Skip to content

OpenWrt

Is an Operating System based on Linux for network router devices. Few devices I own that can run it: Raspberry Pi, Xiaomi AX3200, TP-Link TL-WR841N

Links: - Website - Forum

Hardware

  • Check the Table of Hardware
  • Annotation is RAM/ROM
    • 4/32 is deprectiated
    • 8/64 will be soon (in ~2023)
    • 16/128 is recommended
  • A great device (for me) is Xiaomi AX3200

Generic x86/64 (VM)

  • Follow this guide to install on VirtualBox
  • After LAN setup, the LUCi interface is available on 192.168.56.2

Software

  • Additional packets
    • It uses LuCI as the user front-end
    • You can use iPerf to measure performance
    • AdGuard Home can be installed - package adguardhome - see AdGuard Home
    • Tailscale can be installed - documentation
    • Let's Encrypt can be installed with acmesh - package acme acme-dnsapi luci-app-acme
      • If you use Cloudflare, you'll need: dns_cf and 3 variables: CF_Token (API) and CF_Account_ID + CF_Zone_ID (visible in the Cloudflare dashboard)
    • Dynamic DNS can be installed with luci-app-ddns
  • Get logs by using logread

WAN

  • Bridge is impossible to do on some routers (like Livebox 5)
  • Workaround: firewall to Low and DMZ to the OpenWrt box

WLAN

IoT Network without internet access

  • Create an additional Wi-Fi network
  • Use the same zone than you main network
  • Define an additional firewall rule to prevent the connection to internet - Guide
    1. Navigate to LuCI → Network → Firewall → Traffic Rules.
    2. Click Add and specify:
      • Name: Filter-Parental-Controls
      • Protocol: Any
      • Source zone: lan
      • Destination zone: wan
      • Action: reject
    3. (Optional) If you want to add a MAC or IP limitation, on the Advanced Settings tab specify:
      • Source MAC address: 00:11:22:33:44:55
      • Source IP address: 192.168.1.2
    4. Click Save, then Save & Apply.

Interfaces

Default IPv6 configuration

  • Interface → LAN
    • Advanced Settings
      • IPv6 Assignment Lenght: 60
    • DHCP Server - IPv6 Settings
      • NDP-Proxy: disabled