OpenWrt: A Linux OS targeting embedded devices

Ease of managing multiple OpenWRT devices is still its weakest link. OpenWRT is device centric, but I don't want to managed devices, I want to manage a network.

Modern mesh WiFi systems I've seen do that so well. I know in theory that I could create a VLAN + SSID on my OpenWRT router and APs just for iot devices to only access the internet. But setting that up on a TP-Link mesh was a couple of taps in their app. Doing it on my OpenWRT devices would be quite a bit more hassle.

I definitely believe people underestimate the potential of OpenWRT as an app platform. Before getting sidelined with work I did some proof of concept WebRTC SFU on it https://github.com/atomirex/umbrella which worked surprisingly well.

Was also surprised, then not surprised, to learn it's used as the front end on many of the new generation of 3D printers.

OpenWISP states in its docs that you should be running at least 20 devices to make it worth it. [1] So it's not supposed to be a easy way to manage a few devices for home users.

> However, OpenWISP may not be the best fit for very small networks (fewer than 20 devices), organizations lacking IT expertise, or enterprises seeking open-source alternatives solely for cost-saving purposes.

1: https://openwisp.org/faq/#suitable

At home, I built an OPNsense box to evaluate (using Sophos XG135 Rev 3 hardware, along with an OpenWrt nice Netgear WiFi AP on POE), but then went back to a plastic OpenWrt all-in-one box.

OPNsense (and pfSense) are neat, but I personally don't need an IDS/IPS right now, and I like to be able to run the router fanless.

One thing that OpenWrt could use immediately, for basic home WiFi router functionality, is easier ways to add guest-like VLANs from the Luci Web-based admin UI. (I currently have a guest VLAN config that I partly cargo-culted with numerous steps in Luci years ago, largely based on a blog post, and that would be a pain to reconstruct on a new install.)

For techies whose households include non-techies, a little IDS/IPS could help keep some nasty traffic off your home Internet pipe, and I suppose that could now run alongside OpenWrt on some of the more powerful plastic boxes, or on a PC with the right WiFi devices/APs. (In addition to use of VLANs and routing to minimize damage from all the malware-infested devices, and also thinking "zero trust" for the techie stuff you run.)

We once delivered a totally not router box running openwrt, just because it was very simple and bastardising openwrt was easier than yocto.

> I hope their experiments with the "OpenWRT One" keep going.

OpenWRT Two is scheduled for late 2025 from GL.iNet and should go for ~$250.

https://news.ycombinator.com/item?id=43512495

Related, I used to love going to the monowall website gallery to see all the labgore. It's still there like a time capsule: https://m0n0.ch/wall/gallery.php

I hope OpenWrt doesn't turn too commercial (like Netgate or opnsense) because that leads just to subscriptions, enshittification, feature gates, and drama. It is now in a good place as a solid platform to build upon, I hope it stays that way.

What hardware did you go with? I was thinking of getting the second most recent glinet to run openwrt, but haven't convinced myself it's worth it since my current tplink is still pretty new and is just be getting it to tinker (I don't currently even run any vlans or anything fancy)

I have my fibre ont and the wifi router on a cheap battery backup. It has always continued to work even during extended power outages.

Seconding all this. Ever since I had weird problems with the vendor firmware on a router, I just pick hardware I can put OpenWrt on right away. Works great.

I have the opposite complaint. I wish OpenWRT ran on low-resource routers like those really cheap TP-link ones. DD-WRT does support a few of it, and my personal opinion is that it is better optimised than OpenWRT. By the way, you should explore OpenBSD ( https://openbsdrouterguide.net/ ).

Something with a more normal way of updating the packages and OS would be nice. I thought I'd heard someone was working on an Alpine-based thing a few years ago, but haven't heard anything since.

I run OpenWRT on a 'big' device, this being a container on a Proxmox-managed DL380 G7. It works fine in this context, performance is good enough to be able to easily saturate the gigabit fibre link without breaking into a sweat.

Installing OpenWRT on such a device comes down to downloading openwrt-${version}-x86-64-rootfs.tar.gz and unpacking it in the target location. Boot the container or VM (or old PC or whatever) and follow the normal OpenWRT configuration procedure. Updating such an installation comes down to making a configuration backup in OpenWRT, unpacking the new distribution and restoring the configuration backup to the new install. Given the low resource requirements for such an installation it makes sense to first clone the working container or VM and performing the upgrade on one of the instances so you always have a working instance at hand.

Strongly agreed. I'd rather be running a Debian, with systemd, and boring regular utilities, than the bespoke environment openwrt has crafted together.

I'm super glad openwrt exists, and their uci config predates systemd's attempt to build a cohesive consistent whole system configuration pattern & is epic, but given the capabilities of these systems it feels so worthwhile to de-specialize the environment, to make it more boring.

What I really want is Kubernetes oriented tools that can manage hostapd & something like dawn or openert's usteer for band/ap steering. And some other ancillary wifi tools. Maybe maybe a setup for radius/enterprise, instead of just psk. You can do so much more with it, but at its core openwrt is 90% packaging for openwrt. It's not even particularly super well tuned hostapd: theres so much wireless config one can go try & enable that really is just additional 802.11 specs hostapd supports, they may improve your openwrt wifi experience.

But then you get annoying firmware providers like Broadcom who refuse to write OSS drivers for linux and a lot of work is being spent on the reverse engineering

You can build the image yourself, but have to switch off some packages or features - otherwise the image (linux-kernel + tools) is just too large or consumes too much memory. The original router has 8 megabytes RAM-memory and 2 Megabytes flash ("storage"). You can boot a recent kernel 6.16.5, but with 8mb there is not much left to work with 8-)

A starter is here: https://intercity-vpn.de/files/openwrt/wrt54gtest/minimal/

My uneducated guess is that that people that want this kind of symbolism aren't willing to actually become a maintainer and invest time in niche code for a declining user base?

Interesting, on my latest router (WRT3200ACM) I've had the opposite experience - I had to switch from OpenWRT to DD-WRT since the former was too buggy to use (couldn't get the WiFi to work reliably).

Tomato on the WRT-54G was the all time best in my opinion.

I tried setting it up as a test router and ran smack into their ancient kernel and iptables not supporting statistics drop mode.

Maybe have a look at Intel n100 boxes (Aliexpress -> Topton). They often have 4-5x 2.5GE Ports with high quality Intel cards. They are very cheap (100-200€) and suck not too much current (5-15W).

You can run OpenWRT on them using the x86 build.

We usually have 5-10x of them around for emergency network tasks if everything burns down in a building.

I bought a Fujitsu Futron S920 second hand for like 30 euros. Put a dual NIC PCI in there and now have a low watt router running very fast. Can easily run 1Gbit up and down

about your TPLINK,

there is often a "recovery feature", an alternate boot partition [ i posted about this some time ago.]

if you configure your router so that it "bricks" you can boot in the last working configuration before your changes; rescue; and save to overwrite the brick partition. presumably you can do this forever, as long as you dont brick both partitions.

3 interrupted boot cycles would cause a switch to last successful boot partition.

in my case i had problems because of the curious way we have power failures here. the power would brown out and each phase of generation would send a peak and trough, equivalent to turning power on then off before boot completion 3 times.

if you want to be snazzy, you can play on this and work two partitions at once each configured for different purpose, and accessed by briskly cycling power thrice.

I assume that about 20% to 50% of the home routers, Access points and Wifi mesh devices sold world wide are based on OpenWrt. Often some old versions of OpenWrt with many vendor modifications, the UI is always custom.

I know that the main vendor SDKs from Qualcomm, Mediatek, and Maxlinear are based on OpenWrt. I think only Broadcom uses an own Linux distribution which is not based on OpenWrt in their main SDK. Linux has a market share of about 99% in this market, I haven't seen VxWorks in any recent home router or access point.

The first DJI drones (original Phantom at least) used OpenWRT on their "Range Extender" boxes.

It's fun to see that "Amazon choice" portable routers are based on OpenWRT, and run OpenVPN and Wireguard out of the box.

Ubiquiti uses a fork of OpenWRT. Starlink's routers run it as well. I'm sure a ton of other vendors are using it

And all it took was forcing one company to divulge its proprietary closed-source codebase because they screwed up and incorporated copyleft code deep into their core.

Imagine how much progress could be made if a few other companies were forced to crack open their proprietary closed-source codebases...

Sorry, we know that the EU and NA distribution channels are not so good. The OpenWrt project depends on Banana Pi here. There are some resellers on Amazon.

About 10k OpenWrt one units were sold as of today. The first 900 were sold in about 3 days.