Canadian TV, Computing and Home Theatre Forums banner
1 - 11 of 11 Posts

·
Registered
Joined
·
3 Posts
Discussion Starter · #1 ·
I've been watching this forum as an unregistered user for a while and have benefitted greatly from the work of file and others to suss out the workings of the FibreOp service and especially file's dedication to creating a firmware image that makes it easy for folks to get an ASUS RT-N56U and replace the Actiontec unit with it. I ran file's firmware for a couple of months and was very very happy with it.

As a result of some web searching I did one day, however, I discovered that there's another custom firmware option out there being developed by some Russian folks and spearheaded by a guy called Padavan. The initial p-series release by this group didn't offer anything terribly interesting that would make me consider it over file's firmware (especially considering it apparently had some stability issues and 95% of the available support was in Russian). That all changed a couple of months ago when the b-series was released which integrated a newer linux kernel from yet another firmware project called "wive-rtnl". This other (also Russian) project releases firmwares for routers from Acorp which happen to be based on a similar hardware core as the ASUS. The kernel itself is, I believe, newer, and claims significant backports from later versions still. But what is more interesting (and impressive) is the complete reworking of the drivers for the RA-Link chips. A quick browse through the source reveals at the very least much much cleaner and more documented code. I immediately noticed some features that I wanted to try out, with WAN Port Isolation being at the top of the list. As it turns out, port isolation is impossible when you run VLANs (as you have to do for FibreOp), but there were enough other features that I'm sticking with it.

Some of the additional features include:
  • Ability to specify additional LAN ports for TV (port 1, port 2, port 3, port 4, ports 1 & 2, ports 1 & 2 & 3, ports 3 & 4)
  • Ability to specify HW NAT offloading for LAN-only or LAN-and-WIFI (not sure if this means the original ASUS firmware only did offloading for LAN or not)
  • Guest SSID (with optional isolation from main SSIDs) on both 2.4GHz and 5GHz radios
  • Built-in bittorrent client (transmission)
  • Built-in VPN Server (PPTP)
  • Built-in SFTP server (basically an openssh build with only sftp enabled)
  • Complete removal of WPS support (for security reasons) and replacement with configurable actions for the WPS button
  • Optware package support including pre-built packages for mt-daapd, xupnpd, aria2, minidlna, and a few others (must plug in a USB drive for these)
  • Latest versions come in original GUI and brand-new (and much cleaner) new GUI flavors
  • Quite a few more knobs to twiddle and frobs to frob (some of which are at best inapplicable to FibreOp and at worst dangerous)

On the downside, a few versions ago the "pre-configurations" for ISPs were removed, so ISP configuration is manual-only (not difficult, mind, but manual). And although the group doing the firmware seems to be responsive to bug reports in English (and provides English READMEs and Changelogs), they are native Russian speakers so 95% of the information regarding the firmware is in Russian.

I wanted to put this out there because I'm sure there are folks who are interested in some of the above features. I would caution all, however, that you're not going to get the same kind of ease-of-use and support for this firmware that file has been providing on this forum for his firmware.

The latest version of the Padavan firmware can be found at this site in the downloads section:
http://code.google.com/p/rt-n56u/

The latest versions are (he's abandoned the -p# and -b# numbering although the last versions of each are still available, namely -p2 and -b5):
RT-N56U_1.1.2.1-004_oldgui.zip
RT-N56U_1.1.2.1-004_newgui.zip

There are also "mini" variants that are a tad (~1MB smaller); not sure what is not included.

A working FibreOp configuration with TV on LAN4 looks like this (under WAN - Internet Connection at the bottom):
Choose IPTV STB Port: LAN4
VLAN Tagged Traffic Filter: (on)
VLAN CPU: VID 35 PRIO 0
VLAN LAN4: VID 34 PRIO 4 Untag checked

I do not know whether it is possible to accomplish file's "passthrough" mode through manual configuration.

If you choose to install this, please note that the Region Code for both 2.4GHz and 5GHz wireless radios is set to Europe. While it's probably not a big deal, you could theoretically run afoul of the CRTC if you don't switch these to USA.
 

·
Registered
Joined
·
965 Posts
Yes, I've seen both of those projects before but steered clear from a personal legal perspective. Some of the code looked like it wasn't released under an open source license as the headers still had standard confidential proprietary license headers.

I can explain why you can't do port isolation when VLANs are in use though! VLANs are used to accomplish port isolation and the switch chipset is shared between WAN and LAN, so if you create VLAN 35 for FibreOP internet it is accessible to your LAN ports - causing a potential conflict. Certainly possible though with enough logic to ensure all the VLANs don't conflict.
 

·
Registered
Joined
·
3 Posts
Discussion Starter · #3 ·
Yes, I've seen both of those projects before but steered clear from a personal legal perspective. Some of the code looked like it wasn't released under an open source license as the headers still had standard confidential proprietary license headers.
A valid concern if you're publishing code (which you are). Sometimes vendors are a little lax about removing proprietary notices, e.g., I note following from the official ASUS code your source tree (rtn56u / user / httpd / web_ex.c):

Code:
 * This is UNPUBLISHED PROPRIETARY SOURCE CODE of ASUSTeK Inc.;
 * the contents of this file may not be disclosed to third parties, copied or
 * duplicated in any form, in whole or in part, without the prior written
 * permission of ASUSTeK Inc..
The obvious difference here is that you know you got the source directly and through a public channel from ASUS whereas there doesn't seem to be any provenance for parts of the RealTek switch ASIC driver in the wive project. I don't see any download links for such code on any RealTek website and it's not clear to me where the original ACorp source firmware source came from (one reading of the wive project page makes it sound like one wive version is the official firmware) and whether it contained the RealTek code or whether the RealTekcode was added later. It'll remain to be seen whether someone gets a C&D at some point.

That all said, I totally understand your playing it safe in that regard. I'm not feeling any similar compunction because I'm just pointing at it, not publishing it ;) I might dig around the OpenWRT source, as they've got a nice-looking driver for the same chip that's got some similarities to the wive one, but is definitely different.

I can explain why you can't do port isolation when VLANs are in use though! VLANs are used to accomplish port isolation and the switch chipset is shared between WAN and LAN, so if you create VLAN 35 for FibreOP internet it is accessible to your LAN ports - causing a potential conflict. Certainly possible though with enough logic to ensure all the VLANs don't conflict.
What made me think it would be possible is the member/untag layout for VLAN 34:
Code:
rtl8367m - create vlan: pvid=[34], prio=[4], member=[0x0011], untag=[0x0001], fid=[2]
vlan 34 member mask     0x11    =       00000000 00010001
vlan 34 untag mask      0x1     =       00000000 00000001
If I recall correctly, bit 5 is WAN, and then bits 4 through 1 are LAN ports 1 through 4. So the above member mask says that WAN and LAN4 are members and the untag mask says that tags are removed on egress from LAN4. Bits 9 and 10 are the two switch CPU "ports" which aren't engaged.

This is in contrast to the VLAN 35 layout (this is from Padavan, the joshnet firmware does it differently):
Code:
rtl8367m - create vlan: pvid=[35], prio=[0], member=[0x0210], untag=[0x0200], fid=[1]
vlan 35 member mask     0x210   =       00000010 00010000
vlan 35 untag mask      0x200   =       00000010 00000000
Here, only the WAN and one of the CPU ports are members and packets are untagged at the CPU port (evidently that's CPU port 1, which is egress to the LAN). In VLAN 34 I took that to mean that the CPU wasn't being engaged; that's probably a faulty assumption and I misunderstood either the diagrams or what isolation actually is :D

I am also interested to see if at some point someone takes the time to get the (apparently supported) port mirroring going (mostly because port mirroring is cool, not because I've got a real use for it...).
 

·
Registered
Joined
·
965 Posts
Yes, you can control the tagging and untagging but the VLAN itself exists as an entity for both, so if you give the user control and they use the same VLAN for port isolation... badness. If you do everything behind the scenes and write logic so VLANs are used that *aren't* used on the WAN then stuff can work fine.

As for licensing yeah... I have no idea where they got that source code and don't want to touch it with a ten foot pole. Companies like RealTek are *extremely* insane about releasing stuff like that. Once you show up on their radar... it's not good. In the case of Asus for what they have released they would have had to talk to the upstream, gotten permission, etc. Even then some (like the wifi driver) is in a binary only form.
 

·
Registered
Joined
·
965 Posts
Personally one of the things I would love to do if I had the money and time is get a suitable router from an OEM (gigabit, hardware NAT, dual band 3x3 wireless, tons of flash, tons of RAM, USB, full source code) and just build the best solution possible. Commercial embedded routers are always just hacks upon hacks.
 

·
Registered
Joined
·
3 Posts
Discussion Starter · #6 ·
As for licensing yeah... I have no idea where they got that source code and don't want to touch it with a ten foot pole. Companies like RealTek are *extremely* insane about releasing stuff like that. Once you show up on their radar... it's not good.
That's the only part I don't get here. The wive project has been around for at least a year and Padavan for 6 months or more. RealTek has a reputation, as you pointed out, for being quite litigious. I can't imagine they don't know this is out there. I'm also a little surprised that Google and Gitorious aren't looking for stuff like this. It does appear from the Google translation of the wive project page that he was, in fact, providing the official ACORP firmware up until they cut his funding in May of this year. That obviously doesn't affect the legality of posting the RealTek code, though.

Anyone reading this and considering the Padavan firmware should note that there is code with origins of questionable legality involved and that the firmware could disappear at a moment's notice.

Personally one of the things I would love to do if I had the money and time is get a suitable router from an OEM (gigabit, hardware NAT, dual band 3x3 wireless, tons of flash, tons of RAM, USB, full source code) and just build the best solution possible. Commercial embedded routers are always just hacks upon hacks.
Soekris makes some neat boxes (the net6501 would make a sweet router), but they're far from cheap. I think to get the cost anywhere near reasonable, you'd be looking at something MIPS-based. If someone came up with an analog to the NS-K330 with 5 physical ports most of the tough work would already be done (via SnakeOS). I suppose RaspberryPI is also out there.
 

·
Registered
Joined
·
965 Posts
RaspberryPI is very interesting but not really a router platform. Still keeping tabs on it to see what people do with it.
 

·
Registered
Joined
·
4 Posts
Working

Has anyone been able to get this working satisfactorily?

I tried installing it and I was able to get the Internet and IPTV working.

The channel changing is horrible and even worse than the ActionTec.

If anyone has and advice or tips to get it working better. I'm sure others would love to use that one as well.

Thanks in advance.

Andrew
 

·
Registered
Joined
·
46 Posts
Two questions:
1) What should "Hardware offload NAT/Routing IPv4" be set to? am I offloading task from the CPU to the hardware NAT engine? Or am I offloading stuff FROM the hardware NAT engine to CPU?
2) Under Advanced Settings - LAN - IPTV there's a setting for multicast routing. I'm going to have two TVs installed Saturday(Fiber Op). Do I need to enable this for the whole home PVR system to see the other HD box? Does this setting even matter for Aliant Fiber Op?

Any help would be greatly appreciated!
 
1 - 11 of 11 Posts
Top