Set up Raspberry Pi as Router

The Raspberry Pi can be a great choice if you want to implement a customizable router for your home network. Rather than paying big bucks for a router which is not as configurable due to its proprietary software, the Raspberry Pi can be transformed into a router while retaining its default Linux operating system, with which system administrators are very familiar. Firewall rules and network monitoring are made easy when all of the traffic is passing through the Raspberry Pi instead of a locked down router.

In this tutorial, we will go through the step by step instructions of setting up a Raspberry Pi as a router. This will involve installation of software that turns the Raspberry Pi into an access point, which can hand out IP addresses to client devices (DHCP) and route traffic between them. Follow along with the configuration below to set up your Raspberry Pi as a router.

In this tutorial you will learn:

• How to install hostapd and dnsmasq software packages
• How to configure DHCP and DNS settings
• How to set SSID and network password

Set up Raspberry Pi as Router – step by step instructions

1. The first step is to install the hostapd and dnsmasq software packages, which will allow the Raspberry Pi to be configured as an access point, and provide DHCP capabilities, respectively. We will also install the netfilter-persistent and iptables-persistent packages, since we will need to apply some new iptables rules and want those rules to persist even after future reboots. Execute the following command to update the software cache and install the required packages:

   $ sudo apt update
   $ sudo apt install hostapd dnsmasq netfilter-persistent iptables-persistent
   

2. The Wi-Fi interface of the Raspberry Pi will be used as the access point for other devices to connect to. Like any router, it needs to have a static IP address. To configure a static IP address for the Wi-Fi interface, we will use nano or another text editor to open the following file with administrative privileges:

   $ sudo nano /etc/dhcpcd.conf
   

3. Inside of this file, paste the following content at the bottom to configure the wlan0 wireless interface with a static IP address and to accept incoming connections as an access point:

   inteface wlan0
   static ip_address=192.168.1.1/24
   nohook wpa-supplicant
   

   Feel free to change the IP address and subnet to any other of your choice.

   

   
   

   ---

   ---

   
   Save your changes and exit the DHCP daemon configuration file when done.

4. Next, we will need to change the net.ipv4.ip_forward kernel parameter for the Raspberry Pi. Doing so will allow the device to forward traffic from one interface (wlan0) to another (eth0). This will make the Raspberry Pi act as a pass through device. Open the following file with administrative privileges:

   $ sudo nano /etc/sysctl.d/routed-ap.conf
   

5. Paste the following line into the open file:

   net.ipv4.ip_forward=1
   

   Save your changes and exit the file when done.

6. Next, we need to add a rule to the Raspberry Pi’s firewall table that will allow it to route traffic from one interface to another, which makes it so the connecting client’s traffic can make it to its next destination, whether that be a modem or additional router, etc. The MASQUERADE option allows the Raspberry Pi to use NAT so that multiple clients can route to outside IP addresses:

   $ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
   

7. Use the next command to make sure that your Raspberry Pi’s iptables rules will persist across future system reboots:

   $ sudo netfilter-persistent save
   

8. The dnsmasq package we installed earlier will allow us to configure DNS and DHCP on the Raspberry Pi. We will get started with this by editing the /etc/dnsmasq.conf file. Note that this file already contains a lot of commented out settings and explanation, so is essentially a big readme file. We will leave all the existing information alone and apply our changes to the bottom of the file. Open it with nano or your preferred text editor:

   $ sudo nano /etc/dnsmasq.conf
   

9. At the bottom of the file, paste the following lines. Feel free to change the DHCP range of IP addresses as you see fit.

   interface=wlan0
   dhcp-range=192.168.1.2,192.168.1.30,255.255.255.0,24h
   domain=wlan
   address=/gw.wlan/192.168.1.1
   

   These settings tell the Raspberry Pi to hand out IPs in the range starting at 19.168.1.2 and ending at 192.168.1.30. Save your changes and exit the file when done.

10. Next, we will configure our wireless network settings, such as the SSID and password that clients will use in order to connect to the Raspberry Pi router. Start by editing the following file:

    $ sudo nano /etc/hostapd/hostapd.conf
    

11. Add the following contents to the file:

    country_codeUS
    interface=wlan0
    ssid=My_Network
    hw_mode=g
    channel=7
    macaddr_acl=0
    auth_algs=1
    ignore_broadcast_ssid=0
    wpa=2
    wpa_passphrase=Network_Password
    wpa_key_mgmt=WPA-PSK
    wpa_pairwise=TKIP
    rsn_pairwise=CCMP
    

    Replace My_Network with the desired name of your SSID, and Network_Password with the password that you want clients to use when they connect. You can feel free to change other settings as well, as long as you understand what they do. For the majority of cases, they should be fine as is.

12. Everything should now be good to go. In order for the changes to the various services to take effect, it is recommended to do a full system reboot before attempting to connect clients to the WiFi network and conducting a test by loading a website:

    $ sudo reboot
    

Closing Thoughts

In this tutorial, we saw how to set up a Raspberry Pi as a router. Using two easy-to-install packages, one iptables rule, and an IP forwarding kernel setting, we can turn our small Raspberry Pi device into an open source router that we have full control over.