Using a RPI as a 4G/LTE modem
Hardware :
- any RPI with GPIO headers
- Sixfab's 4g lte base hat + Quectel EC25 mini PCIe module
- sd card, power supply, keyboard, lan cables, hdmi display, etc.
Optional hardware
Base setup
Download and flash the last version of RaspiOS lite. Plug, boot to command prompt.
Disable bluetooth and wifi
echo -e "dtoverlay=disable-wifi\ndtoverlay=disable-bt" | sudo tee -a /boot/config.txt
Update Upgrade
sudo apt-get update
sudo apt-get upgrade -y
Install dependencies
sudo apt-get install --no-install-recommends git raspberrypi-kernel-headers dnsmasq iptables-persistent vnstat
Sixfab LTE hat
Install driver module
Make sure to do it with no hat connected
# OLD version : wget https://raw.githubusercontent.com/sixfab/Sixfab_RPi_3G-4G-LTE_Base_Shield/master/tutorials/QMI_tutorial/qmi_install.sh
wget https://raw.githubusercontent.com/sixfab/Sixfab_QMI_Installer/main/qmi_install.sh
sudo chmod +x qmi_install.sh
sudo ./qmi_install.sh
Install the auto-reconnect service
# OLD version : wget https://raw.githubusercontent.com/sixfab/Sixfab_RPi_3G-4G-LTE_Base_Shield/master/tutorials/QMI_tutorial/install_auto_connect.sh
wget https://raw.githubusercontent.com/sixfab/Sixfab_QMI_Installer/main/install_auto_connect.sh
sudo chmod +x install_auto_connect.sh
sudo ./install_auto_connect.sh
WWAN to ethernet
Fixed IP
Edit /etc/dhcpcd.conf
and set your LAN settings by uncommenting and adapting lines 44 to 48 :
interface eth0
static ip_address=192.168.xx.1/24
static routers=192.168.xx.1
static domain_name_servers=192.168.xx.1 8.8.8.8
Remember to edit 192.168.xx.1
to a valid range.
DHCP server : dnsmasq
Edit /etc/dnsmasq.conf
and set your dhcp server's address by adding:
listen-address=192.168.xx.1
Create /etc/dnsmasq.d/090_lan.conf
:
interface=eth0
dhcp-range=eth0,192.168.xx.0,192.168.xx.50,255.255.255.0,12h
# optionnal - add fixed lease
# dhcp-host=00:11:22:33:44:55,192.168.xx.xx
#DNS servers
server=8.8.8.8
server=4.4.4.4
log-dhcp
log-queries
dhcp-option=6,8.8.8.8,4.4.4.4
log-facility=/tmp/dnsmasq.log
conf-dir=/etc/dnsmasq.d
# Use custom resolv.conf
# resolv-file=/path/to/custom/resolv.conf
Routing and IP masquerading
These steps allow clients on eth0
to access computers on the wwan0
network, and from there the internet.
Begin by enabling IP forwarding with the following commands:
echo "net.ipv4.ip_forward=1" | sudo tee /etc/sysctl.d/90_wwantolan.conf > /dev/null
sudo sysctl -p /etc/sysctl.d/90_wwantolan.conf
sudo /etc/init.d/procps restart
To enable traffic between clients on the LAN and the internet, we add two iptables
network address translation (NAT) "masquerade" firewall rules.
Create these rules and persist them with the following:
sudo iptables -t nat -A POSTROUTING -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -s 192.168.xx.xx/24 ! -d 192.168.xx.xx/24 -j MASQUERADE
sudo iptables-save | sudo tee /etc/iptables/rules.v4
192.168.xx.xx/24
should match the network range you set in your dhcpcd config.
Optionnal steps
OpenVPN
Optionally, you may install OpenVPN, enabling openvpn-client
service:
sudo apt-get install openvpn
sudo systemctl enable openvpn-client@client
Put your openvpn config and auth files in /etc/openvpn/client
. After that, you can use :
sudo systemctl start openvpn-client@configfile.service
to use the VPN connection that corresponds to /etc/openvpn/client/configfile
.
Ad blocking
Download the block list :
sudo wget https://github.com/notracking/hosts-blocklists/raw/master/dnsmasq/dnsmasq.blacklist.txt -O /etc/dnsmasq.blacklist.txt
Add the following line to your dnsmasq.conf
:
conf-file=/etc/dnsmasq.blacklist.txt
Use cronjob to update the list automatically
#write out current crontab
sudo crontab -l > mycron
#echo new cron into cron file
# run at 3am every sunday
echo "00 3 * * 7 wget https://github.com/notracking/hosts-blocklists/raw/master/dnsmasq/dnsmasq.blacklist.txt -O /etc/dnsmasq.blacklist.txt" >> mycron
#install new cron file
sudo crontab mycron
rm mycron
One-liner public IP and Current month total data comsumption
Should be run on the Rpi. If you want to be able to run it from your station, you can put the following command in a bash script, set the execution bit on that, and run it via ssh
; e.g : ssh foo@ltemodemIP /path/to/the/script.sh
In the following command, date +"%Y-%m-10"
will result in the current year and month, followed by whatever value you put. You should edit the 10
to reflect the actual day of the month your data plan is reset to 0.
wget http://ipecho.net/plain -O - -q ; echo && echo " | " && vnstat -i wwan0 -d --begin `date +"%Y-%m-10"` --end `date +"%Y-%m-10" -d "next month"` | tail -1 | awk '{print $(NF-2),$(NF-1)}'
Diagnosing commands
If you have some connectivity issues, you can access the LTE modem via serial and use various commands to check your connection.
You can find the full manual for Quectel EC25 at commands here : Quectel_EC25&EC21_AT_Commands_Manual_V1.3.pdf
You need a terminal software to connect to the LTE modem via serial. We'll use minicom
.
# Install the software
sudo apt-get install -y minicom
# Connect to the modem
sudo minicom -b 115200 -D /dev/ttyUSB3
You should see something along the lines of
Welcome to minicom 2.8
OPTIONS: I18n
Compiled on Jan 9 2021, 12:42:45.
Port /dev/ttyUSB0, 11:54:09
Press CTRL-A Z for help on special keys
When you're done in minicom you can exit by pressing CTRL+A
then X
, then hit Enter
.
Checking signal quality
To check the signal quality (RSSI) type at+csq
, then hit enter.
You'll get an answer looking like that :
+CSQ: 19,99
- 19 is your RSSI, and should be between 1 and 31, 31 being the best signal quality.
- 99 is your Bit Error Rate in percentage. 99 means "Not known or not detectable", so is good.
Checking you're using LTE
You can request informations on the network you're connected to in order to make sure you're using 4G/LTE and not 3G/HS*PA.
In order to do that, type at+qnwinfo
, then hit enter.
You'll get an answer looking like that :
+QNWINFO: "FDD LTE","20601","LTE BAND 3",1300
- The first field is the Acces technology. It should contain the word "LTE".
- The second field is your provider's MCCMNC.
- The third field is the operating band, it should containe the word "LTE".
- The last field is the operating channel.
Links and notes
https://docs.sixfab.com/page/qmi-interface-internet-connection-setup-using-sixfab-shield-hat
https://docs.raspap.com/manual/