No, they simply complain because I restart too many times and flashing takes additional time too.
I've made more tests. Something is wrong probably with Bufferbloat and Speed test on waveform site itself. It simply doesn't measure upload with WiFi from Laptop but works from my Smartphone.
Other test and sites after several attempts now show the correct upload speed.
i was having the no upload results on bufferbloat when i was experiencing the ssl error.
open up the developer console in chrome and look out for ssl errors.
ctrl + shift + i.
This is what I get in Firefox
and this in Chrome
Trying stubbornly several times gives sometimes results but most of the time it just sticks on upload.
Well there it is in Chrome...
ERR_SSL_.....
But why it looks like to me only upload traffic is impacted. I could be totally wrong. Maybe someone with more knowledge can help to investigate this.
And completely out of sense the Speedtest gives bad upload results when the Laptop is in the same room as the router is and one can expect highest possible upload.
When I move it to my most distant room with lowest signal and it shows 100-150Mbps upload.
Actually before the above mentioned patch
net.netfilter.nf_conntrack_tcp_no_window_check=1
I couldn't open one particular website on my wired PC, but I could open it on the Laptop. Isn't it strange. I can't remember if I tested bufferbloat before the patch.
After applying the patch I can open the same site successfully wired and wireless.
Probably it's time to play with
ethtool -K br-lan tx-checksumming off tx-checksum-ip-generic off
once again.
Edit - Again back to the settings @anom3 pointed out
config ecm 'global'
option acceleration_engine 'auto'
config general
option enable_bridge_filtering '0'
option disable_offloads '1'
option disable_flow_control '1'
option disable_interrupt_moderation '1'
and
ethtool -K br-lan tx-checksumming off tx-checksum-ip-generic off
This time I don't want to hurry and say it is finally resolved but see the wireless results now
bufferbloat test works too. No more 30Mbps cap on upload via wireless.
And on my Smart Phone the latency and ping lowered by 10 times!
Check your settings guys and sorry if I pointed anyone out in the wrong direction in my previous posts.
Bonus - Bidirectional (the most difficult) iperf3 test wireless from Laptop.
Latest Update - As I have an OTT based TV Service which receives constantly data traffic between 5-30Mbps I could presume there was still an issue because the TV channels were interrupted for 2-3 seconds every few minutes. The interruptions itself were more frequent on 4K TV channels and it's logical because they use more data (around 25-30Mbps HEVC data flow). And that is something no-one would accept.
With all the latest changes described in the middle of this post I really no longer see TV Service interruptions.
just fyi:
option disable_offloads '1'
and
ethtool -K br-lan tx-checksumming off tx-checksum-ip-generic off
are redundant.
if you have disable_offloads '1', its already doing the ethtool on br-lan.
i only posted the ethtool command because i tracked down the specific 2 offloads that solved the ssl issue for me. so if i run the ethtool, i can keep the offloads on and still get no ssl errors.
but it wont hurt to have both at the same time.
Thank you very much! After I checked, I found out that I forgot NSS-firmware-ipq8074. Now it's up and running.
Using the settings in this combination
option disable_offloads '0'
and
ethtool -K br-lan tx-checksumming off tx-checksum-ip-generic off
doesn't give fully positive results in my setup.
On my Laptop the upload speed is limited to 30-40Mbps at most. Bufferbloat upload test doesn't run either.
So for now I go only with
option disable_offloads '1'
as this gives full upload speed and no errors in bufferbloat tests too.
I don't know what actually all those options do or offload on the QNAP hardware but I don't see any difference in NSS work. Except for the SSL errors that are really tricky.
Probably I will have to do some additional tests when I have spare time.
I wonder what below two options do.
option disable_flow_control '1'
option disable_interrupt_moderation '1'
Hello, Can I flash from ipq807x/generic to qualcommax/ipq807x using "flash firmware" on router page without problems?
That what i did, no issues at all. Just run sysupgrade with -n
Okay, thanks.
Now running 6.1 w/ nss on my ax3600 router based on @dimfish 's repo.
Applied some patches/commands from @sppmaster
to resolve upload test problems.
Nss sqm also works.
Would you mind sharing how did you make NSS SQM working with the dimfish repo?
I add 'luci-app-sqm' package and 'nss-ifb' module on menuconfig then compile.
Same, but it seems to also occur on the master branch.
@dimfish , due to a network instability issue, both 20230511 and 20230802 releases seem to be unstable. More info here: https://github.com/bitthief/openwrt/issues/25
Could you share the changelog of the 20230807 build?
Thanks.
Change log - just update to latest main and bitthief code (6.1.43)
@zek-cmd @ReDaLeRt Did you solve this issue?
Unknown qdisc "nsstbl", hence option "rate" is unparsable
I'm using bitthief/dimfish build and got the same result when setup nssifb. It's redmi ax6
lsmod | grep qdisc
qca_nss_drv 1060864 15 nss_ifb,ecm,qca_nss_tunipip6,qca_nss_tun6rd,qca_nss_crypto,qca_nss_qdisc,qca_nss_vxlanmgr,qca_nss_pptp,qca_nss_pppoe,qca_nss_map_t,qca_nss_lag_mgr,qca_nss_l2tpv2,qca_nss_gre,qca_nss_bridge_mgr,qca_nss_vlan
qca_nss_qdisc 94208 0
qca_ssdk 1425408 5 qca_nss_qdisc,qca_nss_bridge_mgr,qca_nss_vlan,qca_nss_drv,qca_nss_dp
root@OpenWrt:~# opkg list-installed | grep -i nss
jansson4 - 2.14-3
kmod-nss-ifb - 6.1.43-1
kmod-qca-nss-cfi-cryptoapi - 6.1.43+2021-12-14-a0239b33-1
kmod-qca-nss-crypto - 6.1.43+2022-03-20-2271a3a6-1
kmod-qca-nss-dp - 6.1.43+2023-06-06-fa674644-2
kmod-qca-nss-drv - 6.1.43+2023-03-23-5b395eb1-1
kmod-qca-nss-drv-bridge-mgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-clmapmgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-dtlsmgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-eogremgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-gre - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-igs - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-l2tpv2 - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-lag-mgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-map-t - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-match - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-netlink - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-pppoe - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-pptp - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-pvxlanmgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-qdisc - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-tlsmgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-tun6rd - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-tunipip6 - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-vlan-mgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-drv-vxlanmgr - 6.1.43+2023-01-20-a207a7ac-1
kmod-qca-nss-ecm - 6.1.43+2023-04-26-f9b52bfc-1
nss-eip-firmware - 2.5.7-1
nss-firmware-ipq8074 - 2022-07-12-ade6bff5-1
@dimfish Hello! May be it's not about this thread but it works in 23.05.0-rc2 - i can't setup mwan3 in your builds (seams it want iptables, tryed xtables-nft-multi with symlinks - didn't help), is there any replace or may be manual how to configure multiple providers from scratch?
It's related to Openwrt main branch (snapshots). mwan3 uses iptables and ipset that are not supported in main branch. You have to ask mwan3 developers to support nft.
i use(d) mwan3 as well.
as soon as i upgraded to this nss build, it stopped working.
im not going to hand hold too much through this but.. if you just need a fallback connection like i did you can snap together a quick script that loops and pings via ping -I out each interface... once one goes down, adjust your route metrics and set whatever connection is still alive to have a higher metric.
this is how i was able to overcome mwan3 not working.
php was a good choice for me to do this, although it would be much cleaner to do this in vanilla bash which i am not as fluent in as i am php.
here are the lines that are most relevant:
$command='timeout '.$timeout.' ping -c 1 -w '.$timeout.' -W '.$timeout.' -I '.$interface.' '.$ip.' >/dev/null 2>&1';
to test if an interface is up. obviously cycle this on both (or more...) of your interfaces, until at least one successful ping.
$command='ip route del default via '.$ip.' dev '.$interface;
to clear your default routes. remove the default routes for all your interfaces.
$command='ip route add default via '.$ip.' dev '.$interface.' proto static metric '.$metric;
to reinsert a default route with a set metric. you probably want to add both interfaces, even the failed one with a higher metric (20, 30, etc... vs 10 on the working one).
the test ips i use are basically google, opendns and cloudflares dns servers.
$testips=array('8.8.8.8','208.67.222.222','1.1.1.1');
...and no, as far as i can tell there is no way to modify a routes metric without removing + adding them again. there is someone's util on github but its obviously not available for openwrt without going through all the trouble of compiling it etc.