Kamoj Kamoj Add-on Beta testing

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

L&LD

Part of the Furniture
I know! I know! Let someone else do it! ?? :)

Or, just follow the instructions step-by-step. ;)
 

L&LD

Part of the Furniture
Did you read the first post in this thread? :)

Take care, friend.
 

ern

Occasional Visitor
Hi Possible bug issue I will try and explain as best possible
Issue takes about 12/13 days to show up and was present in kamoj-addon beta version 5.4b10 and the previous beta I had installed which was presumably 9
I have a 900 down 100 up connection
I use AdGuard with standard settings. I use no other feature of the addon
For approx 12 days everything working fine
Then upload and download speeds slowed to a crawl
Reboot failed to fix
Uninstalled addon - failed to fix
Reset router to factory defaults and tried a config backup - failed to fix
Reset to defaults again and then manually set up without using config file and all working OK. Speeds back to normal
Installed Addon again and was last using beta 5.4b10
all worked fine for approx 12 days then speeds slowed again to a crawl again
Uninstalled addon - rebooted - failed to fix
I had created a new backup config file after the last issue and after router reset this installed no fine
Speeds back to normal
I am currently running router without addon and will see what happens to speeds after 12 days or so

Lots of things to try such as reducing DNS log data time to see if router was getting overrun (although there was no obvious issues when looking at router stats page)

I will need to wait until I have run router without addon - It may not even be the addon

I see a previous post about speeds when using DNSCrypt Proxy v2 - Possibly some kind of connection ?


I tried to run without addon for a few days but missed the functionality of AdGuard
So installed the latest but set AdGuard to log 24 hrs only
approx 12 days later same issue as above. Internet slowed to a crawl
I have just done a pin reset and re uploaded my config. Which seems the only way to get back to normal
Uploaded Voxel latest firmware
I will for sure wait 12 days this time !
See you after xmas
 
  • Like
Reactions: KW.

L&LD

Part of the Furniture
@ern, I hope you didn't use a saved backup config file to 're-upload' your config? If so, you effectively undid the reset to factory defaults you performed.
 

ern

Occasional Visitor
@ern, I hope you didn't use a saved backup config file to 're-upload' your config? If so, you effectively undid the reset to factory defaults you performed.

Hi

I have a config file with all my basic settings in it. This was created before any mods or changes were done to the router
So a raw router set up with my provider and settings then a config backup created
This config was good for the first few months of having the router before I started changing firmware and Voxels addon so hopefully should be OK
 

Infinitum

Occasional Visitor
...upload speed drops tremendously to about 0.5 when in fact in reality it should stick around 500. Router GUI becomes more unresponsive and I get a drop out on connection to internet. Opening web pages is pain and running shell commands through putty is painfully slow.
Almost feels like when Kamoj just updated to 5.4, when QoS was interfering (apparently)?

I experience the same issue and reported it (poorly) as post 46, but an intense month at work pulled me away from further testing. Any time I upgrade Voxel firmware or kamoj add-on versions, my upload speeds drop below 1Mbps. This has been the case since I moved from b7 to b10, and continued through b12.

At the time of my post, I thought activating DNSCrypt caused the issue, but based on Kamoj's advice I tested further and learned that my multiple reboots during setup were the actual problem. I can't upgrade Voxel fw or the kamoj add on without an nvram wipe, but I can set up all desired options so long as I perform the wipe and don't reboot after each step. Two days before vacation, so I plan to test this properly next week and report back.

Now my process is:
  • nvram wipe via ssh (nvram default && nvram commit && mtd erase netgear && reboot) immediately before kamoj upgrade or immediately following Voxel upgrade
  • standard set-up through GUI (admin password, SSID, wifi password, router function, enable smart connect, enable telnet)
  • set ssh key via telnet (from USB drive), reboot (optional)
  • copy and install kamoj add-on via ssh, reboot, no further reboots after this point
  • disable QoS EDIT: via standard GUI
  • disable Traffic Meter EDIT: via standard GUI
  • enable DNSCrypt Proxy v2 and custom blacklist via kamoj GUI
  • enable OpenVPN Client (Surfshark) via kamoj GUI
  • enable tunneling via NOVPN tags EDIT: via standard GUI

If I skip the nvram wipe, the rest of the process doesn't work and my upload speeds choke.
 
Last edited:

kamoj

Very Senior Member
Please read the readme.txt again.
If you don't reboot after kamoj add-on installation, you WILL get problems
(See readme.txt:
"9). Reboot
reboot
=====================================================================================
##### reboot MUST be performed #####
WARNING: If you don't reboot at this stage your router firmware may become corrupt!!!
=====================================================================================
"
).

Also I suggest you try to disable QoS and Traffic Meter from the Voxel/Netgear GUI, not the kamoj settings.

I think you mean disable instead of "enable tunneling via NOVPN tags in LAN setup GUI"?

And are you sure your speed drop if you only update Voxel firmware?
(I suggest you do according to instructions before installing new Voxel firmware:
(From readme.txt)
"5). Uninstall previous version of kamoj-addon (if any) - IMPORTANT!
(Your settings will not be lost).
Code from the routers telnet/ssh prompt:
/bin/opkg remove -V1 --force-remove kamoj-addon
reboot; # IMPORTANT!
=====================================================================================
##### reboot MUST be performed #####
WARNING: If you don't reboot at this stage your router firmware may become corrupt!!!
====================================================================================="
)

I experience the same issue and reported it (poorly) as post 46, but an intense month at work pulled me away from further testing. Any time I upgrade Voxel firmware or kamoj add-on versions, my upload speeds drop below 1Mbps. This has been the case since I moved from b7 to b10, and continued through b12.

At the time of my post, I thought activating DNSCrypt caused the issue, but based on Kamoj's advice I tested further and learned that my multiple reboots during setup were the actual problem. I can't upgrade Voxel fw or the kamoj add on without an nvram wipe, but I can set up all desired options so long as I perform the wipe and don't reboot after each step. Two days before vacation, so I plan to test this properly next week and report back.

Now my process is:
  • nvram wipe via ssh (nvram default && nvram commit && mtd erase netgear && reboot) immediately before kamoj upgrade or immediately following Voxel upgrade
  • standard set-up through GUI (admin password, SSID, wifi password, router function, enable smart connect, enable telnet)
  • set ssh key via telnet (from USB drive), reboot (optional)
  • copy and install kamoj add-on via ssh, reboot, no further reboots after this point
  • disable QoS
  • disable Traffic Meter
  • enable DNSCrypt Proxy v2 and custom blacklist via kamoj GUI
  • enable OpenVPN Client (Surfshark) via kamoj GUI
  • enable tunneling via NOVPN tags in LAN setup GUI

If I skip the nvram wipe, the rest of the process doesn't work and my upload speeds choke.
 

Infinitum

Occasional Visitor
Please read the readme.txt again.
...
##### reboot MUST be performed #####

I reboot once after the kamoj add-on is installed and then no further reboots during the rest of setup. Sorry, I didn't word that clearly enough. Originally I was rebooting after every settings change, which seemed to cause upload speeds to crash out.

And are you sure your speed drop if you only update Voxel firmware?
(I suggest you do according to instructions before installing new Voxel firmware:
(From readme.txt)
"5). Uninstall previous version of kamoj-addon (if any) - IMPORTANT!

I absolutely perform this full add-on removal every time I upgrade to a new Kamoj version, but are you suggesting this should also be performed whenever Voxel firmware version updates? To illustrate: if I have kamoj b13 installed, and I upgrade Voxel from 80.7 to 81, should I remove kamoj b13 and then reinstall b13?

If that's correct, I didn't understand that from the readme, and this absolutely could be the mistake I'm making.

Also I suggest you try to disable QoS and Traffic Meter from the Voxel/Netgear GUI, not the kamoj settings.

I am disabling QoS and Traffic Meter via standard GUI, forgot to note the detail.

I'll review the rest of your suggestions later (I'm sneaking away from a work meeting to write this now). Thank you, Kamoj!
 
Last edited:

blueliner

Regular Contributor
So far, so good on my R9000 with 5.4b13 (and Voxel 1.0.4.46). Only issue I have seen is getting the following if I try to make a change on the Hidden Menus --> Fan Control Temperature page (which I assume is normal?):

400 Bad Request
This server does not support the operation requested by your client.

I have seen a few ping failures on Cloudflare but it hasn't affected anything.
VPN Bypass has been working without issue.

BL
 

kamoj

Very Senior Member
Thank you for the report!
I have many problems with cloudflare through the times. Nobody is perfect.

Most of the "Hidden Menu" links are Netgear pages that they have hidden from direct access.
Some are working, some are not...
It's on my todo-list to make this clear in some way.

For real "Fan Control Temperature" use the add-on "Hidden Menu": Netgear Debug Info.
So far, so good on my R9000 with 5.4b13 (and Voxel 1.0.4.46). Only issue I have seen is getting the following if I try to make a change on the Hidden Menus --> Fan Control Temperature page (which I assume is normal?):

400 Bad Request
This server does not support the operation requested by your client.

I have seen a few ping failures on Cloudflare but it hasn't affected anything.
VPN Bypass has been working without issue.

BL
 
  • Like
Reactions: KW.

kamoj

Very Senior Member
Merry Christmas and Happy New Year all amazing beta-testers!

Changes in kamoj-addon beta version 5.4b14
--------------------------------------------------
- OpenVPN Client: Added: TorGuard. Thank you @Paul Connolly, and TorGuard for providing an account for my development.
- Changed Aegis cron job "aegis update" to "aegis refresh" (aegis 1.4.5 change)
- Added ps2 command to run ps-procps-ng (if existing) added by Voxel. (Defaults to output cpu core and all threads.)
- Added top2 command to run top-procps-ng (if existing) added by Voxel.
- ReadyShare: Removed very annoying error messages in OpenVPN Client log at boot, caused by bugs in Netgear code:
/sbin/cloud /opt/xagent/run-xagent.sh (/www/cgi-bin/readycloud_control.cgi) (@LSM, @Kain, @Bendon)
- ping_guard.sh updated with much more logging possibilities.

- A number of changes for OpenVPN 2.5+ :
https://forum.netgate.com/topic/156057/openvpn-2-5-released-overview-of-changes
- AzireVPN: Added "data-ciphers" to accept AES-256-CBC (New configurations needed for OpenVPN 2.5+)
- AzireVPN: removed: "ncp-disable" (New configurations needed for OpenVPN 2.5+)
- Mullvad : Added "data-ciphers" to accept AES-256-CBC (New configurations needed for OpenVPN 2.5+)
- PIA VPN : removed: "ncp-disable" (New configurations needed for OpenVPN 2.5+)
- PIA VPN : Added "data-ciphers" to accept AES-256-CBC (New configurations needed for OpenVPN 2.5+)
- PureVPN : Added "data-ciphers" to accept AES-256-CBC (New configurations needed for OpenVPN 2.5+)
 
Last edited:

jsmiddleton4

Very Senior Member
I apologize as I asked this question then life happened and couldn't get back to dig into the answer. In kamoj's most excellent add in there's options for grouping the antennas. Which is great but I can't find which antennas belong to which group. If I'm gonna play with the option I'd like to know what I'm doing. I know, what a killjoy....


Is there some map somewhere laying out the antenna groupings?
 

kamoj

Very Senior Member
Sorry, but I don't know.
Most of the "Hidden Menu" links are Netgear pages that they have hidden from direct access.
Some are working, some are not...
It's on my todo-list to make this clear in some way.

I apologize as I asked this question then life happened and couldn't get back to dig into the answer. In kamoj's most excellent add in there's options for grouping the antennas. Which is great but I can't find which antennas belong to which group. If I'm gonna play with the option I'd like to know what I'm doing. I know, what a killjoy....


Is there some map somewhere laying out the antenna groupings?
 

jsmiddleton4

Very Senior Member
"Some are working, some are not...
It's on my todo-list to make this clear in some way. "

Thanks but I'm not saying you didn't make it clear Kamoj. The options are very clear. Seems Netgear didn't make it clear.

I'll keep looking but so far obviously I've found nothing on which antennas are in which group.
 

kamoj

Very Senior Member
FAQ.txt updated:
Q: Why do my OpenVPN Client connection break down every 3 hour? And how to solve it? (@Panner)
A: This is a known problem when using Aegis.
Aegis blacklists some addresses used for TLS key exchange.
When this happens, the OpenVPN log shows:
"TLS: tls_process: killed expiring key" or "Recursive routing detected, drop tun packet"
Kamoj is working on a solution, but until then, you can do one of the following:
- Stop using Aegis (Not recommended. Aegis is very good router function)
- Use the add-on "Restart Supervision" function to restart OpenVPN when this happens.
This will cause you internet to break 1-2 minutes every 3 hours, but you can speed it up a little
by changing nvram parameters controlling the restart supervision.
To speed up the detection and restart, set e.g. these from a router command prompt:
nvram set kamoj_openvpn_supervision=1
nvram set kamoj_restart_ping_timeout=1
nvram set kamoj_ping_www="cloudflare.com google-public-dns-a.google.com"
nvram set kamoj_ping_ip="1.1.1.1 8.8.8.8"
nvram commit
- Use Wireguard instead of OpenVPN. (Slower for R7800, but faster for R9000).
 
Last edited:
  • Like
Reactions: KW.

kamoj

Very Senior Member
https://www.snbforums.com/threads/kamoj-add-on-beta-testing.67375/post-644988
The problem started after installing the R9000 (early September) and setting up Surfshark on it. I had previously been using Surfshark for a couple of months on my R7800 as the main router.

Has happened with all versions of Voxel (from v1.0.4.43 to 1.0.4.45.2 (apart from 1.0.4.45.1 which I did not install) and your addons from 5.3b30 to 5.4b7 (apart from 5.4b4 which I did not install). I usually update the addon within a day of updates being released.

ISP is a mobile (cell) provider (since just before installing the R9000) and the download/upload speed is usually 15 to 25mb for both (usually better via VPN than not). However at certain times of the day (usually evenings) this drops substantially.

Initially seemed OK then kept dropping the connection briefly. Varied from 1 or 2 times per day up to 7 to 10 times. There does not appear to be any set pattern or regular interval. However, I will try and monitor it and let you know if a pattern appears. Initially thought it was a problem with Surfshark settings so changed the config file to tie in with the push settings received. The following settings were added or changed in the config to try to improve things.

#ping 60
#ping-restart 180
#ping-timer-rem
keepalive 60 360
connect-retry 1
cipher AES-256-GCM

There appeared to be a reduction in number of restarts following these changes as most days it is only 1 or 2. However that may be coincidental

Killswitch is on, no killswitch for Bypass, Restart at connection failure and Turbo are on

Further info:

The push settings received on starting VPN are:
Thu Nov 5 07:06:17 2020 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 162.252.172.57,dhcp-option DNS 149.154.159.92,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,block-outside-dns,route-gateway 10.8.8.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.8.8 255.255.255.0,peer-id 6,cipher AES-256-GCM'
Thu Nov 5 07:06:17 2020 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.4.9)

The following is an extract from current session log sowing 2 restarts since the current session started (on 2020-11-04 at 06:01:31)

“Wed Nov 4 22:00:35 2020 [uk-lon-v032.prod.surfshark.com] Inactivity timeout (--ping-restart), restarting
Wed Nov 4 22:00:35 2020 SIGUSR1[soft,ping-restart] received, process restarting
Wed Nov 4 22:00:35 2020 Restart pause, 1 second(s) (note - changed from 5 seconds to reduce down time)
-
Thu Nov 5 07:00:42 2020 TLS: tls_process: killed expiring key
Thu Nov 5 07:00:43 2020 VERIFY OK: depth=1, C=VG, O=Surfshark, CN=Surfshark Intermediate CA
Thu Nov 5 07:00:43 2020 VERIFY KU OK
Thu Nov 5 07:00:43 2020 Validating certificate extended key usage
Thu Nov 5 07:00:43 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Nov 5 07:00:43 2020 VERIFY EKU OK
Thu Nov 5 07:00:43 2020 VERIFY OK: depth=0, CN=uk-lon-v032.prod.surfshark.com
Thu Nov 5 07:00:43 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Nov 5 07:00:43 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Nov 5 07:00:43 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Nov 5 07:06:15 2020 [uk-lon-v032.prod.surfshark.com] Inactivity timeout (--ping-restart), restarting
Thu Nov 5 07:06:15 2020 SIGUSR1[soft,ping-restart] received, process restarting
Thu Nov 5 07:06:15 2020 Restart pause, 1 second(s)”

I hope that helps
If you need anything further (eg full session log or other logs) I can provide them. I do not currently save logs so information is currently only available from the last reboot.

PS I am hoping Surfshark start to support wireguard on the router, at present they only have wireguard on their apps for PC/Android etc.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top