I've been using OpenWRT for close to a year now after I decommissioned my pfSense. I compiled a snapshot image of OpenWRT that runs on the Raspberry Pi 4b and have been running it for almost year now.
I see that the official 21.02 OpenWRT version supporting Raspberry Pi 4b has been released. I want to compile an image myself because I want to be able to take advantage of a larger SD card than 1 GB. Once I compile an image with all of the packages that I want and restore my config from the snapshot that I'm running now on the Raspberry Pi 4b, what are my choices for keeping the 21.02 up to date? With the snapshot that I compiled for the Raspberry Pi 4b, I couldn't really update packages because they would become incompatible with my snapshot image very quickly. So, I basically had to re-compile the snapshot image to keep it up-to-date, which I stopped doing because it was way too labor intensive.
Now that I can install the offical release of 21.02, I would like to undertand the upgrade procedures. I've read up on upgrading an OpenWRT image many times, and I think I have a mental block against it because for the life of me, I can't fully understand it. It looks like when I upgrade to the next release, my whole storage will get overwritten with the new OS release, and even though the settings should survive, the additional (non-default) packages that I have installed will not survive. Is this correct?
There seem to be some third-party scripts available to keep a list of installed packages, so that they can be re-downloaded post-OS upgrade, but it seems to me that the procedure is not very straightforward. So, I have a number of questions:
Do people update individual packages before updating to the next official dot release of OpenWRT? It seems like the individual packages can be updated without overwriting the entire storage. If so, how often do you update packages?
Do you update to every new dot release of OpenWRT? If so, what procedure do you use to bring back all the packages after your OpenWRT installation gets wiped by the new OpenWRT dot release?
Are there any plans by OpenWRT developers to make the upgrade to the next official dot release or even major release to be more straightforward? For example with pfSense, you don't have to fiddle with third-party scripts because the OS installer takes care of the upgrade and re-download of all of the packages that were installed prior to the OS upgrade?
I think one of the major roadblocks to adopting OpenWRT as a firewall of choice not just for home use, but also for small-business use, is how labor-intensive the upgrade to the next version is and how disruptive it could be for the business in case it goes wrong. Making that process automatic would really help. Personally, I think OpenWRT is a brilliant solution, and for my purposes of an advanced home network, it is way superior to pfSense performance wise and QoS/SQM wise. However, the updates and the upgrades of OpenWRT are what gives me a pause to recommend it.
I do it frequently and it usually works fine for me, at least with base or rather popular packages. Branch updates are a bit more conservative compared to master as well.
I usually do not upgrade to every dot release since bugfixes often do not affect my configuration or device and since I can address individual non-kernel security issues by upgrading related packages (e.g. OpenSSL)
Main problem is that in many scenarios additional packages are required to obtain wan connectivity in the first place, creating a chicken/egg problem. Also a lot of supported platforms are severely space constrained, making things like pre-downloading new packages for the upgrade impossible. It would be doable for devices with a lot of space (x86, sdcard stuff etc.) but that would imply developing a second, completely different upgrade mechanism. Technically doable but so far nobody had interest to do that - and maintain it in the long run.
pfSense has less issues implementing a proper inplace upgrade because it only targets platforms with plenty of storage space.
I upgraded to 21 and it was fine except all the bridges needed to be reassigned to interfaces due to the 21 handling the bridged interfaces differently from 19. If I didn’t have my interfaces bridged, it would have worked without any issues.
I compiled 21 from source and then restored the backup from 19 to 21.
I’ve never done attended upgrade, but from what I’ve read, you have to run third-party scripts to be able to carry over the configs for the packages you installed manually. So, to me it’s not worth my time. It’s easier for me to compile a new image, transfer it to a new SD card, boot OpenWRT to the new image from the new SD card, and restore the previous version’s backup onto it.
I wish OpenWRT developers would spend some time on making the upgrade more streamlined. Perhaps, create a second parturition on the devices that have plenty of storage and transfer all the configs to that partition as well as install the same packages to the second partition. Then, rebooting to the second partition would effectively upgrade the system to the new OpenWRT version with all the same packages and the same configs. If something doesn’t work, a quick reboot back into the first partition would bring the system online on the previous version without much downtime.
I moved my TP-LINK TD-W8970 from a 7 yrs old Chaos Calmer to OpenWrt 21.02.1 by means of sysupgrade without no trouble at all. By the way, I configured OpenWrt manually, that is no backup from old to new were used.
Once I got the 21.02.1 the problem was the lack of space to install an USB key ad use it as overlay. Thanks to the very well done online docs I learnt how to use Imagebuilder to create a smaller image; I'm not a sw developer, so it tooks a couple of days to understand things, create, install and have it up and running.
As for me I will manually do the same in the future, i.e. neither automagic scripts nor backups to restore, in order to (try to) keep the control of what happens...
