posts/mikrotik-hap-ac-openwrt-installation.md: New post
This commit is contained in:
parent
6fb3d3046b
commit
5cd1823faa
GPG Key ID:
7B4DEB93212B3022
116
posts/mikrotik-hap-ac-openwrt-installation.md
Normal file
116
posts/mikrotik-hap-ac-openwrt-installation.md
Normal file
@ -0,0 +1,116 @@
|
||||
---
|
||||
title: Installing OpenWrt on the Mikrotik hap-ac
|
||||
author: Collin J. Doering
|
||||
date: 2019-12-01
|
||||
description: Use dnsmasq to provide a dhcp+tftp server in order to netboot OpenWrt on Mikrotik hap-ac routers
|
||||
tags: general, hardware, networking, dhcp, tftp, OpenWrt, mikrotik
|
||||
---
|
||||
|
||||
Recently I purchased a [Mikrotik hap-ac
|
||||
router](https://mikrotik.com/product/RB962UiGS-5HacT2HnT) as I am in the process of moving away
|
||||
from the unify access points I currently use in my home network. The main reasons for this
|
||||
is the numerous [GPL
|
||||
violations](https://sfconservancy.org/blog/2019/oct/02/cambium-ubiquiti-gpl-violations/), the
|
||||
introduction of a [call home feature](https://news.ycombinator.com/item?id=21430997) without
|
||||
telling users, as well as the lack of deeper control that only comes with open source software.
|
||||
In any case, the end goal is to leverage [Openwisp](http://openwisp.org/) as the wireless
|
||||
access point controller, and OpenWrt powered access points everywhere in the house. One nice
|
||||
thing about using OpenWrt is that my older [Unify
|
||||
AC-LR](https://store.ui.com/products/unifi-ac-lr), also [supports
|
||||
it](https://openwrt.org/toh/ubiquiti/unifiac), so I can use a similar process to the one I will
|
||||
describe in this article to leverage my older equipment in the case I do not sell it right
|
||||
away.
|
||||
|
||||
This article will detail how to install OpenWrt on the Mikrotik hap-ac router, but will save
|
||||
setup of the access points as well as Openwisp to another article.
|
||||
|
||||
<!--more-->
|
||||
|
||||
Though there is [a guide provided within the OpenWrt
|
||||
wiki](https://openwrt.org/toh/mikrotik/common) regarding installation onto Mikrotik (and other)
|
||||
devices, I found that it was not as clear as it could be, mainly due the many options
|
||||
mentioned, but none clearly demonstrated. Here I would like provide clear and concise
|
||||
instructions on how to install OpenWrt on the Mikrotik hap-ac, though the process could be used
|
||||
for any netboot installation of OpenWrt (with some modification).
|
||||
|
||||
The high-level process is quiet simple, and the OpenWrt does do a good job of describing this
|
||||
in its wiki. Here is the TLDR:
|
||||
|
||||
1. Ensure router/device will utilize netboot upon start. This will vary per router/device.
|
||||
2. Run local `dhcp` server and `tftp` server, ensuring the appropriate firmware file is
|
||||
referenced as `dhcp` `option 66`.
|
||||
3. Ensure router/device is plugged into computer running the `dhcp+tftp` server.
|
||||
4. Reboot the router and keep an eye on the `dhcp`/`tftp` server logs to confirm the router
|
||||
gets an ip address from the local dhcp server, as well as downloads the firmware binary
|
||||
referenced by `dhcp option 66`.
|
||||
|
||||
Now luckily [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) provides both a `dhcp` and
|
||||
`tftp` server, which is easy to configure and use. First, ensure `dnsmasq` is installed, and
|
||||
place the following in `/etc/dnsmasq.conf`.
|
||||
|
||||
```
|
||||
port=0
|
||||
interface=enp0s20f0u2u4
|
||||
bind-interfaces
|
||||
dhcp-range=192.168.0.11,192.168.0.150,12h
|
||||
dhcp-boot=openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin
|
||||
dhcp-option-force=66,192.168.0.10
|
||||
enable-tftp
|
||||
tftp-root=/srv/tftp
|
||||
```
|
||||
|
||||
Make sure to change the `interface` to match which one you are using to connect to the router.
|
||||
Additionally, create a folder to store `tftp` files and download the appropriate firmware binaries
|
||||
to this directory, referencing them correctly in the `dnsmasq` configuration `dhcp-boot` and
|
||||
`tftp-root`
|
||||
|
||||
|
||||
```shell
|
||||
mkdir /srv/tftp
|
||||
chown dnsmasq:dnsmasq /srv/tftp
|
||||
```
|
||||
|
||||
Finally, we need to start the `dnsmasq` service, power cycle the router and watch the log
|
||||
output from the `dnsmasq` service.
|
||||
|
||||
Assuming you are using `systemd`, you would do this like so:
|
||||
|
||||
```shell
|
||||
sudo systemctl start dnsmasq
|
||||
sudo journalctl -fu dnsmasq
|
||||
```
|
||||
|
||||
Below is a sample of the log output I received when netbooting my Mikrotik hap-ac:
|
||||
|
||||
```
|
||||
Nov 20 21:02:04 rekahsoft-work dnsmasq[23837]: dnsmasq: syntax check OK.
|
||||
Nov 20 21:02:04 rekahsoft-work systemd[1]: Started A lightweight DHCP and caching DNS server.
|
||||
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: started, version 2.80 DNS disabled
|
||||
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: compile time options: IPv6 GNU-getopt DBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify dumpfile
|
||||
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: DBus support enabled: connected to system bus
|
||||
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, IP range 192.168.0.11 -- 192.168.0.150, lease time 12h
|
||||
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, sockets bound exclusively to interface enp0s20f0u2u4
|
||||
Nov 20 21:02:04 rekahsoft-work dnsmasq-tftp[23839]: TFTP root is /srv/tftp
|
||||
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28
|
||||
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
|
||||
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
|
||||
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
|
||||
Nov 20 21:02:19 rekahsoft-work dnsmasq-tftp[23839]: sent /srv/tftp/openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin to 192.168.0.108
|
||||
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28
|
||||
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
|
||||
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
|
||||
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
|
||||
```
|
||||
|
||||
You'll notice that first the router receives an IP address via `DHCP` followed by the
|
||||
appropriate firmware binary being sent to the device. At this point, the router will be running
|
||||
OpenWrt, though completely ephemerally until it is permanently installed (either via the web
|
||||
interface or via ssh). I was unable to do the installation via the web interface as when net
|
||||
booting, device board auto-recognition did not work correctly (with a message saying
|
||||
"Sysupgrade is not yet supported on unknown."), which required me dropping the appropriate
|
||||
board version into `/some/path/to/the/board/file/openwrt` (see [this form
|
||||
post](https://forum.openwrt.org/t/mikrotik-rb952ui-5ac2nd/33635)). Since I was already there, I
|
||||
proceeded to complete the installation via command-line, though it would have been just as easy
|
||||
to go back to the web ui.
|
||||
|
||||
There we have it! OpenWrt installed onto a Mikrotik hap-ac router. Easy peasy, thanks to `dnsmasq`!
|
||||
Loading…
Reference in New Issue
Block a user