Skip to content

Instantly share code, notes, and snippets.

@yconst

yconst/raspi-wifi-bridge.md

Created January 9, 2026 11:13
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save yconst/a755ba118ca359dded233f3deb4154a9 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save yconst/a755ba118ca359dded233f3deb4154a9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
raspi-wifi-bridge.md

Raspberry Pi WiFi Bridge Setup Guide

This guide shows how to set up a Raspberry Pi as a WiFi access point that bridges to your ethernet LAN, allowing WiFi clients to access the entire local network on the same subnet.

Prerequisites

  • Raspberry Pi with Raspberry Pi OS Lite (fresh install)
  • External USB WiFi adapter (e.g., Ralink RT5572)
  • Ethernet connection to your LAN
  • Separate DHCP server on your network (e.g., MikroTik router at 192.168.1.2)
  • SSH access to the Pi

Overview

The setup creates a bridge (br0) that combines:

  • eth0 (ethernet connection to LAN)
  • wlan1 (external USB WiFi adapter as access point)

WiFi clients connect through the access point and appear on the same subnet as your wired LAN devices. A separate DHCP server (MikroTik) handles IP assignment for all devices.

Step-by-Step Instructions

1. Initial Setup

SSH into your fresh Raspberry Pi and update the system:

sudo apt update
sudo apt upgrade -y

2. Install Required Packages

sudo apt install hostapd bridge-utils -y
  • hostapd: Creates the WiFi access point
  • bridge-utils: Manages the network bridge

3. Configure dhcpcd

Edit the dhcpcd configuration to prevent it from managing individual interfaces:

sudo nano /etc/dhcpcd.conf

Add these lines at the very top of the file:

denyinterfaces wlan0 wlan1 eth0
interface br0

This tells dhcpcd to:

  • Ignore all WiFi interfaces and ethernet
  • Only manage the bridge interface (br0)

Save and exit (Ctrl+O, Enter, Ctrl+X).

4. Create Bridge with systemd-networkd

systemd-networkd will handle bridge creation and configuration cleanly.

4a. Define the bridge device

sudo nano /etc/systemd/network/br0.netdev

Add:

[NetDev]
Name=br0
Kind=bridge

Save and exit.

4b. Configure ethernet as bridge member

sudo nano /etc/systemd/network/br0-member-eth0.network

Add:

[Match]
Name=eth0

[Network]
Bridge=br0

Save and exit.

4c. Configure WiFi as bridge member

sudo nano /etc/systemd/network/br0-member-wlan1.network

Add:

[Match]
Name=wlan1

[Network]
Bridge=br0

Save and exit.

Note: This assumes your external USB WiFi adapter appears as wlan1. If it appears as a different interface (e.g., wlan0 if you disabled onboard WiFi), adjust accordingly.

4d. Configure bridge network

sudo nano /etc/systemd/network/br0.network

Add:

[Match]
Name=br0

[Network]
DHCP=yes

This configures the bridge to get its IP via DHCP from your network's DHCP server.

Save and exit.

5. Enable systemd-networkd

sudo systemctl enable systemd-networkd
sudo systemctl start systemd-networkd

6. Configure hostapd (Access Point)

Create the hostapd configuration file:

sudo nano /etc/hostapd/hostapd.conf

Add the following configuration (customize as needed):

interface=wlan1
bridge=br0
driver=nl80211
ssid=HiddenSpring
hw_mode=g
channel=10
auth_algs=1
wpa=2
wpa_passphrase=nekos2000
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
country_code=GR

Configuration explained:

  • interface=wlan1: WiFi adapter to use (adjust if different)
  • bridge=br0: Bridge WiFi clients directly to br0
  • ssid=HiddenSpring: WiFi network name (change as desired)
  • wpa_passphrase=nekos2000: WiFi password (change to your password)
  • channel=10: WiFi channel (adjust if needed)
  • country_code=GR: Country code (change to your country, e.g., US, GB, DE)

Save and exit.

7. Enable and Start hostapd

Unmask the hostapd service (it's masked by default):

sudo systemctl unmask hostapd

Enable it to start on boot:

sudo systemctl enable hostapd

8. Configure External DHCP Server

On your MikroTik (or other DHCP server):

  1. Ensure DHCP is enabled and configured for your subnet (e.g., 192.168.1.0/24)
  2. Set an appropriate IP pool (e.g., 192.168.1.17-192.168.1.200)
  3. Configure gateway (e.g., 192.168.1.1)
  4. Configure DNS servers (e.g., 8.8.8.8, 8.8.4.4)
  5. Disable any MAC-IP binding or client isolation features that might block bridged clients

9. Disable Onboard WiFi (Optional)

If you want to completely disable the Pi's onboard WiFi to ensure only the external adapter is used:

sudo nano /boot/firmware/config.txt

Add at the bottom:

dtoverlay=disable-wifi
dtoverlay=disable-bt

Save and exit.

Note: Only do this after confirming your external USB adapter is working as wlan1.

10. Reboot

Reboot the Pi to apply all changes:

sudo reboot

Verification

After the Pi reboots, SSH back in and verify the setup:

Check the bridge

brctl show

Expected output:

bridge name    bridge id           STP enabled    interfaces
br0            8000.xxxxxxxxxxxx   no             eth0
                                                  wlan1

Check bridge IP

ip addr show br0

The bridge should have a single IP address in your subnet (e.g., 192.168.1.173).

Check hostapd

sudo systemctl status hostapd

Should show "active (running)".

Test WiFi connectivity

From a laptop or phone:

  1. Search for WiFi networks - you should see your SSID (e.g., "HiddenSpring")
  2. Connect using your configured password
  3. Verify you receive an IP in your LAN subnet (e.g., 192.168.1.x)
  4. Test internet access
  5. Test access to other LAN devices (ping, SSH, etc.)

Troubleshooting

WiFi network doesn't appear

Check hostapd status:

sudo systemctl status hostapd
sudo journalctl -u hostapd -n 50

Ensure wlan1 exists:

iw dev
ip link show wlan1

WiFi connects but no IP assigned

Check if bridge is up and has both interfaces:

brctl show
ip addr show br0

Verify DHCP server is responding:

sudo tcpdump -i br0 port 67 or port 68

Then reconnect WiFi - you should see DHCP DISCOVER and OFFER packets.

Bridge doesn't have an IP

Check systemd-networkd:

sudo systemctl status systemd-networkd
sudo journalctl -u systemd-networkd -n 50

External USB WiFi adapter not detected

Check if it's seen by USB:

lsusb

Check kernel messages:

dmesg | grep -i usb | tail -20
dmesg | grep -i wlan

Some adapters may need additional drivers.

Architecture Summary

Internet
   ↓
Router (192.168.1.1)
   ↓
├─ eth0 ──┐
          br0 (192.168.1.x) ← DHCP from MikroTik
└─ wlan1 ──┘
     ↓
  hostapd (Access Point: "HiddenSpring")
     ↓
  WiFi Clients (192.168.1.x) ← DHCP from MikroTik

All devices (wired ethernet, Pi bridge, WiFi clients) exist on the same subnet and can communicate directly.

Notes

  • This setup requires a separate DHCP server on your network (router or dedicated server)
  • All WiFi clients appear on the same subnet as your wired network
  • The Pi itself also gets an IP from the DHCP server
  • No NAT is involved - this is a true bridge configuration
  • systemd-networkd handles bridge creation cleanly on every boot
  • No custom scripts or services needed beyond standard configuration files

Credits

This guide was created after extensive troubleshooting to replace RaspAP with a clean, minimal configuration that actually works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment