An OpenWrt Beginner's Guide

Installing and Using OpenWrt
1

Preface

A first encounter with the OpenWrt Project might be overwhelming so I created this post to jumpstart newcomers. Realize that an OpenWrt Journey is not a walk in the park and may consume countless hours of learning and trial-and-error - even when tech experienced.

Planning

Decide, based on floor layout and #wired connections, which topology suits best, i.e.
*Wi-Fi Router
*Wi-Fi Router + Wi-Fi Access Points
*Wired Router + Switch + Wi-Fi Access Points

Draw a network diagram ie. with draw.io

2023.drawio
2023.drawio643×153 13.3 KB

Buyer tips

For new hardware check below devices - the listed order is in SoC cpu capacity
ps: lookup forum topics about user experience
ps2: for all supported devices see Table of Hardware

Wired Router
SoC Device Price Notes
core i5 Lenovo M920q 8500T + NIC $150 used + $40 2.5-10 GbE, coreboot
n150 Topton X2E N150 $200 2.5 GbE, coreboot
rk3582 Radxa E52C $65 2.5 GbE
rk3528 Radxa E20C $35 1.0 GbE
Managed Switch

A managed switch running OpenWrt firmware provides benefits like a unified configuration experience, no cloud vendor lock-in and options to export metrics to i.e. Grafana
See also openwrt_on_switches_faq

SoC Device Price Notes
rtl930x ZyXEL XGS1210-12 $150 1.0 GbE, 2.5 GbE, SFP+
rtl930x ZyXEL XGS1250-12 $200 1.0 GbE, 10 GbE, SFP+
rtl838x Netgear GS108Tv3 $75 1.0 GbE, PoE
rtl838x TP-Link TL-SG2210P $120 1.0 GbE, SFP, PoE
rtl838x ZyXEL GS1900-10HP $120 1.0 GbE, SFP, PoE
Wi-Fi Access Point

Tips for Access Point placement.

SoC Device Price Notes
mt7981 Cudy AP3000 $80 2.5 GbE, PoE
mt7981 Cudy AP3000 Outdoor $100 1.0 GbE, PoE
mt7981 Cudy AP3000 Wall [WIP] $80 1.0 GbE, PoE
mt7981 Ubiquiti UniFi U6+ $100 1.0 GbE, PoE
mt7981 Zyxel NWA50AX Pro $80 2.5 GbE, PoE
mt7621 Cudy AP1300 Outdoor $60 1.0 GbE, PoE
mt7621 Cudy M1300 v2 $40 1.0 GbE
mt7621 TP-Link EAP615 $80 1.0 GbE, PoE
ipq4019 Google Wifi AC-1304 $15 used 1.0 GbE
Wi-Fi Router
SoC Device Price Notes
mt7988 Asus ZenWiFi BT8 $280 2x2.5 GbE, Wifi 7
mt7988 TP-LINK BE450 $170 2.5/10 GbE, Wifi 7
mt7986 Asus TUF-AX4200 / RT-AX59U $100
mt7986 GL.iNet GL-MT6000 $125 2x2.5 GbE
mt7986 ZyXEL T-56 €60 2x2.5 GbE
an7581 Quantum Fiber W1700k [WIP] $40 2x10 GbE, Wifi 7
mt7981 Asus RT-AX52 €50
mt7981 Cudy M3000 / WR3000 S / H / P $60
mt7981 D-Link M30 Aquila Pro AI $70
mt7981 OpenWrt One $110
ipq8174 Linksys MX4300 $40
Travel Router

See also travelmate

SoC Device Price Notes
mt7981 Cudy TR3000 $60 1.0 GbE
mt7981 GL.iNet GL-MT3000 $80 2.5 GbE + 1.0 GbE
mt7628 Cudy TR1200 $30 0.1 GbE
mt7628 GL.iNet GL-MT300N V2 $30 0.1 GbE
Cellular Router (4G/LTE/5G)

See also luci-app-modemband and luci-app-modemdata

SoC Device Price Notes
mt7981 GL.iNet X3000 $350
ipq807x TP-Link X80-5G $250
mt7621 Asus 4G-AX56 $130
ipq4019 Netgear LBR20 $100
SFP+

SFP+ ports allow 10G connections over Fiber Optic- or Copper modules
*short distance use SFP+ DAC Patchkabel with modules integrated
*long distance use module BIDI-LC-Single-mode + cable OS1 indoor / OS2 outdoor
see topic and Ubiquity examples

Other

*Wi-Fi Point to Point: Ubiquiti Nanostation AC loco or TP-Link CPE710
*Wi-Fi Router White look: here
*Wi-Fi Router Tri-band: here
*PCIe NIC adapter: Realtek RTL8125BG (2.5G) RTL8261C (5G) RTL8127 (10G) | Marvell AQC113C
*USB NIC adapter: Realtek RTL8156BG (2.5G) RTL8157 (5G) RTL8159 (10G)
*USB Wi-Fi adapter: here - see also this
*USB Chargers: lygte-info and chargerlab
*USB Serial: CP2102 USB to TTL Converter - connect TX, RX and GND (don't connect VCC)
*Range extender: Cudy RE3000

Installation

Read Starter FAQ and Quick start guide. You can find some external guides here as well

  • for devices where OpenWrt is installed on sdcard: see link
  • for devices where OpenWrt is installed on internal flash: lookup device for instructions
  • connect OpenWrt device lan-port with PC and open 192.168.1.1 in browser
    Wired Router: set wan protocol to DHCP client in Network > Interfaces
    Wi-Fi Router: follow this
    Wi-Fi Access Point: set lan protocol to DHCP client in Network > Interfaces and configure radios in Network > Wireless. With multiple APs set different channel per AP, ie. ch1 on AP1 and ch11 on AP2 for 2.4 Ghz. See Bridged Access Point
  • Save & Apply (keep settings) - when device does not come up after 5min powercycle it

Packages

Via System > Software you can install additional packages. Some examples:

  • ad-blocking - options
  • port info - luci-app-lldpd
  • traffic shaping - luci-app-sqm
  • router monitoring - luci-app-statistics collectd-mod-sensors collectd-mod-thermal collectd-mod-ping collectd-mod-sqm collectd-mod-irq
  • traffic monitoring - luci-app-nlbwmon
  • stats export to Grafana - see here

Privacy/Security

To secure devices and guard privacy

  • change DNS resolver - in Network > Interfaces > wan uncheck 'Use DNS servers advertised by peer' and add DNS server 9.9.9.9 and 1.0.0.1
  • encrypt DNS traffic - see https-dns-proxy (and other alternatives)
  • isolate wireless devices - see Guest WLAN (needs dnsmasq+firewall)
  • isolate logical grouped devices - setup 802.1q VLAN to isolate guest, iot, home etc devices case1, case2, case3.
  • secure Wi-Fi WPA2: enable KRACK + 802.11w + use a 12 digit key with a combi of A-Z, a-z and 0-9.
  • secure Internet connection and mask IP address with Wireguard client
  • secure remote access to home network with Wireguard server - see also Wireguard guides
  • perform local vulnerability scan with Nessus Essentials
  • perform local portscan with nmap
  • perform remote portscan with port-scanner

Troubleshooting

  • keep it simple, stick to defaults
  • familiarize yourself with terminal commands (see Appendix)
  • in case of issues search the forum and/or create a topic with your config (see Appendix)
Appendix: Collect config

Connect to your OpenWrt device using ssh, copy output of below commands and post it using the preformatted text button (redact passwords, MAC- and public IP addresses)
Screenshot from 2024-03-26 16-57-00

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
Appendix: Terminal Commands

cpu memory: htop (press F2 and enable detailed cputime)
network: ifconfig, iftop, mtr -ezb4 --report 1.1.1.1, netstat, nslookup, route, traceroute
hardware: ethtool, iwinfo, iw phy0 info, iw list
text view/edit: cat, grep, logread, nano
ps: when a command is not available then install it in System > Software
ps2: see also
https://openwrt.org/docs/guide-user/base-system/user.beginner.cli
https://openwrt.org/docs/guide-user/network/wifi/wireless-tool/wireless.utilities

Appendix: Benchmark

Cloudflare speedtest
Ookia speedtest
Bufferfloat test
iperf3 performance
Wireguard performance
Power consumption
Crusader Network Tester
Flent Network Tester

Appendix: External Resources

Embedded Hardware News https://www.cnx-software.com/
Linux (Kernel) News https://www.phoronix.com
Networking Fundamentals https://book.systemsapproach.org/
Networking Fundamentals https://www.geeksforgeeks.org/computer-network-tutorials/
OpenSOHO https://github.com/rubenbe/opensoho/
OpenWisp https://openwisp.org/demo.html
OpenWrt Configurator https://github.com/jasrusable/openwrt-configurator
OpenWrt Wifi info Crowd-sourcing the Wi-Fi Chip info - #2 by richb-hanover-priv
OpenWrt commits https://git.openwrt.org/?p=openwrt/openwrt.git;a=summary
OpenWrt Table of Hardware https://toh.openwrt.org/
Starlink latency story https://api.starlink.com/public-files/StarlinkLatency.pdf
Wi-Fi planning tool https://design.ui.com
Wi-Fi Survey https://github.com/jantman/python-wifi-survey-heatmap or https://www.netspotapp.com/gettrial.html or Robot Vacuum https://github.com/ccoors/Valeronoi
Wi-Fi SNR https://interline.pl/Information-and-Tips/Minimum-802.11-SNR-Sensitivity

Appendix: ARM/MIPS SoCs 
88f7040 quad-core A72 (Marvell ARMADA 7040)
ath79    MIPS 4Kc
an7581   quad-core A53 (airoha)
bcm2711  quad-core A72
bcm2712  quad-core A76
mt7621   MIPS1004Kc
mt7622   dual-core A53
mt7628   MIPS24KEc
mt7981   dual-core A53 (filogic 820)
mt7986   quad-core A53 (filogic 830)
mt7988   quad-core A73 (filogic 880)
ipq53xx  quad-core A53
ipq60xx  quad-core A53
ipq807x  quad-core A53
ipq957x  quad-core A73
88F7040  quad-core A72 
RK3399   dual-core A72 + quad-core A53
RK3566   quad-core A55
RK3568   quad-core A55
RK3582   dual-core A76 + quad-core A55
RK3588   quad-core A76 + quad-core A55

ps: support the OpenWrt Project https://openwrt.org/donate

19 Likes
2

For a Wifi Router advice: are ipq807x and filogic the best performing devices for 2023/2024 ?
Do you have 2.5Gbps / 1.0Gbps device recommendations for these?

edit: I digged some time into topics and found following
ipq807x - Dynalink DL-WRX36 looks cool but currently lacks DSA support
filogic - contains a growing number of devices but many are not easily flashed.

3

I'm not sure why you added this question to your existing thread... but look at this section:

Read and search first, if you don't find answers to your questions, that is a good place to start a new thread regarding OpenWrt + hardware questions

4

Seller claims they're new, photos appear to back the statement up.
No warranty from Dell though, these devices have been EOLed.

Btw, the link's b0rked, I changed the topic, it changes the URL too, not changing it again, but EU eBay new Dell Edge 680 16 core C3958, 32GB RAM 240GB SSD 6x1GbE 2xSFP+ ~200€ might be better.

As for used Dell Edges, you might want to use Dell Edge E42W VEP1400 620/640/680 HW discovery.

5

Thanks for pointing this out - the link is now referring to your generic Dell Edge topic

1 Like