There are so many links in the internet which explains on how to convert your development board (in this case Raspberry PI3) into a WiFi router. I am going to explain my version of the same and with few additional details particularly for providing IPv6 addresses
to the clients who wants to connect to this router.
pi@raspberrypi:~ $ uname -a
Linux raspberrypi 4.11.0-rc6-v8+ #1 SMP PREEMPT Tue Apr 11 11:47:17 IST 2017 aarch64 GNU/Linux
Yes, Am still running my custom build 64-bit kernel on the RPI3. Pls note am using SSH to access my RPI3 as I don’t have serial access to it.
hostapd is a user space daemon for access point and authentication servers. It is designed to be a “daemon” program that runs in the background and acts as the backend component controlling authentication.It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS authentication server.
Package installation – hostapd
pi@raspberrypi:~ $ sudo apt-get install hostapd
Dnsmasq is a Dynamic Host Configuration Protocol (DHCP) server and Domain Name System (DNS) forwarder for small computer networks particularly much useful in embedded devices as it has low system requirements. Its DHCP server supports static and dynamic DHCP leases, multiple networks and IP address ranges.It supports modern Internet standards such as IPv6 and DNSSEC. The default config has so many options which can be very much useful while configuring dnsmasq.
Package installation – dnsmasq
pi@raspberrypi:~ $ sudo apt-get install dnsmasq
Configure the current network setup
To make sure wlan0 doesn’t get IP address using DHCP we need to edit the “/etc/dhcpcd.conf” file.
pi@raspberrypi:~ $ sudo vi /etc/dhcpcd.conf
We need to add the below line at the top of this config file:
This disables DHCP for the wlan0 interface.
Add static IPv4 and IPv6 address to the WLAN interface:
pi@raspberrypi:~ $ sudo vi /etc/network/interfaces
Now add these below entries into the above file:
iface wlan0 inet static
iface wlan0 inet6 static
#iface wlan0 inet manual
# wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
The above entries make sure that the wlan0 interface is statically assigned with these addresses on each cold boot/warm boot.
Restart the dhcpd service so that above changes reflect before proceeding further.
pi@raspberrypi:~ $ sudo service dhcpcd restart
pi@raspberrypi:~ $ sudo ifdown wlan0
pi@raspberrypi:~ $ sudo ifup wlan0
Now check the ip address of the wlan0 interface with ifconfig
pi@raspberrypi:~ $ ifconfig wlan0
wlan0 Link encap:Ethernet HWaddr b8:27:eb:ae:08:cb
inet addr:192.168.20.1 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: 2001:db8::101/64 Scope:Global
inet6 addr: fe80::ba27:ebff:feae:8cb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:17 errors:0 dropped:1 overruns:0 frame:0
TX packets:62 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:1997 (1.9 KiB) TX bytes:11138 (10.8 KiB)
Time to set up hostapd and dnsmasq
These two services are the actual work horses behind running RPI3 as WiFi router and then assigning IP addresses to the clients who wants to connect to it.
Pls create the below file if it does not exist and then add the details as given.
pi@raspberrypi:~ $ sudo vi /etc/hostapd/hostapd.conf
interface=wlan0 # WiFI interface name
ssid=RPI3 # SSID name – This can be chosen as per our wish
wpa_passphrase=012345678 # Password for the this network
hw_mode=g # Default mode 802.11g
channel=6 # This can also be chosen depending upon the channel availability
macaddr_acl=0 # Accept all MAC addresses
# 802.11n related configs and it ain’t mandatory.
ieee80211n=1 # Enables 802.11n
# Enables 40MHz channel support and Short GI of 400ns at 20MHz
To give more clarity on the configs, i have shared the details as comments. It is not needed to understand all the entries but some idea will be good enough. To make sure that this file is chosen as the default config file for hostapd we need to modify the “/etc/default/hostapd” file and add the below line into that file:
pi@raspberrypi:~ $ sudo vi /etc/default/hostapd
As shared above dnsmasq is the service which provides IP addresses to clients who wants to connect RPI3’s WiFi interface which is acting as WiFi router (master mode). We can take a back up of the default dnsmasq config file as it can be used for future reference.
Note: As per my experience this is one of the best config files which any package provides as it has all the needed details.
pi@raspberrypi:~ $ sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.backup
Edit the file and add the below contents as shared.
pi@raspberrypi:~ $ sudo vi /etc/dnsmasq.conf
interface=wlan0 # use interface wlan0
listen-address=192.168.20.1 # address to listen on
dhcp-range=192.168.20.50,192.168.20.150,12h # IPv4 range and lease time
dhcp-range=2001:db8::102, 2001:db8::247,12h # IPv6 range and lease time
bind-interfaces # bind to the interface
server=126.96.36.199 # Google DNS server
enable-ra # Enable router advertisement
We need to add a few iptables rules to make sure that the device is capable of transferring packets that comes to wlan0 interface (packets sent by client devices ) to the eth0 interface which is connected to the backbone. In other words, the ethernet interface is already connected to the backbone network and has access to the internet. With the below rules we are trying to make sure that whatever packets that is sent to the wlan0 interface by
the WiFi clients is sent to the ethernet interface which is in turn then sent out to the internet.
pi@raspberrypi:~ $ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
pi@raspberrypi:~ $ sudo iptables -A FORWARD -i eth0 -o wlan0 -m state –state RELATED,ESTABLISHED -j ACCEPT
pi@raspberrypi:~ $ sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
To keep the above rules persistent across reboots we need to save these iptable rules into a file and then edit “/etc/network/interfaces” file to load these rules when the interface is configured.
pi@raspberrypi:~ $ sudo iptables-save > iptables.wifi
Add the below line into “/etc/network/interfaces” file. This should be placed either under IPv4 config or IPv6 config. I have kept it under IPv6 config entry.
iface wlan0 inet6 static
pre-up iptables-restore < /home/pi/iptables.wifi
This will make sure that whenever the device is rebooted the iptable entries/rules are restored and there is no need to execute these commands manually.
Enable IP routing
Now lets inform the linux kernel to forward packets which in turn makes this device behave like a router. Open the file “/etc/sysctl.conf” and un-comment the line containing the below entry:
Again the above change will make sure that changes are persistent on reboots. You can also change this value temporarily by executing the below command:
pi@raspberrypi:~ $ sudo echo 0 > /proc/sys/net/ipv4/ip_forward
We can verify the change with the below command.
pi@raspberrypi:~ $ cat /proc/sys/net/ipv4/ip_forward
If the entry is shown as zero then the command was not executed properly.
To make sure all is working fine, we can start/restart the hostapd and dnsmasq services separately and check it. I did a complete reboot of the device to make sure all things are started nice and clean.
Scan and connect
I was able to scan using my mobile and then connect to RPI3’s WiFi interface and then access internet using it.