I am a novice at all of this, but I am hacking/building/deploying images to a test router. Right now I am painfully changing cables around and changing the IP config on my PC during each cycle. Is there a better way? Here is more detail.
This is what I do today and note my normal LAN subnet is 192.168.0.0/24
change code, build on dev PC to create image
The test router is connected over serial, in this case the bootloader has TFTP but hard codes to a 10.10.10.3 tftp server IP
Unplug eth from PC and plug into test router. Change IP on PC to static IP of 10.10.10.3. Run tftp2 as a tftp server on the PC
Run bootloader commands to tftp image from PC and boot test router. Openwrt boots to 192.168.1.1 with DHCP on.
change IP conf on PC to be DHCP which gets a 192.168.1.x IP from the test router
after done testing, unplug PC from test router back into normal router and dhcp renew to get back on the normal LAN
I am wondering if could avoid the cable changes and PC IP changes by using a stable router between the PC and the test router. Here are the goals.
No cabling changes
No IP configuration changes on my PC
Ability to copy images built on PC (on normal) LAN to be TFTP-ed to the router looking for a 10.10.10.3 tftp server.
Can admin the newly flashed test router that will have the default openwrt config via Luci and SSH from the PC on the normal LAN
The newly flashed openwrt test router does not attempt to be a DHCP server on the normal LAN
Allow test router to run it's own network but FW-ed off of the regular one
So far my ideas have been to cable the stable router [lan port] <-> [lan port] test router and use a VLAN/interface and a TFTP server on the stable router for 10.10.10.3. Then maybe a VLAN with FW rules to allow admin of newly flashed router on 192.168.1.1 but otherwise isolating the test router from the normal network. This would require a switch/port change between VLANS on the stable router to avoid cable changes but that is fine.
Are there simplier and/or better ways to handle this. I won't be shocked!
Connect your PC to the test VLAN, either by using VLAN tags between stable router and PC,
or by adding a second NIC and cable to the PC (the stable router might not be needed in the latter case).
I hacked together a way to make this work. I am sure there are some holes in it, but it works well for me. The key is it allows a bunch of build/flash cycles with no cable changes. Here are the main parts in case it is helpful for anyone else. If you specific questions let me know.
I am using one stable router (SR) and a development router (DR) I am creating builds for and flashing. All of the "magic" is just config on the SR. Basic cabling with ports like this
New interface, VLAN, and FW zone for the dev router port
Interface: 2 static IPs
10.10.10.3 which is what the bootloader on my dev router looks for with TFTP
192.168.1.254 which I used as it is in the subnet of a default openwrt build but outside default dhcp range. Note the rest of my network is NOT 192.168.1.x
Setup TFTP, which is under dnsmasq
Set WAN type FW rules for the VLAN DR Interface. I think the most key parts are
LAN => VLAN DR accept all
VLAN DR => any - Reject, Accept (output), Reject
traffic rules
Allow PING, and DNS from VLAN DR to all other zones
Allow TFTP from DR to SR router
Allow HTTP/HTTPS forward from DR out through LAN on SR - this allows opkg list refreshs etc
My build/deploy steps. Note I am using a usb/serial connection from the PC to the dev router
Build openwrt on PC
scp bins to stable router in the location TFTP runs from
reboot dev router (have serial connection console on PC) and stop in boot loader
TFTP bin from stable router to dev router
boot dev router
At this point I can SSH to the dev router, HTTP - Luci etc from the PC.
can flash the bin using the openwrt site if you want etc
The dev router will not automatically be able to route/dns to the internet, but if you do the following to tell it the stable router is DNS and the default gateway it will