Mesh/OpenWRT

Revision as of 18:30, 17 June 2013 by Juul (talk | contribs) (→‎Ubiquiti)

OpenWRT installation

Web interface method

  • Power on router and let it boot.
  • Press and hold power button for 30 seconds.
  • Wait for router to reboot.
  • Connect to the access point using LAN.
  • Go to web interface, e.g. http://192.168.1.1/
If this doesn't work, look up the reset method for your specific router.
  • Find the firmware upgrade page.
  • On your computer, download the firmware.
Different versions are here.
The snapshots directory has recent development versions.
If you have a WRT54G you probably want [1] assuming 12.09 (attitude adjustment) is the most recent stable version.
If you have an Asus RT-N10+, you probably want [2] assuming 12.09 (attitude adjustment is the most recent stable version.
  • Upload the firmware using the web form and wait for the router to reboot.

TFTP method

This requires that the router has a TFTP server enabled. Type these commands with the router powered off, then power on the router and it should work. For some routers (like the Asus RT-N10+) you have to hold down the reset button while you plug in the power, and keep it held in for a few seconds after. For some routers, your laptop must have a specific IP, otherwise the tftp won't work. See the "Router-specific notes" section of this page.

tftp 192.168.1.1
binary
rexmt 1
timeout 60
trace
tftp> put firmwarefile.bin

If it doesn't work, try omitting the "rexmt 1" line.

Curl method

You may use the command line tool 'curl' on Linux and Mac OS X systems to send files to your router. For instance, to flash the firmware of the Asus R10+ router, using 'curl' instead of tftp, you can issue the following command:

  $ curl -T openwrt-ramips-rt305x-rt-n10-plus-squashfs-sysupgrade.bin tftp://192.168.1.1

OpenWRT configuration

Logging in and setting root password

Telnet into the device:

telnet 192.168.1.1

If it asks for a password use 'passwd' (without the quotes).

Set a root password on the router:

passwd

Verify that you can log in using ssh from your computer:

ssh root@192.168.1.1

If you can ssh into the router, disable telnet:

rm /etc/rc.d/S50telnet

Enabling TFTP

Operating Systems: TFTP clients

Debian or debian-based systems (e.g. Ubuntu and Mint)

Install tftp client:

sudo apt-get install tftp

Other GNU/Linux systems

Using whatever your Linux distribution's package management might be, search for an install the tftp client package.

Windows 7/Server 2008

TFTP is disabled by default. In Control Panel > Programs and Features, click on Turn Windows features on or off, find TFTP Client and tick the box. You should now be able to use TFTP from the command prompt

Enabling TFTP on various routers

WRT54G / WRT54GL

If you're on an WRT54G or WRT54GL then you should do this to enable TFTP. If you're not on one of those routers, then don't do it!

It makes it easier to upgrade the firmware and recover from serious problems.

CAUTION: This will reboot your router.

nvram set boot_wait=on
nvram set boot_time=10
nvram set wait_time=10
nvram commit && reboot

Asus RT N10+

  • This router has TFTP enabled out of the box. You _must_ set your computer's IP address on ethernet, however, to '192.168.1.15' in order to be able to use a command-line TFTP client. See more detailed instructions below.

Enabling wifi

OpenWRT has wifi disabled per default.

vi /etc/config/wireless

Remove the line indicated:

        config wifi-device  radio0
	option type     mac80211
	option channel  11
	option macaddr	00:1c:10:bc:a7:1f
	option hwmode	11g

	# REMOVE THIS LINE TO ENABLE WIFI:
	option disabled 1

Reboot.

Wait a few minutes, then ssh back into the router.

Run 'wifi'. You should see the following:

	root@OpenWrt:~# wifi
	Configuration file: /var/run/hostapd-phy0.conf
	Using interface wlan0 with hwaddr 00:1c:10:bc:a7:1f and ssid "OpenWrt"

Connecting to wifi

You will need internet access to install packages and other things. Edit your config wifi-iface section to match the example below.

vi /etc/config/wireless

config wifi-iface 
	option device   radio0 
	option network  wwan 
	option mode     sta 
	option ssid     sudoroom
	option encryption none

If you're on an encrypted network add the following options...

option encryption psk2
option key 1234567890

Next add the "wwan" interface.

vi /etc/config/network

config interface wwan 
	option proto dhcp

Restart networking and you should be set. /etc/init.d/network restart

Installing BATMAN

Online

Use these instructions if your router is connected to the internet:

 ssh root@192.168.1.1
 opkg update
 opkg install kmod-batman-adv

Manually / Offline

If your router does not have internet connectivity when installing, then use these instructions.

Download these packages from:

http://downloads.openwrt.org/<openwrt_version_name>/<openwrt_version_number>/<chipset_name>/<type>/packages

Go to http://downloads.openwrt.org and browse to the correct directory. If there are multiple types, you probably want the 'generic' one, but check with the OpenWRT wiki page for your device to make sure.

These are the required packages:

kmod-batman-adv_<version>_<chipset>.ipk
kmod-lib-crc16_<version>_<chipset>.ipk

Use scp to copy them to the router:

scp kmod-*.ipk root@192.168.1.1:

Then ssh into the router and install them:

ssh root@192.168.1.1
opkg install kmod-*.ipk

Configuring BATMAN

See Mesh/BATMAN.

Router-specific notes

Actiontec MI424-WR

NOTE: The wifi adapter does not work on Attitude Adjustment on this router. It looks like it could be an incompatibility of versions between the kernel modules of the wifi driver and other kernel modules. Compiling OpenWRT manually might work

These instructions tested with the version A.

Getting the MAC address of the WLAN interface

Turn the router off. Hook up your laptops ethernet port to the wlan port of the router. Make sure you have wireshark installed:

sudo apt-get install wireshark

Give yourself a static IP address. The easiest way is to turn off network manager and set it manually, but this will probably cause you to loose internet connectivity until you turn network manager back on.

sudo /etc/init.d/network-manager stop
sudo ifconfig eth0 192.168.1.2 netmask 255.255.255.0 up

Now start wireshark as root.

sudo wireshark

Ignore the warnings and click through any other "helpful" dialogs that pop up. In the menu, click Capture -> Options. Click the Capture textbox next eth0. Make sure the following bottom right checkboxes are ticked "Update list of packets in real time", "Automatic scrolling in live capture" and "Hide capture info dialog" and click the Start button.

Now turn the router on and wait for some info to show up in the window. Give it 30 seconds, then hit the stop button in wireshark (in the top menu bar, fourth button from left). Click on one of the items in the table that do not say 192.168.1.2 in the Source column. In the view below the table, there are several fields with plus-signs next to them, beginning with text like "Frame" and "Ethernet". Find the one called Ethernet II and find the stuff after the "Src:" in parenthesis that looks like "00:16:d3:2f:dd:a1" (your numbers and letters will be different). Write down those numbers and letters and colons. You may need them later. Now close wireshark.

Now you need to install a new RedBoot:

TODO (this section of the guide not yet written) see http://wiki.openwrt.org/toh/actiontec/mi424wr#jungo.openrg

After installing the new RedBoot:

With your ethernet cable still plugged into the your laptop and the wlan port of the router, and making sure you still have an ip iddress like 192.168.1.2: Turn off the router, then hold down the reset button on the router while turning the router on and continue to hold the reset button until a red light comes on (and maybe for a second longer than that), then let go. Now do:

telnet 192.168.1.1 9000

You should see a prompt like this:

RedBoot>
 TODO (this section of the guide not yet written). You basically have to start a local tftp server and use redboot to load the images into memory and create a bootscript like on the meraki mini, except you don't need serial. See http://wiki.openwrt.org/toh/actiontec/mi424wr#redboot

The packages to install to enable wifi (if it actually worked) are:

kmod-eeprom-93cx6_3.3.8-1_ixp4xx.ipk         
kmod-lib-crc-itu-t_3.3.8-1_ixp4xx.ipk        
kmod-rt2500-pci_3.3.8+2012-09-07-3_ixp4xx.ipk
kmod-rt2x00-lib_3.3.8+2012-09-07-3_ixp4xx.ipk
kmod-rt2x00-pci_3.3.8+2012-09-07-3_ixp4xx.ipk

Ubiquiti

Tested and working on:

  • Bullet M5
  • Bullet 2 HP
  • Picostation 2 HP

Press and hold the reset button while plugging in the powered ethernet cable. Keep holding the reset button. Look at the LED above the power LED. It will turn on, then turn off, then turn on again. Release the reset button when it turns on the second time.

The Bullet will now be running a TFTP server 192.168.1.20

Ensure that you have an IP address different from 192.168.1.20 and in the 192.168.1.x range and do the following:

tftp 192.168.1.20
binary
rexmt 1
timeout 60
trace
tftp> put firmwarefile.bin

Where firmwarefile.bin is the name of the firmware file you want to flash.

Assuming you want to run Attitude Adjustment, the correct firmwares for tested routers are:

 Bullet M5: openwrt-ar71xx-generic-ubnt-airrouter-squashfs-factory.bin

 Bullet 2 HP: openwrt-atheros-ubnt2-squashfs.bin

 Picostation 2 HP: openwrt-atheros-ubnt2-pico2-squashfs.bin

You will see a bunch of lines like this:

sent DATA <block=13468, 512 bytes>
received ACK <block=13468>

Once those lines stop coming the router will take somewhere between 1 and 7 minues to stop flashing its lights at you, then it will reboot. DO NOT unplug or turn off the router until it presents two adjacent green LEDs and has done so for 10+ seconds. On the older routers the upgrade can take much longer than on the newer routers so be patient.

Note, that if you're flashing AirOS instead, at least the Bullet M5 series will remember setting between firmware upgrades and others may do so too. To reset username / password / ip address and other settings to factory default, first let the router boot, then press and holde the reset button until more lights come on and release. Wait for the factory reset to complete (a minute or two) and try to access 192.168.1.1 in a browser (ensure that your own ip is in the 192.168.1.x range). Note: This procedure seems to have no effect on the Bullet 2 HP, but works on the Bullet M5. It could be that the Bullet 2 HP does not persist settings across firmware upgrades, and so doesn't have the factory reset procedure.

ARCFlex Freestation 2

The Freestation is based on the 8Devices Carambola board, which interestingly is pretty cheap at 22 euro. We would have to solder an ethernet jack and and antenna and add a case.

WARNING: The following instructions will leave your router in a state where the serial console is needed to recover.

There seem to be some problems with the OpenWRT Freestation image:

  • The main ethernet port is seen by OpenWRT as the WLAN port and will try to get an IP address with DHCP, but the DHCP Discover messages will be tagged with VLAN ID 1, so you have to set up VLAN support and a eth0.1 interface with a DHCP server on your laptop in order to give it an IP.
  • Giving it an IP won't help you though, since neither web server nor ssh nor telnet is enabled on the WLAN port.
  • The other ethernet port seems to have nothing running on it. Not even a DHCP client. Also, be careful not to plug PoE stuff into your laptop. The PoE passthrough _should_ be disabled per default in OpenWRT, but you never know!

The image to use is the ramips-rt305x. The image we tried was:

 openwrt-ramips-rt305x-freestation5-squashfs-sysupgrade.bin

Note that it says freestation5, but works just as well on the Freestation 2. Firmware upgrade happens via the web interface, but you have to rename the file to .img instead of .bin, otherwise it won't be accepted. You may have to upgrade to the newest version of the official Freestation firmware (ARC-OS) before it's possible to upload the OpenWRT firmware file.

Asus RT-N10+

This router has TFTP enabled out of the box. You _must_ set your computer's IP address on ethernet, however, to '192.168.1.15' in order to be able to use a command-line TFTP client:

On Ubuntu 12.10 with an Asus RT N10+ router:

  • Unplug the router, but make sure it's attached to the ethernet port in your laptop via one of the four yellow ethernet ports on the router (not the blue one).
  • Manually set a static IP by editing your interfaces config file:
   sudo nano /etc/network/interfaces
  • Add the following:
   auto eth0 
   iface eth0 inet static 
   address 192.168.1.15 
   netmask 255.255.255.0
  • Save and close. To test, type 'ifconfig' in the terminal. You should see the IP address for eth0 is now set to 192.168.1.15
  • Reset eth0 by typing the following commands:
   ifup eth0
   ifdown eth0
  • Run tftp (Go to tftp section of this wiki page, above)
  • You will have to hold down the reset button while you plug in the power, and keep it held in for a few seconds after, in order to enableTFTP.

Meraki mini

None of the methods on the openwrt wiki page worked, so I had to resort to using the serial console.

  • Open the router (two screws behind the sticker).
  • Connect a USB to 3.3v serial adapter to the serial pins.

Serial pins with the antenna pointing away from you and the ethernet port pointing towards you, from left to right:

1: 3.3v
2: TX
3: RX
4: GND

The router may either be using 9600 or 115200 baud. Other settings are 8N1 with software and hardware flow control turned off.

Start minicom with e.g:

minicom -o -D /dev/ttyUSB0

Then configure by hitting ctrl+a followed by an o. Use the arrow keys to select "Serial port setup" and adjust settings. When done, hit escape once or twice to exit the menu. Optionally you can choose to "Save setup as dfl" to save the settings for next time.

When you plug in the router with the serial connected, you should see the following line:

== Executing boot script in 2.000 seconds - enter ^C to abort

Once you see that line, immediately hit ctrl+c.

You will then get a RedBoot prompt like this:

RedBoot>

Leave that sitting in its window for a bit. You'll need it later.

You will now need to set up a tftp server on your computer.

Install the tftp server:

sudo aptitude install tftpd-hpa

Make sure it isn't running with default parameters:

sudo /etc/init.d/tftpd-hpa stop

Download openwrt:

cd
mkdir openwrt_for_meraki_mini
cd openwrt_for_meraki_mini
wget http://downloads.openwrt.org/attitude_adjustment/12.09/atheros/generic/openwrt-atheros-vmlinux.gz
wget http://downloads.openwrt.org/attitude_adjustment/12.09/atheros/generic/openwrt-atheros-root.squashfs

You may want to get a different version than attitude adjustment stable. Just make sure you get the two files ending in vmlinux.gz and root.squashfs, and make sure you get them for the atheros chipset.

Ensure that NetworkManager is not managing your network card. The easiest temporary way of doing this is to stop NetworkManager:

sudo /etc/init.d/network-manager stop

Change the IP of your network card to 192.168.84.9:

sudo ifconfig eth0 192.168.84.9 netmask 255.255.255.0 up

cd into the directory where the .gz and .squashfs files are located, then start the tftp server:

sudo in.tftpd -l -L -p --address 192.168.84.9 --secure ./

It doesn't tell you it's been started, it just sits there waiting. You can test that it's working using:

curl tftp://192.168.84.9/openwrt-atheros-vmlinux.gz > /tmp/out.gz

Which should download the .gz file to /tmp/out.gz

Now, go back to the RedBoot console waiting for you in minicom:

Execute the following commands, pressing y when asked questions. The "fis create" commands will take a long time to complete.

 RedBoot> ip_address -l 192.168.84.1 -h 192.168.84.9
 RedBoot> fis init
 RedBoot> load -r -b 0x80041000 -m tftp -h 192.168.84.9 openwrt-atheros-vmlinux.gz
 RedBoot> fis create -r 0x80041000 -l 0x180000 -e 0x80041000 linux
 RedBoot> load -r -b 0x80041000 -m tftp -h 192.168.84.9 openwrt-atheros-root.squashfs
 RedBoot> fis create -r 0x80041000 -l 0x620000 rootfs
 RedBoot> fconfig -d boot_script_data
    fis load -d linux
    exec

 RedBoot> reset

Thanks to the Hack Notes blog for the above RedBoot commands.

After the router resets, you should have OpenWRT running in the serial console. Change your IP address again:

sudo ifconfig eth0 192.168.1.100 netmask 255.255.255.0 up

Now you should be able to telnet into the meraki:

telnet 192.168.1.1

If it worked: Hurray!

When you're done, remember to re-enable network manager:

 sudo /etc/init.d/network-manager start