Downgrading OpenWRT on WRT3200ACM

Bruce Ediger

2024-06-03 (Last Modified: 2024-06-09)

After I upgraded to OpenWRT 23.05.3, my Linksys WRT3200ACM WiFi router seems to interact poorly with my Dell E7470 laptop. It takes many tens of seconds for that laptop to acquire an IPv4 address via DHCP.

I decided to downgrade OpenWRT Linux on the router from 23.05.3 to 19.07.10. I believe it was running 19.07 before I started on my sysadmin journey of switching to a new server.

I did the recommended upgrade:

sysupgrade -F -n -v openwrt-19.07.10-mvebu-cortexa9-linksys_wrt3200acm-squashfs-sysupgrade.bin`

After the usual 3 minutes of nervous anticipation, I tried to find the WRT3200ACM on my network. OpenWRT does not turn on the radios by default. You have to set them up and enable them.

So I tried to ssh to OpenWRT on the ethernet port where it was cabled in. Apparently OpenWRT tries to acquire a “WAN” address on the “Internet” port, but I had it cabled to my new server on one of the “LAN” ports. OpenWRT runs a DHCP server, and the “admin” web interface is at 192.168.1.1, so I tried adding the usual IPv4 non-routeable address and route to my new server’s ethernet port:

$ ip -br a
...
enp4s0           UP             172.24.0.1/16 192.168.1.2/32 fd91:53b:8950:0:227c:14ff:fef3:8302/64 fe80::227c:14ff:fef3:8302/64 

$ ip -br l
...
192.168.1.0/24 dev enp4s0 scope link

I had no luck with that - I could not ping 192.168.1.1. I ran tcpdump -i enp4s0 in hopes of figuring out why ping didn’t work.

Instead, I found router’s SLAAC IPv6 address. It was trying to acquire an IPv6 router. I could ssh to the IPv6 address, but first I had to encourage ssh to use an older key exchange algorithm, otherwise I’d get an error message lik:

Unable to negotiate with 172.24.0.15 port 22: no matching host key type found. Their offer: ssh-rsa

The ssh command line ended up looking like this for me. The RJ-45 where the WRT3200ACM is plugged in is enp4s0.

$ ssh -oHostKeyAlgorithms=+ssh-rsa 'root@fe80::3023:3ff:fedc:8648%enp4s0'

I was able to proceed from the OpenWRT command line, turning on the radios, turning off some unneeded system services, and having OpenWRT on the “LAN” bridged network acquire an IPv4 address via DHCP.

EDIT

Putting a line in /etc/hosts like:

fe80::3023:3ff:fedc:8648 wrt3200acm6

doesn’t let you use a hostname of wrt3200acm6 consistently.

$ ping -I wlp1s0 wrt3200acm6                                        # /home/bediger
ping: Warning: source address might be selected on device other than: wlp1s0
PING wrt3200acm6 (fe80::3023:3ff:fedc:8648) from :: wlp1s0: 56 data bytes
64 bytes from wrt3200acm6 (fe80::3023:3ff:fedc:8648%wlp1s0): icmp_seq=1 ttl=64 time=4.51 ms
$ 
$ ping  wrt3200acm6%wlp1s0
ping: wrt3200acm6%wlp1s0: Name or service not known

I got tired of trying to remember the complicated flag that lets ssh use rsh-ssa, so I put this in my .ssh/config file:

Host 172.24.0.15
    User root
    HostKeyAlgorithms=+ssh-rsa

I ended up assigning 172.24.0.15 to the WRT3200ACM.

During these travails, I found several tcpdump commands that show you DHCP traffic. I’m not sure they’re all equivalent

tcpdump -n -i enp4s0 udp port 67 or 68
tcpdump -n -i enp4s0 '(udp and port 67) or (udp and port 68)'
tcpdump -i enp4s0  port 67 or port 68 -n