Kong R7000 Configuration Best Practices or Working Solutions

Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3 ... 5, 6, 7 ... 10, 11, 12  Next
Author Message
Pr3tty F1y
DD-WRT Novice


Joined: 07 Feb 2016
Posts: 5

PostPosted: Sun Feb 07, 2016 21:18    Post subject: Reply with quote
RichTJ99 wrote:
I am noticing an issue where I lose internet connectivity but my devices stay connected to the wireless. I am using the stock firmware (I had another R7000 with DDWRT but it fried during a lightning storm).

Is the internet disco a known R7000 issue?


I upgraded to the latest Kong build around the first of the year (first DD-WRT firmware upgrade in a long time) and was having the exact same stability issue. Everything looks like it's still connected as far as the router LEDs, but you can't actually access the internet on any device.

I'm not sure if I have a solution, but I can tell you what I have done so far.

I first tried to revert my R7000 back to stock Netgear firmware from http://support.netgear.com/product/R7000.

I thought this temporarily bricked my router as I could not access 192.168.1.1 with the auto ip/dns settings on my Win7 box connected over Cat6, so I tried reseting the router manually with a paper clip on the reset button in the rear of the device but it did not remedy my issue.

Following advice I found elsewhere, I manually configured my IP as follows:

IP: 192.168.1.2
Subnet: 255.255.255.0
Gateway: 192.168.1.1

Minimal progress - When I went back to 192.168.1.1, it would forward me to the web router setup site for netgear (some http://"myrouter.com" type BS that I didn't write down so I don't remember what it is), but no site actually would load. After trying to TFTP and telnet back into the router, I finally decided to just setup a manual IP/DNS as follows:

IP: 192.168.1.2
Subnet: 255.255.255.0
Gateway: 192.168.1.1

DNS1:192.168.1.1
DNS2:192.168.0.1

At that point, I got to the router, but I couldn't get in because the router wouldn't recognize the default password (or any combinations of common default passwords) or my original username/password for the DD-WRT install. I ended up telnet'ing in to the router. I found a guide elsewhere on the net saying use port "223" but I'm guessing that's a typo because the router was not accessible on that port. I ended up telnet'ing in on PuTTY on port 22, to ip 192.168.1.1.

I then entered the following command at the telnet prompt: nvram set http_password ""

This cleared out the password and I was able to go through the Netgear setup, but the router was still fucked up (e.g., the upper end of the IPs for my DHCP range was default but the lower end was some sort of error/garbage in each of the 4 boxes for the IPs).

So I then ran a factory reset from the Netgear web gui and went through the setup procedures again. At this point, I was able to set my IP config for my PC back to auto and it connected back in as it should.

I then used the Netgear gui to upgrade the router to DD-WRT v3.0-r29020M (02/04/16) from Kong's site at http://www.desipro.de/ddwrt/K3-AC-Arm/. So far, so good. But who knows, the router may up and kill itself again. I know build 25100M from http://www.desipro.de/ddwrt-ren/K3-AC-Arm/25100M/ is stable, but I'm hoping this whole procedure starting from scratch will make 29020M stable.

If any one else has any thoughts, I'd be happy to hear them.

EDIT: I believe I have achieved success. More than 1 day of uptime on my R7000 with Kong's 29020M (02/04/16) firmware. It wouldn't even last 4 hours prior to this. I hope at least someone else finds this helpful.

EDIT2: Given all of the above, I am assuming that DD-WRT's webgui based 'Factory Reset' does not reset the R7000 entirely. I had failed to mention that I had tried that earlier and was still experiencing the whole connected but not able to access anything effect.. However, reverting back to the Netgear firmware, using Netgear's gui to initiate a factory reset, and then flashing back to DD-WRT is what I believe corrected this issue.


Last edited by Pr3tty F1y on Tue Feb 09, 2016 22:04; edited 1 time in total
Sponsor
freddy0872
DD-WRT Novice


Joined: 07 Feb 2015
Posts: 27

PostPosted: Tue Feb 09, 2016 4:49    Post subject: Reply with quote
So i recently upgraded my DD-WRT installation on my R7000 to the 2-4-2016 build. I run "YaMon" as a bandwidth monitor. Everything has been working flawlessly up until my dd-wrt upgrade. Now after a short while.... things go slightly haywire. I get to a point where I can not TelNet into the router and once that happens the USB drive that is plugged into the router and mounted to /opt is wiped clean. It no longer contains any data. If i reboot the router i can then TelNet in... however the USB issue remains the same... I lose the data on the drive... Anyone have any ideas?
Or if someone has a link to an older build that I can possibly downgrade to that would be fabulous! Ive never downgraded.. Can i just simply run a firmware upgrade as if i was flashing a newer build?

Thanks in advance!
JAMESMTL
DD-WRT Guru


Joined: 13 Mar 2014
Posts: 856
Location: Montreal, QC

PostPosted: Tue Feb 09, 2016 5:57    Post subject: Reply with quote
dear god people this is not a 'i have a problem thread' but a solutions thread. unless you have a solution post elsewhere.

ps. malachi please delete all the crap from this thread including this post
linuxloon
DD-WRT Novice


Joined: 04 Sep 2014
Posts: 2

PostPosted: Tue Feb 09, 2016 17:41    Post subject: Policy Based routing and internet kill switch Reply with quote
Cross post from here but this seems a more appropriate place. http://www.dd-wrt.com/phpBB2/viewtopic.php?t=279891&postdays=0&postorder=asc&start=15


kongac DD-WRT with policy based routing and internet kill switch.

I found this thread useful and I'm posting a few things I had to figure out to get the kill switch in a DD-WRT based router to work correctly with policy based routing. I'm using a kongac 28000M and the kill switch is not automatic, at least with policy based routing in place.

For those not familiar with policy based routing it allows some IP's to use the VPN and others not use the VPN. This can be useful if you have a web server or VoIP phone that you don't want to use the VPN. I add the following commands to the policy based routing section of the openVPN client setup.
192.168.1.64/26
192.168.1.128/26
192.168.1.192/26
This puts anything with an IP greater than 64 on the VPN and anything with an IP less than 64 on the local inet connection. DHCP server gives out IP's greater than 64 and static IP's are assigned to the devices that won't be on the VPN

One thing I found is that iptables had to be fully pathed to work correctly in the start-up. ( Administration -> Commands -> Startup ) I added the following to put a 'kill switch' on anything using the VPN. IF the VPN dies the devices can't connect to the internet but the devices like the VoIP phone will still work.

/usr/sbin/iptables -I FORWARD -s 192.168.1.64/26 -o $(nvram get wan_iface) -j DROP
/usr/sbin/iptables -I FORWARD -s 192.168.1.128/26 -o $(nvram get wan_iface) -j DROP
/usr/sbin/iptables -I FORWARD -s 192.168.1.192/26 -o $(nvram get wan_iface) -j DROP

I found the iptables commands would work from the command line but not the start-up if the full path to the iptables was not used.

You can check if the policy is in place by doing a iptables -L from the command line and look for the following

Chain FORWARD (policy ACCEPT)
target prot opt source destination

DROP 0 -- 192.168.1.192/26 anywhere
DROP 0 -- 192.168.1.128/26 anywhere
DROP 0 -- 192.168.1.64/26 anywhere

Now all I need to do is find a way to reliable restart the VPN from cron. I'm finding the VPN dies after a few days. For now I just do a daily reboot. I have also found the Internet kill switch is not 100% reliable.
Night Prowler
DD-WRT Novice


Joined: 15 Jan 2016
Posts: 49

PostPosted: Wed Feb 10, 2016 1:48    Post subject: Re: Policy Based routing and internet kill switch Reply with quote
linuxloon wrote:
One thing I found is that iptables had to be fully pathed to work correctly in the start-up. ( Administration -> Commands -> Startup ) I added the following to put a 'kill switch' on anything using the VPN. IF the VPN dies the devices can't connect to the internet but the devices like the VoIP phone will still work.

/usr/sbin/iptables -I FORWARD -s 192.168.1.64/26 -o $(nvram get wan_iface) -j DROP
/usr/sbin/iptables -I FORWARD -s 192.168.1.128/26 -o $(nvram get wan_iface) -j DROP
/usr/sbin/iptables -I FORWARD -s 192.168.1.192/26 -o $(nvram get wan_iface) -j DROP

I found the iptables commands would work from the command line but not the start-up if the full path to the iptables was not used.

You can check if the policy is in place by doing a iptables -L from the command line and look for the following

Chain FORWARD (policy ACCEPT)
target prot opt source destination

DROP 0 -- 192.168.1.192/26 anywhere
DROP 0 -- 192.168.1.128/26 anywhere
DROP 0 -- 192.168.1.64/26 anywhere

Now all I need to do is find a way to reliable restart the VPN from cron. I'm finding the VPN dies after a few days. For now I just do a daily reboot. I have also found the Internet kill switch is not 100% reliable.


Your iptable commands should go into the firewall rules, not the startup, and its not necessary to use the full path.

Code:
iptables -I FORWARD -s 192.168.1.64/26 -o $(nvram get wan_iface) -j DROP
iptables -I FORWARD -s 192.168.1.128/26 -o $(nvram get wan_iface) -j DROP
iptables -I FORWARD -s 192.168.1.192/26 -o $(nvram get wan_iface) -j DROP

Not sure why you are having to restart the VPN. So far I've never had the VPN go down. The latest firmware has been rock solid: DD-WRT v3.0-r29020M kongac (02/04/16)

With policy based routing anything on the VPN should cease to work as soon as the VPN goes down.

_________________
Michael Steele
baxtex
DD-WRT User


Joined: 30 Dec 2014
Posts: 79

PostPosted: Thu Feb 18, 2016 11:42    Post subject: Reply with quote
What is the difference between Kong, Slayer and DD-WRT build?
Night Prowler
DD-WRT Novice


Joined: 15 Jan 2016
Posts: 49

PostPosted: Thu Feb 18, 2016 14:38    Post subject: Reply with quote
baxtex wrote:
What is the difference between Kong, Slayer and DD-WRT build?


Both developers are working off the same official DD-WRT source code, and contributing to the same source code.

Brainslayer builds covers a much broader range of routers. This makes it far harder to test all his releases.

Kongs builds cover far fewer router which makes testing far easier. Kong also likes to add some extra goodies to his released builds.

I don't believe we will ever see an identical build number coming from these two developers.

I'm not completely sure but I think BrainSlayers builds is what's know as the official DD-WRT build?

Maybe someone could chime in her and correct any of my mistakes?

_________________
Michael Steele
baxtex
DD-WRT User


Joined: 30 Dec 2014
Posts: 79

PostPosted: Thu Feb 18, 2016 14:58    Post subject: Reply with quote
Night Prowler wrote:
baxtex wrote:
What is the difference between Kong, Slayer and DD-WRT build?


Both developers are working off the same official DD-WRT source code, and contributing to the same source code.

Brainslayer builds covers a much broader range of routers. This makes it far harder to test all his releases.

Kongs builds cover far fewer router which makes testing far easier. Kong also likes to add some extra goodies to his released builds.

I don't believe we will ever see an identical build number coming from these two developers.

I'm not completely sure but I think BrainSlayers builds is what's know as the official DD-WRT build?

Maybe someone could chime in her and correct any of my mistakes?


Thanks, then it should in theory be better to use Kongs build if they are available for my router?(R7000)
Night Prowler
DD-WRT Novice


Joined: 15 Jan 2016
Posts: 49

PostPosted: Thu Feb 18, 2016 16:39    Post subject: Reply with quote
baxtex wrote:
Night Prowler wrote:
baxtex wrote:
What is the difference between Kong, Slayer and DD-WRT build?


Both developers are working off the same official DD-WRT source code, and contributing to the same source code.

Brainslayer builds covers a much broader range of routers. This makes it far harder to test all his releases.

Kongs builds cover far fewer router which makes testing far easier. Kong also likes to add some extra goodies to his released builds.

I don't believe we will ever see an identical build number coming from these two developers.

I'm not completely sure but I think BrainSlayers builds is what's know as the official DD-WRT build?

Maybe someone could chime in her and correct any of my mistakes?


Thanks, then it should in theory be better to use Kongs build if they are available for my router?(R7000)

I have the R7000 router, used both builds, and I've been very happy with Kongs build.

_________________
Michael Steele
RonD2016
DD-WRT Novice


Joined: 03 Mar 2016
Posts: 1

PostPosted: Thu Mar 03, 2016 15:21    Post subject: Reply with quote
"Traditional 30-30-30 resets are useless on ARM based routers."

The Kong R7000 Config and Best practices or Working Solutions states the above. But the DD-WRT Installation Wiki says that must read Peacock thread before doing anything and Peacock thread says must do 30-30-30 reset except for some Linksys and other specific (not R7000) routers!

WHICH IS CORRECT!!!!
Night Prowler
DD-WRT Novice


Joined: 15 Jan 2016
Posts: 49

PostPosted: Thu Mar 03, 2016 21:11    Post subject: Reply with quote
RonD2016 wrote:
"Traditional 30-30-30 resets are useless on ARM based routers."

The Kong R7000 Config and Best practices or Working Solutions states the above. But the DD-WRT Installation Wiki says that must read Peacock thread before doing anything and Peacock thread says must do 30-30-30 reset except for some Linksys and other specific (not R7000) routers!

WHICH IS CORRECT!!!!

I think the 30-30-30 is for non-ARM processors.

_________________
Michael Steele
MrPete
DD-WRT User


Joined: 09 Jul 2013
Posts: 82

PostPosted: Mon Mar 07, 2016 15:59    Post subject: Reply with quote
Is there any way we can get that first-intro sticky to be changed, and maybe even the Peacock thread?

I can tell you as a recently-refreshing user, moving to ARM-based, it was quite confusing. We have a LOT of conflicting information much in need of cleanup... and unfortunately while there are many informed and qualified people here, apparently we can't improve the situation ourselves Sad
trappert
DD-WRT Novice


Joined: 29 Dec 2015
Posts: 23
Location: Brooklyn, NY USA

PostPosted: Tue Mar 08, 2016 20:29    Post subject: Reply with quote
It seems that whenever I upgrade to the newest Kong build that has the 4.4.4 kernal my Wifi speeds start out fast then slow down. So now I am just staying with 29020 with the 3.10.96 kernal. It is the most stable and gives me the best range.

The only other version that could have been stable was 28600 if it was not for Airtime fairness kept turning on. Even running the command script it will turn on after reboot. With 29020 Airtime fairness is off by default.

_________________
Netgear R7000
DD-WRT v3.0-r29300M kongac (03/27/16)
Cats are the best pets.
yv1650c
DD-WRT Novice


Joined: 01 May 2011
Posts: 26

PostPosted: Mon Mar 14, 2016 21:45    Post subject: VPN fot bitcoin mining device access Reply with quote
Hello,

I am trying to install a VPN in order to access remote to my bitcoin mining devices. I access to those machines when I am connected to the wireless network on my office like I access to the router address.

What I need to do is to access from home to those machines config ip, and what I've reading i need to do VPN.

I tried, but unsuccessfully. It is complicated to create a VPN connection from outside the net.

Thank you.

BTW: Netgear 7000 DD-WRT v3.0-r29230M kongac (03/10/16)
ciscodlink
DD-WRT User


Joined: 13 May 2014
Posts: 273

PostPosted: Tue May 31, 2016 13:06    Post subject: Reply with quote
So I test stock, Kong and also Tomato.
I have to say that Kong is the best out of those three for me.

The only downsides / wishes I would have (from comparison with the others):

1. CTF / HW Acceleration (like stock and Tomato)
2. An "Port" overview with the status of each port like Tomato has (so that I can easily check e.g. if device on ethernet 3 is full 1gbit and if not, I can check why it isn't).
3. Update notification -> let the router send me an e-mail when there is a new update.
4. New wireless device notification -> let the router send me an e-mail when a new device has joined my wifi (intruder dedection?).
5. DNSCrypt

Those are the only things I would miss with Kongs DD-WRT... but other than that if has gives me the best coverage in my crowded apartment building and was the most stable firmware I used during my testings.

Thank you Kong, thank you DD-WRT !
Goto page Previous  1, 2, 3 ... 5, 6, 7 ... 10, 11, 12  Next Display posts from previous:    Page 6 of 12
Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum