0:01 This is my brand new Raspberry Pi
0:03 router. It connects to my apartment's
0:05 Wi-Fi and forwards internet to all the
0:06 devices behind it, hiding them from my
0:08 ISP. But why am I hiding them from my
0:11 ISP? So, about a year ago, my wife and I
0:13 moved into our new apartment, and they
0:15 provide a community Wi-Fi solution. That
0:16 means that you don't need to set up
0:18 routers or modems. You can just connect
0:20 your devices instantly. Now, while this
0:21 is great for the average resident, it
0:23 means that I don't have the ability to
0:25 configure my router and do any sort of
0:27 networking things. So, I haven't been
0:29 able to connect to devices over Wi-Fi,
0:31 like Raspberry Pies, or update my 3D
0:33 printers or even host something like a
0:35 Minecraft server. So, I called up my ISP
0:37 and I asked them if I could just connect
0:39 my own router to the Ethernet port in
0:41 our apartment and just, you know, use
0:43 that as an access point to share Wi-Fi
0:45 to my devices, but they said that they
0:47 scan the network and kick off anything
0:49 that looks like a router. So, that
0:51 wasn't an option. Now, I was pretty
0:52 defeated, but I went ahead using a
0:55 router offline for a few months just to
0:56 connect with my 3D printers. But one
0:59 day, I decided that I had enough. I
1:00 decided that I would figure out how to
1:03 get around the no router rule. Enter the
1:05 Raspberry Pi. Raspberry Pies are small
1:07 single board computers that run Linux
1:09 and can be used to do a variety of
1:11 things. The first step was to choose an
1:13 operating system for the Raspberry Pi. I
1:15 decided to go with a headless version of
1:17 Raspberry Pi OS. The light version of
1:19 Raspberry Pi OS doesn't come with a
1:21 desktop environment, so there's a lot
1:24 less processing to be done by the CPU on
1:26 the Raspberry Pi, and it comes with
1:28 about a gigabyte less of packages and
1:30 stuff. After booting it up and
1:32 connecting a keyboard and monitor, I got
1:34 it connected to the Wi-Fi by using a
1:36 tool called Network Manager. Using
1:38 Network Manager, I was able to list all
1:40 the available Wi-Fi networks and connect
1:42 to our community Wi-Fi. I also used it
1:44 to give the Ethernet port of the Pi a
1:45 static IP address, which will come in
1:48 handy later. By the way, if you want to
1:49 create your own Raspberry Pi router,
1:52 check out my website, spensorsdesk.com.
1:53 I've got all the project files and code
1:55 there. Once I got connected to the
1:58 internet, I unleashed the two most
2:00 notorious commands known to Raspberry Pi users.
2:01 users.
2:04 Yeah, I updated the Pi. Once the Pi was
2:06 updated, the next step was to install a
2:09 tool called DNS Mask. This gives us the
2:11 ability to create a DNS forwarder and a
2:14 DHCP server. The DNS forwarder kind of
2:17 acts like a DNS server like Google or
2:19 Cloudflares. So when our Pi wants to
2:22 reach out to a website like google.com,
2:24 it sends that request to the DNS
2:26 forwarder which sends that to a DNS
2:28 server and then the DNS server says,
2:31 "Oh, google.com is this IP address and
2:33 returns it to the DNS forwarder." The
2:36 DNS forwarder will cache that IP address
2:39 and then return the IP address to the
2:42 device that requested it. And then in
2:44 the future, every time someone requests
2:47 google.com's IP address, the DNS
2:49 forwarder has it cached so it can um
2:51 return it much faster and doesn't have
2:53 to reach back out to the DNS server. The
2:56 DHCP server, on the other hand, is what
2:58 is actually acting as our router. It's
3:00 handing out IP leases and getting
3:02 devices connected. With DNS mask
3:04 installed, I just needed to create a
3:06 configuration file. First, I tell the
3:08 DHCP server to only listen on the
3:10 Ethernet port. So, it will only listen
3:12 to devices that are physically connected
3:15 to it. Next, I explicitly tell it not to
3:17 listen on the wireless port. Next, I
3:19 give the server a range of IP addresses
3:22 that it can hand out. So, I went with 10
3:25 to 100 for 12-hour leases. I think you
3:28 can do anywhere from 2 to 255, but I
3:31 wanted to reserve the first 10. Um, and
3:33 I don't see myself needing more than 100
3:36 devices, so I just went with 10 to 100.
3:37 The final thing we need to configure
3:40 with DNS mask is the IP address for both
3:44 the um gateway and the DNS forwarder.
3:46 The gateway is pretty much just the IP
3:47 address of the router. You can think of
3:50 it as that. And then the DNS forwarder
3:53 will also be the router's IP. So since
3:55 we assigned that IP address to the
3:57 Ethernet port, we're just going to point
4:00 the gateway and DNS forwarder to that
4:02 Ethernet port. So now when a device is
4:04 connected to the PI router, it will know
4:08 that the PI router's Ethernet ports IP
4:09 address is what it should be reaching
4:11 out to. After finishing the
4:13 configuration file for DNS mask, I just
4:16 restarted and enabled the DNS mask
4:18 service. And now we technically have a
4:20 router. You're now able to connect from
4:23 one device to another across the router.
4:26 But we still aren't passing internet
4:28 from the router connected to the
4:30 internet to the devices behind it. To
4:32 enable this, we need to use something
4:34 calledNNAT or network address
4:37 translation. So if I have a device here
4:39 like a 3D printer or a Pi running a 3D
4:43 printer and I have my router here, then
4:45 if this wants to make a request to the
4:48 internet, it will send a request to the
4:51 router with its IP address. So, what the
4:53 router needs to do is rewrite that
4:56 request to have the router's IP address
4:57 and then it sends that off to the
5:00 community's Wi-Fi and then, you know,
5:02 all of it is handled downstream.
5:05 But right now, we're not doing that. So,
5:08 network address translation is going to
5:10 do the rewriting of that IP address. So,
5:12 with the router rewriting all these IP
5:14 addresses, it looks like the router is
5:16 just a single device connected to the
5:19 internet. This is called masquerading.
5:21 We're going to do NAT by installing
5:23 something called NF Tables. This is a
5:25 packet filtering tool. You can think of
5:27 it like a firewall. So after installing
5:28 NF Tables, we just need to do a little
5:30 bit of configuration. We're just writing
5:32 a rule that says that the packets that
5:34 go from our devices out of the router
5:36 need to be masquerad. After that, we
5:39 just need to enable IP forwarding in the
5:41 Linux kernel and then we should be good.
5:43 Now we have a router that functions
5:45 perfectly well. But I wanted to take it
5:46 a step further. So, I installed
5:48 something called Tailcale on my Pi.
5:51 Tailscale is a VPN or virtual private
5:53 network. Not like the ones that you see
5:56 advertised here on YouTube. It acts more
5:58 like the Wi-Fi on our local network,
6:00 kind of like the network I'm setting up
6:04 with the Pi, but this network can
6:08 be forwarded across the internet so that
6:11 I can connect to that from any device.
6:13 This means that if I want to, I can
6:15 connect to my Pi router if I'm out
6:16 somewhere at like a local coffee shop.
6:18 As a final security measure, I
6:21 configured NFT Tables to only allow port
6:24 22 requests from the Ethernet port and
6:27 from my tail. I did this so that in the
6:29 weird case that someone was going
6:31 through the community's network, um,
6:33 they wouldn't have the ability to SSH
6:35 into the Pi router across the community
6:38 Wi-Fi. you would only be able to SSH in
6:40 if you got into the tailet or if you
6:42 physically connected to the router. So
6:45 now the router is done. It is doing
6:46 exactly what I needed it to. It is
6:49 connecting my devices to the internet
6:51 and my ISP has not yet kicked it off the
6:53 network. I can also connect to it from
6:55 anywhere in the world and do whatever I
6:57 like on it. But even though I had the PI
6:59 router set up, I wasn't quite satisfied
7:02 yet. It felt pretty unpolished. So, I
7:04 hopped into Fusion 360 and after
7:06 printing out a few iterations, I landed
7:13 I also ended up getting these small OLED
7:16 screens to display like device stats and
7:18 network stats on the case itself just to
7:20 see how well the Pi was running and if
7:22 the network was still up. But mostly, I
7:24 added it because screens are cool. I
7:26 also ended up adding a small button to
7:28 the case and a knock to a fan to keep
7:30 everything cool. After getting the pie
7:32 mounted and everything wired up, I
7:35 closed it up with the lid.
7:37 Now, I know for a router that this seems
7:38 pretty big, but it's nowhere near as big
7:40 as Yama. [Music]
7:42 [Music]
7:43 So, with the router assembled, it was
7:45 time to work on the software to run the
7:48 screen to display the stats of the Pi. I
7:49 just wanted a couple of scrolling pages
7:51 to show how the Pi was doing, how much
7:53 traffic there was on the network, and
7:55 whether things were healthy or not. I
7:56 also wanted a button to toggle the
7:59 screen on and off, but somewhere along
8:00 the way, I ended up deciding to add a
8:03 Raspberry Pi screen saver as well. So,
8:06 there's that. The final step was to have
8:08 that screen script run every time the Pi
8:10 was booted and to turn off when the Pi
8:12 was shut down. This was simply done by
8:15 creating a service in systemd and adding
8:17 a small little power down script. And
8:19 with that, the Pi router was finally
8:21 complete. I've left it running for a few
8:23 days now and have had a few computers
8:26 connected to it streaming video and the
8:28 Pi really hasn't gotten above about 42
8:30 C, which is very respectable. I can't
8:32 tell you how excited I am to get all of
8:35 my devices and printers connected back
8:37 to the internet. If you want to learn to
8:39 create your own Raspberry Pi router,
8:40 then check out my website. I've got
8:43 links to the code for the screen, the 3D
8:45 models for the case, and all of the
8:47 different commands I had to run to get
8:49 everything installed on the Pi. If you
8:50 enjoyed this video, then I'd appreciate
8:52 if you'd leave a like and subscribe so
8:53 you don't miss future projects. And if
8:54 you're looking for something else to
8:56 watch, check out this video where I
8:59 programmed my 3D printer to play Furiss
9:01 and came up with an entirely unnecessary
9:04 programming language to program music.
Chrome Extension