Dual-Ethernet Connection

Help and Support Raspberry Pi
1

Hi, I am very appreciated you read my post, and hopefully you can help me solve this problem.
My problems are:

  1. Can I turn off “connman” service completely? (I tried many times but it still auto-boots. I used the command “systemctl disable connman.service”)
  2. Can I set connman to receive from one ethernet cable and then tether that to another (like a wired router)?

Either of them can solve my problem.

Details:

I am currently running the build Nov. 2015 OSMC on my Raspberry Pi 2, and my ethernet connection is, let’s say, a bit complicated.
My host university provides 802.1X wired connection, and due to the extremely poor wireless environment of my host university, I would never ever use that in my dormitory as long as I can set up my own router.

But how am I setting my router? Well, it’s through Rasp Pi.

  1. I have a usb to ethernet cable that connects Pi and my router
  2. And on-board ethernet interface connects to university via 802.1X.

So my connection is University(802.1X Wired) --> Pi --> My Router;
and at the same time I can use Pi more than a automatic dialer but a media center on my monitor.

As experience of WLAN from a router (mine is Netgear R6300v2) is normally better than the usb wifi, I would like to use my router (also because it supports 8021ac). I can successfully set this whole connection under Ubuntu Mate, but due to OSMC uses connman to control its network, I cannot much about it (spent me over three days on this, but my command line skills are improving, wee~) :
1.I tried to tether ethernet, but both of my ethernet interfaces are broadcasting DHCP to things connected.
2. I tried to disable connman, but I failed (don’t know why, it just boots every time even if I installed network-manager and other stuff)

I really love OSMC, and wouldn’t like to use other distributions on Pi2 (either because they’re not good-looking or responsive, and I would like my pi to be a media center)

Thanks for any suggestions!

PS: I am not able to set wap_supplicant work on my router with dd-wrt or open-wrt, otherwise I think it would be another choice to set my stuff like
University (802.1X) -----> My Router -------> OSMC / Mac

2

This is how your router is supposed to work. I don’t understand why you would do it any other way…

3

Because I cannot get wired 802.1X connection worked on my router… That requires flash either ddwrt or openwrt to replace factory firmware, and install opkg packages on it. Then with wap_supplicant.opkg installed on it, it should be able to dial wired 802.1X; but that thing didn’t work for me. I even duplicated the config file from Pi (which works like a charm) to my router, still didn’t work.
That spent me more than one year to try from time to time.

Therefore it seems I have to implement them alternatively.

4

The connman service is also dbus socket activated. To fully disable it you must mask the service.

Not with connman disabled :smile:

I don’t know if Ethernet to Ethernet tethering will work, but you could try enabling Tethering via the connmanctl command line interface, that might work.

5

Surely, I will try to find a way to mask the dbus service;

I did try to tether the Ethernet, but both of the ethernet interface became hosts, and I cannot dial 802.1X through wap_supplicant.

I think I will try to stop connman services first

6

It’s in the systemctl documentation…

[quote="franknickzhang, post:5, topic:10920"] I did try to tether the Ethernet, but both of the ethernet interface became hosts, and I cannot dial 802.1X through wap_supplicant. [/quote]
Did you try it through connmanctl though ?

Keep in mind if you stop connman you will not have any Tethering unless you manually install an alternative such as hostapd as it is connman itself that provides the tethering function.

You will also not get any networks configured unless you install an alternative network manager or write a script to manually bring up and configure all your network interfaces. And if you do all that the OSMC networking GUI will no longer work as it communicates directly with connman over dbus.

Disabling/replacing connman like this is not a supported configuration so we won’t be able to help you with any problems caused by this or give advice on how to do it.

7

Okay, I found the solution.
In short, that is:

  1. Without disabling connman, using wpa_supplicant to dial 802.1X on eth0
  2. Set static IP manually for eth1 (the port connecting downstream devices)
  3. Don’t use tether, but use DHCP softwares instead. I used udhcpd on eth1
  4. Fine adjust and set auto script if necessary

Detailed version (You can ignore this if you understand the above implements):
First, here is something I encountered during this configuration:

  1. Tethering one ethernet connection to another is NOT working, because it will end up with both interfaces broadcasting DHCP to whatever the device they connect with. In this case, I cannot use any of them to dial my 802.1X wired interface.

  2. I failed to disable connman. Before disabling that, I first installed network-manager, then I disabled connman by “systemctl disable connman.service” followed by “systemctl mask connman.service”. This will prevent connman to takeover network connections. However, this configuration will cause a problem and when I use “ifconfig” to look the system, there was no network interface (except “lo”) .

  3. Therefore I thought I cannot disable connman for it takes over the core of networking system. Instead, I tried the following and they worked:

Solution:

  1. Dial 802.1X using wpa_supplicant: wpa_supplicant complete edition is embedded within OSMC, which saved me a lot of trouble to uninstall its mini version and reinstall the complete one (this happens in some router linux systems). First prepare the wpa_supplicant.conf file and adjust it to your very environment. The file should be like this
    ctrl_interface=/var/run/wpa_supplicant network={ proto=WPA key_mgmt=WPA-EAP pairwise=CCMP eap=PEAP ca_cert="/usr/share/cacertificates/mozilla/AddTrust_External_Root.crt" identity="username@example.com" password="mySecret" phase2="auth=MSCHAPV2" }
    Remember to adjust it before you can use that!!! And adjustment of this file is the most important step if you’re trying to connect a 802.1X connection.
    Then use
    sudo wpa_supplicant -Dwired -ieth0 -c /etc/wpa_supplicant/wpa_supplicant.conf
    to start the 802.1X connection. " /etc/wpa_supplicant/wpa_supplicant.conf" is the pathway where you store 802.1X conf file.

A successful dial ends up with text like
EAP-MSCHAPV2: Authentication succeeded EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed eth0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully

2.After that, you probably still cannot get access to the Internet yet (I check my connection by sudo apt-get update), since connman wrongly places priority of your two connections.
To correct that, you need first enter connmanctl
Then first enter services to check your connection names, and identify whether the 802.1X is on the first priority. If not, you may want to enter
move-before your_802.1X_service_name another_wired_interface_service_name to change that.
After that, OSMC should be able to access the Internet through 802.1X.

3.Set the other connection (the one you want to connect with downstream device instead of the one you used to dial 802.1X), give it a static IP address to become a host of downstream DHCP broadcast. This step should also be operated inside connmanctl interface:
this line should do the trick config ethernet_interface_service_name --ipv4 manual 192.168.3.1 255.255.255.0 192.168.3.1

This line adjust that interface with static IP of 192.168.3.1, and netmask of 255.255.255.0 , and router address of 192.168.3.1 (itself plays the role of router for the downstream devices)

4.The next step is to manually setup DHCP service WITHOUT using tether
This can be done by first installing DHCP controlling softwares (I used udhcpd): sudo apt-get -y install udhcpd.
Then sudo nano /etc/default/udhcpd , and place the symble “#” before the line DHCPD_ENABLED="no", this will enable udhcpd software.
Next, change udhcpd services as you desired, command is sudo nano /etc/udhcpd.conf

There are several things you may want to modify in this file:
//############################
// Range of dhcp service,
start 192.168.3.20 end 192.168.3.29 //For me the downstream device is only one, so this range can be very small

//Interface which you want to use dhcp, in this very case, my usb ethernet port is “eth1”, and I use that to connect to the WAN port of downstream devices
interface eth1

//Other things
opt dns 8.8.8.8 opt subnet 255.255.255.0 opt router 192.168.3.1 //Better match this with dhcp range you're broadcasting option lease 28800
//#############################

Then you can start this service by sudo service udhcpd restart
and add this to auto boot-up services by sudo update-rc.d udhcpd defaults

5.Enabling IP FORWARD
Enter sudo nano /etc/sysctl.conf and remove the symble “#” before the line net.ipv4.ip_forward=1

6.Enableing NAT Functions
sudo iptables -F sudo iptables -F -t nat sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i wlan0 -o eht1 -j ACCEPT

Then save above configuration
sudo bash -c 'iptables-save > /etc/network/iptables' sudo iptables-restore < /etc/network/iptables

And make them automatically run during boot:
First sudo nano /etc/rc.local
Then add this line sudo iptables-restore < /etc/network/iptables above exit 0

7.That should be all, now both OSMC and its downstream device should be able to get access to the Internet. Of course you may want to write down some script for the following two steps, because they need manual execution every boots: 1. 802.1X dial 2.connmal interface priority

Thanks for anyone who gave me help and suggestion on this post!