[Guide] OpenWRT Hotspot Relay
Posted: Fri Aug 05, 2022 5:53 pm
This is a guide to relay a hotspot via Relayd with TTL/HL modifications. This works well if it's the only option, but the use of relayd can introduce bottlenecks if the network is too fast for the router's cpu. Setting up a bridge with DD-WRT or Tomato does not have this issue, but ymmv depending on the hardware you have and what your needing to connect to. This pseudo bridge setup does not bypass Android's builtin client limit.
My router has two radios, wlan0 for 2.4GHz and wlan1 for 5GHz, and I'm using wlan1 to connect to the hotspot. I made these parts bold so you know to substitute for your device. This process largely mirrors the official documentation so you can turn to it if you get lost.
https://openwrt.org/docs/guide-user/net ... figuration
Go to System -> Software and install luci-proto-relay and iptables-mod-ipopt
Network -> Interfaces -> Interfaces tab -> LAN interface -> Edit
Set IPv4 address 10.0.0.1
DHCP Server tab -> General Setup sub-tab
Check 'Ignore interface'
IPv6 Settings tab
Set 'RA-Service' to 'relay mode'
Set 'DHCPv6-Service' to 'disabled'
Set 'NDP-Proxy' to 'relay mode'
Click Save
Network -> Wireless
Setup the wireless AP if you have two radios, this was wlan0 for me
On the other radio that connects to the phone, wlan1 for me, hit Scan
Choose Join Network on the desired network
Check 'Replace wireless configuration'
Set 'Create / Assign firewall-zone' to LAN
Enter your password and hit Submit
Click Save
Network -> Firewall -> Custom Rules tab
Append these rules to the bottom of the script
NOTE: Set 'wlan1' to the correct radio for your setup
Click Save
Network -> Interfaces -> Interfaces tab -> Add new interface...
Set 'Name' to 'wwan6'
Set 'Protocol' to 'DHCPv6 client'
Set 'Device' to 'wlan1'
Select Create interface
Click the Firewall Settings tab
Set 'Create / Assign firewall-zone' to 'lan'
Click Save
Add new interface...
Set 'Name' to 'relay'
Set 'Protocol' to 'Relay bridge'
Select Create interface
Set 'Local IPv4' address to '10.0.0.1'
Set 'Relay between networks' to 'lan' and 'wwan'
Click the Firewall Settings tab
Set 'Create / Assign firewall-zone' to 'lan'
Click Save
Click the little arrow next to 'Save & Apply', select and click 'Apply unchecked'
For the last step, you connect to the router via ssh
You can use a client like Putty on Windows to do this
My router has two radios, wlan0 for 2.4GHz and wlan1 for 5GHz, and I'm using wlan1 to connect to the hotspot. I made these parts bold so you know to substitute for your device. This process largely mirrors the official documentation so you can turn to it if you get lost.
https://openwrt.org/docs/guide-user/net ... figuration
Go to System -> Software and install luci-proto-relay and iptables-mod-ipopt
Network -> Interfaces -> Interfaces tab -> LAN interface -> Edit
Set IPv4 address 10.0.0.1
DHCP Server tab -> General Setup sub-tab
Check 'Ignore interface'
IPv6 Settings tab
Set 'RA-Service' to 'relay mode'
Set 'DHCPv6-Service' to 'disabled'
Set 'NDP-Proxy' to 'relay mode'
Click Save
Network -> Wireless
Setup the wireless AP if you have two radios, this was wlan0 for me
On the other radio that connects to the phone, wlan1 for me, hit Scan
Choose Join Network on the desired network
Check 'Replace wireless configuration'
Set 'Create / Assign firewall-zone' to LAN
Enter your password and hit Submit
Click Save
Network -> Firewall -> Custom Rules tab
Append these rules to the bottom of the script
Code: Select all
iptables -t mangle -I POSTROUTING -o wlan1 -m ttl ! --ttl-eq 255 -j TTL --ttl-set 65
ip6tables -t mangle -I POSTROUTING -o wlan1 -m hl ! --hl-eq 255 -j HL --hl-set 65
Click Save
Network -> Interfaces -> Interfaces tab -> Add new interface...
Set 'Name' to 'wwan6'
Set 'Protocol' to 'DHCPv6 client'
Set 'Device' to 'wlan1'
Select Create interface
Click the Firewall Settings tab
Set 'Create / Assign firewall-zone' to 'lan'
Click Save
Add new interface...
Set 'Name' to 'relay'
Set 'Protocol' to 'Relay bridge'
Select Create interface
Set 'Local IPv4' address to '10.0.0.1'
Set 'Relay between networks' to 'lan' and 'wwan'
Click the Firewall Settings tab
Set 'Create / Assign firewall-zone' to 'lan'
Click Save
Click the little arrow next to 'Save & Apply', select and click 'Apply unchecked'
For the last step, you connect to the router via ssh
Code: Select all
ssh -l root 10.0.0.1
Code: Select all
uci set dhcp.wan.interface=wwan
uci set dhcp.wan.ra=relay
uci set dhcp.wan.ndp=relay
uci set dhcp.wan.master=1
uci commit
reboot