Transform the Raspberry Pi into a wireless network card (3) -----share the wireless network, convert the wireless network into a wired network, and let the wired network device connect to the wireless network

Enterprise 2023-06-21 21:20:35 views: null

This article directory

The current wireless routers are very cheap, so in fact, except for special requirements such as building a VPN, no one will use a Raspberry Pi or other hosts with Linux systems installed to configure them as wireless routers. There are some old-fashioned devices without a wireless network card or a USB interface, so you cannot simply expand a wireless network card through the USB interface, and you can only access the Internet through a wired network card. However, wireless routers are usually installed in places where it is not convenient to connect to network cables, so we sometimes need to share wireless networks or convert wireless networks into wired Ethernet networks. As shown below:

                                                     +- RPi -------+          +- old pc1----+
                                                     |         Eth0+----------+ Eth0        |    
                 +- Router ----+                     |  DHCP server|          | 10.0.0.10   |
                 | Firewall    |                     |   10.0.0.1  |          |             |
(Internet)---WAN-+ DHCP server +-WLAN AP-+-)))   (((-+ WLAN        |          +-------------+
                 | 192.168.3.1 |                     |             |          
                 +-------------+                     |             |   
                                                     |             |
                                                     |             |                                                     
                                                     +-------------+

It is equivalent to adding a wireless network card to an old-fashioned device.
It boils down to the following 4 steps:

  1. Enable IP forwarding function
  2. Enable SNAT/IP masquerading
  3. Configure a static IP for the network card
  4. Enable DHCP and DNS

The method described in this document has been tested on the latest Raspberry Pi OS bullseys + Raspberry Pi zero W.

1. Preparation

  1. Administrator privileges on the Raspberry Pi
  2. Preferably, by directly connecting the screen and keyboard to the Raspberry Pi's local access mode (so as not to interrupt the ssh connection due to the change of ip during the setup process)
  3. The Raspberry Pi is connected to Ethernet and boots normally
  4. Upgrade to the latest Raspberry Pi OS, and if you installed a package during this configuration, remember to restart the Raspberry Pi to make sure the installation completed correctly.
  5. The current network configuration is:
  6. IP configuration of the Ethernet network connected to the Raspberry Pi:
    The IP network 10.10.0.1/24 is configured on the Ethernet LAN, and the Raspberry Pi will be connected to the wireless network of 192.168.3.1/24.
  7. Have a wired Ethernet client device ready, such as a laptop, smartphone, etc., for testing.

2. Install DNS and configuration management software

  1. In order to provide network management services (DNS, DHCP) to older wired Ethernet clients, the Raspberry Pi needs to install the package dnsmasq:
sudo apt install dnsmasq
  1. Install netfilter-persistent and its plugin iptables-persistent. These two programs are used to save firewall rules and restore them when the Raspberry Pi boots:
sudo apt install -y netfilter-persistent iptables-persistent

3. Set the network routing function

In this configuration, the Raspberry Pi provides routing functions between the wireless network and the Ethernet network, accesses the wireless network, and converts the wireless network into a wired network, or shares the wireless network with wired clients, providing limited clients with internet access.

3.1, Raspberry Pi's wired network interface IP configuration

The Raspberry Pi runs a DHCP server for the wired network; the wired NIC eth0 of the Raspberry Pi needs to be configured with a static IP. At this time, the Raspberry Pi is used as a router on this new network, and it is generally configured as the first IP address in this IP subnet: 10.0.0.1.

We need to modify the configuration file dhcpcd:

sudo vi /etc/dhcpcd.conf

Add the following at the end of the file:

interface eth0
    static ip_address=10.0.0.1/24

3.2. Enable routing and IP masquerading

Configure the Raspberry Pi so that wired clients can access computers on the main network or access the Internet over the wireless network. We need to enable IP forwarding (allowing traffic to flow from one network to another in the Raspberry Pi), create a file with the following command:

sudo vi /etc/sysctl.d/routed-ap.conf

The content of the file is as follows (enable the forwarding function of IPv4)):

# Enable IPv4 routing
net.ipv4.ip_forward=1

After the IP forwarding function is enabled, because we cannot modify the configuration of the main router, in order to allow the wired terminals of the 10 network segment to access the external network, the Raspberry Pi needs to enable the IP "masquerade" function, and replace the IP address of the wired terminal with its own in the wireless network. IP address 192.168.3.xx on the network.

  • From the upstream direction, the Raspberry Pi will replace all the data from the wired terminal with the IP address of its own WLAN, so for the main router, it only sees the data of the IP address of the Raspberry Pi.
  • From the perspective of the downlink direction, the Raspberry Pi will replace the external data back to the IP address of each wired terminal, and send the data to the wired terminal

We need to enable IP masquerading on the Raspberry Pi, which is the NAT function:

sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Save and automatically enable this IP masquerading function at system startup through the netfilter-persistent service

sudo netfilter-persistent save

Note that this NAT rule is saved in the directory /etc/iptables/.

3.3. Configuring DHCP and DNS services for wired networks

The dnsmasq installed earlier provides DHCP and DNS services. The default configuration file template is very large, but we only need a small function in it, so here we choose to add configuration from an empty file, which is easier.

Back up the original configuration template file and create an empty configuration file:

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
sudo vi /etc/dnsmasq.conf

Add the following to the file and save it:

interface=eth0 # Listening interface
dhcp-range=10.0.0.2,10.0.0.20,255.255.255.0,24h
                # Pool of IP addresses served via DHCP
domain=eth0     # Local wireless DNS domain
address=/gw.eth0/10.0.0.1
                # Alias for this router

The Raspberry Pi will choose an IP between 10.0.0.2 and 10.0.0.20 to provide an IP address for the wired terminal, and the lease time is 24 hours.

4. Run

Reboot the Raspberry Pi and test if the wired access point is available.

sudo systemctl reboot

After the Raspberry Pi is restarted, the wired client will be automatically assigned an IP address of 10 network segments. You can also access the Internet normally.

5. Advanced – add two Ethernet ports to the same bridge

Our Raspberry Pi has two Ethernet ports, as shown in the figure below, so a better solution that is more consistent with a home router is:

  • Use both network cards, in order to allow blind insertion of the two Ethernet cards, any network port connected to it can be assigned the IP address of the 10.0.0.0/24 network segment.
  • Let the two network cards join the bridge, and the data between each other can be forwarded directly on the second layer, which is equivalent to forming two LAN ports, so that the two LAN ports can have a layer-2 switching function.

insert image description here

The topology diagram is as follows:
insert image description here

                                                     +- RPi -------+          +- old pc1----+
                                                     |         Eth0+----------+ Eth0        |    
                 +- Router ----+                     |  DHCP server|          | 10.0.0.10   |
                 | Firewall    |                     |   10.0.0.1  |          |             |
(Internet)---WAN-+ DHCP server +-WLAN AP-+-)))   (((-+ WLAN        |          +-------------+
                 | 192.168.3.1 |                     |             |          
                 +-------------+                     |             |          +- old pc2----+
                                                     |         Eth1+----------+ Eth0        |   
                                                     |             |          | 10.0.0.4    |                                                       
                                                     +-------------+          |             |
                                                                              +-------------+
  1. Add the two network cards eth0 and eth1 to the bridge br0
    and put the following three files in the /etc/systemd/network directory
ls -l /etc/systemd/network/br*
-rw-r--r-- 1 root root 40 May 22 21:19 /etc/systemd/network/br0-menber-eth0.network
-rw-r--r-- 1 root root 40 May 22 21:19 /etc/systemd/network/br0-menber-eth1.network
-rw-r--r-- 1 root root 30 May 22 21:19 /etc/systemd/network/bridge-br0.netdev

The contents of the files are:


cat /etc/systemd/network/br0-menber-eth0.network
[Match]
Name=eth0

[Network]
Bridge=br0
cat /etc/systemd/network/br0-menber-eth1.network
[Match]
Name=eth1

[Network]
Bridge=br0
cat /etc/systemd/network/bridge-br0.netdev
[NetDev]
Name=br0
Kind=bridge
  1. Start the systemd/networkd service
sudo systemctl enable systemd-networkd
  1. Let the dhcp server work on the virtual br0 interface

Add the following content to the /etc/dhcpcd.conf file

denyinterface eth0
denyinterface eth1

interface br0
static ip_address=10.0.0.1/24

Add the following to the /etc/dnsmasq.conf file

cat /etc/dnsmasq.conf
interface=br0 # Listening interface
dhcp-range=10.0.0.2,10.0.0.10,255.255.255.0,24h
                # Pool of IP addresses served via DHCP
domain=br0    # Local wireless DNS domain
address=/gw.br0/10.0.0.1
                # Alias for this router

After restarting, you can upgrade to the high-level bridge solution.

Guess you like

Origin blog.csdn.net/meihualing/article/details/130755346
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com