Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Wifi Access Point instructions

Tue Dec 31, 2019 6:11 am

Hi there,

I had done this ages ago on Stretch but recently got myself a new lot of RPI3/4s and decided to go with Butcher - my aim is to have local wifi access points, bridging to the ethernet port, which is cabled through to a switch and then the modem. I obviously followed the official instructions: https://www.raspberrypi.org/documentati ... s-point.md; if I'm writing this post today though, it's because it wasn't smooth sailing to say the least. I don't want to rant but the following need to be corrected/clarified on this article:
  • 1. there is no clear indication of what in the first section (bridge / masquerading / having the Pi as its own DHCP server), is also required for the second one (just give wifi clients WAN/Internet access through the Pi's ethernet port)

    2. code snippets are provided with ip addresses here and there but there is no indication of what should correspond to what, or what assumptions are made wrt/ how the overall network is set up

    3. references, esp. to SystemD constructs, are dearly missing.
So I eventually hacked my way through to get something working, though I know it's wrong, possibly inefficient and maybe unsecured... It would be of tremendous help if some kind souls in the Community could review and critique my approach and suggest ways to improve it. Ultimately I would love to contribute a change to that access-point.md page, but at this stage I understand about 10% of what I'm doing:

The Steps (from a freshly updated/upgraded Buster instance):
  • 1. sudo apt install bridge-utils hostapd
    2. create and set the 3 system D files as per the access-point.md page
    3. create hostapd.conf as per the page (driver property replaced by bridge property already)
    4. reference hostapd.conf in /etc/default/hostapd (DAEMON_CONF)
    5. declare wlan0 in /etc/dhcpcd.conf as:

    interface wlan0
    static ip_address=192.168.4.1/24
    nohook wpa_supplicant

    6. sudo brctl addbr br0
    7. sudo brctl addif br0 eth0
    8. sudo systemctl unmask hostapd
    9. sudo systemctl enable hostapd
    10. sudo systemctl start hostapd

    11. sudo systemctl restart systemd-networkd

    12. sudo reboot
    13. add "sudo brctl addif br0 eth0" and "sudo systemctl restart systemd-networkd" to /etc/rc.local (would love to know why eth0 doesn't stick..)
I tried to add the "denyinterfaces" statements in dhcpcd.conf but that blocks ssh so I gave up. I end up with the network config that looks like this:

Code: Select all

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.10  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::ba27:ebff:fe12:57e6  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:12:57:e6  txqueuelen 1000  (Ethernet)
        RX packets 2381  bytes 386946 (377.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 237  bytes 22617 (22.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.17  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::efb4:75ef:d09d:3af3  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:12:57:e6  txqueuelen 1000  (Ethernet)
        RX packets 8226  bytes 4681647 (4.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6313  bytes 1077396 (1.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.4.1  netmask 255.255.255.0  broadcast 192.168.4.255
        inet6 fe80::55b8:2c51:592a:e86f  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:47:02:b3  txqueuelen 1000  (Ethernet)
        RX packets 6070  bytes 969198 (946.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8119  bytes 4871449 (4.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
... Not exactly what the docs say I should have but at least clients can connect through. And it's repeatable.

Many thanks in advance Vincent.

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Tue Dec 31, 2019 1:39 pm

“Raspbian Butcher”, good name :D

With the current documentation it is unfortunately too easy to mix the routed AP setup, which creates an independent WiFi IP network optionally routed to the main IP network over Ethernet,
and the bridged AP setup, which merges Ethernet and wireless network media into a single IP network.

What do you want among those 2 options?
A. A single network managed by your router, with one or many Pis acting as wireless APs,
or
B. A main network managed by your router, and one or many additional wireless networks each managed by a Pi and routing to the main network and the Internet

Option A is a “flat” network, all machines can connect to all machines directly. Option B is a small Internet, machines have to hop from network to network via successive routers to get somewhere. Machine-to-machine interconnection may require configuring a router (masquerading, port forwarding)
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Tue Dec 31, 2019 9:44 pm

Sorry - Buster (lapsus revelateur!)

Option A would do just fine for me - at any rate would it not make sense to just swap the sections around on that page, as it seems to require far less config to get working.

Thanks Vincent

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Tue Dec 31, 2019 10:35 pm

The doc is being reworked. In the meantime, you can try this

Make sure to clean up any files under systemd/network and to restart from a fresh copy of dhcpcd.conf.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Thu Jan 02, 2020 11:31 am

I think you're missing the bridge-utils install, though after that I'm still not seeing the bridge established when doing

Code: Select all

sudo brctl show
:

Code: Select all

pi@gf-ap:~ $ sudo brctl show
bridge name	bridge id		STP enabled	interfaces
br0		8000.e6bcb928d760	no		wlan0
instead of eth0, ifconfig shows some sort of dynamically created name:

Code: Select all

pi@gf-ap:~ $ ifconfig
enxb827eb1c798e: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.21  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::1990:c0fd:93f2:7a45  prefixlen 64  scopeid 0x20<link>
        ether b8:27:eb:1c:79:8e  txqueuelen 1000  (Ethernet)
        ....
if I add this interface to the bridge, then the whole thing starts to work as an access point, but then I can't ssh into the Pi and can't ping Google from it neither. Then I reboot and everything works except AP (so remote ssh, ping to www.google.com):

Code: Select all

bridge name	bridge id		STP enabled	interfaces
br0		8000.e6bcb928d760	no		wlan0
so not referencing the enxb8BLAH interface (which should really be eth0).

So in short, your shorter instructions work better but there remains a number of things I can't make sense of. Adding the ethernet interfaces enables the AP but prevents other connectivity from functioning - how can I overcome that?

Thanks Vincent.

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Thu Jan 02, 2020 11:52 am

Bridge-utils was useless, hence removed from the howto.
It appears you’re using predictable network interfaces names. That is not the default in Raspbian so the howto refers to the Ethernet interface as “eth0” and not the “predictable” enx-whatever name.

2 options: disable predictable names in raspi-config, reboot and see if things work better,
or,
replace every instance of “eth0” in the various files you edited with “enx-whatever”.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Fri Jan 03, 2020 12:30 am

Thanks again epoch1970,

I removed bridge-utils and disabled predictable interfaces (though I'm pretty sure I did not enable it). Now i cannot ssh remotely anymore, nor can I reach the internet from the Pi itself. Doing "sudo systemctl status systemd-networkd" suggests it's properly working (Status = "Processing requests)". However ifconfig shows only the loopback, wlan0 and eth0 interfaces, not br0, and without ip addresses (thanks to the denyinterfaces entry in dhcpcd.conf).

Removing the denyinterfaces line gives me back ip addresses, but only the one for eth0 is in the range provided by my router, and at any rate I still can't ssh into the Pi.

Another thing I kept from my previous setup process was to register /etc/hostapd/hostapd.conf in /etc/default/hostapd (DAEMON_CONF), is that part irrelevant too?

Vincent

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Fri Jan 03, 2020 11:25 am

It’s not magic.
Reinstall Raspbian Buster, follow the guide, it’ll work.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

TheoPA3DSS
Posts: 29
Joined: Fri Nov 09, 2018 9:27 am
Location: Netherlands

Re: Wifi Access Point instructions

Fri Jan 03, 2020 1:50 pm

I use this script:
https://github.com/idev1/rpihotspot
I have installed it several times without any problems.

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Fri Jan 03, 2020 9:14 pm

epoch1970 wrote:
Fri Jan 03, 2020 11:25 am
It’s not magic.
Reinstall Raspbian Buster, follow the guide, it’ll work.
Can you provide additional commands to troubleshoot this? For example what's an equivalent to brctl if bridge-utils is not installed?

I think I'm close (and actually in the process of re-flashing the sd one more time), but br0 is reported as down in ifconfig, so while I can see my SSID advertised, it rejects the password (which from experience is consistent with the bridge being inactive or not started).

Thanks for your help! Vincent

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Fri Jan 03, 2020 9:38 pm

Try these and paste the results:

Code: Select all

ip -d l show
ip a show
cat /etc/os-release
cat /etc/dhcpcd.conf
cat /etc/network/interfaces
cat /etc/rc.local
find /etc/systemd/network -type=f -exec echo {} \; -exec cat {} \;
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Sat Jan 04, 2020 3:56 am

epoch1970 wrote:
Fri Jan 03, 2020 9:38 pm
Try these and paste the results:
Here goes: note that I had to remove the 99--default.link symlink in order to remote-ssh again - the outputs below were taken before that.

Thanks Vincent.

Code: Select all

ip -d l show:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0 minmtu 0 maxmtu 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max
_size 65536 gso_max_segs 65535 
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP mode DEFAULT group default qlen 1000
    link/ether b8:27:eb:1c:79:8e brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 68 maxmtu 1500 
    bridge_slave state disabled priority 32 cost 19 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8001 port
_no 0x1 designated_port 32769 designated_cost 0 designated_bridge 8000.86:e6:2b:b9:18:84 designated_root 8000.86:e6:2b:b9:18:84 hold_timer    0
.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router 
1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0 group_fwd_mask_str 0x0 vlan_tunnel off isolated off addrgenmode eui64
 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 
3: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 86:e6:2b:b9:18:84 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 65535 
    bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 0 bridge_id 8000.86:e6:2b
:b9:18:84 designated_root 8000.86:e6:2b:b9:18:84 root_port 0 root_path_cost 0 topology_change 0 topology_change_detected 0 hello_timer    0.00 
tcn_timer    0.00 topology_change_timer    0.00 gc_timer    0.00 group_fwd_mask 0 group_address 01:80:c2:00:00:00 mcast_snooping 1 mcast_router
 1 mcast_query_use_ifaddr 0 mcast_querier 0 mcast_hash_elasticity 4 mcast_hash_max 512 mcast_last_member_count 2 mcast_startup_query_count 2 mc
ast_last_member_interval 100 mcast_membership_interval 26000 mcast_querier_interval 25500 mcast_query_interval 12500 mcast_query_response_inter
val 1000 mcast_startup_query_interval 3125 mcast_stats_enabled 0 mcast_igmp_version 2 mcast_mld_version 1 nf_call_iptables 0 nf_call_ip6tables 
0 nf_call_arptables 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP mode DEFAULT group default qlen 1000
    link/ether b8:27:eb:49:2c:db brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 68 maxmtu 1500 
    bridge_slave state disabled priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on port_id 0x8002 por
t_no 0x2 designated_port 32770 designated_cost 0 designated_bridge 8000.86:e6:2b:b9:18:84 designated_root 8000.86:e6:2b:b9:18:84 hold_timer    
0.00 message_age_timer    0.00 forward_delay_timer    0.00 topology_change_ack 0 config_pending 0 proxy_arp off proxy_arp_wifi off mcast_router
 1 mcast_fast_leave off mcast_flood on neigh_suppress off group_fwd_mask 0 group_fwd_mask_str 0x0 vlan_tunnel off isolated off addrgenmode eui6
4 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 

Code: Select all

ip a show:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
    link/ether b8:27:eb:1c:79:8e brd ff:ff:ff:ff:ff:ff
    inet6 fe80::ba27:ebff:fe1c:798e/64 scope link 
       valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 86:e6:2b:b9:18:84 brd ff:ff:ff:ff:ff:ff
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
    link/ether b8:27:eb:49:2c:db brd ff:ff:ff:ff:ff:ff
    inet6 fe80::ba27:ebff:fe49:2cdb/64 scope link 
       valid_lft forever preferred_lft forever

Code: Select all

cat /etc/os-release:

PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
NAME="Raspbian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"

Code: Select all

cat /etc/dhcpcd.conf:

# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.

# Allow users of this group to interact with dhcpcd via the control socket.
#controlgroup wheel

# Inform the DHCP server of our hostname for DDNS.
hostname

....
# fallback to static profile on eth0
#interface eth0
#fallback static_eth0
denyinterfaces wlan0 eth0

Code: Select all

cat /etc/network/interfaces:

# interfaces(5) file used by ifup(8) and ifdown(8)

# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'

# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

Code: Select all

cat /etc/rc.local:

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# Print the IP address
_IP=$(hostname -I) || true
if [ "$_IP" ]; then
  printf "My IP address is %s\n" "$_IP"
fi

exit 0


Code: Select all

find /etc/systemd/network -type=f -exec echo {} \; -exec cat {} \;

::::::::::::::
/etc/systemd/network/99-default.link
::::::::::::::
::::::::::::::
/etc/systemd/network/br0-member-eth0.network
::::::::::::::
[Match]
Name=eth0

[Network]
Bridge=br0
::::::::::::::
/etc/systemd/network/bridge-br0.netdev
::::::::::::::
[NetDev]
Name=br0
Kind=bridge


epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Sat Jan 04, 2020 10:42 am

Dhcpcd.conf in full please
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Sat Jan 04, 2020 11:29 am

epoch1970 wrote:
Sat Jan 04, 2020 10:42 am
Dhcpcd.conf in full please
sorry:

Code: Select all

# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.

# Allow users of this group to interact with dhcpcd via the control socket.
#controlgroup wheel

# Inform the DHCP server of our hostname for DDNS.
hostname

# Use the hardware address of the interface for the Client ID.
clientid
# or
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
# Some non-RFC compliant DHCP servers do not reply with this set.
# In this case, comment out duid and enable clientid above.
#duid

# Persist interface configuration when dhcpcd exits.
persistent

# Rapid commit support.
# Safe to enable by default because it requires the equivalent option set
# on the server to actually work.
option rapid_commit

# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search, host_name
option classless_static_routes
# Respect the network MTU. This is applied to DHCP routes.
option interface_mtu

# Most distributions have NTP support.
#option ntp_servers

# A ServerID is required by RFC2131.
require dhcp_server_identifier

# Generate SLAAC address using the Hardware Address of the interface
#slaac hwaddr
# OR generate Stable Private IPv6 Addresses based from the DUID
slaac private

# Example static IP configuration:
#interface eth0
#static ip_address=192.168.0.10/24
#static ip6_address=fd51:42f8:caae:d92e::ff/64
#static routers=192.168.0.1
#static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1

# It is possible to fall back to a static IP if DHCP fails:
# define static profile
#profile static_eth0
#static ip_address=192.168.1.21/24
#static routers=192.168.1.1
#static domain_name_servers=192.168.1.1

# fallback to static profile on eth0
#interface eth0
#fallback static_eth0
denyinterfaces wlan0 eth0

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Sat Jan 04, 2020 11:44 am

Hum. I assume hostapd is running ok since wlan0 is bridged.
Everything looks normal, except br0 is down.
Try

Code: Select all

ip link set br0 up
and I think networking will start working.

If so, I surmise systemd-networkd is in some sorry state. Try disabling the service, rebooting and enabling it again, then rebooting again.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Sat Jan 04, 2020 9:37 pm

epoch1970 wrote:
Sat Jan 04, 2020 11:44 am
Hum. I assume hostapd is running ok since wlan0 is bridged.
Everything looks normal, except br0 is down.
Try

Code: Select all

ip link set br0 up
and I think networking will start working.

If so, I surmise systemd-networkd is in some sorry state. Try disabling the service, rebooting and enabling it again, then rebooting again.
Ok starting up the bridge does the trick but it's not starting automatically so for now I added that to rc.local. My (hopefully) last issue is that I can't reach the internet from the Pi:

Code: Select all

$ ping 8.8.8.8
connect: Network is unreachable

$ ping www.google.com
ping: www.google.com: Temporary failure in name resolution
sudo route -n returns an empty table, and when I try to add to add a default gateway with:

Code: Select all

sudo route add default gw 192.168.1.1
I get:

Code: Select all

SIOCADDRT: Network is unreachable
I really want to get to the bottom of why the bridge isn't starting up automatically - can anyone else try the configuration steps on this thread?

Thanks Vincent.

Ernst
Posts: 1350
Joined: Sat Feb 04, 2017 9:39 am
Location: Germany

Re: Wifi Access Point instructions

Sat Jan 04, 2020 9:56 pm

Somewhere in the back of my mind there is a hint why I stopped commenting on posts on configuring a Wifi AP with hostapd, maybe because afaicr (can remember) the political correct instructions for use of systemd does not deliver the expected result.
iirc one of the problems is that /etc/default/hostapd must be changed as described here in the first section, just before the heading "Start it up".
The road to insanity is paved with static ip addresses

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Sat Jan 04, 2020 10:13 pm

Ernst that's a trivial change in /etc/default/hostapd (effectively DAEMON_CONF is already set to /etc/hostapd/hostapd.conf), it's only relevant if somehow you want to point at another conf file.

Vincent

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Sat Jan 04, 2020 10:18 pm

I really don’t think the problem is related to hostapd.
Somehow dhcpcd seems to react when the bridge is set up but the DHCP config seems incomplete since DNS resolution fails.
No idea why. Time to reinstall.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Ernst
Posts: 1350
Joined: Sat Feb 04, 2017 9:39 am
Location: Germany

Re: Wifi Access Point instructions

Sat Jan 04, 2020 10:20 pm

Vincent.leycuras wrote:
Sat Jan 04, 2020 10:13 pm
Ernst that's a trivial change in /etc/default/hostapd (effectively DAEMON_CONF is already set to /etc/hostapd/hostapd.conf), it's only relevant if somehow you want to point at another conf file.

Vincent
Find the line with #DAEMON_CONF, and replace it with this:

Code: Select all

DAEMON_CONF="/etc/hostapd/hostapd.conf"
Trivial ?
The road to insanity is paved with static ip addresses

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Sun Jan 05, 2020 12:36 am

Ernst wrote:
Sat Jan 04, 2020 10:20 pm

Trivial ?
By that I mean that hostapd is set to read /etc/hostapd/hostapd.conf by default, as per /lib/systemd/hostapd.service, this can also be seen here:

Code: Select all

pi@raspberrypi:~ $ sudo systemctl status hostapd
● hostapd.service - Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator
   Loaded: loaded (/lib/systemd/system/hostapd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2020-01-04 20:58:10 GMT; 3h 31min ago
  Process: 417 ExecStart=/usr/sbin/hostapd -B -P /run/hostapd.pid -B $DAEMON_OPTS ${DAEMON_CONF} (code=exited, status=0/SUCCESS
 Main PID: 425 (hostapd)
    Tasks: 1 (limit: 2200)
   Memory: 1.9M
   CGroup: /system.slice/hostapd.service
           └─425 /usr/sbin/hostapd -B -P /run/hostapd.pid -B /etc/hostapd/hostapd.conf
Anyway the bridge is working, it's just the outgoing connection that's not.

Vincent

Ernst
Posts: 1350
Joined: Sat Feb 04, 2017 9:39 am
Location: Germany

Re: Wifi Access Point instructions

Sun Jan 05, 2020 1:59 pm

Vincent.leycuras wrote:
Sun Jan 05, 2020 12:36 am
By that I mean that hostapd is set to read /etc/hostapd/hostapd.conf by default, as per /lib/systemd/hostapd.service, ...
It seems that this has changed with hostapd 2.7, the "original" documentation used hostapd 2.6

I think have good news and bad news:

To bring up the br0 interface you can use the command

Code: Select all

ip link set br0 up
or with a change in /etc/network/interfaces to add the following lines:

Code: Select all

# Bridge setup
auto br0
iface br0 inet manual
bridge_ports eth0 wlan0
but that will not result in a dhcp assigned IP address because there seems to be a problem related to dhcpcd5 version 8.1.2.
In my test configuration I was able to get an IP address with the following command:

Code: Select all

sudo dhcpcd -d br0
where "-d" (meaning debug) is required because without "-d" does not work.

One additional piece of information:
epoch1970 wrote:
Thu Jan 02, 2020 11:52 am
Bridge-utils was useless, hence removed from the howto.
Bridge-utils is not useless, without bridge-utils a new random mac address is generated for the interface br0, with bridge-utils the mac address is copied from eth0.
The road to insanity is paved with static ip addresses

epoch1970
Posts: 5724
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Wifi Access Point instructions

Sun Jan 05, 2020 6:19 pm

Ernst wrote:
Sun Jan 05, 2020 1:59 pm
additional piece of information:
epoch1970 wrote:
Thu Jan 02, 2020 11:52 am
Bridge-utils was useless, hence removed from the howto.
Bridge-utils is not useless, without bridge-utils a new random mac address is generated for the interface br0, with bridge-utils the mac address is copied from eth0.
FYI,
brctl is obsolete, and in the current how-to it installed and not used; For these reasons it will certainly be removed from the next revision of the howto. You can use the preinstalled "ip link" (and marginally "bridge") commands instead.

Systemd generates a bridge with a random-yet-predictable MAC, with is not the standard behaviour you obtain by creating a bridge using "ip". In any case brctl never had anything to say about the MAC address of a bridge.

If the MAC address of the bridge has anything to do with the problems of the OP, the solution would probably lie in their router config, not in installing brctl-utils on the Pi.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Sun Jan 05, 2020 10:51 pm

Thanks Ernst, that did the trick in that it gave me an ip address, I tried to also install bridge-utils on one of my Pis and not the other, the MAC address for br0 was still different from eth0 but maybe I should have installed it at the very start of the process and am feeling a bit lazy now.

One weird thing I am noticing: my 2 APs' br0 have the same MAC address (86:e6:2b:b9:18:84), which is consistent with another symptom I observed earlier: both were assigned the same IP address (which afaik is derived from the MAC address). I subsequently bounced my modem router which made the problem go away, but it still makes me feel like we're missing part of the puzzle.

I'll continue testing for other oddities but getting close to what I need.

Vincent.
epoch1970 wrote:
Sun Jan 05, 2020 6:19 pm
Ernst wrote:
Sun Jan 05, 2020 1:59 pm
additional piece of information:
epoch1970 wrote:
Thu Jan 02, 2020 11:52 am
Bridge-utils was useless, hence removed from the howto.
Bridge-utils is not useless, without bridge-utils a new random mac address is generated for the interface br0, with bridge-utils the mac address is copied from eth0.
FYI,
brctl is obsolete, and in the current how-to it installed and not used; For these reasons it will certainly be removed from the next revision of the howto. You can use the preinstalled "ip link" (and marginally "bridge") commands instead.

Systemd generates a bridge with a random-yet-predictable MAC, with is not the standard behaviour you obtain by creating a bridge using "ip". In any case brctl never had anything to say about the MAC address of a bridge.

If the MAC address of the bridge has anything to do with the problems of the OP, the solution would probably lie in their router config, not in installing brctl-utils on the Pi.

Vincent.leycuras
Posts: 14
Joined: Tue Dec 31, 2019 5:41 am

Re: Wifi Access Point instructions

Tue Jan 07, 2020 1:09 am

Hi there,

This is what works for me (across 3 APs, 2 RPI3 and 1 RPI4, all Buster):

Code: Select all

sudo apt install hostapd

sudo systemctl unmask hostapd
sudo systemctl enable hostapd

echo "[NetDev]" > ./bridge-br0.netdev
echo "Name=br0" >> ./bridge-br0.netdev
echo "Kind=bridge" >> ./bridge-br0.netdev

echo "[Match]" > ./br0-member-eth0.network
echo "Name=eth0" >> ./br0-member-eth0.network
echo "" >> ./br0-member-eth0.network
echo "[Network]" >> ./br0-member-eth0.network
echo "Bridge=br0" >> ./br0-member-eth0.network

sudo cp *br0* /etc/systemd/network/
sudo ln -s /dev/null /etc/systemd/network/99-default.link
sudo systemctl enable systemd-networkd

sudo cp /etc/dhcpcd.conf .
sudo chown pi:pi dhcpcd.conf
echo "denyinterfaces wlan0 eth0" >> dhcpcd.conf
sudo cp dhcpcd.conf /etc/

echo "interface=wlan0" > hostapd.conf
echo "bridge=br0" >> hostapd.conf
echo "ssid=XXXXXX" >> hostapd.conf
echo "hw_mode=g" >> hostapd.conf
echo "channel=7" >> hostapd.conf
echo "wmm_enabled=0" >> hostapd.conf
echo "macaddr_acl=0" >> hostapd.conf
echo "auth_algs=1" >> hostapd.conf
echo "ignore_broadcast_ssid=0" >> hostapd.conf
echo "wpa=2" >> hostapd.conf
echo "wpa_passphrase=YYYYYYYY" >> hostapd.conf
echo "wpa_key_mgmt=WPA-PSK" >> hostapd.conf
echo "wpa_pairwise=TKIP" >> hostapd.conf
echo "rsn_pairwise=CCMP" >> hostapd.conf
echo "ctrl_interface=/var/run/hostapd" >> hostapd.conf
echo "ctrl_interface_group=0" >> hostapd.conf

sudo cp hostapd.conf /etc/hostapd/
# copy to /etc/rc.local before 'exit 0' - can't be bothered to script that
#sudo ip link set br0 up
#sudo dhcpcd -d br0

sudo reboot
I would love to know hear from someone testing epoch1970's instructions (further up in this thread) vs this which incorporates some of Ernt's findings, but I was primarily looking for something more simple than what I had and that worked systematically, so I will leave it here.

Thanks again epoch1970 and Ernst for helping out!

Regards Vincent.
Last edited by Vincent.leycuras on Sun May 17, 2020 11:26 pm, edited 1 time in total.

Return to “Troubleshooting”