Modified firmware R7500v1 for use with Entware-ng and Debian

197 posts / 0 new
Last post
Zdenkod
Zdenkod's picture
Hi Voxel!

Hi Voxel!

 

Thank you for a new FW.

In your private mail to me you mentioned that FW upgrade from you do not require router reset to default settings.

1. Is this still the case with the upgrade from 1.0.0.98HF --> 1.0.1.02HF?

Your entware-cortex-a15-Packages includes Samba and proftpd.

2. The difference with them and included in your recent FW - what to use, included in FW or installed from your entware packages?

3. Additional settings written manually in config files (samba, proftpd) - do they survive settings manipulation from routers web GUI?

 

Best Regards,

 

Zdenko

 

robysax
robysax's picture
Hi Voxel,

Hi Voxel,

Very good job, these are my feedbacks on your last firmware installed yesterday :

Minidlna

Finally I can use my Samsung All Share Smart TV with R7500.
I have tried to load photos and videos from R7500 to my TV without problem so far.

ReadyShare

After plug usb key, I confirm that mount has worked fine immediatly.
Transfer files from PC to router and viceversa has a little improved compared to previous firmware.
Now I can reach about 32 MBit/sec, perhaps is possible to boost again ?

Some things that have issue

QOS

QOS cannot detect download and upload speed like previous firmware, so is not possible to enable QOS.
Like you have written, this is no a very big problem because my internet connection is 100/10 MBit.

Switch on/off radio schedule

This function has issue again, same problem of previous firmware.
I confirm that hour on GUI and console are correct.
In the next days, I'll try again to setup schedule

Many thanks for your support

Voxel
Voxel's picture
Hi guys!

Hi guys!

 

Zdenko:
1. Reset is not needed 1.0.0.98HF/1.0.0.99HF -> 1.0.1.02HF. Your current setting should be kept (except authorization_keys)

2. Difference ProFTPD my FW vs Entware: 

a) Different compilers. 

b) Compiler option "-O3" for Entware and "-O2" for my FW

c) Added some Netgear's add-ons into FW version needed for ReadyShare (anonymous access etc)

Difference Samba my FW vs Entware

a) Different compilers

b) Entware uses version 3.6.25, when FW uses significantly changed by Netgear older version. Normal 3.6.25 is not compatible with runtime environment of FW as I wrote, so I had to use latest Netgear version from R7800 stock firmware

3. No. Samba and FTP configs are generated anew after each router reboot.

 

Robysax:

Boost of ReadyShare: rather impossible. Only on the level of changes in config generated automatically for Samba. If Zdenko is able, he can try to run samba from FW with his config (where he got speed increase in 6 times). It is enough to stop all samba servers and then run it manually from console using workable config from Entware, something like:

cp "entwareconfig" /tmp/samba/smb.conf
/usr/sbin/smbd -D

and then check the speed. I cannot do normal benchmarks myself: my notebook in my coutry house where R7500 is used is very old. So speed is limited by notebook itself.

And samba boost: I practically entered to bounds: FW image size is limited, so chages in FW e.g. replace a package by newer version with more size will cause failure of FW creation. Maybe I have to drop something from FW. E.g. itunes server. No space...

QOS - I'll check in my free time. Maybe, something during upgrade of Samba from R7800. Or FTP.

P.S.
Samba, FTP, minidlna from GUI: maybe it has sense to use the following logic

If these programs exist in /opt (i.e. Entware is installed on the flash drive/USB disk) then Entware version will be started from GUI
If these programs are not in /opt (no Entware) then FW version will be started from GUI
 

What do you think?

Regards,
Voxel.
 

robysax
robysax's picture
Hi Voxel,

Hi Voxel,

I agree with you, it's better to choose which tools (samba, minidlna etc) could run if Entware is installed or not.

If you can free more space on firmware, you could exclude the following packages :

 

- Tivo and iTunes server from minidlna

-  Support for ReadyShare Printer and Vault (I think that almost nobody use them)

 

So freeing space, you could compile a new version of firmware with improved version of samba without install entware.

Can you confirm that scheduled radio On/Off on firmware 1.0.1.02HF works fine ?

 

Regards

Robysax

Voxel
Voxel's picture
If you can free more space on

If you can free more space on firmware, you could exclude the following packages :

 

- Tivo and iTunes server from minidlna

-  Support for ReadyShare Printer and Vault (I think that almost nobody use them)

 

iTunes: yes, I can drop it. It is not a part of minidlna, bat separate package.

Tivo: is a part of minidlna. Troublesome to remove it from minidlna and has no sense. I do not expect to free much space.

Printer/Vault: Also part of Netgear's samba. Very problematic for removal.  Too many codes to process.

In general, it would be nice if Zdenko will try this FW's Netgear samba with his config and drive. With my old notebook I have similar results for Entware version and FW version. And funny: write speed is higher than read speed. I can add optimal config parameter to be generated by FW for ReadyShare. But rather not to change Netgear's samba codes.

Can you confirm that scheduled radio On/Off on firmware 1.0.1.02HF works fine ?

 

I did not touch it. So just set proper timezone in console. The same as in previous version.

 

Regards,

Voxel.

Zdenkod
Zdenkod's picture
Hi Voxel!

Hi Voxel!

 

I installed your last FW - V1.0.1.02HF on my R7500.

The first impression: exellent!

Checked Samba you included in FW.

The results from my desktop 1GB LAN connected are:

Version 1.3.1 - Lan Speed Test lite from totusoft.com
OS Version: Windows 7
Processor: AMD Phenom(tm) II X4 925 Processor
Date: 06/08/2016
Time: 19:54:06
Program Parameters: 0
High Performance Timer: 0.000000364

Test File: Z:\NW_SpeedTest.dat - 1000MB size
 Write Time = 33.1996537 Seconds
 Write Speed = 240.9663680 Mbps
 Read Time = 22.7598290 Seconds
 Read Speed = 351.4964880 Mbps
 

It is clear, that you optimized parameters in smb.conf.

This is excellent speed for me. When I had time I'll test Entware Samba with optimisations you added.

Just a little suggestion/wish in your next FW: As you included dropbear in FW, it would be nice to punch a hole in firewall to enable ssh console from the wild.

Now I must do that manually everytime I upgrade FW. Or is this a security measure?

 

Have nice evening.

Zdenko

 

 

 

 

 

 

kylewu
kylewu's picture
Hi Voxel!

Hi Voxel!

could you change the tcp congestion control default setting in the new version? the one uses right now is cubic that I think it is not working well for me. It has only cubic and reno avaible on the router, and I also can not change it to reno. if it is possable can you add more options? thanks in advance.

Voxel
Voxel's picture
Hi guys!

Hi guys!

Zdenko:

Thank you for your testing. I aslo tested the samba with more advanced notebook. Speed id 45-50 MBytes/sec in both directions (read/write). FTP is a bit faster, about 60-65MBytes/sec. So I think that I just cannot optimize more. 

Regarding FW hole for port 22 (SSH): really security reasons. Not everyone wants to have an access to router from Internet.

kylewu:

Fine tuning? Interesting. Well. Cubic is just hardcoded in the linux kernel  of FW by Netgear. Parts of kernel config:
 

CONFIG_TCP_CONG_ADVANCED=y
# CONFIG_TCP_CONG_BIC is not set
CONFIG_TCP_CONG_CUBIC=y
# CONFIG_TCP_CONG_HSTCP is not set
# CONFIG_TCP_CONG_HTCP is not set
# CONFIG_TCP_CONG_HYBLA is not set
# CONFIG_TCP_CONG_ILLINOIS is not set
# CONFIG_TCP_CONG_LP is not set
# CONFIG_TCP_CONG_SCALABLE is not set
# CONFIG_TCP_CONG_VEGAS is not set
# CONFIG_TCP_CONG_VENO is not set
# CONFIG_TCP_CONG_WESTWOOD is not set
# CONFIG_TCP_CONG_YEAH is not set
# CONFIG_TCP_MD5SIG is not set
. . .
CONFIG_DEFAULT_CUBIC=y
. . .
CONFIG_DEFAULT_TCP_CONG="cubic"
. . .
# CONFIG_DEFAULT_RENO is not set
 

So? I can try to recompile this 1.0.1.02HF  with option you need. It is just compilation and 2 hours of computer time. What do you want to set? Westwood?

But let's agree: I'll jst recompile and in case of compilation success I'll publish this resulting FW (ready for download). Rest is up to you. You will test it yourself. Possible problems are that part of FW is just binary precompiled codes.Including kernel object compiled by Netgear (drivers). Most probably they will work, but who knows... Be ready to use TFTP server.

OK?

Regards,

Voxel.
 

kylewu
kylewu's picture
Hi Voxel

Hi Voxel

thanks, I use the long distance video chatting often. when I use this router, there is a lot of background noise. if I use the old router with DD-WRT that use westwood or vegas setting, that works better than this R7500 router. 

Voxel
Voxel's picture
Hi kylewu!

Hi kylewu!

So westwood? Or something else? List is above.

 

kylewu
kylewu's picture
Hi Voxel

Hi Voxel

westwood is ok, thanks

Voxel
Voxel's picture
Hi kylewu,

Hi kylewu,

 

https://yadi.sk/d/qMBnnqItsUL7J

Here is 1.0.1.02HF westwood. I did not try it. Just re-configuration and compiling.

Please let me know the results of your testing. Interesting.

Regards,

Voxel.

Zdenkod
Zdenkod's picture
Hi Voxel!

Hi Voxel!

When you will compile next FW release take a look at time zone misinterpretation in ssh console (dropbear):

I set up GMT+1 (+1 for now valid daylight saving time) in routers GUI to show the right time in Ljubljana.

As suggested I set "GMT+2" in /tmp/TZ . This resulted false time i ammount of 4 hours in ssh terminal - showing 10:00 instead 14:00.

I checked with GMT-2 i /tmp/TZ, and then the time was right. Looks like it is "+" instead "-"  and vice versa in a time calculation somewhere.

 

 

Kylewu: Interesting TCP congestion. The results of your testing will be interested by a large part of R7500 users - who do not use Skype or else for a video comunication?

And last question: where in a setup is set TCP congestion algorithm, when router boot up? Assuming more then one compiled in kernel.

 

Have nice afternoon.

 

Zdenko

Voxel
Voxel's picture
Zdenko:

Zdenko:
 

When you will compile next FW release take a look at time zone misinterpretation in ssh console (dropbear):

I set up GMT+1 (+1 for now valid daylight saving time) in routers GUI to show the right time in Ljubljana.

As suggested I set "GMT+2" in /tmp/TZ . This resulted false time i ammount of 4 hours in ssh terminal - showing 10:00 instead 14:00.

I checked with GMT-2 i /tmp/TZ, and then the time was right. Looks like it is "+" instead "-"  and vice versa in a time calculation somewhere.

It is standard practice. Some kind of brain teaser :-). When I set GMT+2 in WebGUI, then I run the command to check what is saved de facto after this "GMT+2" setting in the NVRAM, I can see:
 

root@nighthawk:/$ config show |grep GMT
email_ntpserver=GMT-0
time_zone=GMT-2
ntp_server=GMT-0
ntpserver_select=GMT-2
root@nighthawk:/$
 
So in fact I got "GMT-2" what is correct for console. Check yourself. BTW the same is for ASUS routers. WebGU: "+" and NVRAM "-". I know many years that Tokyo time should be set as "JST-9" what equals to "GMT-9", but in Netgear and ASUS routers I have to set in their WebGUI "GMT+9". 
Just next FW should automatically set /tmp/TZ taking it from NVRAM (and using DST flag if any).

Regards,
Voxel.

kylewu
kylewu's picture
Hi Voxel

Hi Voxel

it is working, I will give a feedback later. thanks.

Zdenkod
Zdenkod's picture
Hi every one!

Hi every one!

Thinking, searching and testing of a Samba share speed, just flashed enlightened in my mind - NFS.

NFS is linux native, so must be fast. And Window$ machines can deal with it.

R7500 Entware packages include all for NFS.

So, had anyone compared NFS - Samba speed on R7500? Maybe we focused on a wrong target.

I'm waiting for interesting replays..

Zdenko

Voxel
Voxel's picture
Hi guys!
Hi guys!
 
Zdenko:
Sorry, but a bit skeptical opinion: NFS is good and faster than Samba is you use Linux/Unix client. But slower if you use e.g Windows client. I tested it long time ago, with ASUS router with Merlin’s firmware, I was seeking for fast access to my USB disk, and the following results:
 
a. Faster than Samba with Linux client.
b. Slower than Samba with Windows client.
c. Only special editions of Windows support NFS (W7 Ultimate/Enterprise. Not for home. Professional etc. Don’t know about W8/W10.).
So if you want to have fast read/write files: best of all is FTP. Old, less secure, but fast protocol. If you need network FS, then use Samba with Windows clients. I like Linux, but all my family use Windows… Moreover, minidlna in R7500 needs Samba. And (solid argument): no space in FW for NFS. Only Entware.
Sorry. It is just IMO. You can try Entware of course.
 
Well, I publish new version of FW: 1.0.1.03HF. The link is:
 
 
Basic changes:
(1) iTunes server is dropped out. No space in FW. And IMO Netgear’s version is too weak to use it.
 
(2) Automatic timezone setting for console. Use GUI to set your TZ and daylight checkbox if needed. You should get proper timezone setting in console after reboot. It works for me, for my TZ at least. I tried some European countries, with DST. Seems it is working.
 
(3) Added DNSCRYPT-PROXY. It is for your privacy, to avoid logging the web addresses you seek in Internet. I.e. your ISP will not record in logs what sites you tried to resolve/enter. For me it is vital. I tried to simplify the setting of DNSCRYPT-PROXY. It is enough to have the file /root/dnscrypt-list with list of DNS crypto servers. Current list is for example here:
 
I use (example):
 
root@nighthawk:~$ cat /root/dnscrypt-list
4armed
dnscrypt.eu-dk
dnscrypt.org-fr
dnscrypt.eu-nl
root@nighthawk:~$
 
You can use your own. 3-4 DNSCRYPT servers are recommended. One is not enough. Maybe in down state. 5 is too much IMO.
 
(4) OpenVPN server set from GUI is now can use your own CA/CERT/KEY/DH and push_routing_rule script. If you have in the /root/openvpn/ directory th following files:
 
*ca.crt
*.crt
*.key
dh*.pem
 
then they will be used for OpeVPN. Example:
 
my-ca.crt
myserver.crt
myserver,key
dh2048.pem
 
If you have also /root/openvpn/push_routing_rule script then it will be executed instead of default F script (not obligatory).
 
(5) Some small improvements/changes. You will not feel them :-)
Regards,
Voxel.
 
Voxel
Voxel's picture
Forgot to say:

Forgot to say:

No reset is needed. Your setting should be kept (except  autorization etc) And it is recommended to store your /root directory before flasing and restore after.

Voxel.

kylewu
kylewu's picture
Hi guys

Hi guys

Here is my feedback, I have a 50M timewarner cable internet. it works great on morning that can gets up to 58M, however it will dorp down to around 30M at night normally and will dorp to around 15M at 10PM.(ping speed from 12ms to 18ms)

most of the test was base on wired connection, except the video chatting(because my destop there is no camera).

when I uses the westwood firmware, the oversea video chatting is getting a little bit better(some post informations said the westwood has inprovement on wifi). 

but there is some negitive effect on the connect speed at night that the speed will drop to around 8M sometime, and the worse things is I encounter many times that the router lost connection for about 1 to 2 minutes during these test days.(it is rarely have this kind of problem for the pass two years since I switched to timewarner, AT&T will drop many time every night)

at the last, I really do not know if it is a random problem or the westwood setting.(I remember my old router did not have the lost connection problem, but i have forgot which setting i was used. Maybe I used vegas)

 

Voxel
Voxel's picture
Hi Kylewu!

Hi Kylewu!
 

You have a bit exotic connection to Internet :-) There are more things in heaven and earth, Horatio…
I was sure that my connection in my country house is more exotic (I use LTE modem  plus powerline adapters, i.e. Internet from wall outlets)…
 
Well, IMO the root of the problem is in just unstable connection. If your channel depends on time of day or night, i.e. how much this channel is overloaded by people who share this connection with you (your neighbors), then I can suppose that your R7500 just “thinks” sometime that connection is lost and tries to restore this connection. Watchdog. Try for example (if you want to test of course) to stop watchdog service manually from console and test: will connection be lost or not:
 
/etc/init.d/warchdog stop
 
Maybe you old router was just w/o watchdog...
 
OK, you can try also VEGAS:
 
 
Not so difficult to re-compile. 1.0.1.03HF-VEGAS. No difference with 1.0.1.03HF except I selected “vegas” in kernel config.
 
Please let me know results. OK?
 
Regards,
Voxel.
 
robysax
robysax's picture
Hi Voxel,

Hi Voxel,

I have installed your last firmware 1.0.1.03HF after you have released it.

No problem so far, I confirm that time in ssh console and gui is correct now.

I would suggest some improvement for the next release :

1. Is possible to embed dnsmasq into firmware?

I have used it with DDWRT installed on old router and I have found that it was very helpful.

2. Which TCP algoritm is better between vegas, reno etc ?

3. Is possible extract quantenna drivers updated from others brand firmware ?

I know that Asus AC87U uses same quantenna chip.

 

Thanks in advance for your infos

 

kylewu
kylewu's picture
Hi Voxel

Hi Voxel

I have a problem on letting the dnscrypt proxy to work. I do not know how to make the "dnscrypt-list" file, because i do not know how does it look like. could you share the file? the veges firmware is on testing, I will give the feadback later. thanks.

Voxel
Voxel's picture
Hi!

Hi!

New attempt to write something to this forum. Either I am blocked with my custom firmware or problems with forum...

Kylewu:

I pointed example of my dnscrypt-list file: it is above:
 

root@nighthawk:~$ cat /root/dnscrypt-list
4armed
dnscrypt.eu-dk
dnscrypt.org-fr
dnscrypt.eu-nl
root@nighthawk:~$
 
I.e /root/dnscrypt-list consist of just four lines (w/o "------------" symbols of course):
---------------------------------------------------------------------
4armed
dnscrypt.eu-dk
dnscrypt.org-fr
dnscrypt.eu-nl
---------------------------------------------------------------------

that's all. W/o this file router will work as before (the same as with stock FW).

Regards,
Voxel.

kylewu
kylewu's picture
Hi Voxel

Hi Voxel

Got it, it is working right now. thanks.

kylewu
kylewu's picture
Hi Voxel

Hi Voxel

I uses the "cisco" server on dnscrypt, but it has some problem on iphone's app that some file can not download, if i do not use it ,it is without any problem. do you have any idea? do i need to use another server? thanks

Voxel
Voxel's picture
Hi Kylewu,

Hi Kylewu,

I use dnscrypt about half of year (initially from Entware, now from my custom FW) and I did not face such problems with my iphone or with iphone of my wife. So try another server instead of cisco. I use these four as I wrote because they are more fast for me. I did not try cisco.

 

Voxel.

Voxel
Voxel's picture
I publish new version of

I publish new version of custom FW: 1.0.1.05SF:

https://yadi.sk/d/Rw6amdu_suh5M

Changes:

1. I updated toolchain, more fresh compiler and other tools. Stability, performance.

2. Full optimization for cortex-a15 is used. Improved overall performance.

3. Using option -mfloat-abi=hard in previous versions caused problems with some precompiled programs including ookla speed test. Seems they were compiled with “-mfloat-abi=soft” . “hard” and “soft” are not compatible, and several programs failed with error “float point exception”. “softfp is compatible with both: hard and soft. So I switched to -mfloat-abi=softfp. Several tests I performed did not show difference hard vs softfp. FPU is still used. So no performance degradation. Ookla speedtest is workable now (Robysax: you signaled the problem with ookla).

4. TCP congestion control algorithm is changed from CUBIC to Vegas/YeAH-TCP (YeAH requires switching Vegas ON) See comparison for details:
http://infocom.uniroma1.it/~vacirca/yeah/yeah.pdf
(Kylewu: your test would be interesting)

5. More high optimization of OpenSSL. Its performance is increased (OpenSSL is used by OpenVPN).

6. Several packages are updated for more fresh version (including LZO used by OpenVPN for example).

7. Several packages (libraries) are removed, because are not used in firmware.

Voxel.

kylewu
kylewu's picture
Hi Voxe

Hi Voxe

The 1.0.1.03HF vegas seems like working fine. I do not encounter any connection problems any more, and the speed testing is ok too. the cisco server for dnscrypt has some problem, I solved the problem by changing to other server. however it seems like the speed is decreased.

Voxel
Voxel's picture
Hi Kylewu,
Hi Kylewu,
 
Dsncrypt proxy does not influence to the speed of download/upload. Only to name resolving.
You should find the server which is most fast for you. For your location. For example using "dig" command (from Entware). Check this file /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv  Every line with IP4 dnscrypt server contains IP address of this server. So if I want to check how fast for me is e.g. cs-fr, with IP 212.129.46.86 I can run the command "dig" from console:
 
 
root@nighthawk:/etc/init.d$ dig www.google.com @212.129.46.86
 
; <<>> DiG 9.9.8-P4 <<>> www.google.com @212.129.46.86
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63902
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 
;; QUESTION SECTION:
;www.google.com.                        IN      A
 
;; ANSWER SECTION:
www.google.com.         76      IN      A       172.217.18.228
 
;; Query time: 57 msec
;; SERVER: 212.129.46.86#53(212.129.46.86)
;; WHEN: Mon Jul 04 14:38:29 UTC 2016
;; MSG SIZE  rcvd: 48
 
root@nighthawk:/etc/init.d$
 
Check the query time. Less time is more fast for your location.
 
Voxel.
Voxel
Voxel's picture
Add-on to FW:

Add-on to FW:

I updated Entware-ng, compiled for Cortex-A15. Links are the same:

entware-cortex-a15.tar.gz https://yadi.sk/d/z82gKbw_qpz8A

entware-initial-cortexa15.tar https://yadi.sk/d/wgMUe9n7qpz8D

 

What's new: used fresh version of Entware-ng, update and new packages. Compiled with maximal optimization for Cortex-A15, hard float. Also, significant acceleration of OpenSSL, I succeeded to apply accembler optimization for OpenSSL. So OpenVPN should be yet more fast. For example (OpenSSL test), there was:

                  sign    verify    sign/s verify/s

rsa 2048 bits 0.026332s 0.000678s     38.0   1474.8

                  sign    verify    sign/s verify/s

dsa 2048 bits 0.006750s 0.008101s    148.1    123.4

 

now:

                  sign    verify    sign/s verify/s

rsa 2048 bits 0.008290s 0.000185s    120.6   5402.9

                  sign    verify    sign/s verify/s

dsa 2048 bits 0.001728s 0.002011s    578.6    497.3

 

 

It is recommended to install it from the scratch.

P.S.
I plan to add this acceleration of OpenSSL to new version of FW.

Voxel.

 

Pages