Setting up a new Flint2 (with vanilla OpenWRT 24.10.1, not GL.iNet's version) and am curious if I should use the config file I exported from our existing TP-Link Archer C7 v2 or set it up from scratch (ie. going through all the settings manually)? I'm inclined to do the latter.
Are there any recommended settings out there to get the most out of this router? It will be a basic AP using a Raspberry Pi as DNS with Unbound.
Yes, as @slh said, it will brick the device. That's because there are hardware specific things in the configs.
It is possible to move some files -- such as the /etc/config/firewall and /etc/config/dhcp, but do not attempt to restore things like the network and wireless files from one device to another.
Some questions regarding the settings that would be best for a Flint2:
WIFI
Best 5g channel range (roughly)? Been using 153. Should I use the Channel Analysis tool to determine this for both 2.4Ghz & 5Ghz? (it was buggy last time I used it, I think)
Best "width" for 2.4Ghz & 5Ghz?
WPA3? Will it work with older devices (~8yrs)?
Or, if WPA2, is encryption fine set to "auto" or choose a cipher?
Advanced tab: Coverage cell density, etc - defaults all ok?
Interface Configuration -> Advanced tab (what are settings like Short Preamble, etc, in that list - defaults all ok?)
IPv4 and IPv6
I'd mostly disabled ipv6 on the Archer and I quite liked it (more familiar with ipv4 and ipv6 gives me a headache, tbh). I guess I should leave it on on the Flint2?
Interfaces
Anything in these settings that are worth changing?
Devices. Defaults all ok here?
Interfaces->LAN->Advanced Settings->Force Link = should be enabled?
Interfaces->LAN->Advanced Settings->Use Default Gateway = should be enabled?
"Enabled" or "Enabled (All CPUs)"? (not sure of the difference)
Firewall
Under Zones, for "Input" and "Intra Zone Forwarding", is "drop" better / more secure than "reject" (ie. to suggest there is no device at the target, etc)?
Flow Offloading? (Network->Firewall)
Had Software Flow Offloading enabled on the Archer C7, should I set it to Hardware Flow Offloading?
Drop invalid packets = should this be checked/enabled?
General Settings -> Dropdowns: Input=reject, Output=accept, Forward=reject - are these defaults ok?
Traffic rules all fine as default?
Network -> DHCP & DNS tabs
Can I safely leave all these settings under these tabs as default?
Setup Raspberry Pi as DNS Server w/Unbound
Already got this working well with the Archer by setting it's static IP in Interfaces->DHCP Server->Advanced settings.
Also have the RPi's static IP in Interfaces->WAN->Advanced Settings->Use custom DNS servers.
Is this the right way to point OpenWRT to local DNS? And are these entries on this tabs sufficient for both ipv4 and ipv6?
I appreciate any help with these questions, or please let me know if there's a config guide somewhere with (easy to understand) answers.
But I still have a few questions, if anyone is able to help, please:
Enable packet steering on this router?
For 5Ghz wifi networks, is auto good to use or better to set a channel manually? I read that auto can be problematic?
Interfaces->LAN->Advanced Settings->Force Link = should be enabled?
Interfaces->LAN->Advanced Settings->Use Default Gateway = should be enabled?
Under Zones, for "Input" and "Intra Zone Forwarding", is "drop" better / more secure than "reject" (ie. to suggest there is no device at the target, etc)?
Had Software Flow Offloading enabled on the Archer C7, should I set it to Hardware Flow Offloading?
Drop invalid packets = should this be checked/enabled?
SQM vs Cake vs Flow Offloading? Any recommendations that might improve speed?
Hmm, ok, so there's no way to optimize OpenWRT on the Flint2, then? Leave everything as default? I thought there would be at least a few tweaks here and there. And I'm pretty sure I do remember reading that for 5Ghz wifi it should be set manually to a particular channel, which is what I had set on the Archer C7 (channel 153). Anyway, thanks for your advice.
)