This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
remote_upgrade_poc [2023/07/13 16:19] – [Concerns, Issues, and Known Challenges] -formatting hogwild | remote_upgrade_poc [2023/07/13 16:45] – [Concerns, Issues, and Known Challenges] -formatting hogwild | ||
---|---|---|---|
Line 76: | Line 76: | ||
- Reach the remote location in x hours/days or; | - Reach the remote location in x hours/days or; | ||
- Have someone on site who can recover from a failure. | - Have someone on site who can recover from a failure. | ||
- | - (Such as using the factory | + | - (Such as using the Reset button to restore the backup configuration/ |
- A problem with these routers is the newer firmware is written on top of the running firmware. \\ This involves some risk that the (now invalid) filesystem could cause issues/ crash during reboot. \\ This would cause a manual power cycle \\ to be needed. | - A problem with these routers is the newer firmware is written on top of the running firmware. \\ This involves some risk that the (now invalid) filesystem could cause issues/ crash during reboot. \\ This would cause a manual power cycle \\ to be needed. | ||
- This could be easily resolved if someone on site could perform the power cycle. \\ \\ | - This could be easily resolved if someone on site could perform the power cycle. \\ \\ | ||
- Asus tries to avoid this by creating a temporary rootfs where the critical bits are copied during reboot. | - Asus tries to avoid this by creating a temporary rootfs where the critical bits are copied during reboot. | ||
- | - Newer Broadcom routers solve this using two separate | + | - Newer Broadcom routers solve this using two firmware partitions. The new firmware is written to \\ the other partition, so the running filesystem remains intact. |
- **If you need something that is remotely managed, you need a router designed for that.**\\ | - **If you need something that is remotely managed, you need a router designed for that.**\\ | ||
- Trying to script fail-safe procedures for all possible scenarios will require a lot of work. | - Trying to script fail-safe procedures for all possible scenarios will require a lot of work. | ||
Line 90: | Line 90: | ||
- What is the difference betweeen the // | - What is the difference betweeen the // | ||
- Issuing the //nvram erase// command still erases the nvram mtd. However, upon actions like a reboot, \\ NVRAM is saved \\ to mtd from RAM. Thus, it will not wipe everything unless power is removed \\ right after the command completes. \\ However, //nvram erase// clears the NVRAM in RAM then writes to flash, but doesn' | - Issuing the //nvram erase// command still erases the nvram mtd. However, upon actions like a reboot, \\ NVRAM is saved \\ to mtd from RAM. Thus, it will not wipe everything unless power is removed \\ right after the command completes. \\ However, //nvram erase// clears the NVRAM in RAM then writes to flash, but doesn' | ||
- | - The //nvram erase// command maintains the NVRAM structure (header/ | + | - The //nvram erase// command maintains the NVRAM header/ |
- Thus, options for storage persistence would seem to be: | - Thus, options for storage persistence would seem to be: | ||
- JFFS. However, by default, if NVRAM is cleared, JFFS is unmounted. Also, JFFS needs to be unmounted \\ before an upgrade, since occasionally it gets repartitioned/ | - JFFS. However, by default, if NVRAM is cleared, JFFS is unmounted. Also, JFFS needs to be unmounted \\ before an upgrade, since occasionally it gets repartitioned/ | ||
Line 96: | Line 96: | ||
- All forks of Tomato trigger execution of certain shell scripts with the < | - All forks of Tomato trigger execution of certain shell scripts with the < | ||
- Automount mounts all partitions to subdirectories in "/ | - Automount mounts all partitions to subdirectories in "/ | ||
- | - Logic is needed to tell if the .autorun file was run right after an upgrade or on reboot during normal operation. \\ \\ | + | - Logic is needed to tell if the .autorun file ran right after an upgrade or on reboot during normal operation. \\ \\ |
- | - Performing an upgrade via the shell is safer than via the web interface. From the shell, you download a .zip \\ and check for magic number errors when extracting the archive. Most devices have enough RAM to host the .zip. \\ Uploading a " | + | - Performing an upgrade via the shell is safer than via the web interface. From the shell, you download a .zip \\ and check for magic number errors when extracting the archive. Most devices have enough RAM \\ to host the .zip. \\ Uploading a " |
- Clearing NVRAM and restoring variables remotely via a script could lead to a serious lockout or bootloop. \\ Even if such an approach (having a list of nvram set commands) saved time, too many things could go wrong.\\ | - Clearing NVRAM and restoring variables remotely via a script could lead to a serious lockout or bootloop. \\ Even if such an approach (having a list of nvram set commands) saved time, too many things could go wrong.\\ | ||
- Having a persistent basic Internet connection, VPN, and LAN parameters could allow an internal device \\ (such as a PC or small service/ | - Having a persistent basic Internet connection, VPN, and LAN parameters could allow an internal device \\ (such as a PC or small service/ | ||
- Upgrade options using TFTP wouldn' | - Upgrade options using TFTP wouldn' | ||
- | - Other options for FreshTomato to do a controlled reconfiguration during upgrade might include leaving specific \\ entry points, | + | - Other options for FreshTomato to do a controlled reconfiguration during upgrade might include leaving specific \\ entry points, hooks, or callback scripts. However, this would require thorough examination, |