OpenWRT Upgrade

🔖 reference openwrt network

The OpenWRT devices in my home are critical to the networking I have here. As OpenWRT is used primarily for embedded devices, rather than generic x86 devices, recoverability can pose some challenges. This is very true for myself, using Cisco Meraki hardware, as the console access is within the enclosure of the devices and requires a TTL Serial cable. See my journey into OpenWRT on Cisco Meraki in this post.

Note: This is a reference for myself rather than showing something. Either way, I hope it's helpful to someone.

Upgrades, any change, always introduces risk. Regardless of the number of times something has been done in the past, new variables are forever present, so too much comfort can always come back to bite you. Therefore, here is my reference guide for performing an upgrade to my OpenWRT devices.

In a device per function network, start with the least important device, such as an AP rather than a Gateway.

If you start with an AP and it fails the impact is minimal, none of my devices require WiFi, so I can recover an AP without too many headaches. That is to say my laptop can still use a wire, as does my desktop, and my phone has mobile data. All of these can be used to research the problem, download tools and packages, and finally work the problem. If you start with the Gateway and it fails, all you’ve got left is mobile data, so make sure you can tether that connection. An issue faced with the AP may be present with the Gateway, now you know of the issue, and the resolution steps (or you can abort and wait for an upstream fix).

Pre-Checks

A USB to TTL Serial is to hand
A USB to TTL Serial driver is installed
A USB terminal app is installed (eg minicom)
Review the release notes (<version> > Release Notes > Known issues) for any breaking changes
Review the upgrade path (<version> > Release Notes > Upgrading to OpenWrt <version>) from your current release to planned release for any breaking changes
Review the device specific recommended release version
- MX60
- MR16

Process

Download the latest release version
- MX60
- MR16
Take a backup of the existing configuration
- My Gateway
- My Access Point
Determine IP addresses used
- nslookup gateway.lan
- nslookup ap01.lan
Start a monitor ping
- ping gateway.lan
- ping ap01.lan
Start the upgrade flashing via the webui
- My Gateway
- My Access Point

Once the pings have failed and then started succeeding again we know the device has rebooted and should be running the new code. The following is to be done on the devices via SSH.

SSH to the devices, note the DNS may not resolve as we have just updated the DNS, which is why we checked for their IP earlier.
- ssh root@192.168.x.y
Check the running version is the upgraded version
- uname -a
- cat /etc/os-release
Re-enable HTTPS UIs 1
- opkg update
- opkg install luci-lib-px5g px5g-standalone libustream-openssl
- opkg install luci
- /etc/init.d/uhttpd restart
Check the webui for the latest version numbers
- My Gateway
- My Access Point

Resources

Fabian Lee - OpenWrt: Enabling HTTPS for the LuCI Web Admin Interface