Voxel Custom firmware build for Orbi RBK50/RBK53 (RBR50, RBS50) v. 9.2.5.2.12SF-HW

[Voxel]

Continuation of

https://www.snbforums.com/threads/custom-firmware-build-for-orbi-rbk50-v-2-5-0-42sf-hw.60308/
. . .
https://www.snbforums.com/threads/c...50-rbk53-rbr50-rbs50-v-9-2-5-2-10sf-hw.70690/
https://www.snbforums.com/threads/c...50-rbk53-rbr50-rbs50-v-9-2-5-2-11sf-hw.71395/

New version of my custom firmware build: 9.2.5.2.12SF-HW.

Changes (vs 9.2.5.2.11SF-HW):

1. Toolchain: Go is upgraded 1.16.2->1.16.3.
2. wireguard package is upgraded 1.0.20210219->1.0.20210424.
3. wireguard-tools package is upgraded 1.0.20210315->1.0.20210424.
4. OpenVPN is upgraded 2.5.1->2.5.2.
5. OpenSSL v. 1.1.1 package is upgraded 1.1.1j->1.1.1k (fixing CVE-2021-3449, CVE-2021-3450).
6. curl package is upgraded 7.75.0->7.76.1 (fixing CVE-2021-22876, CVE-2021-22890).
7. dbus package is upgraded 1.13.12->1.13.18 (fixing CVE-2020-12049, CVE-2020-35512).
8. cifs-utils package is upgraded 6.12->6.13 (fixing CVE-2021-20208).
9. haveged package is upgraded 1.9.13->1.9.14.
10. ipset: Kernel modules optimization '-O3'.
11. Kernel: Add BLK_DEV_LOOP and FUSE modules support
12. Toolchain: add optimization patch to uClibc.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.

 

[TeamZero]

Thanks fella!!

 

[Skippy Bosco]

5 minutes to install across two satellites and a router. Been using it for a few hours now without issue. Fast, as usual.

 

[gssjshark]

Great work @Voxel !

 

[alfatag]

Thank you guys!!!!

Cheers from Brazil!

 

[mmthabet]

Continuation of

https://www.snbforums.com/threads/custom-firmware-build-for-orbi-rbk50-v-2-5-0-42sf-hw.60308/
. . .
https://www.snbforums.com/threads/c...50-rbk53-rbr50-rbs50-v-9-2-5-2-10sf-hw.70690/
https://www.snbforums.com/threads/c...50-rbk53-rbr50-rbs50-v-9-2-5-2-11sf-hw.71395/

New version of my custom firmware build: 9.2.5.2.12SF-HW.

Changes (vs 9.2.5.2.11SF-HW):

1. Toolchain: Go is upgraded 1.16.2->1.16.3.
2. wireguard package is upgraded 1.0.20210219->1.0.20210424.
3. wireguard-tools package is upgraded 1.0.20210315->1.0.20210424.
4. OpenVPN is upgraded 2.5.1->2.5.2.
5. OpenSSL v. 1.1.1 package is upgraded 1.1.1j->1.1.1k (fixing CVE-2021-3449, CVE-2021-3450).
6. curl package is upgraded 7.75.0->7.76.1 (fixing CVE-2021-22876, CVE-2021-22890).
7. dbus package is upgraded 1.13.12->1.13.18 (fixing CVE-2020-12049, CVE-2020-35512).
8. cifs-utils package is upgraded 6.12->6.13 (fixing CVE-2021-20208).
9. haveged package is upgraded 1.9.13->1.9.14.
10. ipset: Kernel modules optimization '-O3'.
11. Kernel: Add BLK_DEV_LOOP and FUSE modules support
12. Toolchain: add optimization patch to uClibc.

The link is:

https://www.voxel-firmware.com (thanks to vladlenas for his help with hosting).

Voxel.

Hi, I installed on RBS50 and my 4 satellites RBS50, (which all worked on original firmware) now can only sync 3 satellites with this firmware version. Is that normal? is there any workaround to get the 4th satellite synced?

 

[Skippy Bosco]

Hi, I installed on RBS50 and my 4 satellites RBS50, (which all worked on original firmware) now can only sync 3 satellites with this firmware version. Is that normal? is there any workaround to get the 4th satellite synced?

Orbi only supports 3 satellites. That said, there is a work around that you can follow to add more:

1. you have 3 satellites right now added
2. power off router and all satellites
3. power on router and the new unconnected satellite (leaves others turned off)
4. power on other satellites

From here:

Maximum Satellites: 5 Working

I have just completed setup of our Orbi Pro system with 1 Router + 5 Satellites, providing coverage across 4 floors of our entire church building. Before we went this route, I had searched for "maximum satellites" as there are reports of 4,5,6 satellites working despite the official word from...

community.netgear.com

 

[mmthabet]

Orbi only supports 3 satellites. That said, there is a work around that you can follow to add more:

1. you have 3 satellites right now added
2. power off router and all satellites
3. power on router and the new unconnected satellite (leaves others turned off)
4. power on other satellites

From here:

Maximum Satellites: 5 Working

I have just completed setup of our Orbi Pro system with 1 Router + 5 Satellites, providing coverage across 4 floors of our entire church building. Before we went this route, I had searched for "maximum satellites" as there are reports of 4,5,6 satellites working despite the official word from...

community.netgear.com

Thanks will try and report back. Is it possible though that having 4 synced will cause issues with the network? Like disconnects for example?

 

[Skippy Bosco]

Thanks will try and report back. Is it possible though that having 4 synced will cause issues with the network? Like disconnects for example?

I'd be sure to keep things like Netgear Armor, Disney Circle, Parental Controls, etc. disabled to minimize processing on the devices. Other than that, no it should not be an issue.

 

[mmthabet]

Orbi only supports 3 satellites. That said, there is a work around that you can follow to add more:

1. you have 3 satellites right now added
2. power off router and all satellites
3. power on router and the new unconnected satellite (leaves others turned off)
4. power on other satellites

From here:

Maximum Satellites: 5 Working

I have just completed setup of our Orbi Pro system with 1 Router + 5 Satellites, providing coverage across 4 floors of our entire church building. Before we went this route, I had searched for "maximum satellites" as there are reports of 4,5,6 satellites working despite the official word from...

community.netgear.com

Hi, just wanted to report back. i could add 5 satellites without even having to disconnect the current satellites without issues. Now the bad news, the same unit i couldn't connect as a satellite still didn't connect as a satellite, but just now i remembered that this unit is a converted RBR50 to satellite. So instead of voxel firmware i installed the original firmware on this converted RBR50 to satellite, and actually it connected as satellite without issues (even to the router that has Voxel firmware). So i guess if you have an RBR50 that was converted to satellite you shouldn't use the Voxel firmware??

 

[Skippy Bosco]

Hi, just wanted to report back. i could add 5 satellites without even having to disconnect the current satellites without issues. Now the bad news, the same unit i couldn't connect as a satellite still didn't connect as a satellite, but just now i remembered that this unit is a converted RBR50 to satellite. So instead of voxel firmware i installed the original firmware on this converted RBR50 to satellite, and actually it connected as satellite without issues (even to the router that has Voxel firmware). So i guess if you have an RBR50 that was converted to satellite you shouldn't use the Voxel firmware??

I've helped a couple of folks that have RBR that were converted to RBS and running Voxel. There is no issue. The hardware (minus the sticker for WAN port) are identical. I would load back 2.5 stock on it, factory reset and try again.

 

[HTBruceM]

Hey Voxel,

I am thinking about installing your Orbi build. I'm currently on the latest Orbi release 2.7.2.104. Your guidance about first installing older FW before installing your build has got me thinking about a couple things.

Are you able to associate your release versions with the Netgear release versions? In other words... your latest Orbi 9.2.5.2.12 release - which Netgear build/release is this based on? Or is this not possible because Netgear's open source releases don't provide that linkage?

The reason I'm asking is because there might be key Netgear fixes (many of which could be in the closed source code) that might not be part of your build. One example: Netgear had a lot of instability with ethernet backhaul in the past, but it's finally working well for me. I wouldn't want to reintroduce those issues back into my environment. And I'll bet the backhaul code is all closed-source.

Thanks and kudos for taking the time and effort to make these builds!

 

[Voxel]

Thanks and kudos for taking the time and effort to make these builds!

Thanks for this. Regarding the rest of your message.

I'm dealing with source codes and I am not tweaking any binary stock firmware made by NG/DNI. Latest source codes of world-wide RBK50 firmware (please check yourself):

https://kb.netgear.com/2649/NETGEAR-Open-Source-Code-for-Programmers-GPL

are 2.5.2.4. Yes, there are sources of 2.7.0.70 firmware but it (firmware) is:

for US Region Only. There are also codes of 2.6.1.52 firmware, but it is for China only. So source codes of latest world-wide firmware (what I am using) are 2.5.2.4. It is why I suggest to flash exactly this version before flashing my build.

Regarding fixing instability of 2.7.x firmware from NG... Well. Funny. Changes of 2.5.x--->2.7.x results in instability. After some iterations (2.7.0.70--->2.7.1.60-->2.7.2.102-->2.7.2.104) people got stable 2.7.2.104. Good.

I really do not see any profits: 2.5.x vs 2.7.x except some changes for Disney Circle.

According to my own experience my build is pretty stable. Currently: no any reboot since I flashed 9.2.5.2.12SF-HW. As far as I know @Skippy Bosco is using exactly ethernet backhaul and no problems with it are reported by him.

@Skippy Bosco: am I right?

Voxel.

 

[HTBruceM]

Interesting - thanks for the reply Voxel! I'll give this more thought - today is a good day for me to try this.

FYI, I have been traumatized by Orbi FW updates in the past so I guess I have a fear factor that I need to overcome. But that's what beer is for, right?

BTW I see your warnings about inability to factory reset after your FW install.

Is factory reset recommended to do (on 2.5.2.4) prior to installing your FW? Or is factory reset an optional thing? Many expert users in the Netgear forums are avid proponents of factory reset to ensure smooth upgrade/downgrade. For me, every time I use that pushbutton it seems like I've just stepped into the twilight zone for a couple of hours.

UPDATE: YES - I took the Voxel plunge . Everything went well. Here are my steps.

• I first downgraded each SAT to 2.5.2.4 FW from each satellite's web GUI page (both at the same time) and waited for them to reappear in the router web GUI DEVICE LIST page.
• Then I downgraded the router FW to 2.5.2.4. The router went to the slow pulsing white light, and the GUI interface did not come back up; it went to the page telling you to use the smartphone app. I clicked "I don't have a smartphone" at the bottom. And it stepped me through the initial setup as if I had just pulled it out of the box. But once it went through all those steps, it did reload all my configuration settings. I had to restart my PC since the network was not able to get to the internet but after the reboot the GUI came back up and everything looked fine on 2.5.2.4.
• (I did NOT perform a factory reset at this point)
• Next I went directly to each satellite web GUI and performed FW updates on both satellites at the same time to Voxel FW. I waited for them to finish updating, rebooting, and re-appearing in the router web GUI DEVICE LIST page.
• Then I did the FW update of the router to Voxel. This went smoothly; eventually the web GUI timed out but I still had internet access. I just reloaded the web GUI page and everything came back up. I checked all my settings changes and they were all still in place.

So far, so good. Everything is working well. All my devices are reconnected and accessing the internet. Speedtest (from the router web GUI page) looks similar to what I had previously. Everything looking stable and nominal at this point.

Thank you again, Voxel, for doing this - I DONATED!. I really appreciate having the latest versions of all the libraries and such. I think this should not only improve stability, but it also reduces security vulnerabilities since many of the software modules have been updated with security patches. It would seem prudent for Netgear to do this on a regular basis, but I suppose they're just being risk-adverse on older products like this and don't want to invest in more elaborate regression testing & validation.

 

[agneev]

I'm on 11SF. Do I need to downgrade and flash (from scratch) or just flash normally?

 

[Voxel]

I'm on 11SF. Do I need to downgrade and flash (from scratch) or just flash normally?

What for to downgrade? Just flash 12SF-HW and use it. Normally. As a rule: no any intermediate flashing is needed if you flash my build above any of my previous build.

Voxel.

 

[mgiunktode]

Wow you added LOOP and FUSE modules support: super! I have to try it as soon as possible.

Thanks again

 

[darkarn]

Just want to pop in and say thanks for your firmware, pretty stable and gives me the option to rermain on the Orbi platform

I am thinking of expanding my network from a RBK50 V1 and will like to know if this firmware is also for RBS20, RBS40 and RBS50V2

 

[Skippy Bosco]

like to know if this firmware is also for RBS20, RBS40 and RBS50V2

RBS20 & RBS40, No.

RBS50V2, Existing Voxel will work on.

 

[HTBruceM]

I just tried enabling dnscrypt-proxy-2 using Telnet. I did the commit and the reboot. By enabling this, is the Orbi no longer using the DNS servers from the web GUI page?
In the Orbi web GUI, I have configured Cloudflare at 1.1.1.1 and 1.0.0.1.
But when I check the status at 1.1.1.1/help, it says that DoH is NOT enabled, (neither is DoT).
I made sure I changed my browser back to the OS system default DNS - which points to the Orbi at 192.168.1.1.

When I run the DNS leak test at perfect-privacy.com, it says:

176.56.237.171 resolver1.dnscrypt.eu RamNode IP Space NL​

77.66.84.233 resolver2.dnscrypt.eu Inota DK​

2a00:d880:3:1::a6c1:2e89 resolver1.ipv6.dnscrypt.eu RamNode IP Space​

2001:1448:243::dc2r esolver2.dnscrypt.eu Inota​

So it appears that these are the DNS resolvers being used by the Orbi on behalf of every device connected.
If that is the case, I must be missing some additional configuration to change to Cloudflare at 1.1.1.1 and 1.0.0.1?
Any help?