15 September 2010

LinkSys WRT54GL Router with DD-WRT

In my opinion the most flexible powerful rooter/firmware for a discount price.
I had grown out of my Netgear router’s limited capability and needed something more powerful but didn’t have the budget for an enterprise solution so after some research I found out about a great Open Source project called DD-WRT which provides a replacement for factory installed firmware on some models of router.

Having chosen my firmware I then set about looking for some hardware to support it: this is perhaps the best way to choose hardware! DD-WRT supports many routers and you can do a search to see if yours is supported on their site. I decided on the Linksys WRT54GL as it seemed to fit my needs and budget. Sure it’s not the latest and greatest, but if you look into the details some of those models aren’t actually that great anyway.

NB: See this post for an important note about the router database.

You’ll find instructions on how to install your firmware on the DD-WRT wiki(together with warnings about the potential dangers too) but I heartily recommend this combination to anyone who is technically minded and able to follow clear instructions carefully. The result is a REALLY reliable powerful budget router, which is after all the core of most home/small office networks.

My thanks to the DD-WRT team for their excellent efforts.

Additional Tweaks
In addition tot he basic setup I also changed a few things to get mine running as I wanted it. Once installed, the on-board help is pretty good and searching the wiki and forum helped me to get these things right:
  • ‘CRON’ jobs: regular tasks the router will perform:
    NB: If they aren't working try the command in the shell (without root but with 'sh ' prefix) its most likely the cron time format is wrong.
    • Update time every hour starting at 00:50:
      */50 */1 * * * root ntpclient pool.ntp.org; stopservice process_monitor; startservice process_monitor
    • Create log file every hour starting at 00:00:
      * */1 * * * root /tmp/www/log_gen.sh
    • WOL a local server via LAN every hour between 6am and 9pm (in case the server or router go off at any stage during the day):
      * 6-21/1 * * * root /usr/sbin/wol –i [router’s internal IP address] [target’s MAC address]
      NB: the full path to "/usr/sbin/wol" is important. Simply "wol" will not work.
  • Time: Enable NTP and set time server to a value eg. uk.pool.ntp.org
    NB: Time is checked at boot and 120 seconds after only so if no internet connection then need a cron to update it periodically as above.
  • DDNS: If you need to access your router or network remotely e.g. for a VPN then sign up for a service such as http://www.dyndns.com then under Setup/DDNS enter your username and password.
  • DNS:
    • Set DNSMasq to do DNS so that you can internally resolve URLs e.g. smtp.mydomain.com see Wiki entry for more information.
    • SET Static DNS1 as
      DNS2 as (Open Source DNS)
    • In Services/Services/Static Leases set your static IPs e.g. DNS server by MAC and name.
    • In Services/Services
      • If you have an Active Directory then set it as the primary DNS with:
        dhcp-option=6, x.x.x.x, y.y.y.y
        where: x.x.x.x = DNS1(AD server); y.y.y.y=DNS2(DD-WRT) Set the ADirectory DNS forwarder as the DD-WRT. Add strict-oder (ref and ref)
      • Do not set LAN Domain as it will append it to nslookups.
      • Additional DNSMasq Options and add a line like the following for each address to resolve: address=/prefix.mydomain.com/[local IP address here]
  • SSH: Consider enabling ssh (for local only access) so that you can login via putty to carry out more advanced tasks:
    Try enabling it with just a password first, then with a key, then add a passphrase.
    1. Use Puttygen to generate public/private key with passphrase:
      • Click Generate
      • Click over area and create key
      • Set key passphrase/confirm (this will be your root login)
    2. Enable SSH in Linksys web interface/Services/SecureShell/SSHd (only, no password etc.), paste in public key (ALL of it from Puttygen) and Set port e.g. 1024
    3. Start Putty set IP, port
    4. Enter file path of private key under Connection/SSH/Auth
    5. Click connect
    6. It should ask you for the username (root) and passphrase entered above (Shift Ins to paste into terminal window)
And once you’ve finished tweaking don’t forget to backup the settings: Admin/Backup/Backup button!

No comments:

Post a Comment