Browse Source

posts/mikrotik-hap-ac-openwrt-installation.md: New post

article-mikrotik-hap-ac-openwrt
Collin J. Doering 1 year ago
parent
commit
5cd1823faa
Signed by: rekahsoft <collin@rekahsoft.ca> GPG Key ID: 7B4DEB93212B3022
1 changed files with 116 additions and 0 deletions
  1. +116
    -0
      posts/mikrotik-hap-ac-openwrt-installation.md

+ 116
- 0
posts/mikrotik-hap-ac-openwrt-installation.md View File

@@ -0,0 +1,116 @@
---
title: Installing OpenWrt on the Mikrotik hap-ac
author: Collin J. Doering
date: 2019-12-01
description: Use dnsmasq to provide a dhcp+tftp server in order to netboot OpenWrt on Mikrotik hap-ac routers
tags: general, hardware, networking, dhcp, tftp, OpenWrt, mikrotik
---

Recently I purchased a [Mikrotik hap-ac
router](https://mikrotik.com/product/RB962UiGS-5HacT2HnT) as I am in the process of moving away
from the unify access points I currently use in my home network. The main reasons for this
is the numerous [GPL
violations](https://sfconservancy.org/blog/2019/oct/02/cambium-ubiquiti-gpl-violations/), the
introduction of a [call home feature](https://news.ycombinator.com/item?id=21430997) without
telling users, as well as the lack of deeper control that only comes with open source software.
In any case, the end goal is to leverage [Openwisp](http://openwisp.org/) as the wireless
access point controller, and OpenWrt powered access points everywhere in the house. One nice
thing about using OpenWrt is that my older [Unify
AC-LR](https://store.ui.com/products/unifi-ac-lr), also [supports
it](https://openwrt.org/toh/ubiquiti/unifiac), so I can use a similar process to the one I will
describe in this article to leverage my older equipment in the case I do not sell it right
away.

This article will detail how to install OpenWrt on the Mikrotik hap-ac router, but will save
setup of the access points as well as Openwisp to another article.

<!--more-->

Though there is [a guide provided within the OpenWrt
wiki](https://openwrt.org/toh/mikrotik/common) regarding installation onto Mikrotik (and other)
devices, I found that it was not as clear as it could be, mainly due the many options
mentioned, but none clearly demonstrated. Here I would like provide clear and concise
instructions on how to install OpenWrt on the Mikrotik hap-ac, though the process could be used
for any netboot installation of OpenWrt (with some modification).

The high-level process is quiet simple, and the OpenWrt does do a good job of describing this
in its wiki. Here is the TLDR:

1. Ensure router/device will utilize netboot upon start. This will vary per router/device.
2. Run local `dhcp` server and `tftp` server, ensuring the appropriate firmware file is
referenced as `dhcp` `option 66`.
3. Ensure router/device is plugged into computer running the `dhcp+tftp` server.
4. Reboot the router and keep an eye on the `dhcp`/`tftp` server logs to confirm the router
gets an ip address from the local dhcp server, as well as downloads the firmware binary
referenced by `dhcp option 66`.

Now luckily [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) provides both a `dhcp` and
`tftp` server, which is easy to configure and use. First, ensure `dnsmasq` is installed, and
place the following in `/etc/dnsmasq.conf`.

```
port=0
interface=enp0s20f0u2u4
bind-interfaces
dhcp-range=192.168.0.11,192.168.0.150,12h
dhcp-boot=openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin
dhcp-option-force=66,192.168.0.10
enable-tftp
tftp-root=/srv/tftp
```

Make sure to change the `interface` to match which one you are using to connect to the router.
Additionally, create a folder to store `tftp` files and download the appropriate firmware binaries
to this directory, referencing them correctly in the `dnsmasq` configuration `dhcp-boot` and
`tftp-root`


```shell
mkdir /srv/tftp
chown dnsmasq:dnsmasq /srv/tftp
```

Finally, we need to start the `dnsmasq` service, power cycle the router and watch the log
output from the `dnsmasq` service.

Assuming you are using `systemd`, you would do this like so:

```shell
sudo systemctl start dnsmasq
sudo journalctl -fu dnsmasq
```

Below is a sample of the log output I received when netbooting my Mikrotik hap-ac:

```
Nov 20 21:02:04 rekahsoft-work dnsmasq[23837]: dnsmasq: syntax check OK.
Nov 20 21:02:04 rekahsoft-work systemd[1]: Started A lightweight DHCP and caching DNS server.
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: started, version 2.80 DNS disabled
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: compile time options: IPv6 GNU-getopt DBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify dumpfile
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: DBus support enabled: connected to system bus
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, IP range 192.168.0.11 -- 192.168.0.150, lease time 12h
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, sockets bound exclusively to interface enp0s20f0u2u4
Nov 20 21:02:04 rekahsoft-work dnsmasq-tftp[23839]: TFTP root is /srv/tftp
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:19 rekahsoft-work dnsmasq-tftp[23839]: sent /srv/tftp/openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin to 192.168.0.108
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
```

You'll notice that first the router receives an IP address via `DHCP` followed by the
appropriate firmware binary being sent to the device. At this point, the router will be running
OpenWrt, though completely ephemerally until it is permanently installed (either via the web
interface or via ssh). I was unable to do the installation via the web interface as when net
booting, device board auto-recognition did not work correctly (with a message saying
"Sysupgrade is not yet supported on unknown."), which required me dropping the appropriate
board version into `/some/path/to/the/board/file/openwrt` (see [this form
post](https://forum.openwrt.org/t/mikrotik-rb952ui-5ac2nd/33635)). Since I was already there, I
proceeded to complete the installation via command-line, though it would have been just as easy
to go back to the web ui.

There we have it! OpenWrt installed onto a Mikrotik hap-ac router. Easy peasy, thanks to `dnsmasq`!

Loading…
Cancel
Save