One day, your laptop's WiFi interface suddenly dies, or you get a new device that has only an ethernet interface, but your home router is too far from your table, and you cannot or even don't want to wire them from your home router (who likes the long, long LAN cable, right 🙄?).
You have one Raspberry Pi in your hand with both WiFi and ethernet interfaces working. Why don't we make your Raspberry Pi become a bridge between your home router and your spoiled WiFi devices? You can even hide your laptop behind your Raspberry Pi on the network. Sound cool, sound cool🤔
Let's do it. 🐱💻
Sketches
Overall, we will connect Raspberry Pi to the internet router through WiFi and then connect our Spoiled WiFi Laptop to Raspberry Pi through the LAN (Ethernet) port. Eventually, we expect the laptop to be assigned an IP address from Raspberry Pi and have an Internet connection through the LAN port.
A bit more detail about the configuration inside Raspberry Pi.
One more interface (bridge) would bridge the WiFi and Ethernet interfaces. The DHCP server would assign the bridge an IP address, and the Ethernet interface would get the IP address and Internet from the Bridge interface.
Get started
Connect Raspberry Pi to the home router
Step I will not describe in detail; there are thousands of guides over the internet, and you can search for
"how to connect a Raspberry Pi to WiFi by CLI or even GUI".
Config Bridge Interface
Add interface
Try the below command on Raspberry Pi:
pi@raspberrypi:~ $ sudo ip link add br0 type bridge
Confirm again:
pi@raspberrypi:~ $ ifconfig br0
br0: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 0a:35:6d:96:9e:98 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Config the interface
Edit file /etc/network/interface to include below contents:
pi@raspberrypi:~ $ cat /etc/network/interfaces
source-directory /etc/network/interfaces.d
auto eth0
iface eth0 inet manual
# The bridge network interface
auto br0
iface br0 inet static
bridge_ports eth0
bridge_stp off
address 192.168.99.1
netmask 255.255.255.0
network 192.168.99.0
dns-search "EmbedCoder"
Restart networking service
pi@raspberrypi:~ $ sudo service networking restart
Confirm again the IP address on the br0 interface should be 192.168.99.1
pi@raspberrypi:~ $ ip a show dev br0
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 0a:35:6d:96:9e:98 brd ff:ff:ff:ff:ff:ff
inet 192.168.99.1/24 brd 192.168.99.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::835:6dff:fe96:9e98/64 scope link
valid_lft forever preferred_lft forever
At this step, we configure the bridge br0 interface to get the IP address 192.168.99.1 and bridge it to eth0.
Config DHCP
Now, we configure the DHCP server to allocate an IP address in the range 192.168.99.1-254 for the bridge interface.
Install DHCP server
You need to check if you have any DHCP server instance installed on your Raspberry Pi. Then, you don't need to install any DHCP server else.
pi@raspberrypi:~ $ systemctl | grep dhcp
● dhcpcd.service loaded failed failed dhcpcd on all interfaces
Like above checking result, I don't have any dhcp server running, the dhcpcd there is just a dhcp client instance.
Please follow and install the below DHCP server.
pi@raspberrypi:~ $ sudo apt install -y isc-dhcp-server
Ofcourse, you can select to install the other dhcp server, in this case I choosed isc-dhcp-server, it's just the first thing I see, no special reason. 😅
Config DHCP server
Config the default interface for the DHCP server.
Edit file /etc/default/isc-dhcp-server like below
pi@raspberrypi:~ $ cat /etc/default/isc-dhcp-server
INTERFACESv4="br0"
INTERFACESv6=""
Config the subnet for the bridge interface.
Add below segment into file /etc/dhcp/dhcpd.conf
# Subnet for br0
ddns-update-style none;
log-facility local7;
lease-file-name "/var/lib/dhcp/dhcpd.leases";
subnet 192.168.99.0 netmask 255.255.255.0 {
default-lease-time 600;
max-lease-time 7200;
option routers 192.168.99.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.99.255;
option domain-name "EmbedCoder";
option domain-name-servers 8.8.8.8,8.8.4.4;
range 192.168.99.2 192.168.99.254;
}
Restart the DHCP server
pi@raspberrypi:~ $ sudo service isc-dhcp-server restart
At this step, we completed the configuration for the DHCP server. Now you can connect your Laptop to Raspberry Pi through the LAN port and can see an IP address (192.168.99.2, for ex) be allocated to your Laptop (remember to set your laptop LAN port at the DHCP mode 😉).
You can check from Raspberry Pi by
pi@raspberrypi:~ $ dhcp-lease-list
To get manufacturer names please download http://standards.ieee.org/regauth/oui/oui.txt to /usr/local/etc/oui.txt
Reading leases from /var/lib/dhcp/dhcpd.leases
MAC IP hostname valid until manufacturer
===============================================================================================
00:e0:4c:36:00:fb 192.168.99.2 LAPTOP-FIMV73Q 2021-05-01 08:25:01 -NA-
Or from your laptop
Route traffic by iptables
Even after we have the laptop's IP address connected to the Raspberry Pi, it still hasn't got internet access.
We still need several more steps to complete this course. Use iptable to route the traffic from your WiFi to the bridge.
Iptable is a tool on Linux that helps configure, route, or block all packages. It is installed by default on Raspberry Pi and can work like a firewall.
Install iptables-persistent
However, one thing that needs to be noted is that all the configurations by iptable will be lost every time Raspberry Pi reboots. We need to persist the iptable configuration. We install iptables-persistent.
pi@raspberrypi:~ $ sudo apt install -y iptables-persistent
Select "Yes" when you are asked for persist IPv4 and IPv6.
Add iptable traffic route
pi@raspberrypi:~ $ sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
pi@raspberrypi:~ $ sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
pi@raspberrypi:~ $ sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
pi@raspberrypi:~ $ sudo netfilter-persistent save
pi@raspberrypi:~ $ sudo netfilter-persistent reload
You can check on the router if you have access; your laptop does not appear on the router, which means it's on a separate subnet provided by a Raspberry Pi.
That also means your Raspberry Pi became a router somehow and created a private subnet with the internet attached for you. If you have a switch, you can plug it into the Raspberry Pi and then connect your devices to that switch. You have your own network with an IP range from 192.168.99.2 to
192.168.99.254.