Your reports for Broadcom units are highly appreciated !
Router:
Firmware:
Previous:
Kernel:
Status:
Reset:
Errors:
Router Model Netgear R7000
Firmware Version DD-WRT v3.0-r32700M kongac (07/15/17)
Kernel Version Linux 4.4.76 #353 SMP Sat Jul 15 10:15:42 CEST 2017 armv7l
reset: no
update: via DDUP
status: operational
errors: none so far....
This build thread is for reporting successes and problem with loading this experimental test build. This is important info for developers and users. Always state your hardware and SPECIFIC build (e.g. 29621_NEWD-2_K2.6_mega-nv64k.bin). Do not ask questions about your specific router or how to configure it in this thread; create your own thread to discuss any specific problems you have or need resolved. Please also do not respond to such questions. This thread is to report info, not to seek it. Posts that do not add to understanding this build will be deleted. Make sure you know how to flash properly and the risk before using this build. It is important to adhere to these requirements, to keep this thread from becoming impossibly long and useless. If you don't know what build to flash and how to flash properly and have a means of recovery if things should go wrong, do NOT flash this experimental test build. _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Sun Jul 16, 2017 5:17; edited 1 time in total
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Sat Jul 15, 2017 18:46 Post subject:
Router Model Netgear R7000
Firmware Version DD-WRT v3.0-r32700M kongac (07/15/17)
Kernel Version Linux 4.4.76 #355 SMP Sat Jul 15 22:23:40 CEST 2017 armv7l
reset: no
update: via DDUP
status: operational
errors: none so far....
although SFE is present in this build
ARP Spoofing Protection looks like a new feature too...
Thanks Kong!! _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Last edited by Alozaros on Sun Jul 16, 2017 5:16; edited 1 time in total
This build comes with SFE nat acceleration, it is automatically enabled right now, if qos is disabled.
Great news! Thanks Kong. Does this mean we'll need a erase nvram after update - for R7000 and R6300v2 anyway
Forgot to ask also: does the new SFE technique pose similar security concern <Kong> had raised multiple times about manufacturers' CFE (i.e. bypassing firewall, creating unchecked backdoors etc.)?
This build comes with SFE nat acceleration, it is automatically enabled right now, if qos is disabled.
Great news! Thanks Kong. Does this mean we'll need a erase nvram after update - for R7000 and R6300v2 anyway
Forgot to ask also: does the new SFE technique pose similar security concern <Kong> had raised multiple times about manufacturers' CFE (i.e. bypassing firewall, creating unchecked backdoors etc.)?
SFE is fully opensource, is model independent and the code is rather lean. Does not look like it poses a security risk. _________________ KONG PB's: http://www.desipro.de/ddwrt/
KONG Info: http://tips.desipro.de/
On the new rebuild (2nd build of the day), OpenVPN appears to work (it says that it is connected) but it is no longer routing properly. If I rollback to the last build from June the VPN routing works just fine (no reset, all same settings).
At first, I did not reset the router; it wouldn't let me log into router wirelessly after upgrading and I had to use one of the four wired ports to be able to log into the router. I reflashed and reset the defaults to see if it would fix any of the problems I described above. Again, I had to use one of the wired ports to be able reset the router password to be able to log into it wirelessly. After upgrading Kong firmware, openvpn does not connect have to roll back to 6/11/17 to get it to work.
Last edited by Trd64 on Sat Jul 15, 2017 23:19; edited 2 times in total
The results on my setup are impressive, thank you very much for your hard work.
Remark:
I've observed a slightly change in the result, between 652 MBits/s and 822 MBits/s.
For the test I used to routers: a Fritxbox 7580 and a Netgear R6300v2.
The R6300v2 is connected by its WAN port to a LAN port of the Fritzbox which itself acts as modem (and router).
My Desktop PC is connected via Ethernet to a LAN port of the R6300v2.
My Laptop is connected via Ethernet once to the LAN port of the Fritzbox or to the LAN port of the R6300v2.
For the test I use Linux and iperf3, the laptop acts as server, the desktop as client.