3576 Commits

Author SHA1 Message Date
Camille Bilodeau
bb46b635df ar71xx: move Arduino Yun to generic building code
Migrate Arduino Yun from legacy to generic building code.

Note: the mtd partitioning is changed to adopt the LEDE default
partitioning. It allows to have a kernel bigger than 1280k. It is
necessary as kernel > 4.4 with default LEDE configuration grows
bigger.

To use the new partitioning, you need to update your U-Boot env in
advance:

setenv mtdparts "spi0.0:256k(u-boot)ro,64k(u-boot-env),15936k(firmware),64k(nvram),64k(art)ro"
setenv bootcmd "run addboard; run addtty; run addparts; run addrootfs; bootm 0x9f050000 || bootm 0x9fea0000"
saveenv

Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
2017-06-29 10:37:36 +02:00
Camille Bilodeau
2fa58a8d7c ar71xx: remove Arduino Yun 8 MiB prototype
The Arduino Yun has 16 MiB flash. Early prototype boards with 8 MiB were
not available for sell:

https://blog.arduino.cc/2013/08/21/updating-about-arduino-yun-and-arduino-robot/

Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
2017-06-29 10:37:36 +02:00
Leon M. George
3e12ca2355 ar71xx: wpj344: set MAC on wan
Signed-off-by: Leon M. George <leon@georgemail.eu>
2017-06-29 10:37:36 +02:00
Leon M. George
98c5a71dfd ar71xx: wpj344: remove unused eth1 device
Signed-off-by: Leon M. George <leon@georgemail.eu>
2017-06-29 10:37:36 +02:00
Leon M. George
c777fd8a7e ar71xx: wpj344: read MAC addresses from u-boot mtd
This way, the assigned addresses match those on the barcode labels.
Otherwise, the addresses appear to vary on boot.

Signed-off-by: Leon M. George <leon@georgemail.eu>
2017-06-29 10:37:36 +02:00
Stijn Tintel
880f73c327 kernel: cleanup CONFIG_SCHED_HRTICK
Remove CONFIG_SCHED_HRTICK from target configs, as it was added to the
generic config in b47fd7656336162360ebf66147326763ddae3f8d.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-29 04:46:59 +02:00
Stijn Tintel
f80963d4d1 kernel: update kernel 4.4 to 4.4.74
Refresh patches.
Compile-tested on ar71xx.
Runtime-tested on ar71xx.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-27 07:42:50 +02:00
Alexander Couzens
d98cafc7b6
ar71xx/images/senao: fix reproducible issue using tar
Use deterministic sorting
Use numeric owner/group
Set uid/gid to 0

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-25 12:14:26 +02:00
Alexander Couzens
d6331d5583 ar71xx/image: make tar calls reproducible
Use --mtime when SOURCE_DATE_EPOCH is set.
Use gzip -n9z instead of tar z to remove
timestamp in gzip header.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-25 12:11:41 +02:00
Mathias Kresin
e7cd6f5d66 ar71xx: add AVM FRITZ!WLAN Repeater 300E support
Specifications:
* SoC: AR7242 (Virian 400MHz)
* RAM: 64 MB DDR (W9751G6JB-25)
* Flash: 16MB SPI flash (S25FL129PIF)
* WiFi: AR9382 (2.4/5GHz) + 2x SE2595L
* LAN: 1x1000M (PEF7071V)

To install LEDE via EVA bootloader, a FTP connection need to be
established to 192.168.178.1 within the first seconds after power on:

  ftp> quote USER adam2
  ftp> quote PASS adam2
  ftp> binary
  ftp> debug
  ftp> passive
  ftp> quote MEDIA FLSH
  ftp> put lede-ar71xx-generic-fritz300e-squashfs-sysupgrade.bin mtd1

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-06-24 22:36:38 +02:00
Mathias Kresin
0605b15be4 ar71xx: add AR724x PCIe init fixes
Add upstream send AR724x PCIe patches to get the PCIe controller out of
reset during driver init.

The AVM Fritz 300E bootloader doesn't take care of releasing the
different PCIe controller related resets which causes an endless hang
as soon as either the PCIE Reset register (0x180f0018) or the PCI
Application Control register (0x180f0000) is read from.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-06-24 22:36:38 +02:00
Piotr Dymacz
3ff31586eb ar71xx: image: simplify TP-Link devices definitions
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:18 +02:00
Piotr Dymacz
8b556fb056 ar71xx: image: fix TP-Link TL-WR710N v2/v2.1 BOARDNAME
All TP-Link TL-WR710N versions share the same machine code.

This has been working since the beginning as we don't use double-quotes
to protect spaces inside command line values. Thus, kernel interprets
'board=TL-WR710N v2' as 'board=TL-WR710N' and separate parameter 'v2'.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:18 +02:00
Piotr Dymacz
7efe0cd83d ar71xx: image: tp-link.mk: keep devices in alphabetical order
Keep TP-Link devices definitions in alphabetical order whenever it's
possible. Also group together similar devices or devices from the same
series.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:18 +02:00
Piotr Dymacz
a41f38e61d ar71xx: base-files: cleanups in 10-ar922x-led-fix
Fix code style, indentation and leading/trailing whitespaces in:
/etc/hotplug.d/net/10-ar922x-led-fix

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:18 +02:00
Piotr Dymacz
b73cb365d5 ar71xx: base-files: cleanups in 11-ath10k-caldata
Fix code style and boards alphabetical order in:
/etc/hotplug.d/firmware/11-ath10k-caldata

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:18 +02:00
Ludwig Thomeczek
b4711dbad3 ar71xx: add support for TP-Link Archer C25 v1
The TP-Link Archer C25 is a low-cost dual-band router.

Specification:

- CPU: Atheros QCA9561 775 MHz
- RAM: 64 MB
- Flash: 8 MB
- Wifi: 3x3 2.4 GHz (integrated), 1x1 5 GHz QCA9887
- NET: 5x 10/100 Mbps Ethernet

Some LEDs are controlled by an additional 74HC595 chip.

Signed-off-by: Ludwig Thomeczek <ledesrc@wxorx.net>
[minor code style fixes, boards alphabetical order fixes,
reworked commit message]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:18 +02:00
Serg Studzinskii
b7cc661615 ar71xx: add support for TP-Link TL-WR942N v1
TP-Link TL-WR942N v1 is a 2.4 GHz single-band N450 router, based on
Qualcomm/Atheros QCA9561.

Specification:

- 775/650/258 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 5x 10/100 Mbps Ethernet
- 2x USB 2.0
- 11x LED (most are controlled by 74HC595)
- 2x button
- UART header on PCB*

* Serial console is disabled in OEM non-beta firmwares and corresponding
  GPIO pins 14 and 15 are assigned to control USB1 and USB2 LEDs by
  production (non-beta) U-Boot and firmware.

Currently not working:

1. USB1 and USB2 LEDs if UART RX and TX pins are assigned to their GPIOs
   by some U-Boot versions.

Flash instruction under vendor GUI:

1. Download "lede-ar71xx-generic-tl-wr942n-v1-squashfs-factory.bin".
2. Go to WEB interface and perform usual firmware upgrade.

FLash instruction under U-Boot recovery mode (doesn't work in beta
firmware):

1. Setup PC with static IP "192.168.0.66/24" and tftp server.
2. Change "*-factory" image filename to "WR942v1_recovery.bin" and make
   it available to download from your tftp server.
3. Press "reset" button and power up the router, wait till "WPS" LED
   turns on.

Flash instruction under U-Boot, using UART (can be done only with
preinstalled UART-enabled U-Boot version!):

1. Use "tpl" to stop autobooting and obtain U-Boot CLI access.
2. Setup ip addresses for U-Boot and your tftp server.
3. Issue below commands:
   tftp 0x81000000 lede-ar71xx-generic-tl-wr942n-v1-sysupgrade.bin
   erase 0x9f020000 +$filesize
   cp.b 0x81000000 0x9f020000 $filesize
   reset

Signed-off-by: Serg Studzinskii <serguzhg@gmail.com>
[minor code style fixes, extended commit message]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:17 +02:00
Piotr Dymacz
641af0c39d ar71xx: move WRTnode2Q to generic build target
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:17 +02:00
Piotr Dymacz
636ae9e9a0 ar71xx: image: simplify Ubiquiti devices definitions
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:17 +02:00
Piotr Dymacz
01aa23acf7 ar71xx: image: mikrotik: shorten DEVICE_TITLE
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:17 +02:00
Piotr Dymacz
7bc5571d14 ar71xx: image: use simply expanded variables
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:32:17 +02:00
Piotr Dymacz
80136e57a4 ar71xx: image: update GL.iNet boards DEVICE_TITLE
Use "GL.iNet" as vendor name (based on information from the vendor, this
is registered name of the company) and align model names with official
website.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:31:25 +02:00
Piotr Dymacz
93198b8335 ar71xx: image: fix 8devices boards DEVICE_TITLE
Be consistent with DEVICE_TITLE syntax and use vendor + board names.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:30:05 +02:00
Piotr Dymacz
bd92a6cf57 ar71xx: image: drop unused mtdlayouts from legacy.mk
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:22:46 +02:00
Piotr Dymacz
708cc2bd3c ar71xx: image: cosmetic: drop redundant empty lines
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:22:46 +02:00
Piotr Dymacz
e83cac1a8f ar71xx: image: add ROOTFS_SIZE to DEVICE_VARS
Also use ROOTFS_SIZE variable in place of static values.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:22:46 +02:00
Piotr Dymacz
c00fb14329 ar71xx: image: keep custom Build/* functions in separate files
Most of the custom Build/* functions in ar71xx target are rarely used by
image building code for devices from more than one subtarget. As they
don't need to be always included, move them to corresponding *.mk files.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:22:46 +02:00
Piotr Dymacz
3a3cd0ac43 ar71xx: image: keep DEVICE_VARS and Build/* at the beginning
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 21:21:45 +02:00
Piotr Dymacz
af27dd1a51 ar71xx: image: simplify Compex devices definitions
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 19:06:49 +02:00
Piotr Dymacz
43c0ef1010 ar71xx: image: drop redundant kmod-usb-ohci from DEVICE_PACKAGES
kmod-usb-ohci is needed only on devices with AR71xx and AR7240 SoCs.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 19:06:49 +02:00
Piotr Dymacz
05e276c071 ar71xx: image: drop redundant uboot-envtools from DEVICE_PACKAGES
uboot-envtools is already included in DEFAULT_PACKAGES for ar71xx.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-06-11 19:06:49 +02:00
Kevin Darbyshire-Bryant
8960f2b80c
ar71xx: fixup ar71xx/ar933x_wmac_reset: remove indefinite wait for wmac reset
Fix malformed patch introduced by 296312fca13a4cab1d157e0474e1f0bcca6adf5c

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-06-11 17:12:45 +02:00
Alexander Couzens
ab11618001 ar71xx/ar93xx_wmac_otp_read_word: fix wrongly used sizeof(*u)
Found-by: Coverity Scan #1330474
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-11 14:22:44 +02:00
Alexander Couzens
296312fca1 ar71xx/ar933x_wmac_reset: remove indefinite wait for wmac reset
Found-by: Coverity Scan #1329327
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-11 14:22:44 +02:00
Alexander Couzens
1025941662 ar71xx/ag71xx_ethtool: don't return uninitialized return value on success
ag71xx_ethtool_set_ringparam() will return an uninitialized value on
success.

Found-by: Coverity Scan #1330877
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-11 14:22:44 +02:00
Alexander Couzens
64cd4b48e8 ar71xx/ag71xx_mdio_probe: fix a memory leak when probe fails
Found-by: Coverity Scan #1330233
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-11 14:22:44 +02:00
Alexander Couzens
d18cb142d5 ar71xx/ag71xx_ar7240_get_port_link: fix off-by-one check on argument port
Found-by: Coverity Scan #1329901
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-11 14:22:44 +02:00
Jo-Philipp Wich
f4a4f324cb kernel: update kernel 4.4 to 4.4.71
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-07 21:40:42 +02:00
Sergey Sergeev
9e1bc27e6d ar71xx: Fix UBIFS work on Mikrotik RB95x devices
If nand chip has no NAND_NO_SUBPAGE_WRITE flag on its options
ubifs can't use it mtd devices and the kernel crashes with error:
__nand_correct_data: uncorrectable ECC error

Signed-off-by: Sergey Sergeev <adron@yapic.net>
2017-05-31 11:36:21 +02:00
Jo-Philipp Wich
66f25c98e0 ar71xx: disable ENS202EXT in mikrotik and nand subtargets
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-31 02:40:47 +02:00
Piotr Dymacz
6173f6d8f1 ar71xx: move Wallys DR344 to generic build target
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-30 14:34:09 +02:00
Piotr Dymacz
18d5cee2a8 ar71xx: fix Wallys DR344 GPIO-connected LEDs and button
This fixes wrong GPIO numbers for LEDs and button in Wallys DR344 board
and sets color of all LEDs to green as the mass production boards have
only green one.

Actually, DR344 has 6 GPIO-connected LEDs and one button:

- GPIO11: status
- GPIO12: sig1
- GPIO13: sig2
- GPIO14: sig3
- GPIO15: sig4
- GPIO16: reset button
- GPIO17: lan

WAN LED is connected directly with AR8035 PHY.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-30 14:34:04 +02:00
Piotr Dymacz
6713640b52 ar71xx: set GE interface as wan by default in Wallys DR344
This aligns default network interfaces configuration with vendor
firmware: GE (eth0) -> wan, FE (eth1) -> lan.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-30 14:15:25 +02:00
Piotr Dymacz
c7bc8a9a13 ar71xx: fix GE interface support in Wallys DR344
GMAC0 interface of AR9344 SOC in Wallys DR344 board is connected with
AR8035, not with AR8327. Without this fix, GE interface doesn't work at
all or shows high packet loss ratio.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-30 14:15:25 +02:00
Marty Plummer
558d86923e ar71xx: add support for EnGenius ENS202EXT
EnGenius ENS202EXT is an outdoor wireless access point with
2-port 10/100 switch, detachable antennas and proprietery PoE.

The device is based on Qualcomm/Atheros AR9341 v1.

Specifications:
- 535/400/200 MHz (CPU/DDR/AHB)
- 64 MB of RAM
- 16 MB of FLASH
- UART (J1) header on PCB (unpopulated)
- 2x 10/100 Mbps Ethernet
- 2.4 GHz, up to 26dBm
- 2x external, detachable antennas
- 7x LED, 1x button

Flash instructions:

You have three options:

- Use the vendor firmware upgrade page on the web interface and give
it the factory.img. This is the easiest way to go about it.

- If you have serial access during u-boot, interrupt the normal boot
(any key before timeout) and run 'run failsafe_boot'; this will bring
you to a minimal openwrt luci image on ip 192.168.1.1 useful if you've
bricked the normal firmware.

- Use the vendor's management cli, which can be accessed via telnet
with the same credentials as the web login (default admin:admin), then
issue the following commands:

*** Hi admin, welcome to use cli(V-1.6.7) ***
---========= Commands Help =========---
      stat -- Status
       sys -- System
    wless2 -- 2.4G-Wireless
      mgmt -- Management
      tree -- Tree
      help -- Help
    reboot -- Reboot
ens202ext>mgmt
  Management
---========= Commands Help =========---
     admin -- Administration
     mvlan -- Management VLAN settings
      snmp -- SNMP settings
    backup -- Backup/Restore settings
    autorb -- Auto reboot settings
   fwgrade -- Firmware upgrade
      time -- Time settings
   wifisch -- Wifi schedule
       log -- Log
      diag -- Diagnostics
      disc -- Device Discovery
    logout -- Logout
      help -- Help
      exit -- Exit
ens202ext/mgmt>fwgrade
  Management --> Firmware upgrade
---========= Commands Help =========---
      fwup -- Firmware upgrade
      help -- Help
      exit -- Exit
ens202ext/mgmt/fwgrade>fwup http://web.server/lede-ar71xx-generic-ens202ext-squashfs-factory.bin

Signed-off-by: Marty Plummer <ntzrmtthihu777@gmail.com>
2017-05-30 14:15:25 +02:00
Andrey Polischuk
0f21873f7f ar71xx: fix LED defines for TP-Link TL-WR740N v6
Signed-off-by: Andrey Polischuk <androld.b@gmail.com>
[changed commit subject, dropped redundant kernel config symbol]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-05-30 14:15:25 +02:00
Filip Moc
43e4e1f4a5 Move enablemodem from ramips to new package adb-enablemodem and make it used also by TL-MR6400
Signed-off-by: Filip Moc <lede@moc6.cz>
2017-05-27 07:54:40 +02:00
Filip Moc
a639cbfd00 ar71xx: Add support for TP-Link MR6400
You can flash via tftp recovery (serve factory image as /mr6400_tp_recovery.bin
on 192.168.0.66/24, connect to any ethernet port and power on device while
holding the reset button). Flashing via OEM web interface does not work.

Hardware Specification (v1.0 EU):
 - SoC: QCA9531
 - Flash: Winbond W25Q64FV (8MiB)
 - RAM: EtronTech EM6AB160TSE-5G (64MiB)
 - Wireless: SoC platform only (2.4GHz b/g/n, 2x internal antenna)
 - Ethernet: 2NIC (3x100M + 1x100M)
 - WWAN: TP-LINK LTE MODULE (2x external detachable antenna)
 - Power: DC 12V 1A

Signed-off-by: Filip Moc <lede@moc6.cz>
2017-05-27 07:54:21 +02:00
René Mayrhofer
e457d22261 Make GBit switch work on RB2011
This change is required to make the GBit switch work on my Mikrotik Routerboard RB2011UiAS-RM, and I assume that the other RB2011 variants are exactly the same in terms of the switch. I have tested the board without and with the patch and confirm that the GBit ports are not supported at all (i.e. no communication works) with the current version in trunk and that everything works with the patch applied. The test box has been running for a few days with the patch applied, and does not show any performance problems in a test setting. I have not used it with LEDE in production so far, but with a previous turnk version of OpenWRT for many years - with the same patch applied. I therefore have good indication that it is stable.

For the record, the switch chip on my test box is identified as
	switch0: Atheros AR8327 rev. 4 switch registered on ag71xx-mdio.0

The value 0x6f000000 has been taken from the table at https://wiki.openwrt.org/toh/mikrotik/rb2011uias with the previous discussion thread still online at https://lists.openwrt.org/pipermail/openwrt-devel/2014-December/029949.html.
One definite improvement from the older OpenWRT trunk version I have been running in production and current LEDE trunk is that the SFP interface can be kept in the default configuration without excessive kernel messages about it constantly going up and down. I have not yet tested an actual SFP module, though.

Performance seems to be reasonable. Routing between two GBit ports on that switch separated by different VLANs with the default firewall ruleset (and one additional rule two allow traffic between the VLANs), but without NAT, iperf3 results are:
	[ ID] Interval           Transfer     Bandwidth       Retr
	[  4]   0.00-10.00  sec   508 MBytes   426 Mbits/sec  102             sender
	[  4]   0.00-10.00  sec   506 MBytes   425 Mbits/sec                  receiver
With a connection going through NAT (also 2 ports on the same GBit switch, same ruleset, but NAT active), routing performance drops to around 250 MBit/s.
(Note that RouterOS achieves beyond 900 MBit/s on the same hardware with the default rule set and the FastTrack rule active even for NAT, see https://wiki.mikrotik.com/index.php?title=Manual:IP/Fasttrack and http://www.mikrotik.com/download/share/FastTrack.pdf).

Summarizing, I strongly recommend to apply this patch in trunk, so that the GBit switch chip rev. 4 can be supported upstream in the next LEDE release (hopefully soon).

Signed-off-by: René Mayrhofer <rene@mayrhofer.eu.org>
2017-05-25 09:22:42 +02:00