[Fork] FreshTomato-MIPS

Discussion in 'Tomato Firmware' started by kille72, Apr 26, 2018.

  1. Chrushev

    Chrushev Network Newbie Member

    Is there a recommended config for 5Ghz ? I am experiencing much weaker signals than 2.4Ghz when using defaults on both (Netgear r6300 v1).

    Also, +1 for QoS including VOIP.
     
    Last edited: Jan 9, 2019
  2. txnative

    txnative Addicted to LI Member

    Of course openwrt doesn't handle broadcom closed source that is not a floss ideal of theirs, but openwrt does support other routers as this is what I was implying, you want a good router supported by openwrt, don't buy a broadcom based router.
     
  3. txnative

    txnative Addicted to LI Member

    How are you determining that problem with 2.4 signal?
     
  4. Chrushev

    Chrushev Network Newbie Member

    Problem is not with 2.4. Problem is with 5.0.

    The 2.4 covers my entire house and then some. 5.0 is weak signal in next room over and on far end of the house no signal at all (2 drywall walls and total distance of maybe 40 feet, the router is central to the house and near the ceiling).

    I tried setting tx power to 0 (which supposed to do hardware defaults), but that didnt seem to make any difference. I also tried bumping tx power to 50 and that didnt make any difference either. Not sure if that functionality does anything.

    Does Tomato support beam forming? I know that when I had ddwrt on this router beamforming was an option (although I never tested to see if it works).
     
    Last edited: Jan 9, 2019
  5. ataru80

    ataru80 New Member Member

    Guys, do you know how to manually set the xfrm policy?
    I need to enter the commands below to manually set the xfrm policy, but I get an error of wrong use of the ip command.


    Code:
     myServer=`nvram get wan_ipaddr`
    ip xfrm policy add src $myServer dst 0.0.0.0/0 proto udp sport 1701 dir out tmpl proto esp mode transport level required
    ip xfrm policy add src 0.0.0.0/0 dst $myServer proto udp dport 1701 dir in tmpl proto esp mode transport level required
    

    Sent from my iPad using Tapatalk
     
  6. txnative

    txnative Addicted to LI Member

    What version netgear you have v1 you mentioned? Personally I was not aware that this version had support for beamforming? I own a v2CH and I do know that kong has support that does have something called implicid, expilicit beamforming but that is supported on v2 ARM v7. however you may be right. Normally using the defaults for 5 GHz works, except maybe leave the interference mitigation to 0, txpwr could set to 0, maybe use a different country other than the default one, I'm sure you are aware of 5 GHz limitations, maybe nvram erase if you haven't already done so and reapply your settings. Regards
     
  7. kernel-panic69

    kernel-panic69 Connected Client Member

    @Chrushev 5GHz band is not 2.4GHz band. 5GHz is not a wall penetrator like 2.4 is. Just my thoughts on that.

    @txnative You must mean, get an Atheros device for OpenWRT, because Marvell Kirkwood, at least one device I was looking at, has issues:

    "Caution: The wireless seems to have problems with WiFi-stability on connections to certain client chipsets, e.g. Apple-devices. See thisthread on OpenWrt developers forum."

    https://openwrt.org/toh/linksys/ea4500
     
  8. txnative

    txnative Addicted to LI Member

    No not just atheros as there are qualcomm atheros, qualcomm ipq80xx, you would have to look through the support hardware and check out what isn't broadcom. The EA4500 works as well using openwrt firmware as I own this one and the EA3500 as well and they perform wonderfully. I admit the 2.4 isn't perfect at least for the EA3500 but I haven't experienced nothing from what any user member in their forum has written about the wifi or any performance problem. That ticket posted a couple of years ago, before I bought my EA routers as I have a fine experience using openwrt for my EA4500 and EA3500.
     
    kernel-panic69 likes this.
  9. kernel-panic69

    kernel-panic69 Connected Client Member

    Figured it was an 'old' caution. I didn't know anyone else made Atheros, or IPQ? Only crossover I've known of is Ralink/Mediatek.... /off-topic
     
  10. danielhaden

    danielhaden Network Guru Member

    The 5.8ghz signal is physically half as big, quarter as strong and loses half of its power per each wall, like this: First wall half power, Second wall quarter power, Third wall eighth power, Fourth wall zilch. If your router or ap is on only one end of the house, you'll need an long ethernet cable for an AP at the other end of the house. For my "L" shaped brick house, I have an E3000 and an E2000 as 5ghz AP (wan ports empty). These were cabled to the main router via the lan ports.

    We can try some settings.
    Configuration: Try control sideband upper, try different channels and set CTS to Auto (because powersave works). Also, get the WiFi Network Analyzer android app by Zoltan Pallagi. You can then observe the signals and make more informed choices on the settings.
     
    Last edited: Jan 10, 2019
    kernel-panic69 likes this.
  11. danielhaden

    danielhaden Network Guru Member

    I did some research today for finding out how to reduce the cpu load from the L7 filters, and discovered if you put them just before the catch-all, and use a port range with it, the cpu load goes down.

    So, it is possible. This is what I came up with.

    Classification/rules
    tcp/udp, port 53, 0-10kb, class 1, dns
    tcp/udp, src port 1-65535, 0-1kb, class 1, fastlittle
    tcp/udp, dst port 80,443,8080, 0-512kb, class 4, httpsmall
    tcp/udp, dst port 80,443,8080, 512kb+, class 8, httplarge
    udp, port ranges 3478-3481,5060-5070, class2, VOIP
    udp, L7 skypetoskype, port range 50000-60000, class2, skype
    udp, L7 rtp, port range 10000-65535, class2, rtp
    tcp/udp, dst port 1-65535, class 10, anythingelse

    classes
    1,16%,100%
    2,12%,100%
    3, 8%,100%
    4, 6%,100%
    5, 4%,100%
    6, 3%,100%
    7, 2%,100%
    8, 1%, 96%
    9, 1%, 96% default
    10,1%, 96%

    That is running on my router.
    The efficiency was decent, according to fast.com.
    It is time to mention that it is better to prioritize VOIP hardware by means of the static DHCP feature (get consistent ip address and prioritize that).
     
    kernel-panic69 likes this.
  12. kille72

    kille72 LI Guru Member

    A new version of FreshTomato 2019.1.015-beta has been released. More information in the first post.
     
  13. danielhaden

    danielhaden Network Guru Member

    Not listed at first post; however, WRT320n and WNR3500v2 (no 'L') are now running freshtomato-K26_RT-MIPSR2-2019.1.015-beta-MiniIPv6 Thanks!
     
    Last edited: Jan 10, 2019
    pedro311, kernel-panic69 and kille72 like this.
  14. kille72

    kille72 LI Guru Member

    Done, thanks!

    For the following MIPSR1 and MIPSR2 routers: Asus WL500GP, N10U, N12B1/C1/D1, N15U, N16, N53, N66U, AC66U Netgear WNR3500LV1, WNR3500V2, WNR3500LV2, R6300V1, WNDR4500V1, WNDR4500V2 Linksys WRT54 series, WRT320n, E800, E900, E1000v2/v2.1, E1200V1, E1200V2, E1500, E2000, E2500, E3000, E3200, E4200 Tenda W1800R, N80 Dlink DIR-320.
     
  15. kernel-panic69

    kernel-panic69 Connected Client Member

    I'm liking the 'new' website. Just got done flashing this build on E4200v1 without issue. Still working on the busybox update @kille72 @pedro311. Had to take a break after that last status message :confused:
     
    M_ars and kille72 like this.
  16. pedro311

    pedro311 Networkin' Nut Member

    Remember: no hurry ;)
     
    kernel-panic69 likes this.
  17. danielhaden

    danielhaden Network Guru Member

    Other unlisted bcm47xx routers that run Tomato, include Linksys WRT610Nv2, WRT310Nv2, WRT160Nv3, ValetM10, Netgear WNDR3700v3, WNDR3400v1, WNR3500u, WNR2000v2, Dlink DIR-620vC1, DIR-627
    http://anon.groov.pl/
     
  18. kernel-panic69

    kernel-panic69 Connected Client Member

    D-Link DIR-620 rev C1, D-Link DIR-620 rev G1, D-Link DIR-320 rev A1, D-Link DIR-320 rev A2, D-Link DIR-627 (rev A1)*....

    We could probably list every Broadcom-MIPS device. And check through the detection to see if they are specifically detected and 'supported'. The tricky part is, of course, making sure they are property detected, etc. The missing ones would have to be added. I wasn't going to address this specifically... yet ;)
     
    danielhaden likes this.
  19. stoppa

    stoppa New Member Member

    Hey,

    I need a cheap/lower end wireless (n or ac) router for an elderly family friend. Just the basics. I plan to put freshtomato on one of the supported devices. What would be a suggested device, stability being more important than features.
     
  20. ataru80

    ataru80 New Member Member

    is it normal that the new version 2019.1.015-beta is taking more than 25 mins to upload via wifi ? And it still has not completed...

    I'm using the version freshtomato-K26USB_RT-N5x-MIPSR2-2019.1.015-beta-AIO-64K.trx

    With the old releases, the whole upgrade would last less than 5 mins...
     
  21. Beast

    Beast Network Guru Member

    Its never a good idea to update firmware over wifi. Too many thing can interfere with wifi, etc. mircrowave oven.
    IMO always use a hard wired connection to update firmwar. And I would say no it should not take that long. The size of the files did not change that much, from the last builds.
     
    kille72 likes this.
  22. Beast

    Beast Network Guru Member

    Updated to 2019.1.015 max vpn 32k version on my Asus RT-N16. So far all is running smooth.

    Is a nvram clear recommended for this update? If coming from 2018.5 32k version ?
     
  23. the_tourist

    the_tourist New Member Member

    Interesting,

    I agree with you, the easiest solution for VOIP is to set the address of its interface permanently in DHCP and then give it priority. But this doesn't apply to Skype (home version) between computers; it needs a rule, otherwise it gets to the very end of the priority list.

    I didn't mention it, but in your initial proposal, you also rejected "Sip" is there a solution for this protocol too?
     
  24. danielhaden

    danielhaden Network Guru Member

    Thanks for checking. This effort is a prospective and may not represent what is used.
    Control ports for SIP were already in port ranges 3478-3481,5060-5070. Data ports are different, contain what you wanted to prioritize and may take an L7 filter to find. The effectiveness of L7 filters diminishes due to cpu load resulting in going slightly slower, including the item you wanted to speed up. There's no boost--a QOS rule to prioritize works only by slowing down everything else. If many are added, there is conflict and it simply slows down everything. The packet drop and retries starts overwhelming any good it might do, if it were taken to an extreme.
    1). All QOS rules are are for slowing something down.
    2). You only get better performance with Less QOS rules.
     
    Last edited: Jan 11, 2019
  25. danielhaden

    danielhaden Network Guru Member

    Your suggestion is the best.
    Yes, it is evident that we need a system for Avoiding the ever-increasing collection of slowdown rules.
     
    Last edited: Jan 12, 2019
  26. Chrushev

    Chrushev Network Newbie Member

    is OpenVPN server working for people? Im using latest commit as of 2 hours ago and AIO version for r6300v1. Switched from Shibby, where OpenVPN server worked with no issues.

    I am getting it to connect. But cant send/receive any traffic.
     
  27. pedro311

    pedro311 Networkin' Nut Member

    Yes it's working. Check logs with "verb 6".
     
  28. Chrushev

    Chrushev Network Newbie Member

    How to toggle verb 6?
     
  29. pedro311

    pedro311 Networkin' Nut Member

    Really?
    Add "verb 6" in Custom Configuration...
     
  30. Chrushev

    Chrushev Network Newbie Member

    Never had to do it before sorry :) Stuff I work with typically needs the process to be executed with a flag (restarted) for higher debug.. so didnt know how to do it here.

    ANyways... yeah issue was my config.
     
  31. youmax

    youmax New Member Member

    Hi folks, is this possible?
     
  32. danielhaden

    danielhaden Network Guru Member

    I'd like to request the opposite. Extraneous graphical display load should be disabled by default. Because the router cpu has 'router things' to do.
     
    Last edited: Jan 11, 2019
  33. pedro311

    pedro311 Networkin' Nut Member

    It was already explained, in short - no.
     
    pharma and danielhaden like this.
  34. kernel-panic69

    kernel-panic69 Connected Client Member

  35. Techie007

    Techie007 Serious Server Member

    My 2c...
    • Rule 1 should be UDP only, and for ports 53 and 123 (DNS and NTP). DNS over TCP will need a second rule as the connections are persistent and will quickly accumulate past 10 KB, thus demoting the traffic.
    • Good job on web (got the main ports, and QUIC by including UDP), although I would recommend 1 MB instead of 512 KB as the threshold.
    • Do we really need an "anything else" rule given the built-in functionality for such classification?
    • It would be a good idea to include up-to-date VoIP rules for Apple (Facetime), Facebook (Messenger), Google (voice, Hangouts, Duo), WhatsApp, in addition to WiFi calling for the major phone carriers as such communications will get demoted to lowest priority otherwise, causing poor call quality and dropouts. Most of these use specific or groups of UDP ports to transfer call data.
     
  36. danielhaden

    danielhaden Network Guru Member

    Thanks for illustrating that.
    It was going so well, until including, and including, and including more rules for more things, and since all QOS rules are for slowing down anything else, Maintaining an ever growing list of slowdown rules looks like ineffective use of developer's time, especially due to the unpleasantly slow consequences of increasing the problem.

    Instead, I suggest to replace the Enable QOS Checkbox with a dropdown menu like this:
    Disabled
    Auto
    Manual

    So, there's Auto, no maintenance and no settings other than in-rate and out-rate; Plus there's Manual, the old QOS intact.
     
    Last edited: Jan 14, 2019
  37. ddimitrov

    ddimitrov Network Newbie Member

    Permanent very high CPU load (CPU load 3.0+) on Linksys E3200 when both AdBlock + Tor are enabled. This happens on Freshtomato 2018.5 and on the new Freshtomato 2019.1.015-beta too. This causes the router to hang. I have not tried older Freshtomato releases. The problem does not happen when only AdBlock is enabled, or only Tor is enabled.

    After countless re-intslallations, NVRAM cleanups, 30-30-30 cleanups, different configuration options and so on, I gave up and reverted back to Shibby Tomato rel.140, where the combination AdBlock + Tor works flawlessly on the same router device.
     
    Last edited: Jan 12, 2019
  38. rs232

    rs232 Network Guru Member

    What does top say when you experience high CPU utilisation? What's using the CPU?
     
  39. danielhaden

    danielhaden Network Guru Member

    Right, a digital input setting cannot change the physical resistors for output level.

    Looks like 1=low, 42=lowish, 73=medium, 160=high, and 0 increases power by number of clients or similar scheme.
    This sets the input volume, not the amp output (of course input too high = clipping/fuzz for trashed data, or input too low = bits/bitrate reduction). The driver on mine seems to have some validation or averaging feature.
    Actual output is set by resistors, and the one you can change is the antenna.

    Also this: For anything with an amplifier, every time you double the power, you can expect 3db more output. One dose of 3db is similar to dropping a sewing pin. For a double power example, drop 2 sewing pins. For a four times power example, drop 4 sewing pins. This was approximate but explains why the power settings can't make shock and awe differences.

    Lastly: If the need is beyond the scope of non-corrupting output power, then you'll need either WDS/mesh for wireless or run a long Ethernet cable for an AP situated where you had wanted wifi to work. And, as for right tools for the job, output power doesn't belong in a top 10 list.

    EDIT:
    Actually, that wasn't all. I think it sporting to fine tune output power setting at just one room away distance to achieve maximum throughput. Settings for maximum quality also prevent going below data-rate drop threshold at maximum distance.
     
    Last edited: Jan 13, 2019
    SeƱor Nimda likes this.
  40. hkwakernaak

    hkwakernaak Serious Server Member

    With FreshTomato 2019.1.015-beta my RT-AC66U is working rock solid, 2.4/5.0Ghz Wifi is working again. thanks for the fix!

     
  41. danielhaden

    danielhaden Network Guru Member

    Is there documentation on how to do AP's (wan port empty) with the goal of forward all wired+wifi to everything (like mac-level forward)?
     
    Last edited: Jan 13, 2019
  42. Wolfgan

    Wolfgan Networkin' Nut Member

    Great news. Which image did you losded?

    Sent from my SGH-I747M using Tapatalk
     
  43. danielhaden

    danielhaden Network Guru Member

    2019.1.015 K26AC USB says the TomatoAnon database.
     
    Last edited: Jan 13, 2019
    Wolfgan likes this.
  44. hkwakernaak

    hkwakernaak Serious Server Member

    "freshtomato-RT-AC66U_RT-AC6x-2019.1.015-beta-AIO-64K.zip"

     
    Wolfgan likes this.
  45. youmax

    youmax New Member Member

  46. Wolfgan

    Wolfgan Networkin' Nut Member

    Thanks for the image confirmation guys!

    Sent from my SGH-I747M using Tapatalk
     
  47. ddimitrov

    ddimitrov Network Newbie Member

    Linksys E3200, Freshtomato 2019.1.015-beta, default settings,
    permanent very high CPU consumption (same as with Freshtomato 2018.5)
    when both AdBlock + Tor are enabled:

    1) The process that is consuming CPU all the time is the tor process;
    2) The output of "top" after about 10 minute run is as follows:

    Mem: 52084K used, 9160K free, 0K shrd, 688K buff, 11244K cached
    CPU: 15% usr 53% sys 0% nic 0% idle 31% io 0% irq 0% sirq
    Load average: 1.76 1.53 0.94 3/30 2192
    PID PPID USER STAT VSZ %VSZ %CPU COMMAND
    586 1 nobody R 21480 35% 56% tor -f /etc/tor.conf
    92 2 root SW< 0 0% 5% [mtdblockd]
    457 428 root S 1212 2% 2% dropbear -p 22 -a
    1790 1608 root R 1600 3% 1% top
    49 2 root DW< 0 0% 0% [kswapd0]
    2026 1 nobody S 10220 17% 0% dnsmasq -c 4096 --log-async
    1420 1 root S 3348 5% 0% httpd
    1253 1 root S 1608 3% 0% udhcpc -i vlan2 -b -s dhcpc-event -H unknown -O 33 -O 121 -O 249 -m -p /var/run/udhcpc-wan.pid
    1324 1 root S 1604 3% 0% ntpd -l
    463 1 root S 1604 3% 0% crond -l 9
    1608 457 root S 1604 3% 0% -sh
    315 314 root S 1600 3% 0% /bin/sh
    317 1 root S 1592 3% 0% syslogd -L -s 50 -b 1
    319 1 root S 1592 3% 0% klogd
    1 0 root S 1400 2% 0% /sbin/init noinitrd
    313 1 root S 1384 2% 0% buttons
    314 1 root S 1352 2% 0% console
    428 1 root S 1144 2% 0% dropbear -p 22 -a
    465 1 root S 1044 2% 0% rstats
    475 1 root S 892 1% 0% cstats
    275 1 root S 620 1% 0% hotplug2 --persistent --no-coldplug
    4 2 root SW< 0 0% 0% [events/0]
    24 2 root SW< 0 0% 0% [khubd]
    50 2 root SW< 0 0% 0% [aio/0]
    47 2 root SW 0 0% 0% [pdflush]
    5 2 root SW< 0 0% 0% [khelper]
    21 2 root SW< 0 0% 0% [kblockd/0]
    2 0 root SW< 0 0% 0% [kthreadd]
    3 2 root SW< 0 0% 0% [ksoftirqd/0]
    48 2 root SW 0 0% 0% [pdflush]


    ------

    The results of a 10 minute run when Tor is enabled, but AdBlock disabled, are as follow:

    1) Tor was consuming about 95-100% CPU for about 3 minutes at the beginning, after that it was "quiet" with 0-10% CPU load;
    2) The output of "top" after about 10 minute run is as follows:

    Mem: 49324K used, 11920K free, 0K shrd, 3492K buff, 15408K cached
    CPU: 0% usr 0% sys 0% nic 98% idle 0% io 0% irq 0% sirq
    Load average: 0.03 0.24 0.25 3/31 1822
    PID PPID USER STAT VSZ %VSZ %CPU COMMAND
    1607 1444 root R 1600 3% 0% top
    551 1 nobody S 21544 35% 0% tor -f /etc/tor.conf
    1822 1135 root R 3352 5% 0% httpd
    1135 1 root S 3348 5% 0% httpd
    462 1 root S 1616 3% 0% crond -l 9
    972 1 root S 1608 3% 0% udhcpc -i vlan2 -b -s dhcpc-event -H unknown -O 33 -O 121 -O 249 -m -p /var/run/udhcpc-wan.pid
    1040 1 root S 1604 3% 0% ntpd -l
    1444 1440 root S 1604 3% 0% -sh
    320 314 root S 1600 3% 0% /bin/sh
    316 1 root S 1592 3% 0% syslogd -L -s 50 -b 1
    318 1 root S 1592 3% 0% klogd
    977 1 nobody S 1480 2% 0% dnsmasq -c 4096 --log-async
    1 0 root S 1400 2% 0% /sbin/init noinitrd
    313 1 root S 1384 2% 0% buttons
    314 1 root S 1352 2% 0% console
    1440 428 root S 1212 2% 0% dropbear -p 22 -a
    428 1 root S 1144 2% 0% dropbear -p 22 -a
    464 1 root S 1044 2% 0% rstats
    473 1 root S 892 1% 0% cstats
    275 1 root S 620 1% 0% hotplug2 --persistent --no-coldplug
    92 2 root SW< 0 0% 0% [mtdblockd]
    4 2 root SW< 0 0% 0% [events/0]
    5 2 root SW< 0 0% 0% [khelper]
    24 2 root SW< 0 0% 0% [khubd]
    50 2 root SW< 0 0% 0% [aio/0]
    47 2 root SW 0 0% 0% [pdflush]
    21 2 root SW< 0 0% 0% [kblockd/0]
    2 0 root SW< 0 0% 0% [kthreadd]
    3 2 root SW< 0 0% 0% [ksoftirqd/0]
    48 2 root SW 0 0% 0% [pdflush]
    49 2 root SW< 0 0% 0% [kswapd0]


    ------

    The results of a 4-5 minute run when AbBlock is enabled, but Tor disabled, are as follow (I did not wait any longer because everything is absolutely quiet after that):

    Mem: 43240K used, 18004K free, 0K shrd, 4268K buff, 14724K cached
    CPU: 2% usr 0% sys 0% nic 96% idle 0% io 0% irq 1% sirq
    Load average: 0.04 0.18 0.09 2/29 1631
    PID PPID USER STAT VSZ %VSZ %CPU COMMAND
    1631 1 nobody S 10220 17% 2% dnsmasq -c 4096 --log-async
    1466 1260 root R 1600 3% 0% top
    1134 1 root S 3348 5% 0% httpd
    949 1 root S 1608 3% 0% udhcpc -i vlan2 -b -s dhcpc-event -H unknown -O 33 -O 121 -O 249 -m -p /var/run/udhcpc-wan.pid
    1046 1 root S 1604 3% 0% ntpd -l
    1260 1259 root S 1604 3% 0% -sh
    462 1 root S 1604 3% 0% crond -l 9
    315 314 root S 1600 3% 0% /bin/sh
    317 1 root S 1592 3% 0% syslogd -L -s 50 -b 1
    319 1 root S 1592 3% 0% klogd
    1 0 root S 1400 2% 0% /sbin/init noinitrd
    313 1 root S 1384 2% 0% buttons
    314 1 root S 1352 2% 0% console
    1259 428 root S 1212 2% 0% dropbear -p 22 -a
    428 1 root S 1144 2% 0% dropbear -p 22 -a
    464 1 root S 1044 2% 0% rstats
    478 1 root S 892 1% 0% cstats
    275 1 root S 620 1% 0% hotplug2 --persistent --no-coldplug
    92 2 root SW< 0 0% 0% [mtdblockd]
    4 2 root SW< 0 0% 0% [events/0]
    24 2 root SW< 0 0% 0% [khubd]
    5 2 root SW< 0 0% 0% [khelper]
    21 2 root SW< 0 0% 0% [kblockd/0]
    50 2 root SW< 0 0% 0% [aio/0]
    47 2 root SW 0 0% 0% [pdflush]
    48 2 root SW 0 0% 0% [pdflush]
    49 2 root SW< 0 0% 0% [kswapd0]
    2 0 root SW< 0 0% 0% [kthreadd]
    3 2 root SW< 0 0% 0% [ksoftirqd/0]


    So ?

    I did not experience such CPU load on the same device with Shibby Tomato rel.140 and both AdBlock + Tor enabled. Could it be the newer Tor version in Freshtomato causing this CPU load? Or may this Tor version be more memory demanding than the previous one (my router has only 64MB RAM)?
     
    kernel-panic69 likes this.
  48. pedro311

    pedro311 Networkin' Nut Member

    Disable all lists except one (the first one) in Adblock, and restart router with Tor and Adblock enabled.
    Check with top/htop. Give us details.
     
    M_ars, kernel-panic69 and danielhaden like this.
  49. ddimitrov

    ddimitrov Network Newbie Member

    Disabling all lists except the 1st one in AdBlock seems to be solving the problem. Now, after a run of a couple of minutes the router is idle, and the output of top is as follows:

    Mem: 48968K used, 12276K free, 0K shrd, 1616K buff, 13780K cached
    CPU: 0% usr 1% sys 0% nic 98% idle 0% io 0% irq 0% sirq
    Load average: 0.04 0.40 0.33 2/30 1981
    PID PPID USER STAT VSZ %VSZ %CPU COMMAND
    1946 1452 root R 1600 3% 0% top
    614 1 nobody S 21480 35% 0% tor -f /etc/tor.conf
    1321 1 root S 3348 5% 0% httpd
    1805 1 nobody S 3204 5% 0% dnsmasq -c 4096 --log-async
    1062 1 root S 1608 3% 0% udhcpc -i vlan2 -b -s dhcpc-event -H unknown -O 33 -O 121 -O 249 -m -p /var/run/udhcpc-wan.pid
    1452 1449 root S 1604 3% 0% -sh
    1230 1 root S 1604 3% 0% ntpd -l
    462 1 root S 1604 3% 0% crond -l 9
    315 314 root S 1600 3% 0% /bin/sh
    317 1 root S 1592 3% 0% syslogd -L -s 50 -b 1
    319 1 root S 1592 3% 0% klogd
    1 0 root S 1400 2% 0% /sbin/init noinitrd
    313 1 root S 1384 2% 0% buttons
    314 1 root S 1352 2% 0% console
    1449 428 root S 1212 2% 0% dropbear -p 22 -a
    428 1 root S 1144 2% 0% dropbear -p 22 -a
    470 1 root S 1044 2% 0% rstats
    469 1 root S 892 1% 0% cstats
    275 1 root S 620 1% 0% hotplug2 --persistent --no-coldplug
    92 2 root SW< 0 0% 0% [mtdblockd]
    4 2 root SW< 0 0% 0% [events/0]
    24 2 root SW< 0 0% 0% [khubd]
    21 2 root SW< 0 0% 0% [kblockd/0]
    50 2 root SW< 0 0% 0% [aio/0]
    47 2 root SW 0 0% 0% [pdflush]
    5 2 root SW< 0 0% 0% [khelper]
    49 2 root SW< 0 0% 0% [kswapd0]
    2 0 root SW< 0 0% 0% [kthreadd]
    3 2 root SW< 0 0% 0% [ksoftirqd/0]
    48 2 root SW 0 0% 0% [pdflush]


    Previous time (when the other lists in AdBlock were enabled by default) the memory consumption of dnsmasq was much higher (about 10220 KB), while it is much less now (about 3204 KB). Previous time I noticed that the process [mtdblockd] was working and consuming some CPU. I do not know what [mtdblockd] exactly is, but as far as know it is related to reading/writing to the flash memory, so probably some intensive swapping had occurred then, which could be causing a lot of overhead.

    In fact, the number of enabled AdBlock lists in Shibby Tomato is shorter and dsnmasq was consuming there only 4000KB of memory (by default, 4 enabled lists in Shibby Tomato vs 6 enabled in Freshtomato). One of these 2 "extra" lists is relatively large and it has been causing extra memory consumption. Fortunately, I need only the 1st list, so I will be implement this workaround (e.g. disabling all the other AdBlock lists in order to limit my memory usage).

    @pedro311 Thank you very much!
     
    Last edited: Jan 14, 2019
    kernel-panic69 likes this.
  50. danielhaden

    danielhaden Network Guru Member

    Fun with DNSmasq
    Code:
    no-resolv
    server=208.67.222.222
    server=1.0.0.1
    server=9.9.9.9
    server=1.1.1.1
    min-cache-ttl=3600
    cache-size=1000
    bogus-priv
    domain-needed
    quiet-dhcp
    log-facility=-
    dhcp-host=AA:BB:CC:AA:BB:CC, id:*, F'n-Printer, 192.168.1.151, infinite
    dhcp-host=AA:BB:CC:AA:BB:CC, id:*, MagicJack, 192.168.1.152, infinite
    dhcp-host=AA:BB:CC:AA:BB:CC, id:*, HP-Desktop, 192.168.1.153, 12h
    dhcp-host=AA:BB:CC:AA:BB:CC, id:*, Lg-Phone, 192.168.1.154
    address=/intellitxt.com/0.0.0.0
    address=/1e100.net/0.0.0.0
    I especially enjoy being able to put my long list of static dhcp assignments into a text file for quick, convenient copy-paste-done.

    CPU-efficient bandwidth management: With static dhcp that easy, you can put vital/important client devices Above the auto-dhcp range. . . and then overlap the auto-dhcp range with a bandwidth limit (use the bandwidth limit menu and 5% less than fast.com reports). Especially effective if you add a little connlimit startup script.
    iptables -I INPUT -s 192.168.1.1/25 -m connlimit --connlimit-mask 32 --connlimit-above 150 -j REJECT
    And change the auto-dhcp range (basic, network, lan, dhcp) to 192.168.1.50-125.

    Applying the combination of bandwidth limit and connlimit to a range of 192.168.1.2 to 192.168.1.125 means that you can put your priority devices up higher than that, where a limit is not applied.
     
    Last edited: Jan 16, 2019 at 10:59 AM
    kernel-panic69 and rs232 like this.
  51. dadaniel

    dadaniel Network Guru Member

    I did not write udhcpd anywhere? The problem is when you uncheck "use internal DNS server" the router should not send it's own IP address anymore in DHCP lease DNS field! It should send the entered static DNS servers instead!
     
  52. kernel-panic69

    kernel-panic69 Connected Client Member

    Which is why you check the 'use received and entered DNS' option....

    ^ -- I guess I interpreted dnsmasq not running to equal that udhcpd was running instead ;):oops:
     
  53. Sean B.

    Sean B. LI Guru Member

    I don't see where the post is that you quoted from @dadaniel stating that the router sends out it's own IP to LAN clients when "use internal DNS" is unchecked and dnsmasq is not running. That statement begs the question, how exactly is the router sending DNS servers to clients when there is no DHCP server running to send that information?
     
    kernel-panic69 likes this.
  54. kernel-panic69

    kernel-panic69 Connected Client Member

    In DD-WRT, if you disable dnsmasq, udhcpd is enabled by default -- which doesn't apply to FreshTomato. That is probably where my thought process was, but yes, one would think that with no dhcp server running...
     
  55. dadaniel

    dadaniel Network Guru Member

    I don't know what exactly happens under the hood when I uncheck "use internal DNS". The only fact that I know is that the router is still serving DHCP clients (which is OK) and sends it's own IP address in the DNS field (which is NOT OK)! If 'use received and entered DNS' is NOT checked, then DHCP's DNS field should be empty. If it is checked, it should send received and entered DNS directly to client's DHCP lease.

    I am not sure if the combination of NOT "use internal DNS" and 'use received and entered DNS' is working at all, so would it possible for you to check? I currently don't have a router available for testing :(
     
  56. kernel-panic69

    kernel-panic69 Connected Client Member

    Code:
    Wireless LAN adapter Wi-Fi:
    
    Connection-specific DNS Suffix  . :
    Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 3168
    Physical Address. . . . . . . . . : 88-B1-11-CC-3E-8B
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IPv4 Address. . . . . . . . . . . : 192.168.10.49(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Thursday, January 17, 2019 9:13:32 AM
    Lease Expires . . . . . . . . . . : Friday, January 18, 2019 9:13:31 AM
    Default Gateway . . . . . . . . . : 192.168.10.1
    DHCP Server . . . . . . . . . . . : 192.168.10.1
    DNS Servers . . . . . . . . . . . : 208.67.222.222
                                        208.67.220.220
                                        208.67.222.220
    NetBIOS over Tcpip. . . . . . . . : Disabled
    I can add entered DNS if you want, but that is the results of ipconfig /all for the wireless connected to FT. Not sure if Windows is nice enough to allow 2+ more servers in the list, it's been a while :confused::rolleyes:
     
  57. danielhaden

    danielhaden Network Guru Member

    To make that feasible, replace the first thing on this page: http://192.168.1.1/qos-settings.asp "Enable QOS" checkbox, with:
    Radio buttons, *Disable, *Auto, *Manual

    Manual is the same old QOS, unchanged and available.

    Auto is the new go-fast QOS, Maintenance-Free, like this:
    Code:
    (on qos-classify.asp page)
    TCP/UDP, SRC port 1-65535, Transferred 0-1kb, class1, Fastlittle
    TCP/UDP, DST port 1-5070, Transferred 0-64kb, class2, Launch
    TCP/UDP, DST port 1-65535, Transferred 0-512kb, class3, Medio
    TCP/UDP, DST port 1-65535, Transferred 0-1024kb, class4, Large
    TCP/UDP, DST port 1-65535, Transferred 1024kb+ class5, Stream
    
    (on qos-settings.asp page)
    1, 12%, 100%
    2, 3%, 100%
    3, 3%, 100%
    4, 1%, 100%
    5, 1%, 96% Set as Default
    6, no, no
    7, no, no
    8, no, no
    9, no, no
    10, no, no
    (same for both outbound and inbound).
     
    Last edited: Jan 19, 2019 at 12:52 PM
    kernel-panic69 likes this.
  58. Sean B.

    Sean B. LI Guru Member

    When you said dnsmasq is not running, did you actually turn off DHCP under Basic->Network? Or just uncheck "use internal dns"? My guess is dhcp is still enabled, therefor dnsmasq is still running. Dnsmasq, from its own code not Tomatos, will send the IP address of the machine it's running on as DNS by default. To change this, simply put this in the custom config box under DHCP/dns:

    Code:
    dhcp-option=option:dns-server,X.X.X.X,Y.Y.Y.Y
    Where X.X.X.X is the primary dns server IP you want sent to clients, and Y.Y.Y.Y is an optional seconday server.
     
    danielhaden and kernel-panic69 like this.
  59. UserDirk

    UserDirk New Member Member

    File is too big to fit in MTD Cisco E3000 2019.1.015-beta and the VPN version. Must be < 8MB.
    But the mini vpn works. Thx.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice