Installing OpenWrt on the Mikrotik hap-ac
Posted on December 1, 2019 by
Recently I purchased a Mikrotik hap-ac router as I am in the process of moving away from the unify access points I currently use in my home network. The main reasons for this is the numerous GPL violations, the introduction of a call home feature without telling users, as well as the lack of deeper control that only comes with open source software. In any case, the end goal is to leverage Openwisp as the wireless access point controller, and OpenWrt powered access points everywhere in the house. One nice thing about using OpenWrt is that my older Unify AC-LR, also supports it, so I can use a similar process to the one I will describe in this article to leverage my older equipment in the case I do not sell it right away.
This article will detail how to install OpenWrt on the Mikrotik hap-ac router, but will save setup of the access points as well as Openwisp to another article.
Though there is a guide provided within the OpenWrt wiki regarding installation onto Mikrotik (and other) devices, I found that it was not as clear as it could be, mainly due the many options mentioned, but none clearly demonstrated. Here I would like provide clear and concise instructions on how to install OpenWrt on the Mikrotik hap-ac, though the process could be used for any netboot installation of OpenWrt (with some modification).
The high-level process is quiet simple, and the OpenWrt does do a good job of describing this in its wiki. Here is the TLDR:
- Ensure router/device will utilize netboot upon start. This will vary per router/device.
- Run local
dhcp
server andtftp
server, ensuring the appropriate firmware file is referenced asdhcp
option 66
. - Ensure router/device is plugged into computer running the
dhcp+tftp
server. - Reboot the router and keep an eye on the
dhcp
/tftp
server logs to confirm the router gets an ip address from the local dhcp server, as well as downloads the firmware binary referenced bydhcp option 66
.
Now luckily dnsmasq provides both a dhcp
and
tftp
server, which is easy to configure and use. First, ensure dnsmasq
is installed, and
place the following in /etc/dnsmasq.conf
.
port=0
interface=enp0s20f0u2u4
bind-interfaces
dhcp-range=192.168.0.11,192.168.0.150,12h
dhcp-boot=openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin
dhcp-option-force=66,192.168.0.10
enable-tftp
tftp-root=/srv/tftp
Make sure to change the interface
to match which one you are using to connect to the router.
Additionally, create a folder to store tftp
files and download the appropriate firmware binaries
to this directory, referencing them correctly in the dnsmasq
configuration dhcp-boot
and
tftp-root
mkdir /srv/tftp
chown dnsmasq:dnsmasq /srv/tftp
Finally, we need to start the dnsmasq
service, power cycle the router and watch the log
output from the dnsmasq
service.
Assuming you are using systemd
, you would do this like so:
sudo systemctl start dnsmasq
sudo journalctl -fu dnsmasq
Below is a sample of the log output I received when netbooting my Mikrotik hap-ac:
Nov 20 21:02:04 rekahsoft-work dnsmasq[23837]: dnsmasq: syntax check OK.
Nov 20 21:02:04 rekahsoft-work systemd[1]: Started A lightweight DHCP and caching DNS server.
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: started, version 2.80 DNS disabled
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: compile time options: IPv6 GNU-getopt DBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify dumpfile
Nov 20 21:02:04 rekahsoft-work dnsmasq[23839]: DBus support enabled: connected to system bus
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, IP range 192.168.0.11 -- 192.168.0.150, lease time 12h
Nov 20 21:02:04 rekahsoft-work dnsmasq-dhcp[23839]: DHCP, sockets bound exclusively to interface enp0s20f0u2u4
Nov 20 21:02:04 rekahsoft-work dnsmasq-tftp[23839]: TFTP root is /srv/tftp
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:17 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:19 rekahsoft-work dnsmasq-tftp[23839]: sent /srv/tftp/openwrt-18.06.5-ar71xx-mikrotik-rb-nor-flash-16M-ac-initramfs-kernel.bin to 192.168.0.108
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPDISCOVER(enp0s20f0u2u4) 74:4d:28:f0:40:28
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPOFFER(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPREQUEST(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
Nov 20 21:02:42 rekahsoft-work dnsmasq-dhcp[23839]: DHCPACK(enp0s20f0u2u4) 192.168.0.108 74:4d:28:f0:40:28
You'll notice that first the router receives an IP address via DHCP
followed by the
appropriate firmware binary being sent to the device. At this point, the router will be running
OpenWrt, though completely ephemerally until it is permanently installed (either via the web
interface or via ssh). I was unable to do the installation via the web interface as when net
booting, device board auto-recognition did not work correctly (with a message saying
"Sysupgrade is not yet supported on unknown."), which required me dropping the appropriate
board version into /some/path/to/the/board/file/openwrt
(see this form
post). Since I was already there, I
proceeded to complete the installation via command-line, though it would have been just as easy
to go back to the web ui.
There we have it! OpenWrt installed onto a Mikrotik hap-ac router. Easy peasy, thanks to dnsmasq
!