A5-V11 is cheap Chinese OEM router. Is is sold about 7 USD on eBay or AliExpress. You can read more about it on OpenWrt wiki page.
|CPU||Ralink RT5350 MIPS 24KEc V4.12|
|Storage||4 MiB Flash|
|USB ports||1x USB 2.0|
After firmware image is successfully uploaded, you can connect to router and do configuration steps. OpenWrt has default IP address
192.168.1.1 and netmask
Connect the router and your computer into same network and configure your IP address:
# ip addr add 192.168.1.2/24 dev eth0
Make sure than no other device in the network has same IP address
192.168.1.1 too. If you put A5-V11 into your actual network which uses same IP range, it is very probable that this address is already taken. Most likely by your gateway router.
When you are connecting to the router first time,
root user has no password. For that reason you can't login to the route over SSH.
When root has no password assigned, router accepts telnet connections with no authentication. It is primary used for configuring
root password. After password is configured, telnet daemon will be stopped and disabled entirely.
Connect to the router by following command:
$ telnet 192.168.1.1
After you get shell, configure root password:
root@OpenWrt:/# passwd Changing password for root New password: Retype password: Password for root changed by root
And that's it. Now you can close telnet connection:
root@OpenWrt:/# exit Connection closed by foreign host.
When password is configured, you can login over SSH:
$ ssh firstname.lastname@example.org
Most of the configuration is done using UCI. Unfortunately, OpenWrt UCI config generator scrip can't handle CA authentication for mosquitto bridges. For that reason, mosquitto have to be configured directly in
LAN setting is stored in
config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix 'fda1:a709:4c28::/48' config interface 'lan' option ifname 'eth0.1' option force_link '1' option type 'bridge' option proto 'static' option ipaddr <broker IP address> option netmask <network mask> option ip6assign '60' config switch option name 'switch0' option reset '1' option enable_vlan '1' config switch_vlan option device 'switch0' option vlan '1' option ports '0 6t' config 'route' option 'interface' 'lan' option 'target' '0.0.0.0' option 'netmask' '0.0.0.0' option 'gateway' <address of your gateway> option 'metric' '100'
Adjust following options based on your needs:
config interface lansection:
ipaddr- IP address of your broker in the network.
netmask- Network mask.
gateway- IP address of default gateway.
DHCP have to be configured to resolve central broker hostname to IP address. This is necessary for establishing SSL connection.
Add following line to
<IP address> central-broker
<IP address> with actual public IP address o your central broker.
To properly configure mosquitto, you have to create configuration file and provide CA and cert files.
At first, create mosquitto configuration directory tree:
root@OpenWrt:~# mkdir -p /etc/mosquitto/ca_certificates /etc/mosquitto/certs
Create configuration file
# listen port listener 1883 # bridge configuration connection central-broker address central-broker:1883 clientid <bridge ID> topic # both 0 "" <bridge topic> bridge_cafile /etc/mosquitto/ca_certificates/ca.crt bridge_certfile <cert file> bridge_keyfile <keyfile> # authentication username <username> password <password>
Configuration file defines several options. These option can be explained more in detail:
connection- Bridge connection name and start of bridge section. It can be any string.
address- Central broker hostname and port. This hostname must be configured in
/etc/hostsor operating system must be able to resolve it using DNS.
Following configuration options must be adjusted based on your needs:
clientid- Bridge client ID for central broker. This should be unique string across all other local brokers. For example:
topic- Specify prepended MQTT topic. It must ends with
/. For example:
bridge_certfile- Absolute path to your
*.crtfile. For example:
bridge_keyfile- Absolute path to your
*.keyfile. For example:
username- Bridge username.
password- Bridge password.
Last thing what needs to be done is provide CA and cert files. You can fin instruction how to generate them on certificates page.
Copy following files to your broker using SCP:
Make sure that mosquitto can read all necessary file:
root@OpenWrt:~# chmod -R +r /etc/mosquitto