Long-term Memory

I bought myself a new WiFi router. When in the shop, I specifically searched for a router that is supported by dd-wrt, and has (at least) 8MB of flash. I settled for the Linksys WRT320N: it has a dual band (switchable between 2.4GHz and 5GHz, not simultaneous) 802.11a/b/g/n radio, a 4 port GbE switch, and a WAN port. It houses a Broadcom BC4717 processor running at 354MHz, 8MB of flash and 32MB of RAM.

The default Linksys firmware is actually not bad, but dd-wrt just offers a ton more features: Multiple SSIDs, IPv6 support (including Sixxs tunneling), WAN volume monitoring, custom firewalling, traffic shaping, … So I decided to void my warranty and put my router on steroids! Mandatory note: this may very well turn your router in to a very expensive brick.

The initial flash

After reading through the dd-wrt forum (most notably these three posts) and the wiki page, I learned a few things:

• Apparently, this router has its reset button wired to the wrong GPIO pin. Therefor, the 30/30/30 reset DOES NOT WORK on this router! There is an alternative: use at least version 13493, power down the router, push and hold the WPS button (on top), power up the router, hold the WPS button for 10-12 more seconds, then release.
• The latest recommended firmware is BrainSlayer’s 14929

This is the procedure I followed, with success, starting from Linksys version v1.0.03 (build 010Jul 24, 2009):

1. Download the tailored build for the WRT320N (for the freaks, my binary MD5s to e1d7edd368bf5259c18a0874c5e761db).
2. Connect via wired ethernet to the router. That way, you can see the link going up/down.
3. In the Linksys firmware, upload this file.
4. Wait 5 very long minutes.
5. Configure yourself a static IP in the 192.168.0.0/24 network (I use 192.168.0.8)
6. Direct your browser to http://192.168.0.1/
7. Set a temporary password
8. Wait 1 minute
9. Reset the router: Power down, push & hold WPS button, power up, keep holding for 11 seconds, release.
10. Close & reopen your browser to flush all cached pages and credentials
11. Direct your browser to http://192.168.0.1/
12. Enjoy

The upgrade

After the initial flash, you can upgrade to any regular version, but keep in mind that this unit requires a 2.6 kernel. I choose the 14929-mini version (md5 af9ab2ff822ab69d26fa7308d47ad05a), not because it provided all I need (it doesn’t support IPv6 for example), but because it leaves the most free space for me to fiddle with.

To switch versions, I always follow this overly cautious procedure:

1. Reset to defaults: power down, push & hold WPS button, power up, keep holding for 11 seconds, release
2. Make sure your IP is in the correct range (192.168.0.0/24)
3. Set a temporary password
4. Upload the new firmware
5. Wait until the browser is again at the “Set password” page
6. Set temporary password
7. Reset to defaults again

The settings

Most configuration is fairly straightforward with the GUI. But setting up a second, routed SSID needed a little non-intuitive work:

• Go to Wireless -> Basic Settings and add a new Virtual Interface
  • Leave Network Configuration to Bridged
• Go to Setup -> Networking
  • Under Create Bridge, click Add
  • Name the new bridge “br1″ and disable STP
  • Apply Settings
  • Now add the desired IP and Subnet mask for this brigde-port
  • Apply Settings again
  • Click Add under Assign to bridge
  • Now assign the wl0.1 interface to this newly created bridge br1
• Optionally Add a DHCP range for br1. In this case, you need to use DNSmasq as DHCP-server.

Some guides tell you to configure it in Unbridged mode. Using Bridged mode gives the potential advantage that you can link a wired port to this IP-range easily.

Now you can easily firewall between the two WLANs by putting iptables-lines in the startup script.