OpenWRT on Mikrotik Routerboard 411/750

Introduction

The Mikrotik Routerboards are cheap and versatile embedded platforms that can be used for routers, WiFi APs and the like. In a rather wide range of products, I happen to have access to the RB411 and the RB750 two devices of very different properties. While the RB750 is effectively a 5 port 10/100 Mbit Ethernet switch with an Atheros AR71xx CPU on it, the RB411 has the same CPU with one Ethernet port and a Mini PCI slot as well as a serial port (and a beeper ). Because of their price (around 40 €), both are very interesting targets to do some experiments with them. Unfortunately, they come with Mikrotiks RouterOS which seems to be a modified Linux that officially cannot be modified. Interestingly, the RB do not ship with a GPL and as far as I have heard, Mikrotik does not publish the source code as required by the GPL. So, who wants RouterOS anyway?
Although I do not have other Mikrotik products, I assume that the OpenWRT flash procedure is similar for products using RouterBOOT as bootloader and the Atheros AR71xx CPU. However, this guide comes without warranty, everything you do is at your full risk. Although I was unable to do so, there is a certain risk of permanently bricking your device.
The process of flashing the Routerboard has 5 major steps:

1. Prepare an OpenWRT Ramdisk Image
2. Prepare the OpenWRT target Image
3. Configure the TFTP and DHCP Server
4. Boot the Routerboard using the Ramdisk Image
5. Flash the Target Image

Preparation Procedure

Prepare an OpenWRT Ramdisk Image

Compiling OpenWRT from the SVN is actually more straight forward than you might imagine. Take your favorite Linux Distribution (Ubuntu in my case), check our the SVN, configure it and hit make. There you go.

1. Get the source code
   Check out the latest and greatest version of OpenWRT:

   1	svn co svn://svn.openwrt.org/openwrt/trunk/</em>

   I have used revision 27019.
2. Configure OpenWRT according to your needs

   1 2	cd trunk make menuconfig

   While you are of course free to select all the packages you need and deselect those you do not need, you have to set the following options to make it work in the Routerboards:
   

   1 2 3

   Target System: Atheros AR71xx Subtarget: Devices with NAND flash (mostly Mikrotik) Target Images: ramdisk

3. Build it
   The build process of OpenWRT takes a long time, but is very simple:

   1

   make

   The result image is located in the bin/ar71xx directory and is called openwrt-ar71xx-nand-vmlinux-initramfs.elf.

Prepare the OpenWRT target Image

1. Configure OpenWRT according to your needs

   1 2	cd trunk make menuconfig

   This time, you have to change the Target Images to tar.gz as follows:
   

   1 2 3

   Target System: Atheros AR71xx Subtarget: Devices with NAND flash (mostly Mikrotik) Target Images: tar.gz

2. Build it

   1

   make

   The target image consists of two files in the bin/ar71xx directory:
   
   • Kernel Image: openwrt-ar71xx-nand-vmlinux.elf
   • Root File System: openwrt-ar71xx-nand-rootfs.tar.gz

Configure the TFTP and DHCP Server

1. Configure your network Interface
   The network interface to which the Routerboard is connected must have a unique IP with a DHCP running on it. To make debugging easier, it is usually a good idea to directly connect the Routerboard to your NIC without other devices involved.
   Configure the Interface within the subnet 192.168.1.0/24 (OpenWRTs default subnet) but try to avoid 192.168.1.1 (OpenWRTs default IP). I have used 192.168.1.2.
2. Install DHCP and TFTP Servers
   You will need a DHCP Server to assign an IP address to the Routerboard for the flash process. Also, the DHCP server tells the board which file to use as image. Frankly, the tftp Server is responsible to provide the image file to the RB.
   On Ubuntu Linux, I have used these packages:

   1	apt-get install dhcp3-server atftpd

3. Configure the DHCP Server
   The DHCP Server does not need much configuration. I use the following as /etc/dhcp3/dhcpd.conf:

   1 2 3 4 5 6 7 8 9 10 11 12 13

   allow booting; allow bootp;   subnet 192.168.1.0 netmask 255.255.255.0 {   range 192.168.1.10 192.168.1.200; }   host routerboard {   hardware ethernet 00:0c:42:XX:YY:ZZ;   fixed-address 192.168.1.100;   next-server 192.168.1.2;   filename "openwrt-ar71xx-nand-vmlinux-initramfs.elf"; }

   You may want to modify the IP range to match your subnet, the hardware ethernet MAC address of your router board, the next-server address of your tftp server and the filename of the ramdisk image that should be booted over the network.
4. Configure the TFTP Server
   Edit /etc/default/atftps to avoid running the daemon over inetd. My file looks like this:

   1 2	USE_INETD=false OPTIONS="--tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /tftpboot"

   You can see, that the tftp server will look for image files in /tftpboot. Either change this directory or copy the OpenWRT ramdisk image (openwrt-ar71xx-nand-vmlinux-initramfs.elf) to /tftpboot.
   

   1	cp bin/ar71xx/openwrt-ar71xx-nand-vmlinux-initramfs.elf /tftpboot

5. Apply the changed configuration

   1 2	/etc/init.d/dhcp3-server reload /etc/init.d/atftpd reload

Flash process for Routerboard 750

Booting the Ramdisk Image

The purpose of this step is to have a ramdisk version of OpenWRT running on the routerboard. This is a good basis for our flashing process and can also be used to test images without flashing them. This involves the following steps:

1. Connecting the Routerboard
   Connect port 1 of the Routerboard with the Ethernet port that your DHCP and TFTP server listens on.
2. Boot the Routerboard
   Now press and hold the “RES” button of the router board and connect power. Both LEDs (PWR and ACT) will be constantly on, keep pressing the button. After some seconds the “ACT” LED starts flashing, keep pressing. After some more seconds, the “ACT” LED turns off, now you can stop pressing the button. The board will now try to obtain an IP address via DHCP/BOOTP and then download and boot the Ramdisk image. You can see this activity by looking at the appropriate log files:

   1	tail -f /var/log/daemon.log /var/log/messages

   You should see something like this:
   

   1 2 3

   May 27 13:21:26 tk dhcpd: BOOTREQUEST from 00:0c:42:XX:YY:ZZ via eth1 May 27 13:21:26 tk dhcpd: BOOTREPLY for 192.168.1.101 to routerboard (00:0c:42:XX:YY:ZZ) via eth1 May 27 13:21:26 tk atftpd[26400]: Serving openwrt-ar71xx-nand-vmlinux-initramfs.elf to 192.168.1.101:33321

   Sit and wait until 192.168.1.1 starts replying to pings. Now you can log into the board using telnet (ssh login is not possible, since no password is set as of yet).
   

   1	telnet 192.168.1.1

Flash the target Image

3. Erase the flash memory
   You can look at the existing flash partitions by looking at /proc/mtd.

   1 2 3 4 5

   root@OpenWrt:~# cat /proc/mtd dev:    size   erasesize  name mtd0: 00040000 00004000 "booter" mtd1: 003c0000 00004000 "kernel" mtd2: 03c00000 00004000 "rootfs"

   Now, erase the content of “kernel” and “rootfs”:
   

   1 2	mtd erase kernel mtd erase rootfs

4. Create new file systems
   After erasing the content of the flash, we now need to create new yaffs2 partitions. In principle, we could also make the rootfs ext2/3/4, but I have not tried this. The kernel partition has to be yaffs2 as far as I know to be compatible with the bootloader.

   1 2 3

   mkdir /mnt/kernel /mnt/rootfs mount -t yaffs2 /dev/mtdblock1 /mnt/kernel mount -t yaffs2 /dev/mtdblock2 /mnt/rootfs

5. Copy the images onto the Routerboard
   Copying the images onto the routerboard can be done in multiple ways, I have used secure file copy (scp). First, we have to create a password for the root user. On the routerboard, execute

   1

   passwd

   and set a password. On the linux PC, you can now copy the images onto the Routerboard:
   

   1	scp bin/ar71xx/openwrt-ar71xx-nand-rootfs.tar.gz bin/ar71xx/openwrt-ar71xx-nand-vmlinux.elf root@192.168.1.1:/tmp

6. Flash the images onto the Routerboard
   Flashing the images is simple, once you have them on the Routerboard. First, the kernel:

   1 2 3

   mv /tmp/openwrt-ar71xx-nand-vmlinux.elf /mnt/kernel/kernel chmod +x /mnt/kernel/kernel umount /mnt/kernel

   Now the root filesystem:
   

   1 2 3 4

   cd /mnt/rootfs tar -xvzf /tmp/openwrt-ar71xx-nand-rootfs.tar.gz cd / umount /mnt/rootfs

7. That’s it, you are done
   Finally, reboot the routerboard.

   1

   reboot

   After some while, you should be able to ping the board at 192.168.1.1.

What if the Routerboard does not boot?

Do not panic. If the board is not reachable at 192.168.1.1 after some minutes, something must have gone wrong. You can always recover the boards using Mikrotiks Netinstall. Also, you can start again at the point where the ramdisk image should have booted. Unfortunately, the RB750 does not have a serial port, debugging problems with the linux boot process is probably *very* annoying.

Flash process for Routerboard 411

The flash process for the Routerboard 411 is almost similar to the process for the RB750 – only the flash layout is a bit different and hence the number of the target partitions have to be changed. Apart from that, you can use the exact same procedure. However, since the RB411 offers a serial port, debugging is much more convenient.

Booting the Ramdisk Image

The purpose of this step is to have a ramdisk version of OpenWRT running on the routerboard. This is a good basis for our flashing process and can also be used to test images without flashing them. This involves the following steps:

1. Connecting the Routerboard
   Connect the Ethernet port of the Routerboard with the Ethernet port that your DHCP and TFTP server listens on.
2. Configure the Bootloader
   Connect a serial cable to the serial port of the routerboard using the settings 115200 8n1. The boot process should look similar to this:

   1 2 3 4 5 6 7 8

   RouterBOOT booter 2.27   RouterBoard 411   CPU frequency: 300 MHz   Memory size:  32 MB   Press any key within 2 seconds to enter setup

   Press any key and you will end up here:
   

   1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

   RouterBOOT-2.27 What do you want to configure?    d - boot delay    k - boot key    s - serial console    n - silent boot    o - boot device    u - cpu mode    f - cpu frequency    r - reset booter configuration    e - format nand    g - upgrade firmware    i - board info    p - boot protocol    b - booter options    t - do memory testing    x - exit setup your choice:

   Change the “boot device” (o) to “boot over Ethernet” (e). Reboot with x.
3. Boot the Routerboard
   While looking at the serial terminal, you should see something like:

   1 2 3 4 5 6 7 8 9 10 11 12

   RouterBOOT booter 2.27   RouterBoard 411   CPU frequency: 300 MHz Memory size:  32 MB   Press any key within 2 seconds to enter setup.. trying bootp protocol... OK Got IP address: 192.168.1.100 resolved mac address 00:E0:4C:XX:YY:ZZ transfer started ..........................

Flash the target Image

4. Erase the flash memory
   You can look at the existing flash partitions by looking at /proc/mtd.

   1 2 3 4 5 6 7 8 9 10

   root@OpenWrt:~# cat /proc/mtd root@OpenWrt:/# cat /proc/mtd dev:    size   erasesize  name mtd0: 0000b000 00001000 "routerboot" mtd1: 00001000 00001000 "hard_config" mtd2: 00002000 00001000 "bios" mtd3: 00001000 00001000 "soft_config" mtd4: 00040000 00004000 "booter" mtd5: 005c0000 00004000 "kernel" mtd6: 03a00000 00004000 "rootfs"

   Now, erase the content of “kernel” and “rootfs”:
   

   1 2	mtd erase kernel mtd erase rootfs

5. Create new file systems
   After erasing the content of the flash, we now need to create new yaffs2 partitions. In principle, we could also make the rootfs ext2/3/4, but I have not tried this. The kernel partition has to be yaffs2 as far as I know to be compatible with the bootloader.

   1 2 3

   mkdir /mnt/kernel /mnt/rootfs mount -t yaffs2 /dev/mtdblock5 /mnt/kernel mount -t yaffs2 /dev/mtdblock6 /mnt/rootfs

6. Copy the images onto the Routerboard
   Copying the images onto the routerboard can be done in multiple ways, I have used secure file copy (scp). First, we have to create a password for the root user. On the routerboard, execute

   1

   passwd

   and set a password. On the linux PC, you can now copy the images onto the Routerboard:
   

   1	scp bin/ar71xx/openwrt-ar71xx-nand-rootfs.tar.gz bin/ar71xx/openwrt-ar71xx-nand-vmlinux.elf root@192.168.1.1:/tmp

7. Flash the images onto the Routerboard
   Flashing the images is simple, once you have them on the Routerboard. First, the kernel:

   1 2 3

   mv /tmp/openwrt-ar71xx-nand-vmlinux.elf /mnt/kernel/kernel chmod +x /mnt/kernel/kernel umount /mnt/kernel

   Now the root filesystem:
   

   1 2 3 4

   cd /mnt/rootfs tar -xvzf /tmp/openwrt-ar71xx-nand-rootfs.tar.gz cd / umount /mnt/rootfs

8. Reconfigure the Bootloader
   Reboot the board and enter the bootloader. Now change the boot device (o) to “boot from NAND, if fail then Ethernet” (n). Save settings with x.
9. That’s it, you are done
   After some while, you should be able to ping the board at 192.168.1.1.

What if the Routerboard does not boot?

Do not panic. Look onto the serial terminal to see, at which state the Routerboard is stuck. You can always recover the boards using Mikrotiks Netinstall.