Apr 152011

About the Hardware

The TP-Link TL-WR1043ND contains a great set of hardware for its price:

CPU Ram Flash Network Gigabit USB Serial JTag
Atheros AR9132@400MHz (MIPS) 32MB 8MB 4+1 Yes 1 x 2.0 Yes Yes

Please refer to http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd#hardware for further details on the hardware.

My hardware version is (DE)v1.0.

Initial Installation of OpenWrt

(I personally used to use older stable versions, the trunk version r29557 2011-12-18, the stable 12.09, and now I’m using 14.07 on the device.)

Load the .bin image file using the Firmware Upgrade on the OEM firmware. After the upgrade the webinterface status page used to look like this (with the really old backfire relase – now it looks very different!):

TP-Link TL-WR1043ND: OpenWrt → System → General

More information (as accessed by some functions in the LuCI web interface) about the hardware:

If you want to get an idea of how to install a custom build of OpenWrt, have a look at this forum post.

Factory Reset of OpenWrt


Power up your router. When the SYS light starts to blink, press and hold the QSS button in the front-right until the blinking gets faster. Now open a telnet session to No user name or password required. From there you can mount rootfs_data user space to fix things or just erase it using

mtd -r erase rootfs_data

Basic Configuration


First Login


The basic setup of OpenWrt is:

  • IP address on the internal interface:
  • dnsmasq (DHCP daemon) running and allocating IP addresses in the range of–250
  • telnet daemon running on standard port (23)
  • dropbear (SSH daemon) not running

At first, OpenWrt has no SSH server running. So for the first time, we connect via telnet: telnet

# Set a root password:

Now disconnect (press Ctrl-D or enter exit) and you will be able to login via SSH (ssh root@ and HTTPS will be available on the WebUI.

Install required modules for WiFi

opkg update
opkg install kmod-ath9k wpad-mini

Reboot and you are ready to use WiFi!

Configuration Files

Example configuration file: https://forum.openwrt.org/viewtopic.php?pid=128345#p128345.

The good thing about the configuration system in OpenWRT is that you can change the configuration using the web interface and the changes will be reflected on the command line and vice versa. So you can choose whatever you like more and change your mind later without regretting your previous choice.

Set up the Internet Connection


In my case I have to set up the router with a static IP (on my 100Mbit Internet WAN connection).

vi /etc/config/network

and change it to this static IP:

config 'interface' 'wan'
 option 'proto' 'static'
 option 'ifname' 'eth0.2'
 option 'ipaddr'    'ww.xx.yy.zz'
 option 'netmask'   ''
 option 'gateway'   'aa.bb.cc.dd'
 #option 'broadcast' ''
 #option 'ip6addr'   ''
 #option 'ip6gw'     ''
 option 'dns'       ''  # which is the OpenDNS server
 #option 'metric'    '0'

To check if the syntax of your configuration file is OK, run:

uci show network.wan

If it is not OK, it will print something like uci: Parse error (invalid command) at line 19, byte 1.

To query the interface status of the WAN port run:

uci -P/var/state show network.wan

PPPoE / T-Online Internet / VDSL / T-Home Entertain

Here is how you set up a regular DSL connection using T-Online PPPoE:


opkg update
opkg install ppp-mod-pppoe

T-Online FAQ on the PPPoE Login Information

Set the wan interface in your /etc/config/network to the following:

config 'interface' 'wan'
        option 'proto'     'pppoe'
        option 'ifname'    'eth0.2'
        option 'username'  '<ANSCHLUSSKENNUNG><T-ONLINE-NR>#0001@t-online.de'
        option 'password'  '<INTERNET-PASSWORT>'
        option 'timeout'   '10'

And start the daemon:

/sbin/ifup.pppoe wan

If you want to use T-Home (VDSL) Entertain, have a look at this excellent German HowTo by Lappen: http://www.computerhilfen.de/hilfen-22-389919-0.html And have a look at my config settings to set up my Buffalo WZR-HP-AG300H router for T-Home Entertain.

WiFi / Wireless configuration


When you configure your TL-WR1043ND as an access point with the name yourSSID and the WPA2 passphrase thisisprivate, your /etc/config/wireless should look like this:

config 'wifi-device' 'radio0'
        option 'type' 'mac80211'
        option 'macaddr' '54:e6:aa:bb:cc:dd'
        option 'hwmode' '11ng'
        option 'htmode' 'HT20'
        list 'ht_capab' 'SHORT-GI-40'
        list 'ht_capab' 'DSSS_CCK-40'
        option 'disabled' '0'
        option 'channel' '2'

config 'wifi-iface'
        option 'device' 'radio0'
        option 'network' 'lan'
        option 'mode' 'ap'
        option 'ssid' 'yourSSID'
        option 'encryption' 'psk2'
        option 'key' 'thisisprivate'

If you want to set the transmit power, you have to give the value in dBm. See Convert between Power and dBm for more information.

Web User Interface LuCI


You get an idea of all the settings you can configure using LuCI when looking at the LuCI applications.

If you want to make the LuCI web interface faster, you can install the package luci-sgi-uhttpd and make some minor changes to the configuration.

Advanced Information


Print currently active connections

I found the hint in the function luci.sys.net.conntrack() in the file sys.lua of the LuCI code:

Connect to the OpenWrt router (via Telnet / SSH) and run:

cat /proc/net/nf_conntrack

QoS / Quality of Service

QoS via qos-scripts in the OpenWrt Wiki | Traffic Control – tc – in the OpenWrt Wiki | also nice: Tomato Tut

The qos-scripts that I’m describing here are basically just a wrapper for tc. Install qos-scripts and its web interface module like this:

opkg update
opkg install luci-app-qos

This basically installs the module luci-app-qos to configure the QoS module qos-scripts via the web interface. (The following dependent modules are going to be installed automatically too: luci-app-qos qos-scripts kmod-textsearch kmod-ipt-imq kmod-ipt-filter kmod-sched tc iptables-mod-filter kmod-ipt-ipopt iptables-mod-ipopt kmod-ipt-conntrack-extra iptables-mod-conntrack-extra iptables-mod-imq)

The LuCI module luci-app-qos actually changes the configuration file /etc/config/qos as mapped in qos.lua.

After the installation reboot the device (I pulled the plug and reconnected it).

Then open the LuCi configuration interface and go to Network → QoS: Prioritization and add an entry:

Priority Source Target Service Protocol Ports Bytes sent
priority all all all all 5060,10000

The ports are the ones used for my VoIP calls via Sipgate.

You can test the QoS rules by running your application and checking the output of the following command executed on your router at the same time:

cat /proc/net/nf_conntrack | grep -v mark=0

It should contain tracked connections where the mark is different from 0 (and are thus identified and classified packages, also see this).

It is also possible to apply QoS on VLANs: http://www.mail-archive.com/lartc@mailman.ds9a.nl/msg17009.html

Testing as proposed on http://wireless.kernel.org/en/developers/Documentation/mac80211/queues:

  1. Use ping ( with -Q option, see manpage )
  2. use iperf: iperf -S 0xE0 -c <IP>
  3. Use iptables. Example session with 2 iperf streams:
    iptables -t mangle -A OUTPUT -p tcp –dport 5000 -j DSCP –set-dscp-class "EF"
    iptables -t mangle -A OUTPUT -p tcp –dport 5001 -j DSCP –set-dscp-class "BE"

Setting up a Private DNS Server

By default, there is dnsmasq installed on OpenWrt.

I still have to figure out how to get a DNS server up and running on OpenWrt that includes master/slave functionality. This will most probably be Bind9 (as dnsmasq and MaraDNS have no such or limited slave capability).
If I’ll have a look at Bind9 some day I’m going to have another look at my other post Get your own DNS server up and running with Bind9 on Ubuntu or Debian and probably at this tutorial: http://www.mysql-apache-php.com/dns-server-tutorial.htm. More sites to consider: http://www.petri.co.il/forums/showthread.php?t=24933 http://www.knowplace.org/pages/howtos/split_view_with_bind_9_howto.php

A really good howto to set up your own TLD for local use: Authoritative only BIND nameserver for local domain (I verified it works ;-).

VPN software


tinc – Full Mesh Routing VPN

I described the setup of a tinc vpn in another post: VPN with tinc and IPv6 (Using OpenWrt Routers).


The way to go with OpenVPN is described on http://wiki.openwrt.org/oldwiki/vpn.server.openvpn.tun and in German on http://michael.stapelberg.de/Artikel/openwrt_vpn (scroll to the heading OpenVPN. Also interesting (/etc/init.d/openvpn): https://bugs.archlinux.org/task/11146?getfile=2847.

IPv6 using an AYIYA tunnel

This sections documents and describes how to get IPv6 working with an ayiya tunnel to SixXS using OpenWRT on the TL-WR1043ND. If you want to know more about IPv6 tunneling incl. a static tunnel on OpenWRT please scroll to the end of this section section for a list of useful links.
Usually a router running OpenWRT stays at the same physical location. If it has a static IPv4 you don’t need an AYIYA tunnel by SixXS because a static 6to4 tunnel would be fine. But for dial up connections with changing IPv4 addresses or if your static IP is behind a firewall, you might want to configure an AYIYA tunnel instead.

To use IPv6, we need the following modules:

  • IPv6 kernel module (always)
  • IPv6 routing software (always, to configure IPv6 routing)
  • ip6tables kernel modules (optional, if you need an IPv6 firewall)
  • ip6tables command-line tool (optional, to configure the IPv6 firewall)

So to install them all, do:

opkg update
opkg install kmod-ipv6 radvd ip kmod-ip6tables ip6tables

In addition we need some software for the dynamic tunnel with aiccu:

opkg install ip kmod-tun aiccu ntpclient

Change the order of startup scripts (so that aiccu is run after the clock has been set):

cd /etc/hotplug.d/iface
mv 40-rdate 30-rdate
mv 30-aiccu 80-aiccu

Change /etc/config/aiccu to

config aiccu
       option username         'ABC1-SIXXS'
       option password         '1234'
       option protocol         'tic'
       option server           'tic.sixxs.net'
       option interface        'sixxs'
       option tunnel_id        'T12345'
       option requiretls       '0'
       option defaultroute     '1'
       option nat              '1'
       option heartbeat        '1'

You can start it by running /etc/init.d/aiccu start and enable it to be run at startup using /etc/init.d/aiccu enable.

To check if it’s working hava look on the logfiles using logread or directly check a IPv6 ping: (ping6 sixxs.net or ping6 ipv6.google.com). When the ping is working you may reboot the box in order to make the dropbear ssh daemon listen for incoming IPv6 connections (might be that a /etc/init.d/dropbear restart is enough).

Routing via IPv6 for clients on the network

For routing IPv6 on your local network, you need to request a subnet and wait for approval. You cannot follow the steps below before you have done so (see http://www.sixxs.net/wiki/Aiccu/Installing_on_OpenWRT#Routing_2: When using a SixXS tunnel, only ::1 (the PoP) and ::2 (your endpoint) can be used as the rest is not routed!).

OK, now let’s assume you were given the subnet 2001:1234:567::/48. Then you may define any /64 thereof for your network behind the router. In this example, we pick 2001:1234:567:a000::/64 but 2001:1234:567::/64 would be fine as well.

The first thing to do is to assign the first address of your subnet to the lan interface of the router (named br-lan for the ip and ifconfig tools and lan for the uci configuration file /etc/config/network). You can do this instantaneously using

ip -6 addr add 2001:1234:567:a000::1/64 dev br-lan

To make it permanent, add the option ip6addr to the lan interface in /etc/config/network:

config 'interface' 'lan'
    option 'ip6addr' '2001:1234:567:a000::1/64'

The second step is to configure your router to forward IPv6 traffic. To do so, edit /etc/sysctl.conf and uncomment the line # net.ipv6.conf.all.forwarding=1. Afterwards restart sysctl to apply the new setting using /etc/init.d/sysctl restart.

Now its time for the third step: configure the Linux IPv6 Router Advertisement Daemonradvd. Open the file /etc/config/radvd and change some values to make it look like this:

config interface
        option interface        'lan'
        option AdvSendAdvert    1
        option AdvManagedFlag   0
        option AdvOtherConfigFlag 0
        ## the following is not needed for AYIYA tunnels:
        #option AdvLinkMTU       1280
        option ignore           0

config prefix
        option interface        'lan'
        # If not specified, a non-link-local prefix of the interface is used:
        option prefix           '2001:1234:567:a000::1/64'
        option AdvOnLink        1
        option AdvAutonomous    1
        option AdvRouterAddr    0
        option ignore           0

config rdnss
        option interface        'lan'
        # If not specified, the link-local address of the interface is used
        option addr             ''
        option ignore           1

What has been changes:

  • option ignore 0 in the the sections interface and prefix.
  • prefix set: option prefix '2001:1234:567:a000::1/64'

This configuration is sufficient to enable radvd on the router, and broadcast auto-configuration announces to the clients on LAN. You may now restart radvd using /etc/init.d/radvd restart.
Don’t forget to enable radvd at boot. You can do this on the terminal using /etc/init.d/radvd enable or in the LuCI web interface at Administration → Services → Initscripts (look for radvd and check whether it is enabled).

The last thing you would do now is to configure the firewall ip6tables http://www.sixxs.net/wiki/IPv6_Firewalling.

For further information on IPv6 tunnels on OpenWRT please refer to the following sites:

Wireless Configuration Using iw

Print statistics about the wireless interface card (not sure all of these reveal useful information):

iw dev wlan0 station dump
iw dev wlan0 survey dump
iw dev wlan0 mpath dump

Web Servers



uci set uhttpd.custom=uhttpd
uci set uhttpd.custom.listen_http=[2001:ad0:ff00:725::2]:80
uci set uhttpd.custom.home=/www1
uci commit uhttpd

Restart uHTTPd:

/etc/init.d/uhttpd restart



opkg update
opkg install lighttpd

Change /etc/lighttpd/lighttpd.conf to set the server.document-root to something different from /www/.

You might want to set the server.bind directive to listen to an IPv6 address (http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config). Unfortunately this is not supported on the shipped version of lighttpd on OpenWRT as it is built without IPv6 support (as lighttpd -V reveals).

Start on boot:

To enable/disable start on boot run /etc/init.d/lighttpd enable which creates a symlink /etc/rc.d/S90umurmur → /etc/init.d/umurmur. /etc/init.d/lighttpd disable removes the symlink again.

To start the server, run /etc/init.d/lighttpd start. To stop the server again: /etc/init.d/lighttpd stop.

Network Monitoring

Some links first:

Using Munin (MuninLite as node software on OpenWrt)


Munin is a networked resource monitoring tool that can help analyze resource trends and “what just happened to kill our performance?” problems. It is designed to be very plug and play. A default installation provides a lot of graphs with almost no work.

On OpenWRT you can use MuninLite which is a single Bourne Shell script that implements the Munin protocoll as well as some Linux specific plugins. (The motivation for developing MuninLite was to provide a simple Munin Node, using inetd on systems without a full featured Perl.):

opkg update
opkg install muninlite ethtool

A howto for Munin (on a Debian PC) can be found on http://www.howtoforge.org/server_monitoring_monit_munin.

Using SNMP

I didn’t set this up yet but here are some link I found:

Installation is something like this:

opkg update
opkg install snmpd-static

(Automatic) startup:

# Start snmpd
/etc/init.d/snmpd start
# Enable it on system startup
/etc/init.d/snmpd enable

The configuration is located in /etc/config/snmpd. Unfortunately it’s not documented at all yet: http://wiki.openwrt.org/doc/uci/snmpd.

Via NetFlows with fprobe

On the OpenWRT install and run the libpcap-based fprobe tool:

opkg install fprobe
fprobe -ibr-lan

Where is the machine to which you want to send the information.

Can be displayed via ntop using the NetFlow plugin http://www.ntop.org/netflow.html.

Jumbo Frames (MTU > 1500)

The built in switch is a RealTek RTL8366RB 5-port Gigabit switch. The Realtek 8366RB in general supports Jumbo Frames but the SoC (processor) does not !

Unfortunately the existing patch to make the switch accept larger MTUs has not been applied to the driver file rtl8366rb.c in mainline yet. If it had been, the router could connect devices that use larger MTUs (but the jumbo frames – extra large IP packages – still couldn’t pass the router via WAN).

Controlling the Switch


The switch configuration tool swconfig can be used to control information such as the speed, the port status, (full/half duplex mode etc. of the physical switch ports (as ethtool for normal network interfaces) and much more.

Usage examples:

  • LEDs:
    swconfig dev rtl8366s port 0 set led 2
  • Show current configuration swconfig dev rtl8366rb show

Also check this (invalid) bug report about VLAN trunking and bridging (and also check the the solutions being discussed in the comments): https://dev.openwrt.org/ticket/8701.

Here are some more commands to check the status of the switch chip:

swconfig dev rtl8366rb vlan 1 show
swconfig dev rtl8366rb vlan 1 get info
swconfig dev rtl8366rb vlan 1 get ports
swconfig dev rtl8366rb port 1 show
swconfig dev rtl8366rb port 1 get link
swconfig dev rtl8366rb port 1 get led
swconfig dev rtl8366rb port 0 get mib
swconfig dev rtl8366rb port 1 get pvid
# or for kernel VLAN info:
ls /proc/net/vlan
cat /proc/net/vlan/config
cat /proc/net/vlan/eth0.1

More VLAN configuration options for the switch can be found in this Polish blog post: http://rpc.one.pl/index.php/lista-artykulow/34-openwrt/81-konfiguracja-switch-vlan-na-podstawie-swconfig-w-routerze-wr1043nd-pod-openwrt

If you want to use VLAN IDs bigger than 15 you have to enable 4K VLAN on the switch:

swconfig dev rtl8366rb set enable_vlan4k 1

If you want to set the 4K VLAN enable flag permanently, add option enable_vlan4k '1' to your /etc/config/network section concerning the switch:

config switch
    option name 'rtl8366rb'
    option reset '1'
    option enable_vlan '1'
    option enable_vlan4k '1'

Some project related to that switch: http://wiki.freebsd.org/StefanBethke/EtherSwitch.

VLANs over WiFi

As I understand it, VLAN trunking is not supported via WiFi. But you basically don’t need it because you can create multiple wireless networks with different SSIDs and bridge them with the VLANs configured in your router. A good resource is the OpenWrt forum post VLAN trunk over WIFI.

If you want to set up a guest VLAN, read http://wiki.openwrt.org/doc/recipes/guest-wlan.

hostapd has some support for dynamic VLANs. Read more about it for use on OpenWrt on Dynamic VLAN OpenWrt using hostapd (Polish blog post).


Read http://wiki.openwrt.org/doc/uci/multiwan for information on how to set up multi- or dual-wan on OpenWrt.

A nice new package for multi-wan, read the OpenWrt forum thread New package: mwan2.

For the regular Multi-WAN you need the following packages:

opkg update && opkg install multiwan luci-app-multiwan

Switch external device using the GPIO pins of the SoC

You can use the general purpose input/output pins of the SoC to switch external devices. The use of GPIO 5 and 20 is shown for a I2C connection on http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd#i.c.gpio.mod.

Syslog: Send Log Messages To Remote Machine

It’s really simple: just set the log_ip option in the section config 'system' in your /etc/config/system:

config system
        option hostname 'OpenWrt'
        option timezone 'UTC'
        option log_ip ''

If you want to know how to set up a remote host to receive the log messages, read my blog post Setting Up A Log Host for Syslog.

Fixing Bogus NXDOMAIN queries

In the case that the DNS servers you chose returns web pages when you browse to a nonexistent page, you can use dnsmasq.conf to block the bogus pages.

echo "bogus-nxdomain=" >> /etc/dnsmasq.conf
/etc/init.d/dnsmasq restart

Where is the domain being revealed when you try to resolve a non-existing domain name (like al12as.com ) using a tool such as dig or host.
See the dnsmasq man page or its FAQ for more information ( → search page for bogus-nxdomain).

Wake on LAN / WoWLAN

  • etherwake
    opkg description: You can wake up WOL compliant Computers which have been powered down to sleep mode or start WOL compliant Computers with a BIOS feature. WOL is an abbreviation for Wake-on-LAN. It is a standard that allows you to turn on a computer from another location over a network connection. ether-wake also supports WOL passwords.
  • wol
    opkg description: wol implements Wake On LAN functionality in a small program. It wakes up hardware that is Magic Packet compliant.

This section on wake on lan is still work in progress.

WOL using Python: http://code.activestate.com/recipes/358449-wake-on-lan/

Apple: Wake on WiFi / Wake on Demand

Other usefull OpenWrt packages

  • iodined
    iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where Internet access is firewalled, but DNS queries are allowed. More information on http://code.kryo.se/iodine/.
  • updatedd
    opkg description: Updatedd is a small tool that will update one of many dynamic dns services on boot. Please look at the /etc/init.d/ddns script for more info.
  • aoetools
    opkg description: The aoetools are programs for users of the ATA over Ethernet (AoE) network storage protocol, a simple protocol for using storage over an ethernet LAN. The vblade program (storage target) exports a block device using AoE.
  • tcpdump
    opkg description: Network monitoring and data acquisition tool
  • iperf
    opkg description: Iperf is a modern alternative for measuring TCP and UDP bandwidth performance, allowing the tuning of various parameters and characteristics. This package is built with single thread support.
  • dsniff
    opkg description: A collection of tools for network auditing and penetration testing. See http://www.enterprisenetworkingplanet.com/netos/article.php/3564471 fore more information.
  • iptraf
    IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts.

More on bandwith monitoring can be found in OpenWrt’s wiki article on Bandwidth Monitoring (for example bandwidthd).

Extend the root file system size

opkg update && opkg install block-mount kmod-usb-core kmod-usb2 kmod-usb-ohci kmod-usb-storage kmod-fs-ext4

The USB drive was recognized as /dev/sda:

mkfs.ext4 /dev/sda1
mount /dev/sda1 /mnt
mkdir /tmp/cproot
mount --bind / /tmp/cproot
tar -C /tmp/cproot -cvf - . | tar -C /mnt -xvf -
sync ; umount /mnt
umount /tmp/cproot

Now add the new USB stick root file system to your /etc/config/fstab:

config mount
        option target /
        option device /dev/sda1
        option fstype ext4
        option options rw,sync
        option enabled 1
        option enabled_fsck 0

And enable and restart fstab / activate the new mounts:

/etc/init.d/fstab enable && /etc/init.d/fstab start

Mount a USB Pen Drive – USB Storage

Attention!! If you already enabled extroot (see section above) you have to use a different partition of your USB pen drive or a different USB port (which the TL-WR1043ND doen’t have) for another pen drive to use as USB storage!

The recommended file systems for usb drives are ext2, ext3, or ext4. I prefer ext4 as it is the latest one but very mature at the same time. I was formatting the pen drive on an Ubuntu based computer using gparted but you can also do it on the router.

Now get the requirements and mount the partition /dev/sda of a USB pen drive to /mnt/sticky:

opkg update && opkg install kmod-usb-storage block-mount kmod-fs-ext4
mkdir -p /mnt/sticky && mount -t ext4 /dev/sda1 /mnt/sticky -o rw,sync

You can add this to the UCI interface of the fstab file system mount configuration file:

config 'mount'
    option 'device'       '/dev/sda1'
    option 'options'      'rw,sync'
    option 'enabled_fsck' '0'
    option 'enabled'      '1'
    option 'target'       '/mnt/share'

And enable and restart fstab / activate the new mounts:

/etc/init.d/fstab enable && /etc/init.d/fstab start

Firefly Media Server – mt-daapd

mt-daapd is a nice media server for iTunes. Installing it is as easy as:

opkg update && opkg install mt-daapd

The configuration file is /etc/mt-daapd.conf (no UCI config file). Enable and start it using /etc/init.d/mt-daapd enable && /etc/init.d/mt-daapd start. I wrote more about the configuration options on this blog post.

Start in debugging mode using

/usr/sbin/mt-daapd -f -d 9 -c /etc/mt-daapd.conf

An alternative: forked-daapd.

vnStat traffic counter

Official Website: http://humdi.net/vnstat/
Howto for OpenWrt: http://wiki.openwrt.org/doc/howto/vnstat

Installation and setup:

opkg update
opkg install vnstat
mkdir -p /var/lib/vnstat

Then either configure everything using OpenWrt’s uci and startup system:

Check your /etc/config/vnstat. It should look something like this (where br-lan is your local network and 3g-wan a 3G wan connection):

config vnstat
        list interface 'br-lan'
        list interface '3g-wan'

This is the configuration for the vnstatd daemon started by /etc/init.d/vnstat. The config file for vnstat itself is /etc/vnstat.conf. Enable the data capture and start the service:

# enable automatic start at boot time
/etc/init.d/vnstat enable
# and start now:
/etc/init.d/vnstat start

Or configure everything manually:

# get the name of your WAN interface (in my case it is eth0.2):
uci -P/var/state show network.wan.ifname

# Start watching the WAN interface eth0.2 and the internal bridge: br-lan
vnstat -u -i eth0.2
vnstat -u -i br-lan
# If you are watching more than one interfaces as done above, you also have to
# set a sensible value for the default interface in the config file /etc/vnstat.conf:
#  Interface "br-lan"

# Add the command to update the vnstat db to cron:
echo "*/5 * * * * vnstat -u" >> /etc/crontabs/root
/etc/init.d/cron enable && /etc/init.d/cron restart

Now to display the stats, simply run vnstats (but before that you may need to have some traffic first and run vnstat -u if cron didn’t already do so).
For the daily statistics for the WAN interface run:

vnstat --days -i eth0.2

You may also be interested in darkstat (its OpenWrt package )

USB Audio Support

You may read the Wiki article USB Audio Support.

opkg update && opkg install kmod-usb-audio kmod-sound-core alsa-utils librt
## opkg refused to install kmod-usb-audio:
## > Not downgrading package kernel on root from 3.2.5-1-1372605cf58ad19e8d6ed5efaef392b1 to 3.2.5-1-052105d28b13fe66fa50bc364414616f.
## So I forced it to:
opkg install kmod-usb-audio --force-downgrade

Sound works perfectly with my Behringer U-Control UCA202 USB sound card.

A nice and easy way to play mp3 streams from the internet:

wget -O - | madplay -

If you’re using Linux computers you may want to use the router as a PulseAudio Server: PulseAudio in the OpenWrt Wiki.

Install the Music Player Daemon – MPD

opkg install mpd
vi /etc/mpd.conf

Use mpd with radio stations on the internet: mpd with curl and m3u lists of mp3 online radio stations.

Saving a Backup of the List of Your Installed Packages

WHEN=$(date +"%Y-%m-%d_%H-%M")
opkg list-installed > $FILE
echo "Package List saved to $FILE"

Transfer it to your computer:

scp root@ ./

If you want to strip the version information from the package names in each line, pipe the file through | awk '{print $1}'.

Creating a Backup of your Configuration Folder /etc/

Just adopt this to your router’s IP and run it on your local computer:

HOST= # ← your router's IP
WHEN=$(date +"%Y-%m-%d_%H-%M")
ssh root@$HOST "tar -zcvf $FILE /etc"
read -p "Created the backup file on the router. Press [Enter] to transfer it to your local machine."
scp root@$HOST:$FILE ./
echo "Created backup file $(basename $FILE). It contains the files found in the configuration folder /etc on the router $HOST."

Webcam Streaming

Installing mjpg-streamer on OpenWrt is easy:

opkg install kmod-video-uvc mjpg-streamer
ls /dev/video*
# test it:
mjpg_streamer -i "input_uvc.so -d /dev/video0 -y" -o "output_http.so"
# change the configuration:
vi /etc/conf/mjpg-streamer
# ^ I changed the settings to enabled: 1, resolution: 960x720, fps: 15
# start on boot:
/etc/init.d/mjpg-streamer enable
# start mjpg-streamer right now:
/etc/init.d/mjpg-streamer start

Now you can open the stream on:

More info on mjpg streamer in my other blog post.


VN:F [1.9.22_1171]
Rating: 9.1/10 (16 votes cast)
OpenWrt on a TP-Link TL-WR1043ND Gigabit Router, 9.1 out of 10 based on 16 ratings

Related Posts:

  54 Responses to “OpenWrt on a TP-Link TL-WR1043ND Gigabit Router”

  1. […] From there, I just followed the OpenWrt setup similar to my blog post on OpenWrt on the TP-Link TL-WR1043ND router. […]

  2. Hi Philipp,

    I have followed your instruction and get the install successfully to my 1043ND ver. 1.8. I installed the stable and the rc4 versions. All my network interfaces have the same MAC address, I am not sure what you have at your router. Can you check it for me?

    Below is the info from my router:

    root@cod_zombies:/# ifconfig
    br-lan    Link encap:Ethernet  HWaddr F4:EC:38:DF:CB:06
              inet addr:  Bcast:  Mask:
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:1748 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1548 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:123198 (120.3 KiB)  TX bytes:762894 (745.0 KiB)
    eth0      Link encap:Ethernet  HWaddr F4:EC:38:DF:CB:06
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:1992 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1581 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:182917 (178.6 KiB)  TX bytes:773212 (755.0 KiB)
    eth0.1    Link encap:Ethernet  HWaddr F4:EC:38:DF:CB:06
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:1748 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1548 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:130190 (127.1 KiB)  TX bytes:769086 (751.0 KiB)
    eth0.2    Link encap:Ethernet  HWaddr F4:EC:38:DF:CB:06
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:0 (0.0 B)


    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • Hi Gene, yes, it’s the same on my router.

      br-lan    Link encap:Ethernet  HWaddr 45:E6:FC:AF:3B:1E
      eth0      Link encap:Ethernet  HWaddr 45:E6:FC:AF:3B:1E
      eth0.1    Link encap:Ethernet  HWaddr 45:E6:FC:AF:3B:1E
      eth0.2    Link encap:Ethernet  HWaddr 45:E6:FC:AF:3B:1E
      mon.wlan0 Link encap:UNSPEC  HWaddr 45-E6-FC-AF-3B-1E-00-00-00-00-00-00-00-00-00-00
      wlan0     Link encap:Ethernet  HWaddr 45:E6:FC:AF:3B:1E

      Is this a problem for you?

      VN:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
      • Hi Philipp,

        I am not too sure it is a problem or not, but here is the bug track :


        so everything is working??

        B/R Gene

        VA:F [1.9.22_1171]
        Rating: 0 (from 0 votes)
        • Well, yes. I could not find any problem concerning the network yet. I see the same behaviour on my Asus WL 500g Premium v1 running OpenWrt:

          root@OpenWrt:~# ifconfig | grep HWaddr
          br-lan    Link encap:Ethernet  HWaddr 00:22:15:3C:27:C4
          eth0      Link encap:Ethernet  HWaddr 00:22:15:3C:27:C4
          eth0.0    Link encap:Ethernet  HWaddr 00:22:15:3C:27:C4
          eth0.1    Link encap:Ethernet  HWaddr 00:22:15:3C:27:C4
          mon.wlan0 Link encap:UNSPEC  HWaddr 00-22-15-3C:27-C4-00-00-00-00-00-00-00-00-00-00
          wlan0     Link encap:Ethernet  HWaddr 00:22:15:3C:27:C4

          VN:F [1.9.22_1171]
          Rating: 0 (from 0 votes)
    • HI, Philipp,

      It is a problem for me to have the same MAC addresses. Could you please tell me how to configure them to different MAC addresses? especially for WAN.


      VA:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
      • Hi Truman, unfortunately, I currently have no access to my TP Link TL-WR1043nd and connot play with it. I recommend you search the OpenWrt forum using Google for change wan mac address 2011 where you can find useful threads, such as maybe this one.

        If you find out how to do it, I would be pleased to hear back from you though!

        VN:F [1.9.22_1171]
        Rating: 0 (from 0 votes)
        • Thanks for reply. I found they have added “how to modify MAC address” in openwrt wiki. but I will not try that recently. the documentation in openwrt is a mess. They just made that for developers not for users. I would not like to take the risk and try again. at least not recently.

          VA:F [1.9.22_1171]
          Rating: 0 (from 0 votes)
          • Truman – think this through logically – devices use MAC addresses on an L2 network to find other devices. Why would it need to talk to itself? Why would two connections be connected to the same network (unless they were bonded/bridged, in which case it doesn’t matter)?

            Devices have used the same MAC addresses on multiple interfaces for years. It’s more efficient and provides a single MAC-level identifier for a machine. In short, no it is not a problem.

            VA:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
  3. Curious, how did you configure (enable) the wireless for this? I haven’t been able to figure out the commands for Telnet/SSH or where to do it in the LuCI GUI.

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • Doh, that’s twice today I’ve been reminded, “When all else fails, reboot” X_X

      After a reboot (after doing your driver install command), everything shows up under wifi.

      VA:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
      • Hi lizaoreo, you’re right, I should mention the need for a reboot after the package installion in the section Install required modules for WiFi. Regards

        VN:F [1.9.22_1171]
        Rating: 0 (from 0 votes)
  4. Good job! We got to keep the OpenWrt community up by writing instructions, documentation and provide help to the users. I decided to write a German installation tutorial as I received many requests for it. Maybe you’re also interested in it: http://www.kammerath.net/openwrt-tp-link-wr1043nd-installieren.html



    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  5. […] A quite new and powerful alternative to the TP-Link TL-WR1043ND running OpenWrt is the Buffalo WZR-HP-AG300H […]

  6. Philipp,

    Very good write up!! Thanks in advance.

    I just bough the wr1043nd, but was disappointed by wifi performance of DD-WRT (could never achieve true wifi N) and reverted back to stock firmware. The factory firmware give me throughput of 80Mbps on wifi.

    Do you have any comparison of Wifi and LAN throughput? I would really like to switch over to OpenWrt.

    Thanks, Jay

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • Hi Jay! Sorry, I didn’t respond earlier. I didn’t test any throughput so far. This is probably due to the fact that I’m satisfied with the way it is (I’m having a 100Mbit Internet connection and the TP-Link can deliver full performance – oviously – on this WAN port. On the LAN side I don’t have any NAS connected and thus throughput is not a problem for me. I will, however, test throughput soon with two computers (for WiFi as well). Stay tuned! Philipp

      VN:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
  7. Hi philip.. Nice Tutorial..!! Hmm now, I got problem when I went to Install Asterisk packet on backfire with TPlink TL WR1043ND. Do you have a tip or tutorial about integrated Asterisk on back fire ??

    Thx before..

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  8. Hallo Philipp. Mit grossem Interesse habe ich Deinen Artikel (und auch den von Jan Kammerath) gelesen. Danke, prima Arbeit! Dies war auch der Grund fuer den Kauf eines TP-Link TL-WR1043nd. Habe den auch so mit OpenWRT konfiguriert wie Du es beschrieben hast. Das Hauptziel fuer diese Aktion war die Erhoehung der Sendeleistung.
    Nach anfaenglichen Schwierigkeiten (Linux) klappte das auch alles und ich kam ins Internet sowohl per WLan als auch per LAN. Leider brachten die Parameter country US und txpower 20 od. auch 27 nicht die erhoffte Erhoehung der Sendeleistung. Irgendwie merke ich ueberhaupt keine Aenderung. Habe unter Linux mit iwconfig geprueft und gesehen, dass der TP-Link immer mit 15 dBm sendet. Unter inSSIDer2 sehe ich auch keinerlei errhoehtes/besseres Signal.

    Hardware: TP-Link WR1043ND(DE) Ver:1.0
    Notebook mit Intel Centrino Advanced-N 6200 AGN

    Folgende Module habe ich installiert:

    openwrt-ar71xx-tl-wr1043nd-v1-squashfs-factory.bin (backfire/10.03/ar71xx)
    wpad-mini_20100309-1_ar71xx.ipk (wozu eigentlich?)

    Leider bin ich in Linux nicht so fitt, so dass ich mich nur auf gute Anleitungen stuetzen kann.

    Kannst Du mir einen Tip geben was da noch fehlt oder warum ich die Sendeleistung nicht erhoeht bekomme?

    Was ich letztlich benoetige ist:

    1. erhoehte Sendeleistung, damit ich mein Haus versorgen kann
    2. Gigabit Ports
    3. WOL Funktionalität
    4. stabile WLAN Versorgung.

    Herzlichen Dank im Voraus und schoene Gruesse, Frank Hartmann

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • Hallo Frank, freut mich, dass der Blog-Post nützlich für dich war (und ist). Eine gezielte Erhöhung der Sendeleistung war bei mir nicht der Beweggrund und deshalb steht dazu auch fast nichts in meinem post. Allerdings hat sich ein anderer Blogger im Blog “Aspire Gemstone” vor kurzem eingehender mit dem Thema beschäftigt — die Links zu seinen 4 Blogs zum TL-WR1043ND und einen weiteren zu seiner eigenen OpenWrt Version findest du oben unter ‘Resouces’. In dessen vierten Blog Post zum TP-Link wird dort beschrieben, wie an der Sendeleistung geschraubt werden kann. In diesem Beitrag wird allerdings eine neuere Version von OpenWrt konfiguriert. Ob die Konfigurationsdatei auch auf der älteren Version läuft, weiß ich nicht. Einen aktuellen ‘custom build’ von OpenWrt für den TL-WR1043ND gibt es in diesem Blog auch zum herunterladen. Ich gehe übrigens davon aus, dass bei der von mir installierten ‘stabilen’ OpenWrt-Version die Veränderung der Sendeleistung des Routers schon einen Effekt hat, da ich bei reduzierter Leistung bei mir in der Küche zuletzt keinen WLAN-Empfang mehr hatte.

      Meine persönliche Reihenfolge der Optimierung, wenn es die Erhöhung der Reichweite geht:

      1. Weitere(n) Router aufstellen
        1. mit LAN-Kabel mit dem Netzwerk verbunden (also als “Access Point” genutzt).
        2. Wenn kein Kabel in Frage kommt, kann ein Router auch im Wireless Bridge Modus betrieben werden. Das habe ich mit dd-wrt Firmware basierten Linksys WRT54GL jahrelang im Einsatz gehabt.
      2. Bessere Antennen
        1. kaufen oder
        2. selberbauen.
      3. Die Sendeleistung erhöhen.

      Kommt nur Punkt c. für dich in Frage?

      Viele Grüße, Philipp

      VN:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
      • Hallo Philipp, danke für die Antwort. Ich bin neu auf den OpenWRT Gebiet und will nur etws herumprobieren. Habe eben gelesen, dass man mit rel. geringen Mitteln (OpenWRT und etwas Geduld) einiges aus dem Teil herausholen kann. Werde das einfach mal durchprobieren. Danke für die Links. Muss erst mal lesen.

        Viele Grüsse, Frank

        VA:F [1.9.22_1171]
        Rating: 0 (from 0 votes)
    • hi,

      After installing custom firmware for tp-link tl-wr841nd ver:8.1 (europe), the router does not respond in anyway. What can I do?


      VA:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
  9. Hi there, thanks for this tutorial. I’ve now a working config but need some help setting up vlan…I initially installed DDWRT but figured out it couldn’t support vlan on atheros chips. Could someone please drop me some lines on how to bridge one of the LAN ports with the WAN, so that the device connected to this lan port should receive it’s IP address from the ISP (an idtv is connected to this port? Other ports should act normally. I’ve tried to figure out how to configure VLANS but I’m quite a beginner with openwrt and screwed up several configs without any success! Thanks in advance.

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • Well, the simplest solution would be to add a switch to your networking setup: put it in between the ISP and the WAN port and also connect your idtv (whatever that is) to the switch. This way you won’t be able to include the idtv in your local network. And this requires that your ISP is able to assign two IPs to you: one for the idtv another to your WAN port of the router.

      Could you please clarify what your ultimate goal is for the setup and what kind of ISP and connection you have.

      VN:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
      • Thanks for your answer Philipp. The setup you suggested is OK, but the ultimate goal here is to avoid adding another device (here, a switch) to the config.. furthermore, this switch would be used only for excluding one idtv from the rest of the network. So only 3 cables on the switch : modem (cable modem), idtv, router. My idea is to configure 2 vlans on the router : one for idtv, one for the router. Should work on any vlan enabled router, but here I’m quite confused with openwrt config.

        VA:F [1.9.22_1171]
        Rating: 0 (from 0 votes)
        • OK, so you are using a cable modem (which includes a DHCP server, right?) and you are OK with the fact that the idtv will be isolated from the rest of your network (if not, check the OpenWrt DMZ HowTo).

          I personally have never worked on a VLAN setup as the one that you described. But from what I read on OpenWrt Doc: uci→network→switch and tl-wr1043nd switch ports for vlans I think you should be able to reach your goal as the used Realtek 8366RB switch seems to quite flexible.

          The easy solution seems to be:

          1. Change the config 'switch_vlan' section in your /etc/config/network to configure two outside ports of the TP-Link as WAN ports:
            option 'ports' '1 2 3 4 5t'option 'ports' '2 3 4 5t' and
            option 'ports' '0 5t'option 'ports' '0 1 5t'

          This way you didn’t add another vlan to your setup but just extended the (bridged) vlan for your WAN port to another port on the switch (#1).

          In a different setup, you could define another VLAN for the idtv and bridge it to the vlan of your wan port:

          1. Add a config 'switch_vlan' section to your /etc/config/network to configure one of the switch ports as an additional vlan.
          2. Add that new vlan to a bridge with the WAN interface vlan ( eth0.2 ).
          3. (Possibly you would need to assign another interface identifier name to the bridge and update all configuration settings accordingly but I’m not sure about this!!!)

          This setup would be similar to the one described here or here.

          I didn’t test the setups described here but the general way I described should work! Happy hacking!

          VN:F [1.9.22_1171]
          Rating: 0 (from 0 votes)
          • Hi Philip. The first solution you suggested worked like a charm. Couldn’t have imagined it was so simple… Many thanks !

            VA:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
        • Hi Philipp, I have the same problem and your tutorial has been very helpful so far. I am also very new and very unfamiliar with cli. I’m able to open the config file and edit it. vi(m) /etc/config/network, but I don’t seem to be able to save the file. Got a tip?

          VA:F [1.9.22_1171]
          Rating: 0 (from 0 votes)
          • Nevermind, I overlooked the “:”. Thanks anyway for the effort of writing such a good tutorial.

            VA:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
          • Hi Wim! I’m glad the instructions were useful and also that you found out how to use vim ;-) Philipp

            VN:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
          • I created a new problem by doing this. The lan port I bridged (1) with the wan port works fine, but the other lan ports (2,3,4) refuse to give access to the internet. I can connect to the router with (2,3,4)&, but that’s about it. I don’t know what the possible might be. DHCP is enabled… I receive a private address 192.168.1.*. Dhcp server and standard gateway are the same address as my router’s ip. Any clue what might have gone wrong, Philipp?

            VA:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
          • Well – are you sure, your WAN port received an IP address as well (from your cable modem)? You can check this using the luci web interface or via the command ifconfig eth0.2 on the OpenWrt command line.
            The command ip route should show you how the router routes packages to the internet and it should reveal an entry such as default via dev eth0.2 where should be the IP of your cable modem.

            VN:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
          • To make maters worse. I changed my router’s ip to dhcp under the assumption that perhaps my lan ports didn’t receive a propper ip address. Now I’m unable to access my router. Resetting the router doesn’t seem to work. Failsafe mode or tftp? phew

            VA:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
          • Sorry to hear that! Well, the factory reset via failsafe mode worked well for me and is easier than re-flashing via tftp. And please note that you should be able to get your system back working from failsafe mode without resetting to factory defaults by first mounting your root partition using mount_root and reverting your changes to the configuration (setting the WAN IP to DHCP).

            VN:F [1.9.22_1171]
            Rating: 0 (from 0 votes)
  10. Hi Philipp, great work on the article :) I do, however, have a small problem with the setup, and I was wondering if someone could help me out: my wireless interface is missing :( I have a 1043ND v1.6, with openwrt-ar71xx-tl-wr1043nd-v1-squashfs-sysupgrade.bin, and I’ve tried to install the modules – it went well. I can’t seem to find it in output of lsmod, or ifconfig -a. I assume it contains “ath” in the name of the module?

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • I managed to get it working. Tried resetting it, and then flashing again with the same firmware. For some reason, I got locked out from it, and 30/30/30 didn’t work, so I rebooted it into failsafe mode, and did a “mtd erase OpenWrt;”, installed the modules, and configured the rest of it. Hope it helps someone experiencing similar simptoms :)

      VA:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
  11. Hi nice and full understandable tutorial thanks. Nevertheless I have a small problem with my router. If a usb-device is connected (never mind is it a usb-stick or a CUL radio transmitter for house automation) and I reboot or power -up the router I have no access to the Internet. Only if I unplug the device and reboot again access to the Internet is available. After that I can plug-in the usb-device and everything work fine. The configuration for the network is the basic configuration as it comes after flashing the router. Do somebody know what could the problem?

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  12. Hi Philipp, thanks for this great article. i already test my openWrt to dial using HSPA/ 3g GSM USB modem, the result is success. but i have a trouble when using Evdo/cdma USB-modem. This is my configuration :

    vi /etc/config/network

    config 'interface' 'USB_EVDO'
            option 'proto' '3g'
            option 'service' 'evdo'
            option 'username' 'm8'
            option 'password' 'm8'
            option 'device' '/dev/ttyUSB0'

    thank you,. :)

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  13. great breakdown, thanks for sharing

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  14. […] For more installation tricks check my other post OpenWrt on a TP-Link TL-WR1043ND Gigabit Router. […]

  15. Hi Phillipp,

    Any idea on how I could configure open wrt for rdp?


    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • What exactly are you talking about? Do you mean the Remote Desktop Protocol – RDP? If so, is it about port forwarding on the router to be able to “remote into your Windows machines” at home? If this is the case, I can’t really help because I don’t operate any Windows based computers. You should state your question more precisely and probably ask it again on https://forum.openwrt.org/ ;-)

      If your question is about port forwarding then the answer might be as simple as https://forum.openwrt.org/viewtopic.php?pid=136298#p136298 .

      VN:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
  16. Will you have a build that will allow forcing half duplex and link speed? I think there is a patch out there but for us newbies would be great to have. thanks

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  17. Really nice job! I’m think about buying the TL-WR1043ND these days… Could you maybe tell me if it is possible to set it in Client Router mode to support a WISP connection and connect wireless to the WR1043 from my local computer(s)?

    I know you could do it with the WR743 & WR843:

    Client Router Mode – WISP Client

    TP-LINK’s TL-WR843ND is designed to be set in Client Router mode as its default wireless mode to support a WISP connection. When it works as a WISP client device to access the Internet, local computers can connect to TL-WR843ND via wireless or cables.

    Thank you very much!

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
    • Hi noob! Well, I can’t tell you about the Firmware it comes with. With OpenWrt, I used it to connect to a wireless network once but that had no encryption. I set up another SSID on the same WiFi device for other computers to connect to. That worked well.

      I would, however, recommend to consider buying the newer model WDR4300. It has 4x more RAM, a bigger CPU and simultaneous dual band WiFi.

      Merry Christmas!

      VN:F [1.9.22_1171]
      Rating: 0 (from 0 votes)
  18. Hi Klaus,

    this is another Klaus ;-) First of all: Amazing Blog!! Very cool Information + cute and eye friendly design 8-)

    I have installed OpenWrtTP | OpenWrt Attitude Adjustment 12.09-beta2 | Load: 0.16 0.05 0.06 Found it as an image here (http://wiki.openwrt.org/toh/tp-link/tl-wr1043nd) and used the Webinterface to flash it.

    Now I read, that my hardware version is 1.0 and Attitude Adjustment only suggested for version 1.1. Do You think, I should install Backfire? I did not have any problems during usage.

    But there are two really bad issues: 1. I was not able to make a 2nd WLAN Interface for guests, as is described on the wiki 2. neither wol nor etherwake are working after installation I started tcpdump -evvvvXXXXnnS ether dst FF:FF:FF:FF:FF:FF on the router –> No packeges are sent. When I send the wol from my Macbook with WakeOnLan.app, I can see the packages with tcpdump on the router and the PC awakes. It looks like the wol of openwrt does nothing.

    Might this be a problem of my 1.0 Hardware? Any hints?

    Thanx a lot


    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  19. […] This post is still work in progress. Until there is more information here, you may check out my post on the TP-Link WDR4300 and the quite elaborate post on the TP-Link TL-WR1043ND[…]

  20. Hi, I have a special Problem. I get Internet with a Wlan device (psk2) und with a Lan cable. i can install for example a extra alpha extra USB stick for this. But how to set than config files for this use. The router that give the internet have no AP functionality. Any ideas about the config?

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  21. Wow, great post! Too bad I found it after I painstakingly scraped together the info and managed to configure mine. :( To be precise I’m almost ready, but have a little problem with restricting the ssh access. The limiting connection frequency command is not working, and as a step in troubleshooting I disabled all firewall rules about accepting packets on the wan side ssh port, but still able to access the router from the wan! Can you point me, where else should I look for the cause of the accept?

    I have checked /etc/firewall.user and /etc/config/firewall. The dropbear config looks like this:

    config dropbear
        option PasswordAuth 'on'
        option Port '4658'
        option Interface 'lan'
    config dropbear
        option PasswordAuth 'on'
        option Port '4658'
        option Interface 'wan'

    Thanks in advance very much!

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  22. Ha, managed to work it out! The whole firewall was open because of a wrong ruleset. :/

    These commands work for me to limit ssh connections:

    iptables -t nat -A prerouting_wan -p tcp --dport 22  -m state --state NEW \
      -m recent --name ATTACKER_SSH --rsource --update --seconds 180 --hitcount 5 -j DROP
    iptables -t nat -A prerouting_wan -p tcp --dport 22  -m state --state NEW \
      -m recent --name ATTACKER_SSH --rsource --set
    iptables        -A input_wan      -p tcp --dport 22  -m state --state NEW -j ACCEPT
    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  23. Hi,

    I have a gigabit connection to internet from my ISP. Using the default firmware on router I have speed up to 650-700 Mbps. After I flashed openwrt and configured pppoe connection on wan port I reached a maximum of 200 Mbps.

    Any ideas why?


    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)
  24. Hi Everybody!

    Am i the only one here with no gigabit link on the switch? It’s not even advertised from the router as i see on linux with ethtool :S Any solution to this?

    VA:F [1.9.22_1171]
    Rating: 0 (from 0 votes)

 Leave a Reply



You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>