Network configuration for the raspberry pi
My sd card got corrupted so I had to re-install the OS. I used the script create_ap to use my raspberry pi as a WIFI access point, sharing its wired connection. However I discovered that it is no longer maintained. So I had to (finally) dive into some linux networking basics.
My raspberry pi is completely headless, I don't have a screen or a keyboard connected to it. It has an IP address from its wired connection, and I can ssh onto it, but when I screw up the network config, I'll be stranded.
Before using the wireless card as an access point, let's first enable it to get network access from it. This way, I can muck around
eth0 and the bridge until it works, without having to transfer and mount the sdcard on another machine.
First, unblock the network card
rfkill unblock wlan.
Then, create the wifi configuration. This one is using WPA2.
wpa_passphrase SSID PASSWORD > /etc/wpa_supplicant/wpa_supplicant-INTERFACE.conf
Once this file is in place, rename the existing file
/lib/systemd/system/wpa_supplicant@.service by adding the interface name after the
@. In my case it's
email@example.com. Starting this service will use the config file created previously and connect to the network. You can check that with
ip a, the line for
wlan0 should show a line with an ip address.
Then, I can ssh into the pi using the wifi address.
Now that I have a reliable connection to the pi, I can wreck
Create the bridge interface by creating the following file under
[NetDev] Name=br0 Kind=bridge
To check if that worked, restart
systemd-networkd.service, and then
ip a should display an entry for
eth0 to the bridge with
[Match] Name=eth0 [Network] Bridge=br0
Finally, create a bridge network with the file
[Match] Name=br0 [Network] DHCP=ipv4
Enable all of that:
systemd enable systemd-networkd.service, and configure
dhcpcd to give an IP address to
br0 but not to
eth0 by adding the following lines to
denyinterfaces eth0 interface br0
With all of that done,
ip a should show no ip address for
eth0, and the text
master br0, meaning this interface is now under the control of
br0. The line for
br0 should show the ip address instead.
Access point setup
Now that the ethernet bridge works fine, let's disable the wifi and use
hostapd to create a software access point.
systemctl stop firstname.lastname@example.org && systemctl disable email@example.com. Let's also configure
dhcpcd to prevent getting dhcp leases on the wireless interface. Simply modify the line in
denyinterfaces eth0 wlan0.
Grab this default config file and edit the important bits: the
ssid and the
wpa_passphrase. Also, don't forget to change the
country_code to configure the access point with the right frequencies. In my case it's
GB. No need to quote the passphrase if there are multiple words. There is a minimum length of 8 char for it. Passphrase under that limit will make
hostapd fails with a cryptic error message.
A first simple check is to manually run
hostapd with this configuration and check that another device can connect to it and access the internet:
hostapd -S /etc/hostapd/wlan0-br0.conf.
When that's working, rename the systemd service and enable it:
mv /lib/systemd/system/hostapd@.service /firstname.lastname@example.org sudo systemctl start email@example.com sudo systemctl enable firstname.lastname@example.org
And tadaaaa, everything is now working. Next, install pi-hole, but that's straightforward.
- Wireless access point for raspberry pi os documentation: https://www.raspberrypi.org/documentation/configuration/wireless/access-point-bridged.md
- Network bridge configuration on (arch) linux https://wiki.archlinux.org/index.php/Network_bridge#With_systemd-networkd
- Systemd networkd bridge interface: https://wiki.archlinux.org/index.php/Systemd-networkd#Bridge_interface