OpenThread Border Router (OTBR)
Overview
Section titled “Overview”The OpenThread Border Router (OTBR) provides connectivity between the Thread network and the infrastructure network (Ethernet/Wi-Fi). It allows Matter-over-Thread devices to communicate with Home Assistant and the internet.
In this homelab, we use the native NixOS service for OTBR. It manages a SONOFF Dongle Max (Dongle-M) connected via USB.
Hardware Configuration
Section titled “Hardware Configuration”- Controller: SONOFF Dongle Max (Dongle-M)
- Mode: Thread RCP (Radio Co-Processor)
- Connection: USB (Serial)
- Device Path:
/dev/serial/by-id/usb-SONOFF_SONOFF_Dongle_Max_MG24_...
[!WARNING] If the dongle is in Thread RCP mode, it cannot be used for Zigbee at the same time. Ensure
Zigbee2MQTTuses a different radio.
Architecture
Section titled “Architecture”The OTBR service consists of two main components:
- otbr-agent: The core service that manages the Thread radio and the
wpan0virtual interface. - otbr-web: A web-based dashboard for managing the Thread network (Join, Form, Status).
Network Integration
Section titled “Network Integration”The OTBR is connected to the Eero network (via the host’s enp1s0 interface). This allows it to participate in a larger Thread mesh with Alexa and Eero devices.
Ports & Access
Section titled “Ports & Access”| Service | Port | Access |
|---|---|---|
| Web UI | 8091 | http://nixos.local:8091 or https://otbr-home.javiersc.com |
| REST API | 8081 | Internal use |
NixOS Configuration
Section titled “NixOS Configuration”The service is defined in modules/nixos/services/open-thread-border-router.nix.
services.openthread-border-router = { enable = true; backboneInterfaces = [ "enp1s0" ]; radio = { device = "/dev/serial/by-id/usb-SONOFF_SONOFF_Dongle_Max_MG24_..."; baudRate = 115200; };};Troubleshooting
Section titled “Troubleshooting”Failed to secure wpan0 / File exists
Section titled “Failed to secure wpan0 / File exists”This error occurs if systemd-networkd tries to manage the wpan0 interface before the OTBR agent.
Fix: Ensure systemd.network.networks."99-wpan0".linkConfig.Unmanaged = true; is set in modules/nixos/system/network.nix.
Web UI is inaccessible
Section titled “Web UI is inaccessible”If the web UI is not responding:
- Verify the service is running:
systemctl status openthread-border-router. - Check the firewall: The service automatically opens the necessary ports (
8091,8081) for the local network. - Ensure you are on the Eero network.
Checking Logs
Section titled “Checking Logs”sudo journalctl -u otbr-agent -fBackup
Section titled “Backup”The Thread network state (keys, dataset) is stored in /var/lib/otbr-agent and is included in the daily Restic backups.