Custom firmware build for R7800 v. 1.0.2.44SF

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Voxel

Very Senior Member
This version is released mainly for some tuning and correction of reported problems (I had no plans to release it before Christmas ;-) :


a. Some speed degradation for speedtest in WebGUI. And sometimes in client’s Web browsers. As I found irqbalance was not so good for fine tuning. Now it is removed and I use manual spreading some interrupts between cores.

b. QoS DB. Too many people are reporting problems with latest QoS DB included into previous version. I am stressing again that QoS is used in my FW “as-is”, it was included into stock GPL sources in pre-built form and I do not change it. So now I reverted back to old version of QoS, the same is used in the stock firmware. You may upgrade it to newest one from WebGUI or use this version w/o upgrade.

c. Some people are feeling problems with OpenVPN client startup. Namely, they have some delay with setting date/time after reboot so certificates/keys/ca are not valid yet (1970 year). Two changes. First is setting date of firmware build in NTP client startup script, i.e. at least your certificates should be valid already and client should not wait setting proper date and time. Second: you can manually add delay before actual starting OpenVPN client. Command to add delay in e.g. 120 seconds from telnet/ssh console is


nvram set vpn_client_delay=120

nvram commit


To remove this delay set it to 0 or use the command “nvram unset vpn_client_delay


d. Possibility to use your own iptables rules w/o modification of /usr/sbin/net-wall script. If you have /root/firewall-start.sh script (executable) with your iptable commands it will be called automatically at the end of “net-wall start” command.​

Continuation of

https://www.snbforums.com/threads/custom-firmware-build-for-r7800.36859/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-22sf.37222/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-23sf-v-1-0-2-24sf.37477/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-25sf-v-1-0-2-29sf.38032/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-30sf.38366/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-31sf.39142/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-32sf.39657/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-33sf.40198/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-34sf.40523/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-35sf.40794/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-36sf.41166/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-37sf.41317/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-38sf.41751/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-39sf.41945/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-40sf-1-0-2-41sf.42222/
https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-43sf.42683/

New version of my custom firmware build: 1.0.2.44SF.

Changes (vs 1.0.2.43SF):

1. irqbalance package is removed.
2. Added manual spreading some interrupts between cores.
3. QoS DB included into firmware is downgraded to the version used in the stock firmware. You may update it from WebGUI.
4. Changes in OpenVPN cient startup script.
5. Changes in NTP client startup script.
6. avahi package is changed to use dbus.
7. libsodium package is upgraded 1.0.15->1.0.16.
8. CVE-2017-15275 patch is added to samba.
9. net-wall script is corrected to add possibility using own /root/firewall-start.sh script.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

No reset is needed to upgrade from my previous versions.

P.S.
This version does not include the fix for the WPA2 Vulnerability in bridge mode (the last is not released by NETGEAR yet).


Voxel.
 

Petric

New Around Here
Voxel,
Thank you for your job.
What is the best way to change LEDE on your FW for testing?
Just flash with TFTP?

Andrey
 

pege63

Very Senior Member
"QoS DB included into firmware is downgraded to the version used in the stock firmware. You may update it from WebGUI."
How?
 

Voxel

Very Senior Member
"QoS DB included into firmware is downgraded to the version used in the stock firmware. You may update it from WebGUI."
How?
As usual,

BASIC->Quality of Service


Performance Optimization Database [Udate Now]


Voxel.
 

AntonK

Senior Member
This version is released mainly for some tuning and correction of reported problems (I had no plans to release it before Christmas ;-) :


a. Some speed degradation for speedtest in WebGUI. And sometimes in client’s Web browsers. As I found irqbalance was not so good for fine tuning. Now it is removed and I use manual spreading some interrupts between cores.

b. QoS DB. Too many people are reporting problems with latest QoS DB included into previous version. I am stressing again that QoS is used in my FW “as-is”, it was included into stock GPL sources in pre-built form and I do not change it. So now I reverted back to old version of QoS, the same is used in the stock firmware. You may upgrade it to newest one from WebGUI or use this version w/o upgrade.

c. Some people are feeling problems with OpenVPN client startup. Namely, they have some delay with setting date/time after reboot so certificates/keys/ca are not valid yet (1970 year). Two changes. First is setting date of firmware build in NTP client startup script, i.e. at least your certificates should be valid already and client should not wait setting proper date and time. Second: you can manually add delay before actual starting OpenVPN client. Command to add delay in e.g. 120 seconds from telnet/ssh console is


nvram set vpn_client_delay=120

nvram commit


To remove this delay set it to 0 or use the command “nvram unset vpn_client_delay


d. Possibility to use your own iptables rules w/o modification of /usr/sbin/net-wall script. If you have /root/firewall-start.sh script (executable) with your iptable commands it will be called automatically at the end of “net-wall start” command.​
New version of my custom firmware build: 1.0.2.44SF.

Changes (vs 1.0.2.43SF):

1. irqbalance package is removed.
2. Added manual spreading some interrupts between cores.
3. QoS DB included into firmware is downgraded to the version used in the stock firmware. You may update it from WebGUI.
4. Changes in OpenVPN cient startup script.
5. Changes in NTP client startup script.
6. avahi package is changed to use dbus.
7. libsodium package is upgraded 1.0.15->1.0.16.
8. CVE-2017-15275 patch is added to samba.
9. net-wall script is corrected to add possibility using own /root/firewall-start.sh script.

Voxel.
Hi Voxel,

I'm not a router techie, but I'm curious as to what "...some interrupts between cores." means, if it is even possible to explain that in layman's language.

Thanks,
Anton
 

Voxel

Very Senior Member
Hi Voxel,

I'm not a router techie, but I'm curious as to what "...some interrupts between cores." means, if it is even possible to explain that in layman's language.

Thanks,
Anton
Hi Anton,

In brief w/o technical details, I set e.g. Wi-Fi 5GHz drivers to 1st core, Wi-Fi 2.4GHz drivers to 2nd core etc. Manual irq balancing. Automatic use of irqbalance was not always good. Now with manual it helped e.g. e38BimmerFN to get his 200MBit for speedtest from WebGUI:

https://www.snbforums.com/threads/c...r-r7800-v-1-0-2-43sf.42683/page-2#post-365816


Similar scheme is used for e.g. samba (ReadySHARE) when samba server uses 2nd core when usb-storage driver 1st. Allowed to increase samba speed.

Voxel.
 

AntonK

Senior Member
Hi Anton,

In brief w/o technical details, I set e.g. Wi-Fi 5GHz drivers to 1st core, Wi-Fi 2.4GHz drivers to 2nd core etc. Manual irq balancing. Automatic use of irqbalance was not always good. Now with manual it helped e.g. e38BimmerFN to get his 200MBit for speedtest from WebGUI:

https://www.snbforums.com/threads/c...r-r7800-v-1-0-2-43sf.42683/page-2#post-365816


Similar scheme is used for e.g. samba (ReadySHARE) when samba server uses 2nd core when usb-storage driver 1st. Allowed to increase samba speed.

Voxel.
Thanks Voxel, that's interesting...

Anton
 

e38BimmerFN

Very Senior Member
Test before updating QoS db:

v44SF

After update:
UI:
Latest test result (10:55 Dec 21, 2017)
DOWNLOAD UPLOAD
231.55
Mbps 10.77Mbps





Think v44 will be the best currently.

Thank you Voxel!!!
 

Voxel

Very Senior Member
Its still not based on te .40 release though? Just checking.....
Sorry, I do not integrate any stock firmware without released GPL source codes. In general it is violation of GPL (to do not publish source codes). Usually I push NETGEAR Guy asking him to push TW developers to publish GPL source codes. But he is not available now.

BTW I do not think that stock 40 is superb release. Problems reported by Killhipie and not working L2TP still. And not fixed yet Krack.

Voxel.
 

Voxel

Very Senior Member
Thanks Voxel, that's interesting...

Anton
You know, more details: if one core is serving both 2.4 and 5GHz but second core is idle it means that your router is doing sabotage ;-). BTW it is so with the stock firmware. Now both cores are working in parallel and both cores are busy. So... Just speedup and use all power of IPQ8065 CPU.

Voxel.
 

jsmiddleton4

Very Senior Member
“Sorry I do not....”

Was just asking as I’m getting this one is older than that one kinds of messages when updating the FW.
 

Sizzlechest

Regular Contributor
Thanks for adding my suggestion! Do I have to do a factory reset to get the new net-wall? Mine still has my iptables edits after I flashed.
 

Voxel

Very Senior Member
Thanks for adding my suggestion! Do I have to do a factory reset to get the new net-wall? Mine still has my iptables edits after I flashed.
You can restore original net-wall copying it from /rom directory:

Code:
cp -p /rom/usr/sbin/net-wall /usr/sbin
rm -f /overlay/usr/sbin/net-wall
Voxel.
 
Last edited:

bouwew

New Around Here
Hi Voxel,

Thanks for another update!

I can report that the slow access to my NAS-directories is NOT present in this version :)
 

Killhippie

Senior Member
“Sorry I do not....”

Was just asking as I’m getting this one is older than that one kinds of messages when updating the FW.
It always says this, its I think because its third party netgear code and the numbering system is different, maybe to do with the routers auto update feature, Voxel would know more, so it thinks its older. This is totally normal.
 

kamoj

Very Senior Member
Thank you Santa Voxel!

The OpenVPN speed has now almost doubled since release .38. I now constantly get around 80 Mbps.
This means that your software now is as fast for OpenVPN as DD-WRT is, despite its real time kernel!

I am happy and very grateful for all you have done for me and all other users.

Thank you!

It is Xmas Edition ;)

Voxel.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top