|
|
@@ -0,0 +1,116 @@ |
|
|
|
--- |
|
|
|
title: Installing OpenWrt on the Mikrotik hap-ac |
|
|
|
author: Collin J. Doering |
|
|
|
date: 2019-12-01 |
|
|
|
description: Use dnsmasq to provide a dhcp+tftp server in order to netboot OpenWrt on Mikrotik hap-ac routers |
|
|
|
tags: general, hardware, networking, dhcp, tftp, OpenWrt, mikrotik |
|
|
|
--- |
|
|
|
|
|
|
|
Recently I purchased a [Mikrotik hap-ac |
|
|
|
router](https://mikrotik.com/product/RB962UiGS-5HacT2HnT) as I am in the process of moving away |
|
|
|
from the unify access points I currently use in my home network. The main reasons for this |
|
|
|
is the numerous [GPL |
|
|
|
violations](https://sfconservancy.org/blog/2019/oct/02/cambium-ubiquiti-gpl-violations/), the |
|
|
|
introduction of a [call home feature](https://news.ycombinator.com/item?id=21430997) without |
|
|
|
telling users, as well as the lack of deeper control that only comes with open source software. |
|
|
|
In any case, the end goal is to leverage [Openwisp](http://openwisp.org/) as the wireless |
|
|
|
access point controller, and OpenWrt powered access points everywhere in the house. One nice |
|
|
|
thing about using OpenWrt is that my older [Unify |
|
|
|
AC-LR](https://store.ui.com/products/unifi-ac-lr), also [supports |
|
|
|
it](https://openwrt.org/toh/ubiquiti/unifiac), so I can use a similar process to the one I will |
|
|
|
describe in this article to leverage my older equipment in the case I do not sell it right |
|
|
|
away. |
|
|
|
|
|
|
|
This article will detail how to install OpenWrt on the Mikrotik hap-ac router, but will save |
|
|
|
setup of the access points as well as Openwisp to another article. |
|
|
|
|
|
|
|
<!--more--> |
|
|
|
|
|
|
|
Though there is [a guide provided within the OpenWrt |
|
|
|
wiki](https://openwrt.org/toh/mikrotik/common) regarding installation onto Mikrotik (and other) |
|
|
|
devices, I found that it was not as clear as it could be, mainly due the many options |
|
|
|
mentioned, but none clearly demonstrated. Here I would like provide clear and concise |
|
|
|
instructions on how to install OpenWrt on the Mikrotik hap-ac, though the process could be used |
|
|
|
for any netboot installation of OpenWrt (with some modification). |
|
|
|
|
|
|
|
The high-level process is quiet simple, and the OpenWrt does do a good job of describing this |
|
|
|
in its wiki. Here is the TLDR: |
|
|
|
|
|
|
|
1. Ensure router/device will utilize netboot upon start. This will vary per router/device. |
|
|
|
2. Run local `dhcp` server and `tftp` server, ensuring the appropriate firmware file is |
|
|
|
referenced as `dhcp` `option 66`. |
|
|
|
3. Ensure router/device is plugged into computer running the `dhcp+tftp` server. |
|
|
|
4. Reboot the router and keep an eye on the `dhcp`/`tftp` server logs to confirm the router |
|
|
|
gets an ip address from the local dhcp server, as well as downloads the firmware binary |
|
|
|
referenced by `dhcp option 66`. |
|
|
|
|
|
|
|
Now luckily [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) provides both a `dhcp` and |
|
|
|
`tftp` server, which is easy to configure and use. First, ensure `dnsmasq` is installed, and |
|
|
|
place the following in `/etc/dnsmasq.conf`. |
|
|
|
|
|
|
|
``` |
|
|
|
port=0 |
|
|
|
interface=enp0s20f0u2u4 |
|
|
|
bind-interfaces |
|
|
|
dhcp-range=192.168.0.11,192.168.0.150,12h |
|
|
|
dhcp-boot=openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin |
|
|
|
dhcp-option-force=66,192.168.0.10 |
|
|
|
enable-tftp |
|
|
|
tftp-root=/srv/tftp |
|
|
|
``` |
|
|
|
|
|
|
|
Make sure to change the `interface` to match which one you are using to connect to the router. |
|
|
|
Additionally, create a folder to store `tftp` files and download the appropriate firmware binaries |
|
|
|
to this directory, referencing them correctly in the `dnsmasq` configuration `dhcp-boot` and |
|
|
|
`tftp-root` |
|
|
|
|
|
|
|
|
|
|
|
```shell |
|
|
|
mkdir /srv/tftp |
|
|
|
chown dnsmasq:dnsmasq /srv/tftp |
|
|
|
``` |
|
|
|
|
|
|
|
Finally, we need to start the `dnsmasq` service, power cycle the router and watch the log |
|
|
|
output from the `dnsmasq` service. |
|
|
|
|
|
|
|
Assuming you are using `systemd`, you would do this like so: |
|
|
|
|
|
|
|
```shell |
|
|
|
sudo systemctl start dnsmasq |
|
|
|
sudo journalctl -fu dnsmasq |
|
|
|
``` |
|
|
|
|
|
|
|
Below is a sample of the log output I received when netbooting my Mikrotik hap-ac: |
|
|
|
|
|
|
|
``` |
|
|
|
Nov 20 21:02:04 rekahsoft-work dnsmasq[23837]: dnsmasq: syntax check OK. |
|
|
|
Nov 20 21:02:04 rekahsoft-work systemd[1]: Started A lightweight DHCP and caching DNS server. |
|
|
|
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: started, version 2.80 DNS disabled |
|
|
|
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: compile time options: IPv6 GNU-getopt DBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify dumpfile |
|
|
|
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: DBus support enabled: connected to system bus |
|
|
|
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, IP range 192.168.0.11 -- 192.168.0.150, lease time 12h |
|
|
|
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, sockets bound exclusively to interface enp0s20f0u2u4 |
|
|
|
Nov 20 21:02:04 rekahsoft-work dnsmasq-tftp[23839]: TFTP root is /srv/tftp |
|
|
|
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28 |
|
|
|
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28 |
|
|
|
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28 |
|
|
|
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28 |
|
|
|
Nov 20 21:02:19 rekahsoft-work dnsmasq-tftp[23839]: sent /srv/tftp/openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin to 192.168.0.108 |
|
|
|
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28 |
|
|
|
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28 |
|
|
|
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28 |
|
|
|
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28 |
|
|
|
``` |
|
|
|
|
|
|
|
You'll notice that first the router receives an IP address via `DHCP` followed by the |
|
|
|
appropriate firmware binary being sent to the device. At this point, the router will be running |
|
|
|
OpenWrt, though completely ephemerally until it is permanently installed (either via the web |
|
|
|
interface or via ssh). I was unable to do the installation via the web interface as when net |
|
|
|
booting, device board auto-recognition did not work correctly (with a message saying |
|
|
|
"Sysupgrade is not yet supported on unknown."), which required me dropping the appropriate |
|
|
|
board version into `/some/path/to/the/board/file/openwrt` (see [this form |
|
|
|
post](https://forum.openwrt.org/t/mikrotik-rb952ui-5ac2nd/33635)). Since I was already there, I |
|
|
|
proceeded to complete the installation via command-line, though it would have been just as easy |
|
|
|
to go back to the web ui. |
|
|
|
|
|
|
|
There we have it! OpenWrt installed onto a Mikrotik hap-ac router. Easy peasy, thanks to `dnsmasq`! |