The “Set-of-features” is exactly what LEDE is not. Besides since it supported a wide range of devices with each their limitations, it’s not possible to define this “set”. Some have USB, others have (too) limited flash/ram. Besides every user (or use case) has its own feature-set. Less features means less security risks. So for the specific use case, only install the packages required for that case. Even if a router has USB, some users don’t want/need to use external storage. So why even include USB support (for those users). Others want something extra like USB over IP; they need additional package.
Something more common like VPN. Do you want OpenVPN or IPSec (because your iOS devices support it OOTB). Or you want SoftEther.
Then some don’t even want the GUI. Again more resources left or they feel it’s more secure (less people know even how to access the device).
Bottom line: if you want consumer software stick to the OEM firmware. It should run stable with all the features they advertise for your device. It will not void the warranty and if it doesn’t work as the box said it would, they should have their own customer service points.
Update checking. Both to check for updates and apply new updates.
USB support (printers and harddrives working by default)
VPN Support (all vpns which includes Open)
Basic features like bridging in easy to use interface. They way Lede does it is to complicated for a "Consumer Router". This includes WAN to LAN bridging and Wifi to LAN Bridging
Https GUI access
Everything Above can be done in GUI.
I'll probably think of more later. I know some don't think making such a setup like this holds value but I have seen its value.
Turris Omnia was already mentioned. They use btrfs snapshots. That is interesting. Google uses chromium os on its routers too. Not related to lede, but at least open and linux based. So something to look into as a model for updates. Is anyone trying to get lede to run on the google wifi router (gale) ? This was the only thing I found https://github.com/marcosscriven/galeforce .
Not everyone is running OpenVPN on their routers. Some actually have a dedicated machine because they value speed. So I don't think OpenVPN should be part of the "Consumer Package". But I like the way of a Consumer Package that users can install. But then again a manufacturer is targeting a specific device and design it's features accordingly. LEDE is targeting multiple devices at once, each with their hardware limitations, I think this would make it difficult to create a all-in-one consumer package.
In also curious what is difficult about bridging interfaces in LEDE? Selecting 2 checkboxes and pressing save&apply doesn't seem that difficult?
I see various things on that list that would cause the developers nightmares to implement on multiple boards:
Incompatibility with some routers (USB)
Space/resource issues (VPNs, updating...e.g. one of my devices has less than 64kb after flashing, doing a "full update" on that device would cause issues)
Briding is quite simple actually, it's much more difficult on Linux command lines to do it properly (the process of assigning bridges, VLANs, etc. is much like in Cisco)
Some countries, a HTTPS login might not be permissible (but this can be easily enabled using the instructions)
Some of the things above, I've never seen in a consumer router's GUI
I've upgraded LEDE from GUI since Kamikaze...are you saying a "Backup/Flash Firmware" or "Sysupgrade" menu hasn't appeared on your device until 17.01.4?
I agree that it isn't "consumer-friendly"...just like entering Linux for the first time...it takes getting used to.
I'm used to devices like Cisco, Juniper, etc. having these features (and even then, you wouldn't normally do something like make a USB-HDD-based file server). So, when I read concerns of thoser less savyy in LEDE, I take pause...and I'm thankful we all have a router distro to use.
No i use “Backup/Flash Firmware” or “Sysupgrade” all the time. I was talking about different. About program which notifies you that newer firmware is available and let's you install it from the GUI.
Please see my screenshot above.
Interesting, had no idea that was available, have you had a chance to try it yet?
edit - just installed and tried it out, got the notification for new update available, snapshot to snapshot, requested image and got this even though I'm on a well supported wrt1200-
unknown device, please check model and board params
No i did not have had a chance. I just posted it here because i thought it was what others talked about (upgrade notification in GUI)
I won't use it. Because my router can't use it's 128 MB NAND on stock lede firmware i have to include a patch, so i won't install that. Also i need some packages and that snapshot version does not include these packages.
You have to know whether to bridge from the LAN interface or the WAN interface when making a WAN to LAN bridge. Once you realize it is the LAN interface, you then have to know to disable the WAN and WAN6 rules.
For wireless bridging, you have to look up the package to install. Then you have to look up how to set up the wireless interface. A consumer router would have a drop down menu that says WAN to LAN bridge. Wireless bridging would not have you install something. It would have a scan button in the wifi interface. Then you tell the router to connect. That is it. When it comes to consumer products you have to remove any gui problems that would require looking things up. Amped Wirless REA20 gives a good example of how to do a GUI for wireless bridging. Apple routers have a good example of how to do bridging for WAN to LAN. It is not perfect but it will give you an idea.
As for OpenVPN, I know you can just have a second OpenVPN router but I was talking about consumer router interface. That means no second router in most situations. VPNs would be in a seperate area with the setup as simple as possible.
Part of making this consumer package would be the program knows that particular device has no USB so install nothing regarding that.
For upgrading with devices with proper memory. It would download the file and update it once told. With limited memory. It would tell the user to click here to download the file. This is done on the page where you upload a new version. Once downloaded, it tells the user to upload the file and apply software. Essentially, you walk them through a flash.
I am referring to the fact that that the base install has a WAN, WAN6 and LAN rule. I also forgot to mention I had to change it to dhcp client. All of these things should be just one menu option that says bridge. That is how a "Consumer Router" interface would be set up.
I don't understand where all of the comments are coming from as noone was brought up by me in the OP.
I was looking for simplified and documented way, now that I have installed, configured LEDE and all packages, to know updates are available. I am the guy who likes to "leave it alone unless it's broken", but I do need to update to get the security fixes.
For LEDE release updates, info i found was to subscribe to a webpage to check for page changes. Any time page is updated, email is sent.
i have yet to test how will this work, and IMHO this is a laughable workaround, not a solution as there will be false notices any time page is updated. Still better than nothing.
Updates to packages
it appears I will have to script and install some type of email program, that will allow to "opkg update" and then "opkg list-upgradable" on regular basis, then send me an email the package is available.
These are very basic and could be done in vanilla image code.
Notice, I never said to auto update, I asked to let me know there is an update.
I agree and it will be worked on. Before LEDE 17.01.x, binary package updates and semi-regular point releases simply did not exist, therefore there is no notification infrastructure in LuCI or the system itself yet.
release announcements are sent out (e-mail list or forum), they could probably
be standardized into an specific subscription list.
Packages are generally not updated in a release, the only execptions being major
things like the KRACK problem. When a new release is made, it updates a lot
ofthings. On most devices, you need to pick/assemble/compile a new firmware
image and flash it as one update rather than updating individual packages.
Also note that there isn't something like a "WAN" interface. It is actually just a (probably vlan) based interface placed inside a WAN firewall zone.
I suspect that you just bridged your 4 hardware ports through software with another vlan hardware port. Instead you should have placed all switch interfaces in 1 vlan and work from there.
Personally I don't know what they mean with a "wan-lan bridge" but I think thats just a prosumer therm for vlan1.
Sorry for going off topic but I had to mention this.
