DD-WRT Step 1 – Basic Router Configuration: access DD-WRT for the first time, setup root password and basic network configuration.
Which router does this post cover?
This post will cover exclusively the one I have, but same principles apply for any other: Netgear® AC1900 – Nighthawk® Smart WiFi Router aka R7000:
- AC1900 WiFi—600+1300 Mbps speeds
- 1GHz Dual Core Processor
- Dynamic QoS prioritizes network traffic for uninterrupted video streaming for applications like YouTube®, Netﬂix® & others
- ReadyCLOUD® USB Access allows you to enjoy personal and secure cloud access to USB storage anytime, anywhere
Why flashing your Netgear to DD-WRT?
Simple. Their GUI suck. This is a pretty beefy beast, look at that ARM CPU! Why on earth would you limit it to just routing? It’s like buying a TESLA model S without the navigation integrated tablet. Pretty useless.
Flash your router with DD-WRT
This could be an entire series of posts. You need to flash it with a specially crafted firmware with the CHK extension, and pray.
First WIFI connection
By default, WIFI SSID = dd-wrt and password = unevenzoo344
Configure root access
Upon first reboot, and any subsequent reboot when you flash and reset the NVRAM, you need to setup the root password:
Advanced Routing: Router vs Gateway
The purpose of DD-WRT at least for me, is to be the root access for everything. They indicate that with other routers on the network (your ISP modem), you should switch to Router mode instead of Gateway. However I never could get this to work properly.
Just let it as is in Gateway mode:
Choose the correct working mode. Keep the default setting, Gateway, if the router is hosting your network’s connection to the Internet. Select router if the router exists on a network with other routers. In Gateway mode the router performs NAT, while in other modes it doesn’t.Operating Mode
To enable the Dynamic Routing feature for the WAN side, select WAN. To enable this feature for the LAN and wireless side, select LAN & WLAN. To enable the feature for both the WAN and LAN, select Both. To disable the Dynamic Routing feature for all data transmissions, keep the default setting, Disable.Dynamic Routing
No clue what that means. Is it connected to your ADSL/Cable/Fiber router? This will be turn out to be the case 100% of the time so… Do you have internet by connecting to its wifi? Good. Do not touch anything!
Just kidding. Choose Gateway and Dynamic Routing for both, otherwise you will lose internet access.
Setup – Basic Setup
You can and you should setup your device’ hostname, along with the Domain name. This will be useful later.
- MTU: default is 1500 – if like me you are behind an ISP modem, use the modem’s value instead
- Shortcut Forwarding Engine: Enable (in-Linux-kernel IP packet forwarding engine)
- STP: Disable – unless you are in a Mesh network you do not need that
I chose the Class C private sub-net 192.168.1.0/16, because it’s the default.
Network Address Server Settings (DHCP)
You can extend the lease of available IP addresses within your DHCP. Also, not setting up the Static DNS addresses means that you will use your ISP’s DNS, if that’s your choice.
Choose a different DNS server, why?
Choose different DNS servers, why? Below is a short list that I use here and there depending on my business needs:
- your ISP: leave blank
- Quad9: 220.127.116.11 (won’t resolve known hacked sites)
- Cloudflare: 18.104.22.168 and 22.214.171.124 (said to be the fastest)
- OpenDNS: 126.96.36.199 and 188.8.131.52 (large set of blacklists available for parental control :))
- Google: 184.108.40.206 and 220.127.116.11 – DO NOT USE GOOGLE THEY SPY ON YOU
- tons of others: DuckDuckGo Public DNS list:
Another reason not to use your ISP’s DNS, is to remain as Ads-untraceable as possible. Your ISP and these public DNS collect everything we search for, you know that, right? In a later post, I will show how to add all of them in a round robin loop, to confuse them even more.
If you are looking for speed, the actual ranks are unclear. Different places will give different results in the top 5. Examples:
Different results depending on your region!
If speed is not your unique goal, some do offer cool features such as Content Access Control and Kids Friendly search:
- Freely chose to block certain type of sites, such as pr0n/gaming/etc via blacklists with OpenDNS – 18.104.22.168
- Protect your home from known threats with Quad9 – 22.214.171.124
Finally, Time Settings
I like using the standard time, freely available from time.nist.gov:
Don’t forget to Apply Settings or Save and move on to Wireless configuration!
You can go through the whole configuration in a go by just saving and only Apply Settings as your last step! When you Apply, you trigger some services restart and actually make current settings go live.