Do I flash router before plugging it into modem for the first time?

Hello, today I should be receiving my R7800. I've read through a lot of the documentation, FAQ, and instructions. However, one quick question I have is: at what point should I plug my router into the modem?

I have a router/modem combo (T862G provided by ISP, will hopefully replace it with a better modem later) that I'll be disabling the router function on, to replace with the R7800 with LEDE.

When the R7800 arrives, should I connect it to my PC and flash it first, then connect the router to my modem? Or do I plug it into my modem right away, then flash the router while its connected to the modem? I would think that I flash it first, then plug it into the modem but I'd rather be safe than sorry.

Hopefully this isn't a really dumb question, I tried finding it in the documentation but since there are lots of different ways to use an LEDE device in a configuration it seems it wasn't covered (or more likely, I just missed it).

I don't think it makes any important difference. I'd personally just flash it first, don't bother even booting into the stock firmware.

I always do so, as many routers have UPnP and WPS enabled by default, of which are glaring security risks if any downstream devices are connected to the router.

It's a good idea to test a new router with its stock firmware to be sure the hardware is OK first before flashing.

4 Likes

I'll buy what @mk24 says, test with the stock firmware to be sure you can connect to the wifi and route packets etc, then flash it.

1 Like

Right, but that can be done without connecting the router to the modem... wasn't the question regarding when should the router be connected to the modem, before or after flashing OpenWrt?

Sure, just don't connect the rest of your lan to the router, just a single laptop with a good firewall for testing.

OS firewall will do little unless one is managing their OS firewall as a power user (as you'd have to be filtering ports for all network traffic, something most consumers don't do), as UPnP comes enabled on most OEM firmware, and UPnP is a massive security risk.

  • WPS is also often enabled by default, which is crackable within minutes

UPnP is a big security risk when deployed for some length of time. It's possible to be compromised in a 5 minute testing session, but it's a lot lower risk than if you leave UPnP open for 6 months.

If you really really are concerned you could put two laptops, one on new router's wan and one on lan and see if you can get them to talk to each other etc. You don't actually need connection to the broad internet to confirm the hardware's working.

My point isn't that one approach is wrong and the other right, just that their are different approaches with varying degrees of security and risk.

That's a good point, and true of security in general. I will say though it seems unlikely that you make security worse by putting your new router behind the existing CPE router with the CPE router functions still enabled for the purposes of hardware testing for a few minutes. Whatever security risks there are in the CPE router presumably have been in place for weeks, months, or years.

I don't mind plugging the router into the modem to test the hardware. Is there anything specific I should do to test it? I'll look online in ~10 minutes.

Ah, I missed that part =]

Testing:

You want to confirm the following:

  1. computer plugged to the lan ports can access the internet
  2. Computer plugged to lan port runs dslreports speed test and gets speed/bufferbloat rating
  3. computer not plugged to lan port can associate with both bands of wifi and access internet
  4. Run dslreports on wifi and don't worry too much about specifics but get a sense of generally how fast performance is

Those should be enough to know the basics are working, and rating of what speeds the router is capable of

1 Like

Awesome, that is exactly what I needed to know. Thank you!

1 Like