1 1
LostZimbo

Espressobin gateway/wifi network: confusion about hostapd/dnsmasq

Recommended Posts

I bought an espressobin and a realtek rtl8812au based usb wifi device because I wanted to set up a linux based wifi network at home. It is running the armbian mainline kernel with Debian 9. I installed hostapd and dnsmasq (config files below) and it works, hurray! Bad news is I do not understand how. I tried to look at the list of connected devices (cat /var/lib/misc/dnsmasq.leases) but this showed nothing. I disabled dnsmasq and rebooted and the wifi continued to work without dnsmasq. So my question is this- without the dnsmasq service what exactly is handing out the ip addresses to devices connecting via dhcp?

Hostapd config file:

 


ssid=ARMBIAN
interface=wlx24050fae5224
hw_mode=g
channel=5
bridge=br0
driver=nl80211

logger_syslog=0
logger_syslog_level=0
wmm_enabled=0
wpa=2
preamble=1

wpa_psk=66eb31d2b48d19ba216f2e50c6831ee11be98e2fa3a8075e30b866f4a5ccda27
wpa_passphrase=********
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
auth_algs=1
macaddr_acl=0

noscan=1

ctrl_interface=/var/run/hostapd
ctrl_interface_group=0

 

dnsmasq config file:

 

interface=wlx24050fae5224
dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,24h

 

The ip address for my laptop on the network is 192.168.0.24 and for my phone is 192.168.0.11 further proving that dnsmasq is not controlling any ip addresses.

 

I took a look at the router I got from my internet provider (it has reallllly crappy wifi so that is one of the reasons I am undertaking this project) and my phone and laptop, connected to the espressobin wifi network are show on the network with ip addresses 192.168.0.11 and the phone has an ip address of 100.73.80.157 (???).

 

I have no idea what is going on; I have used linux desktop for about 5 years now but this is my first time dealing with networking. Any input would be valued.

Share this post


Link to post
Share on other sites
On 4/22/2018 at 6:33 AM, LostZimbo said:

phone has an ip address of 100.73.80.157 (???).

Could that be the public IP your phone is pulling on the cellular network?  canyouseeme.org might help with that.

 

does

sudo dhclient -d -nw enx001e063038aa

(replace enx... with your eth0 or whatever ifconfig id's your adapter as) give the dhcp server you are expecting? (ctrl+c to exit)

 

Is there another router on your network? I find rogue dhcp servers in networks all over the place ...

Share this post


Link to post
Share on other sites
On 4/22/2018 at 6:33 PM, LostZimbo said:

I took a look at the router I got from my internet provider (it has reallllly crappy wifi so that is one of the reasons I am undertaking this project) and my phone and laptop, connected to the espressobin wifi network are show on the network with ip addresses 192.168.0.11 and the phone has an ip address of 100.73.80.157 (???).

 

I have no idea what is going on; I have used linux desktop for about 5 years now but this is my first time dealing with networking. Any input would be valued.

 

100.73.80.157 is in the 100.64.0.0/10 address space for carrier-grade nat, so Technicavolous is right that this is most likely your cellular connection.

Share this post


Link to post
Share on other sites

OK Apologies for the late response, this is just a side hobby I do not get a lot of time for it but have not given up. I found the issue with dnsmasq- it needs an ip address to listen on!

So I took the wan port and eth0 off of the bridge Br0, leaving lan0, lan1 and wlx24050fae5224 on it with an ip address of 172.24.1.1 and dnsmasq listening to this interface/address combination:

 

[Match]
Name=lan1   #As an example, same with lan0 and the wifi which is on wlx24050fae5224

[Network]
Bridge=br0


dnsmasq.conf:

 

dhcp-range=172.24.1.50,172.24.1.150,24h
interface=br0

listen-address=172.24.1.1

 

hostapd.conf:


ssid=Total Internal Reflection
interface=wlx24050fae5224
hw_mode=g
channel=5
bridge=br0
driver=nl80211

logger_syslog=0
logger_syslog_level=0
wmm_enabled=0
wpa=2
preamble=1

wpa_passphrase=********
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
auth_algs=1
macaddr_acl=0

noscan=1

 

and iptables to allow through the firewall:

 

# Generated by iptables-save v1.6.0 on Fri Mar 22 18:42:34 2019
*nat
:PREROUTING ACCEPT [4430:346020]
:INPUT ACCEPT [2104:185804]
:OUTPUT ACCEPT [6284:556501]
:POSTROUTING ACCEPT [3233:233316]
-A POSTROUTING -o wan -j MASQUERADE
COMMIT
# Completed on Fri Mar 22 18:42:34 2019
# Generated by iptables-save v1.6.0 on Fri Mar 22 18:42:34 2019
*filter
:INPUT ACCEPT [16787:1562239]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [16813:1994727]
-A FORWARD -i br0 -o wan -j ACCEPT
-A FORWARD -i wan -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Fri Mar 22 18:42:34 2019

 

finally there is also an ebtables setup which I created from the debian information page https://wiki.debian.org/BridgeNetworkConnections#ebtables_Overview

On lan connection this routing setup works great, fast connection and stable and exactly what I always dreamed of. The wifi is available and I can connect to it but it keeps dropping every few seconds! When the wifi is working I get great internet speeds but then it stops and starts. I am writing this on the wifi now on my laptop but on my phone it will disconnect when there is no internet (so after a few seconds of connection).

I tried to run hostapd directly on the console (sudo hostapd /etc/hostapd.conf -d) and a wifi is created but the password is different from that in the etc/hostapd.conf file so I cannot connect to it to see what is going on

 

Has anybody seen this sort of action? I have been searching online for a solution but most mention problems of disconnection after 10 minutes rather than a few seconds. Any suggestion in the direction would be helpful.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
1 1