The OpenWrt development team has announced the first stable version of the new OpenWrt version 21.02 which is now available. This new version incorporates more than 5,800 changes compared to the previous OpenWrt 19.07 version and has been in development for approximately a year and a half. OpenWrt is an open source project that allows you to install your firmwares on a large number of home routers, with the aim of replacing the manufacturer’s firmware and having many more advanced configuration options. Do you want to know all the changes that have been made in this new OpenWrt 21.02 version?
Main changes in this new version OpenWrt 21.02
In this new version of OpenWrt 21.02, the WPA3 security protocol has been introduced by default, although this protocol was already compatible with version 19.07, the firmware did not offer it by default, having to manually install different packages. With this new version, all the necessary packages to have WPA3 in our router are already installed at the factory. In addition, WPA3 is compatible with most of the WiFi controllers in this firmware, so we can use it without problems.
This release has improved TLS and HTTPS support , now TLS support is provided by default in firmware images, including Mozilla trusted CA certificates. This means that both wget and opkg now support downloading packages over HTTPS out of the box, and will always default to HTTPS to provide data confidentiality, authenticity, and integrity. The firmware has changed from mbedTLS to wolfSSL as the default SSL library, although both mbedTLS and OpenSSL can be installed manually in the firmware.
Now LuCi is also available via HTTPS , in addition to HTTP of course. With a clean installation of the firmware we will not have automatic redirection to HTTPS, but if you update from previous versions like 19.07 we will have the redirection. In the event that you want to activate or deactivate the redirection, you can do it in the following way:
uci set uhttpd.main.redirect_https=1 # 1 para habilitar redirección, 0 para deshabilitar
uci commit uhttpd
service uhttpd reload
Finally, another very important change is the incorporation of initial support for DSA (Distributed Switch Architecture) , it is the Linux standard for working with manageable switches. This feature replaces the swconfig system that we had so far in OpenWrt, but it has not yet fully transitioned, some devices use DSA and others still use swconfig. This change is very important when managing switch ports and VLANs.
Routers compatible with the new version
OpenWrt includes compatibility with a large number of home routers, in order to have all the advanced configuration options that a home router should have for advanced users. In many cases, an update from OpenWrt version 19.07 to the new OpenWrt version 21.02 is allowed with the help of the sysupgrade utility, which will try to preserve the settings made, however, our recommendation is to restore the router to factory settings so as not to have problems with the above settings.
On the official website for hardware compatibility with OpenWrt you can see all the routers compatible with the new version of the firmware. A very important detail to update to this new firmware version is that we must have at least 8MB of FLASH memory and 64MB of RAM, otherwise, our router will not be compatible with the new version. This increase in hardware requirements is due to the introduction of new functions and the general increase in size of the Linux kernel, in addition, if you have 8MB of FLASH memory you will only receive a warning indicating that you will not be able to use extended functions. In the event that your router has 4MB of flash or 32MB of RAM, you can always create a custom OpenWrt image, however, functionality will decrease and stability is not guaranteed.
As you have seen, the new version of OpenWrt brings with it a large number of very interesting improvements, but with the handicap of having more FLASH and RAM in our WiFi router.