Difference between revisions of "Software access point"
Robotanarchy (talk | contribs) (added troubleshooting section/ slow wlan -> install haveged for more entropy) |
m (added links to related pages) |
||
(15 intermediate revisions by 8 users not shown) | |||
Line 1: | Line 1: | ||
[[ru:Software Access Point]] | [[ru:Software Access Point]] | ||
[[Category:Wireless Networking]] | [[Category:Wireless Networking]] | ||
+ | {{Article summary start}} | ||
+ | {{Article summary text|Basic setup of wifi access point.}} | ||
+ | {{Article summary heading|Related}} | ||
+ | {{Article summary wiki|Network Configuration}} | ||
+ | {{Article summary wiki|Wireless Setup}} | ||
+ | {{Article summary wiki|Ad-hoc networking}} | ||
+ | {{Article summary wiki|Internet Share}} | ||
+ | {{Article summary end}} | ||
+ | A software access point is used when you want your computer to act as an wifi access point for the local wireless network. It saves you the trouble of getting a separate wireless router. | ||
− | + | == Requirements == | |
− | = Overview | + | * A nl80211 compatible wireless device (e.g. ath9k) |
+ | |||
+ | == Overview == | ||
Setting up an access point comprises two main parts: | Setting up an access point comprises two main parts: | ||
− | * Setting up the '''link layer''', so that wireless clients can associate to your computer's "software access point" and send/receive IP packets from/to your computer; this is what the hostapd package will do for you | + | * Setting up the '''wifi link layer''', so that wireless clients can associate to your computer's "software access point" and send/receive IP packets from/to your computer; this is what the hostapd package will do for you. |
* Setting up the '''network configuration''' on you computer, so that your computer will properly relay IP packets from/to its own Internet connection from/to wireless clients. | * Setting up the '''network configuration''' on you computer, so that your computer will properly relay IP packets from/to its own Internet connection from/to wireless clients. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Wifi Link Layer == | == Wifi Link Layer == | ||
− | The actual Wifi | + | The actual Wifi link is established via the {{Pkg|hostapd}} package. That package is compatible with WPA2. |
− | |||
− | + | [[pacman|Install]] the {{Pkg|hostapd}} package from the [[Official Repositories|official repositories]]. | |
− | + | Create the config file of hostapd {{ic|/etc/hostapd/hostapd.conf}}. | |
− | + | Adjust the options as necessary. Especially, change the {{ic|ssid}} and the {{ic|wpa_passphrase}}. | |
− | + | {{hc|/etc/hostapd/hostapd.conf|<nowiki> | |
− | + | ssid=YourWifiName | |
− | + | wpa_passphrase=Somepassphrase | |
− | + | interface=wlan0 | |
− | + | bridge=br0 | |
− | + | auth_algs=3 | |
− | + | channel=7 | |
− | + | driver=nl80211 | |
− | + | hw_mode=g | |
− | + | logger_stdout=-1 | |
− | + | logger_stdout_level=2 | |
− | + | max_num_sta=5 | |
− | + | rsn_pairwise=CCMP | |
− | + | wpa=2 | |
+ | wpa_key_mgmt=WPA-PSK | ||
+ | wpa_pairwise=TKIP CCMP | ||
+ | </nowiki>}} | ||
− | For automatically starting hostapd, | + | For automatically starting hostapd, [[Daemon|enable]] the {{ic|hostapd.service}}. |
− | + | == Network configuration == | |
− | |||
− | |||
− | |||
− | |||
− | + | There are two basic ways for implementing this: | |
+ | # '''bridge''': create a network ''bridge'' on your computer (wireless clients will appear to access the same network interface and the same subnet that's used by your computer) | ||
+ | # '''NAT''': with IP forwarding/masquerading and DHCP service (wireless clients will use a dedicated subnet, data from/to that subnet is NAT-ted -- similar to a normal WiFi router that's connected to your DSL or cable modem) | ||
− | + | The bridge approach is more simple, but it requires that any service that's needed by your wireless clients (like, DHCP) is available on your computers external interface. That means it will not work if you have a dialup connection (e.g., via PPPoE or a 3G modem) or if you're using a cable modem that will supply exactly one IP address to you via DHCP. | |
− | + | The NAT aproach is more versatile, as it clearly separates wifi clients from your computer and it's completely transparent to the outside world. It will work with any kind of network connection, and (if needed) you can introduce traffic policies using the usual iptables approach. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | Of course, it is possible to ''combine both things''. For that, studying both articles would be necessary. Example: Like having a bridge that contains both an ethernet device and the wireless device with an static ip, offering DHCP and setting NAT configured to relay the traffic to an additional network device - that can be ppp or eth. | |
− | + | === Bridge Setup === | |
− | |||
− | + | You need to create a network ''bridge'' and add your network interface (e.g. {{ic|eth0}}) to it. You '''should not''' add the wireless device (e.g. {{ic|wlan0}}) to the bridge; hostapd will add it on its own. | |
− | {{ | + | If you use [[netctl]], see [[Bridge with netctl]] for details (just do not add {{ic|tap0}} used in that example). |
=== NAT Setup === | === NAT Setup === | ||
− | + | See [https://bbs.archlinux.org/viewtopic.php?pid=1269258 create_ap]. This script combines {{Pkg|hostapd}}, [[dnsmasq]] and [[iptables]] to create a NATed Access Point. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | See [[Internet Share]] for details. | |
− | + | On that article, the device connected to the lan is {{ic|net0}}. That device would be in this case your wireless device (e.g. {{ic|wlan0}}). | |
− | + | == Troubleshooting == | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ===WLAN is very slow=== | |
− | |||
− | + | This could be caused by low entropy. Consider installing [[haveged]]. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ===NetworkManager is interfering=== | |
− | |||
− | + | hostapd may not work, if the device is managed by NetworkManager. You can mask the device: | |
− | + | {{hc|/etc/NetworkManager/NetworkManager.conf|<nowiki> | |
− | = | + | [keyfile] |
− | + | unmanaged-devices=mac:<hwaddr> | |
+ | </nowiki>}} | ||
− | = See also = | + | == See also == |
* [http://wireless.kernel.org/RTFM-AP hostapd Linux documentation page] | * [http://wireless.kernel.org/RTFM-AP hostapd Linux documentation page] | ||
* [[Router]] | * [[Router]] | ||
* [http://nims11.wordpress.com/2012/04/27/hostapd-the-linux-way-to-create-virtual-wifi-access-point/ Hostapd : The Linux Way to create Virtual Wifi Access Point] | * [http://nims11.wordpress.com/2012/04/27/hostapd-the-linux-way-to-create-virtual-wifi-access-point/ Hostapd : The Linux Way to create Virtual Wifi Access Point] | ||
+ | * [http://xyne.archlinux.ca/notes/network/dhcp_with_dns.html tutorial and script for configuring a subnet with DHCP and DNS] |
Revision as of 12:02, 17 August 2013
Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary wiki Template:Article summary wiki Template:Article summary wiki Template:Article summary wiki Template:Article summary end A software access point is used when you want your computer to act as an wifi access point for the local wireless network. It saves you the trouble of getting a separate wireless router.
Contents
Requirements
- A nl80211 compatible wireless device (e.g. ath9k)
Overview
Setting up an access point comprises two main parts:
- Setting up the wifi link layer, so that wireless clients can associate to your computer's "software access point" and send/receive IP packets from/to your computer; this is what the hostapd package will do for you.
- Setting up the network configuration on you computer, so that your computer will properly relay IP packets from/to its own Internet connection from/to wireless clients.
Wifi Link Layer
The actual Wifi link is established via the hostapd package. That package is compatible with WPA2.
Install the hostapd package from the official repositories.
Create the config file of hostapd /etc/hostapd/hostapd.conf
.
Adjust the options as necessary. Especially, change the ssid
and the wpa_passphrase
.
/etc/hostapd/hostapd.conf
ssid=YourWifiName wpa_passphrase=Somepassphrase interface=wlan0 bridge=br0 auth_algs=3 channel=7 driver=nl80211 hw_mode=g logger_stdout=-1 logger_stdout_level=2 max_num_sta=5 rsn_pairwise=CCMP wpa=2 wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP CCMP
For automatically starting hostapd, enable the hostapd.service
.
Network configuration
There are two basic ways for implementing this:
- bridge: create a network bridge on your computer (wireless clients will appear to access the same network interface and the same subnet that's used by your computer)
- NAT: with IP forwarding/masquerading and DHCP service (wireless clients will use a dedicated subnet, data from/to that subnet is NAT-ted -- similar to a normal WiFi router that's connected to your DSL or cable modem)
The bridge approach is more simple, but it requires that any service that's needed by your wireless clients (like, DHCP) is available on your computers external interface. That means it will not work if you have a dialup connection (e.g., via PPPoE or a 3G modem) or if you're using a cable modem that will supply exactly one IP address to you via DHCP.
The NAT aproach is more versatile, as it clearly separates wifi clients from your computer and it's completely transparent to the outside world. It will work with any kind of network connection, and (if needed) you can introduce traffic policies using the usual iptables approach.
Of course, it is possible to combine both things. For that, studying both articles would be necessary. Example: Like having a bridge that contains both an ethernet device and the wireless device with an static ip, offering DHCP and setting NAT configured to relay the traffic to an additional network device - that can be ppp or eth.
Bridge Setup
You need to create a network bridge and add your network interface (e.g. eth0
) to it. You should not add the wireless device (e.g. wlan0
) to the bridge; hostapd will add it on its own.
If you use netctl, see Bridge with netctl for details (just do not add tap0
used in that example).
NAT Setup
See create_ap. This script combines hostapd, dnsmasq and iptables to create a NATed Access Point.
See Internet Share for details.
On that article, the device connected to the lan is net0
. That device would be in this case your wireless device (e.g. wlan0
).
Troubleshooting
WLAN is very slow
This could be caused by low entropy. Consider installing haveged.
NetworkManager is interfering
hostapd may not work, if the device is managed by NetworkManager. You can mask the device:
/etc/NetworkManager/NetworkManager.conf
[keyfile] unmanaged-devices=mac:<hwaddr>