q'
	option ifname 'lan'
	option vid '2'
	option name 'lan.2'

config device
	option type '8021q'
	option ifname 'lan'
	option vid '10'
	option name 'lan.10'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan.1'

config device
	option type 'bridge'
	option name 'br-iot'
	list ports 'lan.2'

config device
	option type 'bridge'
	option name 'br-wlan'
	list ports 'lan.10'
2 Likes
4205

@AgustinLorenzo - thank you; excited to try. linksys mx4300 would be great

2 Likes
4206

Hi Agustin, i'm having issues with last build for AX9000. When i do an "update lists" i receive an error with " The opkg update command failed with code 6". Internet is ok btw... any tips?

1 Like
4207

Refer to:

1 Like
4208

@qosmio
There are many such prints in the system log, how to solve it?

image
image985×331 5.55 KB

4209

You can also DIY: https://github.com/JuliusBairaktaris/Qualcommax_NSS_Builder

1 Like
4210

Same here, i think its because we are using the snapshot. Please help @AgustinLorenzo

4211

Don't worry it's not your fault it's simply the evolution of OpenWrt and its new apk package manager that replaced opkg.
@qosmio I see that you rebased your repo a few minutes ago. Are there any anomalies with the new apk package manager.
My first attempt to compile with old opkg ended with

Collected errors:
 * pkg_hash_check_unresolved: cannot find dependency procd-seccomp for base-files
 * pkg_hash_fetch_best_installation_candidate: Packages for base-files found, but incompatible with the architectures configured
 * opkg_install_cmd: Cannot install package base-files.
make[2]: *** [package/Makefile:99: package/install] Error 255
make[2]: Leaving directory '/home/debian/openwrt-ipq-QNAP'
make[1]: *** [package/Makefile:179: /home/debian/openwrt-ipq-QNAP/staging_dir/target-aarch64_cortex-a53_musl/stamp/.package_install] Error 2
make[1]: Leaving directory '/home/debian/openwrt-ipq-QNAP'
make: *** [/home/debian/openwrt-ipq-QNAP/include/toplevel.mk:248: world] Error 2

Enabling seccomp resolved the error.
image
Compiling with apk as default package manager was successful too with a minor fault of uclient-fetch and wget conflicting with each other. So I excluded wget from the build but I left curl.

2 Likes
4212

You should probably make a new .config as some dependencies have changed.

1 Like
4213

the opkg transition to apk is ongoing ... one major fix has just been comitted that was blocking the build of the apk db repository ... if one needs to install packages separate to their builds they should force apk (under global build options) and select one of the apk packages (openssl for instance). I am running on another device apk with no issues now.

btw. i had to delete build_dir/target-aarch64_cortex-a53_musl/ ...

1 Like
4214

Just a small heads up for everyone running openssl: apk defaults to openwrt standard mbedtls.

Here is an example config that compiles without a problem:

Note that BanIP appears to be broken: https://github.com/openwrt/packages/issues/25376

3 Likes
4215

curl works with banip but depends on mbedtls. wget-ssl uses openssl but somehow banip is not working with it. I have asked on banip thread. hope for a solution.

1 Like
4216

I think under libraries > libcurl you can let curl use openssl

1 Like
4217

thanks for the tip.
trying this.. building now

CONFIG_PACKAGE_curl=y
CONFIG_LIBCURL_MBEDTLS=n
CONFIG_LIBCURL_OPENSSL=y
4218

Anyone got a build for mx4300 with the new apk manager (6.60 kernel)?

4219

Whats changed in today’s release?
I dont know but i had issues with some websites after previous upgrade. Like Apple Software updates slowing down badly and when switch to another router its fine.

4220

kernel 6.6.60 latest as of today 17Nov2024

this has docker related packages too .also, it makes it into a DumbAP with ALL ports part of LAN.it assumes you can get an IP via dhcp from an upstream router for you to connect and use. do NOT use if your situation is different