--- title: "RaspberryPi LTE-Failover Router With DNS Caching" date: 2021-10-06 draft: false tags: ["RaspberryPi", "Arch", "linux", "router", "tethering", "android", "winblows"] summaryimage: PXL_20211006_142214161_672x504.png summaryimagew: 672 summaryimageh: 504 authors: ["trent"] post: 23 --- date: 2021-10-06 ## Introduction Apparently Windows has a problem resolving hosts when you tether from Mobile HotSpot. The solution is to build a DNS-Caching router that tethers off the smartphone. This takes advantage of Android's ability so transparently fail-over to LTE when residential internet service goes down. This solution also takes advantage of the RaspberryPi's incredibly low price, the fact that LineageOS will run on cheap old phones that are no longer supported by the mfgr, and the fact that GoogleFi will ship you a data-sim for free. For instance, I just bought a brand-new, open-box Pixel phone for $85, and presumable the MotoX4 can also be had for next to nothing. ## Materials * [RaspberryPi](https://www.amazon.com/CanaKit-Raspberry-Starter-Premium-Black/dp/B07BCC8PK7){target="_blank"} running [Arch Linux Arm](https://archlinuxarm.org/platforms/armv8/broadcom/raspberry-pi-3){target="_blank"} * Old Android Phone Running [LineageOS](https://wiki.lineageos.org/devices/){target="_blank"} * [Free Data Sim Card From GoogleFi](https://support.google.com/fi/answer/6330195?hl=en#zippy=%2Corder-your-data-only-sim){target="_blank"}
RaspberryPi Router tethered off MotoX4 (running LineageOS)
## Setup Personally I would * [secure the ssh server](https://wiki.archlinux.org/title/OpenSSH#Force_public_key_authentication){target="_blank"} * [generate and configure the locale](https://wiki.archlinux.org/title/locale){target="_blank"} * [remove the default root password, and default user](https://wiki.archlinux.org/title/users_and_groups){target="_blank"} * write your preferred hostname in `/etc/hostname` * configure your preferred timezone: ```shell ln -sf /usr/share/zoneinfo// /etc/localtime ``` Additionally, the router won't be accessible for administrative tasks when it is behind the _Android Tether_ ; for this I would use a [wireguard vpn](https://wiki.archlinux.org/title/WireGuard){target="_blank"}. ## Configure The Router. The entire configuration of the router consists of two `systemd-networkd` interface definitions, as well as `/etc/resolv.conf`, and `/etc/dnsmasq.conf`. ### resolvconf `systemd-resolved` is no use to us because it only listens on localhost. ```shell # disable systemd-resolved systemctl stop systemd-resolved systemctl disable systemd-resolved unlink /etc/resolv.conf ``` After unlinking the symlinked version of `/etc/resolv.conf`, write your nameservers and options in a real `/etc/resolv.conf`. ```cfg # the default timeout of 5 seconds is too slow options timeout:1 # nameserver when connected to lan nameserver 192.168.1.1 # nameserver when connected to mobile network nameserver 8.8.8.8 ``` ### Interface Definitions For `systemd-networkd` I believe the usb interfaces are numbered 1-4, so either be careful which one you use, or maybe a wildcard name will work, i.e. `Name=usb*` ```cfg # uplink # /etc/systemd/network/usb0.network [Match] Name=usb0 [Network] DHCP=yes DNSSEC=no IPForward=yes ``` ```cfg # downlink, ethernet cable # /etc/systemd/network/eth0.network [Match] Name=eth0 [Network] Address=10.12.34.1/24 DHCPServer=yes IPForward=yes IPMasquerade=both ``` ### Configuration For `dnsmasq` Install [dnsmasq](https://wiki.archlinux.org/title/dnsmasq){target="_blank"}, and enable it `systemctl enable dnsmasq`. ```cfg # /etc/dnsmasq.conf resolv-file=/etc/resolv.conf interface=eth0 no-dhcp-interface=eth0 ``` ## Reboot Plug in the Android Phone, reboot the RaspberryPi, and when it comes back up toggle on the USB tether on the Android Phone. Plug ethernet cable into Windows Computer, open **CMD** prompt and type `ping google.com` to test connectivity and name resolution. Or on a Linux computer type `ping -c 3 google.com`. ## Alternate DHCP Service You can use `dnsmasq` for DHCP Service instead of `systemd-networkd`. ```cfg # downlink, ethernet cable # /etc/systemd/network/eth0.network [Match] Name=eth0 [Network] Address=10.12.34.1/24 # DHCPServer=yes IPForward=yes IPMasquerade=both ``` ```cfg # /etc/dnsmasq.conf resolv-file=/etc/resolv.conf interface=eth0 # no-dhcp-interface=eth0 dhcp-range=10.12.34.50,10.12.34.150 ``` ## Reference For `systemd-networkd` * examples in `/usr/lib/systemd/network/` * [Man Page](https://www.freedesktop.org/software/systemd/man/systemd.network.html){target="_blank"} ## Use With Multiple Computers Just add an [unmanaged switch](https://www.amazon.com/Ethernet-Splitter-Optimization-Unmanaged-TL-SG108/dp/B00A121WN6){target="_blank"}. ## Wifi Instead of Ethernet Use downlink definition for `wlan0` instead of `eth0`, and install `hostapd` ```cfg # /etc/hostapd/hostapd.conf interface=wlan0 hw_mode=g channel=7 wmm_enabled=0 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wpa=2 wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP ssid=NETWORK wpa_passphrase=PASSWORD ```