Saturday, April 15, 2017

Raspberry Pi to the rescue


The problem Stated

We are temporarily using a SIM based Internet router.   It works just fine but when you switch on the DHCP server,  so that wireless clients can get a dynamically allocated IP address,  it gives a DNS server address of the router.

(DNS Haiku)

And when used with any SIM, the ASUS router fails to setup any local DNS server on the router, so any connected client fails ALL Internet address lookups.   What absolutely terrible programming, and by the way, this cock-up was not in the original firmware,  but there is no way to back-level :-(


Example of the problem:
ASUS 4G-N12 Router
It's IP = 192.168.1.1
IP from the Internet = 9x.4x.xxx.22x
DHCP Range Set = 192.168.1.100 -> 192.168.1.200 inclusive

When I connect my Android phone it gets
IP = 192.168.1.100
Default Gateway = 192.168.1.1
DNS = 192.168.1.1

nslookup
> server 192.168.1.1
Default Server:  [192.168.1.1]
Address:  192.168.1.1

> bbc.co.uk
Server:  [192.168.1.1]
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to [192.168.1.1] timed-out



Why don't I manually set the DNS?
At least 2 devices we can name insist on using DHCP and there is no way to override their selection. Culprits are Google Home and Neo Heatmiser.   What terrible programming!  From these clients and also ASUS.


IP's and security
Since this is a temporary setup; the IP addresses quoted in this tutorial are the actual ones used.  Normally we would obfuscate them for security purposes.  But for any would be hackers, please note that already 2 hardware firewalls are installed,  from different vendors,  so attempted network penetration even in this temporary phase is going to be non trivial for you :-)  And since no data is actually present at this address, my sincere advice is: don't bother.


Overview of the Fix




- I will totally disable DHCP from the ASUS 4G-N12 router
- I will install, build and customise a Rasperry Pi Zero W
- pizero will have installed a DHCP server
- It will server out DHCP leases and provide the Google DNS server to clients

Raspberry Pi Zero W






The Pi Zero W is the latest iteration of the Raspberry Pi family and the W means it includes wireless.  So this amazing 10 GBP computer, plus a power supply and cables will be all we need to provide the fix


Install and Update the OS

- Installation is performed from here

https://www.raspberrypi.org/help/noobs-setup/2/

root@pizero:~# uname -a
Linux pizero 4.4.50+ #970 Mon Feb 20 19:12:50 GMT 2017 armv6l GNU/Linux

- Update OS

root@pizero:~# apt-get update
Hit http://archive.raspberrypi.org jessie InRelease
Hit http://mirrordirector.raspbian.org jessie InRelease
Hit http://archive.raspberrypi.org jessie/main armhf Packages
Hit http://mirrordirector.raspbian.org jessie/main armhf Packages
Hit http://archive.raspberrypi.org jessie/ui armhf Packages
Hit http://mirrordirector.raspbian.org jessie/contrib armhf Packages
Hit http://mirrordirector.raspbian.org jessie/non-free armhf Packages
Hit http://mirrordirector.raspbian.org jessie/rpi armhf Packages
Ign http://archive.raspberrypi.org jessie/main Translation-en
Ign http://archive.raspberrypi.org jessie/ui Translation-en
Ign http://mirrordirector.raspbian.org jessie/contrib Translation-en
Ign http://mirrordirector.raspbian.org jessie/main Translation-en
Ign http://mirrordirector.raspbian.org jessie/non-free Translation-en
Ign http://mirrordirector.raspbian.org jessie/rpi Translation-en
Reading package lists... Done


Static IP Address

The IP address of the Pi Zero W must be static since you have turned off any other DHCP server on your network

/etc/network/interfaces
iface eth0 inet manual

/etc/dhcpcd.conf
interface wlan0

inform 192.168.1.202/24
static domain_name_servers=8.8.8.8 8.8.4.4
static routers=192.168.1.1

/etc/hosts
192.168.1.202   pizero


Now reboot and check that the IP address is really changed

sync; sync; sync;
reboot
# it reboots
ifconfig wlan0
wlan0     Link encap:Ethernet  HWaddr b8:27:eb:d8:59:02
          inet addr:192.168.1.202  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::7ab6:4d57:ccff:5b94/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:30258 errors:0 dropped:20 overruns:0 frame:0
          TX packets:2378 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5165420 (4.9 MiB)  TX bytes:455109 (444.4 KiB)



Install a DHCP Server

apt-get install isc-dhcp-server

The install should succeed but the start will fail because you did not configure it yet

/etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 8.8.8.8, 8.8.4.4;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.80 192.168.1.100;

}


Reboot at this point
sync; sync; sync
reboot





Some Checking

service isc-dhcp-server status
 isc-dhcp-server.service - LSB: DHCP server
   Loaded: loaded (/etc/init.d/isc-dhcp-server)
   Active: active (running) since Fri 2017-04-14 17:18:21 UTC; 4h 36min ago
  Process: 433 ExecStart=/etc/init.d/isc-dhcp-server start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/isc-dhcp-server.service
           └─625 /usr/sbin/dhcpd -q -cf /etc/dhcp/dhcpd.conf -pf /var/run/dhc...

Apr 14 21:51:19 pizero dhcpd[625]: DHCPACK on 192.168.1.85 to 0c:8b:fd:cc:e...n0

Apr 14 21:52:12 pizero dhcpd[625]: DHCPINFORM from 192.168.1.202 via wlan0:....0
Apr 14 21:52:53 pizero dhcpd[625]: DHCPREQUEST for 192.168.1.80 from f4:f5:...n0

Apr 14 21:52:53 pizero dhcpd[625]: DHCPACK on 192.168.1.80 to f4:f5:d8:cc:1...n0


cat /var/lib/dhcp/dhcpd.leases
lease 192.168.1.80 {
  starts 5 2017/04/14 21:12:51;
  ends 5 2017/04/14 21:22:51;
  cltt 5 2017/04/14 21:12:51;
  binding state active;
  next binding state free;
  rewind binding state free;
  hardware ethernet f4:f5:d8:cc:13:a4;

  client-hostname "Google-Home";



Summary
Raspberry Pi Zero W saves the day.  It costs an astonishing 15 GBP from Pi Hut.  Incredible


Links
dhcpd.conf - Linux man page
Buy the Pi Zero W fro Pi Hut