OpenWrt

Is an Operating System based on Linux for network router devices. Few devices I own that can run it: Raspberry Pi, Xiaomi AX3200, TP-Link TL-WR841N

Links

• Website
  • Download
  • Firmware selector
• Forum

Hardware

• Check the Table of Hardware
• Annotation is RAM/ROM
  • 4/32 is deprectiated
  • 8/64 will be soon (in ~2023)
  • 16/128 is recommended
• Possibilities
  • A great device (for me) is Xiaomi AX3200
  • GL.iNet is using OpenWrt as a base

Generic x86/64 (VM)

• Follow this guide to install on VirtualBox
• After LAN setup, the LUCi interface is available on 192.168.56.2

Software

• Build custom builds using OpenWrt ASU
• Additional packets
  • It uses LuCI as the user front-end
  • You can use iPerf to measure performance
  • AdGuard Home can be installed - package adguardhome - see AdGuard Home
  • Tailscale can be installed - documentation
  • Let's Encrypt can be installed with acmesh - package acme acme-dnsapi luci-app-acme
    • If you use Cloudflare, you'll need: dns_cf and 3 variables: CF_Token (API) and CF_Account_ID + CF_Zone_ID (visible in the Cloudflare dashboard)
  • Dynamic DNS can be installed with luci-app-ddns
• Get logs by using logread

WAN

• Bridge is impossible to do on some routers (like Livebox 5)
• Workaround: firewall to Low and DMZ to the OpenWrt box

WLAN

• Guest Wi-Fi: Guide and additional tuning
• Apple iOS devices cannot connect to WPA2/WPA3

IoT Network without internet access

• Create an additional Wi-Fi network
• Use the same zone than you main network
• Define an additional firewall rule to prevent the connection to internet - Guide
  1. Navigate to LuCI → Network → Firewall → Traffic Rules.
  2. Click Add and specify:
     • Name: Filter-Parental-Controls
     • Protocol: Any
     • Source zone: lan
     • Destination zone: wan
     • Action: reject
  3. (Optional) If you want to add a MAC or IP limitation, on the Advanced Settings tab specify:
     • Source MAC address: 00:11:22:33:44:55
     • Source IP address: 192.168.1.2
  4. Click Save, then Save & Apply.

Interfaces

Default IPv6 configuration

• Interface → LAN
  • Advanced Settings
    • IPv6 Assignment Lenght: 60
  • DHCP Server - IPv6 Settings
    • NDP-Proxy: disabled

Statistics