Do not apply this update unless you have easy access to the system in question. Always backup your configuration before upgrading.

Read the previous release notes before applying this update.

Changes since v2.10.0:
*) watchdog will be less prone to reboot the system under sustained high system load.
*) Atheros now has an option to select short/long, or long preamble. (see note below)

Problems resolved since b1:
*) vds is now functional once again.

Release Caveats:
*) none

Preamble related notes:

This option is located under the Atheros 'advanced security and access control' menu option.

To enable short/long preamble (the default), add this line:
preamble short/long

To enable long preamble (needed for some 11b clients), add this line:
preamble long

BETA downloads are now available.

Areas of focus while testing this release are:
*) new preamble option, testing against 11b clients that had problems in the past.

Please post your results in this thread. Given the test results from the areas listed, either a new beta will be released, or this version will be renamed to 2.10.1 and made public on our website downloads page.

Router WRAP Edition
http://www.star-os.com/downloads/oem-vnc/strrw-2.10.1b2-4714.bin
http://www.star-os.com/downloads/oem-vnc/strrw-2.10.1b2-4714.raw
http://www.star-os.com/downloads/oem-vnc/strrw-2.10.1b2-4714.iso

Router Desktop Edtion
http://www.star-os.com/downloads/oem-vnc/strr-2.10.1b2-4714.bin
http://www.star-os.com/downloads/oem-vnc/strr-2.10.1b2-4714.raw
http://www.star-os.com/downloads/oem-vnc/strr-2.10.1b2-4714.iso

Server Desktop Edition
http://www.star-os.com/downloads/oem-vnc/strs-2.10.1b2-4714.bin
http://www.star-os.com/downloads/oem-vnc/strs-2.10.1b2-4714.raw
http://www.star-os.com/downloads/oem-vnc/strs-2.10.1b2-4714.iso

Router Routerboard (x86) Edition
http://www.star-os.com/downloads/oem-vnc/strrb-2.10.1b2-4714.bin
http://www.star-os.com/downloads/oem-vnc/strrb-2.10.1b2-4714.raw
http://www.star-os.com/downloads/oem-vnc/strrb-2.10.1b2-4714.iso

Router Soekris Edition
http://www.star-os.com/downloads/oem-vnc/strrs-2.10.1b2-4714.bin
http://www.star-os.com/downloads/oem-vnc/strrs-2.10.1b2-4714.raw
http://www.star-os.com/downloads/oem-vnc/strrs-2.10.1b2-4714.iso

What are the chances of grafting the radius mac acl code into the atheros driver? It would really give us a boost. Then we could replace some of the slow prism cards with the new atheros.

R

What are the chances of grafting the radius mac acl code into the atheros driver? It would really give us a boost. Then we could replace some of the slow prism cards with the new atheros.

R

How about changeable SNMP communities rather that a hard-coded "public"? I just find it very inconvienient having to ACL SNMP access to prevent it from being poked from every possible angle, not to mention it generally odd that the community name can't be changed.

SNMP v3 would be nice, but I could certainly live without it for now since all but a couple devices I have are V2 only.

Hey, as long as we're requesting small (hopefully easily added) features, I figured I'd give it a go!

And, BTW - to Lonnie and Tony, a MILLION THANKS for revisiting the OSPF issues in the last beta/release cycle. So far, so good - no OSPF routing wierdness to report. And, as a bonus, I can now reboot or activate changes on a router and not have the network on either side of it go goofy! It may be just my perception, but things also seem to converge quite a bit faster as well.

Thank you again!


Brad

Radius ACL for Atheros has been discussed and decided the best place for it would be v3 due to the changes needed to implement it.

Regarding SNMP, this is something we can look at.

Thanks for your efforts!

R

Tony,
Any special place the preamble code should be entered?
Also nice to see the version and mem size check with a WRAP upload.
Thank you, Neat-o!

To enter the preamble line, go to this menu item:
wireless->wpciX: atheros 521X pci->advanced security and access control and enter the line anywhere in the script, as long as there is no '#' in front of it. The lines to enter are listed in my original post.

Thanks!

Thanks for the reply,
"Anywhere" is something I can do! I just wanted to keep out of trouble of my own making :-).

Not a problem. Please let us know how it works for you.

Ahh, but make sure that the preamble statement is in before the upgrade is done; especially on a link. Mine dropped, and wouldn't come back until I did a site visit, and added that statement. Without that statement, it forgave the WEP.

Do not apply this update unless you have easy access to the system in question. Always backup your configuration before upgrading.

Read the previous release notes before applying this update.

Changes since v2.10.0:
*) watchdog will be less prone to reboot the system under sustained high system load.
*) Atheros now has an option to select short/long, or long preamble. (see note below)

Problems resolved since b1:
*) vds is now functional once again.

Release Caveats:
*) none

Preamble related notes:

This option is located under the Atheros 'advanced security and access control' menu option.

To enable short/long preamble (the default), add this line:
preamble short/long

To enable long preamble (needed for some 11b clients), add this line:
preamble long

Hi,after installing this build 7414, it seems that time between reboots my wrap is longer than with prevous build. But rebbots still occur approximatelly every 2 days /before, it was every day/. Is possible make some feature, that will be user configurable vie menu StarOS to make HW watchdog more less prone to reboot the system under sustained high system load. Becuse every reboot is in my case, in time when traffic load is on top if day.
Thanx.

We can take a look, but be aware that 30 seconds of not servicing the hardware watchdog is pretty much a dead system.

Because every reboot is in my case, in time when traffic load is on top if day.
Hmm, I don't suppose you are running SR5's on this board are you? We also saw that when the original SR5's where under a heavy load the whole system would lock and reload. Swapped them for a CM9 and everything was fine. I have received some updated SR5's and this problem does not apear to happen with them.

2.10.1b doesn't seem to solve the problem. I dropped back to 2.10 as a result.

Robert

Has anyone tested pre-amble in this release? The only thing preventing us using Atheros in our hotspots is the incompatibility with other brand chipsets so I'm interested to hear of clients who work now when they didn't before and if some clients still don't.

How about changeable SNMP communities rather that a hard-coded "public"? I just find it very inconvienient having to ACL SNMP access to prevent it from being poked from every possible angle, not to mention it generally odd that the community name can't be changed.



What OID are you able to access in current software? I cannot even pull interface statistics, using orion solarwinds.

What OID are you able to access in current software? I cannot even pull interface statistics, using orion solarwinds.
Are you blocking SNMP in your firewall? Have you tried doing an snmp walk on the device?

There is no firewall. Doing walk, there is no answer to queries. But the basic orion snmp poll works, as I see 'system name' filled as 'router'. No other fields are populated.
Quite strange... I can take a trace later ...

So preamble working ok?? I have a new Hotspot to deploy and would rather use CM9's than 2511-MP+ but it needs to work first time.

Since upgrading from v2.10.0 to v2.10.1b2 the Proxy Server & the transparent proxy rule in the firewall has stopped working.

Inorder to allow the internet to continue working I needed to stop the forward.


I assume that this is a bug in the beta version.

Keith

After doing some more looking, I have discovered that the proxy service was stpped, when I tried to restart the service I got a message that the service was already started.

Rebooting the AP resolved the issue

Tony,
Is it possible to upgrade my WRAP which has v2.01.1 build 4590 over my 5.8 link from my house. I have never upgraded a WRAP before and need some advise.
regards
Donal

Yes, it can be done. Before you do however, backup your configuration and make a copy of your license key to be safe.

In regards to this beta, on a WRAP AP with 1prism and 1atheros card, 2 LAN ports on the wrap, RIP enabled, PPPoE, syslog, NTP, DNS, DHCP-auto auth on extra lan port for local access on roof.

The ARP cache does not seem to be deleted durring a reboot. I have no idea if this is a problem, if it is suppose to clear out after a while. It is just something I have noticed while trying to switch some users over to the Atheros card this evening.

We lost our main omni antenna on the prism today, so an emergency switch to the untested Atheros with sector antenna. Figured I would update Server, PtP Wrap, and AP Wrap while I was at it. I needed to use the preamble function for the clients for tonight so I loaded the beta for the AP.

I am unsure how to get a full system dump file for you, but let me know if it's needed and I will try to accomodate.

Seems like CPU usage went up with this update as well, ( with WRAP) maybe 4-8%. It didn't seem to phase the server with a 1.7 celeron.

I needed to use the preamble function for the clients for tonight so I loaded the beta for the AP.Does the pre-amble work ok? Do you have clients that had problems with Atheros in the past that no longer have issues with the new beta and are there still any issues with using Atheros as AP over prism?

Does the pre-amble work ok? Do you have clients that had problems with Atheros in the past that no longer have issues with the new beta and are there still any issues with using Atheros as AP over prism?
I should refraze that. "I thought I needed it". To be honest I had a firewall rule blocking all traffic from that AP, Thinking I was having a data transfer problem and knowing that the client was set-up for long preamble I assumed that I needed the preamble support. I have no idea if it is working or not at the moment, but I can pass traffic to the client and view the webpage for the CPE settings

[QUOTE=gunther_01]

The ARP cache does not seem to be deleted durring a reboot. I have no idea if this is a problem, if it is suppose to clear out after a while. It is just something I have noticed while trying to switch some users over to the Atheros card this evening.QUOTE]

Any word on the ARP cache? Some say incomplete others just "*". We use PPPoE. I also have a radio that is not associated to a site that does not get removed from the list after being associated to another radio on this WRAP. Switched from Atheros to Prism card. If it matters any.

The ARP cache does not seem to be deleted durring a reboot. I have no idea if this is a problem, if it is suppose to clear out after a while. It is just something I have noticed while trying to switch some users over to the Atheros card this evening.

Any word on the ARP cache? Some say incomplete others just "*". We use PPPoE. I also have a radio that is not associated to a site that does not get removed from the list after being associated to another radio on this WRAP. Switched from Atheros to Prism card. If it matters any.

The ARP cache is not persistent across reboots unless you use static ARP. The ARP cache will expire after a short time if the client disassociates. When the client roams, the client's ARP requests. PPPoE server will create static ARP entries for each session, and will remove it once the user logs off.

The ARP cache and in fact everything gets cleared on a reboot. I doubt it is possible for the system to retain the ARP cache without writing it to flash, which we do not do.

Any entry that is not complete is caused by a partial ARP handshake. This can because there is nothing at the other end or it refuses to answer due to firewall settings.

The most common reason for it, especially if you have lots of them, is a user doing a scan. Normally this is the result of a script kid trying a new piece of software or a more malicious virus or trojan that is on the lookout for other vulnerable machines.
Any word on the ARP cache? Some say incomplete others just "*". We use PPPoE. I also have a radio that is not associated to a site that does not get removed from the list after being associated to another radio on this WRAP. Switched from Atheros to Prism card. If it matters any.

In response to the ARP. The unit is retaining or is at least showing incomplete ARP addresses after a reboot. Problem I see is that the IP addresses that have no mac are IP's assigned to the PPPoE server in the AP. These addresses are also public IP's with out a client to be associated to that IP. I only have 4 customers on this system, 1 only uses it 2 nights a week, 1 business with no connections on it as of yet, 1 residence (owner of previous business) and 1 other residence that does not get used much either.

After reboot, and after a downgrade to stable version. I have one device that will automatically log in to PPPoE, the other 3 I have to log in to client device and reboot it so the Linksys router pluged in to the ether side will connect to PPPoE. First association after reboot and PPPoE served, the ARP cache showed the same IP's and incomplete macs all on eth0, and one PPPoE IP with * for HW type and HW mac, MP flag and etho for interface.

After logging in and rebooting one additional client, my ARP on AP showed just about every IP address assigned to the subnet for eth0 with incomplete for HW mac. gave it a minute and most of those cleared out but the originals stayed.

Is it possible that a new unmanaged switch added three hops away could be sending out something strange on layer 2. I would not think so and that shouldn't work like that but just curious. That's the only piece of new network hardware added since upgrading to this beta and as of recent. Main server and PtP were upgraded to latest stable version.

If things were working properly and no virus or something, how long does it take ARP to drop connections that are not there? I have another thread you may want to check as well in support. I don't think it's related belive it or not.

This is a classic scan. The sequential IP with no MAC is something trying to ping those IP's and the system is doing an ARP but getting no response, since they do not exist.

There is no easy way to track this since it can be coming from a local machine or a remote machine. An IP scan can be launched from anywhere that can ping the subnet.

I don't know if it matters, but sequential. Are you reffering to the scan itself or how the ARP listing shows. The ARP is all over the place, not in order at all.

After a while now most all of the ARP "incomplete" addresses have gone away.

Is it possible to just look for ICMP activity for IP's not used and block the perp? Or is ICMP not used in this kind of scan? Never mind you did say ping earlier.

You can block the IP addresses, but in my experience they rarely rescan, since they already have the open IP and ports for your LAN. What you will see is another hacker will scan you, and then another, and another.

I don't know if it matters, but sequential. Are you reffering to the scan itself or how the ARP listing shows. The ARP is all over the place, not in order at all.

After a while now most all of the ARP "incomplete" addresses have gone away.

Is it possible to just look for ICMP activity for IP's not used and block the perp? Or is ICMP not used in this kind of scan? Never mind you did say ping earlier.

I upgraded an AP to the beta, climbed the tower and swapped a 2511 for a CM9. The links look great, however it will not pass data. The ips are all 0.0

I tried b,g auto, short, short/long, and most everything else I could think of. Am I missing a setting someplace?

These are my Prism and Atheros tranzeo CPEs. There is about 60 on the sector and not a single one was able to pass data. I have 200's, 80's and q's.

Any chance you can get me a login?

I had to put it back on the prism as the clients were down.

I am setting one up in the shop as I type this.

That is the same problem I'm having. I've tested every which way from friday and this still happens. More clients there are, the worse the problem. It first started up when I went through about 15 clients on this ap. Interestingly if I remove the power to the attached amp it also causes the problem to happen. I've swapped amps ( rflinx ) and same problem. Also it seems that acl lists are totally broken in this release. I can set them up any which way and clients can attach and pass traffic.
What's up with that? It also seems that changing the security file seems to be what gets the cpe's to again start passing traffic after many "activate changes"...

Robert

Oh and I forgot to mention that apparently essid's are not as strict as I thought?

I have one essid= Avant-MontreuxH

and StarOS as client with essid=Avant-MontreuxH will associate if the AP is set to Avant-Montreuxh
(as well as a Tranzeo CPQ.) That seems rather weird... All other CPE's no longer associated with the lower case h.

Robert

The SR2 card used as an access point caused my WRAP board to reboot 4 times a day. After I went to the 2.10.1 beta release, the system only reboots itself about once a day. I would like it to be better (as solid as the prism cards). Maybe their could be an option to set the error rate that reboots the hardware watchdog in the software upgrade. That way we could adjust for the noise errors in the SR2 that cause the reboot of the WRAP/Star-os configuration.

Are there any updates on this issue?

3 weeks ago I switched out a Prisim for an Atheros (WRAP 2.01.1, 4590) . Things went really well. Still running.

11 days ago we switched out another Prisim for an Atheros and things were well until today(WRAP 2.01.1, 4590). We use DHCP, and none of the Prisim based clients would recieve an address. All of the Cisco 350 clients took one fine. We took another WRAP board (2.10.0, 4693), installed it, all was well for about 15 minutes, then nothing. We tried the preamble thing mentioned earlier in the post, and all we get is invalid syntax.

I have a PC based AP already to go with Atheros, but am afraid to fire it up and throw customers on it.

I am an a real pickle here. I need faster boards, WAR does not have DHCP as of yet, or bandwidth shaping (waiting on version 3) which we rely on. Version 3 does not support Prisim or PCMCIA from what I read. I have to use amps on Prisim, Atheros seems to work only with out them.

Lonnie, I need a solution on this. Could you shed some light?

Invalid syntax means you typed it wrong, or you are not using the newest beta. Earlier images did not have the feature. Time to upgrade if you think you need long/short preamble.

Will the preamble feature fix the client based Prisim problems talking to Atheros?

Also, what is the correct syntax to fix the problem?

I am not running the latest beta, I'll download it and try it.

I cannot say for sure. Be aware this is not a problem with prism2.5 in general not talking with Atheros. It is ONLY with a few very poorly engineered units.

I cannot say for sure. Be aware this is not a problem with prism2.5 in general not talking with Atheros. It is ONLY with a few very poorly engineered units.

Lonnie,

I am confused by your response, could you clairify? All of the Prisim clients that would not associate are CB3's and Tranzeo CPE-200's. I hope these are are not concidered very poorly engineered units as I have a lot of them out there. We had about 25 associations total. 7 were Cisco 350 PCI cards. 18 were the formentioned Prisim clients. All of the Prisim clients would not get an IP address.

Another thought:

The access point that has been running for 3 weeks has a CM9 in it.

The problem child had an NL-5354MP Plus in it.

Both cards read as a 5213 in Star-os, is the CM9 a better card?

I am not going to name names. A check on various lists will answer that question for you. Anything using long preamble with the technology available today is poorly engineered. The developer simply did not understand RF and radio communication. The fact that you have a lot of them is not an indication of anything other than you bought a lot of them.

If you want me to validate your choice, it won't happen. I have been advising against the cheap client bridges forever. They do not have the tools you require to build a real network and now they do not even associate with the best radios available, yet an OLD Cisco 350 is fine. Form your own conclusion.

Another thought:

The access point that has been running for 3 weeks has a CM9 in it.

The problem child had an NL-5354MP Plus in it.

Both cards read as a 5213 in Star-os, is the CM9 a better card?

Another thought:

The access point that has been running for 3 weeks has a CM9 in it.

The problem child had an NL-5354MP Plus in it.

Both cards read as a 5213 in Star-os, is the CM9 a better card?

But as we learn our hard lesson about cheap client bridges... Can we run an SR2, set long/short, preamble, and have the senao based clients work as we migrate to an atheros based CPE?

Can we even run an SR2 without the system rebooting every day?

Thanks.

I can't speculate about the SR2. We use the CM9 in WAR and WRAP and we see runtimes that are as long as we let them go before upgrading.

We will soon have a new beta to tweak the preamble setting and it seems to be working, at least with the prism systems we have tested with.

But as we learn our hard lesson about cheap client bridges... Can we run an SR2, set long/short, preamble, and have the senao based clients work as we migrate to an atheros based CPE?

Can we even run an SR2 without the system rebooting every day?

Thanks.

It says that the SR2 is compatible with any system currently supporting the 5004 chipset. It specifically mentions staros.

I would think it's compatible! But I'm still wondering about the power requirements. I have seen posts that say it is being done with success, However, I don't wan't to be out on the bleeding edge! If you are not endorsing the use of the SR2, then I probably will wait.

Also, Judging by some of your other posts, I gather that you have a preference of the CM9 as an AP over the Senao?