D-Link DIR-825

Known Hardware Versions

Revision OpenWrt Version Supported Model Specific Notes
A1 not supported
B1 Kamikaze trunk working with trunk as of r18621
B2 Kamikaze trunk working with trunk as of r25121
B1/2 Attitude Adjustment trunk Newer revisions (FW 2.05EU) store mac-addresses differently,
which leads to non-working wlan0/1. Working with trunk as
of r29119
C1 Barrier Breaker trunk r35403 See r35401, r35402, r35403

NOTE: B2 appears to only be different in labeling. The default firmware claims B1 and even /proc/cpuinfo claim to be B1 revisions even though the packaging and the sticker say B2.

Hardware Highlights

HW Rev CPU Ram Flash Network Gigabit USB Serial JTag
B1/B2 Atheros AR7161@680MHz 64MB 8MB 4x1 Yes Yes Yes Yes
C1 Atheros AR9344@560MHz 128MB 16MB 4x1 Yes Yes Yes Yes

Switch Ports

Numbers 0-3 are Ports 4 to 1 as labeled on the unit, 5 is the internal connection to the router itself.

Port Switch port
CPU (eth0) 5
No port 4
LAN 1 3
LAN 2 2
LAN 3 1
LAN 4 0

Installation

Consult Flash Layout for a better understanding.

There are two ways of installing firmware, either by using normal D-Link firmware update web-interface or by using firmware recovery mode.

Installation using firmware update page

Note: Since original Firmware 2.05WW Build: 05Beta01 it is not possible to flash OpenWrt via the firmware update page. (worked on a B2 revision with Ubuntu's Firefox in 2.05NA and 2.06NA) It looks like Firmware 2.01EU behaves the same way. Please use the firmware recovery mode instead.

Note: This method works for revision C2 with Firmware 3.00 using Ubuntu's Firefox. I used openwrt-ar71xx-generic-dir-825-c1-squashfs-factory.bin

  1. Login into the factory D-Link firmware web-interface as usual. Default procedure for the freshly purchased router is:
    1. Set the static IP 192.168.0.100/24 on the PC
    2. With any web browser go to http://192.168.0.1/, use "admin" as the username, and "" as the password (leave the field blank).
  2. Proceed into the firmware update page, click "Browse" and select your OpenWrt image file (openwrt-ar71xx-generic-dir-825-b1-squashfs-factory.bin)
  3. Click "Update" and let the router reflash itself.
  4. Device should now reboot itself and boot up the OpenWrt.
  5. Give the router some time to finish firstboot tasks (initial configuration, jffs2 initialization, e.t.c.).
  6. The router's power LED should blink orange during bootup, as soon as it stops flashing, you can connect to it
  7. obtain new IP from the router via DHCP and follow firstlogin

Installation using firmware recovery mode

Note: The firmware recovery mode has following quirks:

  • If you have a Windows machine available you can use Microsoft Internet Explorer 7 (a Windows running on a VM, like VMware, does not work)
    • Windows 8: Firefox cannot be used to update firmware (presumably applies to other versions of Windows).
    • Windows 8: Use Internet Explorer 10. Press F12. Select Browser Mode: IE8. Leave the compatibility setting at IE5 Quirks.
  • If you are running Linux you can:
    • Set your interface to 100Mbps using sudo ethtool -s eth0 speed 100 autoneg off, install IE7 in Wine and use it to flash.
    • Later models (or some hardware combinations) may need sudo ethtool -s eth0 speed 100 duplex half autoneg off (e.g. B2, FW ver 2.05EU).
    • firmware 2.02EU should still be available on ftp.dlink.de and it doesn't require IE, nor Mac.
    • 2.05EUB09_7 can't be downgraded to 2.04 but fortunately can be downgraded to 2.02EU
    • I had to disable both avahi, cups and IPv6 to get it working. (B2 FW ver 2.01EU)
  • If you are running MacOS you can use Google Chrome Opera
  • FW version 2.05EU seems very difficult to flash, there may be timing issues (that's just a guess). After downgrading to 2.04EU (get it from ftp.dlink.de) it worked the first time, using IE7 on a virtualbox Win XP "guest". YMMV.
  1. Get into the D-Link recovery console with the steps below:
    1. While powering up the router, press and hold the reset button until the power LED starts blinking orange (usually takes around 45 (forty-five) seconds )
    2. Set a static IP on your PC to 192.168.0.100/24
    3. connect to http://192.168.0.1, mind the quirks!
  2. Click "Browse" and select your OpenWrt image file (openwrt-ar71xx-dir-825-b1-squashfs-factory.bin, this binary image is available in the Backfire 10.03.1rc1 download directory and above)
  3. Click "Update" and let router flash the image (don't worry if it reboots before it reaches 100%). The page should display "Device is Upgrading the Firmware" in blue letters with the current percentage in red (with an incompatible Browser it doesn't).
  4. The router's power LED should blink orange during bootup, as soon as it stops flashing, you can connect to it
  5. Tip! Note that default DHCP will allocate on 192.168.1.x, which is different subnet to the address you allocated above. This is why you can't connect until you change your IP address.
  6. obtain new IP from the router via DHCP and follow firstlogin

Upgrading OpenWrt

Firmware recovery

OpenWrt failsafe mode

Basic configuration

Since this part is identical for all devices, see Basic configuration.

wireless.overview This router requires the packages kmod-ath9k and wpad-mini.

Hardware

Info

Architecture: MIPS
Vendor: Qualcomm Atheros
Bootloader: U-Boot
System-On-Chip: AR7161 rev 2 (MIPS 24Kc V7.4)
CPU/Speed 24Kc V7.4 680 MHz
Flash-Chip: Spansion S25FL064A
Flash size: 8192 KiB
RAM: 64 MiB
Wireless: 2 x Atheros AR922X 2.4GHz/5.0GHz 802.11abgn
Ethernet: RealTek RTL8366S Gigabit w/ port based vlan support
Internet: n/a
USB: Yes 2 x 2.0 (Only 1 header to the outside)
Serial: Yes /dev/ttyS0
JTAG: Yes

Photos

D-Link DIR-825 with the bottom cover removed. D-Link DIR-825 with bridges soldered to enable second USB port. D-Link DIR-825 B2 with second USB port in use. D-Link DIR-825 C1 board. D-Link DIR-825 C1 Atheros chipset. D-Link DIR-825 C1 RAM chips.

Physically breaking into the DIR-825

Note: This may void your warranty!

To remove the cover simply:

  1. Remove the two (2) back rubber feet. (closest to the ethernet ports and antennas)
  2. Unscrew the two (2) screws underneath the feet.
  3. Pry case halves apart from back side to front side, carefully.

To remove the board from the casing:

  1. Unscrew the two (2) front (inner) screws and remove the LED shield.
  2. Lift board from front and slide out in a forward motion.

Serial

PIN1–>3.3V PIN2–>RX PIN3–>TX PIN4–>GND

Remember to use 12V3.3V serial port voltage converter or you might break the router by over-voltage.

COM port settings: Speed:115200, Data bits:8, Stop bits:1, Parity:none, Flow control:none

JTAG

How to connect to JTAG interface, and how to reflash the device with JTAG tools

See port.jtag for more JTAG details.

LEDs

See the LED section in /etc/config/system on general LED configuration.

The DIR-825 has 11 blue and 2 orange LEDs: The four LAN LEDs are controlled by the switch chip. By default they show link and blink for activity. They are LED Bank 0. To configure the RealTek RTL8366S, you can use swconfig, e.g.

swconfig dev rtl8366s port 0 set led 2

LED name LED symbol Internal name blue Internal name orange
unknown D-Link unknown n/a
Power Power dir825b1:blue:power dir825b1:orange:power
Planet Planet dir825b1:blue:planet dir825b1:orange:planet
Wireless LAN 2.4 GHz Waves (2.4GHz) ath9k-phy0::phy0tpt n/a
Wireless LAN 5 GHz Waves (5GHz) ath9k-phy1::phy0tpt n/a
LAN Port 1 PC (1) n/a n/a
LAN Port 2 PC (2) n/a n/a
LAN Port 3 PC (3) n/a n/a
LAN Port 4 PC (4) n/a n/a
Universal Serial Bus USB dir825b1:blue:usb n/a
WPS Two arrows dir825b1:blue:powersave n/a

Repair LEDs after flashing OpenWRT

If you want to see the BLUE POWER ON and the BLUE GLOBE ( planet ) blinking when it receives information, then do the following setup:

For UCI configuration of the LEDs use this set of commands:

uci set system.led_wan_orange=led
uci set system.led_wan_orange.sysfs=d-link:orange:planet
uci set system.led_wan_orange.default=1
uci set system.led_wan_blue=led
uci set system.led_wan_blue.default=1
uci set system.led_wan_blue.sysfs=d-link:blue:planet
uci set system.led_wan_blue.trigger=netdev
uci set system.led_wan_blue.dev=eth1
uci set system.led_wan_blue.mode=link tx rx
uci set system.led_power_orange=led
uci set system.led_power_orange.sysfs=d-link:orange:power
uci set system.led_power_orange.default=0
uci set system.led_power_blue=led
uci set system.led_power_blue.sysfs=d-link:blue:power
uci set system.led_power_blue.default=1
uci commit system

After rebooting the device this setup becomes active.

Buttons

hardware.button

The D-Link DIR-825 has two buttons:

BUTTON Event
Reset reset
WPS powersave

The WPS (WiFi Protected Setup) button is located at the right side (or the top when standing) and can be easily pressed with a finger. Also the WPS LED is integrated into the Button. For some unknown reason this control is named powersave in various places.

The Reset button is located at the back and cannot be pressed with a finger, you need a small item to push it in.

Hardware Mods

Second USB port

It was reported that in order to enable second USB port it is sufficient to solder in two straight bridges in place of L66 (take a look to the corresponding photo in the "Photos" section). After that you will need to solder in second USB header or - easier way - to solder in short-tailed female USB type A connector (sample photo is also available in the "Photos" section).

Discussion and more information can be found in this thread.

128 MB RAM Mod

vavasik did this mod and reported his experiences in this thread.

He used two Samsung K4H511638D-UCB3 chips from Samsung DDR SODIMM 512 MB. Maybe other chips from other manufacturers can be used, only they has to have 32Mx16 organization. Chips with other organization, such as 64Mx8, are not suitable.

Next to the soldering, the bootloader (U-Boot) and the calibration data partition has to be changed, because the D-Link bootloader/calibration data partition does not start with the 128 MB RAM. He used the bootloader/calibration data partition from Netgear WNDR3700. It's done through a full reflash, check the forum for the binary. It turn the D-Link DIR-825 into an Netgear WNDR3700.

The Netgear stock firmware does not recognize the 128 MB RAM, it only shows/uses 64 MB RAM, but it starts.

An detailed tutorial from vavasik can be found here.

Don't do this if your are inexperienced in soldering, you will for sure destroy the contacts→Trash!

D-Link DIR-825 B2 with 128 MB RAM Mod

Connection Information

Other Info

Feel free to add here any info we haven't covered yet! Thank you!

I was able to upload the openwrt-ar71xx-generic-dir-825-b1-squashfs-factory.bin in recovery mode with Internet Explorer with compatibility view enabled (menu Tools/Compatibility View). Without it it was loading forever. Other browsers (Chrome, Firefox, Opera) were not working. Tested with Windows and Linux. Also I switched my 1Gbit cart into 100Mbit mode.

It may be necessary to run the original firmware and configure the device at least once. I flashed the router right away using the firmware recovery interface which resulted in configuration problems in OpenWrt. All wireless network devices did not have valid MACs instead they used 00:00:00:00:00:00 and refused therefore to work properly. Even trying to read the MAC from the sysfs failed. After flashing the original firmware and configuring the device once using the D-Link Webinterface everything worked as expected after flashing OpenWrt again.

Besides flashing in recovery mode from a MacBook Pro using Google Chrome and the default Gigabit plug worked just fine!


VLAN Configuration ( on LAN-Port 4)

1) Introduction

What is VLAN?

Read about VLAN

Situation - 6 global IPs from the ISP

  • Gateway: 210.190.90.33
  • SN-Mask: 255.255.255.248
  • ISP IPs: 210.190.90.34 - 210.190.90.38
  • Router Model: D-Link DIR-825 rev. B1
  • Firmware Version: OpenWrt Backfire 10.03.1 / LuCI 0.10.0 Release (0.10.0)
  • Kernel Version: 2.6.32.27

What is the aim ?

Separate the LAN-Switch in such a manner, so that you can use the 4th LAN-Port as a global Port for the 6 given IPs from your ISP.

 Internet
 |
 ISP
 |
 D-825 Router with openWRT
 |_______________________________.
 | LAN1 | LAN2 | LAN3 |   LAN4   |
 |                    |    |     
 |  your local LAN    |  Switch Netgear ProSafe 5
 |   192.168.1.1      |    |
 |                    |  global ips from your ISP
 |____________________|_ 210.190.90.34 - 210.190.90.38

2) Setup VLAN

o) Go to Network / Switch and do the configuration as shown:

Separating the LAN1 + LAN2 + LAN3 from the LAN4

Very important is to hit the SAVE button ( !!! not the Save & Apply !!!)

In case if you wonder why the port 0 (zero) corresponds to the 4th LAN-port, see this: switch.ports

o) Go to Network / Interfaces / LAN / Physical Settings and do the following:

( you have to change the settings from "eth0" to "eth0.1" )

Now you should hit the button "Save & Apply" !!!

( Info: wait a bit and then you will see that your router is not responding any more → this is normal, give him a little time ( 1min max) then unplug the power supply from the router, then wait 10sec and plug it back in! )

o) Go to Network / Interfaces

You will find here only the LAN (green) and WAN (red) interfaces. Now we will have to add the VLAN-Interface ( I called it GLAN, you can call it GAN - it doesn't matter) - the G because of the global IPs!

o) Adding the GLAN Interface

a) Add new interfaces

b) Type in the name for the new interface: GLAN ( this is in my case, u can call it whatever u want)

c) Protocal of the new interface: Static address

d) Create a bridge over multiple interfaces: NO

e) Cover the following interface: VLAN Interface: "eth0.2"

f) Hit the Submit button

GLAN configuration overview:

This is what you will see, when you click the Interfaces

This is what you should see, after you added the GLAN Interface

To be sure that you have the right settings, check the /etc/config/network output:

root@dir825:~# cat /etc/config/network

config 'interface' 'loopback'
        option 'ifname' 'lo'
        option 'proto' 'static'
        option 'ipaddr' '127.0.0.1'
        option 'netmask' '255.0.0.0'

config 'interface' 'lan'
        option 'proto' 'static'
        option 'ipaddr' '192.168.1.1'
        option 'netmask' '255.255.255.0'
        option '_orig_ifname' 'eth0'
        option '_orig_bridge' 'true'
        option 'type' 'bridge'
        option 'ifname' 'eth0.1'

config 'interface' 'wan'
        option 'ifname' 'eth1'
        option 'proto' 'dhcp'

config 'switch'
        option 'name' 'rtl8366s'
        option 'reset' '1'
        option 'enable_vlan' '1'
        option 'enable_vlan4k' '1'

config 'switch_vlan'
        option 'device' 'rtl8366s'
        option 'vlan' '1'
        option 'ports' '1 2 3 5t'

config 'switch_vlan'
        option 'device' 'rtl8366s'
        option 'vlan' '2'
        option 'ports' '0 5t'

config 'interface' 'GLAN'
        option 'proto' 'static'
        option 'ifname' 'eth0.2'
        option 'ipaddr' '210.190.90.33'
        option 'netmask' '255.255.255.248'

3) Firewall: control traffic

o) Go to Network / Firewall and add a new GLAN-Zone:

a) name: GLAN

b) Input: accept

c) Output: accept

d) Forward: accept

e) Masquerading: YES

f) MSS clamping: YES

g) Covered networks: GLAN

h) Hit the Save & Apply button

o) Then check if GLAN is assigned to the correct firwall zone:

o) Go To Network / Firewall / Custom Rules and add the following lines (be aware to make changes for your own IPs | also the names of the variable can be changed)

# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.

#################
### Variables ###
###################################################

# public ip
PUBLIC="210.190.90.0/29"
# HOSTS
FTP="210.190.90.34"
DNS1="210.190.90.35"
DNS2="210.190.90.36"
MAIL="210.190.90.37"
BACKUP="210.190.90.38"

# gets the wan-ip address
WANIP=`nvram get wan_ipaddr`

###################################################
# disable NAT for FTP -> WAN
iptables -t nat -I POSTROUTING -s $PUBLIC -j ACCEPT

###################################################
# allow traffic to routed public net
iptables -I FORWARD -o eth0.2 -j ACCEPT

###################################################
# block public -> lan, allow lan -> public
iptables -I FORWARD -i eth0.2 -o br0 -m state --state NEW -j DROP

###################################################
# block access to the router GUI/telnet/DNS/etc. from PUBLIC net, allow from HOSTS
iptables -I INPUT -i eth0.2 -j DROP
iptables -I INPUT -s $FTP -j ACCEPT
iptables -I INPUT -s $DNS1 -j ACCEPT
iptables -I INPUT -s $DNS2 -j ACCEPT
iptables -I INPUT -s $MAIL -j ACCEPT
iptables -I INPUT -s $BACKUP -j ACCEPT

###################################################
# block access to WAN IP from PUBLIC net
iptables -I INPUT -i eth0.2 -d $WANIP -j DROP

Now hit the Save & Apply button

4) Setup machine connected to VLAN

This are the settings of your machine (ex. FTP):

IP: 210.190.90.34
SM: 255.255.255.248
GW: 210.190.90.33
DNS: 210.190.90.33

!!! Be aware to turn ON a firewall, because now the machine is exposed to the public !!!


A simple script to flash DIR-825

We have recently developed a script and performed some correction based on your work you can find it here

http://openwisp.caspur.it/wiki/owf/FlashingDlinkDIR825#notextile-Automatic-flashing-script-notextile

With this script it's not necessary to force your NIC to work @ 10/100 Mb/s and it's not necessary using IE7

Custom IPv6 image for DIR-825

a custom image with ipv6 support: radvd, wide-dhcpv6, 3g stick support, made for RCS-RDS Fiberlink dual stack PPPoE service, but should be okay for static wan settings on other ISPs: http://www.ip6.ro/firmware/dir825/

Fat images

Since Attitude Adjustment beta 2, some images are suffixed with "-fat" to indicate they will be able to use more flash that the factory firmware uses by default. It does this by moving the wireless interface calibration data at the end of the flash. This is a dangerous operation and should only be performed if you know how to back this flash partition (/dev/mtd5). To upgrade, you'll need to copy the whole image in /tmp and use sysupgrade -i the caldata question. Downgrading to a non-fat image will get the caldata back in place so it can be used by the factory firmware, after upgrading to a fat image, you must downgrade before getting back to a factory image.

Before: /dev/mtdblock4 576.0K 308.0K 268.0K 53% /overlay After: /dev/mtdblock4 2.1M 328.0K 1.8M 15% /overlay

Tags

Back to top

toh/d-link/dir-825.txt · Last modified: 2013/06/15 18:33 by lorema