editor
501
edits
OpenWRT routers: Difference between revisions
Flesh out the instructions
m (Don't use a 'wan6' interface) |
(Flesh out the instructions) Tags: Mobile edit Mobile web edit |
||
|
= Overview =
[https://en.wikipedia.org/wiki/OpenWrt OpenWrt] is an open source operating system specifically designed for
The current range of Technicolor routers (e.g. DGA0122) use a customised version of OpenWrt.
A key feature of OpenWrt is that additional packages may be added to the base system. VPN servers, and advert blocking services are popular
OpenWrt can be configured using the shell commands when accessing the router with ssh or a serial console. This uses the Unified Configuration Interface [https://openwrt.org/docs/guide-user/base-system/uci (UCI) commands]. You can also edit the configuration files directly, though there is no verification of settings made via this route, use with caution. There is also a web based configuration management system that can be run if you have sufficient memory and resources. The [https://openwrt.org/docs/techref/luci LuCI web configuration] system may need [https://openwrt.org/docs/guide-user/base-system/uci to be installed] onto the base system.▼
= Securing the Router =
OpenWrt is a very secure operating system. This is the result of the open nature of the development process. Many eyes mean that all bugs are shallow, and and problems that are found are fixed quickly as there is no opaque company that has to do the development. But you should do the basic steps to your new installation of changing the base password to a long complex one ideally one generated by your password manager. Ideally you should use public key authentication for ssh access, and disable password logins.
= Configuration =
▲OpenWrt can be configured using the shell commands when accessing the router with ssh or a serial console. This uses the Unified Configuration Interface [https://openwrt.org/docs/guide-user/base-system/uci (UCI) commands]. You can also edit the configuration files directly, though there is no verification of settings made via this route, use with caution. There is also a web based configuration management system that can be run if you have sufficient memory and resources. The [https://openwrt.org/docs/techref/luci LuCI web configuration] system may need [https://openwrt.org/docs/guide-user/base-system/uci to be installed] onto the base system, although on modern installations (other than using snapshot versions) Luci is likely to be preinstalled.
Editing the configuration files in the "/etc/config" directory can be done in situ - the Unix standard "vi" editor is preinstalled. Once OpenWrt is online, additional packages may be installed - the "nano" editor is popular with basic users.
Alternatively scp or sftp file transfer clients may be used to copy configuration files to a local machine, edit locally, and copy back. Note that the preinstalled ssh server doesn't support sftp, you may have to force your scp client to use 'old' scp (e.g. "scp -O" - you can install the sftp server package later).
= Configuring the WAN interface to access AAISP =
A new OpenWrt installation will be accessible over Ethernet using ssh, and (unless installed from a snapshot) over a web gui. Username is "root" with no password. The installation will usually have two interfaces defined - "wan" and "lan", with a firewall zone for each.
In order to access AAISP, the router needs to talk PPPoE over the WAN interface. IPCP will configure IPv4, and then IP6CP will start to configure IPv6. The heavy lifting of IPv6 configuration will be normally be done by DHCPv6.
| |||