Sharing my OpenWrt setup for the R4

After a long time of deliberation, I finally decided to share my OpenWrt setup for the BPI-R4.

You can find it in my Smart Home repository and use it as inspiration for your own setup.

It uses the OpenWrt image builder and docker or podman on Windows to build the firmware that can be loaded onto the R4.

My setup includes five different networks: private (internal), guest, IoT (internet of things and smart home devices), container (for podman on the router) and vpn (wireguard).

And three different WiFi networks: private, guests and IoT devices.

It uses Cloudflare DNS as default and also encrypts DNS traffic using stubby. Cloudflare is also used for dynamic DNS to reach the router via domain name when your ISP doesn’t provide static IPs.

VPN is provided using wireguard. A script to add clients is included, if you don’t want to use Luci for that. It even prints out the QR code on the command line, if your terminal supports it. I didn’t know that was possible.

There is an environment file .env.example that shows all the configuration options that are available. Root password, ssh public key for connections from your PC, WiFi names (SSIDs) and passwords, and cloudflare and domain configuration.

The image build makes extensive use of the uci defaults feature to establish the desired system state after first boot. I chose those scripts over simply replacing the files in /etc/config, as this was suggested in the OpenWrt wiki.

Please let me know if this setup could be helpful for you. And if you have any questions, suggestions or issues when trying it yourself.

It requires a bit more technical knowledge compared to images provided by other members of the community, as I currently have not setup GitHub actions to automatically build the image.

Thank you for this, I appreciate it! This is pretty close to my manual builds (I just use openwrt firmware selector, use bpi-r4 image, and customize the packages).

Few differences from your repo;

• I install irqbalance and set the config to for irqbalance to avoid cpu0. This at least gets both ethernets to use CPU1/CPU3 for irq requests.
• Per another thread, I set the ondemand scaling governer a bit more.
  • echo 35 > /sys/devices/system/cpu/cpufreq/policy0/ondemand/up_threshold
  • echo 10 > /sys/devices/system/cpu/cpufreq/policy0/ondemand/sampling_down_factor
• I adjust the thermal profile of the lowest threshold a little lower (because the fan will turn off/on every 5 seconds because it traverses the threshold)
  • echo 35000 > /sys/devices/virtual/thermal/thermal_zone0/trip_point_4_temp

I also have it limited to 2gb RAM and use offload features. I don’t see this here yet (I can’t recall the settings).

One thing that I’m missing, and I didn’t see it in your repo, is how do you do crypto offload using the CPU accelerator? I’m not sure at the moment.

I haven’t heard about this yet. I thought this would be enabled by default?

So far, I don’t have any performance or thermal issues. But I’m not generating a lot of traffic. Would have to look at that fan, I thought it was just always on. CPU at 42.4°C currently.

Does the irq balancing help with network performance?

I haven’t heard about this yet. I thought this would be enabled by default?

I’ve seen other older images install other things and use this? I’m not 100% clear/sure.

So far, I don’t have any performance or thermal issues.

My setup, under defaults, would measure between 39500 and 40500 (default threshold is 40000). So it would just drive me crazy seeing it turn off and on. I thought that this might wear out the fan early so I just set it lower to keep it on without it cycling.

Does the irq balancing help with network performance?

I think so. I didn’t do any scientific measurements, but from past experiences spreading out the irq requests helps (generally keeping it off of CPU0 helps, because CPU0 is handling other things).