OpenWrt SquashFS-Images have a built-in failsafe mode. OpenWrt failsafe mode bypasses all configuration located on the JFFS2 partition (that is the writable partition), in favor of a few hard coded defaults located on the SquashFS partition (that is the read-only partition), resulting in a device boots up as
192.168.1.1/24 on the
eth0 network interface with only essential services running. (In case your device has multiple network interfaces (eth0, eth1, …), usually eth0 is the interface connected to the switch. There may be very seldom exceptions.)
From this state you can
telnet in, mount the JFFS2 partition with the command
mount_root and fix problems located on the JFFS2 partition, e.g. forgotten password, bad firewall settings, broken startup scripts, etc. Please read OpenWrt Flash Layout to understand why OpenWrt failsafe is possible, and also Boot Process to understand how it works: basically OpenWrt contains an additional boot up stage, called preinit. This allows to boot into normal mode by default or boot into failsafe mode, if this was triggered by the user. The triggering can happen in two ways: via pressing a hardware button during preinit-stage or via keyboard command while connected over a serial cable to the PCB during preinit-stage. No matter how the booting into failsafe mode was triggered, once OpenWrt booted into failsafe mode, you can telnet in over Ethernet.
- your device must have a configurable hardware button, if there's a button on your router, it's likely to be configurable. Check if there's specific info about failsafe mode for your device and make sure everything still works as expected everytime you update!
- there must be a SquashFS-Image flashed to the device. Failsafe cannot be implemented on JFFS2-Images
- everything but the JFFS2 partition, i.e. the kernel partition and the SquashFS partition, must be intact, so that…
- …the boot process is able to get as far as required to register the pressing of the button
- …the minimal required binaries and the configuration files with some default settings are available (all on SquashFS)
- Power off the router
- Unplug the WAN port (in case that WAN IP address and LAN IP address are same (address collision happened), if you do not plug out wan port, you cannot enter failsafe mode)
- Set your computer's IP to
255.255.255.0. The router will be reached at
192.168.1.1when failsafe mode is running.
- To detect when failsafe mode can be triggered, there are two options: look for a bootup LED blink pattern, or look for a special broadcast packet from the router
On some routers (e.g. TP-LINK models), OpenWrt will start to blink a LED (e.g. the "SYS" LED) on the front of the router when it is in its early boot cycle. The blink rate is about twice a second. Looking for a blink pattern is much more convenient to use instead of having to use a packet sniffer.
- Power on the router
- As soon as this blink pattern is seen, press the hardware button the front of the router
- The SYS LED will change to faster blink pattern, indicating the router is now in failsafe mode
On some TP-Link routers, the button is on the back of the unit (often labeled "WPS/Reset"). The switch may have a physical button, or may be behind a hole in the case and require a paper clip or similar tool to operate.
At least one TP-Link router seems to respond better to repeatedly clicking the button before the SYS LED starts to blink, until the SYS LED lights with the rapid-flash pattern.
If the LED blink detection method isn't desired, the alternative is to listen on the UDP 4919 port for a broadcast packet on the computer and then press the front button when this packet is seen.
In a terminal enter the command
tcpdump -Ani eth0 port 4919 and udp
Up to today (Jan 11, 2013) this page didn't precise on which port to listen. In the case of TL-WR1043ND, it's the WAN port. If you find a contradictory example, it will be necessarry to remove or adapt this note.
You can employ the recvudp.exe utility software - Launch it. You may also need to temporarily disable firewall.
Power-cycle the router. The router will deliver a message telling it waits for your click on the button.
Immediately when the LED blink pattern or the network broadcast message is seen, click the device button. If your device has multiple buttons, any button should work. OpenWrt is configured in a way, that pressing of any button during preinit will trigger booting into failsafe mode. But in case a button should not work, try another.
Indications of failsafe mode:
- Once in failsafe mode, a network broadcast confirmation message appears (not always, for the TL-WR1043ND no message comes).
- On some router models (e.g. TP-LINK models), the SYS led blinks very quickly
Now, telnet (not SSH) to 192.168.1.1 from the computer. There is no username or password required.
Now go to section In failsafe mode
- If the router does not boot in safe mode despite clicking the button, it may be a timing problem, missing the brief window when OpenWrt is looking for a button press. If so, immediately after turning the router on, rapidly click and keep clicking the button on the router for about 60 seconds to try to not miss the safe mode boot window.
- If your router has a ridiculously long boot time (such as DIR-300 A), then you may do this for a longer time.
- Unplug the router's power cord.
- Connect the router's WAN port directly to your PC.
- Configure your PC with a static IP address between 192.168.1.2 and 192.168.1.254. E. g. 192.168.1.2 (gateway and DNS is not required).
- Plugin the power.
- Connect via serial
- Wait until the following messages is passing: Press the [f] key and hit [enter] to enter failsafe mode
- Press "f" and the "enter" key
- You should be able to telnet (not SSH) to the router at 192.168.1.1 now (no username and password)
You get a message similar or same like this (using OpenWrt 12.09):
=== IMPORTANT ============================ Use 'passwd' to set your login password this will disable telnet and enable SSH ------------------------------------------ BusyBox v1.19.4 (2013-03-14 11:28:31 UTC) built-in shell (ash) Enter 'help' for a list of built-in commands. _______ ________ __ | |.-----.-----.-----.| | | |.----.| |_ | - || _ | -__| || | | || _|| _| |_______|| __|_____|__|__||________||__| |____| |__| W I R E L E S S F R E E D O M ----------------------------------------------------- ATTITUDE ADJUSTMENT (12.09, r36088) ----------------------------------------------------- * 1/4 oz Vodka Pour all ingredients into mixing * 1/4 oz Gin tin with ice, strain into glass. * 1/4 oz Amaretto * 1/4 oz Triple sec * 1/4 oz Peach schnapps * 1/4 oz Sour mix * 1 splash Cranberry juice ----------------------------------------------------- root@(none):/#
Additional note (r42985):
================= FAILSAFE MODE active ================ special commands: firstboot reset settings to factory defaults mount_root mount root-partition with config files after mount_root: passwd change root's password /etc/config directory with config files for more help see: http://wiki.openwrt.org/doc/howto/generic.failsafe =======================================================
and then repair your system:
- In case you forgot your password, you need to set a new one. Type:
- In case you forgot the routers IP address, get it with
uci get network.lan.ipaddr
- In case you filled up the entire JFFS2 by installing too big/too many packages, clean the entire JFFS2 partition. All settings will be reset and all installed packages are removed. (OpenWrt equivalent of a factory reset)
firstbootor (this will reboot the device as part of the process)
mtd -r erase rootfs_dataor
rm -r /overlay/*
If you are done with failsafe mode use
reboot -fto reboot. Note: Normal
/sbin/rebootwill not work, because
initis not running. Or power cycle the router.
- the article process.boot may help you better understand when
failsafe"kicks in" once activated
doc/howto/generic.failsafe.txt · Last modified: 2014/10/21 23:31 by tmomas