OpenWrt installation on Raspberry Pi 4B

Installing and Using OpenWrt
1

OPENWRT, 1 Gbit/s internet connection , Raspberry 4 B and VLAN

[I‘m german spoken (had some school-learned small Oxford-English 40 years ago), I‘m sorry about perhaps some mistakes using wrong vocabulary...]

I think I need some help so I try to get some here.

My router carreer:

  • fli4l
  • selfmade router using raspberry 3 & raspbian
  • sophos home UTM 9
  • OPENWRT @ raspberry 3 plus 4 ext usb nics

Now I upgraded the internet connection to 1 Gbit/s (Vodafone/KabelDeutschland), still using latest OPENWRT @ raspberry3 which was very good for 100Mbit internet connection...

#SNAPSHOT

For the new beginning using the raspi 4 I have to use the snapshot version of OPENWRT but there are some problems:

At the first snapshot I installed I was not able to install mc (preferred file manager and editor) because missing some libssh2 (?) library. But I was able to get ssh connection and installed luci.

After some days pausing my “challenge” I was not able to add a kernel module for a RTL USB NIC because it doesn’t fit to the kernel (some small newer sub version?).

The downloaded actual (2 days ago) daily snapshot had some error (7zip told me that).

I am really confused now…

I HAVE to use snapshot because raspi 4 is not supported by the stable release.

Do I have no chance to use my raspi 4 in a "stable way"?

Is there any “frozen” version of OPENWRT so I have no - possibly- daily change of kernel version and other dependencies?

Is it possible to download the complete repository of a daily snapshot version (preRC ?!?!) and save it on a place in my network? What I have to do for this to make it accessible for my raspi?

#VLAN

My “old” raspi 3 B has an external powered USB3 hub with 4 USB NICs connected: USB1 to modem (exposed host - fritzbox), USB2 to access point1 (10.10.10.x child room), USB3 accesspoint2 (10.10.11.x parents), USB4 (192.168.1.x wired devices (yavdr, printer, daddy pc)…

With the new raspi I wanted to use a small switch TP-Link TL-SG105E instead of USB NICs to save the many network cards. The cheap switch has a web interface and supports port based VLAN and 802.1Q VLAN.

This is the new plan, I am happy that I found this thread!

raspi4 – > SWITCH port1(fritz) port2 (ap1) port3 (ap2) port4 (wired lan)

Is it enough to name the network device i.e. “eth0.3” to enable 802.1q ? or

Maybe I have to define some statements in /etc/config/network?

Sure, I have to configure the ports on the switch using it's web GUI...

Maybe someone wants to help me…

Regards!

-==[Schubsi]==-

2

  1. If I were you, I would compile my own image It’s really easy to do. You can choose which module to compile into the kernel. I can send you instructions if you want.

  2. The problem you are describing with not being able to install modules later if you wait a few days is a known issue with snapshots. Again, I would compile my own image. If you need more modules later, you can do back and recompile the image from the sources you already downloaded. Eventually, the Raspberry Pi 4B will be included in a stable release, and all those problem will go away.

  3. What’s you Internet bandwidth in both directions?

  4. Do you have a managed switch with one extra available port?

3

Hi Sirizha...

  1. If it's really easy, I would like to compile my own image! But remember: I am old (53) and my brain ist beginning to loose any information :wink: and I am not an IT student, only a pure autodidact (PC since 1988, but M$ influenced) :muscle:

  2. I hoped a few weeks long that Pi 4B will be supported in the near future but nothing happened (Pi 4 B ist not really "hot new"), now I want to go forward and use the better performance and better througput...

  3. The data got by internet provider: up to 1 Gbit/s download and 50 Mbit/s upload
    Not verified yet by myself! But the Info-page of Fritz.box 6591 confirms this...

  4. No, but I have a second TL-SG105E, why are you asking?

If I have a stable software base (self compiled?) I can start a new try setting all parameters to zero and then I will see the look and feel. In first step I can test VLAN with only 1 AP connected, using your first post this thread.

Thanks for your assistance!

-==[Schubsi]==-

4

I am shocked that you would call yourself old at 53. I actually can't even find words to express my feelings after reading this because I'm in shock right now. I'm only a few years behind you in age, and you have just made me really depressed by your statement.

But back to the topic:

  1. Do you have a Linux computer at home?
  2. If not, have you ever installed a virtual machine in your current operating system. I suspect you are a Windows user, so have you ever installed a virtual machine in Windows?

In order to compile an OpenWRT image, you will need a Linux machine. It can either be a dedicated computer running Linux or it can be a Linux virtual machine running on your computer (in Windows or in macOS).

Please watch this video from beginning to end. This video explains how to install a Linux virtual machine on your operating system and then how to compile an OpenWRT image for Raspberry Pi 4B. Stop and rewind this video if there is something you didn't understand (due to the language barrier or due to the concepts you did not grasp during the first viewing).

I suggest that you thoroughly study this video and see if you can follow the procedure in this video. If you can, I will help you with the compilation process. If you think the process in the video is too complicated for you, I would suggest you wait for the OpenWRT Project to release a stable version of OpenWRT that includes support for the Raspberry Pi 4B, which should be in February - March 2021.

If you find you can follow the procedure in the video, please install the Linux Mint OS according to the instructions in the video. The guy who made the video used Virtual Box as the virtualization software (this is also called a hypervisor). However, if you already have a different hypervisor, you don't have to use the Virtual Box hypervisor. The Virtual Box hypervisor software is free of charge. Other hypervisor products may have to be purchased. The other commonly used hypervisor software products are:
a. In Windows: VMware Workstation or VMware Player (free of charge)
b. In macOS: VMware Fusion (Basic version is free of charge) or Parallels

Let me know how you want to proceed. If you want to try this, install Linux Mint according to the video and then contact me via this thread and also send me a private message.

P.S. The reason I mentioned a managed switch is that you don't have to use a USB3 to GigabitEthernet adapter with your Internet bandwidth. You can utilize the built-in Gigabit port in the Raspberry Pi 4B for both the WAN port and the LAN port, but you would need a managed switch that has one extra port for connecting your ISP modem. I would not recommend using a USB3 to Gigabit Ethernet adapter with the Raspberry Pi 4B for OpenWRT. When I tested mine with a USB3 to Gigabit Ethernet adapter, it was not reliable enough for my liking.

So, you would connect your Fritz box to Port1, Raspberry Pi 4B to Port2, AP1 to port 3, AP2 to port 4, and wired LAN to port 5. You would configure Port1 for VLAN10 (as an example), you would configure Port2 as 802.1q trunk, and you would configure Port3, Port4, and Port5 as VLAN20. In this example, VLAN10 will accept packets from the Fritz box, and VLAN20 is your LAN. You would configure two subinterfaces in OpenWRT: eth0.10 and eth0.20; DHCP client will be configured on eth0.10 to obtain a Public IP address from your ISP (or if they use PPPoE, you would configure it on eth0.10). You would set up a static LAN IP on eth0.20 and enable a DHCP server on this subinterface. I would recommend updating your switch to the latest firmware, as the TP-Link Easy Smart switches had some issues with traffic leaking between VLANs in early firmware, which you want to prevent by all means possible with this sort of setup when the unfirewalled traffic from the Internet coexists with your LAN traffic in the same L2 switch.

Cheers

5

Hey, great, I can play with virtual machines - so far it never occurred to me to use a Linux in the vbox ...

The TL-SG105E has 5 ports and I need 5 ports:

  1. port to modem (fritz)
  2. port to Pi 4B
  3. wired lan
  4. ap (child)
  5. ap (parents)

I wanted install additional USB NIC afterwards making a fallback entrance in case I make a mistake...

:rofl: :joy: :rofl: :joy:
Not long ago I had a excellent running brain, but I remembered a road trip (1987) to Fehmarn (island) driving along the Fehmarnbrücke (bridge) seeing the sunset hearing a song "in the air tonight..." but I didn't remember the singer or the band, perhaps Genesis? sh*t! :open_mouth:
These are the first symptoms :thinking:

Phil Collins, now I know again... :upside_down_face: :slightly_smiling_face:

Oh, I see, you edited your post...
The TL is the latest version (v5) and there is no firmware update available.

I understood the principle, but it was unclear to me whether the specification "eth0.10" is sufficient to activate the VLAN functionality or whether explicit information about the device must be made in the config file.

I wanted to go a further step:

Port1 - VLAN100 - wan (fritz) 192.168.18.0/30
Port2 - VLAN100,VLAN11,VLAN22,VLAN33 - Pi 4 B (eth0.100, eth0.11, eth0.22, eth0.33)
Port3 - VLAN11 - ap (child) 10.10.10.0/27
Port4 - VLAN22 - ap (parents) 10.10.11.0/27
Port5 - VLAN33 - wired lan 192.168.219.0/27

Am I on the wrong track?

-==[Schubsi]==-

6

Are you using Windows 10? If so, I would use WSL.

7

The RPi has one advantage over most other devices more common for running OpenWrt, it's unbrickable - at worst you pull out the sdhc card and insert a known working one instead, so you can experiment without second thoughts.

3 Likes
8

You don’t need a USB3 Gigabit Ethernet adapter for it. Just assign an IP to eth0 from another subnet. Put eth0 in the LAN firewall zone. Now you can connect directly from your computer to the Ethernet port on the Raspberry Pi. You can even set up a DHCP server on eth0 so that your computer OS gets an IP from the Raspberry Pi when the computer is directly connected to the Ethernet port on the a Raspberry Pi. You can use this connection as a primary configuration method of OpenWRT (for example to create the WAN and the LAN subinterfaces) as well as the recovery method in case you make a mistake after you applied an erroneous config to OpenWRT once the Raspberry Pi is already connected to a switch port.

When the Raspberry Pi is connected to Port2 on the switch, the VLAN that is configured as “native” or “untagged” on Port2 will have Layer 2 access to eth0. So, assign an unused VLAN number as the “native” VLAN on Port2 so that no host gets a DHCP lease from eth0 when the Raspberry Pi is connected to switch Port2. If you make VLAN1000 to be native VLAN on Port2, make sure you disallow that VLAN from any port on the switch. If you had an8-port switch, you could dedicate one switch port as a “recovery” connection and configure it for VLAN1000, but because you only have 5 ports in the switch, and every port will be occupied, do not allow VLAN1000 on any port except for Port2, where it should be configured as the “native” or “untagged” VLAN.

9

I’ve been having these symptoms since I turned 15.

10

Have you tried to compile OpenWRT in WSL?

11

In OpenWRT, all you need to do is to create the eth0.10 and eth0.20 interfaces.

12

I’m not sure why you are trying to segment your LAN into three different VLANs: 11, 22, 33.

If you do need to do that, I would do this with VLAN-capable APs that can map different SSIDs to different VLANs. Are your APs VLAN-aware? If they are, you can create several SSIDs on each and map them to respective VLANs. In this case, Port3 and Port4 would be 802.1q trunks that would allow VLAN11, and VLAN22.

One important note. You must disallow VLAN100 from every port except for Port1 and Port2. Otherwise, the unfirewalled traffic from the Internet will leak inside your LAN, which is BAD.

13

Instead of the managed switch and the AP, you can just use an OpenWrt router to do both functions.

14

This thread is about the Raspberry Pi 4B being used as an OpenWRT router; it’s not about OpenWRT being used as a switch and AP on a consumer-grade Wi-Fi router flashed with OpenWRT.

The OP wants to use a TP-Link switch, and he didn’t specify what kind of APs he has other than he has two of them.

15

My apologies. I wasn't aware that you are the sole representative of the OP. You mentioned using a switch (and an AP) along with the Pi. I said the switch and the AP can be one device. I am not sure what's upsetting you there, but if I knew it would upset you I would have thought twice!

16

Yes. That's why I suggested it.

17

Good to know. Are there any directions you could link to?

18

Apologies accepted

19

For what it's worth, this is a forum where people can provide their inputs and also should expect and accept others' comments. That normally goes without saying, but sometimes it deems necessary to state the obvious.

1 Like
20

Other than the page I already linked to that explains how to install WSL and a Linux distro, no. Once you have WSL (and Linux) installed then you just compile OpenWRT as you would on any other Linux machine.