are you guys restarting your openwrt routers , or just leave them working as long there's no power outage?
it happened once in the last 6 months that my router froze completely and needed to pull the plug , otherwise i leave it be.
running v19 on a mikrotik hex, with 200/100mbit fiber with ~40 clients.
If there are no security issues, no need to restart.
4 Likes
In my case, I don't restart my OpenWrt devices unless I'm actively making changes to the configuration. OpenWrt has been pretty rock solid over many major releases.
Some people do restart frequently and/or on a schedule (such as a cron job), especially if they have run into issues that appear to present after some period of time. These situations are relatively rare, and IMO, if you are restarting your router to avoid a problem, you're simply making the issue -- something that could probably be solved by proper troubleshooting.
4 Likes
Yes.
Unless I'm testing a new firmware release for bugs.
Usually set it to reboot once a week.
Reason: While the Linux community is fairly quick in detecting malware, undetected security issues and the like ...
It's impossible to catch them all immediately.
So for numerous malware that can not survive a reboot, a weekly reboot would deal with them.
Just another layer of security until Linux community provides a patch for new malware.
2 Likes
Only if I’m adding a new build.
I concur with @psherman
A quick 5 minute daily look at your syslog (or logread if you wish) can tell you pretty quick if your system is running smoothly, or encountering something out of the ordinary.
OOTB, I'd warrant current OpenWrt contains better security measures than many (most/all) vendor boxes based on OpenWrt, and a properly configured system shouldn't require a reboot per se.
2 Likes
This logic is flawed on so many levels.
If the malware got on your system in the first place, and you just reboot, it will be compromised again in the same way s it did really quickly.
Normally you should not run any services on your public interface, which makes it nearly impossible to "get malware on the system".
No end users should connect to the router, so that also drastically limits the chances of malware.
The system is really stripped down and somewhat tailormade for each platform, so creating reliable exploits for something that is so different and mute on the internet... I just don't see it happening.
Rebooting openwrt will wipe all the evidences of any compromise as most logs are in volatile storage.
Rebooting weekly will interrupt all "ongoing" connections in your LAN, so if others are using it at this time, they will have no network during the reboot.
So while i get your train of thought, it doesnt make much sense from a real security perspective. And again: unless you fixed/changed something.
Edit: added more arguments
7 Likes
You should not need to reboot your router preemptively, only when installing a new version, or making major configuration changes. If you have to reboot your router because if other reasons, then it's a bug
5 Likes
System log did not help any of the OpenWrt users running MT7621/7615 SoC routers with the 5 GHz WiFi issues.
Hence running the router for several days to check uptime and actually encountering the 5 GHz WiFi problems.
1 Like
Did you read my post?
I did not disagree.
Zuorat is MIPS only.
If zuorat got on your device once, it will get there again in the same way it got on your device in the first place, after you reboot. If properly scripted by the attacker, it will reinstall immediately after you reboot.
So again: its pointless
3 Likes
I reboot my router, once a week. The downtime doesn't bother me and it is an easy way to mitigate memory leaks, bad caches and so on. In an ideal world, rebooting obviously isn't necessary. However, the world is far from ideal.
I am not aware that OpenWrt firmware has been compromised by this malware exploit nor any other known current attack vectors tmk. This is Why I/We build/run OpenWrt.
Let's not conflate a different issue with the OP's ?
He hasn't had a problem with his performance, nary a hiccup. Basically a well tuned OpenWrt based router.
1 Like
This worries me... I never had any memory leaks nor bad caches. Do you have problems? This requires debugging, not rebooting.
I ran hundreds of linux servers in my life and not once had memory leaks (that require reboot). And those memory leaks that occurred were due to bad java programming/garbage collection. So never on a router.
3 Likes
Normally I only reboot if I make config changes or I decide to compile new images.
Else I don't reboot the router.
2 Likes
I have experienced various problems, in the past, that were solved by a reboot.
When all software is written perfectly, there is no need to reboot. However, software is never written perfectly. I don't reboot, because I am experiencing issues; I reboot so that I don't have to. My router is in my home and a minute of downtime, once a week, while I am asleep, is not an issue for me. In contrast, having to manually reboot, when something goes wrong, is an issue for me.
I wouldn't do this on a production business server. In that case, there are better solutions; health checks, load balancing, automated failover, etc. That is overkill for a home network.
1 Like
Posted at WIRED:
Like most router malware, ZuoRAT can't survive a reboot. Simply restarting an infected device will remove the initial ZuoRAT exploit, consisting of files stored in a temporary directory.
Posted at PCPerspective:
It’s Probably Time To Start Scheduled Reboots For Your Routers
Is there any evidence that Openwrt can be affected? It looks very unlikely. How can the code be executed. Poor vendor software can really be affected by a lot of things.
1 Like
You are harping on the wrong audience unless you can confirm this is an issue with OpenWrt.
1 Like
I can understand that you had bad experience. I never had that... Ever... On any linux/unix system.
And if you did, i have to respect that. On the other hand, it would (to me) be of utmost importance to troubleshoot the issue, so everyone benefits from the fixes. We wouldnt want openwrt to become like windows...
1 Like
Again... If they got there in the first place, they will get there again if the root cause isnt fixed. How hard is this to understand?
2 Likes