When is it time to update OpenWRT on a router?

Am using OpenWRT/LEDE on a great deal of various routers (the work they do is amazing!) and the open firmware works faster and better than the factory fw.

However, they don't release anymore "stable" version, (the last is 18.06.2), since the "joint venture" with LEDE.

The reason given was basically that with so many routers supported, people should carefully install the latest available snapshot. "Carefully" because the soft evolves, add features and fix bugs, and the team doesn't test all routers after each change (obviously) ; so a new version might not fit within the memory/flash constraints of such and such router after a change (there could be some regression as well).

The routers work ok, and I chose not to (take the risk to) update anymore, but maybe I'm missing new interesting features, or some performance gain (or bug fixes)?

Is there a better recommended "policy" to follow, regarding OpenWRT/LEDE updates? Any advice on when to update?

Ring Ø

Posted 2019-05-02T05:23:29.093

Reputation: 483

1"If it ain't broke, don't fix it" : If your routers are working well, you are missing nothing and why take the risk of updating? There are no rules where a hobbyist product like OpenWRT is concerned, and no quality-assurance. In addition, upgrading internal Flash would only degrade it faster, so to be avoided. – harrymc – 2019-05-04T15:34:00.813

"missing nothing" is not correct. Last autumn I chose to upgrade and the router performance went definitely up. Also, they add and/or improve features. But, this is the point of the question, it's indeed taking a risk (regression...). As for "upgrading flash degrades it", Flash chips do indeed degrade when written a lot, so, sure if I'd made many upgrades a day, but we're talking about once or twice a year... – Ring Ø – 2019-05-07T23:52:44.763

Answers

I don't think there is a official policy for OpenWRT devices. My rule of a thumb, is to do it quaterly/half a year (depending on your time schedule and if you also have time to test it) or if there is an outbreak of some nasty stuff like some worm or some kind of attack that is used in the wild.

It takes time to monitor it, so I would recommend some RSS reader/agregator or visiting some of your favourite security site you read regularly.

tukan

Posted 2019-05-02T05:23:29.093

Reputation: 1 274

Generally, there are some reasons why you update a software:

Bug fixes
Performance enhancements
New features
Security fixes/improvements/..

Personally I think the first three points can be decided on personal need or personal interest. If you are pleased with the current version regarding to speed and features, I think there is no need to upgrade/update. You may want to take a look at the latest added features or changes and decide if you are willing to take the risk.

But a clear reason to update is when it comes to security. Additionally, this is a 'critical' device, since it is directly accessible from the internet. You should monitor the CVEs for your version and check them regularly. Take a look at security websites which report when it comes to new vulnerabilities.

pudi

Posted 2019-05-02T05:23:29.093

Reputation: 11