New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bridged AP Mode #523
Bridged AP Mode #523
Conversation
Merged with master and #527. OpenVPN and the managed mode AP will need a look. On the UI side, I can imagine a switch on the hostapd advanced tab to enable the bridged-routed AP. I like that this approach makes it toggleable from the front-end, rather than setting an either/or option at install time. I'll pull this shortly and put it into testing. Thanks for the PR |
Hi billz, can I confirm with you what you mean by managed mode AP (simultaneous client + AP)? Is it that the Pi's onboard wireless card both acts as the client to another AP while itself serving as an AP without needing any other network devices like a USB-WiFi dongle? |
@Taikuh yes, exactly right. It was developed initially to extend AP support to the Pi Zero W |
I've had trouble getting the simultaneous mode to work even on the master branch circa one week ago. I've consulted the FAQ and other people's Issues. I must be missing something somewhere and will look into it more in the coming days. If I'm still stuck, I'll open a proper issue for it. Meanwhile, I've pushed a change. A Bridged AP mode toggle appears below the Client AP mode toggle. Unlike the Client AP toggle, the Bridged AP toggle is never disabled. It works like the other toggles on the page: toggle > Save Settings > Restart hotspot. Some issues:
Possible solution for 1 and 2: In addition, I'm operating under the assumption that Bridged mode and Client AP mode are incompatible. If anybody can confirm this, it would help with future headaches trying to get them to work together. |
@Taikuh excellent work. Integrates nicely into the project and works more or less flawlessly. I tested this using the
Connected clients are given leases by the router and do not appear in the Pi's DHCP logs or dnsmasq leases. Re: automating discovery of br0 or wlan0's IP and redirecting depending on the mode, Avahi responds to mDNS requests on the local network, so accessing the Pi via hostname.local should work. Although in practice it can take time for mDNS to resolve the new IP. An http redirect might be possible but could be tricky with timing. Failing this, we can provide a FAQ for discovering the Pi's new IP on the local network. Let's think on this.
I assigned a static IP for
I'll run through another test cycle with the managed mode AP. Feel free to create an issue in the meantime. In any case, I think it's safe to assume that a managed mode + bridged AP won't be supported, at least initially. |
Thanks for testing and for the feedback, @billz Accessing the RaspAP web portal by hostname
I can confirm that using hostname.local is the simplest solution for now. I'm trying to learn as I go, but for now terms like Avahi and mDNS are going above my head. In the meantime regarding hostname.local, it seems like different browsers behave differently: Safari, macOS & iOS: hostname.local resolves to RaspAP's web portal and asks for authentication (admin:secret). For my intents and purposes, works as intended. Assigning a static IP to
|
Changes in the latest pushThe following pages and settings are disabled when in Bridged AP mode:
In addition, I moved some logic around so that Bridged mode settings take precedence over Client mode. This makes sense to me because it's either/or for Bridged AP vs Routed AP modes (routed being the RaspAP default). Whereas Client mode is more an optional extension of Routed AP mode and is incompatible with Bridged mode. However, I also moved some code around so that the previous "Client mode enabled" status is saved yet ineffective when Bridged mode is enabled. So, disabling Bridged mode should also revert the Client mode to its previous state. Note that I haven't tested any change regarding the Client mode toggle and save-state. |
Thanks for commenting on each block of commits (and rebasing with master). I'll do my best to follow up on some key points you raise...
Good to know and agreed. For now, this could be documented with a FAQ or wiki page for users who want a static IP for the bridge interface.
There is no practical way, that I know of, to bridge a wifi client. Most of the documented wifi client "bridges" one finds online are actually routed configurations. Also worth mentioning that @epoch1970 certainly knows his stuff :)
Noted and makes sense.
Absolutely. I've started feature branches several times in the past to address this, but haven't arrived yet at the holy grail of logical config handling. This is partly the result of historical inertia with the project and different authors' approaches and also a function of my limited time to overhaul the code. A possible(?) step forward was defining wireless regulatory info in /config/wireless.json. @glaszig followed up with dns-servers.json. Not advocating moving all project configs to .json, but clearly a better solution is needed.
I'll do a fresh test pass with this feature branch today. It's really shaping up nicely. |
Your feedback is greatly appreciated. And yes epoch1970 is a networking wizard!
I'm thinking an introductory section in the README similar to Simultaneous AP and Wifi Client, along with a wiki page for more details such as setting the static IP.
Most understandable. Luckily, I have plenty of free time but unfortunately haven't any formal training in any of these matters. Once the initial documentation of Bridged AP mode is finished and we iron out any remaining kinks with Client mode, I'll have more energy to devote to this. Changes in latest commit (OpenVPN)I couldn't get OpenVPN to work with Bridged AP mode. I really hope it's possible though; my objective with this project was to have my Apple TV connect to my Pi's AP and through a VPN in order to spoof my location. This setup works perfectly well using RaspAP's default Routed AP mode. But I was looking into Bridged AP mode because I also want my Apple TV to be visible to other devices in my LAN that aren't connected to the Pi's AP.
Next upDocumentation and resolving any Client mode incompatibility problems. After that, I feel it's safe to say that Bridged AP mode is ready, albeit in a much more limited fashion than the default Routed AP mode. |
I was about to suggest disabling OpenVPN but you beat me to it ;) Ran through the following test with a fresh install on a Pi Model 4:
I haven't looked at the logs, but the user-facing functionality appears solid. |
Whew what a ride! After all that, what happens if you go straight to Hotspot > Advanced, then directly toggle/enable Bridged AP mode > Save Settings > Restart Hotspot? I expect OpenVPN to gracefully stop (may take a few seconds) and I got simultaneous routed AP and client mode to work and did a similar test to above.
I will add in some lines to correctly disable |
It should be possible. With a bridged AP I had no problems enabling OpenVPN via the UI and connecting a client. Using
Yep, agreed. I also think this deserves an introductory section in the README with a link to a wiki page.
I left that one out ;) Thanks for testing this case. Sounds good re: disabling uap0 when in bridged mode. Should be the final piece. |
I can confirm this as well. I wrongly assumed br0's clients would use the VPN's public IP, so I initially wrote it off as non-functional. I have concluded what I can comfortably say is the initial release of Bridged AP mode for RaspAP. Switching between the different possible configurations doesn't seem to break anything:
I've added the initial draft for the README's Bridged AP section. And the following comment can be used as a draft for a wiki page: |
Bridged AP modeBy default RaspAP configures a routed AP as its hotspot, where your RPi creates a subnet and assigns IP addresses to its hotspot clients. If you would rather have your upstream router assign IP addresses, RaspAP lets you easily change the hotspot configuration to an alternative bridged AP. This is also useful if you want your RPi and its hotspot clients to be visible to other devices in your router's network. Toggling bridged AP modeIn the RaspAP web interface, go to Hotspot > Advanced tab, then slide the Bridged AP mode toggle. Save settings then Restart hotspot. Bridged AP mode limitationsBridged AP mode has some limitations compared to RaspAP's default routed AP. Hotspot > Advanced tab > Wifi Client AP mode is disabled. Your RPi cannot connect as a client to another Wifi network while simultaneously hosting its own bridged AP (hotspot). DHCP Server page is disabled. In bridged AP mode, your upstream router is the DHCP server. Use your router's web interface to configure DHCP settings. Clients connected to a bridged AP with OpenVPN enabled will not have their traffic routed through the VPN server. Your RPi itself will still have its own traffic routed through the VPN server. Accessing the RaspAP web interfaceIn bridged AP mode, you will no longer be able to access RaspAP's web interface using the default 10.3.141.1 address. This is because your RPi no longer creates its own 10.3.141.0/24 subnet for its hotspot. Instead, access RaspAP's web interface by entering your RPi's hostname followed by Some browsers have trouble resolving If none of the above work, use your RPi's local IP address. Find it by checking your router's web interface or by entering the following command from your RPi terminal. ifconfig br0 | grep 'inet ' | awk '{print $2}' |
Agreed. I repeated these tests with your most recent commits. Bridged mode worked as expected with the existing services/functionality. Services also returned to their various configurations following a reboot of the Pi. No issues connecting a variety of clients (iOS, Android, MacOS, etc).
Outstanding, thank you. I've added the wiki page with your text, which incidentally has the same voice as the other project docs :) Will link it post-merge from the readme and also update the manual installation steps. This is a significant update that the RaspAP community has wanted for a long time. I also appreciate the thoroughness of your integration and testing. Sincere gratitude! |
I'm not master at this but I was annoyed change of IPs everytime I run raspap (I need to use it in Bridge mode) So, I set the following run on boot which replaces br0 MAC address with the MAC address I provide (I put the eth0's MAC address instead of 00:00:00:00:00:00)
Now it gets the same IP. Also, interestingly, my raspberry itself couldn't connect to internet before I made this change although its wifi clients could connect well. |
See #522 for the original issue.
For more info on setting up a bridged access point, see here.
My implementation is based on the above link. The above link is confirmed to be working for the latest Raspbian Lite Buster on RPi 3 and 4. My implementation is confirmed to be working on my own Raspbian Lite Buster Rpi 4.
Currently, my implementation consists of a few changes to the original setup in common.sh, dhcpcd.conf, hostapd.conf as well as the addition of a couple networkd files. Everything is tied up with
installers/toggle-bridged-routed.sh
.toggle-bridged-routed.sh
will automatically detect if the virtual bridge device is initialized and has been assigned an IP address. If so, it will toggle back to the default routed AP mode. If not, it will toggle to the bridged mode. There are also two "subcommands" / options:toggle-bridged-routed.sh force-bridged
andtoggle-bridged-routed.sh force-routed
that force their respective configuration.I have not been able to see if the simultaneous client-AP mode works with the bridged configuration, namely because I can't get that mode to work in the first place.
I also haven't tested the bridge mode with OpenVPN. Please refer to the #522 to see what else I need help on.