Monday, May 14, 2012

Installing OpenWRT on a RouterBOARD 750GL

I have a project that requires a small Linux router/firewall, with a requirement of no wireless (due to physical security policies for the site). There are many third-party firmware options for wireless routers, with distributions such as dd-wrt and Open-WRT on APs from Linksys, Buffalo, etc. But the options for a simple wired router are more limited.

I found this excellent post: OpenWRT on Mikrotik Routerboard 411/750 on Wolfs Tech Blog, which indicated that OpenWRT is flashable onto a RouterBoard 750GL. I bought a pair from rOc-nOc.com. They were $59.95 each via Google Checkout, and shipping was fast.

I highly recommend rOc-nOc.com: great service!

The RouterBOARD 750GL has 5 gigabit ports, 64MB of SDRAM, 64MB NAND, and it literally fits in the palm of your hand.
RouterBOARDs ship with a proprietary RouterOS, but my project requires Linux.

I used the Wolfs Tech Blog post as my guide for installation, with help from this German post, with an assist from Google Translate. I ran into a few gotchas, so I thought I'd save someone else future grief and post my step-by-step instructions. Firmware installation can be tricky: there is no serial or display port on the 750GL: you need to "fly blind" and install over the network.

I used Xubuntu 12.4 as the OS for building OpenWRT, and as the TFTP/DHCP server to boot the RouterBoard via the network. I initially tried using a VMWare Workstation guest, but later encountered problems making the DHCP server work properly via a bridged interface. I ended up installing to USB, booted off the USB, and ran Xubuntu natively.

Install the required packages and Wireshark (which will be handy later):
$ sudo apt-get install subversion
$ sudo apt-get install g++ gawk libncurses5-dev zlib1g-dev git-core
$ sudo apt-get install dhcp3-server atftpd apache2
$ sudo apt-get install wireshark
Download the OpenWRT trunk code with Subversion and "make menuconfig":
$ cd
$ mkdir openwrt
$ cd openwrt
$ svn co svn://svn.openwrt.org/openwrt/trunk
$ cd trunk
$ make menuconfig
We need to compile twice. Once for the .tar.gz file, and once for the ramdisk.  Two steps because the .tar.gz file has has different requirements than the ramdisk, such as squashfs.

First the tar.gz file:

Choose:
  • Target System: Atheros AR7xxx/AR9xxx 
  • Subtarget: (Devices with NAND flash (mostly Mikrotik)) 
  • Target Images: .tar.gz
Exit and type "make". It will take a long time to compile.

When complete, type the following:
$ cp ~/openwrt/trunk/bin/ar71xx/openwrt-ar71xx-nand-vmlinux-initramfs.elf /var/www
$ cp ~/openwrt/trunk/bin/ar71xx/openwrt-ar71xx-nand-rootfs.tar.gz /var/www
This prepares them for the "wget2nand" flashing step, coming up later.

Next the ramdisk:
$ cd ~/openwrt/trunk
$ make clean
$ make menuconfig
Choose:
  • Target System: Atheros AR7xxx/AR9xxx 
  • Subtarget: (Devices with NAND flash (mostly Mikrotik)) 
  • Target Images: ramdisk
Exit and type "make". 

When complete copy the ramdisk to /srv/tftp:
$ cp ~/openwrt/trunk/bin/ar71xx/openwrt-ar71xx-nand-vmlinux-initramfs.elf /srv/tftp/
Configure atftpd and isc-dhcp-server. I used 192.168.1.3 as the TFTP server address, and assigned 192.168.1.99 to the RouterBoard. Avoid 192.168.1.1 (the default OpenWRT IP address).

Edit /etc/network/interfaces, use 192.168.1.3 as a static IP address:
auto eth0
iface eth0 inet static
address 192.168.1.3
netmask 255.255.255.0
Edit /etc/default/atftpd, changes in bold:
USE_INETD=false
OPTIONS="--bind-address 192.168.1.3 --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /srv/tftp"
Locate the first MAC address printed on the bottom of the RouterBOARD 750GL:
Edit /etc/dhcp/dhcpd.conf, and use the first listed MAC address as the hardware ethernet address:
authoritative;
allow booting;
allow bootp;
one-lease-per-client true;

subnet 192.168.1.0 netmask 255.255.255.0 {
  option routers 192.168.1.254;
  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.1.255;
  ignore client-updates;
}

group {
  host routerboard {
    hardware ethernet 00:0c:42:aa:bb:cc;
    next-server 192.168.1.3;
    fixed-address 192.168.1.99;
    filename "openwrt-ar71xx-nand-vmlinux-initramfs.elf";
  }
}
Now restart networking, atftpd and isc-dhcp-server:
$ sudo /etc/init.d/networking restart
$ sudo /etc/init.d/atftpd restart
$ sudo /etc/init.d/isc-dhcp-server restart
Run Wireshark, sniffing on eth0, to watch network traffic.

Boot the RouterBOARD 750GL via TFTP:
  • Connect an ethernet cable between port 1 on the RouterBOARD 750GL and the TFTP server.
    • Other ports won't work 
  • Press the small "RES" button and plug in the power cable. 
  • The "PWR" and "ACT" lights will illuminate. Then "ACT" will flash, and finally stop. 
  • Now release the "RES" button. 
  • The 750GL should request a DHCP address, receive 192.168.1.99, download openwrt-ar71xx-nand-vmlinux-initramfs.elf via TFTP, and boot OpenWRT. 
Use Wireshark to ensure everything's working; look for the TFTP "DATA Packet" packets to verify the ramdisk download.
The device will boot OpenWRT and use IP address 192.168.1.1.

Swap the cable to a different port to access OpenWRT. I used port 2 (port 1 won't work). Then telnet to the device:
$ telnet 192.168.1.1
Trying 192.168.1.1...
Connected to openwrt.lan.
Escape character is '^]'.
 === IMPORTANT ============================
  Use 'passwd' to set your login password
  this will disable telnet and enable SSH
 ------------------------------------------


BusyBox v1.19.4 (2012-05-10 11:17:53 PDT) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 ATTITUDE ADJUSTMENT (Bleeding Edge, r31673)
 -----------------------------------------------------
  * 1/4 oz Vodka      Pour all ingredients into mixing
  * 1/4 oz Gin        tin with ice, strain into glass.
  * 1/4 oz Amaretto
  * 1/4 oz Triple sec
  * 1/4 oz Peach schnapps
  * 1/4 oz Sour mix
  * 1 splash Cranberry juice
 -----------------------------------------------------
root@OpenWrt:/# 
Now that the 750GL has booted to ramdisk, the last step is flashing OpenWRT to make it permanent.

WARNING: the next steps will erase the existing RouterOS installation. Make sure to back up the OS, configuration and license first.
root@OpenWrt:/# wget2nand http://192.168.1.3
Connecting to 192.168.1.3 (192.168.1.3:80)
kernel               100% |*******************************|  2717k  0:00:00 ETA
Connecting to 192.168.1.3 (192.168.1.3:80)
rootfs.tgz           100% |*******************************|  1222k  0:00:00 ETA
Erasing filesystem...
Mounting /dev/mtdblock2 as new root and /dev/mtdblock1 as kernel partition
Copying kernel...
Preparing filesystem...
...
Cleaning up...
Image written, you can now reboot.  Remember to change the boot source to Boot from Nand
The 750GL should boot OpenWRT natively and respond to pings shortly.

12 comments:

Hina Ali said...

Enter your zip code hereIt is really nice for me to see you and your great hardwork again.Every piece of your work look excellent.Looking forward to learing more from you!
Barracuda NG Firewall

Travis Fraser said...

Great write up. Based on your success I bought the same router from roc-noc. Since Attitude Adjustment is now stable, I was able to download the target images and save compile time. I still cloned the git repo so I could compile the Ramdisk image, since that was not available to download.

One note on the target images: your post lists 'openwrt-ar71xx-nand-vmlinux-initramfs.elf' for the elf image (this is the name of the Ramdisk image). I looked at the wget2nand script, and the script looks for 'openwrt-ar71xx-nand-vmlinux-lzma.elf' (along with the rootfs image).

Fabio DB said...

The switch chipset of RB750GL is working in OpenWRT?

Tristan Lippens said...

The switch works like a charm after that: https://dev.openwrt.org/ticket/12181#comment:52

Chuan @ easyhorpak.com said...

Thank you very much for share

--------------------------------
http://www.easyzonecorp.net cloud radius billing for mikrotik hotspot

Alexis CiĆ³rraga said...

Hi,

I need quite a bit of urgent help. Try this process and in the middle of the load light went home. Now the router not to turn it up on toggle between ports 5 lights and LED ACT steadily. Unfortunately, do not perform any backup of the license or RouteOS.

What I can do to restore it?

Thank you so much

Tim said...

Eric, thanks for the instructions, I will be trying it shortly.

Once OpenWRT is on the box, how does one upgrade to a newer version? Is it sysupgrade like the WRT54GS? Or is it always wget2nand?

tim said...

Ok, got AA all installed, but every time I powerup it is in firstboot mode (telnet only default config). I can modify the rootfs mtd files but the don't get used next boot. I think the mtdblock2 is not getting auto mounted?

Any ideas?

tim said...

SOLVED! As they say around here, light dawns on Marblehead:) Just because you can build both the rootfs tar and the ramdisk image at the same time doesn't mean that's what you need. The reason a previous poster could not find the elf file named within wget2nand is because the one the ramdisk option builds is named differently and is not the one you want to install on the kernel partition - it will always mount it's own internal ramdisk and never the rootfs in nand that we can edit. Recompile w/ ramdisk unchecked and presto everyhthing is good.

Unknown said...

please send me Kernel Image: openwrt-ar71xx-nand-vmlinux.elf and
Root File System: openwrt-ar71xx-nand-rootfs.tar.gz please. I can not compile. My routerboard is 750

Unknown said...
This comment has been removed by the author.
Ian Wizard said...

I just ordered mine (750GL), and I'll setup and env and build tonight either way, but it would be nice for those that have problems (or just aren't able), if there were links to your images. Great work, kudos, etc, etc. ;)