Using a RPI as a 4G/LTE modem

Hardware :

Optional hardware

Base setup

Download and flash the last version of RaspiOS lite. Plug, boot to command prompt.

Disable bluetooth and wifi

echo -e "dtoverlay=disable-wifi\ndtoverlay=disable-bt" | sudo tee -a /boot/config.txt

Update Upgrade

sudo apt-get update
sudo apt-get upgrade -y

Install dependencies

sudo apt-get install --no-install-recommends git raspberrypi-kernel-headers dnsmasq iptables-persistent vnstat

Sixfab LTE hat

Install driver module

Make sure to do it with no hat connected

# OLD version : wget https://raw.githubusercontent.com/sixfab/Sixfab_RPi_3G-4G-LTE_Base_Shield/master/tutorials/QMI_tutorial/qmi_install.sh
wget https://raw.githubusercontent.com/sixfab/Sixfab_QMI_Installer/main/qmi_install.sh
sudo chmod +x qmi_install.sh
sudo ./qmi_install.sh

Install the auto-reconnect service

# OLD version : wget https://raw.githubusercontent.com/sixfab/Sixfab_RPi_3G-4G-LTE_Base_Shield/master/tutorials/QMI_tutorial/install_auto_connect.sh
wget https://raw.githubusercontent.com/sixfab/Sixfab_QMI_Installer/main/install_auto_connect.sh
sudo chmod +x install_auto_connect.sh
sudo ./install_auto_connect.sh

WWAN to ethernet

Fixed IP

Edit /etc/dhcpcd.conf and set your LAN settings by uncommenting and adapting lines 44 to 48 :

interface eth0
static ip_address=192.168.xx.1/24
static routers=192.168.xx.1
static domain_name_servers=192.168.xx.1 8.8.8.8

Remember to edit 192.168.xx.1 to a valid range.

DHCP server : dnsmasq

Edit /etc/dnsmasq.conf and set your dhcp server's address by adding:

listen-address=192.168.xx.1

Create /etc/dnsmasq.d/090_lan.conf :

interface=eth0
dhcp-range=eth0,192.168.xx.0,192.168.xx.50,255.255.255.0,12h

# optionnal - add fixed lease
# dhcp-host=00:11:22:33:44:55,192.168.xx.xx

#DNS servers
server=8.8.8.8
server=4.4.4.4
log-dhcp
log-queries
dhcp-option=6,8.8.8.8,4.4.4.4
log-facility=/tmp/dnsmasq.log
conf-dir=/etc/dnsmasq.d
# Use custom resolv.conf
# resolv-file=/path/to/custom/resolv.conf

Routing and IP masquerading

These steps allow clients on eth0 to access computers on the wwan0 network, and from there the internet. Begin by enabling IP forwarding with the following commands:

echo "net.ipv4.ip_forward=1" | sudo tee /etc/sysctl.d/90_wwantolan.conf > /dev/null
sudo sysctl -p /etc/sysctl.d/90_wwantolan.conf
sudo /etc/init.d/procps restart

To enable traffic between clients on the LAN and the internet, we add two iptables network address translation (NAT) "masquerade" firewall rules. Create these rules and persist them with the following:

sudo iptables -t nat -A POSTROUTING -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -s 192.168.xx.xx/24 ! -d 192.168.xx.xx/24 -j MASQUERADE
sudo iptables-save | sudo tee /etc/iptables/rules.v4

192.168.xx.xx/24 should match the network range you set in your dhcpcd config.

Optionnal steps

OpenVPN

Optionally, you may install OpenVPN, enabling openvpn-client service:

sudo apt-get install openvpn
sudo systemctl enable openvpn-client@client

Put your openvpn config and auth files in /etc/openvpn/client. After that, you can use :

sudo systemctl start openvpn-client@configfile.service

to use the VPN connection that corresponds to /etc/openvpn/client/configfile.

Ad blocking

Download the block list :

sudo wget https://github.com/notracking/hosts-blocklists/raw/master/dnsmasq/dnsmasq.blacklist.txt -O /etc/dnsmasq.blacklist.txt

Add the following line to your dnsmasq.conf :

conf-file=/etc/dnsmasq.blacklist.txt

Use cronjob to update the list automatically

#write out current crontab
sudo crontab -l > mycron
#echo new cron into cron file
# run at 3am every sunday
echo "00 3 * * 7 wget https://github.com/notracking/hosts-blocklists/raw/master/dnsmasq/dnsmasq.blacklist.txt -O /etc/dnsmasq.blacklist.txt" >> mycron
#install new cron file
sudo crontab mycron
rm mycron

One-liner public IP and Current month total data comsumption

Should be run on the Rpi. If you want to be able to run it from your station, you can put the following command in a bash script, set the execution bit on that, and run it via ssh; e.g : ssh foo@ltemodemIP /path/to/the/script.sh
In the following command, date +"%Y-%m-10" will result in the current year and month, followed by whatever value you put. You should edit the 10 to reflect the actual day of the month your data plan is reset to 0. 

wget http://ipecho.net/plain -O - -q ; echo && echo " | " && vnstat -i wwan0 -d --begin `date +"%Y-%m-10"` --end `date +"%Y-%m-10" -d "next month"` | tail -1 | awk '{print $(NF-2),$(NF-1)}'

Diagnosing commands

If you have some connectivity issues, you can access the LTE modem via serial and use various commands to check your connection.

You can find the full manual for Quectel EC25 at commands here : Quectel_EC25&EC21_AT_Commands_Manual_V1.3.pdf

You need a terminal software to connect to the LTE modem via serial. We'll use minicom.

# Install the software
sudo apt-get install -y minicom
# Connect to the modem
sudo minicom -b 115200 -D /dev/ttyUSB3

You should see something along the lines of 

Welcome to minicom 2.8

OPTIONS: I18n 
Compiled on Jan  9 2021, 12:42:45.
Port /dev/ttyUSB0, 11:54:09

Press CTRL-A Z for help on special keys

When you're done in minicom you can exit by pressing CTRL+A then X, then hit Enter.

Checking signal quality

To check the signal quality (RSSI) type at+csq, then hit enter.
You'll get an answer looking like that :

+CSQ: 19,99

Checking you're using LTE

You can request informations on the network you're connected to in order to make sure you're using 4G/LTE and not 3G/HS*PA.
In order to do that, type at+qnwinfo, then hit enter.
You'll get an answer looking like that : 

+QNWINFO: "FDD LTE","20601","LTE BAND 3",1300

Links and notes

https://docs.sixfab.com/page/qmi-interface-internet-connection-setup-using-sixfab-shield-hat

https://docs.raspap.com/manual/

0 comments

Write a comment