Enhance network stability by using systemd-networkd

[mycognosist]

Relates to #15

Setup client and AP using systemd-networkd

This setup removes the need for hostapd and dnsmasq, as well as the complexity of starting and stopping these services and wpa_supplicant (required for our current setup which uses a single wireless interface to switch between client and access-point mode).

This issue documents the process of utilizing and setting-up two separate WiFi interfaces for PeachCloud networking: one to serve as an access point and one to serve as a client. We use systemd-networkd to enable this:

networkd is a small and lean service to configure network interfaces, designed mostly for server use cases in a world with hotplugged and virtualized networking. Its configuration is similar in spirit and abstraction level to ifupdown, but you don't need any extra packages to configure bridges, bonds, vlan etc. It is not very suitable for managing WLANs yet; NetworkManager is still much more appropriate for such Desktop use cases.

NB: I am still in the process of testing this deployment.

References:

quick-setup (https://raspberrypi.stackexchange.com/a/108593):
systemd-networkd & interface setup (https://raspberrypi.stackexchange.com/a/95073)

---

install wifi adapter firmware

First install drivers for the usb wifi adapter. In my case I'm using an adapter with a RT5370 chipset:

sudo apt install firmware-ralink

create interface file for a wired connection

sudo -Es
cat > /etc/systemd/network/04-wired.network <<EOF
[Match]
Name=e*

[Network]
## Uncomment only one option block
# Option: using a DHCP server and multicast DNS
LLMNR=no
LinkLocalAddressing=no
MulticastDNS=yes
DHCP=ipv4

# Option: using link-local ip addresses and multicast DNS
#LLMNR=no
#LinkLocalAddressing=yes
#MulticastDNS=yes

# Option: using static ip address and multicast DNS
# (example, use your settings)
#Address=192.168.50.60/24
#Gateway=192.168.50.1
#DNS=84.200.69.80 1.1.1.1
#MulticastDNS=yes
EOF

deinstall classic networking

sudo -Es
apt --autoremove purge ifupdown dhcpcd5 isc-dhcp-client isc-dhcp-common rsyslog
apt-mark hold ifupdown dhcpcd5 isc-dhcp-client isc-dhcp-common rsyslog raspberrypi-net-mods openresolv
rm -r /etc/network /etc/dhcp

setup/enable systemd-resolved and systemd-networkd

apt --autoremove purge avahi-daemon
apt-mark hold avahi-daemon libnss-mdns
apt install libnss-resolve
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
systemctl enable systemd-networkd.service systemd-resolved.service
exit

configure wpa_supplicant for wlan1 as access point

sudo -Es
apt install rfkill
cat > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf <<EOF
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="peach"
    mode=2
    key_mgmt=WPA-PSK
    psk="cloudless"
    frequency=2412
}
EOF
chmod 600 /etc/wpa_supplicant/wpa_supplicant-wlan1.conf
systemctl disable wpa_supplicant.service
systemctl enable [email protected]
rfkill unblock 1

configure wpa_supplicant for wlan0 as client

cat > /etc/wpa_supplicant/wpa_supplicant-wlan1.conf <<EOF
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="TestNet"
    psk="anotherSecretPassword"
}
EOF
chmod 600 /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
systemctl disable wpa_supplicant.service
systemctl enable [email protected]
rfkill unblock 0

configure interfaces

cat > /etc/systemd/network/08-wlan1.network <<EOF
[Match]
Name=wlan1
[Network]
Address=11.11.11.1/24
# IPMasquerade is doing NAT
#IPMasquerade=yes
#IPForward=yes
DHCPServer=yes
[DHCPServer]
DNS=84.200.69.80 1.1.1.1
EOF

cat > /etc/systemd/network/12-wlan0.network <<EOF
[Match]
Name=wlan0
[Network]
DHCP=yes
EOF

reboot and check service status

sudo reboot now
sudo systemctl status [email protected]
sudo systemctl status [email protected]

[mycognosist]

Client and AP switching using a single interface (systemd-networkd)

@mhfowler and I have both done initial testing of this setup and it appears to be very stable. Switching modes is also swift and efficient. I have created a standalone script for deployment (peach-config/scripts/setup_networking.py) and have also updated the integrated deployment script to use this approach instead of hostapd + dnsmasq (peach-config/scripts/setup_dev_env.py) (both should soon be merged to main in 0.2.4 of peach-config).

---

References:

Infinite thanks to ingo for sharing these setup instructions online!

quick-setup
switch between wifi client and access point without reboot

deinstall classic networking

sudo -Es   # if not already done
apt install libnss-resolve
apt --autoremove purge ifupdown dhcpcd5 isc-dhcp-client isc-dhcp-common rsyslog
apt-mark hold ifupdown dhcpcd5 isc-dhcp-client isc-dhcp-common rsyslog raspberrypi-net-mods openresolv
rm -r /etc/network /etc/dhcp

setup/enable systemd-resolved and systemd-networkd

apt --autoremove purge avahi-daemon
apt-mark hold avahi-daemon libnss-mdns
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
systemctl enable systemd-networkd.service systemd-resolved.service

create interface file for a wired connection

sudo -Es
cat > /etc/systemd/network/04-wired.network <<EOF
[Match]
Name=e*

[Network]
## Uncomment only one option block
# Option: using a DHCP server and multicast DNS
LLMNR=no
LinkLocalAddressing=no
MulticastDNS=yes
DHCP=ipv4

# Option: using link-local ip addresses and multicast DNS
#LLMNR=no
#LinkLocalAddressing=yes
#MulticastDNS=yes

# Option: using static ip address and multicast DNS
# (example, use your settings)
#Address=192.168.50.60/24
#Gateway=192.168.50.1
#DNS=84.200.69.80 1.1.1.1
#MulticastDNS=yes
EOF

setup wpa_supplicant as wifi client with wlan0

cat > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf <<EOF
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="TestNet"
    psk="verySecretPwassword"
}
EOF

chmod 600 /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
systemctl disable wpa_supplicant.service
systemctl enable [email protected]

setup wpa_supplicant as access point with ap0

cat > /etc/wpa_supplicant/wpa_supplicant-ap0.conf <<EOF
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network={
    ssid="RPiNet"
    mode=2
    key_mgmt=WPA-PSK
    proto=RSN WPA
    psk="anotherPassword"
    frequency=2412
}
EOF

chmod 600 /etc/wpa_supplicant/wpa_supplicant-ap0.conf

configure interfaces

cat > /etc/systemd/network/08-wlan0.network <<EOF
[Match]
Name=wlan0
[Network]
DHCP=yes
EOF

cat > /etc/systemd/network/12-ap0.network <<EOF
[Match]
Name=ap0
[Network]
Address=192.168.4.1/24
DHCPServer=yes
[DHCPServer]
DNS=84.200.69.80 1.1.1.1
EOF

modify service for access point to use ap0

systemctl disable [email protected]
systemctl edit --full [email protected]

modify/insert only these lines: Requires=, After=, Conflicts=, ExecStartPre= and ExecStopPost= as shown:

[Unit]
Description=WPA supplicant daemon (interface-specific version)
Requires=sys-subsystem-net-devices-wlan0.device
After=sys-subsystem-net-devices-wlan0.device
[email protected]
Before=network.target
Wants=network.target

# NetworkManager users will probably want the dbus version instead.

[Service]
Type=simple
ExecStartPre=/sbin/iw dev wlan0 interface add ap0 type __ap
ExecStart=/sbin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -Dnl80211,wext -i%I
ExecStopPost=/sbin/iw dev ap0 del

[Install]
Alias=multi-user.target.wants/wpa_supplicant@%i.service

set wlan0 to run as client on startup

sudo systemctl enable [email protected]
sudo systemctl disable [email protected]
reboot

switch the service when desired (no stopping of services is required)

sudo systemctl start [email protected]
sudo systemctl start [email protected]

[mycognosist]

This glorious change has now been enacted, both in peach-config and peach-network. We have implemented the single interface switching approach. May digital blessings rain down upon ingo.