What are
/r/openwrt's
favorite Products & Services?
From 3.5 billion Reddit comments
The most popular Products mentioned in /r/openwrt:
The most popular Services mentioned in /r/openwrt:
OpenWrt
WireGuard
DD-WRT
OpenWISP
Pi-hole
DealExtreme
WinSCP
Hosts by Steven Black
NordVPN
Gargoyle
Wireshark
PuTTY
Speedtest by Ookla
Orange Pi
Linux kernel
The most popular Android Apps mentioned in /r/openwrt:
Wifi Analyzer
Wake On Lan
PdaNet+
UniFi
InstaWifi
he.net - Network Tools
NFC Tools
The most popular VPNs mentioned in /r/openwrt:
The most popular reviews in /r/openwrt:
If you know the details of the hardware (i.e. manufacturer and model), you can look in the downloads for a clean firmware that you can set up yourself in any way you want.
I'd personally go with a clean firmware, since you don't know what sort of backdoors the original vendor left on your router.
This is a test version of the software that will become 18.0.6.0. Once finalized, 18.06.0 will be the first stable version after the OpenWrt/LEDE project merger and the successor to the previous stable LEDE 17.01 and OpenWrt 15.05 major releases.
The 18.06 series will focus on support for network flow offloading and modernizing the Atheros AR71xx target.
This is the second test version of the software that will become 18.0.6.0. Once finalized, 18.06.0 will be the first stable version after the OpenWrt/LEDE project merger and the successor to the previous stable LEDE 17.01 and OpenWrt 15.05 major releases.
The 18.06 series will focus on support for network flow offloading and modernizing the Atheros AR71xx target.
Edit: RC1 discussion thread.
I'd be honest with you. OpenWRT is terribly documented. It's a literal chaos for a newcomer where more often than not you have to go through the source code of scripts, libraries and daemons.
There is https://openwrt.org/docs/start which is seldom updated and does not cover cornercases, but might give you a clue for what you should look for.
I think the most important concepts that differentiate OpenWRT from other linux distros are uci (configuration framework) and ubus (IPC bus, similar to dbus).
Openwrt is surely not dead! There's new releases every 2-3 months, the last one 21.02 RC4 being released just few days ago
Wifi 6 is probably still too new, and there's only a handful of devices with openwrt support:
https://openwrt.org/toh/views/toh_available_16128?dataflt%5BWLAN+5.0GHz*%7E%5D=ax
Anyway, I think wifi 5 is good enough for 99% of users, and openwrt supports around 270 wifi 5 devices. Surely a bunch of them are mainstream enough for you?
https://openwrt.org/toh/views/toh_available_16128?dataflt%5BWLAN+5.0GHz*%7E%5D=ac
I am guess the "why would you want to do this" is to give one device more bandwidth and another less? If so, I would simply advise against this and use SQM 100% of the time and not try to starve devices, SQM is smarter than you or I.
Use these settings to get per host isolation, which is sort of what you want just not a hard limit.
Or his clone, the Gl.inet, which have two Ethernet ports (I'm using to load balance two ISPs), and drains very little power. Sadly enougth, it is about $25 now.
>My understanding is that Linux based systems are just generally more secure?
It's linux based on stock and for openwrt. Nothing changes in this aspect.
>Is there anything else I need to do to make it more secure?
The default firewall configuration is good enough for most. You should pick a secure password for web based configuration interface, LuCI. You need to use a good WiFi key of a healthy length and WPA2 with AES and no TKIP.
>I was reading about SSH access, is that necessary for everyone, or can I use LUCI only.
LuCI should be fine for everything you need. Very few things aren't supported by LuCI.
>Is it possible for me to make my router less secure by installing OpenWRT?
I'm not expert but I'd say that the defaults for OpenWRT is about the same or better than the defaults for stock routers.
>I’m also interested in VPNs. Do I need to still buy a VPN service (eg. ExpressVPN) if I install a VPN like Wireguard?
Depends what you want to do. Installing Wireguard will give you remote access to your home network. Your router can't provide you protection from copyright trolls on it's own though.
>And lastly, how likely is it that I brick my router?
If you can follow directions and haven't misidentified your hardware then the chances of bricking your device is nearly 0%.
>Basically I just install the install firmware wait for it to reboot, and then the upgrade firmware? Is that it?
The directions for installation appear to be complete. So give them another read if you are having any concerns.
>What do I need to do once the router resets? How difficult is it to go back to the OEM firmware?
Both are covered on the page you linked.
This device is fully supported via upstream OpenWRT: https://openwrt.org/toh/hwdata/gl.inet/gl.inet_gl-mt1300
This includes WiFi via the open source mt76 driver which works great. I had no issues updating mine using the builds linked above.
If you're asking for the --> best <-- way, I'd suggest using an access point and a cable. Because repeating uses loads of airtime, you're basically sending every message twice. So if it's busy where you live or of there are many wi-fis (neighbours etc) a repeater might work but you won't have fun with it. Using an access point eliminates the repeating of the message and instead transfers it to a LAN cable, where its a direct 1:1 connection, so there is no other network to disturb you.
I'd look for some white cable and put it along my ceiling or just put it in the wall, if possible. If this is your own house, the attic might also be a good option to play the cable. And for the access point: any openWRT-capable device will do. If you have the option to go through the wall, there are some capable outdoor APs, e.g. a UniFi AP-AC mesh. For setup there is a guide in the wiki: https://openwrt.org/docs/guide-user/network/wifi/dumbap
That would probably be the best way.
If laying a cable is not an option, a repeater might be your only solution, yes. I don't have any experience with your device, so I'm not sure if it's reliable. Just make sure your repeater has a good to very good signal to begin with, because it can't repeat what isn't there.
Hope this helps, although I'm not able to answer your question directly :)
About a month ago someone posted a link to this:
samcrawford's comparison of cheap OpenWRT routers from TP-link (coments)
I saved because I'm thinking about replacing my old DIR-320 and those seemed like a good cost/benefit.
Without pouring over the openwrt-devel mailing list and the bug tracker, I don't really know in detail, but here's what I do know.
The 18.06 release page mentions "network flow offloading." I think that means hardware-accelerated NAT (Qualcomm Fast Path), which makes a big difference for Internet connections faster than 200Mbps. It's something that previously most routers could only get with their stock firmware.
That page also mentions "modernizing the Atheros AR71xx target." I'm not sure what that specifically means, but it's probably something like more up-to-date packages, such as maybe a newer kernel version, etc.
I also read that they don't recommend preserving settings when upgrading to 18.06 from OpenWrt 15.05.x or LEDE 17.01. Start fresh and reapply your changes manually, so that you can take advantage of new default settings. What those new defaults are exactly, I have no idea.
One change I'm noticing with RC2 is that some parts of Luci's Bootstrap theme look different. It's not a huge, fundamental change, but personally I think it's for the better.
For the real details, I'd say wait for the notes that accompany the full release.
addrwatch is designed for this. It works by using ARP and NDP, so even if the host is firewalled, this can still detect them (on the same broadcast domain).
That model is a modem as well as a router; therefore, it won't be supported (cable modem functionality wouldn't work). So trying to flash R6250 firmware wouldn't be very wise.
Netgear doesn't even provide firmware for it, as that's the responsibility of the ISP. So you're best off just using your C6250 as modem in bridged-only mode and connecting a separate (OpenWRT) router to it.
Popular suggestions for an OpenWRT router are Archer C7, x86 PC and Raspberry Pi 4. The Archer C7 also includes a good AP. But there are many more options out there.
P.S. OpenWRT and libreCMC are generally the best (except on Broadcom routers), FreshTomato is the best on certain Broadcom routers, DD-WRT is fine but not very stable, Gargoyle and ROOter are just old OpenWRT reskins so don't bother. Zeroshell is dead.
FreshTomato and Gargoyle are the most beginner-friendly; OpenWRT and libreCMC are the most advanced.
You'd need to follow the commit logs to Git for example; https://git.openwrt.org/?p=openwrt/openwrt.git;a=log.
Packages would be different, as OpenWRT tends to download the sources from the original source to compile in the cross-compile toolchain for OpenWRT.
That's the problem with snapshot builds. Eventually the kernel dependencies for repo packages leave you behind. Only way to upgrade the kernel is to re-flash your device with a fresh snapshot. From the wiki:
> snapshots are built daily, and that sets time limits to installing new packages with opkg. Due to kernel version checksums, you can only install “kmod” kernel modules and other kernel version dependent modules from the exactly same snapshot build. So, a few hours after flashing the firmware you may not be able to install new modules with opkg any more (as the next snapshot has been built into the download repo and has different checksums).
Using standard releases avoids this problem.
best info i can find is on a forum thread at https://forum.openwrt.org/t/tp-link-tl-wr820n-v2-eu/60161
tldr, 1mb flash/8mb ram (8/32mb minimum for openwrt install), the forum OP was trying to solder replacement chips but hasn't updated thread since july
edit: seems there versions with 4/64 so dutch's advice might pan out. opening it up to see what SoC it has would be a good start https://openwrt.org/toh/tp-link/tl-wr820n
I would recommend Cleanbrowsing.org DNS servers instead of OpenDNS. They have IPv4 and IPv6 filtering as well.
OpenDNS appears to have stagnated since being purchased by Cisco.
​
DNS filtering is not enough, I would also recommend Qustodio for your kids devices. The combination of Cleanbrowsing and Qustodio works well here.
​
I've had no issues flashing different openwrt builds on their devices. Currently I have an AR150 with official openwrt, two x750's and a Mango V2 on ROOTER (openwrt fork with expanded modem support built-in). I can't specifically speak for the ar750s but I don't think you should have much issues with it.
Flashing these things with another firmware is pretty straightforward. Especially when reading the instructions on openwrt for this ar750s.
https://openwrt.org/docs/guide-user/virtualization/docker_host
You need OpenWRT 20.xx or higher.
- install docker-ce package for the commandline tools
- install luci-app-dockerman package to get a control panel for docker containers in Luci
So your OpenWrt only has 100mb ports and not 1gb ports? So yes, only full speed when connected to your cable modem. I would use the settings guide to make OpenWrt an dumb AP. https://openwrt.org/docs/guide-user/network/wifi/dumbap Basically turn off DHCP and routing, change the LAN IP to something in the 192.168.0.0 range (not in the range your cable modem is handing out), and plug your OpenWrt into cable modem using Lan port rather than the WAN port.
That will put all your devices on the same side of the firewall (being your ISP modem/router), which will make your life easier. It will mean you are not using the firewall features OpenWrt, but just using it like and AP.
I am on a similar hunt, but OpenWRT Wiki warns against buying the TP-Link:
>This device is NOT RECOMMENDED for future use with OpenWrt due to low flash/ram.DO NOT BUY DEVICES WITH 4MB FLASH / 32MB RAM if you intend to flash an up-to-date and secure OpenWrt version (18.06 or later) onto it! See <strong>4/32 warning</strong> for details.
Please make this clear and recommend what can be supported in the future.
​
I am looking for the ultra lowest cheapest (and possibly worst) AP that can be supported in the future, to be used just for Smart home devices.
PXE boot server with netboot image in usb drive mounted on startup. Comes handy when you need to boot into linux to remove virus/malware from Windows PC.
https://openwrt.org/docs/guide-user/services/tftp.pxe-server
>ath79 is the successor of ar71xx. It's modernization under the hood, with the main goal to bring the code into a form that is acceptable for Linux upstream, so that all (most) of the whole ar71xx supported devices can be handled by an upstream, unpatched Linux kernel.
https://openwrt.org/docs/techref/targets/ath79
HW offloading isn't related to the new ath79 target, but to the newer kernel versions (4.14+). So if 19.07 (or snapshot) of ar71xx should support it, too.
SQM essentially does that. Ask your friend to go to http://www.dslreports.com/speedtest on a wired connection (not WiFi) at a time when the Internet connection isn't being used for anything else (just for a couple of minutes), and have them tell you the download speed and upload speed. From there, you can set up SQM by following these instructions: https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm
It's really pretty easy.
You haven't mentioned which version you're using. The development snapshots don't incluse the web gui (luci), so if you're running those you'll definitely struggle to access the web gui.
One thing that newcomers have trouble understanding is that, in general, an operating system needs to be built for the hardware it runs on. If you come from a Windows background, then that means Intel compatible hardware and that's it, so the concept of different hardware (chipsets and CPUs) never really comes up.
In the small (embedded) devices world, there are tons of different hardware platforms. MIPS, ARM, TI, and hundreds more, plus different chipsets (Atheros, Broadcom, etc...). The operating system needs to be built for each of these and that's what that list is. The same OS, just different builds for different hardware.
For your model, the product page has the debug output and indicates that it is an Atheros 7 based system ("system type : Atheros AR7240 rev 2") and so the ar7 folder is the one you want.
You'll need to reference the product page to determine which hardware version of your router you have and that will tell you which image to use (most likely the tl-wr940 or tl-wr941 depending on the age of your router).
Maybe, but LXD is probably a better choice since "a LXD container gives you full ‘machine’ system functionality, not just a single process". I have tried openwrt in a LXD container myself.
Besides a GL-iNet router I also have two development models of this router, without an LTE connection. With that caveat, it works very well.
Flashing OpenWRT onto this is slightly tricky as there’s a firmware upload that is only in Chinese. But googling the characters tells you which option to pick and then you just upload your OpenWRT firmware image and go from there.
This router also has the only chip that OpenWRT supports hardware flow offloading:
https://openwrt.org/toh/recommended_routers#flow_offload_and_oem_throughput
I use Unbound DNS + AdGuardHome on my OPNSense installation, and I think you can recreate something similar on OpenWRT: https://openwrt.org/docs/guide-user/services/dns/unbound https://openwrt.org/packages/pkgdata/adguardhome
So example DNS query > AGH on port 53 > Unbound DNS on port 5353 > query sent to root zone servers in the event of a cache-miss.
You have to make sure what version you are using. The reason is following that guide you found only works in 18.06.x and 19.07.x versions. The last version (21.02) changed the swconfig to DSA. So, if you wanna config vlans you need to follow DSA guide. I saw a response of your post in the forum. That’s the correct answer. I use 3 vlans for guest iot and private.
Read this guide. https://openwrt.org/docs/guide-user/network/dsa/dsa-mini-tutorial
Start at the Table of Hardware. This also takes you to the TP-Link Archer C7 AC1750 page.
I'll be updating mine soon.
If your talking about packages, then the advice given is correct.
However, there is no GUI function for finding out if there is an update to the OpenWRT firmware.
Current stable release info -
Then it's even less likely that the device will be ported.
There very likely already are comparable devices that are supported by OpenWrt because someone put in the work and ported them. I'd suggest that you look at the Table of hardware and find a device that fits your needs instead of finding a device and then asking if it is supported or might be in the future.
Because at the end of the day porting such a device is done for free, so people only do it if there is something in it for them. I for instance ported a device because I have it here anyway. I wouldn't have done so if I didn't own the device.
Don't worry, I'll google it for you <puts on google t-shirt>
https://openwrt.org/meta/infobox/upgrade_packages_warning
xD
It seems that the first method described here https://openwrt.org/toh/xiaomi/mi_router_ac2100
just needs a ssh-client, which afaik Windows 10 now has as feature, or you could use PuTTY.
If you have to resort to the python PPPoE exploit I would recommend to borrow a PC with VT or use a raspberry, this would be harder to do on windows.
You'll have to install the package containing the kernel module that implements the driver for this card. A quick search indicates it may be this one here:
https://openwrt.org/packages/pkgdata/kmod-iwlwifi
From the command line run:
opkg update opkg install kmod-iwlwifi
There's a syntax for defining aliases (additional IP addresses for an interface) which is documented on the wiki:
https://openwrt.org/docs/guide-user/network/network_interface_alias
In terms of avoiding the DHCP range, just look at /etc/config/dhcp file, and pick an address that isn't in the range for the interface you are operating on.
Super simple I setup openwrt VMs frequently so the process is fresh in my mind.
Here's a written guide OpenWrt x86
The downloads for the images are in the same guide, it's pretty easy to miss if you scroll through the guide quickly without detailed reading. To be more exact ubder Download Images the "Go here" is the link that points towards the downloads page (I made it a link to it for your convenience).
From the Go here link you end up in OpenWrt's releases page. Pick the latest stable release which is 19.07.7. From clicking 19.07.7 you then click on targets, then you choose your platform (x86 in this case and it is at the bottom of the list), then you choose 64. Finally you can pick whichever image you would like to use (The guide linked above explains the pros/cons of each image). For ease of setup use the combined Images. Specifically the combined-squashfs if you want a way to factory reset things in case things go wrong sometime in the the future without having to reinstall through this same process again.
After you have your image of choice downloaded, just follow the guide and you should have a system up and running in less than an hour (or likely 20 minutes if you have some experience).
If you check the developer threads on OpenWRT, you can see that OpenWRT can already be installed on the Xiaomi models. It works okay, and it will work better by the time they're officially supported (Wifi speeds are mediocre right now, but it works).
And yes, the mt76 driver the X5000R uses on OpenWRT supports MU-MIMO and Beamforming, so that works.
In the long term, the Xiaomi's will probably be a better buy. In the short term, the Totolink has better software support (but worse hardware).
As you can see here, you should expect OpenVPN to perform at 20Mbps on the X5000R. The Xiaomi's are ca. 100 Mbps.
First thing that comes to mind, is what OpenWRT version are you on? You should expect 21.02.0-rc3 to have the most stability. So if your routers are on snapshot, it might be worth switching some/all of them to 21.02.0-rc3, because the issue may have been fixed there.
Of course, make sure your APs are set up correctly (DHCP, Firewall and dnsmasq disabled). Only use LAN ports to connect (because they're APs).
Your LAN protocol (Network -> Interfaces -> LAN) should be either Static address (e.g. 192.168.1.2), DHCP client or even DHCPv6 client. If you set your APs to DHCP(v6) client, you could then set Static DHCP leases (Network -> DHCP and DNS -> Static leases) in your main router. But Static address is generally recommended.
Lastly, you could try if the APs behave the same when wired up in parallel, instead of in series (even though it shouldn't make a difference).
Nope, I saw there was no stable builds (commit for support was in october 2019 and was not backported to stable) and I just went straight to latest RC2. I was trying to avoid having to manually install uhttpd/luci and remembered from previous snapshots having issues installing packages at a later date.
links to snapshots on techdata page in the table of hardware.
latest 21.02 build is RC3 and download links are listed under the ath79/generic target.
14.07 Barrier Breaker and 15.05 Chaos Calmer both had three release candidates prior to their first stable releases.
OpenWRT does not really support an in-place upgrade for base-files like a regular linux distro does because of lack of storage space on most devices.
Upgrading packages is fine, because those already go onto the overlay filesystem, and the new files overwrite existing files, so the space usage usually washes out to be the same.
Just do a regular sysupgrade to a newer snapshot image. The problem here is that you will need to reinstall all the packages you installed previously. Make sure to back up your old config first. Understand what the /etc/sysupgrade.conf file does.
AFAIK only lantiq based devices are supported. The modem always needs a closed source Firmware. At some point Lantiq (now acquired by Intel) allowed redistribution of some Firmware files but they don't support vectoring. So if you are on a vectoring enabled Line, you need to install a vectoring firmware. I guess that was too much trouble for other devices with included modem.
AFAIK one of the best lantiq VDSL routers is the BT HomeHub 5A (HH5A) that was given to many customers in the UK. It can be found on Ebay for a few bucks if you don't have to pay for oversea shipping. But you need to solder a serial line to the board for initial installation.
The HH5a has 2x2 N/AC dual band Wifi and 5xGbit ethernet and a lot of NAND Flash for all your Apps (128MB). But I guess the CPU is not the fastest anymore...
Imagebuilder is faster, since you don't have to build from source code, but instead use pre-built packages.
https://openwrt.org/docs/guide-user/additional-software/imagebuilder
Yes, this can be accomplished with a set of
cronjobs: https://openwrt.org/docs/guide-user/base-system/cron
The command wifi up will bring up all Wi-Fi interfaces, and wifi down... you can take it from here.
I'm sorry but it doesn't work like that. OpenWRT is a hobbyist firmware made by volunteers that has flaws and will require a good bit of work sometimes.
Sounds like you may need to do a TFTP firmware upgrade once; described on the R7800 page. https://openwrt.org/toh/netgear/r7800
The ASUS does NOT show on the “Table of hardware”:
https://openwrt.org/toh/start?dataflt%5BBrand*%7E%5D=Asus
The Linksys does appear, but only versions v1 and v2:
https://openwrt.org/toh/start?dataflt%5BBrand*%7E%5D=linksys
Beginners— especially — need to make sure that their model number matches exactly one that has been tested as good on this table.
Otherwise, you risk bricking your router and having a bad experience.
Unfortunately, router manufactures and open source advocates do not cooperate very well. Probably because government intelligence agencies expect routers to be hackable.
I'm in the same boat, but I have everything working except for a bridge to my network. The second I try to set up a bridge gateway between eth0 and bat0, the gateway can't ping any of my nodes.
​
I have everything set exactly like in here. Any tips?
​
> Also there is a patch for the flash chip so that you can still install the newer version, it wasn't clear if it worked.
One last point to clear up. There are actually two separate issues here that you've been muddling together. One is a software change: TP-Link changing their stock US firmware to make it more difficult to flash third party firmware (to prevent people from using WiFi channels that are illegal in the US). The other is a hardware change to the flash chip that was NOT done to keep people from switching to third party firmware. That was just a manufacturing decision they made for whatever reason (could be a business decision to get a better deal from the supplier, could be to improve reliability, could be any number of reasons). It's a change they made that requires newer software. If you look back at the part of the guide you were reading, you'll see that it's talking about Chaos Calmer. That's the 15.05 series, which is from 2015. The versions of OpenWRT that we've been talking about, 17.01.5 and 18.06.0, were developed after the flash chip change happened, so they already have the patch built-in. You do not need to do anything other than what I mentioned in my other comments.
Even for people who have Archer C7 v2's with serial numbers before 215C, if they installed a TP-Link US firmware update newer than a certain version, they too would get the third party firmware checking restriction. That's why I said (1) the file checking is done in software rather than hardware and (2) the flash chip change and the 3rd party firmware obstacle are two separate issues.
Does that make sense now?
Maybe you could try a different installation method. For example, if it didn't work in LuCI (the web interface), try upgrading from the command line (SSH).
If that doesn't work, maybe try reverting to factory firmware (Linksys firmware) temporarily, and then install 18.06 RC2 from there.
The problem is I can't seem to find much documentation for your specific router.
That's kind of freaky. I like the openwrt firmware: https://openwrt.org/
It's hard to say exactly what is going on there. I have seen malware infections on windows machines that do all sorts of weird things with the browser, but the problem with the ipad is strange. Maybe take the ipad to a starbucks and get online there and see if it still has problems.
Did your windows machine continue acting goofy after the reinstall? A possibility is that one of the machines was compromised with a nasty virus, and that virus targeted the router. If that's the case, you'll just about have to replace all the routers and reinstall the os on all the machines to be rid of it.
Openwrt will be inherently more secure than the default firmware, and my experience is that it is more stable as well.
I'm assuming this elusive UAP model is an UAP-v2? Did you see the "Note for UAP-v2" on OpenWRT Wiki? It seems v2 firmwares block custom firmware installation. That might be why there was no OpenWRT build made.
However, DD-WRT managed to get around it. So it seems there exists a flashing workaround and there's an official DD-WRT build for v2, but no OpenWRT build.
I don't know if DD-WRT is suitable for your purposes, but you could try it first. And if you want to return to stock, just use TFTP recovery. OpenWRT might also work, though it might have bugs because it's intended for a different device.
Openwrt can be a little intimidating for people who aren't familiar with linux. This community build here, https://davidc502sis.dynamic-dns.net, has the most common packages included. You may want to take a look at DD-WRT if you looking for a more out of box experience, https://dd-wrt.com. if you choose to stay with openwrt snapshot you will need to install every package and kernel module you will need. There is plenty of documentation on how to do this. If you have a more specific question I can try to help.
Edit: In addition the wrt routers have two paritions I recommend changing it back to the stock partition before you flash because if you flash from openwrt you will overwrite your factory firmware.
Hello I have been monitoring a similar setup w/ stable version on rpi3b+, and for metrics I use Prometheus exporter. This was lot easy to setup following this: https://grafana.com/grafana/dashboards/11147 Hope it helps.
The upload is not available on 18.06.x. It is avail on 19.07, but it is not stable yet. You can use the latest snapshot and it will have the upload capability via the web gui.
Ive also written a guide for Windscribe VPN here, it is fairly similar for NordVPN.
OK, that's enough of that.
After going through the process of installing OpenVPN and setting up NordVPN (which is apparently best done in the terminal which kinda makes the UI redundant), I found OpenWRT continued to be buggy with DHCP sometimes giving me an IP address and sometimes not. Even when it did, it was another 50/50 chance the VPN would connect.
I haven't got time for this shit so I've just re-flashed the device with GL-iNET's default firmware. It may be lacking in features, but basic functionality actually works! And the trouble I was getting with VPNs is less than the trouble OpenWRT was giving me so I'll just look for a way to mitigate that and avoid OpenWRT like the plague in future.
I'm making a couple assumptions here:
- The devices are plugged in via ethernet
- The device is fully configured. Both within your operating system and your bios.
- Your wireless Android device is on the same subnet as the devices your trying to wake
- Your sending your WOL packets to the broadcast address (192.168.1.255)
From there try using a WOL packet tester while your computer is on. It'll basically tell you if it received a WOL or not. From there you can either troubleshoot the device configuration or the way your sending them. I recommend this app as it has a nice widget.
I've made this mistake before, if you receive a packet using the tester, it is NOT a routing problem, it's a bad device configuration. The packet will get to that interface everytime as long as the device is configured properly and your sending to the broadcast address on the same subnet (NOT the devices IP address).
IIRC, the NordVPN guide is for a terminal (command line) install; for a graphical UI (LuCI) installation, follow this guide:
https://openwrt.org/docs/guide-user/services/vpn/openvpn/client-luci
Use steps 2-b, 4.1-b, and 6.1-b, and only refer to the NordVPN guide when needed - mostly for finding and downloading the server config file IIRC.
tinc or Wireguard may be smaller (and perform a little better than OpenVPN).
https://openwrt.org/docs/guide-user/services/vpn/tinc
https://openwrt.org/docs/guide-user/services/vpn/wireguard/start
edit: You'd probably server yourself better building your own image and strip it of things you don't need (PPP for example). You could also lose Luci to gain tonnes more space and manage everything via CLI
I don't really like the rpi series for much. There are faster and/or cheaper options (like the r4s I recommended above). So I don't really have much info on it's performance; you would need a USB 3.0 gigabit ethernet adapter to use an rpi as your router.
I'd try to avoid mesh networking if at all possible.
A couple of options to try for a single access point might be a ubiquiti AP-AC-LR or their newer Unifi 6 LR.
Alternatively you could grab a powerline adapter and use that to connect to a more centrally located AP (the cheapest 802.11ac ebay AP with openwrt support). I'd like to note that powerline adapters are like wifi in that their advertised speed is always lower than what one would see in real life; not such a big deal if you only want 200 Mbps though.
If you do insist on trying mesh wifi with openwrt I'd suggest you get an AP with a qualcomm/atheros(ath was bought by qualcomm) or mediatek chipset. So you can use something like 802.11r, 11k, and/or 11v for transparent roaming between AP's. I don't have any experience with mesh networking nor transparent roaming but from what I've read mesh networking is pretty slow and bad while transparent roaming can be difficult to set up.
Finding openwrt support and/or the chipset for any specific device will require finding out the full model and version on that device. You can then search for that along with openwrt or that along with wikidevi (the original wikidevi is down and replaced with wikidevi.wi-cat.ru, a good site, and deviwiki, an ad plagued site.)
I'm not sure if I covered that well. Let me know if something is confusing or poorly covered.
The OpenConnect package is OpenWRT dependent, not router dependent.
To see if your router is supported for OpenWRT firmware, check the Table of Hardware on the OpenWRT site...
> Do I really have to install OpenWRT SDK or Build System to access the opkg repository just to download individual packages?
If you have a mostly complete list of packages you need, use imagebuilder:
https://openwrt.org/docs/guide-user/additional-software/imagebuilder
At the very least if you know the packages required to activate the modem you can create an image with those and then pull down everything else from the rPi.
Why not get the supported snapshot from https://openwrt.org/toh/hwdata/belkin/belkin_rt3200?
Why go with the UBI image? What features do you get extra?
>I'm not sure where the most correct place to put the script itself would be, though.
For a quick hack, just put it in root home.
For a better approach, add btrbk to a secondary path (/usr, /opt, etc.), and create an OpenWrt service, and use that to run the scheduled task.
However I think the Perl runtime might be a bit too heavy for older hardware.
TBH, compiling OpenWRT from source is probably, definitely the easiest OS to compile from source (and I'm not even slightly exaggerating). If you use a Linux host, say a Debian based (Ubuntu, LMDE, Debian) and you install build-essential along with git and make, the git pull will grab everything needed.
https://openwrt.org/docs/guide-developer/toolchain/use-buildsystem
You then can configure the build options through a curses based UI, which has everything in easy to understand categories and build the whole system in one command. First build will take a while (per architecture used) due to toolchain compilation, but each build after will be faster.
For example; https://www.reddit.com/r/openwrt/comments/cpy6mm/how_small_can_1806x_be_packed_target_was_a_dlink/
just follow the usual step how to setup extroot, after that you can just follow that person's adguard home installation tutorial as usual.
as for the ram, you can also skip that as well if you add swap on your openwrt, with a USB drive, this is very possible. Just in case that your router is only running 128MB RAM or less.
https://openwrt.org/docs/guide-developer/adding_new_device
Find all the relevant chips on the board and then find another device that has already been ported with one of the chips so you can look at the code and see how they did it.
Have you tried doing a hard reset? There is a reset button at the back of the router which would restore it to factory defaults(In your case openwrt recovery defaults)
1) Power on the device and wait for the status led to stop flashing.
2) Press and hold the reset button for 10 seconds.
3) Release the reset button.
Refer: https://openwrt.org/docs/guide-user/troubleshooting/failsafe\_and\_factory\_reset#factory\_reset
Work out what the wan interface is called and configure it for dhcp using the config documentation here; https://openwrt.org/docs/guide-user/base-system/basic-networking
Then once you have that running, use opkg to install luci.
https://openwrt.org/docs/guide-user/luci/luci.secure
i dunno why it isn't default. might have something to do with certificates in the browser, and that more experienced people use ssh to configure the device.
Archer C7 v2 has 3 internal antenna for 2,4Ghz and 3 external antenna for 5Ghz band
here is Archer C7 OpnWrt page,folow the instructions to flash OpnWrt on it:https://openwrt.org/toh/tp-link/archer_c7
This can be configured via uci but there's no option in the web interface.
Have a look at the odhcpd reference. The option dns should be what you are looking for:
dns: DNS servers to announce on the network. IPv4 and IPv6 addresses are accepted.
I have used a similar option to disable the DNS entry in router advertisements for SLAAC altogether as clients got my PiHole address via DHCPv4.
Make sure you get the syntax right, there needs to be the zone prefixed to the actual option. In my case, for setting ra_dns to 0 i had to do
$ uci set dhcp.lan.ra_dns=0 $ uci commit
> The default 'cascaded double NAT' seems to apply...
You are correct, it does apply in this situation.
You're probably doomed to be using double NAT, most hotspots won't do a bridged mode. Even if they do, you're still behind the (probable) CGNAT of your wireless carrier, so you aren't going to be doing any port forwarding/etc anyway. You might get around this depending on what USB modes your modem supports, but if everything works right now I wouldn't bother with that yet.
As for the WiFi, it seems like you might be over thinking it a bit. You just need a basic WiFi configuration, with your AR750S setup in AP mode.
'Dumb AP' would only be used if you were not using the AR750S as a gateway/firewall. 'Bridged AP' is for making a wireless repeater (not useful if you already have a wired connection).
Hi I am working in something similar for my own network and here is what I can tell you.
Archer C7 v4 is very stable and performing despite not being very powerful. I use it as my main router. Archer A7 is not good, I have a very bad experience with it even though it is almost the same hardware.
Also can safely recommend https://openwrt.org/toh/hwdata/d-team/d-team_newifi_d2 which can be found on eBay already flashed. Has lots of ram, storage and USB 3.0. It seems it was designed with openwrt in mind for some weird cryptomining operation, consecutively is a low power but powerful CPU.
You should consider having as your main router a second hand x86 PC with a 4 port Intel NIC and install pfsense or opnsense on it. Can also prebuild devices for it on Amazon, AliExpress, etc.
Finally, regarding WiFi extenders or Dump APs my experience is that the best performance you can get is with stock firmware. I like very much a couple of Xiaomi routers: Redmi AC2100 and Mi AIoT Router AC2350. Both support MU-MIMO and can be bought in Europe for a very reasonable price, being the later one the best possible. There is a compromise here: Openwrt has lots of features no stock firmware has, such as fast transition standard but performance and stability is not the project main goals.
You need to install OpenWRT packages for the USB devices you want to use with your router. For instance, if you want to use USB storage, you should follow this guide.
There are also packages for certain USB printers, USB modems etc. OpenWRT Wiki has some good guides, so that'll likely be a good resource for you (especially if you're unfamiliar with OpenWRT).
I have a little bit of bad news, I finally read the GPL_README-WLR9500x.txt file in the source tarball and followed the directions for cross compiling the router firmware. Even though I'm using MSYS2 on Windows 10 it appears the make utility actually starts the build successfully!
However, a ccache step was using 20% cpu overnight but has no drive activity so it's stuck somehow. I've gotten no new output from the terminal in 12 hours.
Alternatively I'd think it might be possible to download the OpenWrt git and take information from the tarball to add support for your device. But right now that's beyond my abilities, could possibly try connecting to their IRC channel to ask about it.
Ironically I have a TP-Link Archer A7 router that's nearly brand new sitting in my closest. It has good support in OpenWrt. If you'd like it I'd be more than happy to ship.
This would be the place to start to at least gather more information:
https://openwrt.org/docs/guide-developer/hw.hacking.first.steps
I have personally not have any problems (on OpenWRT 19.07.7) using it either as an AP, router or client. From a quick look online, the WR802N v4 seems to be pretty reliable too.
I'm assuming your Mikrotik is acting as router (so DHCP server, local DNS, Firewall etc.) and you're trying to use the WR802N v4 as just an AP? Because it seems to be a configuration (not device) problem; the most likely culprit is DHCP being left enabled on the WR802N.
This would be entirely consistent with your reported issues (DHCP devices would be connected for a few hours at best, until a new DHCP lease from one router would leave the other router in the dark). Double DHCP is no fun whatsoever.
Make sure to follow the OpenWRT Wiki for getting a correct configuration as AP (meaning disabled DHCP, Firewall and dnsmasq).
Configuration on stock firmware might be more straightforward, as selecting "AP Mode" would probably disable all these functions outright. OpenWRT is a bit more granular/technical; all functions are controlled independently (no "AP mode", just configs that entail it). Fortunately, OpenWRT has a comprehensive and helpful Wiki that covers many different configs, like the "Dumb AP" config in this case.
Oh this is exactly what I wanted; i was trying to set up a guest network.
I had been trying to figure out setting up the secondary network and associating that with the guest WIFI network (using the same radio, just different APs and ESSIDs) on my own but wasn't having much luck.
After following this I got a working guest network set up.
So between that and figuring out the authoritative/non authoritative DHCP thing everything is hunky dory now.
service is actually the proper way to start/stop OpenWRT services.
OPs issue sounds awfully much like they set-up server in tap mode instead of tun.
Nice it worked out in the end. Note that you could've alternatively used TFTP recovery for flashing. I personally flashed my WA801NDv3 that way (using Tftpd64), and it works great.
I meant USB for using a 3g/4g USB modem, in case WAN dies (say, issues with your ISP or something else idk).
I can recommend adblock and luci-app-adblock. Simple to setup, easy to add extra black/whitelist options, and fairly lightweight.
Anyways, here's a few tips when searching the TOH:
- Anything below 64MB flash and 128MB ram is a no-go. Sure, it'll work, but particularly with adblocker and SQM (QoS), anything less might be problematic.
- Check your local Craigslist, FB Marketplace, eBay, etc for deals. Rather than looking through the TOH for a device, then scouring the second hand marketplace, try doing the opposite. Look to see what kind of devices you might be able to get, then look up their specs on the wiki.
- The TOH has an "ideal for OpenWRT section" here.
If you just want to test things, why not try this https://openwrt.org/docs/guide-user/virtualization/virtualbox-vm
I would suggest backing up an archive of your settings if you're using a real router to test on.
Seems like a known issue for the EU/RU version: 5GHz WLAN has greatly reduced speed, range and stability as of openwrt 19.07
So it's probably not an error in your configuration, just an unresolved firmware issue...
It might get better or worse with different 5GHz channels though.
TFTP flashing should still work. You should definitely rename the OpenWRT factory.bin to ArcherC7v5_tp_recovery.bin (weirdly, it's not Archer*A*7v5_tp_recovery.bin).
You should probably also keep holding reset for longer (ca. 20 seconds after boot).
TP-Link only "hardens" uploading through web interface, not TFTP :)
This one: https://openwrt.org/toh/tp-link/tp-link_archer_c2600_v1
Notice it has 4 external antennas. It is discontinued, so you'll likely have to find one second-hand. It is a lot faster than the Archer C7, but also more expensive (but probably below €100).
You can try following these steps in CLI to configure upstream Wifi as WWAN. Your 6400v4 needs to be on a different subnet than upstream (e.g. IP of 192.168.2.1 instead of 192.168.1.1). Then you need to enter upstream Wifi information in CLI to connect as client.
You could also try building your own OpenWRT .bin with LuCI preinstalled and flashing that, or you could maybe connect wired WAN.
https://openwrt.org/docs/guide-user/troubleshooting/backup_restore#web_interface
You should be able to add the config files for all of that too this so they get restored in the backup. At the very least you can download the backup, update, reinstall, then restore the config.
Depending on the router, please don't install stock firmware again.
If you ever decide you want to use OpenWRT, you will have to reflash the device. That might involve opening it and accessing the serial port, or even using a JTAG programmer. (It might also be pretty easy. Eg, tftp boot, but idk without knowing the model)
Just stick with OpenWRT. Whoever the previous owner was did the hard work for you. Try the default root password of nothing. If that doesn't work, follow this page on how to reset the thing.
I just bought the TP-Link Archer C7 AC1750 (https://openwrt.org/toh/tp-link/archer_c7), which seems to be the "little brother" of the C2600 for 50 EUR. You can still find them everywhere here in Germany.
It only has three antennas and less Flash & RAM than the C2600, but apart from that seems to be pretty identical to the C2600 for half the price.
>It’s like the upgraded package does not overwrite the outdated package.
It doesn't, packages get installed to the overlayfs, this is by design.
How to fix
TOTOLINK X5000R is the only Wi-Fi 6 router with functional OpenWRT build. Someone is working on Belkin RT3200 and Linksys E8450.
Take a look at the table of recommended Hardware. AFAIK there is no consumer device supported by OpenWRT with a WAN port supporting 2,5Gbit.
You could check out the Netgear R7800 only 1 Gbit WAN, but good Wifi Performance, 4 Ethernet ports and should be powerful enough to manage VPNs.
sorry I thought you were stuck at mounting lol
use this guide
keep in mind Windows machines cannot read or write ext4 format
https://openwrt.org/docs/guide-user/services/nas/samba_configuration
You can try, the release pages say that keep settings should work between 18 and 19 versions.
If you try it just download a full backup of your settings, and save a copy of the 18.06.4 system upgrade locally. You can always go back to that version, re-install all of your packages, then upload your settings backup.
If you can't upgrade there are a list of commands you can run to mitigate the DNS vulnerabilities here but these may affect performance, and you will lose DNSSEC which is itself a security concern.
developement snapshot releases (as linked from the guide) do not come with luci (the web interface) installed. you will have to use opkg to install it but unless you need something from the development snapshot that is not available in the stable release it seems safer and easier (to avoid conflicts which will prevent installing of packages at a later date) to download and flash a stable release release. there appears to be a build for that router in https://downloads.openwrt.org/releases/19.07.5/targets/lantiq/xrx200/
instructions for upgrading from commandline are at https://openwrt.org/docs/guide-user/installation/sysupgrade.cli
Firewall tab. Make rule(s) to permit the desired IP's/networks and an additional rule to block all else.
Information on the firewall rules; https://openwrt.org/docs/guide-user/firewall/firewall_configuration
DSA is a stretch goal for OpenWrt 20.XX.
DSA was specifically designed by and for Marvell's switch ASICs, but is being slowly generalized to everything else too. It's probably very likely that any new high-consumer / low-end business rackmount switches with Marvell switch ASICs will be easy to get DSA working on.
The problem is that OpenWrt has about a 5-year lagtime on average for being ported. I've been working on and off porting the P2041-RDB board from 2012ish, for example ...
Best way to accelerate development is to get your hands dirty.