The popular DD-WRT project was initially an offshoot of the original Linksys firmware for the WRT54, but has since undergone a complete rewrite, and now uses the OpenWRT kernel. DD-WRT is a fine upgrade for your WRT54 wireless router, or any similar device under other brand names, and there are a lot of them. The current bargain is the Buffalo WHR-G54S, which can be found for under $40. This is a popular upgrade, because it turns your buggy, inflexible, inexpensive wireless router into a rock-solid routin’ powerhouse, with all manner of useful services: name services, firewalling, port forwarding, RADIUS authentication, Ethernet bridging, IPv6 support, QoS, SMB/CIFS automount, and Internet access controls.
The Buffalo WHR-G54S has limited storage; only 4 megabytes of NVRAM, and 16 megabytes of system RAM. So it doesn’t have room for all of the available DD-WRT options. But you get an amazing amount of functionality into this little box, and for the price it’s a steal. It will serve as an Internet router and firewall for 30 or so users, provided they’re not online gambling nuts or Bittorrent addicts. You could also use it as LAN router, a LAN bridge, a dedicated wireless access point, part of a wireless mesh network, or a VPN gateway.
Let’s take a walk through installing the DD-WRT firmware on the Buffalo WHR-G54S, because there are some tricky bits. These directions also apply to the Buffalo WHR-HP-G54, WZR-HP-G54, and WZR-RS-G54. With a lot of these little routers you can upload new firmware using their factory Web interfaces. But the Buffalo boxes, which are based on Broadcom hardware, accept only special encrypted firmware over the Web interface. So we have to sneak DD-WRT in through the back door, which is a short interval at bootup where the Broadcom flash ROM enters a special mode that allows new firmware to be uploaded via tftp transfer.
- Make sure you have the tftp command installed
- If any device or computer on your network has the IP address of 192.168.1.1, take it off the network or change the address, because that is the default IP address in the DD-WRT firmware
- Make sure you have the route and ip commands available; these come with the net-tools and iproute packages
Your Buffalo router will plug into your LAN switch just like any other device. For now you want to stick with old-fashioned wired Ethernet; don’t try to do this over a wireless connection. Go ahead and power it up, and point a Web browser at http://192.168.11.1. (For the WZR-RS-G54 it’s 192.168.12.1.) The default login is root, with no password.
If this doesn’t fit your LAN addressing, there is an easy way to get there. Use the ip command to add an address to the network interface of your PC, then add a host route:
# ip address add dev eth0 192.168.11.2 # route add -host 192.168.11.1 gw 192.168.11.2
If you have a WZR-RS-G54, use the 192.168.12.* addresses. Now you should be able to ping your router:
$ ping 192.168.11.1 PING 192.168.11.1 (192.168.11.1) 56(84) bytes of data. 64 bytes from 192.168.11.1: icmp_seq=1 ttl=64 time=0.633 ms
You can also run a ping test from the router; just click the System Info button to find the ping page.
All righty then, you know it works. Unplug the router’s power cord, and go to the Downloads page at DD-WRT.com and download the dd-wrt.v23_mini_generic.bin file, or whatever the latest version is. Make sure it’s mini_generic.bin. Change to the directory that contains the new firmware. Then run these commands:
carla@xena:~/downloads$ tftp tftp> binary tftp> trace Packet tracing on. tftp> rexmt 1 tftp> connect 192.168.11.1
Now type in the next command, but don’t hit enter:
tftp> put dd-wrt.v23_mini_generic.bin
Hold the Buffalo router so you can see the green Ethernet port LEDS, which are on the back next to the ports. When it’s first plugged in, all of them light up. When they all turn off except for your one connected port, hit ‘enter’ to execute your last tftp command. If it works, you’ll see a lot of
received ACK sent DATA received ACK
fly by, and it will end with something like
Sent 2555904 bytes in 3.7 seconds tftp>
When it’s all the way booted up, you’ll see two green LEDs on the front panel; one for power, and a green “g” for wireless G. Now you can point your Web browser to 192.168.1.1 and be greeted by the DD-WRT control panel. If you click on any tabs you’ll be asked for a login. The default is root, admin. Just like before, if this address doesn’t fall into the same range as your LAN, just add a compatible address and route to your PC. Then you can log in to DD-WRT and change it.
I know, we wouldn’t have to go through this silliness if it had a serial port. But it doesn’t, so here we are, and be glad Linux is so flexible and capable.
Naturally you’ll want to change the login and password to something the whole world doesn’t already know, under the Administration tab. Then you should disable Telnet and enable SSH, Administration -> Services. Don’t worry about keys; just make sure the box for “Authorized Keys” is empty, including no spaces. Then configure networking under Setup -> Basic Setup.
DD-WRT includes only an NTP (Network Time Protocol) client, so you’ll need a separate local NTP server. Enter the IP address of your local time server on the Administration page. Remember to use the pool.ntp.org addresses for your local time server, like this example for North America:
server 0.north-america.pool.ntp.org server 1.north-america.pool.ntp.org server 2.north-america.pool.ntp.org server 3.north-america.pool.ntp.org
Visit www.pool.ntp.org for information for other zones.
With the minimal installation, you’ll have a bit less than one megabyte of space to install additional applications. But install them you can with ipkg. First turn on JFFS, the Journaling Flash File System, on the Administration page. Check both “Enable JFFS2” and “Clean JFFS2”. Then click the “Save Settings” button, and the router will reboot. Once it’s back up, ssh in and see what ipkg can do:
carla@xena:~$ ssh email@example.com ~ # df -h Filesystem Size Used Available Use% Mounted on /dev/root 1.9M 1.9M 0 100% / /dev/mtdblock/4 1.3M 324.0k 956.0k 25% /jffs
OK, you have a little room to play with. Run ipkg with no options to get a list of commands:
~ # ipkg
Now you can generate and view a package list:
~ # ipkg update ~ # ipkg list
And that’s as far we go today. Come back next week to learn some advanced DD-WRT tips and tricks.