Saturday, 3 June 2017

Replacing your modem / router with a Raspberry Pi and a DSL-320B

One of the major draw backs to Linux (although by no fault of its own) is that there are so few PPPoA drivers available - largely due to the vast majority of them not being open sourced. However there a few Thompson model chip sets that work - but these are ancient.

Instead the easiest option is to bridge the connection with a dedicated PPPoA modem - however there are not many around that support this - the Draytec Vigor 120 and D-Link DSL-320B both do what we need.

I chose the D-Link since you can pick these up fairly cheaply from Amazon.

The first hurdle was working out which settings need to be configured on the DSL-320B - although this might differ slightly from ISP to ISP - below are the settings I used on the device to get it running correctly in bridging mode:

Firstly go to the web-based configuration portal and hit: Setup >> ADSL Setup

Manual ADSL Connection = Bridge Mode
Bridge Mode / Connection Type = 1483 Bridged IP LLC (VC-Mux didn't work for me.)
VPI: 0 (may differ)
VCI: 38 (may differ)
Virtual Circuit = Enable
Service Category = UBR

Now we want to configure a PPP connection on our Raspberry Pi - I'm using CentOS 7 on mine - however the instructions are pretty generic.

We'll need to firstly install the ppp client etc:

sudo yum -y install rp-pppoe pppd

To get us up and running quick we can run 'pppoe-setup' from the terminal (as root) and we will be prompted for PPPoA username and password among other options. 

For the firewall choice we will typically want Option 2 / MASQUERADE - however we will be tweaking the rules in a bit.

All of the ppp configuration is stored under /etc/ppp - there are a few noteworthy files:

chap-secrets: This holds your PPPoA username / password
pap-secrets: Again, holds your PPPoA username / password
firewall-masq: The firewall script (if you chose option 2 during thr setup wizard)
/etc/sysconfig/network-scripts/ifcfg-pppX: The interface configuration script

Before bringing up the connection we will need to modify the firewall rules - since they are not setup very well for a general purpose home router. You will need to add some extra lines into the firewall script (that gets executed when the pppX interface comes up) - this is because existing firewall rules are flushed:

vi /etc/ppp/firewall-masq

# Allow incoming SSH
iptables -t filter -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

# Allow established connections inbound
iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow all traffic on localhost
iptables -A INPUT -i lo -j ACCEPT

Now let's attempt to bring the ppp connection up with:

sudo ifup ppp0

and review the connection with:

ip link ppp0

With any luck you will see it's come up and now assigned an IP.

The next step is to setup a local DHCP server that will serve our LAN:

sudo yum install dhcpd

and configure like follows (replacing where necessary):

# name server(s)
option domain-name-servers;

# default lease time
default-lease-time 600;

# max lease time
max-lease-time 7200;

# this DHCP server to be declared valid

# specify network address and subnet mask
subnet netmask {
    # specify the range of lease IP address
    range dynamic-bootp;
    # specify broadcast address
    option broadcast-address;
    # specify default gateway
    option routers;

Now I also want wireless clients to be able to connect to my network - so I ended up purchasing a high gain USB NIC (RTL8188CUS to be precise).

We will need to install the following packages:

sudo yum -y install hostapd iw bridge-utils openssl-devel libnl-devel

and the build tools:

yum groupinstall "Development Tools"

Unfortunately the CentOS ARM repo's don't currently have a package for hostapd - so we'll need to compile this from source:

cd /tmp
yum install git
git clone git://
cd ~/hostap/hostapd
git checkout hostap_2_3
cp defconfig .config

We will also need to apply a patch in order to get hostapd working with the RTL8188CUS chipset from:

cd to the parent directory (the one with the src and hostapd folders) and run the patch e.g.:

patch -Np1 -i /path/to/rtlxdrv.patch

We will now need to tweak the .config file a little - ensure the following are set:

CONFIG_DRIVER_NL80211=y # enable netlink interface
CONFIG_IEEE80211N=y # enable 802.1n
CONFIG_IEEE80211AC=y # enable 802.1ac
CONFIG_ACS=y # enable automatic channel selection
CONFIG_DRIVER_RTW=y # enable RTL8188CUS support

make && make install

and then create a configuration file for it:

mkdir /etc/hostapd
vi /etc/hostapd/hostapd.conf

and add something like the following:


interface=wlan0       # the interface used by the AP
hw_mode=g             # g simply means 2.4GHz band
channel=10            # the channel to use
ieee80211d=1          # limit the frequencies used to those allowed in the country
country_code=GB       # the country code
ieee80211n=1          # 802.11n support
wmm_enabled=1         # QoS support
ssid=somename         # the name of the AP
auth_algs=1           # 1=wpa, 2=wep, 3=both
wpa=2                 # WPA2 only

We will also ensure that the wlan0 interface is excluded from control by the Network Manager:

vim /etc/NetworkManager/NetworkManager.conf

and adding:


And turn of wifi with:

nmcli radio wifi off
sudo rfkill unblock wlan

and start / test it with:

hostapd /etc/hostapd/hostapd.conf

Everything seemed to look OK initially until I attempted to connected to the AP - and I got the following error message on the console:

wlan0: STA 11:22:33:44:55:66 IEEE 802.11: deauthenticated due to local deauth request

This turns out to be due to lack of entropy so we can install haveged to overcome this - however - again it's not readily available as a package so we'll need to compile it from source:
cd /tmp
tar zxvf hav*
cd haveged*
make && make install

and retry with:

hostapd /etc/hostapd/hostapd.conf

Note: When starting hostapd it wipes the IP configuration on wlan0! So we will need to manually configure the interface after it's started and also restart the DHCP service - I wrote the following up (very quickly):


echo Killing of any existing hostapd instances...
pkill hostapd

echo Ensuring wifi is turned off
# make sure wlan interface is offline
nmcli radio wifi off

echo Starting hostapd...
nohup /usr/local/bin/hostapd /etc/hostapd/hostapd.conf >/dev/null 2>&1 &

echo Assiging ip address to wlan interface
# assign ip address to interface
ip addr add dev wlan0

echo Restarting the DHCP service
# restart dhcp server
systemctl restart dhcpd

Ideally (when I get the time) I will create it's own service unit for systemctl - but for now the above will do!


Hostapd on CentOS 6:


Post a Comment