Setting Up OpenWRT Router as a Dumb AP

2025-05-18

Setup

Follow the steps in [1], and make sure to plug the Ethernet cable to the LAN port of the wireless AP.

The Wan ports should be disabled unless you need to use it as lan port (see [1])

Post Setup

WED and HW Flow Offloading

Follow the instructions in the dumbAP router's wiki page, and enable HW flow offloading and WED.

Install bridger to enable WED for the dumbAP:

opkg update
opkg install bridger
reboot

It may not work, however the performance increase is only marginal.

Setup Unbound

For the dumb AP, it should only have odhcpd-ipv6only to get ipv6 address from main router, and no other dhcp service should be running.

To install unbound, run the following:

opkg update
opkg remove dnsmasq
opkg install unbound-control unbound-daemon

uci -q delete dhcp.@dnsmasq[0]
service odhcpd restart
uci set unbound.@unbound[0].add_local_fqdn="3"
uci set unbound.@unbound[0].add_wan_fqdn="1"
uci set unbound.@unbound[0].dhcp4_slaac6="1"
uci commit unbound
service unbound restart
uci commit dhcp
service odhcpd restart

On main router, to use unbound as dns server:

opkg update
opkg install unbound-daemon unbound-control
opkg install luci-app-unbound

On both servers, run the following:

# Enable control and remove default zones
uci set unbound.@unbound[0].unbound_control="1"
uci set unbound.fwd_google.enabled="0"
uci set unbound.fwd_cloudflare.enabled="0"
while uci -q del unbound.@zone[4]; do :; done
# Add Tencent DNS
uci add unbound zone
uci set unbound.@zone[-1].enabled="1"
uci set unbound.@zone[-1].fallback="0"
uci set unbound.@zone[-1].zone_type="forward_zone"
uci add_list unbound.@zone[-1].zone_name="."
uci add_list unbound.@zone[-1].server="1.12.12.21"
uci add_list unbound.@zone[-1].server="120.53.53.53"
uci set unbound.@zone[-1].tls_upstream="1"
uci set unbound.@zone[-1].tls_index="dot.pub"
# Add AliDNS
uci add unbound zone
uci set unbound.@zone[-1].enabled="1"
uci set unbound.@zone[-1].fallback="0"
uci set unbound.@zone[-1].zone_type="forward_zone"
uci add_list unbound.@zone[-1].zone_name="."
uci add_list unbound.@zone[-1].server="223.5.5.5"
uci add_list unbound.@zone[-1].server="223.6.6.6"
uci add_list unbound.@zone[-1].server="2400:3200:baba::1"
uci add_list unbound.@zone[-1].server="2400:3200::1"
uci set unbound.@zone[-1].tls_upstream="1"
uci set unbound.@zone[-1].tls_index="dns.alidns.com"
# Save
uci commit unbound

Then set dnsmasq's resolver to another port: [2]

uci set dhcp.@dnsmasq[0].noresolv="1"
uci set dhcp.@dnsmasq[0].port="1053"
uci commit dhcp

Finally, apply with:

service unbound restart
service rpcd restart
service dnsmasq restart

QoL packages

For dumbAP

opkg update
opkg install luci-app-unbound luci-app-attendedsysupgrade iperf3

For main router

opkg update
opkg install iperf3

  1. https://openwrt.org/docs/guide-user/network/wifi/wifiextenders/bridgedap ↩2

  2. https://github.com/openwrt/packages/blob/master/net/unbound/files/README.md#parallel-dnsmasq

(This is the latest article.)You Can Now Comment on This Site, Powered by Giscus >