Homebrew Router at Arstechnica

As a follow-on to the earlier article I linked to comparing homebrew versus consumer routers, ArsTechnica has published an article with instructions on building a homebrew router.

I must admit I am very interested in such a project. I am looking at upgrading the home network, which includes obtaining more bandwidth from Verizon. I would like to have my Optical Network Terminal (ONT) switched from coaxial output to the Ethernet output. With such a configuration, I could install my own router rather than depending on the router+wifi combo that Verizon provided. Why? Just so I can have more control over my network, and I won’t have Verizon always telling me that I have too many devices and need to buy even more bandwidth. I don’t like how they can inspect all of the devices in my home network.

I am trying to decide the route to go, however. Part of me says I just need to find a consumer router and throw OpenWRT on that. I am tempted, but it can be hassle to buy a router with 802.11 AC that will work 100% guaranteed. The other option I am considering is getting a plan old router with no wireless, such as a Mikrotek, and use it out of the box. Or maybe even a plain old router with just OpenWRT? Then I could get a wireless access point and have it hook up directly to the dedicated Ethernet switch I acquired. I like the idea of having multiple devices, each handling a specific job. The downside though is that if something goes down while I’m at work or traveling for work, then I’d have to walk my wife through the troubleshooting rather than having her go flip a switch on the Verizon router.

Decisions…decisions…

Home network upgrade: Storage Acquisition

For as long as I can remember I have been dealing with storing files in the following manner: floppy disks, zip drive disks, and now USB hard drives. When I had a Mac computer I actually was very good about regularly backing up my files via ChronoSync and then finally Time Machine. For the past three years I have been without a Mac and just have an old Laptop with Linux and an old desktop with Windows. For these machines, I have been backing up simply by copying files to a USB hard drive. My wife has been using the USB hard drive as well with her Windows laptop  However, over the years we have compiled and saved a lot of photos and videos. The USB hard drives are difficult to organize and manage well among the two of us, and a large volume USB drive is still quite pricey, so we entered the market for a networked storage system where we can save and share files from a central location.

I ruled out Dropbox, Google Drive, and other cloud based solutions as primary storage source. Why? Because I frankly haven’t bought into the cloud yet. For sharing files with people at large, sharing code for school projects, etc., I find such services great. I utilize my Google Drive extensively for school work. However, I’m not quite ready to put tax returns, photos and private data on the cloud yet. For off-site back-up, it is on my to-do list for research and evaluation, but I prefer to keep my primary back-up in my control for the time being. Perhaps when I get a better grip on encryption…

The initial thought was to go for a step-up from a USB hard drive like my Western Digital My Passport and use a Personal Cloud device. Seems simple enough, right? Network connectivity? Check. File sharing? Check. However, last summer at the lab at work a manager came to me with a problem: three HDDs failed in the RAID5 solution purchased from Dell almost a decade ago. I found myself reading more about network storage solutions, which also got me thinking about my home situation. While a personal cloud solves the immediate problem of having a network-based storage, what if it fails? I need RAID!

I then went crazy and dived into the deep end, looking at a FreeNAS build with RAID Z3, SSDs, SAS disks, Xeon CPUs, 64 GB of memory…it started to get expensive quickly, and then I started thinking about the noise of server fans…stop!  I looked at scalding down to RAID Z1, and even just RAID1, but I would still need to build a PC and deal with the configuration and performance tuning. I decided that since I am working full-time, going to graduate school at night, and raising two small kids, that I probably should settle for a canned solution such as a storage appliance rather than something I would need to tune and pay close attention to. When I done with school and have more free time, I still like the idea of building my own FreeNAS system–what a project!

I started looking at Western Digital, Buffalo, Seagate, Drobo, Synology, QNAS, and many others. I narrowed down the decision to the QNAP TS-251 or Synology DS216+ based on reading many reviews, web forum posts, etc. Both units are priced competitively, and in the end I selected the Synology DS216+. With roughly the same technica specifications, it came down to look to the unit and the OS on the device. I would have went with the QNAP if we were to use the NAS for streaming video (the HDMI output is nice), but in reality this storage solution will be used solely for file storage.

I consider this an entry-level purchase since it is a two-drive bay enclosure, and I will configure it for RAID1 with two 3TB Western Digital Red NAS disks. The hope is that it will last me approximately five years, with the plan to upgrade the capacity in three years when the cost of larger hard disks has come down. The DS216+ is powered by a dual-core Intel Celeron rather than a Marvell or ARM solution, so hopefully that will help it keep up with our storage demands. After five years I will take a look at our storage need and consider a higher capacity solution such as 4-drive bay enclosures.

Now that we have a storage solution, I need to figure out the home network connectivity once and for all. We currently access and connect to everything through the Verizon FIOS provided wireless router/AP combo…

Homebrew versus Consumer Routers

Arstechnica has an interesting article on typical consumer home routers versus a pfsense configuration running on a mini-computer. The article is very interesting to me as I have been thinking about doing something similar such as having a router/firewall on wired device and setting up separate access points with different hardware. The comments are also very interesting, making mention of SOHO networking equipment from Ubiquiti Networks or MikroTik. I love the idea of putting up Ubiquiti UniFi APs on each floor of my house, and having them feed into a router with PoE. However, I would need to figure out how to run Ethernet cable up three floors in this townhouse. I suppose I could try to run it up behind the drywall in the staircase, and install one AP between the first and second floor, and the other AP in the basement. However, I don’t know that there would be an easy way to run the Ethernet cable. I would probably have to drill through some 2x4s. It would be a fun and interesting project too…one to put on the TODO list I guess!

Wireless AP and OpenWRT

Getting the wireless access point (AP) up and running looks to be a painless task. By default for my WRT160Nv2, OpenWRT provided the following settings in /etc/config/wireless (dumped via the UCI tool).

root@OpenWrt:~# uci show wireless
wireless.radio0=wifi-device
wireless.radio0.type=mac80211
wireless.radio0.channel=11
wireless.radio0.hwmode=11ng
wireless.radio0.path=platform/rt2800_wmac.0
wireless.radio0.htmode=HT20
wireless.radio0.ht_capab=GF SHORT-GI-20 SHORT-GI-40 TX-STBC RX-STBC12
wireless.radio0.disabled=1
wireless.@wifi-iface[0]=wifi-iface
wireless.@wifi-iface[0].device=radio0
wireless.@wifi-iface[0].network=lan
wireless.@wifi-iface[0].mode=ap
wireless.@wifi-iface[0].ssid=OpenWrt
wireless.@wifi-iface[0].encryption=none

I want to create a custom SSID, ‘Armadillo’, and also set a WPA2 key for accessing the router. Furthermore, I want to make sure that my wireless radio in the router is configured for proper use in the United States.

root@OpenWrt:~# uci set wireless.@wifi-iface[0].ssid='Armadillo'
root@OpenWrt:~# uci set wireless.@wifi-iface[0].encryption='psk2'
root@OpenWrt:~# uci set wireless.@wifi-iface[0].key='****************'
root@OpenWrt:~# uci set wireless.radio0.channel=6
root@OpenWrt:~# uci set wireless.radio0.country=US
root@OpenWrt:~# uci set wireless.radio0.disabled=0
root@OpenWrt:~# uci commit

With the configuration written to /etc/config/wireless, issue the wifi command to start the wireless service:

root@OpenWrt:~# wifi
Configuration file: /var/run/hostapd-phy0.conf
wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
Using interface wlan0 with hwaddr 00:0c:43:28:80:e8 and ssid "Armadillo"
wlan0: interface state COUNTRY_UPDATE->ENABLED
wlan0: AP-ENABLED

To verify the access point is up and running, look at the available wireless networks. In my case, ‘Armadillo’ is available and after entering the WPA2 key I have access to the device.

Success!

Ubiquiti Unifi Review Link

Just wanted to share a link to a very interesting review of Ubiquiti Network’s Unifi wireless access points by ArsTechnica. The article is quite lengthy and full of good information on the pros and cons of the product. It was also interesting to see how strong the Apple Express WiFi technology was as well!

I live in a small town-house and do not really have an issues with my wireless home network.  However, if you are having coverage difficulties or are looking for some advanced features, definitely take a look at this review and Ubiquiti’s offerings.

Verizon FIOS and IPv6

Recently, according to ArsTechnica, North America exhausted its supply of IPv4. I can still remember first hearing about this back in college years ago, and I am surprised it has taken this long. So what about IPv6?  Linux, Mac OS X, FreeBSD, and Windows all support IPv6. Android and iPhone do as well.

I started to wonder, what is the state of IPv6 and my ISP, Verizon FIOS? Surely FIOS would support IPv6, after all it is a modern fibre network and not a legacy PSTN or DSL network, right?

Failure. According to Test-IPv6, my score is zero out of ten points. Further Google searching yielding lots of discussion about the slow roll-out IPv6 on FIOS.

I hesitate to criticize the company though. I cannot imagine the task at hand of rolling out IPv6 across all of Verizon’s networks and equipment. Verizon has put together a customer webpage to try to explain the technology. Good on them for at least recognizing that customers would be interested in learning more. Notably absent, though, are dates and milestones for the roll-out.

Note that it looks like Verizon’s LTE network is IPv6.

Someday I suppose, someday.

OpenWRT for an old Linksys WRT160Nv2

Background

Back in 2009 I purchased a Linksys WRT160Nv2 wireless router for my home. I did not do much homework at the time because I was busy with a new job, a baby, and just wanted to get wireless connectivity at home. I stopped using the device when I moved again in 2012 as Verizon provides me a router device to connect to their FIOS service.

For my home “lab”, if you can even call it that, I am looking to hook up some old devices and machines.  At first I was pricing out some small home router/switch combos, but in digging through a box of old equipment, I found the WRT160Nv2, and thought I might be able to repurpose it with OpenWRT, DD-WRT or some other open-source software on the device.

After some initial research, it turns out this router/switch device is a bit of kludge. The WRT160Nv1 and WRT160Nv3 of this series of device had decent hardware, but for WRT160Nv2 it looks like Linksys tried to cut costs by using Ralink chipset and not putting enough memory in the device. As such, both OpenWRT and DD-WRT do not support the hardware. Furthermore, the vendor abandoned the platform and the factory firmware has known vulnerabilities and bugs.

In searching the OpenWRT forums, I uncovered a topic leading to a project on GitHub called OpenWrt Leitec. It is a modified build of the OpenWRT software for Ralink RA2880 routers. The WRT160Nv2 has limited support for this build due to the fact the router only has 16 MB of memory.  I am going to give that a try because I don’t plan to use this device as a wireless router, but just as an Ethernet switch. Hopefully I can disable much of that functionality once I get OpenWRT installed on the device!

Building the OpenWRT Firmware

Note to self: Your stupid Windows computer went to sleep, and VMWare Desktop Pro couldn’t handle that and starting thrashing the disk.  It took the system 10 minutes to recover after wake-up. Turn off the PC sleep settings and just let the monitor go to sleep!

Building the firmware is rather straightforward.  I have a Windows 8.1 desktop computer with VMWare Desktop Pro. Within that I have a simple Linux VM that I used for building the firmware. Note that OpenWRT does not support Windows for building the firmware, one needs Linux, BSD, or Mac OS X.  The command sequence is as follows:

mkdir projects; cd projects
git clone https://github.com/leitec/openwrt-leitec.git
cd openwrt-leiteic
make menuconfig

The make menuconfig build command brings up a console-based UI for customized the firmware build. One needs to select the RA288x target and subtargets in order to build for the Ralink chipset.

MakeMenuConfig

The graphic above shows the target/subtarget already selected, but one would select the Target System option and go into the Target system submenu, shown below.

Target

For the WRT160Nv2, which is based on the RT2880 chipset, select the Ralink RT288x option and return. From the main menu, then go into the Subtarget submenu.

Subtarget

Select the RT288x based boards options and return to the main menu. From the main menu, navigate to the “Exit” option at the bottom of the screen. This will bring up a save prompt as shown below:

SaveConfig

Save the configuration and you should be returned to the system shell.  From here, one can begin building the OpenWRT firmware.  Start the makefile!

make

The build process begins by compiling all of the tools necessary for the target chipset, such as m4, xz, autoconf, gdb, gcc, et cetera. These tools are needed for cross-compilation for the target platform; the default tools on most systems are for x86_64 based software and not the embedded chipset on the router devices.

Build Errors

I was able to successfull build all of the tools, but during the toolchain build for “toolchain/gcc/final” compile stage, I encoutered build errors. To get the error messages, re-run the build script with the “V=s” option.

make V=s 2>&1 > build_log.txt

There were a few warnings and notes thrown out, but the first error I encountered was as follows:

cnfs.gperf:101:1: error: 'gnu_inline' attribute present on 'libc_name_p'
cnfs.gperf:26:14: error: but not here

A bit of google searching turned up a simple patch one can make to the source code. After modifying the code with that patch, the build process moved along happily. At the end of the build process, in the bin/ramips directory are all of the firmware images.

image_files

 

The firmware file to be flashed to the device is openwrt-ramips-rt288x-wrt160nv2-squashfs-factory-code.bin.

Firmware Installation

I had not powered on this device for over three years, and after navigating to the admin website (192.168.1.1) after plugging it into my Ethernet port, I released I had forgotten the admin password for the router.  Luckily, Linksys makes it easy to reset the router to a default factory configuration.

 

 

WRT_factory_reset

It should be noted that after flashing the firmware from the proprietary Linksys firmware to the OpenWRT firmware, this option will no longer be available.  However, OpenWRT has options for recovery and re-programming with the original factory firmware. In the factory setting, there is no username for the Linksys router webpage, and the password is ‘admin’.

I followed the directions to upgrading firmware from the Linksys website, which essentially tells one to navigate to the Linksys router’s webpage, login, and then navigate to the Administration tab. In the Administration section, select the Firmware Upgrade sub-tab. The resulting webpage is easy to navigate–simply select the OpenWRT .bin firmware image from the build press, and then press the Start Upgrade button.

During my install, the progress bar went to 50%, and then jumped to a page stating that the firmware was successfully written to the device. I was apprehensive at first because I thought there must have been an error, why would it jump to complete at only 50%? Then again, progress bars hugely unreliable indicators of progress with software tasks…

I open up Tera Term and processed to connect to the device at 192.168.1.1 using the telnet protocol…

WRT_Telnet

Success! OpenWRT was installed and is running on the router! To enable ssh, simply setup a root password by running the ‘passwd’ command. After setting a password and logging out, the router is now accessible with ssh and the telnet daemon is disabled. Next I fired up Putty, my preferred Windows SSH client…

WRT_ssh

Success!!! The router is now ready for configuration of capabilities.  It is a good idea to review the limitations of the WRT160Nv2 once more as the limited memory on the router prohibits it from running the web GUI interface as well as software such as OpenVPN.

It is my intention to use this device as a wired router device for now. Perhaps in future I will also look at enabling the 802.11 features too.

Conclusion

My take away from this little project is as follows:

  1. Always do your homework before purchasing technology, I knew better than just buying something from the store, but I was lazy and just bought the medium grade device from the local store. Now today I have a device that is so crippled that it is hardly supported by open source software.
  2. Open source software is perfect for re-purposing old hardware and giving it new life after the manufacturer has long abandoned the product.
  3. Or just make sure you have a lot of money for your technology! I would love to put a Juniper EX2200 in my lab instead, but I don’t have that type of cash to burn on a hobby lab.