Posted: Wed Oct 05, 2022 6:37 Post subject: Strategy for DD-WRT updates
I am curious what strategy people use for deciding when to update their DD-WRT router.
I see that new releases drop pretty often and perhaps contain important security fixes.
I've also read that before and after flashing an update one is supposed to set the router back to defaults. This is IMO a serious disincentive because having go through all of the DD-WRT configuration pages and set up everything again is a pain. I am very happy with the way my DD-WRT router is working now and am loathe to go through the setup process again, since I think my ability to re-enter all the info correctly is subject to my human error-prone foibles (even though I have saved images of every configuration page).
So what strategy do you other users use to decide when to update their routers? I really wish that DD-WRT would either allow me to re-import saved settings to a new release or perform an update without a reset.
I am currently running DD-WRT v3.0-r49599 std (07/30/22) on a Netgear R9000.
BIG thank you to the developers for router firmware that does everything I need!
People get worked up about configs. Upgrade do not reset, this is your choice. Problems? Fix your config or reset.
r49599 is only few months old. Do not know initial reset build number, if no problems just use the existing config.
Generally, reset is recommended after upgrading from very old builds. Clean start, without worry for nvram vars.
Use screenshots, webpage saves, print to save pdf, PuTTy nvram show output text, logging enabled or clipboard.
Or create configuration backups, or don't do anything at all, upgrade, do not reset, most likely everything is fine.
I think the enemies greatest ally when it comes to security is his targets laziness and/or carelessness.
I do a full factory reset and setup everything from scratch with every new build. I mean, there might be something new in dd-wrt that may require you to configure said thing differently than what you did before. But thats entirely up to you.
As for how often one should upgrade, what joker said.
the-joker wrote:
Your build has at least two know unpatched CVEs. Minimum try to upgrade once a month, then you dont have to worry about configs and resets. But surely always try clearing browser cache to minimize any web interface issues.
Joined: 16 Nov 2015 Posts: 6445 Location: UK, London, just across the river..
Posted: Fri Oct 07, 2022 8:48 Post subject:
blkt wrote:
Gameman Advanced Kid wrote:
I do a full factory reset and setup everything from scratch with every new build.
This is overkill, but at least helps you to become very familiar with the web interface as things change over time.
for a Basic use it's not overkill but for advanced use...it takes me an Hour (1h) to rebuild _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 08 May 2018 Posts: 14242 Location: Texas, USA
Posted: Fri Oct 07, 2022 13:35 Post subject:
When you're following development as closely as some of us are, you manage to edit your scripts accordingly if necessary to reconfigure "with a press of a button". I generally don't reset / hard reset unless I run into issues, and production devices get updated once a month. Testing devices, daily or more than once daily. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 16 Nov 2015 Posts: 6445 Location: UK, London, just across the river..
Posted: Fri Oct 07, 2022 13:46 Post subject:
kernel-panic69 wrote:
When you're following development as closely as some of us are, you manage to edit your scripts accordingly if necessary to reconfigure "with a press of a button". I generally don't reset / hard reset unless I run into issues, and production devices get updated once a month. Testing devices, daily or more than once daily.
i do know how to script (nvram vlues, selected only...) update, but prefer via GUI, painful but the only way to test GUI, otherwise i don't do reset too...unless needed, but when too long, than i can live with the pain of 1h reconfig... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
I'm still on r49626 and working for months. I normally try to stick to a build for as long as I can, but security fixes force me to update when I have time and currently no time to update. I normally monitor the SVN after a new build is release to see if there are any fixes to the build released and also checking the posts on new builds for issues too, before updating. I do have spare Routers I put new builds on if the builds are a couple months apart, so I can quickly swap back to the working "old" build Router if I have issues with the "new" build Router. _________________ Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531
After reading all of your advice, I took the plunge and upgraded to r50474 without doing any resets. Had a few anxious moments as the router's lights blinked in a very strange fashion, but then it came up and all was well.
Thank you all very much for your support and encouragement.
