Difference between revisions of "Mesh/OpenWRT"
| (3 intermediate revisions by the same user not shown) | |||
| Line 43: | Line 43: | ||
|   telnet 192.168.1.1 |   telnet 192.168.1.1 | ||
| (I've found that if you get an error here--like no path to host or connection refused--immediately after flashing, unplugging the router and plugging it back in is useful) | |||
| If it asks for a password use 'passwd' (without the quotes). | If it asks for a password use 'passwd' (without the quotes). | ||
| Line 484: | Line 486: | ||
|    sudo /etc/init.d/network-manager start |    sudo /etc/init.d/network-manager start | ||
| = OpenWRT on a VM =  | |||
| For some development, it might be easier to run OpenWRT on a virtual machine. This keeps you from having to worry about a bunch of wires and carrying around a router everywhere and mostly keeps you from having to deal with flashing and some other more unpleasant stuffs.  | |||
| OpenWRT has a page on how to setup a VM on virtualbox: | |||
| [http://wiki.openwrt.org/doc/howto/virtualbox OpenWRT Virtualbox HowTo] | |||
| This page has some helpful hints, especially on setting up network configurations: | |||
| [http://ediy.com.my/index.php/blog/item/31-openwrt-in-virtualbox OpenWRT in VirtualBox] | |||
| I've uploaded an already setup VM with a basic dev environment here: | |||
| [https://github.com/max-b/sudomesh-dev-vm Pre-configured VM] | |||
| The readme page should have some details on how to set it up and work around some issues. | |||
Latest revision as of 12:54, 15 August 2013
OpenWRT installation
Web interface method
- Power on router and let it boot.
- Press and hold power button for 30 seconds.
- Wait for router to reboot.
- Connect to the access point using LAN.
- Go to web interface, e.g. http://192.168.1.1/
- If this doesn't work, look up the reset method for your specific router.
- Find the firmware upgrade page.
- On your computer, download the firmware.
- Different versions are here.
- The snapshots directory has recent development versions.
- If you have a WRT54G you probably want [1] assuming 12.09 (attitude adjustment) is the most recent stable version.
- If you have an Asus RT-N10+, you probably want [2] assuming 12.09 (attitude adjustment is the most recent stable version.
- Upload the firmware using the web form and wait for the router to reboot.
TFTP method
This requires that the router has a TFTP server enabled. Type these commands with the router powered off, then power on the router and it should work. For some routers (like the Asus RT-N10+) you have to hold down the reset button while you plug in the power, and keep it held in for a few seconds after. For some routers, your laptop must have a specific IP, otherwise the tftp won't work. See the "Router-specific notes" section of this page.
tftp 192.168.1.1 binary rexmt 1 timeout 60 trace tftp> put firmwarefile.bin
If it doesn't work, try omitting the "rexmt 1" line.
Curl method
You may use the command line tool 'curl' on Linux and Mac OS X systems to send files to your router. For instance, to flash the firmware of the Asus R10+ router, using 'curl' instead of tftp, you can issue the following command:
$ curl -T openwrt-ramips-rt305x-rt-n10-plus-squashfs-sysupgrade.bin tftp://192.168.1.1
OpenWRT configuration
Logging in and setting root password
Telnet into the device:
telnet 192.168.1.1
(I've found that if you get an error here--like no path to host or connection refused--immediately after flashing, unplugging the router and plugging it back in is useful)
If it asks for a password use 'passwd' (without the quotes).
Set a root password on the router:
passwd
Verify that you can log in using ssh from your computer:
ssh root@192.168.1.1
If you can ssh into the router, disable telnet:
rm /etc/rc.d/S50telnet
Enabling TFTP
Operating Systems: TFTP clients
Debian or debian-based systems (e.g. Ubuntu and Mint)
Install tftp client:
sudo apt-get install tftp
Other GNU/Linux systems
Using whatever your Linux distribution's package management might be, search for an install the tftp client package.
Windows 7/Server 2008
TFTP is disabled by default. In Control Panel > Programs and Features, click on Turn Windows features on or off, find TFTP Client and tick the box. You should now be able to use TFTP from the command prompt
Enabling TFTP on various routers
WRT54G / WRT54GL
If you're on an WRT54G or WRT54GL then you should do this to enable TFTP. If you're not on one of those routers, then don't do it!
It makes it easier to upgrade the firmware and recover from serious problems.
CAUTION: This will reboot your router.
nvram set boot_wait=on nvram set boot_time=10 nvram set wait_time=10 nvram commit && reboot
Asus RT N10+
- This router has TFTP enabled out of the box. You _must_ set your computer's IP address on ethernet, however, to '192.168.1.15' in order to be able to use a command-line TFTP client. See more detailed instructions below.
Enabling wifi
OpenWRT has wifi disabled per default.
vi /etc/config/wireless
Remove the line indicated:
config wifi-device radio0 option type mac80211 option channel 11 option macaddr 00:1c:10:bc:a7:1f option hwmode 11g # REMOVE THIS LINE TO ENABLE WIFI: option disabled 1
Reboot.
Wait a few minutes, then ssh back into the router.
Run 'wifi'. You should see the following:
root@OpenWrt:~# wifi Configuration file: /var/run/hostapd-phy0.conf Using interface wlan0 with hwaddr 00:1c:10:bc:a7:1f and ssid "OpenWrt"
Connecting to wifi
You will need internet access to install packages and other things. Edit your config wifi-iface section to match the example below.
vi /etc/config/wireless
config wifi-iface option device radio0 option network wwan option mode sta option ssid sudoroom option encryption none
If you're on an encrypted network add the following options...
option encryption psk2 option key 1234567890
Next add the "wwan" interface.
vi /etc/config/network
config interface wwan option proto dhcp
Restart networking and you should be set. /etc/init.d/network restart
There are a few other issues that might come up if you're trying to connect to the internet through the device. One is that 192.168.1.1 is a common ip (subnet?) for home routers. If you're connecting from your computer to your open-wrt router over 192.168.1.1 and the wifi router you're attempting to connect to is also on 192.168.1.1, there will be a (routing?) problem connecting to the internet.
One easy fix is to edit your networking config file so that the open-wrt router is on a different subnet.
vi /etc/config/network
config interface lan option ifname eth0 option type bridge option proto static option ipaddr 192.168.2.1 option netmask 255.255.255.0
If you restart networking on the device after changing your lan ip address, you will be disconnected from your terminal session. Log back in using the new ip address. (You may have to manually update your ip address on your computer).
You may need to assign yourself a new manual IP
sudo ifconfig eth0 192.168.2.2 netmask 255.255.255.0 up
There may also be a need to update your nameserver.
vi /etc/resolv.conf
search lan nameserver 192.168.1.1
Where 192.168.1.1 is the ip address of the wireless router you are attempting to connect to the internet over.
After making the changes, restart networking.
/etc/init.d/network restart
Installing BATMAN
Online
Use these instructions if your router is connected to the internet:
ssh root@192.168.1.1 opkg update opkg install kmod-batman-adv
Manually / Offline
If your router does not have internet connectivity when installing, then use these instructions.
Download these packages from:
http://downloads.openwrt.org/<openwrt_version_name>/<openwrt_version_number>/<chipset_name>/<type>/packages
Go to http://downloads.openwrt.org and browse to the correct directory. If there are multiple types, you probably want the 'generic' one, but check with the OpenWRT wiki page for your device to make sure.
These are the required packages:
kmod-batman-adv_<version>_<chipset>.ipk kmod-lib-crc16_<version>_<chipset>.ipk
Use scp to copy them to the router:
scp kmod-*.ipk root@192.168.1.1:
Then ssh into the router and install them:
ssh root@192.168.1.1 opkg install kmod-*.ipk
Configuring BATMAN
See Mesh/BATMAN.
Router-specific notes
Actiontec MI424-WR
NOTE: The wifi adapter does not work on Attitude Adjustment on this router. It looks like it could be an incompatibility of versions between the kernel modules of the wifi driver and other kernel modules. Compiling OpenWRT manually might work
These instructions tested with the version A.
Getting the MAC address of the WLAN interface
Turn the router off. Hook up your laptops ethernet port to the wlan port of the router. Make sure you have wireshark installed:
sudo apt-get install wireshark
Give yourself a static IP address. The easiest way is to turn off network manager and set it manually, but this will probably cause you to loose internet connectivity until you turn network manager back on.
sudo /etc/init.d/network-manager stop sudo ifconfig eth0 192.168.1.2 netmask 255.255.255.0 up
Now start wireshark as root.
sudo wireshark
Ignore the warnings and click through any other "helpful" dialogs that pop up. In the menu, click Capture -> Options. Click the Capture textbox next eth0. Make sure the following bottom right checkboxes are ticked "Update list of packets in real time", "Automatic scrolling in live capture" and "Hide capture info dialog" and click the Start button.
Now turn the router on and wait for some info to show up in the window. Give it 30 seconds, then hit the stop button in wireshark (in the top menu bar, fourth button from left). Click on one of the items in the table that do not say 192.168.1.2 in the Source column. In the view below the table, there are several fields with plus-signs next to them, beginning with text like "Frame" and "Ethernet". Find the one called Ethernet II and find the stuff after the "Src:" in parenthesis that looks like "00:16:d3:2f:dd:a1" (your numbers and letters will be different). Write down those numbers and letters and colons. You may need them later. Now close wireshark.
Now you need to install a new RedBoot:
TODO (this section of the guide not yet written) see http://wiki.openwrt.org/toh/actiontec/mi424wr#jungo.openrg
After installing the new RedBoot:
With your ethernet cable still plugged into the your laptop and the wlan port of the router, and making sure you still have an ip iddress like 192.168.1.2: Turn off the router, then hold down the reset button on the router while turning the router on and continue to hold the reset button until a red light comes on (and maybe for a second longer than that), then let go. Now do:
telnet 192.168.1.1 9000
You should see a prompt like this:
RedBoot>
TODO (this section of the guide not yet written). You basically have to start a local tftp server and use redboot to load the images into memory and create a bootscript like on the meraki mini, except you don't need serial. See http://wiki.openwrt.org/toh/actiontec/mi424wr#redboot
The packages to install to enable wifi (if it actually worked) are:
kmod-eeprom-93cx6_3.3.8-1_ixp4xx.ipk kmod-lib-crc-itu-t_3.3.8-1_ixp4xx.ipk kmod-rt2500-pci_3.3.8+2012-09-07-3_ixp4xx.ipk kmod-rt2x00-lib_3.3.8+2012-09-07-3_ixp4xx.ipk kmod-rt2x00-pci_3.3.8+2012-09-07-3_ixp4xx.ipk
Ubiquiti
Tested and working on:
- Bullet M5
- Bullet 2 HP
- Picostation 2 HP
Press and hold the reset button while plugging in the powered ethernet cable. Keep holding the reset button. Look at the LED above the power LED. It will turn on, then turn off, then turn on again. Release the reset button when it turns on the second time.
The Bullet will now be running a TFTP server 192.168.1.20
Ensure that you have an IP address different from 192.168.1.20 and in the 192.168.1.x range.
You may want to stop network-manager (I believe Ubuntu mostly)
sudo /etc/init.d/network-manager stop
On most linux machines (assuming your ethernet interface is eth0) setting your ip address looks like this:
sudo ifconfig eth0 192.168.1.12 netmask 255.255.255.0 up
Afterwards do the following:
tftp 192.168.1.20 binary rexmt 1 timeout 60 trace tftp> put firmwarefile.bin
Where firmwarefile.bin is the name of the firmware file you want to flash.
Assuming you want to run Attitude Adjustment, the correct firmwares for tested routers are:
Bullet M5: openwrt-ar71xx-generic-ubnt-airrouter-squashfs-factory.bin Bullet 2 HP: openwrt-atheros-ubnt2-squashfs.bin Picostation 2 HP: openwrt-atheros-ubnt2-pico2-squashfs.bin
You will see a bunch of lines like this:
sent DATA <block=13468, 512 bytes> received ACK <block=13468>
Once those lines stop coming the router will take somewhere between 1 and 7 minues to stop flashing its lights at you, then it will reboot. DO NOT unplug or turn off the router until it presents two adjacent green LEDs and has done so for 10+ seconds. On the older routers the upgrade can take much longer than on the newer routers so be patient.
Note, that if you're flashing AirOS instead, at least the Bullet M5 series will remember setting between firmware upgrades and others may do so too. To reset username / password / ip address and other settings to factory default, first let the router boot, then press and holde the reset button until more lights come on and release. Wait for the factory reset to complete (a minute or two) and try to access 192.168.1.1 in a browser (ensure that your own ip is in the 192.168.1.x range). Note: This procedure seems to have no effect on the Bullet 2 HP, but works on the Bullet M5. It could be that the Bullet 2 HP does not persist settings across firmware upgrades, and so doesn't have the factory reset procedure.
Ubiquiti in Windows
from the directory where you stored the .bin file:
>tftp -i 192.168.1.20 PUT openwrt-atheros-ubnt2-squashfs.bin
Downloads within a minute, wait about 5 minutes to finish installing...
ARCFlex Freestation 2
The Freestation is based on the 8Devices Carambola board, which interestingly is pretty cheap at 22 euro. We would have to solder an ethernet jack and and antenna and add a case.
- The OpenWRT wiki page for the Freestation
WARNING: The following instructions will leave your router in a state where the serial console is needed to recover.
There seem to be some problems with the OpenWRT Freestation image:
- The main ethernet port is seen by OpenWRT as the WLAN port and will try to get an IP address with DHCP, but the DHCP Discover messages will be tagged with VLAN ID 1, so you have to set up VLAN support and a eth0.1 interface with a DHCP server on your laptop in order to give it an IP.
- Giving it an IP won't help you though, since neither web server nor ssh nor telnet is enabled on the WLAN port.
- The other ethernet port seems to have nothing running on it. Not even a DHCP client. Also, be careful not to plug PoE stuff into your laptop. The PoE passthrough _should_ be disabled per default in OpenWRT, but you never know!
The image to use is the ramips-rt305x. The image we tried was:
openwrt-ramips-rt305x-freestation5-squashfs-sysupgrade.bin
Note that it says freestation5, but works just as well on the Freestation 2. Firmware upgrade happens via the web interface, but you have to rename the file to .img instead of .bin, otherwise it won't be accepted. You may have to upgrade to the newest version of the official Freestation firmware (ARC-OS) before it's possible to upload the OpenWRT firmware file.
Asus RT-N10+
This router has TFTP enabled out of the box. You _must_ set your computer's IP address on ethernet, however, to '192.168.1.15' in order to be able to use a command-line TFTP client:
On Ubuntu 12.10 with an Asus RT N10+ router:
- Unplug the router, but make sure it's attached to the ethernet port in your laptop via one of the four yellow ethernet ports on the router (not the blue one).
- Manually set a static IP by editing your interfaces config file:
sudo nano /etc/network/interfaces
- Add the following:
auto eth0 iface eth0 inet static address 192.168.1.15 netmask 255.255.255.0
- Save and close. To test, type 'ifconfig' in the terminal. You should see the IP address for eth0 is now set to 192.168.1.15
- Reset eth0 by typing the following commands:
ifup eth0 ifdown eth0
- Run tftp (Go to tftp section of this wiki page, above)
- You will have to hold down the reset button while you plug in the power, and keep it held in for a few seconds after, in order to enableTFTP.
Meraki mini
None of the methods on the openwrt wiki page worked, so I had to resort to using the serial console.
- Open the router (two screws behind the sticker).
- Connect a USB to 3.3v serial adapter to the serial pins.
Serial pins with the antenna pointing away from you and the ethernet port pointing towards you, from left to right:
1: 3.3v 2: TX 3: RX 4: GND
The router may either be using 9600 or 115200 baud. Other settings are 8N1 with software and hardware flow control turned off.
Start minicom with e.g:
minicom -o -D /dev/ttyUSB0
Then configure by hitting ctrl+a followed by an o. Use the arrow keys to select "Serial port setup" and adjust settings. When done, hit escape once or twice to exit the menu. Optionally you can choose to "Save setup as dfl" to save the settings for next time.
When you plug in the router with the serial connected, you should see the following line:
== Executing boot script in 2.000 seconds - enter ^C to abort
Once you see that line, immediately hit ctrl+c.
You will then get a RedBoot prompt like this:
RedBoot>
Leave that sitting in its window for a bit. You'll need it later.
You will now need to set up a tftp server on your computer.
Install the tftp server:
sudo aptitude install tftpd-hpa
Make sure it isn't running with default parameters:
sudo /etc/init.d/tftpd-hpa stop
Download openwrt:
cd mkdir openwrt_for_meraki_mini cd openwrt_for_meraki_mini wget http://downloads.openwrt.org/attitude_adjustment/12.09/atheros/generic/openwrt-atheros-vmlinux.gz wget http://downloads.openwrt.org/attitude_adjustment/12.09/atheros/generic/openwrt-atheros-root.squashfs
You may want to get a different version than attitude adjustment stable. Just make sure you get the two files ending in vmlinux.gz and root.squashfs, and make sure you get them for the atheros chipset.
Ensure that NetworkManager is not managing your network card. The easiest temporary way of doing this is to stop NetworkManager:
sudo /etc/init.d/network-manager stop
Change the IP of your network card to 192.168.84.9:
sudo ifconfig eth0 192.168.84.9 netmask 255.255.255.0 up
cd into the directory where the .gz and .squashfs files are located, then start the tftp server:
sudo in.tftpd -l -L -p --address 192.168.84.9 --secure ./
It doesn't tell you it's been started, it just sits there waiting. You can test that it's working using:
curl tftp://192.168.84.9/openwrt-atheros-vmlinux.gz > /tmp/out.gz
Which should download the .gz file to /tmp/out.gz
Now, go back to the RedBoot console waiting for you in minicom:
Execute the following commands, pressing y when asked questions. The "fis create" commands will take a long time to complete.
 RedBoot> ip_address -l 192.168.84.1 -h 192.168.84.9
 RedBoot> fis init
 RedBoot> load -r -b 0x80041000 -m tftp -h 192.168.84.9 openwrt-atheros-vmlinux.gz
 RedBoot> fis create -r 0x80041000 -l 0x180000 -e 0x80041000 linux
 RedBoot> load -r -b 0x80041000 -m tftp -h 192.168.84.9 openwrt-atheros-root.squashfs
 RedBoot> fis create -r 0x80041000 -l 0x620000 rootfs
 RedBoot> fconfig -d boot_script_data
    fis load -d linux
    exec
 RedBoot> reset
Thanks to the Hack Notes blog for the above RedBoot commands.
After the router resets, you should have OpenWRT running in the serial console. Change your IP address again:
sudo ifconfig eth0 192.168.1.100 netmask 255.255.255.0 up
Now you should be able to telnet into the meraki:
telnet 192.168.1.1
If it worked: Hurray!
When you're done, remember to re-enable network manager:
sudo /etc/init.d/network-manager start
OpenWRT on a VM
For some development, it might be easier to run OpenWRT on a virtual machine. This keeps you from having to worry about a bunch of wires and carrying around a router everywhere and mostly keeps you from having to deal with flashing and some other more unpleasant stuffs.
OpenWRT has a page on how to setup a VM on virtualbox:
This page has some helpful hints, especially on setting up network configurations:
I've uploaded an already setup VM with a basic dev environment here:
The readme page should have some details on how to set it up and work around some issues.