Raspberry Pi Forums • Dual Band WiFi Router with Open Media Vault 5 on Ubuntu Eoan

Page 1 of 1

Dual Band WiFi Router with Open Media Vault 5 on Ubuntu Eoan

Posted: Tue May 05, 2020 8:15 pm

by crazyone

Hello all,

This is my first post to the Pi Forums. Comments on how to improve this or where to post this is very welcomed! Below are details on how I setup a Pi4 w/ 2GB as a Dual Band WiFi router with OpenMediaVault 5 server. Follow this guide at your own risk.

Features:

WAN Access (Internal Ethernet Port / DHCP)
LAN Access (Bridged: USB Gigabit / 2.4Ghz / 5.0Ghz) Seamless network between wired and wireless networks.
Network Traffic Control with Cake
Guest Access (Internal 5.0Ghz)
Dual RAID 1 (mirrored) drives
Open Media Vault 5.x (At this time OVM does not run on Ubuntu Focal)
Ubuntu Server 19.10 (Eoan)
Apple TimeMachine Support

Hardware Setup:

Pi4 w/ 2GB
Vantec NexStar GX USB3.0 Dual 2.5" SATA RAID HD Enclosure
2 Seagate 2.5" 2TB Firecuda Hard Drives
2 TP-Link Archer T2U Plus USB WiFi Adapters
1 Anker USB Gigabit Ethernet adapter
SanDisk Extreme 32GB MicroSD card
2 USB power supplies (3+ amps each)
USB cables. Note: the power line on the USB cable to the HD needs to be cut; otherwise the Pi4 won't startup/reboot. Or you can use a powered hub that doesn't back-power the pi.

PORTS:
USB 3.0 - 1 ---> Vantec Case
USB 3.0 - 2 ---> Anker USB Ethernet
USB 2.0 -1 ---> TP-Link T2U Plus
USB 2.0 -2 ---> TP-Link T2U Plus

Software:

Download: http://cdimage.ubuntu.com/releases/eoan ... pi3.img.xz
Connect the Pi4 to a DHCP network via ethernet. Upon first boot after installing Ubuntu Server 19.10 for Raspberry pi it will self update (~30 minutes). Then login:
Code: Select all
```
sudo apt update && sudo apt upgrade -y
sudo dpkg-reconfigure locales
sudo dpkg-reconfigure tzdata
sudo apt install iw dkms bmon nload iptraf iotop hostapd
sudo reboot now
```

Install TP-Link T2U Plus Driver (rtl8812au)

Code: Select all

sudo apt-get install rtl8812au-dkms

or

sudo apt-get update
sudo apt-get install build-essential bc libelf-dev linux-headers-`uname -r`
git clone https://github.com/aircrack-ng/rtl8812au.git
cd rtl8812au/
sudo ./dkms-install.sh

Disable cloud-init & netplan:

Code: Select all

sudo touch /etc/cloud/cloud-init.disabled
sudo nano /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
	network: {config: disabled}

sudo rm -rf /etc/netplan/*

Set Network Interface Identities:
The problem with network interfaces is that upon reboots, their names may be switched. The following uses their MAC addresses to identify them. For each of the network interfaces (eth0, eth1, wlan0, wlan1, wlan2) rename them to something that the system does NOT use.
You may need to disable some rules:
Code: Select all
```
cd /lib/systemd/network
sudo mv 99-default.link 99-default.link.old
sudo mv 73-usb-net-by-mac.link 73-usb-net-by-mac.link.old
```
For each interface create a file in /etc/systemd/network as exampled below:

eth0 ---> inteth0
eth1 ---> usbeth1
wlan0 ---> intwlan0
wlan1 ---> usbwlan1
wlan2 ---> usbwlan2
Code: Select all
```
sudo nano /etc/systemd/network/10-inteth0.link
	[Match]
	MACAddress=xx:xx:xx:xx:xx:xx

	[Link]
	Description=Internal Ethernet
	Name=inteth0
```

Configure Network Interfaces:

WAN:

Code: Select all

sudo nano /etc/systemd/network/50-inteth0.network 
	[Match]
	Name=inteth0

	[Link]
	RequiredForOnline=no

	[Network]
	DHCP=ipv4
	IPForward=yes
	LinkLocalAddressing=ipv6

Guest Network:

Code: Select all

sudo nano /etc/systemd/network/50-intwlan0.network
	[Match]
	Name=intwlan0

	[Network]
	Address=192.168.50.1/24
	DHCPServer=true
	IPMasquerade=true
	IPForward=true

	[DHCPServer]
	PoolOffset=100
	PoolSize=100
	EmitDNS=yes
	#DNS=8.8.8.8

Create Virtual Bridge:

Code: Select all

sudo nano /etc/systemd/network/49-br0.netdev
	[NetDev]
	Name=br0
	Kind=bridge

Bind LANs to Bridge:

Code: Select all

sudo nano /etc/systemd/network/50-usbeth1.network
	[Match]
	Name=usbeth1

	[Network]
	Bridge=br0

sudo nano /etc/systemd/network/50-usbwlan1.network
	[Match]
	Name=usbwlan1

	[Network]
	Bridge=br0

sudo nano /etc/systemd/network/50-usbwlan2.network
	[Match]
	Name=usbwlan2

	[Network]
	Bridge=br0

Configure Bridge Network:

Code: Select all

sudo nano /etc/systemd/network/60-br0.network
	[Match]
	Name=br0

	[Network]
	Address=192.168.5.1/24
	DHCPServer=true
	IPMasquerade=true
	IPForward=true

	[DHCPServer]
	PoolOffset=100
	PoolSize=100
	EmitDNS=yes
	#DNS=8.8.8.8

Configure hostapd:
ht_capab & vht_capab are essential if you want to enable fast WiFi connections. The 2.4 & 5Ghz are only the carrier bands. They do not determine connection speeds. However, different adapters have different capabilities.

To determine your WiFi Adapter's Capabilities and use the following link to help set them in your hostapd.conf file: https://w1.fi/cgit/hostap/plain/hostapd/hostapd.conf

Code: Select all

iw list

Guest Network 5Ghz: (Remember to change the SSID and wpa_passphrase)

Code: Select all

sudo nano /etc/hostapd/hostapd-intwlan0.conf 
	#(Raspberry PI4 Internal WiFi)
	#Interface
	interface=intwlan0
	driver=nl80211
	country_code=US

	# SSID
	ssid=Your SSID

	# Bit field: bit0 = WPA, bit1 = WPA2
	wpa=2

	# Set of accepted key managment algorithms
	wpa_key_mgmt=WPA-PSK
	wpa_passphrase=somethingstrong

	# Set of accepted cipher suites; disabling insecure TKIP
	rsn_pairwise=CCMP

	# mac address access control list
	macaddr_acl=0

	# hostapd event logger configuration
	#logger_syslog=0
	#logger_syslog_level=4
	#logger_stdout=-1
	#logger_stdout_level=0

	# Operation mode (a = IEEE 802.11a (5 GHz), b = IEEE 802.11b (2.4 GHz)
	hw_mode=a

	## QoS support
	wmm_enabled=1

	# N
	ieee80211n=1
	require_ht=0
	ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

	# AC
	ieee80211ac=0
	require_vht=0
	ieee80211d=0
	ieee80211h=0
	vht_capab=[MAX-MPDU-3895][SHORT-GI-80][SU-BEAMFORMEE]
	vht_oper_chwidth=1
	channel=36
	vht_oper_centr_freq_seg0_idx=42

5Ghz LAN: (Remember to change the SSID and wpa_passphrase)

Code: Select all

sudo nano /etc/hostapd/hostapd-usbwlan1.conf 
	#(TP-Link T2U-Plus rtl8812au WiFi)
	#Interface
	interface=usbwlan1
	bridge=br0
	driver=nl80211
	country_code=US

	# SSID
	ssid=UniqueSSID_5GHz

	# Bit field: bit0 = WPA, bit1 = WPA2
	wpa=2

	# Set of accepted key management algorithms
	wpa_key_mgmt=WPA-PSK
	wpa_passphrase=SomethingStronger

	# Set of accepted cipher suites; disabling insecure TKIP
	rsn_pairwise=CCMP

	# mac address access contorl list
	macaddr_acl=0

	# hostapd event logger configuration
	#logger_syslog=0
	#logger_syslog_level=4
	#logger_stdout=-1
	#logger_stdout_level=0

	# Operation mode (a = IEEE 802.11a (5 GHz), b = IEEE 802.11b (2.4 GHz)
	hw_mode=a
	## QoS support
	wmm_enabled=1

	# N
	ieee80211n=1
	require_ht=0
	ht_capab=[GF][RX-STBC1][MAX-AMSDU-7935][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

	# AC
	ieee80211ac=1
	require_vht=0
	ieee80211d=0
	ieee80211h=0
	vht_capab=[MAX-MPDU-11454][SHORT-GI-80][SU-BEAMFORMEE][HTC-VHT]
	vht_oper_chwidth=1
	channel=157
	vht_oper_centr_freq_seg0_idx=163

2.4Ghz LAN: (Remember to change the SSID and wpa_passphrase)

Code: Select all

sudo nano /etc/hostapd/hostapd-usbwlan2.conf 
	#(TP-Link T2U-Plus rtl8812au WiFi)
	#Interface
	interface=usbwlan2
	bridge=br0
	driver=nl80211
	country_code=US

	# SSID
	ssid=UniqueSSID

	# Bit field: bit0 = WPA, bit1 = WPA2
	wpa=2

	# Set of accepted key management algorithms
	wpa_key_mgmt=WPA-PSK
	wpa_passphrase=SomethingStonger

	# Set of accepted cipher suites; disabling insecure TKIP
	rsn_pairwise=CCMP

	# mac address access contorl list
	macaddr_acl=0

	# hostapd event logger configuration
	#logger_syslog=0
	#logger_syslog_level=4
	#logger_stdout=-1
	#logger_stdout_level=0

	# Operation mode (a = IEEE 802.11a (5 GHz), b = IEEE 802.11b (2.4 GHz)
	hw_mode=g
	## QoS support
	wmm_enabled=1

	# N
	ieee80211n=1
	require_ht=0
	ht_capab=[GF][RX-STBC1][MAX-AMSDU-7935][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

	# AC
	#ieee80211ac=1
	#require_vht=0
	ieee80211d=0
	ieee80211h=0
	#vht_capab=[MAX-MPDU-11454][SHORT-GI-80][SU-BEAMFORMEE][HTC-VHT]
	#vht_oper_chwidth=1
	channel=7
	#vht_oper_centr_freq_seg0_idx=163

Configure hostapd.service. Due to a bug in hostapd for calling multiple hostapd.conf files, we are going to edit the .service file directly. Please NOTE that software updates could easily delete your configuration. I chmod 444 the service file in hopes of preventing a write over of the file, I don't know if it will work. There's probably a better way.

Code: Select all

sudo nano /lib/systemd/system/hostapd.service
	[Unit]
	Description=Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
	After=network.target

	[Service]
	Type=forking
	PIDFile=/run/hostapd.pid
	Restart=on-failure
	RestartSec=2
	#Environment=DAEMON_CONF=/etc/hostapd/hostapd.conf
	EnvironmentFile=-/etc/default/hostapd
	#ExecStart=/usr/sbin/hostapd -B -P /run/hostapd.pid -B $DAEMON_OPTS $DAEMON_CONF
	ExecStart=/usr/sbin/hostapd -B -P /run/hostapd.pid -B /etc/hostapd/hostapd-intwlan0.conf /etc/hostapd/hostapd-usbwlan1.conf /etc/hostapd/hostapd-usbwlan2.conf

	[Install]
	WantedBy=multi-user.target 
	
sudo mv /lib/systemd/system/hostapd@.service /lib/systemd/system/hostapd@.bak
sudo systemctl daemon-reload
sudo systemctl unmask hostapd
sudo systemctl enable hostapd

Network Traffic Shaping with Cake:
This is experimental!!! (Not required).
Adjust TrafficControl.sh to your internet upload speeds. In my case I have a 2Mbit upload.

Code: Select all

sudo nano /etc/systemd/system/TrafficShaper.service
	[Unit]
	Description=Traffic Control Cake
	After=network.target
	After=systemd-user-sessions.service
	After=network-online.target
	After=hostapd.service

	[Service]
	ExecStart=/opt/TrafficControl/TrafficControl.sh

	[Install]
	WantedBy=multi-user.target


sudo mkdir /opt/TrafficControl
sudo nano /opt/TrafficControl/TrafficControl.sh
	#!/bin/bash
	sudo tc qdisc add root dev inteth0 cake bandwidth 2Mbit ethernet lan diffserv4
	sudo iw usbwlan1 set txpower fixed 3000 #increase the 5Ghz WiFi to 30mW (Follow local laws)
	sudo iw usbwlan2 set txpower fixed 3000 #increase the 2.4Ghz WiFi to  30mW (Follow local laws)

sudo chmod +x /opt/TrafficControl/TrafficControl.sh 
sudo systemctl enable TrafficShaper.service

Reboot and verify that the the router is working as expected. At this point you should have a full functioning WiFi Router / Access Point.
Code: Select all
```
sudo reboot now
ip a
iw dev
tc -s qdisc show dev inteth0
```

Install OMV5:
Download the OMV install script. The script needs to be updated to work with this setup:

Code: Select all

cd
wget -O OMV5-Install.sh  https://github.com/OpenMediaVault-Plugin-Developers/installScript/raw/master/install
nano OMV5-Install.sh

Edit 1: change pi -> ubuntu

Code: Select all

if getent passwd ubuntu > /dev/null; then
  echo "Adding ubuntu user to ssh group ..."
  usermod -a -G ssh ubuntu
fi

Edit 2: Delete the following code (at the bottom of the install script):

Code: Select all

# remove networkmanager and dhcpcd5 then configure networkd
if [ ${version} -gt 4 ]; then
  defLink="/etc/systemd/network/99-default.link"
  if [ -e "${defLink}" ]; then
    rm -f "${defLink}"
  fi
  nic="eth0"
  if grep -qw "${nic}" /proc/net/dev; then
    echo "Removing network-manager and dhcpcd5 ..."
    apt-get -y --autoremove purge network-manager dhcpcd5

    echo "Disable predictive network adapter name ..."
    rule="/etc/udev/rules.d/80-net-setup-link.rules"
    if [ -e "${rule}" ]; then
      rm -f ${rule}
    fi
    ln -s /dev/null /etc/udev/rules.d/80-net-setup-link.rules

    echo "Enable and start systemd-resolved ..."
    systemctl enable systemd-resolved
    systemctl start systemd-resolved
    rm /etc/resolv.conf
    ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

    echo "Configure ${nic} to use networkd ..."
    mkdir -p /etc/netplan

    cat <<EOF > "/etc/netplan/10-openmediavault-default.yaml"
network:
  version: 2
  renderer: networkd
EOF

    cat <<EOF > "/etc/netplan/20-openmediavault-${nic,,}.yaml"
network:
  ethernets:
    ${nic,,}:
      accept-ra: true
      dhcp4: true
      dhcp6: true
EOF

    echo "Applying netplan ..."
    netplan apply

    echo "It is recommended to reboot and then setup the network adapter in the openmediavault web interface."
  fi
fi

Install OMV5 (takes about 25 minutes):

Code: Select all

chmod +x OMV5-Install.sh
sudo ./OMV5-Install.sh

Finally, using the web interface log into OMV and configure the drives, drive file system, users, shares, etc... (Just remember to NOT configure the network through OMV!!!).
https://openmediavault.readthedocs.io/en/5.x/

My personal setup. Created 2 SMB shares:
-TimeCapsule (non-browsable, Time Machine support). This creates a hidden share that Time Machine can see and backup to.
-Data (browsable). Normal shared volume.

Hints on configuring SMB Extra Options:
Binding SMB so that only LAN can see it. Guest and WAN can't access it.

Code: Select all

bind interfaces only = yes
interfaces = lo br0
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=65535 SO_RCVBUF=65535
read raw = yes
write raw = yes
min receivefile size = 16384
write cache size = 524288
getwd cache = yes

Re: Dual Band WiFi Router with Open Media Vault 5 on Ubuntu Eoan

Posted: Tue May 19, 2020 8:36 pm

by crazyone

Update:

After using this for several weeks and testing, there is a stability issue with the Wifi Adapters. It happens when a device is on the edge of the range of the Wifi zone. It will abruptly locks up the Pi. I thought it was a power issue, but it's not.

It's a driver issue. The Wifi adapter chipset is the RTL8811AU. I couldn't find a dedicated driver for this chipset. The chip is added to the RTL8821AU definition of the RTL8812AU driver. Development of this portion of the driver is not mature yet (from my searching).

However, it is stable if you are near it. I've transferred terabytes of data through Wifi. It's only when my mobile devices come and go from the wifi zone that's a problem. I am now looking for a WiFi adapter with an RTL8812AU chipset. I've also tried the MT7612U chipset (Netgear A6210), but had disconnection problems in AP mode.

Or if you have suggestions for another wifi chipset please post!

Re: Dual Band WiFi Router with Open Media Vault 5 on Ubuntu Eoan

Posted: Fri May 29, 2020 5:00 am

by crazyone

Update 2:

1) Switched the USB WiFi adapters for 2X Linksys WUSB6300 (RTL8812AU Chipset), works as intended and stable. Also the Linksys supports 2X MIMO. Definitely saturating the USB 2.0 bandwidth. Below is the updated hostapd-*****.conf file to support MIMO.

Code: Select all

#(rtl8812au WiFi)
#Interface
interface=usbwlan1
bridge=br0
driver=nl80211
country_code=US

# SSID
ssid=yourepicdomain

# Bit field: bit0 = WPA, bit1 = WPA2
wpa=2

# Set of accepted key management algorithms
wpa_key_mgmt=WPA-PSK
wpa_passphrase=yoursupersecretpassword

# Set of accepted cipher suites; disabling insecure TKIP
rsn_pairwise=CCMP

# mac address access contorl list
macaddr_acl=0

# hostapd event logger configuration
#logger_syslog=0
#logger_syslog_level=4
#logger_stdout=-1
#logger_stdout_level=0

# Operation mode (a = IEEE 802.11a (5 GHz), b = IEEE 802.11b (2.4 GHz)
hw_mode=a
## QoS support
wmm_enabled=1

# N
ieee80211n=1
require_ht=0
ht_capab=[HT40+][GF][SHORT-GI-20][SHORT-GI-40][RX-STBC12][MAX-AMSDU-7935][DSSS_CCK-40][MAX-A-MPDU-LEN-EXP3]

# AC
ieee80211ac=1
require_vht=0
ieee80211d=0
ieee80211h=0
vht_capab=[MAX-MPDU-11454][SHORT-GI-80][TX-STBC][SU-BEAMFORMEE][HTC-VHT]
vht_oper_chwidth=1
channel=157
vht_oper_centr_freq_seg0_idx=163

2) kswapd errors
Kept getting errors in dmesg. Even though there is no swap partition, the vm.min.free_kbytes default setting is too low. It should be set between 1%-3% of the total RAM in the system:

Code: Select all

sudo nano /etc/sysctl.conf
#add to end of file, uncomment or add only one of the following lines for a system with 2GB. Change according you your hardware.
#vm.min_free_kbytes=37851   #2% 2GB
#vm.min_free_kbytes=56776   #3% 2GB
#vm.min_free_kbytes=66239   #3.5% 2GB