Skip to content

Instantly share code, notes, and snippets.

@picchietti
Last active March 21, 2024 17:37
Show Gist options
  • Star 21 You must be signed in to star a gist
  • Fork 5 You must be signed in to fork a gist
  • Save picchietti/337029cf1946ff9e43b0f57aa75f6556 to your computer and use it in GitHub Desktop.
Save picchietti/337029cf1946ff9e43b0f57aa75f6556 to your computer and use it in GitHub Desktop.
Making a wireless router with an ASUS PCE-AC88 and Linux (Ubuntu 18.04 LTS)

Introduction

This project makes a wifi router out of an ASUS PCE-AC88 wireless adapter and your Ubuntu Linux computer that can exceed top of the line routers.

Instead of buying a gaming grade router or another computer that you install openWRT on, follow this project and put the savings towards upgrading your main computer or modem.

Add Adapter

The adapter needs to be added to a PCI slot and the wireless antenna needs to be connected to the adapter. If your computer does not detect it, you may need to re-seat the adapter in the slot. If you can't detect wireless networks after installing the firmware below then this is probably why.

Install Firmware for Adapter

For your computer to use the wifi adapter you need to add the missing firmware that Asus won't provide.

Place brcmfmac4366c-pcie.bin and brcmfmac4366c-pcie.txt in the /lib/firmware/brcm directory. Restart and NetworkManager should realize you have a wifi adapter.

Change Settings

In the Ubuntu Settings App > Power > Power Saving: Uncheck "Wifi can be turned off to save power."

Setup Variables Used Below

ethernet_id=$(nmcli dev status | awk '{print $1}' | grep 'enp');
wireless_id=$(nmcli dev status | awk '{print $1}' | grep 'wlp');

Test that it worked:

echo $ethernet_id;
echo $wireless_id;

You should see something like: "enp2s0" and "wlp2s0". Make sure you use the echo'd values in the files used below or you will get errors.

The ethernet_id and wireless_id bash variables will only be defined for the length of the terminal window. To make them permanent add them to ~/.bashrc.

Compiling Host Access Point Daemon (Hostapd) from Source

This is the software that will run your wireless adapter as a hotspot with a ssid that your device can connect to.

If you use hostapd from apt install hostapd it will exit with an error if there is anyone else using the same channel when starting with wireless n or ac. This makes it impossible to use in an apartment complex. So let's build a version that doesn't check (like all the other routers around us).

#install required packages first
sudo apt -y install build-essential crda libssl-dev libnl-3-dev libnl-genl-3-dev libnl-route-3-dev pkg-config libnfnetlink-dev

cd ~
git clone git://w1.fi/srv/git/hostap.git
cd ~/hostap/hostapd
git checkout hostap_2_3
cp defconfig .config

# enable 802.11n and 802.11ac
sed -i 's/^#CONFIG_IEEE80211N=y/CONFIG_IEEE80211N=y/g' .config
sed -i 's/^#CONFIG_IEEE80211AC=y/CONFIG_IEEE80211AC=y/g' .config

# enable automatic channel selection
sed -i 's/^#CONFIG_ACS=y/CONFIG_ACS=y/g' .config

sed -i 's/^#CONFIG_DRIVER_NL80211=y/CONFIG_DRIVER_NL80211=y/g' .config
sed -i 's/^#CONFIG_LIBNL32=y/CONFIG_LIBNL32=y/g' .config

make && sudo make install

# check that it worked with
hostapd -v

Hostapd Configuration

Add the contents of this file to sudo vim /etc/hostapd/hostapd.conf.

Test config manually. Fails if hostapd is already running at startup (see next section):

sudo hostapd /etc/hostapd/hostapd.conf

If getting error "rfkill: WLAN soft blocked":

rfkill list all
rfkill unblock wifi
nmcli r wifi on

Start Compiled Hostapd at System Startup

Add the contents of this file to sudo vim /etc/systemd/system/hostapd.service.

sudo systemctl daemon-reload

Test the service with:

sudo service hostapd stop
sudo service hostapd status
sudo service hostapd start
sudo service hostapd status

Then enable your new service at startup:

sudo systemctl enable hostapd.service

DHCP Server & DNS Cache

Dnsmasq is needed to assign ip addresses to connected devices. It will also locally cache dns requests. But don't install dnsmasq. No seriously, don't.

Configure a static ip for wlp2s0 in the file /etc/network/interfaces

auto wlp2s0
iface wlp2s0 inet static
  address 10.0.0.1
  netmask 255.255.255.0

Try sudo service networking restart. When in doubt restart your computer if you are unsure if any of these configurations updated.

/etc/NetworkManager/dnsmasq.d/dnsmasq.conf

interface=wlp2s0
dhcp-range=10.0.0.50,10.0.0.150,255.255.255.0,12h
cache-size=1500

Enable dnsmasq at startup

Find out what has been blocking port 53: sudo netstat -ltnp | grep -w '53'

You have systemd-resolved enabled as the local DNS server. It binds to port 53, blocking dnsmasq from doing so at startup.

Disable it by setting the following in /etc/systemd/resolved.conf

DNSStubListener=no
DNS=127.0.1.1

Then restart systemd-resolved service: sudo service systemd-resolved restart

Now check if /etc/resolv.conf contains:

nameserver 127.0.1.1

This is critical for you to have internet access. If it does not consider disabling systemd-resolved completely and regenerating resolv.conf with NetworkManager.

...NetworkManager also has its own copy of dnsmasq via dnsmasq-base. Let's just use that one with our config.

In /etc/NetworkManager/NetworkManager.conf add:

[main]
dns=dnsmasq

And restart NetworkManager for the changes to work: sudo service NetworkManager restart

Forwarding and NAT

Your device should be getting an ip address and saying it is connected with no internet. We need to properly relay the internet from our wired ethernet.

sudo sysctl net.ipv4.ip_forward=1
sudo sed -i 's/^#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf

We need to activate NAT in the built-in firewall of Linux to make sure the traffic going out uses the external address as its source address and can be routed back.

ifconfig
sudo iptables -t nat -A POSTROUTING -o $ethernet_id -j MASQUERADE

To make the above command persist between reboots install the following package then follow in-terminal prompts:

sudo apt install iptables-persistent

Testing the Setup

We're interested in the link speed from the wireless device to the wireless router, not your isp's internet speed, so don't use a tool like fast.com.

When a device, such as your phone, is connected check link speed on your computer via:

sudo iw dev $wireless_id station dump

OR

Use an android app called WiFiAnalyzer (open-source) by VREM Software Development to check link speed on your phone.

Conclusion

The PCE-AC88 wireless adapter is 4x4 so it has a max link speed of 433 * 4 = 1732 Mb/s, on the 5Ghz band, with any device that can keep up. My android phone is 2x2, so it reaches its max speed of 433 * 2 = 866 Mb/s when connected to the new wifi router.

I've been testing the new wifi router for the past 2 weeks. I disabled my combo modem-router's 5Ghz band to limit interference and kept the 2.4Ghz band as a backup network.

However, I haven't needed to use the backup yet as the new router has not gone down and has easily handled Netflix/Hulu streaming while multiple phones were also being used.

There doesn't appear to be any added strain to my desktop computer running the router. If there is, it is negligible.

I'm so pleased with the results that I plan to sell my modem-router and buy a better modem.

This file has been truncated, but you can view the full file.
View raw

(Sorry about that, but we can’t show files that are this big right now.)

View raw

(Sorry about that, but we can’t show files that are this big right now.)

@olivierb91
Copy link

olivierb91 commented Mar 17, 2022

Hello,

I post here the solution i founded for everyone would have the same problem.

I run my wireless router on Ubuntu Desktop, not server edition, because I want to have a browser and vlc.

I have disabled NetworkManager and wpa_supplicant and no more problems.

Hostapd is now very stable at it's highest speed.

No more deauthenticated while associating (Reason: 6=CLASS2_FRAME_FROM_NONAUTH_STA) and (Reason: 2=PREV_AUTH_NOT_VALID) and no more failed to follow AP bandwidth change, disconnect.

Best regards,
Olivier

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment