Expanded WiFi coverage with a Rasp Pi access point network

Arming the Rasp Pi's

I used the current release of the Raspbian Wheezy [1] distribution to run the Rasp Pi access points. To download the required packages for the purposes of this example, type the following command line at the console:

$ sudo apt-get install iw hostapd bridge-utils

A WiFi USB stick is suitable for this setup as long as it fulfills two requirements: availability of a Linux driver and support for running in access point mode. You can find out which sticks come with suitable drivers by reviewing relevant forums and wikis, such as eLinux.org [2] or Linux Wireless [3].

The output of the dmesg and iw list commands will list the functionality supported by a WiFi USB stick. By studying this information, you can get an idea of whether the stick is suitable for the planned endeavor. Listing 1 [4] provides an example.

Listing 1

Sample Functionality of WiFi USB Stick

[...]
[    3.212744] usb 1-1.2: new high-speed USB device number 4 using
dwc_otg
[...]
[    3.400052] usb 1-1.2: Product: 802.11 n WLAN
[    3.409572] usb 1-1.2: Manufacturer: Ralink
[...]
[    5.580236] cfg80211: Calling CRDA to update world regulatory domain
[...]
[    6.549881] usbcore: registered new interface driver rt2800usb
[...]

Figure 3 shows a Rasp Pi operating as a WiFi access point with antennas that can be rotated and swiveled. USB sticks with detachable antennas are optimal for use. You will then be able to exchange an original antenna for a newer model with directional characteristics or greater antenna gain, or for a model that can be mounted outside.

Figure 3: A Rasp Pi used as a WiFi access point.

Setting Up the Access Points

The access point daemon of the Rasp Pi is configured by making appropriate changes in a total of four files [5]. Use the schema shown in Listing 2 to configure the networking units in the /etc/network/interfaces file. In this example, I assume that the network has the network address 192.168.0.0/24.

Listing 2

Configuring Networking Units

# /etc/network/interfaces for AP0
# (AP1 has been commented out)
auto lo
iface lo inet loopback
auto br0
iface br0 inet static
  address 192.168.0.100  #AP0
# address 192.168.0.101  #AP1
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
  bridge_ports eth0 wlan0

So that every access point in your network can find its way around, you need to extend the file /etc/resolv.conf by at least entering the line nameserver 192.168.0.1.

For the daemon to start with each system launch, you only need to enter the line DAEMON_CONF=/etc/hostapd/hostapd.conf into the /etc/default/hostapd file.

The actual configuration then takes place in the /etc/hostapd/hostapd.conf file. This file should be accessible only by the system administrator, or root, because it contains the secret private session key in cleartext.

The commands from Listing 3 configure access points AP0 and AP1 in such a way that they also support the Inter Access Point protocol (IAPP) according to the retracted 802.11f standard. This mobility procedure is designed so that each access point with which a receiving device registers communicates this fact to all other access points. These then delete the device from their list of clients.

Listing 3

Configuring Access Points

# /etc/hostapd/hostapd.conf
# for AP0 (note that AP1 information has been commented out)
# general
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
driver=nl80211
eap_server=0
logger_syslog=-1
logger_syslog_level=0
logger_stdout=-1
logger_stdout_level=0
# interfaces
interface=wlan0           # WiFi device
bridge=br0                # WiFi-to-LAN bridge
iapp_interface=br0        # Device for 802.11f messages
# WiFi configuration
channel=5                 # AP0
#channel=9                # AP1
ssid=PiNetwork
ignore_broadcast_ssid=0
hw_mode=g
country_code=DE
beacon_int=100
dtim_period=5
# Authentication
macaddr_acl=0
auth_algs=1
# Encryption
wpa=2                     # AP only offers WPA2
wpa_key_mgmt=WPA-PSK      # commonly used without Fast-BSS-Transition
# commonly used with Fast-BSS-Transition:
# wpa_key_mgmt=WPA-PSK FT-PSK
rsn_pairwise=CCMP
wpa_passphrase=topsecret  # PSK is the same for all APs

The standard IEEE 802.11f standardizes an additional mobility procedure, in that it regulates a fast BSS transition or handoff from one access point to another. You should take great care in setting up this configuration. In case of any doubts, you should omit this part completely. It would not be a great loss, because hardly any devices, aside from Linux systems with WPA supplicant, support this procedure.

For specifying a fast BSS transition according to the 802.11r standard, simply append the lines from Listing 4 to the /etc/hostapd/hostapd.conf file (see Listing 3) and modify the contents according to the specifications of the devices used in your WiFi network. Modifying the MAC addresses is especially important.

Listing 4

Mobility Management Configuration

# /etc/hostapd/hostapd.conf Extension for AP0 (with AP1 commented out)
#
# 802.11r Mobility Management Configuration, Part 1
# Note: the br0-MAC is obtained via the command 'ifconfig br0'
mobility_domain=a0b1           # Domain ID for all APs is the same
nas_identifier=7cdd90affeff    # AP0: own br0-MAC serves as NAS/R0KH-ID
# nas_identifier=7cdd90affe4d  # AP1: own br0-MAC serves as NAS/R0KH-ID
r0_key_lifetime=10000
r1_key_holder=7cdd90affeff     # AP0: own br0-MAC serves as R1KH-ID
# r1_key_holder=7cdd90affe4d   # AP1: own br0-MAC serves as R1KH-ID
reassociation_deadline=1000
pmk_r1_push=1
# 802.11r Mobility Management Configuration, Part 2
# symmetrical structure, the corresponding other APs are R0/R1 Key Holder
# with 2 APs there is exactly one other R0/R1 Key Holder for each
# Note: Target-MAC as well as NAS/R0HK-ID and R1KH-ID are identical here
# Careful: 128-Bit
# Keys need to match in a pairwise fashion. For example:
#    AP0: R0KH key with target AP1 must equal AP1's R1KH key with target AP0
#    AP0: R1KH key with target AP1 must equal AP1's R0KH key with target AP0
# For a third AP, extend the entries for R0HK und R1HK accordingly
r0kh=7c:dd:90:af:fe:4d 7cdd90affe4d 0f0e0d0c0b0a09080706050403020100
r1kh=7c:dd:90:af:fe:4d 7c:dd:90:af:fe:4d 000102030405060708090a0b0c0d0e0f
#r0kh=7c:dd:90:af:fe:ff 7cdd90affeff 000102030405060708090a0b0c0d0e0f
#r1kh=7c:dd:90:af:fe:ff 7c:dd:90:af:fe:ff 0f0e0d0c0b0a09080706050403020100

Buy this article as PDF

Express-Checkout as PDF

Pages: 6

Price $2.95
(incl. VAT)

Buy Raspberry Pi Geek

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content