Corrente

If you have "no place to go," come here!

Common Household Remedies Request

OK, I'm going to give up the unequal struggle and change my router to my new WNDR3800 (hat tip, okanagen) and install OpenWRT software so I can do customization to my needs (ideally letting my tenants fuck themselves up and not me).

But I'm looking at the OpenWRT documentation, and it is a little more hirsute than I would like. (A former sysadmin friend of mine informs me that it's possible, though not easy, to "brick" a router, because one is writing code to the CMOS, i.e., to a chip.) So here are the "OEM easy installation" directions for the WNDR3800, in their entirety. (There are others, but I like the word "easy.")

OEM easy installation

You may install OpenWRT using upgrade firmware of web interface of original firmware.
  1. Download a squashfs-factory image file of OpenWRT.
  2. Set IP from pool 192.168.1.2-192.168.1.254 on your computer and next open http://192.168.1.1 in the web brouser.

What does "Set IP from pool 192.168.1.2-192.168.1.254 on your computer" mean? Where do I set it? (I'm on Mac OS X, but if I have the concept, I can dope out how to do it on my machine.)

  1. Select an Administration page, use firmware file selection button and firmware upgrade button to start firmware upgrade process.

I'm assuming this is a file transfer to the router?

  1. Confirm firmwware upgrade to OpenWRT.
  2. Wait upload process, firmware upgrade process, additional wait up to 10 minutes. You wiil be able to notice this moment when browser won't be load http://192.168.1.1/index.htm at its next updating.

What does "You wiil be able to notice this moment when browser won't be load." Does that mean the router is part-way through the install (writing to the CMOS?) and so won't react?

  1. Telnet to 192.168.1.1. You in the OpenWRT console. Now you may install LuCI if needed.
  2. If you can't connect via telnet, simple switch off and turn on router, wait several tens of seconds for router booting, and again try connect.

    And here are the LuCl instructions:

    Installation

    1. Retrieve the current list of available packages in the repository:
      opkg update
    • For a full LuCI installation without HTTPS support:
      opkg install luci
    • For a full LuCI installation with HTTPS support
      opkg install luci-ssl

      Clear enough, but where am I doing this?

0
No votes yet
Updated: 

Comments

Barmitt O'Bamney's picture
Submitted by Barmitt O'Bamney on

1) Assign your Mac an ip address on its WIRED interface of 192.168.1.pick-any-number-between-2-and-254 ; eg: 192.168.1.20
Doing this puts your computer's ethernet adapter on the same network and subnet as the router's ethernet, so that they can communicate. This reflash procedure is a simple upload of a file via http, accomplished through your web browser.

You would assign the address in your Mac's Networking setting - specifically TCP/IP settings, by setting the interface to 'manual' or 'static' configuration, as opposed to 'automatic' or 'dhcp'. The networking configuration will demand some other info of you at the same time. Some of the values like "netmask" it may supply or suggest automatically. Here are safe values to put in.
ipaddress 192.168.1.20 (this is the important thing)
netmask 255.255.255.0 (not that this particularly matters right now)
defaultroute or gateway of 192.168.1.1 (not that this particularly matters)
dns resolver or nameserver of 192.168.1.1 (not that this particularly matters)
I include the extra settings because for all I know your system will complain and refuse to go ahead, if you attempt to leave them blank.

Turn off any firewall you may have running. If you have already determined which openwrt or ddwrt image you need for your router and you have already downloaded it (and have presumably also verified its integrity by whatever means the author's of the firmware publish such as md5sums) you can proceed to brick your router with the re-flashing of your router with the new image.

If you complete the tcp settings, your computer will reset the ethernet interface accordingly and you should be able now to connect to the router's webserver, which serves up it's administrative settings as webpages. Confirm this by entering "http://192.168.1.1 " in your browser. You should see a page that looks like the example screenshots in the router's printed manual. If no page loads, obviously something is wrong with the tcp settings and you'll have to revisit them.

Find the page in the router's administrative section for firmware upgrades. From what you say there are two buttons, one to select an image, the other to commit the change. Push select first, and select the firmware image when prompted. If you have ever uploaded say an picture to a photo hosting service using your browser's file selection dialog, it's just like that. Once you commit to the reflash there's no going back. The browser page which probably auto-refreshes from what you've described, will stop reloading. You can now no longer connect to the router via a web interface, because evidently the new firmware does not have a web interface AS YET. When the reflash is complete, the router is in a state of being ready to install stuff (like a convenient web interface) and can only be contacted via telnet. Like they said, once the web page fails to reload you want to wait several minutes like maybe ten, before doing anything further. Open a terminal or "console" window as it may be called on OSX, and telnet into the router. We will just assume that the router's lan-ward facing ethernet address remains as before, because they haven't told us it will change to anything else.

$ telnet 192.168.1.1

Type in the commands as they've given them
"opkg update" omitting the quotation marks.
then,
"opkg install luci"
(or opkg install luci-ssl)

As to where this is all happening? it is happening in the router. You are in a maze of twisty passages all alike. The text in your terminal window is all coming from the router once you telnet in. The first command retrieves a current list of available packages to install. The second installs a full suite of router utilities and a web enabled graphical interface. The command opkg install luci-ssl installs the same thing but with ssl encryption for the web interface.

What isn't clear to me is how the router -newly flashed with openwrt- will retrieve its package list or download them for installation, without being first configured to log on to your ISP's connection. There must be some commands to set that up (at least username password vpi vci et cetera) first, or else of this "opkg install blah blah" installation process is supposed to happen with your new router's wan interface plugged into something else with a working internet connection (such as your old router), and you finish up your new openwrt install by copying over your isp login info.

Barmitt O'Bamney's picture
Submitted by Barmitt O'Bamney on

Just to underscore a couple of things:
If you don't have an ethernet adapter in your computer, you must get one or use some computer that does have one. Once you do the reflash procedure - which you should do over ethernet- you will not be able to connect to the router wirelessly at all until it is more or less fully configured. Maybe it has a default ssid, a default channel and a open connection policy? Well, don't count on that.

Also, it is important to understand that there will initially be NO web interface to configure the router with. That is the clear implication to me of opkg install luci (with http web gui enabled ) or opkg install luci-ssl (same thing with https support). From the description, they install http support. So until one of those package sets are installed, connection/configuration with a browser is not possible. Initially you will have to configure the router with command line interface only. This is what the "telnet" command is about. You asked where do I do this stuff with the opkg command? In the terminal window once you run "telnet 192.168.1.1", you are talking to the router's newly hatched OS, not your local system. Commands like "okpg" are entered in the terminal window at the telnet prompt, typing on your keyboard, but they execute on the router, the remote system you are conversing with.

I am pretty sure you are going to need to know how to configure the router's connection to the isp by command line tools before you even get to "opkg install anythingwhatsoever" The clear implication of "opkg update" is that the router OS is going to fetch an updated package list from the openwrt software repository over the internetz. (if that list were in the firmware flash image, it wouldn't need updating) And those installable software packages likewise reside "out there", beyond your local system or your local network. Must have running internet connection somehow for this.

I would assume the worst case scenario and prepare myself to configure the router to connect to the isp via commands entered over telnet. What are the commands to use? What are the details about my connection I'll need to know? Preferably you'll have everything written down: which protocol to use, username and chap-secret (password) vpi /vci, isp's nameservers. Some of t his may autoconfigure like vpi/vci and nameservers. But you'll at least need to know protocol and username/password. Otherwise, it may be possible to connect the router to the outside world for installation purposes if you have a modem supplied by your isp that manages the pppoe or other style of connection itself and offers bridged connection or dhcp configured lan connection. On the other hand, it could be that for security reasons, a router OS distribution would do nothing at all to helpfully start up an dhcp autoconfigured WAN interface, but would take no action until you intervene and explicitly authorize it - thus requiring you to be ready to do it yourself.

Finally, I want to underscore the importance of having the right firmware image/version for your specific hardware. The very latest release may not automatically mean it's appropriate for your router. Flashing with the wrong version will at best fail, and at worst will instantly convert your router into a paperweight.

Take your time and ask people who actually use this software for expert advice. There are forums for just this kind of thing - and I'm 100% sure there is a forum for just this specific router OS project. These forums will be full of know it alls - who actually pretty much do know it all. They'll be happy to answer beginner questions like: What does RTFM mean? What do I do first, second, third and so forth to get to the point where I can configure stuff by the web gui? Google for your router make/model number and openwrt and see what kind of problems people run into, if any.

mellon's picture
Submitted by mellon on

your computer is connected by wireless, and you dont have Ethernet? Is there a way you can use another computer- one with Ethernet, for the upgrade?

If not, you need to make sure you wont be locked out.

I don't know if the default settings, which it will be set tou when it reboots, even allow wireless configuration.

One could make a good argument that they shouldn't.

IMO, you should buy a USB to Ethernet convreter, because your router should not be configured to allow configuration from wireless, ever. you should only be able to configure it from inside your firewall, on a wired connection.

Otherwise, anybody can configure it until you change the password, and after that anybody could brute force the password using a password cracker.

Make sure you change that password first thing.

If I were you I would write down your DNS server, gateway IP, etc. before you do the upgrade Also, download all the instructions you need, as well as a copy of the old firmware as well, just in case.

You can probably find a OSX compatible USB-Ethernet converter for $5-10 at Amazon.com and have it delivered in 2 or 3 days at the most.

Submitted by lambert on

A reader submits the following through the contact form:

Subject: This might answer your OpenWRT questions.

Body: "What does "Set IP from pool 192.168.1.2-192.168.1.254 on your computer"
mean? Where do I set it? (I'm on Mac OS X, but if I have the concept, I can
dope out how to do it on my machine.)"

Normally your IP address is assigned dynamically via DHCP by the upstream
router. You don't want that in this case. You want to choose your own
"static" IP address for your computer. I'm not an Apple user, but it'll be
somewhere in the computer's network settings. You can certainly google "OSX
static ip address" and find some clues. The router will automatically choose
192.168.1.1 for its own address, so you must not use that as your computer's
address. 192.168.1.2 should work fine.

"I'm assuming this is a file transfer to the router?"
Yep. Connecting with a web browser to 192.168.1.1 will get you to the
netgear administration pages and through it's firmware update page, you'll be
able to upload the OpenWRT firmware. Losing your connection while doing this
wirelessly can brick the router so use a network cable if possible.

"What does "You will be able to notice this moment when browser won't be
load." Does that mean the router is part-way through the install (writing to
the CMOS?) and so won't react?"

When the upload is taking place, the update page will usually have some
activity on it somewhere that will let you know the upload is ongoing. Most
routers will reboot automatically when the update is finished which basically
crashes the page. Seeing server not found or something to that effect, or
just watching the lights on the router will let you know it rebooted. If in
doubt, wait longer.

"Telnet to 192.168.1.1. You in the OpenWRT console. Now you may install LuCI
if needed."
-- snip --
"Clear enough, but where am I doing this?"

Telnet is a program you have to run on your computer in a command line
terminal. OSX should have a terminal buried in the utilities somewhere and
telnet is a UNIX staple so I would guess you won't have to download anything
extra. Basically, running the command "telnet " (in this case 192.168.1.1)
will connect your command line terminal on your computer to a terminal on the
newly OpenWRT'd router. Once connected, you can run commands directly on the
router through that terminal to do any administration tasks. If it doesn't
connect, the router probably hasn't rebooted yet after the firmware upgrade,
which is why they mention hitting the switch. FYI, hitting the switch before
the firmware is finished updating is VERY dangerous.

You can actually do all administration via a telnet session but install luci
on the router and save yourself a lot of trouble. After you've connected to
the router via the telnet command, enter the opkg update && opkg install luci
commands. After that, pointing your web browser at http://192.168.1.1 should
load the luci GUI and you can quit all of the command line voodoo. If you
install the ssl version, it'll be https://192.168.1.1.

Returning your computer to its former dynamic IP address settings should be
okay at this point.

Submitted by lambert on

There seems to be some kind of nameserver issue, too. (And last night, trying to optimize nameservers with Namebench, I saw that my ISP wasn't even listed (?!?!?).)

For example, just before I rebooted (now WiFi is working again) I had the terminal pinging google, with no host found. At the same time Yahoo Mail was working. Go figure.

OK, I am off to take the first step, which as I see it is to connect the new router to an ethernet port on the old router, and hope that the new router firmware is more sane. Then I can worry about OpenWRT (and from a machine with an Ethernet port, which my Air does not have