R9000 - upgrade from +1year older version without reset

Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware
View previous topic :: View next topic  
Author Message
mvrk
DD-WRT Novice


Joined: 20 Oct 2009
Posts: 44
Location: Czech Republic
PostPosted: Mon Feb 19, 2024 12:16    Post subject: R9000 - upgrade from +1year older version without reset Reply with quote
Hi,

I have R9000 running on r50927 (2022-11-21) and i would like to upgrade to the latest version (r55109) without reset, has anyone done this without issues?

Or maybe i should download one version from each month since 2022-12 and upgrade one by one until i reach r55109?
_________________
Netgear R9000
DD-WRT v3.0-r55109 std (02/27/24)
Router, AP, WDS, VAPs, SFE off
Firewall / NAT / VLANs
DNS / DHCP / DDNS / SSH / NTP / Syslog / Cron
Wireguard / OpenVPN
USB Storage / Entware (LIGHTTPD & TFTPD)
2.4GHz: Vanilla, N/G, VHT40, LDPC, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
5GHz: DD-WRT, AC/N, VHT80, Disass Low ACK, Shrt Preamble/GI, Singl Beamforming, Airt Fairness, WMM, ACK Time 500, WPA2(AES), WPA2 ENTP(AES)

TP-Link Archer C7 v2
DD-WRT v3.0-r55109 std (02/27/24)
Router, AP, WDS Station, VAPs, SFE off
SSH / NTP / Syslog / Cron
USB Storage / Entware (LIGHTTPD & TFTPD)
2.4GHz: N/G, VHT40, LDPC, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
5GHz: DD-WRT, AC/N, VHT80, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
Back to top View user's profile Send private message
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6440
Location: UK, London, just across the river..
PostPosted: Mon Feb 19, 2024 14:13    Post subject: Reply with quote
Yes you can update, without reset and if only something goes wrong than reset and manually reconfigure... Laughing just update...to the last build... Cool

if you run VPN client you nee to redo setting there, as OpenVPN module got an update to the last 2.6xx
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
mvrk
DD-WRT Novice


Joined: 20 Oct 2009
Posts: 44
Location: Czech Republic
PostPosted: Thu Feb 29, 2024 11:59    Post subject: Reply with quote
I'm running wireguard, and after the upgrade wireguard clients connect but they can't reach the LAN hosts anymore.

Seems some routing issue, if i enable "Bypass LAN Same-Origin Policy" (which NATs all wireguard clients traffic direction to LAN) works, but i don't want that, i have specific firewall rules on each LAN host to allow some wireguard clients to some services and also breaks my services logging (when wireguard client access some service on my LAN hosts it shows up as the dd-wrt router ip).

I guess need to return to r50927 for now.
_________________
Netgear R9000
DD-WRT v3.0-r55109 std (02/27/24)
Router, AP, WDS, VAPs, SFE off
Firewall / NAT / VLANs
DNS / DHCP / DDNS / SSH / NTP / Syslog / Cron
Wireguard / OpenVPN
USB Storage / Entware (LIGHTTPD & TFTPD)
2.4GHz: Vanilla, N/G, VHT40, LDPC, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
5GHz: DD-WRT, AC/N, VHT80, Disass Low ACK, Shrt Preamble/GI, Singl Beamforming, Airt Fairness, WMM, ACK Time 500, WPA2(AES), WPA2 ENTP(AES)

TP-Link Archer C7 v2
DD-WRT v3.0-r55109 std (02/27/24)
Router, AP, WDS Station, VAPs, SFE off
SSH / NTP / Syslog / Cron
USB Storage / Entware (LIGHTTPD & TFTPD)
2.4GHz: N/G, VHT40, LDPC, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
5GHz: DD-WRT, AC/N, VHT80, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
Back to top View user's profile Send private message
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6440
Location: UK, London, just across the river..
PostPosted: Thu Feb 29, 2024 14:21    Post subject: Reply with quote
Ever since your old build, WG has been updated and security reworked number of times..
to keep up with correct changes and up-today settings...
Thanks to egc WG guides and docs --> https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327397

Good to have a nice read... Cool
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
mvrk
DD-WRT Novice


Joined: 20 Oct 2009
Posts: 44
Location: Czech Republic
PostPosted: Thu Feb 29, 2024 23:15    Post subject: Reply with quote
Found the problem, i had the option "Allow Clients WAN Access" enabled which added a SNAT rule to nat everything coming from the wireguard network:

Chain POSTROUTING
target prot opt in out source destination
SNAT all -- * br0 x.x.x.x/xx 0.0.0.0/0 to:0.0.0.0


After disabling "Allow Clients WAN Access" everything works as before.
_________________
Netgear R9000
DD-WRT v3.0-r55109 std (02/27/24)
Router, AP, WDS, VAPs, SFE off
Firewall / NAT / VLANs
DNS / DHCP / DDNS / SSH / NTP / Syslog / Cron
Wireguard / OpenVPN
USB Storage / Entware (LIGHTTPD & TFTPD)
2.4GHz: Vanilla, N/G, VHT40, LDPC, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
5GHz: DD-WRT, AC/N, VHT80, Disass Low ACK, Shrt Preamble/GI, Singl Beamforming, Airt Fairness, WMM, ACK Time 500, WPA2(AES), WPA2 ENTP(AES)

TP-Link Archer C7 v2
DD-WRT v3.0-r55109 std (02/27/24)
Router, AP, WDS Station, VAPs, SFE off
SSH / NTP / Syslog / Cron
USB Storage / Entware (LIGHTTPD & TFTPD)
2.4GHz: N/G, VHT40, LDPC, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
5GHz: DD-WRT, AC/N, VHT80, Disassoc Low ACK, Short Preamble, Short GI, Airtime Fairness, WMM, ACK Timing 500, WPA2 (AES), WPA2 ENTP (AES)
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Atheros WiSOC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum