1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Compile tomato-shibby problem

Discussion in 'Tomato Firmware' started by eonghk, Jul 26, 2013.

  1. eonghk

    eonghk Reformed Router Member

    Since a few months ago, the compiler will stop at a ld error "Cannot find -lz" with the openvpn part. I know I can modify the makefile to make it right. But I hate to do this every time.
    I tried to contact the author and send a bug report in his bugtracker. But no response.
    Is there anything I missing?
    PS: I'm using the source from official git.
     
  2. shibby20

    shibby20 Network Guru Member

    I don`t see PM from you. Reports in bugtracker is so much... Please write solution here or send PM to me or give me link to bug report.

    btw i have not any problems with compilation.
     
    eonghk likes this.
  3. RMerlin

    RMerlin Network Guru Member

    Make sure you have all necessary packages installed, especially zlib1g-dev and lib32z1-dev.
     
    shibby20 likes this.
  4. eonghk

    eonghk Reformed Router Member

    Oh god. I just can't believe I can find you here. I didn't PM you here. Forget it.
    I'm using Gentoo, and I'm sure I have zlib on my system. There is no dev version on Gentoo because it's compiled from source and everything will be there. I think there is no zlib lib in the toolchain, right?

    Code:
    diff --git a/release/src/router/Makefile b/release/src/router/Makefile
    index bc19228..8560154 100644
    --- a/release/src/router/Makefile
    +++ b/release/src/router/Makefile
    @@ -1602,7 +1602,7 @@ lzo-install: lzo
     
    openvpn/.conf: openssl lzo
            cd openvpn && CFLAGS="-O3 -Wall $(EXTRACFLAGS) -ffunction-sections -fdata-sections" \
    -      LDFLAGS="-L$(TOP)/openssl -L$(TOP)/lzo/src/.libs -ffunction-sections -fdata-sections -Wl,--gc-sections" \
    +      LDFLAGS="-L$(TOP)/zlib -L$(TOP)/openssl -L$(TOP)/lzo/src/.libs -ffunction-sections -fdata-sections -Wl,--gc-sections" \
            CPPFLAGS="-I$(TOP)/lzo/include -I$(TOP)/openssl/include" \
            $(CONFIGURE) --prefix= \
            --with-crypto-library=openssl \
    
    Another questions is I have speed problem with the WAN port on Cisco E4200. It shows "1000M full" but actually the speed is limited to 100Mbps. Is it related to the "BCM_NAT" in the kernel? It seems the CTF is built-in but enabling it doesn't help.
    Thank you for everything you have done.

     
  5. koitsu

    koitsu Network Guru Member

    PHY negotiation for speed and duplex has nothing to do with CTF nor BCM_NAT. CTF is disabled in Tomato firmwares because it causes breakage when used with other features like QoS.

    Your PHY negotiation speed is a vendor-compatibility issue between your E4200 and whatever device you have it connected to. Your only solutions are to contact each of the manufacturers of the devices directly and work it out with them, otherwise change hardware until you find something that works.

    If you want to build a Tomato firmware, you need to use a distro which is known to work. There is a short list on my blog (for building Toastman firmwares; Shibby may require different/other packages) and many have stated here on the forum it works fine. Otherwise you're invited to hack on the code and work out the root cause + provide patches for a fix. Thanks!
     
    eonghk likes this.
  6. jerrm

    jerrm Network Guru Member

    It may just be an issue with robocfg and the specific switch chip, I know there were issues with some values be mis-reported.
     
  7. eonghk

    eonghk Reformed Router Member

    I'm connecting E4200 to another E4200, running the same tomato shibby version. When I copy data between two different computers connected to the two routers, the real speed is only 100mbps. It's not cable problem, I'm sure of it. And I also tried the robocfg tool, it shows "1000FD enabled".

    I can finish building the firmware with hacking the code. I just hate to do it every time I pull the latest code. And the code is not on github that I can't simply fork it. I have 8 E4200 routers running my modified version. I need to build it myself because I need to modify the protocol of openvpn to bypass my country's firewall.
     
  8. jerrm

    jerrm Network Guru Member

    Is that with non-routed traffic? 100Mbs is approaching the maximum capacity for routed traffic.
     
  9. eonghk

    eonghk Reformed Router Member

    The speed is 1Gbps if they are connected to the same E4200 router, this is non-routed traffic, right?
    If the two computers are connected to two routers, the the real speed is only 100mbps even the port tells me it's working under 1Gbps. And I think this is routed traffic. There is a gateway between them.
     
  10. RMerlin

    RMerlin Network Guru Member

    Why not create a VM running a known-compatible distro for building purposes? This is how I do all my development myself. Will save you a lot of trouble. You could even try building the source over NFS if you still wanted to be able to manipulate the code from your host (unsure if that would work properly tho, I never tested it myself).
     
  11. eonghk

    eonghk Reformed Router Member


    I'm a 10 years gentoo user. I use it because I'm familiar with it. I just don't want to install ubuntu as it's not that a big deal. And it can be fixed easily if the author would like to.
     
  12. jerrm

    jerrm Network Guru Member

    The maximum transfer rate for WAN<->LAN on a 4200 running tomato is going to be 100mbps +/- 20mpbs or so. If measuring transfer rates between 2 PCs crossing that boundary, the tests could well be limited by the routing capacity of the 4200 and not the physical connection speed.

    Best test would be something like iperf running directly on the router(s).

    It may well be a link issue, but if only testing transfer rates across the wan<->lan link you may be hitting the routing limits.
     
  13. eonghk

    eonghk Reformed Router Member


    Thank you for the information.
    But I heard that the stock firmware can reach 750mbps with WAN<-> LAN traffic.
    http://forums.whirlpool.net.au/archive/1820700
     
  14. eonghk

    eonghk Reformed Router Member

    This is what I get from another forum, post by shibby.

    port is 1Gbit (all 5 ports are one physical switch with two VLANs) but tomato does not support FastNAT (OFW propably does). This is the reason why max speed on tomato on this router is only 100Mbps and CPU has 100% load. At the moment no one backport fastNAT support to Tomato. Maybe in the future i hope it will be.
     
  15. jerrm

    jerrm Network Guru Member

  16. eonghk

    eonghk Reformed Router Member

  17. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Only with stock firmware. CTF and fast NAT are required for that kind of throughput.
     
  18. jerrm

    jerrm Network Guru Member

    Outside some idealized benchmark scenarios, I doubt 750mpbs is really attainable, but it can certainly do better than Tomato defaults.

    Seems like Victek posted what's needed to enable CTF, but there is no guarantee something else doesn't disable it (reportedly it's not just QOS with issues). If you can find the posts, it may not apply to Shibby, but it's worth a try.
     
  19. eonghk

    eonghk Reformed Router Member

    Thank you for the information.
    I tried to search his post, but most are version release info. Could you give me a link or a search keyword?
     
  20. jerrm

    jerrm Network Guru Member

  21. eonghk

    eonghk Reformed Router Member

  22. RMerlin

    RMerlin Network Guru Member


    If developers spent their time trying to support everyone's favorite distro, it would be a waste of time that would be better spent doing actual development that would actually benefit all users IMHO. There's an insane number of different distros, each with their own oddities - we can't spend our time trying to familiarize ourselves with all of them just to try to fix building the firmware under every single one. The Tomato build system is far more complicated than a regular GNU application.
     
    Toastman and jerrm like this.
  23. eonghk

    eonghk Reformed Router Member


    I just post the diff patch in #3, using or not is up to you. I really respect your work but I don't agree with you.
    There is a zlib in the source, you do include the header files from the zlib in the source, but you don't use it when you link. I think it's a bug of your Makefile, not a fault of a different distribution. You already changed to use the built-in openssl library, why not zlib?

    I like what koitsu said "Otherwise you're invited to hack on the code and work out the root cause + provide patches for a fix. Thanks!". I just come here to find the right way to send the patch. You guys don't allow fork freely like github, I don't know how to send a patch to your git. So I just tried to ask here. If doing so is wasting time for you, I'll keep silent.
     
  24. eonghk

    eonghk Reformed Router Member

  25. Victek

    Victek Network Guru Member


    disable cstats and rstats from compile in Makefile or better in rc/Makefile (just comment)... then you have it working and can reach 37MB/sec (measured with iperf and 300 threads) ..iptraffic provokes these reboots due to mess of inserted traffic shaping and control..
     
  26. RMerlin

    RMerlin Network Guru Member


    rstats should be compatible (at least in Asuswrt it is). cstats however isn't, since it uses the FORWARD chain.

    EDIT: Also note that ctf won't work if you change too many settings in the kernel versus what Broadcom used. I was told by Asus that if you do any kernel settings change, they often have to ask Broadcom to recompile ctf to match the new kernel settings.
     
  27. eonghk

    eonghk Reformed Router Member

    Thanks for the information.
    Have anyone tried reverse engineering on the ctf module to find out what it does? Maybe the only way to make it really working is to figure out what it is doing.
     

Share This Page