After some bricked NS5s reverting OSWAVE install, I think the only method left to recover the units is by JTAG port. Do UBNT provide info on how to do it?

Hello Crespopc,

At this time we do not have documentation on JTAG usage.

Thank you,

Mike

You mean, available to the public? What do you recommend we do with those? paper weight? book holders? frisbees? personal defense? :lol:

TIA

JC

JTAG would be a nice "feature"

Forget JTAG... I found I can telnet to their Redboot but their guide to restore failed upgrades is also bugged...

http://www.oswave.com/mediawiki/index.php/Faq_restore_firmware

UBNT:

Can I install original Redboot from there? If yes, how?

TIA

UBNT will have to chime in on this one...
I don't think the redboot firmware is part of the downloadable package.

Access to redboot and its source has been requested before...

UBNT will have to chime in on this one...
I don't think the redboot firmware is part of the downloadable package.
...

Think about 'fwsplit'.
Now you have a key ;-)

Ha, And i thought it was my fault that the unit turned into a brick. I also tried the OSWAVE firmware and after testing decided to revert back to AIROS following the instructions but then was unable to recover the unit.

I am shocked but glad to hear others have had the same problem and feel that this matter should be put toward OSWAVE as it is some what iresponsible for a vendor to release such a firmware that is likley to make equipment unusable.

If anyone figures out a way to recover these units please let me know.

Regards
Andrew

keba i wish I knew what that key meant lol :)

crespopc If you have any progress please keep me posted


ahooper your not alone

keba has corrected me... I guess the redboot firmware is part of the distributed package

fwsplit is a part of the "Third Party Firmware-Building Utility"

fwsplit
Version 1.2
Usage: ./fwsplit [options] <firmware file> [<fw file2> ... <fw fileN>]
-o <output file prefix> - output file prefix, default: firmware version
-d - turn debug output on
-h - this help
its a pretty easy download/compile

~/ubnt$ ./mkfwimage-1.2/src/fwsplit NS2.ar2316.v3.2.3734.080909.1631.bin
Firmware file: '../../NS2.ar2316.v3.2.3734.080909.1631.bin'
Firmware version: 'NS2.ar2316.v3.2.3734.080909.1631'
Creating descriptor file:
NS2.ar2316.v3.2.3734.080909.1631.txt
Creating partition data files:
NS2.ar2316.v3.2.3734.080909.1631.RedBoot
NS2.ar2316.v3.2.3734.080909.1631.kernel
NS2.ar2316.v3.2.3734.080909.1631.cramfs


As you can see, I was wrong in my earlier post, redboot is included in the UBNT provided firmware.
using fwsplit, it is possible to extract it. Then using the instructions on the OSwave FAQ, you should be able to do it... good luck

now, keba, when do you think we'll get the sauce for your flavor of redboot?

Well I sort of understand what needs to be done however our units are bricked and even when trying to go to the tftp set up process they are not pingable.

This is only a guess but when the units were upgraded using OSWAVE the reboot was overwritten by OSWAVE's version. When the firmware was returned this was done without returning the reboot to whatever AIROS uses and thus the system no longer has the bits to set up the ethernet devices etc...

So what would eb the recomended method to recover these units?

Or am i missing something?

I have some news on this one. After trying to no avail to get a working firmware onto the bricked units and reading prety much as much as i could I have decided to put them to one side until i get a jtag interface or serial interface and will try again.

I also tried to contact OSWAVE but it appears that not only after a week has no one responded to the post on the forum but the message link to their staff on their website no longer works.

THis fills me with confidence.

Regards
Andrew

I feel your pain
My post bringing up this issue was from Aug 30 and I still have
no word from oswave if even the antenna selection issue is fixed
in the NS2 firmware ...definately doesnt make me feel all warm and fuzzy either

too bad ...I really was hoping to have a good polling mechanism on these units
I recommend that everyone steer clear of OsWave until at least the NS2 antenna selection is verified as fixed

I recommend that everyone steer clear of OsWave
I do too... but I do until they fulfill their GPL requirements and publish the source code for the FOSS projects that make their commercial product possible.

Yes. I would recomend the same even if someone was going to try out their commercial product.

I agree a polling mechanisim in the NS units would be cool however keeping in mind they ar only 180Mhz this also may be a big ask.

Puting a controler unit off the ethernet side certinly could help.

As for the recovery of the NS-Brick i have managed to get into the faild oswave load using its redboot system and can upload information to the flash however am not compleatly sure of memory addreses. once i figure thi out then it should be reasonably simple to reflash these units back AirOS.

Regrds
Andrew

Hi Andrew

Previous Osbridge polling radios such as 5GXI have only ADM5120 175MHz processor so I suspect it can run it just fine on 180mhz

I actually discussed with Lezek regarding why the NS2 with Oswave could run as a polling base yet the NS5 couldn't

I assumed it was because they didnt want to loose any sales of their 5g base units to but he claims it was a chipset issue
in short the NS2s AR2315 could handle the polling base or client tasks but the AR2313 in the NS5 could only run stable as a polling client

I dont know enough about the chipsets capacities it to say if this in fact the true or BS

But I want polling enough that I will continue my oswave tests once I can verify that the antenna selection issue is actually fixed

Unfortunately I dont see any other reasonable priced options for such a solution by anyone else so if anyone has seen any compatable firmware that can offer this feature I would be very interested

It will just be a case that there is no going back to AirOS for me but if it works well it wouldnt matter

in redboot you can use the command fis list to see where on the flash the various partitions are stored

an example (not a NS) would look like this
RedBoot> fis list
Name FLASH addr Mem addr Length Entry point
RedBoot 0x50000000 0x50000000 0x00080000 0x00000000
FIS directory 0x50FE0000 0x50FE0000 0x0001F000 0x00000000
RedBoot config 0x50FFF000 0x50FFF000 0x00001000 0x00000000


this is the flash on my gateworks board that I'm working on right now
It doesn't have a kernel or filesystem loaded because I'm booting via tftp to save me a bit of time when i update the files

you should have a few extra partitions...

I would guess the locations are as specified in the .txt file you got from separating the firmware image


RedBoot 0x00 0x00000000 0x00030000 0x00000000 0x00000000 NS2.ar2316.v3.2.3734.080909.1631.RedBoot
kernel 0x01 0xBFC30000 0x000D0000 0x80041000 0x80041000 NS2.ar2316.v3.2.3734.080909.1631.kernel
cramfs 0x02 0xBFD00000 0x002C0000 0x00000000 0x00000000 NS2.ar2316.v3.2.3734.080909.1631.cramfs


this thread might have a bit to say about the standard issue partition layout
http://ubnt.com/forum/viewtopic.php?t=2184

XS2.ar2316.v3.0.2927.080424.2052# cat /proc/mtd
dev: size erasesize name
mtd0: 00030000 00010000 "RedBoot"
mtd1: 000d0000 00010000 "kernel"
mtd2: 002c0000 00010000 "cramfs"
mtd3: 00020000 00010000 "unallocated space"
mtd4: 00010000 00010000 "FIS directory"
mtd5: 00001000 00010000 "RedBoot config"
mtd6: 00010000 00010000 "EEPROM"
mtd7: 003b0000 00010000 "Working flash"

Well i am working on a polling solution for the NS2 using the standard AirOS SDK. if and when i get this nailed I will let you know. I am also looking at a few other options such as client to vlan and multiple essid to vlans. these I have had opperating already.

My main focus at the moment is to figure out how to get redboot back into these systems before i continue but i am not sure of program to memory addressing. once i figure out how to do this i can get back to looking at the polling issue.

I wish I knew enough about it to be of assistance to you
but your beyond my skillset
Best of luck with it and keep us posted on your progress

Physical. Thanks

In my NS2 all i have i the following

OsWave> fis list
Name FLASH addr Mem addr Length Entry point
RedBoot 0xBFC00000 0xBFC00000 0x00030000 0x00000000
zImage 0xBFC50000 0xBFC50000 0x002D0000 0x80800000
FIS directory 0xBFFE0000 0xBFFE0000 0x00010000 0x00000000

I have extracted just the RedBoot part of AirOR V3.2 and have it sitting on the TFTP server. It seems that the article in that link assumes that the system still has a web interface to upload the full firmware package.

In my case it also appears that the existing oswave load is missing some thigns or has become somewhat corrupt. I say this because i also get the following errors...
/home/radek/repos/oswave/redboot_cobra_2316/ecos/packages/devs/eth/mips/ar531x/current/src/ae531xecos.c#390:ae531x_send AHB ERROR: AR531X_DEBUG_ERROR = 00000145
/home/radek/repos/oswave/redboot_cobra_2316/ecos/packages/devs/eth/mips/ar531x/current/src/ae531xecos.c#393:ae531x_send AHB ERROR status_4 = 00000145
/home/radek/repos/oswave/redboot_cobra_2316/ecos/packages/devs/eth/mips/ar531x/current/src/ae531xecos.c#390:ae531x_send AHB ERROR: AR531X_DEBUG_ERROR = 00000145
/home/radek/repos/oswave/redboot_cobra_2316/ecos/packages/devs/eth/mips/ar531x/current/src/ae531xecos.c#393:ae531x_send AHB ERROR status_4 = 00000145

As i understand it I have to create a new area in flash, upload the new version of RedBooot to that then i can uploadit using "fis load ...."

I know "fis create" is used for this and "load file ..." is used to get the bin there via tftp but im not sure how to work out what memory addresses these are supposed to go into and what to use to create the partition.

Thsi is what i get when trying to upload the image...

OsWave> load NS2_RedBoot -v -m tftp -h 192.168.1.112
Unrecognized image type: 0x3c04b100

Am i missing something?

A little off topic but in light of not getting a response from OSWAVE i decided to do a bit of diging and found an association to OSBRIDGE. It appears that both OSWAVE aqnd OSBRIDGE are part of OSLINK. I then contacted OSBRIDGE and recieved an interesting comment.

Good morning,
OSBRiDGE is not associated with OSWAVE.
For OSWAVE inquiries please contact OSWAVE directly at support@oswave.com


So back to do some diging and as the simple option is a whois lookup here are the results.

A whois search for OSWAVE returns the following.
Oswave.com - Os Wave Whois Record.
Registrant: OSLINK Sp. z o.o.
+48.600398483
OSLINK Sp. z o.o. Marsa 27 Gdansk,pomorskie,POLAND 80-299
Domain Name:oswave.com ...


And

osbridge.com
Registrant: OSLINK Sp. z o.o.
ul. Marsa 27
Gdansk, 80299
PL


A little dubious to be honest! I would be tempted to steer clear of both companies.

Perhaps instead of writing lengthy cry posts on your problem you should just try what the man advised you to do and contact support@oswave.com ?

Yes, done that on more than one occasion. Also tried sales@ and had no response from either.

I think you will find my post serve more as a warning to others, Although it would be nice to get these units working again we have moved on to look at othr options.

So did anyone managed to do a recovery?

Mine does not even lid the LAN LEF anymore.

Please Help

I think you're going to have to just buy a new radio.

Where can I find a new radio for the NS2 ?

Do you have any link?

Thanks

When I said radio, I meant the whole Nanostation. Not worth the hassle of trying to swap out the radio card.

To recover Redboot you need 2 things:
1. RS232
2. JTAG

Some more info on
http://ubnt.com/forum/viewtopic.php?p=20786