1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Custom firmware build for R9000 v. 1.0.4.27HF/1.0.4.27HF-HW

Discussion in 'NETGEAR AC Wireless' started by Voxel, Feb 19, 2019.

Tags:
  1. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    1,040
    Continuation of:

    https://www.snbforums.com/threads/custom-firmware-build-for-r9000.40125/
    . . .
    https://www.snbforums.com/threads/custom-firmware-build-for-r9000-v-1-0-4-16hf-1-0-4-16hf-hw.54919/

    New version of my custom firmware build: 1.0.4.27HF/1.0.4.27HF-HW.

    Changes (vs 1.0.4.16HF/1.0.4.16HF-HW):

    1. Integration of changes from the stock v. 1.0.4.26 including:
    • a login password enhancement in the router web interface to support a more secure password (no saving passwords in NVRAM in plain text form).
    • fixing the issue where the speed test in the QoS page always fails.
    • Dynamic QoS database v1.46 update.
    2. tar package is upgraded 1.30->1.31.
    3. curl package is upgraded 7.63.0->7.64.0.
    4. unbound package (used in stubby) is upgraded 1.8.3->1.9.0.
    5. libvorbis package is upgraded 1.3.5->1.3.6.
    6. ffmpeg package is upgraded 3.2.12->3.4.5.
    7. libsodium package is upgraded 1.0.16->1.0.17.
    8. busybox package: patch command is added.
    9. Host tools: two components are upgraded.

    The link is:

    https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

    Difference 1.0.4.27HF-HW vs 1.0.4.27HF: “HW” version means hardware acceleration of OpenSSL.

    Voxel.
     
    W1lliam, L&LD, Olivier and 4 others like this.
  2. Robert Laverty

    Robert Laverty New Around Here

    Joined:
    Feb 19, 2019
    Messages:
    4
    I've been obsessively flashing your firmware on my R7800 since way back on `myopenrouter` and I just want to thank you for providing me with a router I feel confident that my privacy is protected and general online safety is higher. =]

    I've begun to feel the wrath of my ISP (RCN) without the net-neutrality shield and can no longer stream my 4K movies off Plex/Kodi on my Nvidia Shield TV so I got an ExpressVPN client running on my R7800 (your firmware, obviously lol) but the openssl decryption can't keep up with the video playback so I'm capped at about `9.0Mb/s` and I need to be at around `22.0Mb/s` for smooth playback. I have a 1.0Gbps line-in and my desktop streams at about 43.0Mb/s bypassing the router client VPN, so I'm wondering, would upgrading to the R9000 be able to handle 22.0Mb/s with the VPN client?

    Absolutely astounding work you've done with all this! Thank you!!!
     
    Voxel likes this.
  3. farenheit

    farenheit Regular Contributor

    Joined:
    Jul 11, 2018
    Messages:
    58
    Robert have you tried installing the express VPN client on your Nvidia shield and have the router bypass it? Let the shield run it through your VPN?
     
  4. kamoj

    kamoj Senior Member

    Joined:
    May 12, 2017
    Messages:
    277
    Didn't know ExpressVPN had a client for the R7800! Where can I find that?

    I guess you mean MB/s?
    I use an R7800 and get 90-115 Mb/s using AES-256-CBC with Voxel v.63SF.
    Still too slow for you.

    I have been looking at the Asus RT-AC86U, and it would probably perform near your needs:
    https://www.snbforums.com/threads/vpn-recommendations.20958/page-2#post-418623
    https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/
    https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-2#post-351407
    https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-8#post-405398
    https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-11#post-439130
    https://www.snbforums.com/threads/openvpn-performance-of-the-rt-ac86u.41217/page-13#post-466758

     
    Voxel likes this.
  5. farenheit

    farenheit Regular Contributor

    Joined:
    Jul 11, 2018
    Messages:
    58
    Its not for the R7800 lol, for the nVidia Shield :D
     
  6. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    1,040
    I hope so... Otherwise it is too bad for R7800 (9Mbps).

    kamoj is right. Asus RT-AC86U' CPU is ARMv8 i.e. it has AES encryption acceleration on the CPU level. R9000 has crypto device (used in my HW version), but it is PCI device. Some specific things RAM<->PCI memory; i.e. AC86U will be faster for VPN. Using RMerlin firmware.

    Voxel.
     
    kamoj likes this.
  7. Olivier

    Olivier New Around Here

    Joined:
    Jan 9, 2019
    Messages:
    8
    Just installed et running smoothly after few minutes ;) I will be back with remarks if necessary.
    Thanks a lot again for this great work and support!
     
    Voxel likes this.
  8. Robert Laverty

    Robert Laverty New Around Here

    Joined:
    Feb 19, 2019
    Messages:
    4
    So I've tried installing ExpressVPN directly and manual config using ics-openvpn but the Shield TV device itself was unable to keep up. I would run a speed test `wget -O /dev/null http://cachefly.cachefly.net/100mb.test` and have `htop` running beside it and saw the openvpn process cap out at 100% CPU usage :/
     
  9. multicast

    multicast New Around Here

    Joined:
    Feb 7, 2019
    Messages:
    5
    @Voxel THANK YOU for all your effort on this, is very appreciated!

    I have a quick question for you, I am running V1.0.4.15HF-HW in my R9000, but I've created custom configuration like adding a VLAN in port 1 to separate my IPTV traffic from the rest using a different IP class from my internet devices, if I do upgrade to this last release will I lose my custom configuration? I've installed some Entware apps too, like last igmpproxy

    Thanks in advance for your reply.
     
    Voxel likes this.
  10. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    1,040
    All custom modifications in the router memory (overlay) will be lost when flashing new firmware. Check this:

    https://www.snbforums.com/threads/e...xel-routers-for-sky-uk-etc.41720/#post-353344

    re: how to backup/restore your custom settings. Usually backup is performed once. Restore: after each new flashing.

    Entware apps: they are kept on external USB, right? So it will not be erased after flashing new firmware.

    Voxel.
     
    kamoj likes this.
  11. multicast

    multicast New Around Here

    Joined:
    Feb 7, 2019
    Messages:
    5
    Thanks @Voxel
     
  12. Baracuda_LA

    Baracuda_LA New Around Here

    Joined:
    Feb 19, 2014
    Messages:
    3
    Hi @Voxel Thank you for your work. Do I need to factory reset my router after installing this firmware? Currently my router is running firmware 1.0.4.16HF-HW.
     
    Voxel likes this.
  13. Voxel

    Voxel Very Senior Member

    Joined:
    Dec 9, 2014
    Messages:
    1,040
    I did not do a reset to factory when upgrading 16->27 and everything is fine. As a rule: reset is needed only if you have a problem after flashing. And usually it happens when upgrading from the stock. Or if I do stress the necessity of the reset it in my publishing new fw.

    Voxel.
     
  14. Olivier

    Olivier New Around Here

    Joined:
    Jan 9, 2019
    Messages:
    8
    Ditto. Running fine without issue for few days!
     
    Voxel and kamoj like this.
  15. xTe22-pT

    xTe22-pT New Around Here

    Joined:
    Feb 22, 2019
    Messages:
    4
    Hiya Voxel,

    Have been using your firmware for a long time (an wonderful job let me tell you) and recently decided to playing with some of the features not available at GUI page.

    First tried DNSCrypt and actually everything seemed to be working good, however, I am struggling to edit the "dnscrypt-proxy-2.toml" file using "vim" command, because can not get anything readable on my end. Also tried to extract the file with WinSCP tool, but also router comes up with an error.
    - Is there any other editor available from BusyBox ?

    --> Update: changing ".toml" permissions using "chmod" solved that issue for me. Now I am able to read and edit file using "vim" editor.


    I am trying to SSH using PuTTY, but it comes up with this same error everytime:
    "Disconnected: No supported authentication methods available (server sent: publickey)"


    - What exactly I need to do in order to enable SSH ?


    Ended up disabling DNSCrypt by "nvram set dnscrypt2=0" and "nvram commit" but after many reboots, I realised router was refusing to disable it.


    Found this command which helped me to completely stop it by:

    "/etc/init.d/dnscrypt-proxy-2 stop" and then "/etc/init.d/dnscrypt-proxy-2 disable"

    Just wondering if this is normal ? As far as I read, it should be disabled by running only the first command ?


    Cheers,
    A
     
    Last edited: Feb 25, 2019
  16. kc6108

    kc6108 Occasional Visitor

    Joined:
    Jan 23, 2012
    Messages:
    21
    Location:
    Kansas, USA
    Hi Voxel,

    I have been running your firmware on my R9000 for a few days now. I have found it to be quite stable, and I have noticed each CPU now levels out around 5% each vs 10-11% with the stock firmware.

    I have used DD-WRT in the past on other routers. Although I liked all the cool bells and whistles, stability was always a problem for me.

    I like that you use the stock firmware as your base code in order to take advantage of all the optimizations that come with it, yet update all the packages and compile with all the additional optimizations that you safely can. I greatly admire your work and appreciate that you seem to be conservative in your changes to achieve stability instead of focusing more on optimizations and adding all the bells and whistles which often lead to complexity and thus instability in my experience.

    I noticed you began including dnscrypt-proxy2 inside your firmware images, which removed the requirement of installing entware (and a USB drive). That's the feature I wanted most, but thought it wasn't ever going to be an option due to size, etc.

    You are quite talented. More importantly, you seem to be quite passionate about your work, as well as, privacy and security in general. Thank you for all of your hard work.

    Give me some more time to further test your firmware, but expect a donation from me. I have no interest in donating towards you buying another router (giving you more work lol). I'm thinking more of a case of beer, bottle of wine, or a nice dinner.

    You're awesome!

    P.S. I also admire your patience. I couldn't/wouldn't put up with some of the crap posts that are directed towards you.
     
    kamoj likes this.
  17. kc6108

    kc6108 Occasional Visitor

    Joined:
    Jan 23, 2012
    Messages:
    21
    Location:
    Kansas, USA
    @Voxel

    I believe I have found a bug in R9000-V1.0.4.27HF-HW.

    I noticed my log was full of errors stating emails couldn't be sent to my email address. I verified all the email settings were correct in the GUI. Then attempted to send the logs to my email address, but it simply created additional errors in the logs.

    I then tried deleting all the email information, disabling the email option, saving, re-entering all the email information again, and saving. It didn't solve the problem.

    The errors in the logs look like this:

    [email failed] Friday, March 08, 2019 12:22:43
    [email sent to: [email protected]] Friday, March 08, 2019 12:22:43

    I masked my email address with x's, but notice I left the underscore (_) as there is one in my email address. Just in case that is significant.

    My SMTP server requires authentication so not only do I enter those details, I am required to change the port to 587. Just in case that is significant.

    FYI, I know the details I am using/entering are correct, because I use the exact same details in my R8500. It successfully sends emails using stock firmware. So did the R9000 using stock firmware.

    Any suggestions? Can anyone else reproduce this issue?
     
  18. kc6108

    kc6108 Occasional Visitor

    Joined:
    Jan 23, 2012
    Messages:
    21
    Location:
    Kansas, USA
    One last piece of information. The very next log entry always begins with a "0", but only to the very next log entry. For example:

    [DHCP IP: 192.168.75.10][Device Name: HL-5170DN] to MAC address xx:xx:xx:xx:xx:xx, Friday, March 08, 2019 12:28:28
    0[DHCP IP: 192.168.75.10][Device Name: HL-5170DN] to MAC address xx:xx:xx:xx:xx:xx, Friday, March 08, 2019 12:28:27
    [email failed] Friday, March 08, 2019 12:22:43
     
  19. multicast

    multicast New Around Here

    Joined:
    Feb 7, 2019
    Messages:
    5