Incorrect networking config in bpi-r4_noble image

[vadjs]

Thank you for the great work that made possible to use Debian/Ubuntu on BPI-R4.

While using Ubuntu image I've found some issues in bpi-r4_noble_6.12.6-main.img.gz image.

There are some router-specific configs in the repository(conf/bpi-r4/etc folder). It seems at least some of these configs are not applied or works not as expected..

• Configs from conf/bpi-r4/etc/systemd/network folder doesn't appear in the final image. There are no such files at all.
• Configs from conf/bpi-r4/etc/hostapd folder exists in the final image but seems not applied.
• It seems only conf/generic/etc/hostapd/hostapd_wlan0.conf config is active in the final image. Even conf/generic/etc/hostapd/hostapd_wlan1.conf isn't applied. It seems not supposed to be like this.

I assume the expected Access Point config is next:

• Have active configs from conf/bpi-r4/etc/hostapd folder
• Disregard configs from conf/generic/etc/hostapd folder

Also i found that none of the clients (wired and wireless) have the access to the internet while router itself has access.
It's not a DNS issue - I tested it with ping 1.1.1.1.

There is also unsafe sshd config that allows SSH access through WAN interface. Which actually means that the router is exposed to the entire internet if you have a public IP address.
This is easy to be fixed by adding ListenAddress 192.168.1.1 to /etc/ssh/sshd_config but the problem is that nowadays it takes just a few seconds to be hacked if you have exposed SSH access with default password to the entire internet.

[frank-w]

It is possible that image was created before the r4 specific configs are added. These have different names (2g4,5g,6g) at the moment. These need to be added to etc/default/hostapd and service needs to be copied (so that 3 hostap services exist). This part is not done yet. So wifi configs should be copied,but not used yet.

Regarding internet access you need either nat on your uplink on r4 (e.g. wan port) or static route in your main router. Make sure wan/lan subnets are different

[frank-w]

did some work...

wifi-configs now look like this:

lrwxrwxrwx 1 root  root    16 Jul 19 10:53 hostapd.conf -> hostapd_2g4.conf
-rw-rw-r-- 1 frank frank 1.9K Dec 28  2024 hostapd_2g4.conf
-rw-rw-r-- 1 frank frank 2.2K Dec 28  2024 hostapd_5g.conf
-rw-rw-r-- 1 frank frank 2.0K Dec 28  2024 hostapd_6g.conf
#these 2 came from generic config (example 2g4 and 5g configs for all boards), i delete them now for r4
-rw-r--r-- 1 root  root   375 Jul 19 10:53 hostapd_wlan0.conf
-rw-r--r-- 1 root  root  1.2K Jul 19 10:53 hostapd_wlan1.conf
#not sure where this file came from, possibly already there by default
-rwxr-xr-x 1 root  root  3.1K Aug  5  2024 ifupdown.sh

and added hostapd services, but not tested yet

[vadjs]

After i removed hostapd_wlan0.conf, hostapd_wlan1.conf files and changed the symlink for hostapd.conf file, 2.4 GHz AP started working correctly: the interned became accessible bot for wired and wireless clients.

But i didn't manage to run extra hostapd services at all. Not sure i did it 100% right. There is how i did it:

rm hostapd.conf
ln -s hostapd_r4_2g4.conf wlan0.conf
ln -s hostapd_r4_5g.conf  wlan1.conf
ln -s hostapd_r4_6g.conf  wlan2.conf
disable --now hostapd.service
systemctl enable --now hostapd@wlan0 hostapd@wlan1 hostapd@wlan2

But it fails to start services for wlan1 and wlan2.

[frank-w]

There should be services hostapd2 and hostapd3 which can be enabled and started. I wait to kernel 6.12 finishes building then i start image building again

[frank-w]

Working now for you?

Maybe it is not the right way,afair eric says it can be done with interface like hostapd@wlan0,but i have not yet found time to get config matching this

[vadjs]

Sorry, I closed the issue by accident. Reopened it.

No, it still doesn't work for me. I have messed up the services config pretty hard - even if I manage to make it working, it won't be reproducible.

I will flash new image tomorrow and will try to figure out with hostapd2/3 services. But if you manage to build the new Ubuntu image tomorrow, it would be great. Or will be very helpful to everyone who wants to use this image.

[frank-w]

Started pipeline right now,image should be available on my gdrive soon

[vadjs]

I flashed the new image.
Proper /etc/hostapd configs are there.

But several issues still there:

1. Internet is not available nor through the wireless and wired connections. Not sure how to fix it.

2. hostapd2 and hostapd3 are disabled by default. Enabling it causes services exit with code 1(error). As i see in logs the reason is that hostapd2.service refers to DAEMON2_OPTS variable. But there is not such variable defined.

hostapd2.service: Referenced but unset environment variable evaluates to an empty string: DAEMON2_OPTS

[frank-w]

The DAEMON_OPTS should not be set for first hostapd too and is maybe not the rootcause

"Internet" is a complex thing...it contains routing,dns and some more parts. Also it depends on your network topology (what is you uplink port,is nat on this uplink enabled,do you use additional router,is wifi-subnet unique). If 'internet' works on r4 itself and only not on wifi clients,check if routing works by ping an exteral ip like 8.8.8.8 if that works you have no routing,bit maybe a dns issue,so which dns-server are using your wifi clients.does this service work and does it have dns entries (relay to external dns).

[vadjs]

There is a full log of hostapd2.service:

systemctl enable --now hostapd2
Created symlink /etc/systemd/system/multi-user.target.wants/hostapd2.service → /usr/lib/systemd/system/hostapd2.service.
Job for hostapd2.service failed because the control process exited with error code.
See "systemctl status hostapd2.service" and "journalctl -xeu hostapd2.service" for details.
root@bpi-r4:/etc/hostapd# systemctl status hostapd2.service
● hostapd2.service - Access point and authentication server for Wi-Fi 5G and Ethernet
     Loaded: loaded (/usr/lib/systemd/system/hostapd2.service; enabled; preset: enabled)
     Active: activating (auto-restart) (Result: exit-code) since Fri 2025-07-25 10:20:14 UTC; 105ms ago
       Docs: man:hostapd(8)
    Process: 3755 ExecStart=/usr/sbin/hostapd -B -P /run/hostapd2.pid $DAEMON2_OPTS ${DAEMON_CONF2} (code=exited, status=1/FAILURE)
        CPU: 10ms
root@bpi-r4:/etc/hostapd# journalctl -xeu hostapd2.service
Jul 25 10:20:25 bpi-r4 systemd[1]: hostapd2.service: Control process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ An ExecStart= process belonging to unit hostapd2.service has exited.
░░ 
░░ The process' exit code is 'exited' and its exit status is 1.
Jul 25 10:20:25 bpi-r4 systemd[1]: hostapd2.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ The unit hostapd2.service has entered the 'failed' state with result 'exit-code'.
Jul 25 10:20:25 bpi-r4 systemd[1]: Failed to start hostapd2.service - Access point and authentication server for Wi-Fi 5G and Ethernet.
░░ Subject: A start job for unit hostapd2.service has failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ A start job for unit hostapd2.service has finished with a failure.
░░ 
░░ The job identifier is 1845 and the job result is failed.
Jul 25 10:20:27 bpi-r4 systemd[1]: hostapd2.service: Scheduled restart job, restart counter is at 12.
░░ Subject: Automatic restarting of a unit has been scheduled
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ Automatic restarting of the unit hostapd2.service has been scheduled, as the result for
░░ the configured Restart= setting for the unit.
Jul 25 10:20:27 bpi-r4 systemd[1]: Starting hostapd2.service - Access point and authentication server for Wi-Fi 5G and Ethernet...
░░ Subject: A start job for unit hostapd2.service has begun execution
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ A start job for unit hostapd2.service has begun execution.
░░ 
░░ The job identifier is 1929.
Jul 25 10:20:27 bpi-r4 (hostapd)[3763]: hostapd2.service: Referenced but unset environment variable evaluates to an empty string: DAEMON2_OPTS
Jul 25 10:20:27 bpi-r4 systemd[1]: hostapd2.service: Control process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ An ExecStart= process belonging to unit hostapd2.service has exited.
░░ 
░░ The process' exit code is 'exited' and its exit status is 1.
Jul 25 10:20:27 bpi-r4 systemd[1]: hostapd2.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ The unit hostapd2.service has entered the 'failed' state with result 'exit-code'.
Jul 25 10:20:27 bpi-r4 systemd[1]: Failed to start hostapd2.service - Access point and authentication server for Wi-Fi 5G and Ethernet.
░░ Subject: A start job for unit hostapd2.service has failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░ 
░░ A start job for unit hostapd2.service has finished with a failure.
░░ 
░░ The job identifier is 1929 and the job result is failed.

[frank-w]

Try start hostapd in debugmode with the config manually...most errors are not shown in journal

[vadjs]

It seems from the log perspective the hostapd_5g.conf has many errors.
Did I really start it right?

/usr/local/sbin/hostapd -ddd -t -K /etc/hostapd/hostapd_5g.conf 
1753441349.768041: random: Trying to read entropy from /dev/random
1753441349.768115: Configuration file: /etc/hostapd/hostapd_5g.conf
1753441349.768273: Line 24: unknown configuration item 'ieee80211ac'
1753441349.768290: Line 25: unknown configuration item 'vht_oper_chwidth'
1753441349.768304: Line 26: unknown configuration item 'vht_oper_centr_freq_seg0_idx'
1753441349.768319: Line 27: unknown configuration item 'vht_capab'
1753441349.768332: Line 28: unknown configuration item 'ieee80211ax'
1753441349.768346: Line 29: unknown configuration item 'he_oper_chwidth'
1753441349.768360: Line 30: unknown configuration item 'he_oper_centr_freq_seg0_idx'
1753441349.768373: Line 31: unknown configuration item 'he_su_beamformer'
1753441349.768389: Line 32: unknown configuration item 'he_su_beamformee'
1753441349.768403: Line 33: unknown configuration item 'he_mu_beamformer'
1753441349.768416: Line 35: unknown configuration item 'he_spr_sr_control'
1753441349.768434: Line 36: unknown configuration item 'he_default_pe_duration'
1753441349.768447: Line 37: unknown configuration item 'he_rts_threshold'
1753441349.768464: Line 38: unknown configuration item 'he_mu_edca_qos_info_param_count'
1753441349.768478: Line 39: unknown configuration item 'he_mu_edca_qos_info_q_ack'
1753441349.768492: Line 40: unknown configuration item 'he_mu_edca_qos_info_queue_request'
1753441349.768505: Line 41: unknown configuration item 'he_mu_edca_qos_info_txop_request'
1753441349.768522: Line 42: unknown configuration item 'he_mu_edca_ac_be_aifsn'
1753441349.768536: Line 43: unknown configuration item 'he_mu_edca_ac_be_aci'
1753441349.768550: Line 44: unknown configuration item 'he_mu_edca_ac_be_ecwmin'
1753441349.768574: Line 45: unknown configuration item 'he_mu_edca_ac_be_ecwmax'
1753441349.768588: Line 46: unknown configuration item 'he_mu_edca_ac_be_timer'
1753441349.768605: Line 47: unknown configuration item 'he_mu_edca_ac_bk_aifsn'
1753441349.768619: Line 48: unknown configuration item 'he_mu_edca_ac_bk_aci'
1753441349.768632: Line 49: unknown configuration item 'he_mu_edca_ac_bk_ecwmin'
1753441349.768646: Line 50: unknown configuration item 'he_mu_edca_ac_bk_ecwmax'
1753441349.768659: Line 51: unknown configuration item 'he_mu_edca_ac_bk_timer'
1753441349.768672: Line 52: unknown configuration item 'he_mu_edca_ac_vi_ecwmin'
1753441349.768688: Line 53: unknown configuration item 'he_mu_edca_ac_vi_ecwmax'
1753441349.768705: Line 54: unknown configuration item 'he_mu_edca_ac_vi_aifsn'
1753441349.768723: Line 55: unknown configuration item 'he_mu_edca_ac_vi_aci'
1753441349.768737: Line 56: unknown configuration item 'he_mu_edca_ac_vi_timer'
1753441349.768750: Line 57: unknown configuration item 'he_mu_edca_ac_vo_aifsn'
1753441349.768766: Line 58: unknown configuration item 'he_mu_edca_ac_vo_aci'
1753441349.768783: Line 59: unknown configuration item 'he_mu_edca_ac_vo_ecwmin'
1753441349.768796: Line 60: unknown configuration item 'he_mu_edca_ac_vo_ecwmax'
1753441349.768810: Line 61: unknown configuration item 'he_mu_edca_ac_vo_timer'
1753441349.768918: 37 errors found in configuration file '/etc/hostapd/hostapd_5g.conf'
1753441349.768947: Failed to set up interface with /etc/hostapd/hostapd_5g.conf
1753441349.768957: hostapd_init: free iface 0x555ddb3e70
1753441349.768968: Failed to initialize interface

[frank-w]

Looks right,but i wonder why you get these errors...maybe i took the wrong config to repo,as i tried the openwrt config and remember similar errors and then disabled these settings. But also possible that i missed some options on compiling own hostapd as i replace the distribution one