OpenWRT Upgrade

🔖 reference openwrt network 

The OpenWRT devices in my home are critical to the networking I have here. As OpenWRT is used primarily for embedded devices, rather than generic x86 devices, recoverability can pose some challenges. This is very true for myself, using Cisco Meraki hardware, as the console access is within the enclosure of the devices and requires a TTL Serial cable. See my journey into OpenWRT on Cisco Meraki in this post.

Note: This is a reference for myself rather than showing something. Either way, I hope it's helpful to someone.

Upgrades, any change, always introduces risk. Regardless of the number of times something has been done in the past, new variables are forever present, so too much comfort can always come back to bite you. Therefore, here is my reference guide for performing an upgrade to my OpenWRT devices.

In a device per function network, start with the least important device, such as an AP rather than a Gateway.

If you start with an AP and it fails the impact is minimal, none of my devices require WiFi, so I can recover an AP without too many headaches. That is to say my laptop can still use a wire, as does my desktop, and my phone has mobile data. All of these can be used to research the problem, download tools and packages, and finally work the problem. If you start with the Gateway and it fails, all you’ve got left is mobile data, so make sure you can tether that connection. An issue faced with the AP may be present with the Gateway, now you know of the issue, and the resolution steps (or you can abort and wait for an upstream fix).

Pre-Checks

Process

  1. Download the latest release version
  2. Take a backup of the existing configuration
  3. Determine IP addresses used
    • nslookup gateway.lan
    • nslookup ap01.lan
  4. Start a monitor ping
    • ping gateway.lan
    • ping ap01.lan
  5. Start the upgrade flashing via the webui
Once the pings have failed and then started succeeding again we know the device has rebooted and should be running the new code. The following is to be done on the devices via SSH.
  1. SSH to the devices, note the DNS may not resolve as we have just updated the DNS, which is why we checked for their IP earlier.
  2. Check the running version is the upgraded version
    • uname -a
    • cat /etc/os-release
  3. Re-enable HTTPS UIs 1
    • opkg update
    • opkg install luci-lib-px5g px5g-standalone libustream-openssl
    • opkg install luci
    • /etc/init.d/uhttpd restart
  4. Check the webui for the latest version numbers

Resources

  1. Fabian Lee - OpenWrt: Enabling HTTPS for the LuCI Web Admin Interface