OpenWrt is a extremly powerful open-source router software that allows for advanced customization and configuration.

Enabling or disabling DHCP

To enable or disable DHCP on a specific interface, the easiest way is to use the LuCI interface. Go to Network > Interfaces > Edit > DHCP Server > and check Ignore interface. Alternatively, you can disable DHCP role on a specific interface by running the command dhcp.lan.ignore=1 in the terminal, za taj lan interface.

Setting Default Gateway and default DNS

Setting a default gateway and DNS using OpenWrt may not be immediately obvious, but it can be done easily through the LuCI interface. For more detailed instructions on how to set a different gateway IP via DHCP in OpenWrt, you can refer to the following guides: How to advertise different gateway, How to pushing non-default gateway via DHCP in OpenWRT? or: How to set Openwrt to use DNS

Based on those guides, in short, the procedure is the following:

  1. To set a default gateway and default DNS, you will first need to add the option 3, in LuCI by going to Network > Interfaces > LAN > DHCP Server > Advanced Settings > DHCP-Options.

  2. For the DNS server, you can add options such as 6,, in the same location.

Router: Buying Decision

When it comes to purchasing a router for OpenWrt, the CPU speed was primary for mysqld as well as mandatiry support for the OpenWrt firmware. Again, it turns out that Xiaomi is a amazing option and it’s not too expensive in Europe.

Tako sam uporedio svoje mogućnosti:

Router:    Xiaomi AIoT AC2350
CPU:       Qualcomm Atheros QCA956X, 1-core
Benchmark: 69m (obviously not relevant)
OpenWrt:   Easy to install

Router:    Xiaomi AX3200 / Redmi AX6S
CPU:       MediaTek MT7622B, Filogic 800, Dual-core A53 1.35GHz
Benchmark: 141m (not relevant)
OpenWrt:   Can be hard to install

Router:    Xiaomi AX3600
CPU:       Qualcomm IPQ8071A, 4-core A53 1GHz CPU (specs state 1.4GHz by mistake) + Network processing unit: Dual-core 1.7 GHz NPU
Benchmark: 144m (not relevant)
OpenWrt:   Easy to install

After comparing different options, I settled on the Xiaomi AIoT AX3600, which features a 6-core system including a NPU network acceleration engine. If you’re interested, you can check out a review of the router on the following link: Mi AIoT AX3600 –WiFi 6 ruter za male pare

Migrate “Static Leases” from old router to new

Migrating “Static Leases” from an old router to a new one is actually quite simple. All you need to do is selectively copy-paste the contents of /etc/config/dhcp. On OpenWrt routers, the table of static leases is located in the file /etc/config/dhcp and a selective copy-paste will do the job.

There is also a tool called GeekVisit/uproot that is specifically designed for migrating static leases between router models. With this tool, you first export the data, then copy it to your local machine, run the tool, and then transfer the result to the new router.

In my case, it was way easier to just manually do a copy-paste.

Incredible Selection of Packages

The first step in installing packages on OpenWrt is to glance at the comprehensive package table, which can be found here: Package table. Amazingly, this table contains a wide range of packages including PHP8, Python, Node.js, Ruby, and many different databases.

Before installing any packages, it is important to ensure that your package sources are up-to-date by running the command opkg update. This step may cause some issues but just repeat it, and it will end up resolved.

Some recommended packages are from the following sources here and here.

Of course, a web interface is essential for easy configuration, so it’s recommended to install opkg luci luci-ssl. Some other essential packages include opkg install nano htop curl bmon iperf3. For monitoring, you should install opkg install collectd collectd-mod-sensors collectd-mod-thermal luci-app-statistics.

I won’t install them immediately but some other packages that users recommended include: for Wireguard: opkg install luci-app-wireguard luci-proto-wireguard kmod-wireguard wireguard-tools; for soft irq balance irqbalance; some users recommend UDPspeeder for improving UDP speed, luci-app-ttyd for terminal in Luci, speedtest-netperf as a benchmarking tool that is really nice for tweaking settings.

Some Insanely Cool Services

OpenWrt offers a wide range of packages and services that can be run on the router, a comprehensive list can be found on the Additional services page.

It is possible to run various services on OpenWrt, even the ones that might seem impossible to run on a router such as a LAMP stack which includes Nginx, PHP, and MySQL. You can find a guide on how to set up a LAMP webserver stack on OpenWrt here.

It is important to note that running some services on a router might have an impact on the router’s performance and memory usage, so it’s recommended to check the system’s resources before installing any service.

The list of packages and services that can be run on OpenWrt is massive, and it’s just so exciting! The list of additional services]( is the place to explore.

But what blew my mind is that you can run a LAMP stack, including Nginx and PHP, and even MySQL on this little router - it’s just that incredible! You can find the guide on how to set it up here and my excitement for the possibilities is through the roof!

OpenWrt: Fascinating Configuration

Choosing a Country Code

Based on the country code, the router determines which options are available for you to use. This includes the available frequencies, how they can be used and the maximum allowed antenna gain on each frequency.

Read a explanation of country codes for Wi-Fi operation

When choosing a country code, keep in mind that code 00, also known as “World” is the most restrictive, as it complies with all laws in every country. If your device is set to this code, you will be compliant with every law no matter where you are in the world.

My research concluded that the PA (Panama) or KR (South Korea) profiles are quite lenient, but it also appears that Canada and Russia have similar profiles.

In general, I have found that it’s a good idea to look into the tables on the Wikipedia page for List of WLAN channels to get more detailed information.

Frequency Ranges: 20Hz, 40Hz, 80Hz

It’s worth mentioning that I had issues getting the 160MHz range to work and I am not sure why.

In general, the wider the frequency range, the faster the speed, but also the higher the potential for overlap and congestion. For example, the default maximum channel width of 20MHz supports a maximum speed of 130Mbps. Increasing this to 40MHz will increase the maximum theoretical speed to 300Mbps.

Radar Signal Frequencies

One very interesting thing, that also depends on the country, is DFS (Dynamic Frequency Selection). It is a feature in WiFi networks that enables the use of certain channels in the 5GHz band that are usually reserved for radar systems. When a WiFi device utilizing DFS detects radar signals on a channel it is currently using, it must vacate that channel within a certain time, known as the Non-Occupancy Period (NOP). The device must then select a new channel to use, and cannot return to the original channel for a certain period known as the Channel Availability Check (CAC) period. This helps to prevent WiFi networks from interfering with radar systems.

Country Code Changes How To

To change your country code, you can check your current settings using the following command:

iw reg get

You can also check the same information, but sorted by channel frequency with:

iw list

You can set your country code (for example Panama) through the command line, although it’s generally recommended to do it through the LuCI:

 iw reg set PA

Parametar: Coverage Cell Density

The “Coverage Cell Density” setting is a new option found under the “Advanced Settings” of the configuration for a radio. The higher you set this parameter, the faster clients will connect, but clients that are far away and unable to connect to the advertised speeds will be denied access entirely.

It is recommended to start with a high setting and gradually lower it until all your clients can connect, but usually “Normal” and “High” settings can be safely used while “Very High” is often problematic.

Guest WiFi: Setup It on Same Subnet

The conventional understanding of Guest WiFi is that it is a network that is completely separated from the main network and operates on a separate subnet. Furthermore, guests are completely isolated from the local network and are only given access to the internet.

However, in my current scenario, that level of isolation is not necessary.

The objective is to establish a new network with a distinct SSID while maintaining clients on the same subnet as the main network and maintaining visibility of clients within the current network.

  Network > Wireless
          > Select the "radio chip" that you want, 2.4GHz or 5GHz
          > ... and click "Add"

  Tab: General Setup

    Mode: Access Point
    ESSID: <your-guest-network-ssid>
    Network: must select somethin, in my case LAN

  Tab: Wireless Security

    Encryption: WPA2/WPA3
    Key: <desired-wifi-password>

  Tab: Advanced Settings

    Isolate Clients: Check or not, your decision

And that’s it. Simple as that.

OpenWrt: Package Management

Package manager is Opkg and here are some essential commands:

# Update package sources
opkg update

# Update package
opkg upgrade luci-app-internet-detector

# Install or remove package
opkg install luci-app-internet-detector
opkg install luci-app-internet-detector

# Simulate install or any other command
opkg install luci-app-internet-detector --noaction

# Remove a package and all its dependencies
opkg --autoremove luci-app-internet-detector

# list available packages in repos
opkg list luci-app-*

# List installed packages
opkg list-installed luci-app-*

# List all installed and upgradable packages 
opkg list-upgradable

# Upgrade all packages
opkg list-upgradable | cut -f 1 -d ' ' | xargs -r opkg upgrade

# Find package providing some file
opkg search file*

# Package info vs status, seems quite the same to me
opkg status luci-app-internet*
opkg info luci-app-internet*

Upgrade of all packages is discouraged as the chance of soft-bricking device is significant as warned here

Get list of packages I’ve installed

Here are the OpenWrt shell scripts, which have only one purpose to help you get a real list of packages that you have installed using opkg after setting up OpenWrt. While it may seem like a simple task, it’s not straightforward. I recommend checking out this file in this Gist for instructions and recommendations on which script to use.

Displaying a list of packages that I have personally installed is not a straightforward problem, as the status “user installed” will include various other packages besides the ones I installed. Therefore, using the opkg status command will produce way too many results and only confuse you.

In a nutshell, the approach that works most effectively in scripts is to use package installation timestamps and compare them to some reference timestamp to determine exactly which packages I have installed. One reference that some scripts use, for instance, is the kernel installation timestamp, which is the one that couldn’t have been installed later.

Here is the list of scripts mentioned in the original Gist from various sources, such as:

The basic and obvious script, for example by Kristaps Esterliņš, which would logically be expected to work correctly, but it does not. It is based on identifying “user installed” packages, which is not very accurate because there are many more such packages than those that I have installed. This is what I tried first and got disappointed.

If you don’t have curl installed, it’s usually easy to solve this by typing opkg install curl.

# download
wget -q -O ~/ && chmod +x "$_"

# and run

# or just run directly
curl -s | sh

The first proper solution was offered in a single Gist by Alfred Krohmer. However, in the comments, there are improved versions, all of which I tried, but in the end, I chose the one that displays the most accurate or minimal list of packages that I installed.

curl -s | sh

You’ll notice that the script is slow and also rather inaccurate, so do not hesitate to interrupt it if you can’t stand waiting.

There is a recommended improvement of this script. The script uses the busybox timestamp as a reference, but since you can update busybox via opkg update, its installation time is not ideal. The kernel is a part of the system that can’t be installed via opkg, so it’s better to use that instead, i.e. use opkg info kernel instead of opkg info busybox. In most cases both values will be the same, but in some cases using the kernel will be more accurate.

The updated version of the same script uses the same principle, but with a nicer appearance and significantly improved speed. It also generates files that contain lists of packages. However, the script is still just as inaccurate as before.

curl -s | sh

The following script by Eric Anderson is notably the fastest as it reads data from the file /usr/lib/opkg/status, without having to repeatedly execute opkg commands. More importantly, this script provides the best and most realistic results. The modified version of this script is my favorite and I actively use it.

curl -s | sh

For the last script, it is necessary to install the bash package since ash is the default shell for OpenWrt. However, I do not want to install bash solely for the purpose of running a single script. Therefore, unfortunately, I have not tested it. Use it as you wish.

curl -s | bash

The Script I’m Using

Finally, back to the script, which gave by far the best results. I copied it to /usr/bin and use it as the opkg-my command. If you want to do the same, just type the following

wget -q -O /usr/bin/opkg-my && chmod +x "$_"

And you can always run it directly, without installation:

curl -s | sh

Packages I’m using

As a basic requirement, the following must be installed:

opkg install curl nano

To display whether the internet is working, I used the super reliable and easy-to-use internet detector gSpotx2f/luci-app-internet-detector. However, since it cannot be installed from the official repository, I opted for available dashboard package:

opkg install luci-mod-dashboard

To display various statistics, I installed the following:

opkg install collectd-mod-memory collectd-mod-thermal luci-app-cpu-status luci-app-temp-status luci-app-interfaces-statistics luci-app-statistics

Using DNS over [OpenWrt Wiki] DoH with Dnsmasq and https-dns-proxy

Some packages

opkg install arp-scan arp-scan-database
arp-scan --interface br-lan --localnet

Dve bitne komande za info:

iw dev iw phy phy0 info

date 19. Jan 2022 | modified 29. Dec 2023
filename: Hardware » Communications » OpenWrt and Routers