RV082 v1.3.3.6 Beta Firmware Report

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Toxic, Nov 4, 2006.

  1. Toxic

    Toxic Administrator Staff Member

    Just a new beta for the RV082 users. with a Windows Vista Fix and a few other features.

    RV082 v1.3.3.6 Beta Firmware


    RV082 Firmware v1.3.3.6 Release Note

    There are two firmware systems used by RV082. One is firmware v1.3.x which uses the newer Intel CSR1.2.2. The other is firmware v1.1.x which uses the original Intel CSR1.1. The look and feel are quite similar, however, the v1.3.x firmware provides more features and better performance than v1.1.x. For example, the NAT firewall throughput has reached 200Mbps (bi-directional wire speed) and the IPSec throughput (3DES) has a maximum over 90Mbps. You can upgrade or downgrade the firmware on your RV082 device whenever you want. But be warned that downgrading firmware will restore the configuration to factory default. Users have to manually configure the router after firmware downgrade.
    ***Importing configuration file exported from firmware 1.3.x into firmware 1.1.x will damage the router.***


    1. Fixed the "TCP Window Scaling" issue with Windows Vista.
    2. The maximum number of Static IP entries on DHCP->Setup page was increased from 100 to 253.
    3. The help page of the DHCP->Setup page has been updated to include the instructions to enable "MAC Filtering" using the DHCP->Static IP list.
    4. Support the SNMP link-up/link-down traps on all of the WAN and LAN ports. In the previous firmware, the link-up/link-down traps were supported on WAN ports only. In a snmp-trap frame, the port number is indicated in the field "specified trap type" which was defined as the following.

    Specified Trap Type Specified Port
    1 LAN port 1
    2 LAN port 2
    3 LAN port 3
    4 LAN port 4
    5 LAN port 5
    6 LAN port 6
    7 LAN port 7
    8 LAN port 8
    129 (0x81) WAN port 1
    130 (0x82) WAN port 2 /DMZ

    Known Issues:

    1. Changed the DHCP Server implementation. When the DHCP client requests the IP address of DNS server, RV082 will offer the one obtained from ISP. (In previous firmware, RV082 offers its LAN IP as the DNS server's IP address.) However, if users configure a DNS server in the LAN and specify the IP address of the local DNS server on the Web UI, RV082 does not offer the local DNS server's IP address to the requesting DHCP clients.
  2. pablito

    pablito Network Guru Member

    I'm not sure I follow this exactly. The DHCP is now working pretty much like I want it. I configure an internal server as 1st DNS and the RV as second in the DHCP server and the clients get exactly that. The last sentence suggests that this won't happen.

    I almost never want internal clients to point at the ISP DNS and prefer to do a local caching DNS server with the ISP as a fallback.

    So this is now working as I prefer. :)
  3. zorglubxx

    zorglubxx Network Guru Member

    I dont think it is working correctly as mentioned in that blurb. Before the dns returned was the ip of the router itself so it meant that you could define some hosts in the "DNS Local Database" field on the DHCP tab. After you always get back the 2 dns server from WAN1. Which means that any hosts entered in "DNS Local Database" are completely ignored. Entering manually a DNS server seems to also be ignored.

    I'd like to see some flexibility in the configuration where you can choose exactly what dns servers are sent to the clients. For example 1st of WAN1 and 1st of WAN2, or Router and 1st of WAN1/2, etc.
  4. pablito

    pablito Network Guru Member

    It is working for me as mentioned. If you put DNS entries in the DHCP server the client will get those servers (I even tried a Windoze box to be sure). So you could for example put the DNS of WAN1 and WAN2 in there. You might have to connect to find out what those DNS servers are but once you have them you can enter them. There isn't an automatic method for this as you suggest but I don't want that and prefer to have full control.

    If you have an internal box that can run a DNS server than that is the best one to use. Only the server does DNS queries to the outside and caches them for everyone inside.

    I would like to see the option to add manual DNS entries to a PPPoE interface like we can for static and DHCP interfaces.

    I tried running the RV as a caching DNS (like the old method of always giving users the RV as DNS) and didn't like it. It wasn't fast and didn't cache well at all. An internal DNS server is far better.
  5. mhakman

    mhakman Network Guru Member

    Has the issue with RGFW-RATELIMIT:BLOCK-SYNFLOOD been fixed?
  6. Toxic

    Toxic Administrator Staff Member

    Linksys has listed the DNS issue as a "Known Issue" this means they are working on a fix.
  7. Gitsum

    Gitsum LI Guru Member

    Just got a RV082 a couple days ago. Updated to this firmware and all seems well. Will have a second WAN line to connect up to it in a few more days and we'll see how she works then.
  8. heidnerd

    heidnerd LI Guru Member

    >>"4. Support the SNMP link-up/link-down traps on all of the WAN and LAN ports. In the previous firmware, the link-up/link-down traps were supported on WAN ports only. In a snmp-trap frame, the port number is indicated in the field "specified trap type" which was defined as the following.

    Specified Trap Type Specified Port
    1 LAN port 1
    2 LAN port 2
    3 LAN port 3
    4 LAN port 4
    5 LAN port 5
    6 LAN port 6
    7 LAN port 7
    8 LAN port 8
    129 (0x81) WAN port 1
    130 (0x82) WAN port 2 /DMZ "<<

    I don't think this is working! Only snmp data I see is still for "lo", "ixp0", "ixp1" and "ipsec". I walked the MIB trees and did not see any other data collected. Also FWIW - while the readme file appears new.. the actual firmware file appears to be from mid September. I have a support ticket into Linksys in October and they confirmed the problem with the SNMP... so I am wondering if the SNMP fix really isn't in this release....

    Otherwise I don't see anything that has broken.
  9. Gitsum

    Gitsum LI Guru Member

    I have a problem with DNS timeouts with this new firmware. After a length of time, browsing the web will stop due to "unable to find server" errors.
    By manually setting my DNS server address to on my lan computers, everything is fine.
  10. heidnerd

    heidnerd LI Guru Member

    Dual WAN load balancing still needs a lot of work. I still see a noticable slow down when load balancing is enabled. For example with WAN1 (only)on a 768Kbps DSL line... the speed tests say 700kbps download speeds. On WAN2 (only) a cablemodem connection at 1.5Mbps, the download speed is 1.4Mbps... with auto load balancing enabled... the combined speed is a whopping 600Kbps... slower then either separately!!!

    Generic web browsing has the same kind of problems -- it isn't related to just the speed test algorithms. I also see lots of connection refused packets for sites that I am visiting... so at first I thought that perhaps Statefull Packet Inspection (SPI) was getting in the way of the loadbalancing... I turned it off... no difference.
  11. pablito

    pablito Network Guru Member

    DNS: I normally don't use the RV as my DNS but today I ran it just to see. It does seem a little flaky. Slow to resolve at times and doesn't appear to do any caching. If you have an internal box that is on 24/7 I'd suggest running a caching DNS server on it and point everyone including the RV to it. Works much nicer. At home I point DNS at a server across a VPN that I keep up 24/7. Sounds risky but it works better than using an ISP's server or the RV.

    Dual WAN: I don't know how other dualies in this price range handle it but there are issues for sure. However I don't see any speed issues. You won't get any faster than one of the WANs (unless you run an app that takes advantage of it which is rare). It does a simple round robin load balancing act that for many things is just fine but session based apps have problems.

    I have one site ( with a 10M cable modem and a 5M DSL line. Since they are running session based apps that can't be failing I bind the internal subnet to WAN1 (10M). Then I protocol bind specific ports over WAN2. This effectively turns off load balancing but I can still leverage both WANs (upstream serving and VPNs etc over WAN1) and even with the WAN binding it will still failover if it needs to, this part I like a great deal.
  12. heidnerd

    heidnerd LI Guru Member

    Pablito, I am seeing far slower than either WAN port alone. Looking at the logs it appears the router is dropping the incomming packets that were requested. I realize that you won't get faster than the fastest WAN connection -- and realistically the combined is more likely to be somewhere in the average of the two (with load balancing 50/50). But you should not get 20% slower then either one alone. That is what I am seeing.

    Without binding by protocol - and using auto load balancing - activities such as liveupdates (symantec), windows update -- often hang or fail. One of the problems with many of the update services are now tunnelling via http, so if you bind http - you've now stuck nearly ALL traffic to one or the other WAN ports.

    It is easy to verify the problems.. I open up a browser with the RV082 port management screen active.... open up other browsers with the desired activity and test just WAN1, WAN2 only and combine.... everytime combined is slower then either WAN1 or WAN2 alone. And often when combined applications like Liveupdate fail....

    To be fair, part of the problem (others may have this also) is that my network is behind a proxy server, the proxy server connects to the RV082. Clients connect to the proxy-server. So unless the RV082 is really looking at the packets -- it might think they are all coming from the same source IP... instead of many IP clients.

    It may be the only solution is for Linksys to allow a choice of algorithms to be used for the load balancing. I.E. expose more of what they are doing so you can tune it...
  13. pablito

    pablito Network Guru Member

    The proxy isn't hurting things, the same behaviour is seen with regular clients. Right now the only solution is the port binding. That is working well for me and I'm getting the full speed of whichever WAN port I'm using. The auto balancing simply doesn't work fully. But port binding and failover is working and is a fair tradeoff for the short term.
  14. TazUk

    TazUk Network Guru Member

    v1.3.3.6 seems to have fixed the issue with using FQDN's for the remote gateway address in gateway to gateway VPN's, it now connects to a couple of WRV54G's fine :)
  15. greg6000

    greg6000 LI Guru Member

    Bandwidth mgmt/ protocol binding


    Thanks for your comments. Just to clarify, you do leave the load balance function ON, but then just set up protocol bindings specifically for IP's and port usage to use a specific WAN? If so, then I would guess the protocol bindings prevent any "load balancing" from occurring?

    Thanks again.

  16. heidnerd

    heidnerd LI Guru Member

    Greg, only the protocols/ports specifically bound to a WAN interface are excluded from the automatic loadbalancing. For example if you bind https to WAN1, it will only use WAN1, while http (and other ports) traffic will be load balance across WAN1/WAN2 based on your settings (speed or priority)...

    Unfortunately some websites are not truly stateless... it appears that if a session starts on WAN1, then a few follow on packets go out on WAN2... that websites will drop the WAN2 traffic... likewise the RV082 also appears to be blocking returning packets when load balancing is enabled. I can see that if I go to sites like "linksysinfo.org" and watch the firewall logs. Occasionally packets will be firewalled - even though I'm browsing the website. My guess is that somehow the statefull packet engine is not getting updated correctly... or some table is getting clobbered. That would seem to explain why performance drops when loadbalancing is enabled for port 80 traffic.... but again -- I'm guessing based on the symptons.
  17. greg6000

    greg6000 LI Guru Member


    understood now. thanks:biggrin:
  18. pablito

    pablito Network Guru Member

    While it is true that port binding effectively disables load balancing for whatever is bound it is the only reliable way to make it work. Trying to use linksysinfo is an example of a site that doesn't play well otherwise, you'll appear to be coming from two IPs and as such the login is broken on alternating pages (I don't use remember me or saved passwords). I do leave it set to load balancing mode so that I can utilize both WAN ports. For my needs I also serve email and web pages so I bind inside users to WAN1 and use WAN2 for serving and VPNs. I'll bind some protocols to WAN2 just to get some artificial balance. Not ideal but it prevents broken sessions and I still get failover even though I bind users to one port for most things.

    What I do is to bind the internal IPs (all ports) going to 0/0 destination over WAN1. Then I bind specific ports to WAN2. The logic seems to work even though I'm binding all ports to WAN1 initially, the priority seems to follow the more specific bindings before the more global all ports bindings. At least that works and is my current work around.

    I can't verify that overall performance is lowered if I let load balancing work but I'll defer to other's observations. I find other problems with doing this so I don't use it. However I do get the full bandwidth I'm expecting when port binding.

    Some high end dual WAN devices claim to work properly with the kind of issues we're seeing. Not sure how it knows when to nail traffic to a single WAN when it needs to but somehow Linksys needs to figure this out or the RV series will fail as a product. The work around is functional but won't be obvious or desirable for many people.
  19. Toxic

    Toxic Administrator Staff Member

    tbh all linksys need is to setup rules for any secure type of connection.

    an example:

    HTTPS Port 443 SSL connections. this needs a single IP address to work correctly, like internet banking etc.. using load balancing on this type of connection will fail. why linksys has ignored this is beyond me. all they need to do is setup a rule for HTTPS to stay on the same WAN IP for the length of the HTTPS connection based on the load at the time. Sounds simple, but obviously they have overlooked this rule for secure connections over load balancing.
  20. heidnerd

    heidnerd LI Guru Member

    Additional observations on firmware

    I use SNMP to monitor my firewalls.. one of the features I depend on is the ability to monitor port traffic/bandwidth. This version of the firmware was supposed to fix problems with the snmp stats. It doesn't... And it is really obvious to detect. Simple test was to bind port 80 to WAN2, then go to a site that streaming video content (like abcnews, msnbc, cnn, etc...) start the streaming going and watch the snmp metrics. Believe it or not I see snmp counters nearly the same for WAN1 & WAN2, even though traffic is bound to WAN2. Then I click on the WAN1 port icon in the summary page...and guess what... the incoming packet count isn't changing (it should not!) But clicking on the WAN2 port icon and looking at the counters -- they are climbing out of sight. And for the final test... I unplug WAN1... and the snmp stats for WAN1 keep increasing... even when the cable is unplugged!

    I'm not sure at which point the auto-load balancing firmware is getting its measurements -- but if it is from the same point as being used for the snmp... that is a problem....

    I have been trying to use the snmp stats so I can balance traffic -- much the same was as Pablito has suggested... I can rule of thumb it... but without good snmp stats --- it is real hard to track changes and confirm that manual load balancing is working as expected.
  21. aver5

    aver5 LI Guru Member

    On linux you can make load balancing but with somes options like persistant connexions i'ts usefull for all athenticated web site , ssh protocol etc
    on somes case like more tha 100 users the best solution is to make all connection persistant ( on a wan port)
    in fact load balancing is working sessions by sessions i'ts working fine
    linksys use round robin for each packet and for most case i'ts not usefull
    hope linksys change they algoritm as soon as possible
  22. tbizsys

    tbizsys Network Guru Member

    How can I determine whether my RV082's have Intel CSR1.2.2. or Intel CSR1.1?
  23. d__l

    d__l Network Guru Member

    It depends on which firmware you are using. Firmware 1.3.x uses CSR1.2.2. Any firmware before that uses CSR1.1.
  24. tbizsys

    tbizsys Network Guru Member

    These RV082's were purchased in Apr 2005 and have had their firmware upgraded a few times to current v Not sure what f/w they came with. Any way to be sure they are CSR1.2.2?

    Another was purchased last week and came with firmware v 1.3.2. We use these for both data and VoIP.
  25. aver5

    aver5 LI Guru Member

    my 10 RV082 will be purchased with v1.1.xxx and work perfectely with
    I've asked this question few month ago and response was :
    1.3.xxx work on any hardware ... strange but it work
    these are my system info Serial Number : DEZ005100051 Firmware version : (Sep 12 2006 23:08:37)
    CPU : Intel IXP425-533 DRAM : 32M Flash : 16M
  26. heidnerd

    heidnerd LI Guru Member

    The CSR1.2.2 firmware note in the revision history is really a mis-direction. The Linksys RV082 code base uses an Intel software developers kit for the IXP-425 CPU. The newer Linksys firmware includes the newer CSR1.2.2 ixp425 libraries (CPU firmware) from Intel. Anyone can visit the Intel website and download the manual or the libraries... so essentially Linksys is letting the world know that the RV-082 is including Intel libraries within the router. That is this version of the RV-082 firmware is dependent on the newer Intel binaries. It also tells us more information about the Linksys firmware itself. Intel is several releases beyond the CSR1.2.2 CPU firmware library code base -- and looking at the newer Intel documents can give you an idea of where the RV-082 firmware can go in the future.

    Long and convoluted answer is that the Intel firmware binaries are included with the Linksys RV-082 firmware... so when you upgrade the Linksys firmware it also implies that you are upgrading the CPU firmware (Intel binaries) at the same time.

    Except for the confusing note in RV-082 firmware release notes -- and my confusing response... the upgrade to the CSR1.2.2 is hidden and transparent to the user.
  27. fedor77

    fedor77 Guest

    q: how to monitor lan ports 1-8 over snmp-mrtg

    im using RV082 v1.3.3.6 version of firmware too but im not succedded with monitoring ports 1-8 separatly over SNMP and mrtg
    i found way how i can monitor wan,dmz,lan :

    1 - status (what is this for?)
    3 - ixp0 - LAN
    4 - ixp1 - WAN
    5 - ixp2 - DMZ

    sample of mrtg def.:
    # ----------------
    Title[leased]: ROUTER WAN
    PageTop[leased]: <H1>router WAN </H1>
    Target[leased]: #ixp1:public@
    MaxBytes[leased]: 180000

    # ----------------
    Title[leased1]: ROUTER 1
    PageTop[leased1]: <H1>router status?</H1>
    Target[leased1]: 1:public@
    MaxBytes[leased1]: 180000


    any idea how to monitor ports 1..8 ?
  28. Toxic

    Toxic Administrator Staff Member

    if you telnet into the rv082 have a look at the naming of the lan ports it might help.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice