Actiontec GT701-WG and openvpn, need help.

All about firmwares for routers. Support for RouterTech firmwares is here too.
Post Reply
digrobot
Newbie
Newbie
Posts: 7
Joined: Sun Aug 29, 2010 11:50 am
Location: Kazakhstan

Actiontec GT701-WG and openvpn, need help.

Post by digrobot » Fri Oct 22, 2010 12:50 pm

Hello!
Some time ago I had Dlink DSL-500T router. I flashed it with ar7rd-1port-adam2 2.94 Routertech firmware and configured openvpn as client with static key. I created mtd5 partition, put openvpn config, keys and certs to "/nvram/ovpn" dir, wrote startup.sh and onconnect.sh scripts for openvpn, where I added route to my openvn server and created iptables rule for masquerading tun0 interface.
It all works perfect.

Now I have Actiontec GT701-WG. I flashed it with ar7wrd-1port-adam2 2.94 and trying to set up openvpn with the same way as previously. Unfortunately, the router freezes (no webpanel, no telnet, no led activity) when at least one transit IP packet passing through the openvpn.

Here my openvpn files in /nvram/ovpn/

Code: Select all

start.sh
onconnect.sh
openvpn.ovpn
openvpn.key
start.sh

Code: Select all

#!/bin/sh


OVPN_TGTPATH=/var/tmp/openvpn
mkdir -p ${OVPN_TGTPATH}

# mknod
MKNOD=/bin/mknod
[ ! -f "$MKNOD" ] && MKNOD=$OVPN_TGTPATH/mknod

# The device name
TUNDEV=tun

# The device directory
TUNDEVPATH=/var/tmp

# The complete file name of the device
TUNDEVFILE=${TUNDEVPATH}/${TUNDEV}

# Start
echo "initializing module ethertap and tun"
modprobe -v -k ethertap
modprobe -v -k tun

echo "creating device node $TUNDEVFILE"
mkdir -p ${TUNDEVPATH}
$MKNOD -m 0644 ${TUNDEVFILE} c 10 200

cp -af /nvram/ovpn/*.crt "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.key "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.pem "$OVPN_TGTPATH"
cp -af /nvram/ovpn/*.ovpn "$OVPN_TGTPATH"

echo "calling openvpn"
sleep 2

# Log file.
OVPN_LOG=/var/log/ovpn.log
OVPN_STAT=/var/log/ovpn.stat

# start OpenVPN
/usr/local/bin/openvpn --cd ${OVPN_TGTPATH} --dev-node ${TUNDEVFILE} --config ${OVPN_TGTPATH}/openvpn.ovpn --log ${OVPN_LOG} --status $OVPN_STAT 5 &
sleep 2
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
echo /nvram/ovpn/onconnect.sh >> /var/tmp/onconnectWAN
onconnect.sh

Code: Select all

#!/bin/sh

# my openvpn server
route add -host 80.81.82.83 dev ppp0

# default gateway
route del default
route add default dev tun0
When openvpn started, I have these interfaces:

Code: Select all

/var # ifconfig
br0       Link encap:Ethernet  HWaddr 00:15:15:15:15:74
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16926 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23040 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:2327141 (2.2 MiB)  TX bytes:19576463 (18.6 MiB)

br1       Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

br2       Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr 00:15:15:15:15:74
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16926 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23043 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:2564105 (2.4 MiB)  TX bytes:19576589 (18.6 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

nas0      Link encap:Ethernet  HWaddr 00:15:15:15:15:76
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:20280 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15318 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:18040327 (17.2 MiB)  TX bytes:3523751 (3.3 MiB)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:178.95.19.26  P-t-P:95.58.76.80  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:20184 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15223 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:17874409 (17.0 MiB)  TX bytes:3032764 (2.8 MiB)

tun0      Link encap:Point-to-Point Protocol
          inet addr:10.12.0.2  P-t-P:10.12.0.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:16889 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12954 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:13885255 (13.2 MiB)  TX bytes:1813620 (1.7 MiB)
Tunnel works, I can ping endpoint:

Code: Select all

/var # ping 10.12.0.1
PING 10.12.0.1 (10.12.0.1): 56 data bytes
64 bytes from 10.12.0.1: seq=0 ttl=64 time=160.000 ms
64 bytes from 10.12.0.1: seq=1 ttl=64 time=150.000 ms
64 bytes from 10.12.0.1: seq=2 ttl=64 time=150.000 ms
64 bytes from 10.12.0.1: seq=3 ttl=64 time=150.000 ms
NAT table:

Code: Select all

/var # iptables -t nat -v -L
Chain PREROUTING (policy ACCEPT 245 packets, 24271 bytes)
 pkts bytes target     prot opt in     out     source               destination


Chain POSTROUTING (policy ACCEPT 30 packets, 2244 bytes)
 pkts bytes target     prot opt in     out     source               destination

    4   280 MASQUERADE  all  --  any    ppp0    anywhere             anywhere
    0     0 MASQUERADE  all  --  any    tun0    anywhere             anywhere

Chain OUTPUT (policy ACCEPT 35 packets, 2742 bytes)
 pkts bytes target     prot opt in     out     source               destination
I think free memory is enough:

Code: Select all

/var # free
              total         used         free       shared      buffers
  Mem:        14228        12620         1608            0         1152
 Swap:            0            0            0
Total:        14228        12620         1608
The most interesting thing is that when I flash router partially with kernel image from ar7rd-1port-adam2 firmware and filesystem image from ar7wrd-1port-adam2 - it works, and openvpn working too! No freezing! But wireless, of course, not working :(

It can be the kernel problem or something else? I have no idea. :( Would be grateful for any help. Thanks.
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: Actiontec GT701-WG and openvpn, need help.

Post by thechief » Sat Oct 23, 2010 12:06 am

Post the system diagnostics.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
digrobot
Newbie
Newbie
Posts: 7
Joined: Sun Aug 29, 2010 11:50 am
Location: Kazakhstan

Re: Actiontec GT701-WG and openvpn, need help.

Post by digrobot » Sat Oct 23, 2010 5:38 am

Code: Select all

ROUTERTECH SYSTEM DIAGNOSTICS

Operating system version
Linux version 2.4.17_mvl21-malta-mips_fp_le (developers@RouterTech.Org) #1 Wed Aug 18 11:08:46 BST 2010

Firmware version information
BUILD=RouterTech_3.6.0D_20100818_2.94
VERSION=3.6.0D-RouterTech-Adam2
BOARD=AR7WRD
TARGET=Adam2_1-Port
FSSTAMP=20100818111250

PSP version information

Linux OS DSL-PSPOhioL version 4.5.0.5 Best and Final on BasePSP Version 5.7.6.12  Aug 18 2010 11:09:46 
Avalanche SOC Version: 0x260005 operating in cached, write back, write allocate mode
Cpu Frequency:150 MHZ
System Bus frequency: 125 MHZ


Driver version information
Core Logic version: 3.6.0D 
Texas Instruments CPMAC driver version: 1.5
Texas Instruments CPMAC HAL version: CPMAC 01.07.08 Aug 18 2010 11:08:57
ATM Driver version:[7.05.01.00]
DSL HAL version: [7.05.01.00]
DSP Datapump version: [7.05.01.00] Annex A
SAR HAL version: [01.07.2c]
PDSP Firmware version:[0.54]
Chipset ID: [7300/7300A]

Modem Modulation Information
NO_MODE			0x0
ADSL_G.dmt			0x3
ADSL_G.lite			0x4
ADSL_G.dmt.bis			0x8
ADSL_G.dmt.bis_DELT			0x9
ADSL_2plus			0x10
ADSL_2plus_DELT			0x11
ADSL_re-adsl			0x20
ADSL_re-adsl_DELT			0x21
ADSL_ANSI_T1.413			0x2
MULTI_MODE			0x1
ADSL_G.dmt.bis_AnxI			0x0
ADSL_G.dmt.bis_AnxJ			0x0
ADSL_G.dmt.bis_AnxM			0x400
ADSL_2plus_AnxI			0x0
ADSL_2plus_AnxJ			0x0
ADSL_2plus_AnxM			0x2000
G.shdsl			0x0
IDSL			0x0
HDSL			0x0
SDSL			0x0
VDSL			0x0

System environment (/proc/sys/dev/adam2/environment)

AEIBootVersion	0.9i
autoload	1
autoload_timeout	8
bootloaderVersion	0.22.02
bootserport	tty0
connection1	0x9d1b
cpufrequency	150000000
DSL_FEATURE_CNTL_0	0x00110000
DSL_PHY_CNTL_0	0x00006700
enable_margin_retrain	0
firstfreeaddress	0x9401d5a8
flashsize	0x00400000
HWA_HRNDIS	00:E0:00:00:00:E1
HWA_RNDIS	00:E0:00:00:00:EB
HWRevision	2A+
led_conf	led.gt701wg
maca	00:15:00:00:00:74
macb	00:15:00:00:00:75
macc	00:15:00:00:00:76
mac_ap	00:15:00:00:00:77
memsize	0x01000000
modetty0	38400,n,8,1,hw
modetty1	38400,n,8,1,hw
modulation	0x1
mtd0	0x90090000,0x903d0000
mtd1	0x90010000,0x90090000
mtd2	0x90000000,0x90010000
mtd3	0x903f0000,0x90400000
mtd4	0x90010000,0x903d0000
mtd5	0x903d0000,0x903f0000
my_ipaddress	192.168.1.1
ProductID	GT701-WG
prompt	Adam2_AR7RD
req_fullrate_freq	125000000
RT_cmd_1	/nvram/ovpn/start.sh
RT_init_nvram	mount -t minix /dev/mtdblock/5 /nvram/
SerialNumber	none
StaticBuffer	120
sysfrequency	125000000
usb_board_mac	00:15:00:00:00:78
usb_man	Actiontec Electronics, Inc.
usb_pid	0x6010
usb_prod	Actiontec Gateway
usb_rndis_mac	00:15:00:00:00:79
usb_vid	0x1668
vcc_encaps0	0.0
vcc_encaps1	0.0
vcc_encaps2	0.0
vcc_encaps3	0.0
vcc_encaps4	0.0
vcc_encaps5	0.0
vcc_encaps6	0.0
vcc_encaps7	0.0

CPU information
processor		: 0
cpu model		: MIPS 4KEc V4.8
BogoMIPS		: 149.91
wait instruction	: no
microsecond timers	: yes
extra interrupt vector	: yes
hardware watchpoint	: yes
VCED exceptions		: not available
VCEI exceptions		: not available

Memory (RAM) information
        total:    used:    free:  shared: buffers:  cached:
Mem:  14553088 12902400  1650688        0  1757184  5795840
Swap:        0        0        0
MemTotal:        14212 kB
MemFree:          1612 kB
MemShared:           0 kB
Buffers:          1716 kB
Cached:           5660 kB
SwapCached:          0 kB
Active:           1896 kB
Inactive:         7372 kB
HighTotal:           0 kB
HighFree:            0 kB
LowTotal:        14212 kB
LowFree:          1612 kB
SwapTotal:           0 kB
SwapFree:            0 kB

Flash memory (chip) information
Flash type: AMD; Manufacturer=MACRONIX (AMD-compat).
Manufacturer_ID=0x00C2; Chip_ID=0x00A8; Chip_Size=0x400000; Erase_Regions=0x0002

Mount points
/dev/mtdblock/0 / squashfs ro 0 0
none /dev devfs rw 0 0
proc /proc proc rw 0 0
ramfs /var ramfs rw 0 0
/dev/mtdblock/5 /nvram minix rw 0 0

Filesystems
nodev	rootfs
nodev	bdev
nodev	proc
nodev	sockfs
nodev	tmpfs
nodev	shm
nodev	pipefs
nodev	ramfs
	minix
nodev	devfs
	squashfs

MTD
dev:    size   erasesize  name
mtd0: 00340000 00010000 "mtd0"
mtd1: 00080000 00010000 "mtd1"
mtd2: 00010000 00002000 "mtd2"
mtd3: 00010000 00010000 "mtd3"
mtd4: 003c0000 00010000 "mtd4"
mtd5: 00020000 00010000 "mtd5"

Kernel modules
tun                     4984   3 (autoclean)
ethertap                3720   0 (autoclean) (unused)
tiatm                 138672   1

Interrupts
  7:    21011   R4000 timer/counter [MIPS interrupt]
  8:        0   unified secondary [hw0 (Avalanche Primary)]
 15:      383   serial [hw0 (Avalanche Primary)]
 23:      335 + SAR  [hw0 (Avalanche Primary)]
 27:     3199 + Cpmac Driver [hw0 (Avalanche Primary)]
 29:        0   vlynq0 [hw0 (Avalanche Primary)]
 47:       51 + DSL  [hw0 (Avalanche Primary)]

Devices
Character devices:
  1 mem
  2 pty/m%d
  3 pty/s%d
  4 tts/%d
  5 cua/%d
 10 misc
108 ppp
128 ptm
136 pts/%d
162 raw

Block devices:
  7 loop
 31 mtdblock

Processes
  PID USER       VSZ STAT COMMAND
    1 root      1056 S    init
    2 root         0 SW   [keventd]
    3 root         0 SWN  [ksoftirqd_CPU0]
    4 root         0 SW   [kswapd]
    5 root         0 SW   [bdflush]
    6 root         0 SW   [kupdated]
    7 root         0 SW   [mtdblockd]
  365 root      1180 S    /usr/sbin/thttpd -d /usr/www -u root -p 80 -c /cgi-b
  368 root      2156 S    /usr/bin/cm_pc
  369 root      3660 S    /usr/bin/cm_logic -m /dev/ticfg -c /etc/config.xml
  403 root       744 S    /sbin/dproxy -c /etc/resolv.conf -d
  476 root      1056 S    init
  514 root      2136 S    /usr/local/bin/openvpn --cd /var/tmp/openvpn --dev-n
  635 root      2396 S    /usr/sbin/pppd plugin pppoe nas0 user ispuser password 6
  741 root       920 S    /sbin/msntp -r 2 -t 5 -p 30 -s wwv.nist.gov ntp2b.mc
  742 root       684 S    /usr/sbin/udhcpd /var/tmp/udhcpd.conf
 1218 root      1044 S    /sbin/iptables -I INPUT 1 -p tcp --dport 80 -s 00,03
 1223 root      1064 S N  /bin/sh diagnostics.cgi
 1224 root      1180 S    /usr/sbin/thttpd -d /usr/www -u root -p 80 -c /cgi-b
 1228 root       628 S N  /usr/local/bin/diagnostics
 1229 root      1060 S N  sh -c /usr/local/bin/diagnostics.sh
 1230 root      1064 S N  /bin/sh /usr/local/bin/diagnostics.sh
 1254 root      1056 R N  /bin/ps

ADSL Modem information

AR7 DSL Modem Statistics:
--------------------------------
[DSL Modem Stats]
	US Connection Rate:	896	DS Connection Rate:	2368
	DS Line Attenuation:	16	DS Margin:		31
	US Line Attenuation:	9	US Margin:		14
	US Payload :		22992	DS Payload:		29040
	US Superframe Cnt :	10049	DS Superframe Cnt:	10049
	US Transmit Power :	12	DS Transmit Power:	-5
	LOS errors:		0	SEF errors:		0
	Errored Seconds:	0	Severely Err Secs:	0
	Frame mode:		3	Max Frame mode:		0
	Trained Path:		1	US Peak Cell Rate:	2113
	Trained Mode:		3	Selected Mode:		1
	ATUC Vendor Code:	54535443	ATUC Revision:	1
	Hybrid Selected:	1	Trellis:		1
	Showtime Count:		1	DS Max Attainable Bit Rate: 11840 kbps
	BitSwap:		1	US Max Attainable Bit Rate:	n/a
	Annex: 			AnxA	psd_mask_qualifier: 0x0000
	ATUC ghsVid:  b5 00 54 53 54 43 00 00
	T1413Vid: 00 00		T1413Rev: 00		VendorRev: 00
	ATUR ghsVid:  b5 00 54 53 54 43 00 00
	T1413Vid: 00 00	T1413Rev: 00	VendorRev: 00

	[Upstream (TX) Interleave path]
	CRC: 	1	FEC: 	0	NCD: 	0
	LCD: 	0	HEC: 	0

	[Downstream (RX) Interleave path]
	CRC: 	0	FEC: 	0	NCD: 	0
	LCD: 	0	HEC: 	0

	[Upstream (TX) Fast path]
	CRC: 	0	FEC: 	0	NCD: 	1
	LCD: 	0	HEC: 	0

	[Downstream (RX) Fast path]
	CRC: 	0	FEC: 	0	NCD: 	0
	LCD: 	0	HEC: 	0

[ATM Stats]
	[Upstream/TX]
	Good Cell Cnt:	479
	Idle Cell Cnt:	360526


	[Downstream/RX)]
	Good Cell Cnt:	605
	Idle Cell Cnt:	953428
	Bad Hec Cell Cnt:	0
	Overflow Dropped Cell Cnt:	0

[SAR AAL5 Stats]
	Tx PDU's:	160
	Rx PDU's:	161
	Tx Total Bytes:	15708
	Rx Total Bytes:	23273
	Tx Total Error Counts:	0
	Rx Total Error Counts:	0


[OAM Stats]
	Near End F5 Loop Back Count:	0
	Near End F4 Loop Back Count:	0
	Far End F5 Loop Back Count:	0
	Far End F4 Loop Back Count:	0
	SAR OAM Ping Response Drop Count=15

Trained modulation: 
ADSL_G.dmt 

Path mode: 
Interleaved

Network statistics
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 0.0.0.0:www             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:domain          0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:ftp             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:telnet          0.0.0.0:*               LISTEN      
tcp        0      0 mygateway1.AR7WRD:www   192.168.1.2:3033        ESTABLISHED 
tcp        0      0 mygateway1.AR7WRD:www   192.168.1.2:3027        TIME_WAIT   
tcp        0      0 mygateway1.AR7WRD:telnet 192.168.1.2:3028        TIME_WAIT   
udp        0      0 0.0.0.0:2048            0.0.0.0:*                           
udp        0      0 0.0.0.0:domain          0.0.0.0:*                           
udp        0      0 0.0.0.0:bootps          0.0.0.0:*                           
udp        0      0 0.0.0.0:tftp            0.0.0.0:*                           
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  5      [ ]         DGRAM                       446 /dev/log
unix  2      [ ]         DGRAM                       448 /dev/klog
unix  2      [ ]         DGRAM                       419 /var/tmp/cm_pc.ctl
unix  2      [ ]         DGRAM                       433 /var/tmp/cm_logic.ctl
unix  2      [ ]         DGRAM                      1102 
unix  2      [ ]         DGRAM                      1052 
unix  2      [ ]         DGRAM                      1026 
unix  2      [ ]         STREAM                      405 
unix  2      [ ]         DGRAM                       404 
unix  2      [ ]         DGRAM                        25 

Iptables chains
Chain INPUT (policy ACCEPT 1243 packets, 98034 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  219 27026 ACCEPT     all  --  ppp0   any     anywhere             anywhere           state RELATED,ESTABLISHED 
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere           icmp fragmentation-needed 
    0     0 DROP       icmp -f  any    any     anywhere             anywhere           
    0     0 DROP       all  --  ppp0   any     anywhere             anywhere           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  ppp0   any     anywhere             anywhere           state RELATED,ESTABLISHED 
    0     0 TCPMSS     tcp  --  any    ppp0    anywhere             anywhere           tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU 
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere           icmp fragmentation-needed 
    0     0 DROP       all  --  ppp0   any     anywhere             anywhere           

Chain OUTPUT (policy ACCEPT 2320 packets, 1629K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere           icmp fragmentation-needed 
    0     0 DROP       icmp --  any    ppp0    anywhere             anywhere           icmp destination-unreachable 
    0     0 DROP       icmp --  any    ppp0    anywhere             anywhere           state INVALID 

Network interface details
br0       Link encap:Ethernet  HWaddr 00:15:00:00:00:74  
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1240 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2100 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:121917 (119.0 KiB)  TX bytes:1644588 (1.5 MiB)

br1       Link encap:Ethernet  HWaddr 00:00:00:00:00:00  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

br2       Link encap:Ethernet  HWaddr 00:00:00:00:00:00  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr 00:15:05:36:70:74  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1240 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2100 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:121917 (119.0 KiB)  TX bytes:1644588 (1.5 MiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

nas0      Link encap:Ethernet  HWaddr 00:15:05:36:70:76  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:237 errors:0 dropped:0 overruns:0 frame:0
          TX packets:236 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:29836 (29.1 KiB)  TX bytes:23237 (22.6 KiB)

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:89.208.200.13  P-t-P:95.50.170.80  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:222 errors:0 dropped:0 overruns:0 frame:0
          TX packets:221 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:27140 (26.5 KiB)  TX bytes:15338 (14.9 KiB)

tun0      Link encap:Point-to-Point Protocol  
          inet addr:10.12.0.2  P-t-P:10.12.0.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:516 (516.0 B)  TX bytes:380 (380.0 B)


System Log
Aug 18 11:12:12 | AP is disabled 
Aug 18 11:12:12 | Valid Configuration Tree 
Aug 18 11:12:12 | NTP Polling Timer for DHCP Started succesfully. 
Aug 18 11:12:12 | DSL Polling Timer Started succesfully. 
Aug 18 11:12:12 | PSP Boot environment  Modem Modulation Change: 0x1 
Aug 18 11:12:12 | Firewall NAT service started 
Aug 18 11:12:13 | Bridge Created: br0 
Aug 18 11:12:15 | Bridge VLAN0 add eth0 
Aug 18 11:12:15 | Bridge VLAN AUTO OFF. 
Aug 18 11:12:15 | Bridge VLAN0 add eth1 
Aug 18 11:12:15 | Bridge VLAN AUTO OFF. 
Aug 18 11:12:15 | Bridge VLAN0 add eth2 
Aug 18 11:12:15 | Bridge VLAN AUTO OFF. 
Aug 18 11:12:15 | Bridge VLAN0 add eth3 
Aug 18 11:12:15 | Bridge VLAN AUTO OFF. 
Aug 18 11:12:15 | Bridge Created: br1 
Aug 18 11:12:16 | Bridge Created: br2 
Aug 18 11:12:18 | USB is disabled  
Aug 18 11:12:18 | Bridge Interface Added: eth0 
Aug 18 11:12:20 | Add Bridge Iface Error: 1 
Aug 18 11:12:21 | Add Bridge Iface Error: 1 
Aug 18 11:12:21 | Add Bridge Iface Error: 1 
Aug 18 11:12:22 | DSL Carrier is down 
Aug 18 11:12:23 | rcS not stopped by init. Stopping it ...  
Aug 18 11:12:32 | DSL Carrier is up 
Aug 18 11:12:32 | sar read trained mode (1)(ADSL_G.dmt) 
Aug 18 11:12:33 | ---}}} Start of connection delayed for 7 sec 
Aug 18 11:12:40 | PPPoE Launch after conn delay timeout ... 
Aug 18 11:12:41 | pppd 2.4.4 started by root, uid 0 
Aug 18 11:12:41 | Unexpected packet: Ether addr: 00:90:1a:a3:34:82  (PPPOE Discovery)  PPPoE hdr: ver=0x1 type=0x1 code=0x07 sid=0x0000 length=0x0037 (PADO)  PPPoE tag: type=0102 length=0013 (AC Name) data (UTF-8): Megaline-mkkg-bng-1 PPPoE tag: type=0103 length=0004 (Host 
Aug 18 11:13:48 | New PPP_ID: 0x9d1b  
Aug 18 11:13:48 | Got connection: 9d1b 
Aug 18 11:13:48 | Saved Session ID: 0 
Aug 18 11:13:48 | AC MAC address: 00-90-1a-a2-96-51 
Aug 18 11:13:48 | Connect: ppp0 {--} nas0 
Aug 18 11:13:49 | PAP authentication succeeded 
Aug 18 11:13:49 | local  IP address 89.208.200.13  
Aug 18 11:13:49 | remote IP address 95.50.170.80 
Aug 18 11:13:49 | primary   DNS address 212.154.163.162 
Aug 18 11:13:49 | secondary DNS address 95.56.237.24 
Aug 18 11:13:49 | PPPoE Connect with IP Address 89.208.200.13   
Aug 18 11:13:49 | PPPoE Connection Successfully Established  
Aug 18 11:13:49 | Renew PPPoE Session ID: 0x9d1b  
Aug 18 11:13:49 | PPPoE Connect with Gateway IP Address: 95.50.170.80  
Aug 18 12:14:10 | onconnectWAN: cron has been disabled in the bootloader environment.  

Miscellaneous information
RouterTech firmware release: 2.94
Linux version 2.4.17_mvl21-malta-mips_fp_le (developers@RouterTech.Org) #1 Wed Aug 18 11:08:46 BST 2010
BUILD=RouterTech_3.6.0D_20100818_2.94
VERSION=3.6.0D-RouterTech-Adam2
BOARD=AR7WRD
TARGET=Adam2_1-Port
FSSTAMP=20100818111250
Ethernet ports: 1
Core logic version: 3.6.0D
Boot Loader: Adam2 v0.22.02
ATM Driver version:[7.05.01.00]
DSL HAL version: [7.05.01.00]
DSP Datapump version: [7.05.01.00] Annex A
SAR HAL version: [01.07.2c]
PDSP Firmware version:[0.54]
Chipset ID: [7300/7300A]
Upstream rate (kbps):  896
Downstream rate (kbps):  2368
Trained Modulation: ADSL_G.dmt
Path Mode: Interleaved
System uptime: 0 hr 3 min - 0 day(s), 0 hour(s), 3 minute(s), and 46 second(s) (system 70% idle)
WAN uptime: 0hr 1min 45sec
WAN IP address: 89.208.200.13
Bandwidth usage:
	Downloads : 0.0341 MB
	Uploads   : 0.0224 MB
Line attenuation: 
	DS Line Attenuation:	16	DS Margin:		31
	US Line Attenuation:	9	US Margin:		14
Memory usage:
	In active use : 37% of 14212 kb
	Available     : 63% (8972 kb) of 14212 kb (of which 7408 kb is marked as "Inactive" and 1564 kb is free)
Environment fragmentation: 
	Fragmentation level is "1" (out of 54 records). The threshold is "30".
Connection information: connection1 
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: Actiontec GT701-WG and openvpn, need help.

Post by thechief » Sat Oct 23, 2010 9:21 am

It seems that something is not right with your startup script. Use the built-in startup scripts (openvpn.sh et al) and post the result.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
digrobot
Newbie
Newbie
Posts: 7
Joined: Sun Aug 29, 2010 11:50 am
Location: Kazakhstan

Re: Actiontec GT701-WG and openvpn, need help.

Post by digrobot » Sat Oct 23, 2010 10:34 am

I need use OpenVPN in "P2P-static-key" (point-to-point) mode.
Built-in startup script does not allow run openvpn in this mode (as well like as client).
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: Actiontec GT701-WG and openvpn, need help.

Post by thechief » Sat Oct 23, 2010 10:43 am

digrobot wrote:I need use OpenVPN in "P2P-static-key" (point-to-point) mode.
Built-in startup script does not allow run openvpn in this mode (as well like as client).
I see. Unfortunately, that is beyond me, so I can't offer any assistance here.

PS: have you tried using pptpd ?
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
digrobot
Newbie
Newbie
Posts: 7
Joined: Sun Aug 29, 2010 11:50 am
Location: Kazakhstan

Re: Actiontec GT701-WG and openvpn, need help.

Post by digrobot » Thu Oct 28, 2010 12:01 pm

pptpd does not suit me because it used fixed TCP port which I can not change. Also pptpd does not support UDP as transport layer.

Last days I playing with Routertech firmware sources, downloaded from this site. I built two kernel images with default supplied configs for AR7RD and AR7WRD boards. They both work on my router, but not with openvpn (still freezing).

So, the only kernel that works with openvpn, is kernel from ar7rd-1port-adam2 package. Is it possible to look at .config for this firmware? I tend to think that tweaking some kernel options may solve my problem.
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: Actiontec GT701-WG and openvpn, need help.

Post by thechief » Thu Oct 28, 2010 1:31 pm

digrobot wrote:So, the only kernel that works with openvpn, is kernel from ar7rd-1port-adam2 package. Is it possible to look at .config for this firmware? I tend to think that tweaking some kernel options may solve my problem.
If you have the sources, then the relevant .config is already there.

Edit: are you talking about the 2mb-flash or 4mb-flash version of ar7rd-1port-adam2 ?
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: Actiontec GT701-WG and openvpn, need help.

Post by thechief » Thu Oct 28, 2010 4:53 pm

What is in your openvpn.ovpn and client ovpn files? Are you certain that they both refer to tun and not to tap?
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
mstombs
RouterTech Team
RouterTech Team
Posts: 3753
Joined: Wed Jan 10, 2007 11:54 pm

Re: Actiontec GT701-WG and openvpn, need help.

Post by mstombs » Thu Oct 28, 2010 5:15 pm

One kernel difference you may want to explore is the Ti optimization TI_SLOW_PATH, this hides interfaces from DarkStat, but couldn't be disabled in the wireless firmware because it was required by the binary wireless driver.
digrobot
Newbie
Newbie
Posts: 7
Joined: Sun Aug 29, 2010 11:50 am
Location: Kazakhstan

Re: Actiontec GT701-WG and openvpn, need help.

Post by digrobot » Thu Oct 28, 2010 6:00 pm

If you have the sources, then the relevant .config is already there.
I downloaded routertech-v2.94-GPL-firmware-sources.tar.bz2.tar file from this topic: viewtopic.php?f=23&t=3555
There are only old reference TI configs (NSP_AR7*...) in tools/configs, and three Acorp configs.
Acorp configs seems to be much newer, but have disabled some features, that Routertech kernels have (e.g. minix fs, tun device... ). So I thought that there is no actual .config in distributed sources. If I wrong, please tell me.
are you talking about the 2mb-flash or 4mb-flash version of ar7rd-1port-adam2
4mb-flash ar7rd-1port-adam2
What is in your openvpn.ovpn and client ovpn files? Are you certain that they both refer to tun and not to tap?
here is my openvpn.ovpn

Code: Select all

nobind
remote remoteserver port
ifconfig 10.12.0.2 10.12.0.1
verb 2
mute 0
secret openvpn.key
proto udp
dev tun
keepalive 10 120
#comp-lzo
mssfix 1200
persist-key
persist-tun
Also I point openvpn to tun device in start.sh

Code: Select all

# The device directory
TUNDEVPATH=/dev/net
# The device name
TUNDEV=tun
# The complete file name of the device
TUNDEVFILE=${TUNDEVPATH}/${TUNDEV}
/usr/local/bin/openvpn --cd ${OVPN_TGTPATH} --dev-node ${TUNDEVFILE} --config ${OVPN_TGTPATH}/openvpn.ovpn --log ${OVPN_LOG} --status $OVPN_STAT 5 &
One kernel difference you may want to explore is the Ti optimization TI_SLOW_PATH, this hides interfaces from DarkStat, but couldn't be disabled in the wireless firmware because it was required by the binary wireless driver.
Thanks, I'll try to change this option
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: Actiontec GT701-WG and openvpn, need help.

Post by thechief » Thu Oct 28, 2010 6:21 pm

digrobot wrote:... and three Acorp configs.
Those are the .configs (e.g., Acorp_LAN120.config, in the PROFILE/ directory tree).
digrobot wrote:Acorp configs seems to be much newer, but have disabled some features, that Routertech kernels have (e.g. minix fs, tun device... ). So I thought that there is no actual .config in distributed sources. If I wrong, please tell me.
See above. You can add these to them

Code: Select all

CONFIG_FSCK_MINIX=y
CONFIG_MKFS_MINIX=y
CONFIG_MINIX_FS=y
CONFIG_TUN=m
CONFIG_ETHERTAP=m
You can also try

Code: Select all

TI_SLOW_PATH=y
But that will crash the wireless AP driver if you ever try to run Darkstat (or anything that uses tcpdump).

Note also that some things are actually in Busybox 1.17.x.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
digrobot
Newbie
Newbie
Posts: 7
Joined: Sun Aug 29, 2010 11:50 am
Location: Kazakhstan

Re: Actiontec GT701-WG and openvpn, need help.

Post by digrobot » Sun Oct 31, 2010 5:55 pm

I almost broke my brain whith it :)

Firstly, I noticed that the router freezes only when openvpn tunnel is up.
Therefore I decided log and catch packets, returning from other side of openvpn tunnel. I have set up remote system log, and set the trap at router:

Code: Select all

cat /proc/kmsg | logger &
iptables -t mangle -A POSTROUTING -s 10.12.0.1 -j LOG --log-level=5
iptables -t mangle -A POSTROUTING -s 10.12.0.1 -j DROP
Then I doing ping remote side of openvpn tunnel (10.12.0.1) from my PC (192.168.1.2). No problem, There are echos:

Code: Select all

31.10.2010,10:10:36,192.168.1.1,???,USER,NOTICE, root: Aug 18 12:28:21 | {5}IN= OUT=br0 SRC=10.12.0.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=55437 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=34818  
31.10.2010,10:10:41,192.168.1.1,???,USER,NOTICE, root: Aug 18 12:28:27 | {5}IN= OUT=br0 SRC=10.12.0.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=55438 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=35074  
31.10.2010,10:10:46,192.168.1.1,???,USER,NOTICE, root: Aug 18 12:28:32 | {5}IN= OUT=br0 SRC=10.12.0.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=55439 PROTO=ICMP TYPE=0 CODE=0 ID=512 SEQ=35330
Set the trap at next step:

Code: Select all

iptables -t mangle -F POSTROUTING
iptables -t nat -I POSTROUTING -s 10.12.0.1 -j DROP
iptables -t nat -I POSTROUTING -s 10.12.0.1 -j LOG --log-level=5
Now the router crashes at first response packet from 10.12.0.1 :(

So, the problem may be lying in netfilter (rather NAT), in my honest opinion. I tried to built kernel with three netfilters from the RouterTech sources (asus patched, old, and nsp340), but with no success (still freezes).
Also I built the kernel with TI_SLOW_PATH option. It seems to be working (the leds shows DSL up and WAN connecting), but I can't connect to the router to any way (ethernet broken).
digrobot
Newbie
Newbie
Posts: 7
Joined: Sun Aug 29, 2010 11:50 am
Location: Kazakhstan

Re: Actiontec GT701-WG and openvpn, need help.

Post by digrobot » Mon Nov 01, 2010 11:17 am

When I compiled kernel with TI_SLOW_PATH option, ethernet was not working.
When I compiled without TI_SLOW_PATH option, ethernet was working, but router freezes with openvpn.

Then I patched Avalanche CPMAC driver (drivers/net/avalanche_cpmac/cpmac.c), forcing TI_SLOW_PATH in this file always off, and compiled the kernel with TI_SLOW_PATH on.

Not sure, that is right way, but now there is no problem with openvpn - all working as I expect :)
Thanks a lot for your advices, happy-end!
User avatar
thechief
RouterTech Team
RouterTech Team
Posts: 12067
Joined: Wed Feb 01, 2006 10:22 pm
Location: England, the Centre of Africa
Contact:

Re: Actiontec GT701-WG and openvpn, need help.

Post by thechief » Mon Nov 01, 2010 11:26 am

digrobot wrote:Then I patched Avalanche CPMAC driver (drivers/net/avalanche_cpmac/cpmac.c), forcing TI_SLOW_PATH in this file always off, and compiled the kernel with TI_SLOW_PATH on.

Not sure, that is right way, but now there is no problem with openvpn - all working as I expect :)
Thanks a lot for your advices, happy-end!
If it works and does not produce any unwanted side effects, then it is the "right" way. ;)

However, you need to know that TI_SLOW_PATH will crash the wireless driver if you try to run darkstat. It may of course be possible to fix that problem if one knows where to turn TI_SLOW_PATH off selectively.
The Chief: :afro: Be sure to read the Firmware FAQ and do a Forum Search before posting!
No support via PM. Ask all questions on the open forum.
Post Reply