RT-N66U Dumps & info

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page 1, 2  Next
Author Message
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Thu May 17, 2012 1:13    Post subject: RT-N66U Dumps & info Reply with quote
I thought it may be best to start a new thread so we can get this whole nvram thing figured out instead of piling on to the other rt-66 thread.

LOM wanted the nvram partition dumped with the old asus 32k firmware, and the new asus 64k nvram firmware to look at what is being done..

I crashed and burned trying to just use telnet to copy the nvram mtd partition to a usb stick. Not sure why. I have done it many times but this time I was having problems.. I just got empty files. I opened up the router (no more warranty) and used serial and the cfe save commands to dump the wholeflash.

According to the boot capture via serial, nvram on both asus firmware's is supposed to start at offset 0x01fe0000.. Well.. looking at the wholeflash dumps, there is nothing there.. all FF's

The old firmware (108), nvram starts at offset 0x01ff8000.

The new 64k firmware, nvram starts at offset 0x01ff0000

The diff between the two address's is 32K but they are starting the nvram partition 32k sooner.

I am confused.. I wanted to share.

There is a zip file on my ftp server if you wish to download it and see for yourself. The file is 45 MB.. It has the wholeflash dumps as well as boot logs for the 32k firmware, and the 64k (new). My upload speed sucks (1mbs) so it may take a few minutes to download. I am keeping this separate from the cfe ftp access.

url = ftp://barryware.net or ftp://ftp.barryware.net (depending on your client).

User name = rt66
Password = wtf

_________________
[Moderator Deleted] Shocked
Sponsor
Dark_Shadow
DD-WRT Guru


Joined: 31 Aug 2009
Posts: 2448
Location: Third Rock from the Sun

PostPosted: Thu May 17, 2012 5:24    Post subject: Reply with quote
LOM wrote:
The new cfe is, except for a few default variables, identical to the old one.
The new cfe is made for 32kb nvram and not for 64kb.

It will be interesting to see what the nvram mtd partition looks like.
Some of the DEV's on Tomato tryed enabling the 64k via firmware, it worked but once you got past 32k the router crashed.
_________________
Peacock Thread-FAQ -- dd-wrt Wiki

Testing Multiple Routers -- Bootloader Collection Project -- My Wiki
LOM
DD-WRT Guru


Joined: 28 Dec 2008
Posts: 7647

PostPosted: Thu May 17, 2012 11:48    Post subject: Reply with quote
Asus has only done half of the job, they have increased the nvram in the firmware from 32 to 64kb.
What they have not done is increasing the nvram in the CFE code so that it matches the firmware and that is likely to cause big problems.
I wonder what happens on a router running the 64kb nvram firmware when you do a long reset with the reset button..

_________________
Kernel panic: Aiee, killing interrupt handler!
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Thu May 17, 2012 12:52    Post subject: Reply with quote
LOM wrote:
Asus has only done half of the job, they have increased the nvram in the firmware from 32 to 64kb.
What they have not done is increasing the nvram in the CFE code so that it matches the firmware and that is likely to cause big problems.
I wonder what happens on a router running the 64kb nvram firmware when you do a long reset with the reset button..

That should be easy enough to test.. I'll do some configuring.. the reset via gui, reset button, and telnet (erase nvram).. we'll see what happens..

_________________
[Moderator Deleted] Shocked
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Fri May 18, 2012 14:24    Post subject: Reply with quote
@LOM..

I plan to mess with the 66 over the weekend in regards to what happens during clearing nvram with the stock asus firmware that supports 64k.

I think it is a waste of time but I am curious.

Using the reset button, will prolly clear nvram and rebuild it but because the router will reboot, it will get rebuilt and show nothing cool (maybe). The same thing will prolly happen using the gui to reset to factory defaults.

I may be able to stop the boot (re-boot) via serial and dump the nvram before it rebuilds.

using the cfe to erase nvram, may yeild something of interest..

Now for my question(s)..

Under you expert guidance and tutelage in the past, you tought me the flash chip data is available at 0xbc000000.

So if I don't want to dump the whole flash, just add the starting address to 0xbc~?

the 64k nvram starts at offset 0x01ff0000. So add that to 0xbc000000.. that means the data I want starts @ 0xbdff000. I want the data to the end of the flash chip (length). 64k = 0x00010000.

so.. save <tftp server ip>:64k.bin bdff000 10000

yes?

_________________
[Moderator Deleted] Shocked
LOM
DD-WRT Guru


Joined: 28 Dec 2008
Posts: 7647

PostPosted: Fri May 18, 2012 15:27    Post subject: Reply with quote
barryware wrote:


so.. save <tftp server ip>:64k.bin bdff000 10000

yes?


Yes but I think the save cmd needs to be told that it is hex values, ie 0xbdff0000 and 0x10000

_________________
Kernel panic: Aiee, killing interrupt handler!
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Fri May 18, 2012 15:54    Post subject: Reply with quote
LOM wrote:
barryware wrote:


so.. save <tftp server ip>:64k.bin bdff000 10000

yes?


Yes but I think the save cmd needs to be told that it is hex values, ie 0xbdff0000 and 0x10000

With this router / cfe, I don't need to use the 0x prefix.. just the address in hex. At least I didn't for the wholeflash.

_________________
[Moderator Deleted] Shocked
Fractal
DD-WRT Guru


Joined: 19 Apr 2010
Posts: 1243

PostPosted: Fri May 18, 2012 16:02    Post subject: Reply with quote
barryware wrote:
LOM wrote:
barryware wrote:


so.. save <tftp server ip>:64k.bin bdff000 10000

yes?


Yes but I think the save cmd needs to be told that it is hex values, ie 0xbdff0000 and 0x10000

With this router / cfe, I don't need to use the 0x prefix.. just the address in hex. At least I didn't for the wholeflash.


you can dump just the nvram partition by:

cat /proc/mtd/mtd1 > /tmp/nvram.bin

mtd0 is cfe
mtd1 is nvram

I think you are right they are doing a tomato type approach to increasing the nvram space. You would think that if they did update the CFE itself they would get new code from broadcom, a (C)2008 CFE looks almost the same as the N16.

Lol even the E900 64k cfe would suffice given they had the correct parameters.

-Fractal
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Fri May 18, 2012 16:09    Post subject: Reply with quote
Fractal wrote:

you can dump just the nvram partition by:

cat /proc/mtd/mtd1 > /tmp/nvram.bin

mtd0 is cfe
mtd1 is nvram

Thanks for that.. I dumped wholeflash cuz I wanted to see where nvram went (location). As stated earlier, boot log states nvram is located @ 0x01fe0000.. However, it is really @ 0x01ff0000

I guess none of it matters.. we know how they are doing it. Doesn't look like it is dd-wrt friendly and digging any further seems to be a waste of time.

_________________
[Moderator Deleted] Shocked
LOM
DD-WRT Guru


Joined: 28 Dec 2008
Posts: 7647

PostPosted: Fri May 18, 2012 16:58    Post subject: Reply with quote
barryware wrote:

Thanks for that.. I dumped wholeflash cuz I wanted to see where nvram went (location). As stated earlier, boot log states nvram is located @ 0x01fe0000.. However, it is really @ 0x01ff0000



What you see in the boot log is partition names/aliases but there is no requirement that data must start at the first byte in a partition.
The partition in which nvram resided is 128KB because that is the flash blocksize, the smallest amount one can erase in the type of flash used in RT-N66U.

nvram data does traditionally occupy the last 32KB in the last flash sector which for most routers means that the the mtd partition is 64 KB and 32KB is wasted before nvram data starts.
It is those wasted 32KB that is being used for nv64k routers and it is 28KB of them that is being used in nv60k routers.
If the blocksize of the flash is 128KB instead of 64KB, then there is an additional 64KB wasted.

_________________
Kernel panic: Aiee, killing interrupt handler!
barryware
DD-WRT Guru


Joined: 26 Jan 2008
Posts: 13049
Location: Behind The Reset Button

PostPosted: Fri May 18, 2012 17:07    Post subject: Reply with quote
ok.. I get it.. I was using the addresses in the boot log:

Creating 5 MTD partitions on "Physically mapped flash":
0x00000000-0x00040000 : "pmon"
0x00040000-0x01fe0000 : "linux"
0x0013c400-0x011e0000 : "rootfs"
0x01fe0000-0x02000000 : "nvram"
0x01f40000-0x01fe0000 : "jffs2"

01ff0000 is after 01fe0000 so either way, it is still taking up the last sectors of the flash chip.. Kinda like you said Smile

_________________
[Moderator Deleted] Shocked
AndyMS
DD-WRT Novice


Joined: 17 Apr 2012
Posts: 23

PostPosted: Fri May 18, 2012 17:44    Post subject: Reply with quote
I posted this over in the other thread, but thought I'd post it here too.

Quote:
Adam_Kwong
11:27 AM (12 minutes ago)

to me
Hi Andrew,

I have given team feedback regarding CFE. However, we are working towards a solution for DD-WRT users at this time.

Best Regards,

Adam K.
Customer Care Specialist J
ASUS Computers International
Revenent
DD-WRT Novice


Joined: 30 Mar 2012
Posts: 12

PostPosted: Mon Jun 04, 2012 6:03    Post subject: Reply with quote
Any further news from Asus about the firmware fix for 64KB NVRAM?
_________________
[ Asus RT-N66U - stock f/w ]
Dutchman01
DD-WRT Novice


Joined: 12 Jul 2009
Posts: 33
Location: Netherlands

PostPosted: Mon Jul 30, 2012 1:56    Post subject: Reply with quote
Any news/update from Asus yet?

I still have the option to bring the unit back to the shop if the cfe will not get nvram 64k.
benito11
DD-WRT User


Joined: 10 Jan 2011
Posts: 56

PostPosted: Mon Sep 17, 2012 18:52    Post subject: Reply with quote
Any news with the new released firmware from ASUS?

Best regards
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum