Wireguard vpn issues since restarting router

borgqueenx · June 25, 2023, 6:07am

Hi everyone, the issue might very well be with the vpn provider, but i am curious if it could be router related as well. I had around 2 months of a drama-free experience using the provider surfshark on the wireguard protocol, but then i had a power outage and after power was back, the vpn did not want to connect. I generated new keys and download a new configuration, but since then a game i like to play always kicks me out of lobbys after literary 5 seconds and says im offline. i can reconnect but after 5 seconds it happens again. A smartthings hub device for smart home also constantly sends me push notifications it has gone offline, has reconnected etc. this happens every few hours. During live chats i had with surfshark themselfs trying to solve it, i had "message send failed" often. Web browsing on any devices are without issues though, and disabling the wireguard interface on my DL-WRX36 router also fixes things. Seems like the connection problems are therefore with constant connections, not request-download connections like on web browsers.

So are there things to try on the router side of things in order to fix this?

I already tried to chat with surfshark about it. I changed dns settings to no luck, and tried 3 locations in total without luck. I also did a attended upgrade to the latest openwrt firmware to try to fix it, which it did not.

I already made a network log for a other thread, see the following:

uci export network; \
> uci export network; \
> uci export dhcp; uci export firewall; \
> uci export pbr; \
> ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
> ls -l  /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.*
/tmp/resolv.* /tmp/resolv.*/*
{
        "kernel": "6.1.33",
        "hostname": "MainRouter",
        "system": "ARMv8 Processor rev 4",
        "model": "Dynalink DL-WRX36",
        "board_name": "dynalink,dl-wrx36",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "SNAPSHOT",
                "revision": "r23375-cdfcac6e24",
                "target": "ipq807x/generic",
                "description": "OpenWrt SNAPSHOT r23375-cdfcac6e24"
        }
}
package network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix ' <removed>'
        option packet_steering '1'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'
        option metric '1'
        option dns_metric '10'

config interface 'wan6'
        option device 'wan'
        option proto 'dhcpv6'
        option auto '0'
        option reqaddress 'try'
        option reqprefix 'auto'

config interface 'surfshark'
        option proto 'wireguard'
        option private_key ' <removed>'
        list addresses ' <removed>'
        option metric '0'
        list dns ' <removed>'
        list dns ' <removed>'

config wireguard_surfshark
        option description 'de-fra (1).conf'
        option public_key ' <removed>'
        list allowed_ips '0.0.0.0/0'
        option endpoint_host 'de-fra.prod.surfshark.com'
        option endpoint_port '51820'
        option route_allowed_ips '1'
        option persistent_keepalive '25'

package dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option cachesize '1000'
        option dnsforwardmax '350'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option filter_aaaa '0'
        option filter_a '0'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'server'
        option ra 'server'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config host
        option name 'Samsung'
        option ip '192.168.1.154'
        option mac ' <removed>'

config host
        option name 'HarmonyHub'
        option ip '192.168.1.160'
        option mac ' <removed>'

config host
        option name 'hubv3-4011035646'
        option ip '192.168.1.179'
        option mac ' <removed>'

config host
        option name 'Samsung'
        option ip '192.168.1.151'
        option mac ' <removed>'

package firewall

config defaults
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'
        option flow_offloading '1'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config zone
        option name 'surfshark'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'surfshark'

config include 'pbr'
        option fw4_compatible '1'
        option type 'script'
        option path '/usr/share/pbr/pbr.firewall.include'

config forwarding
        option src 'lan'
        option dest 'surfshark'

package pbr

config pbr 'config'
        option enabled '1'
        option verbosity '2'
        option strict_enforcement '1'
        option resolver_set 'none'
        option ipv6_enabled '0'
        list ignored_interface 'vpnserver'
        list ignored_interface 'wgserver'
        option boot_timeout '30'
        option rule_create_option 'add'
        option procd_reload_delay '1'
        option webui_show_ignore_target '0'
        list webui_supported_protocol 'all'
        list webui_supported_protocol 'tcp'
        list webui_supported_protocol 'udp'
        list webui_supported_protocol 'tcp udp'
        list webui_supported_protocol 'icmp'

config include
        option path '/usr/share/pbr/pbr.user.aws'
        option enabled '0'

config include
        option path '/usr/share/pbr/pbr.user.netflix'
        option enabled '0'

config policy
        option name 'Plex/Emby Local Server'
        option interface 'wan'
        option src_port '8096 8920 32400'
        option enabled '0'

config policy
        option name 'Plex/Emby Remote Servers'
        option interface 'wan'
        option dest_addr 'plex.tv my.plexapp.com emby.media app.emby.media tv.emby.media'
        option enabled '0'

config policy
        option name 'all-other'
        option src_addr '192.168.1.0/24'
        option interface 'surfshark'
        option enabled '0'

config policy
        option name 'hubv3'
        option src_addr '192.168.1.179'
        option interface 'wan'
        option enabled '0'

config policy
        option name 'samsung tv'
        option interface 'wan'
        option src_addr '192.168.1.151'
        option enabled '0'

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
7: wan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    inet 31.19.39.58/24 brd 31.19.39.255 scope global wan
       valid_lft forever preferred_lft forever
10: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
       valid_lft forever preferred_lft forever
30: surfshark: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    inet  <removed> brd  <removed> scope global surfshark
       valid_lft forever preferred_lft forever
default via  <removed> dev wan table pbr_wan
192.168.1.0/24 dev br-lan table pbr_wan proto kernel scope link src 192.168.1.1
default via  <removed> dev surfshark table pbr_surfshark
192.168.1.0/24 dev br-lan table pbr_surfshark proto kernel scope link src 192.168.1.1
default dev surfshark proto static scope link
default via  <removed> dev wan proto static src  <removed> metric 1
 <removed> dev surfshark proto kernel scope link src  <removed>
 <removed> dev wan proto static scope link metric 1
 <removed> via  <removed> dev wan proto static metric 1
 <removed> via  <removed> dev wan proto static metric 1
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
local 10.14.0.2 dev surfshark table local proto kernel scope host src 10.14.0.2
broadcast 10.14.255.255 dev surfshark table local proto kernel scope link src 10.14.0.2
local  <removed> dev wan table local proto kernel scope host src  <removed>
broadcast  <removed> dev wan table local proto kernel scope link src  <removed>
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
local 192.168.1.1 dev br-lan table local proto kernel scope host src 192.168.1.1
broadcast 192.168.1.255 dev br-lan table local proto kernel scope link src 192.168.1.1
0:      from all lookup local
30000:  from all fwmark 0x10000/0xff0000 lookup pbr_wan
30001:  from all fwmark 0x20000/0xff0000 lookup pbr_surfshark
32766:  from all lookup main
32767:  from all lookup default
lrwxrwxrwx    1 root     root            16 Jun 14 23:27 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r--    1 root     root            47 Jun 24 21:54 /tmp/resolv.conf
-rw-r--r--    1 root     root           142 Jun 24 21:54 /tmp/resolv.conf.d/resolv.conf.auto

/tmp/resolv.conf.d:
-rw-r--r--    1 root     root           142 Jun 24 21:54 resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1

==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1

==> /tmp/resolv.conf.d <==
head: /tmp/resolv.conf.d: I/O error

==> /tmp/resolv.conf.d/resolv.conf.auto <==
# Interface surfshark
nameserver <removed>
nameserver  <removed>
# Interface wan
nameserver  <removed>
nameserver  <removed>

frollic · June 25, 2023, 6:18am

It's not a race condition?
Wireguard tries to connect before the router manages to sync the clock ?

borgqueenx · June 25, 2023, 1:06pm

how do i check or fix if that's the case?

frollic · June 25, 2023, 1:19pm

If that's the case, let the router boot without wg started during boot, then try to start WG once you see the date is correct.

borgqueenx · June 25, 2023, 1:28pm

WG starts without problems if i do it immediately after logged into luci, and auto-boot for the wireguard interface is disabled. Also already tried starting it later(by messing around yesterday). it also goes online fine.

frollic · June 25, 2023, 1:30pm

Ok,

Then set wg interface not to start on boot, and add ifup interface name to /etc/init.d/rc.local

Might also add a sleep 10 before the ifup.

borgqueenx · June 25, 2023, 2:51pm

I added it here. In the /etc/init.d folder is no rc.local file. or should i delete it from /etc and add it in /etc/init.d anyway as a new file?

After a reboot, the surfshark interface was started though, without it being enabled on boot.

EDIT: the issues persist.

frollic · June 25, 2023, 3:03pm

ok,

just for fun, do an ifdown surfshark before the sleep

weird it comes up even if it was disabled, how did you do it ?

borgqueenx · June 25, 2023, 3:17pm

isn't it your script in startup that starts the wireguard interface after 10 seconds due to the sleep command?
I now rebooted the router and i think it's around a fair 10s before the wireguard interface starts, unfortunately it did not solve the issues i am having

frollic · June 25, 2023, 3:20pm

true, i misunserstood your reply.

just to make sure, remove the ifup (and ifdown if you added it), check if the vpn tunnel remains down after a reboot.

borgqueenx · June 25, 2023, 3:41pm

interface is not starting, added it back and it's starting

frollic · June 25, 2023, 3:42pm

then the sleep + ifup should work, or the error's something else.

leave it off, readd the sleep + ifup, then you'll need to post the dmesg post boot.

borgqueenx · June 25, 2023, 3:53pm


root@MainRouter:~# dmesg
[    0.000000] Booting Linux on physical CPU 0x0000000000 [0x410fd034]
[    0.000000] Linux version 6.1.33 (builder@buildhost) (aarch64-openwrt-linux-musl-gcc (OpenWrt GCC 12.3.0 r23375-cdfcac6e24) 12.3.0, GNU ld (GNU Binutils) 2.40.0) #0 SMP Wed Jun 14 21:27:29 2023
[    0.000000] Machine model: Dynalink DL-WRX36
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000040000000-0x000000007fffffff]
[    0.000000]   DMA32    empty
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000040000000-0x0000000040ffffff]
[    0.000000]   node   0: [mem 0x0000000041000000-0x000000004a3fffff]
[    0.000000]   node   0: [mem 0x000000004a400000-0x00000000510fffff]
[    0.000000]   node   0: [mem 0x0000000051100000-0x000000007fffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000040000000-0x000000007fffffff]
[    0.000000] psci: probing for conduit method from DT.
[    0.000000] psci: PSCIv1.0 detected in firmware.
[    0.000000] psci: Using standard PSCI v0.2 function IDs
[    0.000000] psci: MIGRATE_INFO_TYPE not supported.
[    0.000000] psci: SMC Calling Convention v1.0
[    0.000000] percpu: Embedded 17 pages/cpu s31592 r8192 d29848 u69632
[    0.000000] pcpu-alloc: s31592 r8192 d29848 u69632 alloc=17*4096
[    0.000000] pcpu-alloc: [0] 0 [0] 1 [0] 2 [0] 3
[    0.000000] Detected VIPT I-cache on CPU0
[    0.000000] alternatives: applying boot alternatives
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 258048
[    0.000000] Kernel command line: console=ttyMSM0,115200n8 ubi.mtd=rootfs rootfstype=squashfs rootwait root=/dev/ubiblock0_1
[    0.000000] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
[    0.000000] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes, linear)
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 887228K/1048576K available (8128K kernel code, 872K rwdata, 2272K rodata, 1344K init, 291K bss, 161348K reserved, 0K cma-reserved)
[    0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1
[    0.000000] rcu: Hierarchical RCU implementation.
[    0.000000]  Tracing variant of Tasks RCU enabled.
[    0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies.
[    0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
[    0.000000] Root IRQ handler: gic_handle_irq
[    0.000000] GICv2m: range[mem 0x0b00a000-0x0b00affc], SPI[448:479]
[    0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention.
[    0.000000] arch_timer: cp15 and mmio timer(s) running at 19.20MHz (virt/virt).
[    0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x46d987e47, max_idle_ns: 440795202767 ns
[    0.000000] sched_clock: 56 bits at 19MHz, resolution 52ns, wraps every 4398046511078ns
[    0.000112] Calibrating delay loop (skipped), value calculated using timer frequency.. 38.40 BogoMIPS (lpj=192000)
[    0.000125] pid_max: default: 32768 minimum: 301
[    0.000609] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
[    0.000623] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes, linear)
[    0.002459] cblist_init_generic: Setting adjustable number of callback queues.
[    0.002471] cblist_init_generic: Setting shift to 2 and lim to 1.
[    0.002663] rcu: Hierarchical SRCU implementation.
[    0.002667] rcu:     Max phase no-delay instances is 1000.
[    0.003460] smp: Bringing up secondary CPUs ...
[    0.004087] Detected VIPT I-cache on CPU1
[    0.004222] CPU1: Booted secondary processor 0x0000000001 [0x410fd034]
[    0.004870] Detected VIPT I-cache on CPU2
[    0.004975] CPU2: Booted secondary processor 0x0000000002 [0x410fd034]
[    0.005586] Detected VIPT I-cache on CPU3
[    0.005683] CPU3: Booted secondary processor 0x0000000003 [0x410fd034]
[    0.005750] smp: Brought up 1 node, 4 CPUs
[    0.005758] SMP: Total of 4 processors activated.
[    0.005763] CPU features: detected: 32-bit EL0 Support
[    0.005768] CPU features: detected: CRC32 instructions
[    0.005830] CPU features: emulated: Privileged Access Never (PAN) using TTBR0_EL1 switching
[    0.005836] CPU: All CPU(s) started at EL1
[    0.005839] alternatives: applying system-wide alternatives
[    0.016269] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.016294] futex hash table entries: 1024 (order: 4, 65536 bytes, linear)
[    0.016503] pinctrl core: initialized pinctrl subsystem
[    0.017954] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.018492] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
[    0.018536] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.018571] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
[    0.018967] thermal_sys: Registered thermal governor 'step_wise'
[    0.019150] cpuidle: using governor menu
[    0.019432] ASID allocator initialised with 65536 entries
[    0.044427] qcom,cpr4-apss-regulator b018000.cpr4-ctrl: CPR valid fuse count: 4
[    0.052924] SCSI subsystem initialized
[    0.053108] usbcore: registered new interface driver usbfs
[    0.053160] usbcore: registered new interface driver hub
[    0.053206] usbcore: registered new device driver usb
[    0.053625] qcom_scm: convention: smc arm 64
[    0.055105] clocksource: Switched to clocksource arch_sys_counter
[    0.056439] NET: Registered PF_INET protocol family
[    0.056599] IP idents hash table entries: 16384 (order: 5, 131072 bytes, linear)
[    0.058101] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes, linear)
[    0.058126] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear)
[    0.058140] TCP established hash table entries: 8192 (order: 4, 65536 bytes, linear)
[    0.058226] TCP bind hash table entries: 8192 (order: 6, 262144 bytes, linear)
[    0.058498] TCP: Hash tables configured (established 8192 bind 8192)
[    0.058596] UDP hash table entries: 512 (order: 2, 16384 bytes, linear)
[    0.058646] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes, linear)
[    0.058844] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    0.058881] PCI: CLS 0 bytes, default 64
[    0.060245] workingset: timestamp_bits=46 max_order=18 bucket_order=0
[    0.065242] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[    0.065254] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[    0.066333] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 248)
[    0.068096] qcom-qmp-usb-phy 78000.phy: supply vdda-phy not found, using dummy regulator
[    0.068237] qcom-qmp-usb-phy 78000.phy: supply vdda-pll not found, using dummy regulator
[    0.069363] qcom-qusb2-phy 79000.phy: supply vdd not found, using dummy regulator
[    0.069487] qcom-qusb2-phy 79000.phy: supply vdda-pll not found, using dummy regulator
[    0.069558] qcom-qusb2-phy 79000.phy: supply vdda-phy-dpdm not found, using dummy regulator
[    0.069704] qcom-qusb2-phy 79000.phy: Registered Qcom-QUSB2 phy
[    0.072796] bam-dma-engine 704000.dma-controller: num-channels unspecified in dt
[    0.072811] bam-dma-engine 704000.dma-controller: num-ees unspecified in dt
[    0.077437] Serial: 8250/16550 driver, 16 ports, IRQ sharing enabled
[    0.079489] msm_serial 78b3000.serial: msm_serial: detected port #0
[    0.079528] msm_serial 78b3000.serial: uartclk = 3686400
[    0.079623] 78b3000.serial: ttyMSM0 at MMIO 0x78b3000 (irq = 20, base_baud = 230400) is a MSM
[    0.079651] msm_serial: console setup on port #0
[    0.742925] printk: console [ttyMSM0] enabled
[    0.748095] msm_serial: driver initialized
[    0.756928] loop: module loaded
[    0.757037] Loading iSCSI transport class v2.0-870.
[    0.760751] nand: device found, Manufacturer ID: 0x2c, Chip ID: 0xaa
[    0.763746] nand: Micron MT29F2G08ABBGAH4
[    0.770364] nand: 256 MiB, SLC, erase size: 128 KiB, page size: 2048, OOB size: 128
[    0.775117] spmi spmi-0: PMIC arbiter version v2 (0x20010000)
[    0.803416] i2c_dev: i2c /dev entries driver
[    0.809664] sdhci: Secure Digital Host Controller Interface driver
[    0.809708] sdhci: Copyright(c) Pierre Ossman
[    0.814744] sdhci-pltfm: SDHCI platform and OF driver helper
[    0.820986] remoteproc remoteproc0: releasing cd00000.q6v5_wcss
[    0.827663] NET: Registered PF_INET6 protocol family
[    0.831682] Segment Routing with IPv6
[    0.835851] In-situ OAM (IOAM) with IPv6
[    0.839384] NET: Registered PF_PACKET protocol family
[    0.843334] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
[    0.848400] 8021q: 802.1Q VLAN Support v1.8
[    0.883343] qcom,cpr4-apss-regulator b018000.cpr4-ctrl: CPR valid fuse count: 4
[    0.883688] cpr4_ipq807x_apss_read_fuse_data: apc_corner: speed bin = 0
[    0.889490] cpr4_ipq807x_apss_read_fuse_data: apc_corner: CPR fusing revision = 1
[    0.896088] cpr4_ipq807x_apss_read_fuse_data: apc_corner: CPR misc fuse value = 0
[    0.903731] cpr4_ipq807x_apss_read_fuse_data: apc_corner: Voltage boost fuse config = 0 boost = disable
[    0.911249] cpr3_mem_acc_init: apc: not using memory accelerator regulator
[    0.920381] cpr4_ipq807x_apss_calculate_open_loop_voltages: apc_corner: fused      SVS: open-loop= 704000 uV
[    0.927328] cpr4_ipq807x_apss_calculate_open_loop_voltages: apc_corner: fused      NOM: open-loop= 808000 uV
[    0.937311] cpr4_ipq807x_apss_calculate_open_loop_voltages: apc_corner: fused    TURBO: open-loop= 872000 uV
[    0.947119] cpr4_ipq807x_apss_calculate_open_loop_voltages: apc_corner: fused   STURBO: open-loop= 968000 uV
[    0.956980] cpr4_ipq807x_apss_calculate_target_quotients: apc_corner: fused      SVS: quot[ 7]= 709, quot_offset[ 7]=   0
[    0.966740] cpr4_ipq807x_apss_calculate_target_quotients: apc_corner: fused      NOM: quot[ 7]= 910, quot_offset[ 7]= 200
[    0.977591] cpr4_ipq807x_apss_calculate_target_quotients: apc_corner: fused    TURBO: quot[ 7]=1021, quot_offset[ 7]= 110
[    0.988527] cpr4_ipq807x_apss_calculate_target_quotients: apc_corner: fused   STURBO: quot[ 7]=1197, quot_offset[ 7]= 175
[    0.999661] cpr3_regulator_init_ctrl: apc: Default CPR mode = closed-loop
[    1.002096] nand: device found, Manufacturer ID: 0x2c, Chip ID: 0xaa
[    1.017169] nand: Micron MT29F2G08ABBGAH4
[    1.023577] nand: 256 MiB, SLC, erase size: 128 KiB, page size: 2048, OOB size: 128
[    1.027850] 25 qcomsmem partitions found on MTD device qcom_nand.0
[    1.034956] Creating 25 MTD partitions on "qcom_nand.0":
[    1.041220] 0x000000000000-0x000000100000 : "0:sbl1"
[    1.048116] 0x000000100000-0x000000200000 : "0:mibib"
[    1.052912] 0x000000200000-0x000000280000 : "0:bootconfig"
[    1.057473] 0x000000280000-0x000000300000 : "0:bootconfig1"
[    1.062813] 0x000000300000-0x000000600000 : "0:qsee"
[    1.070218] 0x000000600000-0x000000900000 : "0:qsee_1"
[    1.075460] 0x000000900000-0x000000980000 : "0:devcfg"
[    1.078454] 0x000000980000-0x000000a00000 : "0:devcfg_1"
[    1.083584] 0x000000a00000-0x000000a80000 : "0:apdp"
[    1.089096] 0x000000a80000-0x000000b00000 : "0:apdp_1"
[    1.094017] 0x000000b00000-0x000000b80000 : "0:rpm"
[    1.098945] 0x000000b80000-0x000000c00000 : "0:rpm_1"
[    1.103734] 0x000000c00000-0x000000c80000 : "0:cdt"
[    1.109004] 0x000000c80000-0x000000d00000 : "0:cdt_1"
[    1.113621] 0x000000d00000-0x000000d80000 : "0:appsblenv"
[    1.118917] 0x000000d80000-0x000000e80000 : "0:appsbl"
[    1.124615] 0x000000e80000-0x000000f80000 : "0:appsbl_1"
[    1.129665] 0x000000f80000-0x000001000000 : "0:art"
[    1.134754] 0x000007a00000-0x00000db00000 : "rootfs"
[    1.213912] mtd: setting mtd18 (rootfs) as root device
[    1.214199] mtdsplit: no squashfs found in "rootfs"
[    1.218004] 0x000007100000-0x000007a00000 : "0:wififw"
[    1.230209] 0x000001000000-0x000007100000 : "rootfs_1"
[    1.305692] 0x00000db00000-0x00000e400000 : "0:wififw_1"
[    1.313189] 0x00000e400000-0x00000fa00000 : "ubifs"
[    1.330850] 0x00000fa00000-0x00000fa80000 : "0:ethphyfw"
[    1.331765] 0x00000fa80000-0x00000fd00000 : "certificate"
[    1.347869] cpufreq: cpufreq_online: CPU0: Running at unlisted initial frequency: 19200 KHz, changing to: 1017600 KHz
[    1.349695] remoteproc remoteproc0: cd00000.q6v5_wcss is available
[    1.357964] ubi0: attaching mtd18
[    1.794835] ubi0: scanning is finished
[    1.801073] ubi0: attached mtd18 (name "rootfs", size 97 MiB)
[    1.801112] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes
[    1.805820] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048
[    1.812575] ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096
[    1.819442] ubi0: good PEBs: 776, bad PEBs: 0, corrupted PEBs: 0
[    1.826207] ubi0: user volume: 3, internal volumes: 1, max. volumes count: 128
[    1.832454] ubi0: max/mean erase counter: 12/6, WL threshold: 4096, image sequence number: 493687432
[    1.839500] ubi0: available PEBs: 0, total reserved PEBs: 776, PEBs reserved for bad PEB handling: 40
[    1.848788] ubi0: background thread "ubi_bgt0d" started, PID 518
[    1.858360] block ubiblock0_1: created from ubi0:1(rootfs)
[    1.867250] VFS: Mounted root (squashfs filesystem) readonly on device 254:0.
[    1.867701] Freeing unused kernel memory: 1344K
[    1.925209] Run /sbin/init as init process
[    1.925232]   with arguments:
[    1.925235]     /sbin/init
[    1.925239]   with environment:
[    1.925242]     HOME=/
[    1.925245]     TERM=linux
[    2.113165] init: Console is alive
[    2.113332] init: - watchdog -
[    2.465118] random: crng init done
[    2.479065] kmodloader: loading kernel modules from /etc/modules-boot.d/*
[    2.578163] ssdk_switch_device_num_init[1335]:INFO:ess-switch dts node number: 1
[    2.578259] ssdk_dt_get_switch_node[1124]:INFO:ess-switch DT exist!
[    2.584636] ssdk_dt_parse_access_mode[999]:INFO:switch_access_mode: local bus
[    2.590650] ssdk_dt_parse_access_mode[1012]:INFO:switchreg_base_addr: 0x3a000000
[    2.597927] ssdk_dt_parse_access_mode[1013]:INFO:switchreg_size: 0x1000000
[    2.605384] ssdk_dt_parse_mac_mode[327]:INFO:mac mode = 0xb
[    2.612060] ssdk_dt_parse_mac_mode[336]:INFO:mac mode1 = 0xff
[    2.617534] ssdk_dt_parse_mac_mode[345]:INFO:mac mode2 = 0xc
[    2.623444] ssdk_dt_parse_phy_info[716]:INFO:[PORT 6] port_mac_sel = QGMAC_PORT
[    2.629198] ssdk_dt_parse_uniphy[364]:INFO:ess-uniphy DT exist!
[    2.636289] ssdk_dt_parse_intf_mac[942]:INFO:dp1 MAC <redacted>
[    2.642124] ssdk_dt_parse_intf_mac[942]:INFO:dp2 MAC <redacted>
[    2.648732] ssdk_dt_parse_intf_mac[942]:INFO:dp3 MAC <redacted>
[    2.655238] ssdk_dt_parse_intf_mac[942]:INFO:dp4 MAC <redacted>
[    2.661817] ssdk_plat_init[1692]:INFO:ssdk_plat_init start
[    2.786120] ssdk_gcc_clock_init[1275]:INFO:SSDK gcc clock init successfully!
[    2.789038] malibu_phy_api_ops_init[2846]:INFO:qca probe malibu phy driver succeeded!
[    2.830830] hsl_phy_phydev_get[773]:ERROR:phy_addr 4 phydev is NULL
[    2.841497] qca808x_phy_api_ops_init[2570]:INFO:qca probe qca808x phy driver succeeded!
[    2.851819] regi_init[3953]:INFO:Initializing HPPE!!
[    3.085113] ssdk_ppe_reset_init[1535]:INFO:ppe reset successfully!
[    3.088625] qca_hppe_portctrl_hw_init[126]:INFO:Hawkeye PPE port initializing
[    3.100313] hsl_phy_phydev_get[773]:ERROR:phy_addr 4 phydev is NULL
[    3.103664] hsl_phy_phydev_get[773]:ERROR:phy_addr 4 phydev is NULL
[    3.801176] ssdk_switch_register[2017]:INFO:Chip version 0x1500
[    3.801210] qca_link_polling_select[1487]:INFO:link-polling-required node does not exist
[    3.805913] ssdk_switch_register[2043]:INFO:polling is selected
[    3.814233] regi_init[3957]:INFO:Initializing HPPE Done!!
[    3.819968] ssdk_genl_init[211]:INFO:ssdk genl family register success.
[    3.825443] regi_init[4020]:INFO:qca-ssdk module init succeeded!
[    3.834278] EDMA ver 1 hw init
[    3.838332] EDMA HW Reset completed succesfully
[    3.840992] Num rings - TxDesc:1 (23-23) TxCmpl:1 (7-7)
[    3.845397] RxDesc:1 (15-15) RxFill:1 (7-7)
[    3.851854] Generic PHY 90000.mdio-1:00: attached PHY driver (mii_bus:phy_addr=90000.mdio-1:00, irq=POLL)
[    3.855533] nss-dp 3a001000.dp1 lan4: Registered netdev lan4(qcom-id:1)
[    3.865198] Generic PHY 90000.mdio-1:01: attached PHY driver (mii_bus:phy_addr=90000.mdio-1:01, irq=POLL)
[    3.871494] nss-dp 3a001200.dp2 lan3: Registered netdev lan3(qcom-id:2)
[    3.881395] Generic PHY 90000.mdio-1:02: attached PHY driver (mii_bus:phy_addr=90000.mdio-1:02, irq=POLL)
[    3.887600] nss-dp 3a001400.dp3 lan2: Registered netdev lan2(qcom-id:3)
[    3.897580] Generic PHY 90000.mdio-1:03: attached PHY driver (mii_bus:phy_addr=90000.mdio-1:03, irq=POLL)
[    3.903800] nss-dp 3a001600.dp4 lan1: Registered netdev lan1(qcom-id:4)
[    4.118843] QCA808X ethernet 90000.mdio-1:1c: attached PHY driver (mii_bus:phy_addr=90000.mdio-1:1c, irq=POLL)
[    4.119423] nss-dp 3a007000.dp6-syn wan: Registered netdev wan(qcom-id:6)
[    4.127852] **********************************************************
[    4.134593] * NSS Data Plane driver
[    4.141016] **********************************************************
[    4.156561] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    4.156605] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 1
[    4.161062] xhci-hcd xhci-hcd.1.auto: hcc params 0x0220fe65 hci version 0x110 quirks 0x0000000002010010
[    4.168554] xhci-hcd xhci-hcd.1.auto: irq 36, io mem 0x08a00000
[    4.177976] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    4.183772] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 2
[    4.189338] xhci-hcd xhci-hcd.1.auto: Host supports USB 3.0 SuperSpeed
[    4.197207] hub 1-0:1.0: USB hub found
[    4.203490] hub 1-0:1.0: 1 port detected
[    4.207481] usb usb2: We don't know the algorithms for LPM for this host, disabling LPM.
[    4.211540] hub 2-0:1.0: USB hub found
[    4.219406] hub 2-0:1.0: 1 port detected
[    4.224626] kmodloader: done loading kernel modules from /etc/modules-boot.d/*
[    4.230721] init: - preinit -
[    6.646191] nss-dp 3a001600.dp4 lan1: PHY Link up speed: 1000
[    6.646264] IPv6: ADDRCONF(NETDEV_CHANGE): lan1: link becomes ready
[    6.682654] UBIFS (ubi0:2): Mounting in unauthenticated mode
[    6.682772] UBIFS (ubi0:2): background thread "ubifs_bgt0_2" started, PID 745
[    6.711665] UBIFS (ubi0:2): recovery needed
[    6.758530] UBIFS (ubi0:2): recovery completed
[    6.758626] UBIFS (ubi0:2): UBIFS: mounted UBI device 0, volume 2, name "rootfs_data"
[    6.761880] UBIFS (ubi0:2): LEB size: 126976 bytes (124 KiB), min./max. I/O unit sizes: 2048 bytes/2048 bytes
[    6.769800] UBIFS (ubi0:2): FS size: 78344192 bytes (74 MiB, 617 LEBs), max 627 LEBs, journal size 3936256 bytes (3 MiB, 31 LEBs)
[    6.779684] UBIFS (ubi0:2): reserved for root: 3700389 bytes (3613 KiB)
[    6.791305] UBIFS (ubi0:2): media format: w5/r0 (latest is w5/r0), UUID <redacted>, small LPT model
[    6.802562] mount_root: switching to ubifs overlay
[    6.812302] overlayfs: null uuid detected in lower fs '/', falling back to xino=off,index=off,nfs_export=off.
[    6.817569] urandom-seed: Seeding with /etc/urandom.seed
[    6.930299] nss-dp 3a001600.dp4 lan1: PHY Link is down
[    6.934690] procd: - early -
[    6.934811] procd: - watchdog -
[    7.482026] procd: - watchdog -
[    7.483637] procd: - ubus -
[    7.640621] procd: - init -
[    7.828770] kmodloader: loading kernel modules from /etc/modules.d/*
[    7.884202] urngd: v1.0.2 started.
[    7.887313] Loading modules backported from Linux version v6.1.24-0-g0102425ac76b
[    7.887345] Backport generated by backports.git v5.15.92-1-44-gd6ea70fafd36
[    7.900139] NET: Registered PF_QIPCRTR protocol family
[    7.927713] PPP generic driver version 2.4.2
[    7.928421] NET: Registered PF_PPPOX protocol family
[    7.932228] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information.
[    7.936035] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
[    7.949233] ath11k c000000.wifi: ipq8074 hw2.0
[    7.953272] ath11k c000000.wifi: FW memory mode: 0
[    7.957852] remoteproc remoteproc0: powering up cd00000.q6v5_wcss
[    7.962651] remoteproc remoteproc0: Booting fw image IPQ8074/q6_fw.mdt, size 668
[    8.997591] remoteproc remoteproc0: remote processor cd00000.q6v5_wcss is now up
[    9.000909] kmodloader: done loading kernel modules from /etc/modules.d/*
[    9.041515] ath11k c000000.wifi: qmi ignore invalid mem req type 3
[    9.048974] ath11k c000000.wifi: chip_id 0x0 chip_family 0x0 board_id 0xff soc_id 0xffffffff
[    9.049023] ath11k c000000.wifi: fw_version 0x290c84a5 fw_build_timestamp 2023-03-25 07:34 fw_build_id WLAN.HK.2.9.0.1-01385-QCAHKSWPL_SILICONZ-1
[    9.367595] ath11k c000000.wifi: htt event 48 not handled
[   32.475133] l11: disabling
[   40.826207] br-lan: port 1(lan1) entered blocking state
[   40.826248] br-lan: port 1(lan1) entered disabled state
[   40.830451] device lan1 entered promiscuous mode
[   40.844115] br-lan: port 2(lan2) entered blocking state
[   40.844156] br-lan: port 2(lan2) entered disabled state
[   40.848438] device lan2 entered promiscuous mode
[   40.857889] nss-dp 3a001200.dp2 lan3: PHY Link up speed: 100
[   40.858866] br-lan: port 3(lan3) entered blocking state
[   40.863869] br-lan: port 3(lan3) entered disabled state
[   40.869099] device lan3 entered promiscuous mode
[   40.878998] br-lan: port 4(lan4) entered blocking state
[   40.879046] br-lan: port 4(lan4) entered disabled state
[   40.884053] device lan4 entered promiscuous mode
[   41.533002] br-lan: port 5(phy0-ap0) entered blocking state
[   41.533048] br-lan: port 5(phy0-ap0) entered disabled state
[   41.537647] device phy0-ap0 entered promiscuous mode
[   41.543030] br-lan: port 5(phy0-ap0) entered blocking state
[   41.548175] br-lan: port 5(phy0-ap0) entered forwarding state
[   41.553534] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
[   41.825144] br-lan: port 3(lan3) entered blocking state
[   41.825192] br-lan: port 3(lan3) entered forwarding state
[   41.829530] br-lan: port 5(phy0-ap0) entered disabled state
[   42.363229] IPv6: ADDRCONF(NETDEV_CHANGE): phy0-ap0: link becomes ready
[   42.363414] br-lan: port 5(phy0-ap0) entered blocking state
[   42.368698] br-lan: port 5(phy0-ap0) entered forwarding state
[   42.565074] br-lan: port 6(phy1-ap0) entered blocking state
[   42.565136] br-lan: port 6(phy1-ap0) entered disabled state
[   42.569728] device phy1-ap0 entered promiscuous mode
[   42.575219] br-lan: port 6(phy1-ap0) entered blocking state
[   42.580249] br-lan: port 6(phy1-ap0) entered forwarding state
[   42.835218] br-lan: port 6(phy1-ap0) entered disabled state
[   42.862336] IPv6: ADDRCONF(NETDEV_CHANGE): phy1-ap0: link becomes ready
[   42.862513] br-lan: port 6(phy1-ap0) entered blocking state
[   42.867812] br-lan: port 6(phy1-ap0) entered forwarding state
[   42.955361] br-lan: port 7(phy0-mesh0) entered blocking state
[   42.955401] br-lan: port 7(phy0-mesh0) entered disabled state
[   42.960337] device phy0-mesh0 entered promiscuous mode
[   43.915217] br-lan: port 5(phy0-ap0) entered disabled state
[   43.916228] nss-dp 3a001600.dp4 lan1: PHY Link up speed: 1000
[   43.919641] br-lan: port 1(lan1) entered blocking state
[   43.925534] br-lan: port 1(lan1) entered forwarding state
[   45.276337] nss-dp 3a007000.dp6-syn wan: PHY Link up speed: 1000
[   45.276407] IPv6: ADDRCONF(NETDEV_CHANGE): wan: link becomes ready
[   45.814370] IPv6: ADDRCONF(NETDEV_CHANGE): phy0-mesh0: link becomes ready
[   45.814559] br-lan: port 7(phy0-mesh0) entered blocking state
[   45.820171] br-lan: port 7(phy0-mesh0) entered forwarding state
[   45.997344] br-lan: port 5(phy0-ap0) entered blocking state
[   45.997397] br-lan: port 5(phy0-ap0) entered forwarding state

borgqueenx · June 25, 2023, 3:54pm

appriciate all the help so far Frollic!
The log above is generated just after the game kicking me out 3 times in a row.

borgqueenx · June 25, 2023, 9:41pm

found out a smart camera i have and my vacuum clean robot also not work anymore wiyh wireguard enabled...really messing with things a lot.

frank92735 · June 26, 2023, 7:34am

Surfshark doesn't support ipv6. Try disabling that on the lan and wan ifaces.

Maybe the router got corrupted on the power glitch. Factory reset and reinstall saved config if other suggestions don't work?

Try other servers - maybe they are playing around with stuff on their side?

borgqueenx · June 26, 2023, 9:17am

Ipv6 is disabled already. Already did a attended firmware upgrade that should have deleted everything, automatically install packages and put config files back.
Already tried switching between 3 servers of surfshark and the issue is gone when the vpn interface is disabled.

frank92735 · June 26, 2023, 2:04pm

If nothing in your network changed then it sounds like something the provider has done based on this information. They probably lost a piece of equipment and swapped something in (or updated something without fully validating it first) when there was a power failure. I would ring them up and say hello?

However....

The same could be true of ss since everything works with the VPN turned off. So then it would be either ss or the router. I would tend to go with ss as being the source of problems since owrt ran for months.

Do some hop tests to see what is going on with SS?

Sidenote: I only get 100Mbps with SS compared to 250Mbps with a more expensive 5 euro/month service on the same router.

Also...

interfaces->wg->advanced->uncheck delegate ipv6?

borgqueenx · June 26, 2023, 4:27pm

So, today i installed openvpn on the router with surfshark, and i had none of the issues that i had with wireguard using the same provider. Everything worked. However i want to use wireguard as its lighter and allows higher speeds.

Also just tried your last tip of unchecking delegate ipv6. it was enabled! But it unfortunately did not work, also not after a restart of the router.

Weird about your experience with surfshark speeds. Never have to complain about their speeds. I get easily 250mbit+ with them.

frank92735 · June 26, 2023, 5:24pm

TQ I just retested with a different laptop and got 150-200Mbps. I am retesting ss to see if it is stable on EA8300 v22.03.3. We will see in a few weeks.

Testing ss without the credential renewal script yields a 48 hour connection and then it drops - same as last year. I was hoping ss would "fix" this by now but it does not seem to be the case. I guess its a security feature? Other providers don't do this. I use other providers.