The Complete OpenWrt Guide 2026: Turn Your Old Router into a Software Router with This Open-Source OS

2026-05-25 OpenWrt Software Router Linux Router Networking

What Is OpenWrt?

OpenWrt is a Linux operating system designed for embedded devices, built specifically for routers, gateways, and other network hardware. Its biggest difference from stock router firmware:

Full package management (opkg): Install and remove software on the fly, just like apt on Ubuntu
Writable filesystem: No longer locked into whatever the vendor pre-installed
Modular design: Install only what you need, no bloat
Free and open source: GPL-2.0 licensed, over 20k stars on GitHub

In short, a router running OpenWrt is basically a compact Linux server — you can use it as a DHCP server, firewall, DNS server, ad blocker, VPN gateway, smart home hub, or even run Docker containers.

OpenWrt vs Stock Router Firmware

Feature	Stock Router Firmware	OpenWrt
Filesystem	Read-only (squashfs)	Read-write
Software installation	Vendor pre-installed, no expansion	opkg package manager, thousands of packages
Custom configuration	Limited	Full control (SSH + LuCI web interface)
Update cycle	Vendor decides (may go years without updates)	Community-maintained, continuously updated
Source code	Usually closed	Fully open source (GPL-2.0)

OpenWrt vs DD-WRT vs Padavan

OpenWrt has the richest ecosystem among open-source router systems. By comparison: - DD-WRT: Long history, but package management isn't as flexible as OpenWrt - Padavan (Laomaozi): Popular in China, but mainly targets specific chipsets with limited customizability - LEDE: Merged back into OpenWrt in 2018, no longer exists as a standalone project

Hardware Selection: Devices Worth Flashing OpenWrt in 2026

Option 1: Repurpose an Old Router (Zero Cost)

If you have a retired router at home, check compatibility first:

Visit the OpenWrt hardware database
Enter your router's brand and model
Check the support status: Supported (full support) / Technically available (works but needs tinkering) / Unsupported

Commonly well-supported routers: - Xiaomi Redmi AX6S / AX3000T - Phicomm K2P / K3 - Netgear R6220 / R7800 - ASUS RT-AC58U / RT-ACRH17 - TP-Link Archer C7 v2/v4/v5

Option 2: Dedicated Software Router Hardware (Recommended)

If you're serious about OpenWrt, an x86 software router is your best bet:

Device	Price Range	Highlights
Intel N100 mini PC	¥300-600	Low power (6W TDP), overkill performance
CWWK N5105 / N6005	¥400-800	4 Ethernet ports, a software router classic
Beikong J4125 industrial PC	¥500-900	6 Ethernet ports, rock-solid stability
Old laptop	¥0	Built-in UPS (battery), power-efficient

2026 recommendation: The Intel N100 mini PC offers the best bang for the buck. At just 6W TDP with quad-core, quad-thread performance, it handles OpenWrt + Docker with ease. You can find one for around ¥300 on Xianyu (China's secondhand marketplace).

Option 3: Development Boards

Raspberry Pi 4 / 5: Officially supported by OpenWrt, great for beginners
NanoPi R4S / R5S: Made by FriendlyElec, dual Ethernet ports, a popular software router choice
RK3568 / RK3588 boards: Powerful, but requires some hands-on skills

Flashing Tutorial from Scratch

⚠️ Warning: Flashing carries risk — you could brick your router if something goes wrong. Always search for a model-specific guide for your router before proceeding.

Step 1: Back Up the Stock Firmware

Always back up before flashing! If something goes wrong, you'll need it to recover.

Via SSH (if SSH is already enabled on your router):

# SSH into the router
ssh root@192.168.1.1

# Back up the entire firmware (send to your local PC via TFTP)
cat /dev/mtd0 > /tmp/original_firmware.bin
# Then download the file from the router

Via TTL serial (universal method):

# You'll need a USB-to-TTL adapter (CH340/CP2102, about ¥10)
# After connecting, run this on your PC
minicom -D /dev/ttyUSB0 -b 115200

# Once in U-Boot, run the backup commands

Step 2: Flash OpenWrt

Method A: Via Web Interface (Easiest)

Download the OpenWrt firmware image (.bin file) for your model - Go to the OpenWrt Firmware Selector - Enter your device model and pick the latest version
Log into your router's admin page (usually 192.168.1.1)
Navigate to System Tools → Firmware Upgrade
Upload the .bin file and wait for the automatic reboot

Method B: Via Breed Bootloader (Recommended, Bricking-Proof)

Breed is a resilient U-Boot bootloader — once it's installed, bricking is practically a thing of the past.

# 1. Flash Breed first (requires SSH or TTL access)
# Breed files are typically in .bin format

# 2. Hold the router's Reset button while powering on to enter the Breed Web interface
# Open your browser and go to 192.168.1.1

# 3. In the Breed interface, select the OpenWrt firmware and flash it
# Breed supports recovery, so even if you flash the wrong image, you can re-flash

Method C: x86 Software Router via USB Drive

# 1. Download the x86 OpenWrt image (combined-ext4.img.gz)
wget https://downloads.openwrt.org/releases/23.05.3/targets/x86/64/openwrt-23.05.3-x86-64-generic-ext4-combined.img.gz

# 2. Decompress
gunzip openwrt-23.05.3-x86-64-generic-ext4-combined.img.gz

# 3. Write to USB drive (assuming /dev/sdb — double-check this!)
sudo dd if=openwrt-23.05.3-x86-64-generic-ext4-combined.img of=/dev/sdb bs=4M status=progress

# 4. Boot the software router from the USB drive; OpenWrt will automatically write to the internal drive

Step 3: First-Time Configuration

After a successful flash, OpenWrt defaults to:

LAN IP: 192.168.1.1
Web interface: http://192.168.1.1 (LuCI)
SSH: ssh root@192.168.1.1 (no password)

# SSH in (no password on first login, just press Enter)
ssh root@192.168.1.1

# Set a root password
passwd

# Update the package list
opkg update

# Install the Chinese language pack
opkg install luci-i18n-base-zh-cn

# Refresh the web interface — it should now appear in Chinese

Step 4: Basic Network Configuration

# Edit the network config file
vi /etc/config/network

# Typical LAN config example:
# config interface 'lan'
#     option type 'bridge'
#     option ifname 'eth0'
#     option proto 'static'
#     option ipaddr '192.168.2.1'
#     option netmask '255.255.255.0'

# Restart the network service
/etc/init.d/network restart

Core Features in Action

1. DHCP Server Configuration

OpenWrt has DHCP enabled by default, but you can customize the address pool:

# Edit DHCP config
vi /etc/config/dhcp

# Key settings:
# config dhcp 'lan'
#     option interface 'lan'
#     option start '100'          # Starting address offset
#     option limit '150'          # Pool size
#     option leasetime '12h'      # Lease duration
#     option ra 'server'          # IPv6 RA mode
#     option dhcpv6 'server'      # IPv6 DHCP

# Restart DHCP service
/etc/init.d/dnsmasq restart

Assign static IPs to specific devices:

# Add to /etc/config/dhcp:
# config host
#     option name 'nas'
#     option mac 'AA:BB:CC:DD:EE:FF'
#     option ip '192.168.2.100'

2. Firewall Configuration

OpenWrt's firewall is built on iptables/nftables. Default rules:

LAN zone: Allow all inbound/outbound
WAN zone: Block inbound, allow outbound
Forwarding rules: LAN → WAN allowed, WAN → LAN blocked

Open a specific port (e.g., NAS management interface):

# Via LuCI web interface: Network → Firewall → Port Forwards

# Or via command line:
uci add firewall rule
uci set firewall.@rule[-1].name='Allow-NAS'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].dest_port='8080'
uci set firewall.@rule[-1].target='ACCEPT'
uci set firewall.@rule[-1].proto='tcp'
uci commit firewall
/etc/init.d/firewall restart

3. DNS Configuration

Speed up DNS with SmartDNS:

# Install SmartDNS
opkg install smartdns

# Configure SmartDNS to use multiple upstream DNS servers
vi /etc/smartdns/smartdns.conf

# Add upstream DNS servers:
# server 223.5.5.5 -group alidns
# server 119.29.29.29 -group dnspod
# server 8.8.8.8 -group google

# Set the listening port
# bind :6053

# Set DNS cache size
# cache-size 512

# Restart the service
/etc/init.d/smartdns enable
/etc/init.d/smartdns restart

4. Ad Blocking (AdGuard Home / Adbyby)

Option A: Install AdGuard Home (Recommended)

# Install via opkg
opkg install adguardhome

# Or manually install the latest version:
wget https://github.com/AdguardTeam/AdGuardHome/releases/latest/download/AdGuardHome_linux_armv7.tar.gz
tar -xzf AdGuardHome_linux_armv7.tar.gz
./AdGuardHome -s install

# Open your browser and go to http://192.168.2.1:3000 to complete setup

Option B: Use Adbyby (lighter weight)

opkg install adbyby
/etc/init.d/adbyby enable
/etc/init.d/adbyby start

5. VPN Server

Set up a WireGuard VPN (the most recommended VPN solution in 2026):

# Install WireGuard
opkg install wireguard-tools luci-app-wireguard

# Generate WireGuard keys on the WAN side
wg genkey > /etc/wireguard/server_private.key
wg pubkey < /etc/wireguard/server_private.key > /etc/wireguard/server_public.key

# Edit the config
vi /etc/wireguard/wg0.conf

Sample config file:

[Interface]
PrivateKey = <your server private key>
Address = 10.8.0.1/24
ListenPort = 51820

# Client 1
[Peer]
PublicKey = <client public key>
AllowedIPs = 10.8.0.2/32

# Start WireGuard
wg-quick up wg0

# Enable on boot
/etc/init.d/wireguard enable

Power-User Tips

Docker Container Support

OpenWrt can run Docker, giving you near-unlimited extensibility!

# Install Docker
opkg install docker docker-compose luci-app-dockerman

# Start the Docker service
/etc/init.d/dockerd enable
/etc/init.d/dockerd start

# Verify the installation
docker --version
docker info

Hands-on: Run Home Assistant (Smart Home) on OpenWrt:

# Create a persistent storage directory
mkdir -p /srv/homeassistant

# Pull and run
docker run -d \
  --name homeassistant \
  --restart=unless-stopped \
  --network=host \
  -v /srv/homeassistant:/config \
  homeassistant/home-assistant:stable

# Open your browser and go to http://192.168.2.1:8123

Hands-on: Deploy AdGuard Home via Docker:

docker run -d \
  --name adguardhome \
  --restart=unless-stopped \
  --network=host \
  -v /srv/adguard/work:/opt/adguardhome/work \
  -v /srv/adguard/conf:/opt/adguardhome/conf \
  adguard/adguardhome:latest

LAN-to-WAN Tunneling (Reverse Proxy)

Use frp for reverse proxy / LAN exposure:

# Install frp client
opkg install frp

# Configure frpc
vi /etc/frpc/frpc.toml

serverAddr = "your frp server IP"
serverPort = 7000

[[proxies]]
name = "web"
type = "tcp"
localIP = "127.0.0.1"
localPort = 80
remotePort = 8080

# Start frp
/etc/init.d/frpc enable
/etc/init.d/frpc start

Traffic Monitoring

# Install nlbwmon (lightweight traffic stats)
opkg install nlbwmon luci-app-nlbwmon

# Or install the more powerful BanDaWidth
opkg install bandwidth

# Install real-time traffic monitoring (OpenWrt version of iftop)
opkg install iftop

# See in real time which IP is consuming the most bandwidth
iftop -i br-lan

IPv6 Support

OpenWrt's IPv6 support is very mature:

# Enable IPv6 (the LuCI interface is more intuitive for this)
# Network → Interfaces → LAN → Edit → DHCP Server → IPv6 Settings

# Command line approach:
uci set network.lan6='interface'
uci set network.lan6.device='@device'
uci set network.lan6.proto='dhcpv6'
uci commit network
/etc/init.d/network restart

Routine Maintenance

Firmware Updates

# Method 1: Via LuCI web interface
# System → Backup / Flash Firmware → Download new firmware → Flash

# Method 2: Command line
sysupgrade -v /tmp/openwrt-xxx-squashfs-sysupgrade.bin

# Update while keeping your config (recommended):
sysupgrade -c /tmp/openwrt-xxx-squashfs-sysupgrade.bin

# Fresh install (discard config):
sysupgrade -n /tmp/openwrt-xxx-squashfs-sysupgrade.bin

Backup and Restore Configuration

# Back up current config
sysupgrade -b /tmp/config-backup.tar.gz

# Restore from backup
sysupgrade -r /tmp/config-backup.tar.gz

# List backup contents
tar tzf /tmp/config-backup.tar.gz

Common opkg Commands

# Update package sources
opkg update

# Search for packages
opkg find luci-app-*

# Install a package
opkg install <package-name>

# List installed packages
opkg list-installed

# Remove a package
opkg remove <package-name>

# Clean cache
opkg clean

Troubleshooting

1. No Internet After Flashing OpenWrt

# Check if the WAN port got an IP
ifconfig eth1

# Check the default gateway
route -n

# Test DNS
nslookup baidu.com

# Manually set DNS
vi /etc/resolv.conf
# Add: nameserver 223.5.5.5

# Restart networking
/etc/init.d/network restart

2. LuCI Web Interface Unreachable

# Check uhttpd service status
/etc/init.d/uhttpd status

# Restart the web service
/etc/init.d/uhttpd restart

# Check firewall rules
iptables -L -n

3. WiFi Won't Start

# Check WiFi status
wifi status

# Regenerate the default config
wifi config

# Edit the WiFi config
vi /etc/config/wireless

# Enable WiFi
uci set wireless.@wifi-device[0].disabled=0
uci commit wireless
wifi reload

4. What If the Device Is Bricked?

Breed users: Hold the Reset button while powering on to enter the Breed Web recovery interface and re-flash
TTL serial users: Connect via serial to enter U-Boot and re-flash the firmware
TFTP recovery: Some routers support TFTP recovery mode — search for instructions specific to your model

Summary

OpenWrt is the best open-source platform for developers who want to tinker with networking. From flashing an old router to building an x86 software router, from basic DHCP/firewall setup to Docker + smart home — OpenWrt turns every router into a powerful Linux server.

Key resources mentioned in this article: - OpenWrt official site - Firmware Selector - Hardware Database - OpenWrt Forum - GitHub Repository

Recommended next reads: - Ventoy: The Ultimate Multi-Boot USB Tool — the disk-image tool you'll need before flashing - Linux File Formats Explained — understanding firmware file formats

If you found this article helpful, feel free to share it with fellow developers!

Learn OpenWrt from scratch: firmware flashing tutorials, core feature configuration, Docker power-user tips — transform any ordinary router into an all-in-one software router.