--- tags: - Raspberrycategories: - Linuxdate:created: 2020-08-11# updated: 2024-01-19---

Set Raspberry as WiFi Router¶

Convert Raspberry Pi 3B+ into a wifi wireless router Implement the following functions: 1. WiFi works in 802.11ac mode, 433Mbps Link Speed 2. WiFi network sharing Ethernet port, IPv4 uses NAT 3. External USB driver-free network card as LAN port

1. Update and install necessary software```¶

sudo apt-get update && upgrade sudo apt-get install hostapd dnsmasq

## 2. Turn on IPv4 forwarding```
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p

3. Configure a static IP for the network cardNeed to ensure that /etc/network/interface is not used to configure the network card### (1) Open /etc/dhcpcd.conf```¶

sudo vim /etc/dhcpcd.conf

### (2) Add the following content at the end of the file, save and exit```
interface eth0

interface wlan0
static ip_address=192.168.3.1/24
nohook wpa_supplicant

interface eth1
static ip_address=192.168.4.1/24
nohook wpa_supplicant

(3) Restart the dhcpcd service```¶

sudo systemctl restart dhcpcd.service

- eth0 automatically obtains an IP address, and wlan0 and eth1 are set to 192.168.3.1 and 192.168.4.1 respectively.
## 4. Configure DHCP server
### (1) Open /etc/dnsmasq.conf```
sudo vim /etc/dnsmasq.conf

(2) Add the following content at the end of the file, save and exit```¶

interface=wlan0 dhcp-range=192.168.3.100,192.168.3.200,255.255.255.0,24h interface=eht1 dhcp-range=192.168.4.100,192.168.4.200,255.255.255.0,24h

## 5. Configure hostapd### (1) Open /etc/hostapd/hostapd.conf```
sudo vim /etc/hostapd/hostapd.conf

(2) Enter the following content, save and exit```¶

interface=wlan0 driver=nl80211 hw_mode=a ieee80211n=1 ieee80211ac=1 ieee80211d=1 ieee80211h=1 require_ht=1 require_vht=1 wmm_enabled=1 country_code=US vht_oper_chwidth=1 channel=149 vht_oper_centr_freq_seg0_idx=155 ht_capab=[HT40-][HT40+][SHORT-GI-40][DSSS_CCK-40] wpa=2 wpa_key_mgmt=WPA-PSK rsn_pairwise=CCMP ssid=PI_WIFI wpa_passphrase=password

- In layman’s terms, ssid is the network name of Wi-Fi.
- wpa_passphrase is the Wi-Fi password
- ssid and wpa_passphrase can be changed at will, but be careful that wpa_passphrase is more than 8 bytes
- Generally speaking, there is no need to change the channel, because the frequency band available in China requires a continuous 80MHz bandwidth, and no matter how you adjust it, there is no way for two APs to have no overlapping frequency bands.
- The country_code must be present and must be US. I have tried changing it to CN but it cannot be started.
### (3) Write the configuration file path into the service configuration file

echo "DAEMON_CONF=\"/etc/hostapd/hostapd.conf\"" >> /etc/default/hostapd

### (4) Start hostapd and dnsmasq

sudo systemctl start hostapd sudo systemctl start dnsmasq

## 6. Enable IPv4 NAT in iptables### (1) Open /etc/rc.local```
sudo vim /etc/rc.local

(2) Add the following content before`Exit 0`, save and exit```¶

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

### (3) Execute rc.local script

sudo /etc/rc.local

## 7. About IPv6### (1) Additional software installation is required```
sudo apt-get install bridge-utils ebtables radvd -y

(2) Set up IPv6 forwarding¶

Edit the configuration file /etc/sysctl.conf and remove the comment from the following line net.ipv6.conf.all.forwarding=1

(3) Write the configuration file based on the globally unique IPv6 obtained by the actual network port¶

vim /etc/radvd.conf

interface wlan0
{
    AdvSendAdvert on;
    prefix 2001:da8:7001:251::/64
    {
        AdvOnLink on;
        AdvAutonomous on;
        AdvRouterAddr on;
    };
};

- 2001:da8:7001:251::/64is the IPv6 address corresponding toScope:Globalobtained throughifconfig

(4) Configure automatic startup at bootEdit`/etc/rc.local````¶

iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o ppp0 -j MASQUERADE service radvd start ebtables -t broute -A BROUTING -p ! ipv6 -j DROP brctl addbr br0 ifconfig br0 up brctl addif br0 eth0 brctl addif br0 wlan0 `` - There is a compatibility issue here [ebtables], ebtables needs to be set Enterupdate-alternatives --set ebtables /usr/sbin/ebtables-legacy`in the command line. The main problem is that the new version of ebtalbes is incompatible with the command and you need to switch to the old version of the program.

(5)WARNING!After turning on IPv6 transparent transmission, there are network problems, and the cause of the problem is unknown.¶

The main phenomenon is that the docker network is completely down (maybe because of the host's network settings, maybe using Bridge)

Ref¶

[1]. Ubuntu dependency resolution and installation [2]. Linux-A brief analysis of text processing commands